diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2024-01-30 23:49:25 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2024-01-30 23:49:25 +0000 |
| commit | fdc0e69ff470f51130dba7c7a539210ceedf9e6d (patch) | |
| tree | c17533ac33965d5b150997aa149cb1c35ad777d6 /dev-libs | |
| parent | 28d8acbb30a9ebda81447e5e3f5210a438ba7d24 (diff) | |
gentoo auto-resync : 30:01:2024 - 23:49:25
Diffstat (limited to 'dev-libs')
| -rw-r--r-- | dev-libs/Manifest.gz | bin | 97670 -> 97678 bytes | |||
| -rw-r--r-- | dev-libs/libclc/Manifest | 10 | ||||
| -rw-r--r-- | dev-libs/libclc/libclc-18.0.0.9999.ebuild | 87 | ||||
| -rw-r--r-- | dev-libs/libclc/libclc-18.0.0_pre20240113.ebuild | 87 | ||||
| -rw-r--r-- | dev-libs/libclc/libclc-18.0.0_pre20240120.ebuild | 79 | ||||
| -rw-r--r-- | dev-libs/libclc/libclc-18.1.0_rc1.ebuild (renamed from dev-libs/libclc/libclc-18.0.0_pre20240106.ebuild) | 0 | ||||
| -rw-r--r-- | dev-libs/openssl/Manifest | 9 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-3.0.13.ebuild | 278 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-3.1.5.ebuild | 281 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-3.2.1.ebuild | 300 |
10 files changed, 871 insertions, 260 deletions
diff --git a/dev-libs/Manifest.gz b/dev-libs/Manifest.gz Binary files differindex c1fea2a90933..a710f6ba6502 100644 --- a/dev-libs/Manifest.gz +++ b/dev-libs/Manifest.gz diff --git a/dev-libs/libclc/Manifest b/dev-libs/libclc/Manifest index 487fabc27f2a..144252d4fba0 100644 --- a/dev-libs/libclc/Manifest +++ b/dev-libs/libclc/Manifest @@ -4,17 +4,13 @@ DIST llvm-project-16.0.6.src.tar.xz 118013488 BLAKE2B 95192d39cbd2914e5609db3659 DIST llvm-project-16.0.6.src.tar.xz.sig 566 BLAKE2B 2060cebd5ed57cb8a86a44238c43dfd4b921649298b10c3d19da308374c1e49869174294e29943c2af459fe06428264e26881d6c1288ebbc48686cc2cf467c7a SHA512 ca249262c7102e0889ec1bdc6f71a3a6f0e7e5d5fbab8abcd6fccd2871e7955eff7af5b055a76006097baf0dfaf2f5069eff3035b3107fc552abdb2481b21447 DIST llvm-project-17.0.6.src.tar.xz 127838860 BLAKE2B d6ede1a9fda8756995c3e0654111941649e15794179641806f18919f1dc68c41ca0cabd5693b5096d05dccc3a391cd20d34af1137bf8af92ed3117a1ce84d1b2 SHA512 6d85bf749e0d77553cc215cbfa61cec4ac4f4f652847f56f946b6a892a99a5ea40b6ab8b39a9708a035001f007986941ccf17e4635260a8b0c1fa59e78d41e30 DIST llvm-project-17.0.6.src.tar.xz.sig 438 BLAKE2B 186e75b6a0fbfe1e85408589c149e1800fcc47d685b74e4260018e05cd08bc793d1d1197c9c50e177eea941a3d0c65cb0c583ce6dae449099b920adf8a508ef7 SHA512 f78c55053a6450625f3e95f52c305110b4468a9854fec75831b65b8d6ceee3c9206ab9e63c4b5fda8be9bd344f72cfbdaae0520ed240abd505e08ebeaa25d340 +DIST llvm-project-18.1.0rc1.src.tar.xz 131969632 BLAKE2B 0cc2f3049a89ee07182189a1ff7aec1751bfe6bbaed4887e139854737fe4eb0ec924b37d8d5b01e298d6a4b271735a615283465262345d0a288180edd6276139 SHA512 