summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2019-08-22 00:23:36 +0200
committerThomas Deutschmann <whissi@gentoo.org>2019-08-22 00:24:58 +0200
commit604d5b3e0de296fc6fa6f05007b196f9860974e6 (patch)
tree856580347724e937fdbb417f0f0329abe977b418 /dev-libs/openssl
parentnet-misc/dhcpcd: Bump to version 8.0.3 (diff)
downloadgentoo-604d5b3e0de296fc6fa6f05007b196f9860974e6.tar.gz
gentoo-604d5b3e0de296fc6fa6f05007b196f9860974e6.tar.bz2
gentoo-604d5b3e0de296fc6fa6f05007b196f9860974e6.zip
dev-libs/openssl: fix USE=bindist
Patches from upstream are out-of-date and don't apply against openssl-1.1.1c. Instead of patching a patch it's easier to maintain our own patch set. Closes: https://bugs.gentoo.org/692678 Package-Manager: Portage-2.3.72, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'dev-libs/openssl')
-rw-r--r--dev-libs/openssl/Manifest4
-rw-r--r--dev-libs/openssl/openssl-1.1.1c.ebuild62
2 files changed, 28 insertions, 38 deletions
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index ae40847f77d..321134adc24 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -22,7 +22,5 @@ DIST openssl-1.1.1b.tar.gz 8213737 BLAKE2B 7ad9da9548052e2a033a684038f97c420cfff
DIST openssl-1.1.1b_ec_curve.c 17938 BLAKE2B d5cbde40dcd8608087aed6ffa9feb040ffadecf0c46b7f3978cc468a9503f0a5ad0a426ea6f8db56f49a64474a508bebdf946e01ebf09adc727675f3b180bcdc SHA512 ec470f6514cb9a4f680b8cbbe02e2bbe71639b288f3429d976726047901d9c50377dfb2737f32429da2fb0e52fd67878a86debb54520e307ee196d97b5c66415
DIST openssl-1.1.1b_ectest.c 35091 BLAKE2B a9602255ab529751c2af2419206ce113f03f93b7b776691ea2ec550f26ddbecd241844bb81dc86988fdbb1c0a587318f82ce4faecba1a6142a19cf08d40fb2c5 SHA512 7813d9b6b7ab62119a7f2dd5431c17c5839f4c320ac7071b0714c9b8528bda5fda779dbb263328dca6ee8446e9fa09c663da659c9a82832a65cf53d1cd8a4cef
DIST openssl-1.1.1b_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826
+DIST openssl-1.1.1c-bindist-1.0.tar.xz 11964 BLAKE2B 8c5190846d13984589a150089d329bb3ecc613788b9462c6f6a1833a040e21cb9bf940140449f09fd797c0e396b0aea073237be374bd16097795b8974c3e7ce5 SHA512 249c6d8c455130b98e3be635f12f323e0cc349f1770648bad591e5de15483917185a473c162ed871a2fa05b47056931e6f12e5fdd9cecee7e6d1c246b862923b
DIST openssl-1.1.1c.tar.gz 8864262 BLAKE2B bd157b244bedcefb8e646a743732945119b267236789ac69c38856570318aca09299bdaaea3f20294863b633e6fd4dfe124820597185b3b7461cfdf094daadb0 SHA512 8e2c5cc11c120efbb7d7850980cb6eaa782d29b4996b3f3378d37613c1679f852d7cc08a90d62e78fcec3439f06bdbee70064579a8c2adaffd91532a97f646ff
-DIST openssl-1.1.1c_ec_curve.c 17938 BLAKE2B d5cbde40dcd8608087aed6ffa9feb040ffadecf0c46b7f3978cc468a9503f0a5ad0a426ea6f8db56f49a64474a508bebdf946e01ebf09adc727675f3b180bcdc SHA512 ec470f6514cb9a4f680b8cbbe02e2bbe71639b288f3429d976726047901d9c50377dfb2737f32429da2fb0e52fd67878a86debb54520e307ee196d97b5c66415
-DIST openssl-1.1.1c_ectest.c 35091 BLAKE2B a9602255ab529751c2af2419206ce113f03f93b7b776691ea2ec550f26ddbecd241844bb81dc86988fdbb1c0a587318f82ce4faecba1a6142a19cf08d40fb2c5 SHA512 7813d9b6b7ab62119a7f2dd5431c17c5839f4c320ac7071b0714c9b8528bda5fda779dbb263328dca6ee8446e9fa09c663da659c9a82832a65cf53d1cd8a4cef
-DIST openssl-1.1.1c_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826