85afc331c8a023f4d8177cc42143b968b94d6987a7ed38b8be1170c6b4e1ef1a79d2d4e44d5fae98b713959b5d69bd4e44c6ba84355f59e8fe99588cbca03d7a +DIST llvm-project-18.1.0rc1.src.tar.xz.sig 566 BLAKE2B c9fd7e92e0c6bb8291314ed388d518d15b75c5d4e7ba5da461c2176c5519d721c5ae95d8ecf99ce17bdc398cf23f13b540aacab306c2923e4c0ac8a5f059746f SHA512 0bb072ef2d3156241bcb74102c977db73720f38918e1a0b2cbe6191b6884ce5750ed9f5af69575599bad840c0151a04f81ebc5194c4ce258cbd6516d6c26d9cb DIST llvm-project-1f13203029333ac99cc9844b8b6915aae3fc0902.tar.gz 205629630 BLAKE2B cd6c127bc7b63fffc4707863ab8a34e23371ce28878818723ba74d78a1be1b43c2f401fba7de2084f628f9418b7f0e7b9fe9c224b92dc44233cde2f5e3470333 SHA512 0b35754d6e8836267393d0d63effe04e1af5851b217252953ca3a75e7d71e32b1188991d34ff649f8c1cf2a1b49b844ca7e0704597655ffd37d151f4b9a0cf36 -DIST llvm-project-8d817f6479a5df874028a8b40fd30aecd3479005.tar.gz 204890108 BLAKE2B 8c57c556371b37d00cda753a40f1162e678d89fa40e8f2b90a38aab7e17f9debfb2ebad53a3a95aa530a9e3e2b4b735828e404e576c8f2738370ec41c28badce SHA512 a38ce082ca1b999888ee0a633b94a02258579591e6ce73ba4722eafb9f0610f9624887eca43e4a6ae567c07ffc014f4ea4137e905899407951265d7c93785f18 -DIST llvm-project-9eb0f86c279f40a792ec27bf0e9b491b8c90a640.tar.gz 205195168 BLAKE2B c3d051270958216196d6051d41e78168a7027714c5658c7edc70d274ed91f9d4ee16e8d1f92672bf252c65005c636c380766210ac3d80b4ac2f9f6305aefa29b SHA512 ee62acdfa756a2ddeb46fcafa364489885b6ecc50c87f365af42f308ebc87b9674c33c2f5a84c5169d9c9cada08e4fffe35d2eff48f05b70e791e27ac2c8b347 -DIST llvm-project-a085402ef54379758e6c996dbaedfcb92ad222b5.tar.gz 204569231 BLAKE2B 75403225fbe54f0921b279b237a90f1922b16997d1538fa5f225e04451fa2fc4a28e886efb7460ef0c26a3a964f0c57084e331b0736fa223926259c76d873200 SHA512 b8c6b0c7c0a4c369ecfa7ac71cf96549a19853e14bdf061b6b54429ce7ed998b236bb9ed3adbd6bf1c70c7e975508f751ebd0031ac2ff474d32216048a1c5f2d EBUILD libclc-15.0.7.ebuild 1668 BLAKE2B ac2bd589fb3c29662799f97b1f649fd22b1b7ce5701879815bc01a05ae88421a830a6a3507b4dead181f24eb4e45c451e8ea1ebbdac2a2de51ddbc3cd9f53c66 SHA512 a3e39fbaddb322360f6362ef21713f375d04e02b2b9a3d43a3d47b26d5d43643a8c654181aef9518aee5f9805d09c446bbbf13342b74f09622e5e1b0c59470b1 EBUILD libclc-16.0.6.ebuild 1665 BLAKE2B 27ffe7083936c466a749550797d109c7a48fc6aaf110977c53ae2d4c5edd558c958a4981020b2c74c6b0c47aeee184edc6e1f192da93f57972fe9cc9abfaa762 SHA512 5007264c688588ec9fd7e74e88a1c1810be2602b744a64d8927275bc8ceaf278d9598222c5d2e3d3fa64504364625b03951752ef7221fd1bf16cc26fbd54ad80 EBUILD libclc-17.0.6.ebuild 1750 BLAKE2B 691bf74589650205182ca24a01d649678773a495f33876dc348a695fa34012782c58a723e5df0fca84d1715966c8bb8ac94cf30624ea773964330195c89109c7 SHA512 83d560e10793c5a188d6dcaaaf5a3bcd92e7ea1d5ea21af319b6ca9befeabc812af8122934902f3423afb6e3a941af5c38ae689e14584bce4753fb29a7db6745 -EBUILD libclc-18.0.0.9999.ebuild 1715 BLAKE2B f82abdc9c110b6f6b317aead9273000c5b3cdadf69bd2e9ebf5c480c74a50c072c92d2945b16d83fc8a28365be4c329269a21788e94391ba7d1f3cee41c9d0a2 SHA512 a26879108f8a308273a1bc81eea612403baf48ad20480eb8b8760176928be7083cc062f223535e01e5dd19372bcbb3d63769121a57ce26dfc723987e5b3fbb51 -EBUILD libclc-18.0.0_pre20240106.ebuild 1715 BLAKE2B 7be5f456b776d2a04a0494e54b49c99c4467d9deaecee2aa87585e34394bbd6e3d53b1166983a9cd84a8c7d5c677d94feed73088662a45fecece534ed2c4c978 SHA512 9b169c453be57b7e39872d9a5303b977cc20f949f20f5fa32b1095d87355b85c9efe85cb278f3e015b2a45614585b3e9a7c1db321542f52f8b40337d66a626a4 -EBUILD libclc-18.0.0_pre20240113.ebuild 1715 BLAKE2B 7be5f456b776d2a04a0494e54b49c99c4467d9deaecee2aa87585e34394bbd6e3d53b1166983a9cd84a8c7d5c677d94feed73088662a45fecece534ed2c4c978 SHA512 9b169c453be57b7e39872d9a5303b977cc20f949f20f5fa32b1095d87355b85c9efe85cb278f3e015b2a45614585b3e9a7c1db321542f52f8b40337d66a626a4 -EBUILD libclc-18.0.0_pre20240120.ebuild 1559 BLAKE2B 0fa72bb8f94f561d769439ff83574998ef19ea34a77c12d566b965f069ecc72a74210038954d91da74033cb8df2f63197825bb191b898c4cb188e4289c21cd99 SHA512 fee8a3cec13779ecaa88fca5fc4fca4b0f7863ae6b4b39bcdc3a410b1f2b807fabd5c2589635b5b63a0196cc0bfe84f326ae856f18b6d484604aae8b49e85cf9 +EBUILD libclc-18.1.0_rc1.ebuild 1715 BLAKE2B 7be5f456b776d2a04a0494e54b49c99c4467d9deaecee2aa87585e34394bbd6e3d53b1166983a9cd84a8c7d5c677d94feed73088662a45fecece534ed2c4c978 SHA512 9b169c453be57b7e39872d9a5303b977cc20f949f20f5fa32b1095d87355b85c9efe85cb278f3e015b2a45614585b3e9a7c1db321542f52f8b40337d66a626a4 EBUILD libclc-19.0.0.9999.ebuild 1715 BLAKE2B 7be5f456b776d2a04a0494e54b49c99c4467d9deaecee2aa87585e34394bbd6e3d53b1166983a9cd84a8c7d5c677d94feed73088662a45fecece534ed2c4c978 SHA512 9b169c453be57b7e39872d9a5303b977cc20f949f20f5fa32b1095d87355b85c9efe85cb278f3e015b2a45614585b3e9a7c1db321542f52f8b40337d66a626a4 EBUILD libclc-19.0.0_pre20240127.ebuild 1715 BLAKE2B 7be5f456b776d2a04a0494e54b49c99c4467d9deaecee2aa87585e34394bbd6e3d53b1166983a9cd84a8c7d5c677d94feed73088662a45fecece534ed2c4c978 SHA512 9b169c453be57b7e39872d9a5303b977cc20f949f20f5fa32b1095d87355b85c9efe85cb278f3e015b2a45614585b3e9a7c1db321542f52f8b40337d66a626a4 MISC metadata.xml 362 BLAKE2B 768f93d0058e4da4b420569f3f1771dfa7385ad89540bbc18cf53b5a71e3f060a8afa1112ff37570d7fc9dc3e71619fa3fd8d0cf7b5d3954f5110b19e146df30 SHA512 e6335424da09f668953acd39dcd9b03a30e3b509b34b1de5c72644a3740a5b6b287f10e08405b79bafc8104cc4dc1324b7b9d7990c3b560b0235ae82da8c68a5 diff --git a/dev-libs/libclc/libclc-18.0.0.9999.ebuild b/dev-libs/libclc/libclc-18.0.0.9999.ebuild deleted file mode 100644 index 33b0826b8285..000000000000 --- a/dev-libs/libclc/libclc-18.0.0.9999.