diff --git a/dev-libs/openssl/openssl-1.1.1c.ebuild b/dev-libs/openssl/openssl-1.1.1c.ebuild
index b189b395c98..1071017acce 100644
--- a/dev-libs/openssl/openssl-1.1.1c.ebuild
+++ b/dev-libs/openssl/openssl-1.1.1c.ebuild
@@ -6,6 +6,16 @@ EAPI=7
inherit flag-o-matic toolchain-funcs multilib multilib-minimal
MY_P=${P/_/-}
+
+# This patch set is based on the following files from Fedora 31,
+# see https://src.fedoraproject.org/rpms/openssl/blob/f31/f/openssl.spec
+# for more details:
+# - hobble-openssl (SOURCE1)
+# - ec_curve.c (SOURCE12)
+# - ectest.c (SOURCE13)
+# - openssl-1.1.1-ec-curves.patch (PATCH37) -- MODIFIED
+BINDIST_PATCH_SET="openssl-1.1.1c-bindist-1.0.tar.xz"
+
DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
HOMEPAGE="https://www.openssl.org/"
SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
@@ -33,25 +43,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602
)
-# This does not copy the entire Fedora patchset, but JUST the parts that
-# are needed to make it safe to use EC with RESTRICT=bindist.
-# See openssl.spec for the matching numbering of SourceNNN, PatchNNN
-SOURCE1=hobble-openssl
-SOURCE12=ec_curve.c
-SOURCE13=ectest.c
-PATCH37=openssl-1.1.1-ec-curves.patch
-FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/'
-FEDORA_GIT_BRANCH='f29'
-FEDORA_SRC_URI=()
-FEDORA_SOURCE=( ${SOURCE1} ${SOURCE12} ${SOURCE13} )
-FEDORA_PATCH=( ${PATCH37} )
-for i in "${FEDORA_SOURCE[@]}" ; do
- FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${P}_${i}" )
-done
-for i in "${FEDORA_PATCH[@]}" ; do # Already have a version prefix
- FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${i}" )
-done
-SRC_URI+=" bindist? ( ${FEDORA_SRC_URI[@]} )"
+SRC_URI+=" bindist? ( https://dev.gentoo.org/~whissi/dist/openssl/${BINDIST_PATCH_SET} )"
S="${WORKDIR}/${MY_P}"
@@ -61,27 +53,27 @@ MULTILIB_WRAPPED_HEADERS=(
src_prepare() {
if use bindist; then
- # This just removes the prefix, and puts it into WORKDIR like the RPM.
- for i in "${FEDORA_SOURCE[@]}" ; do
- cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die
+ mv "${WORKDIR}"/bindist-patches/hobble-openssl "${WORKDIR}" || die
+ bash "${WORKDIR}"/hobble-openssl || die
+
+ cp -f "${WORKDIR}"/bindist-patches/ec_curve.c "${S}"/crypto/ec/ || die
+ cp -f "${WORKDIR}"/bindist-patches/ectest.c "${S}"/test/ || die
+
+ eapply "${WORKDIR}"/bindist-patches/ec-curves.patch
+
+ local known_failing_test
+ for known_failing_test in \
+ 30-test_evp_extra.t \
+ 80-test_ssl_new.t \
+ ; do
+ ebegin "Disabling test '${known_failing_test}' which is known to fail with USE=bindist"
+ rm test/recipes/${known_failing_test} || die
+ eend $?
done
- # .spec %prep
- bash "${WORKDIR}"/"${SOURCE1}" || die
- cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die
- cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/test/ || die
- for i in "${FEDORA_PATCH[@]}" ; do
- if [[ "${i}" == "${PATCH37}" ]] ; then
- # apply our own for OpenSSL 1.1.1b adjusted version of this patch
- eapply "${FILESDIR}"/openssl-1.1.1b-ec-curves-patch.patch
- else
- eapply "${DISTDIR}"/"${i}"
- fi
- done
# Also see the configure parts below:
# enable-ec \
# $(use_ssl !bindist ec2m) \
-
fi
# keep this in sync with app-misc/c_rehash