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{10..12} ) -inherit cmake llvm llvm.org python-any-r1 - -DESCRIPTION="OpenCL C library" -HOMEPAGE="https://libclc.llvm.org/" - -LICENSE="Apache-2.0-with-LLVM-exceptions || ( MIT BSD )" -SLOT="0" -IUSE="+spirv video_cards_nvidia video_cards_r600 video_cards_radeonsi" - -LLVM_MAX_SLOT=17 -BDEPEND=" - ${PYTHON_DEPS} - || ( - ( - sys-devel/clang:17 - spirv? ( dev-util/spirv-llvm-translator:17 ) - ) - ( - sys-devel/clang:16 - spirv? ( dev-util/spirv-llvm-translator:16 ) - ) - ( - sys-devel/clang:15 - spirv? ( dev-util/spirv-llvm-translator:15 ) - ) - ( - sys-devel/clang:14 - spirv? ( dev-util/spirv-llvm-translator:14 ) - ) - ( - sys-devel/clang:13 - spirv? ( dev-util/spirv-llvm-translator:13 ) - ) - ) -" - -LLVM_COMPONENTS=( libclc ) -llvm.org_set_globals - -llvm_check_deps() { - if use spirv; then - has_version -b "dev-util/spirv-llvm-translator:${LLVM_SLOT}" || - return 1 - fi - has_version -b "sys-devel/clang:${LLVM_SLOT}" -} - -pkg_setup() { - llvm_pkg_setup - python-any-r1_pkg_setup -} - -src_configure() { - local libclc_targets=() - - use spirv && libclc_targets+=( - "spirv-mesa3d-" - "spirv64-mesa3d-" - ) - use video_cards_nvidia && libclc_targets+=( - "nvptx--" - "nvptx64--" - "nvptx--nvidiacl" - "nvptx64--nvidiacl" - ) - use video_cards_r600 && libclc_targets+=( - "r600--" - ) - use video_cards_radeonsi && libclc_targets+=( - "amdgcn--" - "amdgcn-mesa-mesa3d" - "amdgcn--amdhsa" - ) - [[ ${#libclc_targets[@]} ]] || die "libclc target missing!" - - libclc_targets=${libclc_targets[*]} - local mycmakeargs=( - -DLIBCLC_TARGETS_TO_BUILD="${libclc_targets// /;}" - ) - cmake_src_configure -} diff --git a/dev-libs/libclc/libclc-18.0.0_pre20240113.ebuild b/dev-libs/libclc/libclc-18.0.0_pre20240113.ebuild deleted file mode 100644 index 70dacd0cf8da..000000000000 --- a/dev-libs/libclc/libclc-18.0.0_pre20240113.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{10..12} ) -inherit cmake llvm llvm.org python-any-r1 - -DESCRIPTION="OpenCL C library" -HOMEPAGE="https://libclc.llvm.org/" - -LICENSE="Apache-2.0-with-LLVM-exceptions || ( MIT BSD )" -SLOT="0" -IUSE="+spirv video_cards_nvidia video_cards_r600 video_cards_radeonsi" - -LLVM_MAX_SLOT=17 -BDEPEND=" - ${PYTHON_DEPS} - || ( - ( - sys-devel/clang:17 - spirv? ( dev-util/spirv-llvm-translator:17 ) - ) - ( - sys-devel/clang:16 - spirv? ( dev-util/spirv-llvm-translator:16 ) - ) - ( - sys-devel/clang:15 - spirv? ( dev-util/spirv-llvm-translator:15 ) - ) - ( - sys-devel/clang:14 - spirv? ( dev-util/spirv-llvm-translator:14 ) - ) - ( - sys-devel/clang:13 - spirv? ( dev-util/spirv-llvm-translator:13 ) - ) - ) -" - -LLVM_COMPONENTS=( libclc ) -llvm.org_set_globals - -llvm_check_deps() { - if use spirv; then - has_version -b "dev-util/spirv-llvm-translator:${LLVM_SLOT}" || - return 1 - fi - has_version -b "sys-devel/clang:${LLVM_SLOT}" -} - -pkg_setup() { - llvm_pkg_setup - python-any-r1_pkg_setup -} - -src_configure() { - local libclc_targets=() - - use spirv && libclc_targets+=( - "spirv-mesa3d-" - "spirv64-mesa3d-" - ) - use video_cards_nvidia && libclc_targets+=( - "nvptx--" - "nvptx64--" - "nvptx--nvidiacl" - "nvptx64--nvidiacl" - ) - use video_cards_r600 && libclc_targets+=( - "r600--" - ) - use video_cards_radeonsi && libclc_targets+=( - "amdgcn--" - "amdgcn-mesa-mesa3d" - "amdgcn--amdhsa" - ) - [[ ${#libclc_targets[@]} ]] || die "libclc target missing!" - - libclc_targets=${libclc_targets[*]} - local mycmakeargs=( - -DLIBCLC_TARGETS_TO_BUILD="${libclc_targets// /;}" - ) - cmake_src_configure -} diff --git a/dev-libs/libclc/libclc-18.0.0_pre20240120.ebuild b/dev-libs/libclc/libclc-18.0.0_pre20240120.ebuild deleted file mode 100644 index b5f679391dfd..000000000000 --- a/dev-libs/libclc/libclc-18.0.0_pre20240120.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{10..12} ) -inherit cmake llvm llvm.org python-any-r1 - -DESCRIPTION="OpenCL C library" -HOMEPAGE="https://libclc.llvm.org/" - -LICENSE="Apache-2.0-with-LLVM-exceptions || ( MIT BSD )" -SLOT="0" -IUSE="+spirv video_cards_nvidia video_cards_r600 video_cards_radeonsi" - -LLVM_MAX_SLOT=17 -BDEPEND=" - ${PYTHON_DEPS} - || ( - ( - sys-devel/clang:17 - spirv? ( dev-util/spirv-llvm-translator:17 ) - ) - ( - sys-devel/clang:16 - spirv? ( dev-util/spirv-llvm-translator:16 ) - ) - ( - sys-devel/clang:15 - spirv? ( dev-util/spirv-llvm-translator:15 ) - ) - ) -" - -LLVM_COMPONENTS=( libclc ) -llvm.org_set_globals - -llvm_check_deps() { - if use spirv; then - has_version -b "dev-util/spirv-llvm-translator:${LLVM_SLOT}" || - return 1 - fi - has_version -b "sys-devel/clang:${LLVM_SLOT}" -} - -pkg_setup() { - llvm_pkg_setup - python-any-r1_pkg_setup -} - -src_configure() { - local libclc_targets=() - - use spirv && libclc_targets+=( - "spirv-mesa3d-" - "spirv64-mesa3d-" - ) - use video_cards_nvidia && libclc_targets+=( - "nvptx--" - "nvptx64--" - "nvptx--nvidiacl" - "nvptx64--nvidiacl" - ) - use video_cards_r600 && libclc_targets+=( - "r600--" - ) - use video_cards_radeonsi && libclc_targets+=( - "amdgcn--" - "amdgcn-mesa-mesa3d" - "amdgcn--amdhsa" - ) - [[ ${#libclc_targets[@]} ]] || die "libclc target missing!" - - libclc_targets=${libclc_targets[*]} - local mycmakeargs=( - -DLIBCLC_TARGETS_TO_BUILD="${libclc_targets// /;}" - ) - cmake_src_configure -} diff --git a/dev-libs/libclc/libclc-18.0.0_pre20240106.ebuild b/dev-libs/libclc/libclc-18.1.0_rc1.ebuild index 70dacd0cf8da..70dacd0cf8da 100644 --- a/dev-libs/libclc/libclc-18.0.0_pre20240106.ebuild +++ b/dev-libs/libclc/libclc-18.1.0_rc1.ebuild diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 8518084ca623..edcc90476bd4 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -13,15 +13,24 @@ DIST openssl-3.0.11.tar.gz 15198318 BLAKE2B e522573aa72c8f6ffef82f20de36178fc6f9 DIST openssl-3.0.11.tar.gz.asc 833 BLAKE2B e6e2636d5bb5fffb86833e64437fb440bbfd1c4e2bfbfdd72280cf1ce388b70d30eeea56ef6f3bb673e7dcd12020d993ef95f96bf099ded38e8cde4b549b38fa SHA512 3c1fe94fc46861870d99d1edcfe3c151272f7864dde36b66e87a0c79d2289e9ed5cfc48bfa65ba0e88eadcb3cc8307d702e01155f48af8ffc2d4f8fbbf3aa03c DIST openssl-3.0.12.tar.gz 15204575 BLAKE2B 1f00e33a5ed64a51cf28f0dbe7d53a9197c1edae7538dea9573394ee4dc03a885483d74b0b47a78b9067e87b4f420b9d7103f351bfec91710c168051cb7148df SHA512 63e003653dd1126c66e278969a626cdf0801b97da8b7076824d661e4a77e1572c3171cf7f006c972b95bcfa284889ee0362d8a46a851f7d8e743e2a1fe593b24 DIST openssl-3.0.12.tar.gz.asc 833 BLAKE2B 5c7914e0449a1f2fad433544fa637263b237c2637b86960f904a7840ef6bd627728dfa45373e03a6ce7a0a4570d03e1dcd0188059bd5dbcc83d49d10be64dd39 SHA512 072d1572e6cc5240fed69c01b1f7f74958ceba33cec3b0a7f0db5929dc884381320fb737ec6b38f95ef81c855e2d382d7ecd19431a328b08efad70288ec4a964 +DIST openssl-3.0.13.tar.gz 15294843 BLAKE2B 869aa5f70a8c1d0cac6027e9261530df70ab5a8b448c785f5f8ff3f206e742c5364424132d0e109a6449af9b4082c4c179c7103dccb16a4539f776ca834c8ccc SHA512 22f4096781f0b075f5bf81bd39a0f97e111760dfa73b6f858f6bb54968a7847944d74969ae10f9a51cc21a2f4af20d9a4c463649dc824f5e439e196d6764c4f9 +DIST openssl-3.0.13.tar.gz.asc 833 BLAKE2B 519515b6faa505d68ff9acc30db9515fac494145086fa5ad9561c39385a6fabb39ad9de10fedd49c8fc716ec59ea1b13ec5e6b466e549ea9f29b8d0bb74ba7b3 SHA512 c52d97c93d16f3ca2a7026fb25890482b6d86c37b5ab686c56b0e08522743ec4ea3f84afa4deb64b0df0d9a16b557430c4d4139ab42ffcf97d769b61d1e6197c DIST openssl-3.1.4.tar.gz 15569450 BLAKE2B bd6a3ef458f86dd5173e87b10432bd81c1570e1848da3c4d7a06eb021d2f67e4075421885c402f6ea792e383e756d78757c17ef060094e840ed5df6faf3d7f9e SHA512 a69df4a018f57dee7d8a57c8003a6869eba11f1eaa394518976642a993780d0de3326019e92dea4c679c6c581fef568ea616ec541afc0792800359c606dffcd2 DIST openssl-3.1.4.tar.gz.asc 833 BLAKE2B 9f4c2365617b3ea21c8d4f4281befe584e8d39d5f0546fb17d151b21b20615e5d20ed9105881ee981948e866a7629930a7544263c124dce66a9df4f19e16708e SHA512 fc5fa55a54e3da5d48229f25073186613ddf6bb3907999b53ed61832cce9acef00c79d45357bc8590eeeeffb04a829d45921d982924300da16d84eb5333c1512 +DIST openssl-3.1.5.tar.gz 15663524 BLAKE2B a12eb88b0a4f2d927123e0d3ca7d2f80f2bdc867c710d24700fe39b631b93d90c73c3deceff151a9fa818ac88026eb798f3253f22d03c839ab9574086fa61eee SHA512 82e2ac6b3d9b03f8fc66d2ec421246e989eb702eb94586515abfb5afb5300391a0beedf6a2602f61ac10896b41e5608feeeeb4d37714fa17ac0f2ce465249fa9 +DIST openssl-3.1.5.tar.gz.asc 833 BLAKE2B 633502ec0a87074136d7ea42d9ac5f3df53523560d2a97410b5b57d28d916336da95ab5521c10f94202e3a0995331f0e17bdcf8843135634a5d5a95cfafc7b21 SHA512 48187bb8a7bdbd8b76fdcca736d2b03e2a89330b304eefb4e9620f570c741c60f2023307d8619ba1fa101a99223f94895e7be57ced6547a4fb06bd4c3677533a DIST openssl-3.2.0.tar.gz 17698352 BLAKE2B 776123929796d2eb0f3974bf6ee3a55df9187231632837576bf5ded7b5917f052683cdfc756693c1bee6fe1ffc7c3cb1ebcf833018d3caf51886f4f4e7a495f1 SHA512 ba3ac38365fd0c50f1eaf1693b6200a0d66f01ff53c2d3bb0358643cd83fc0c61fc3b84c0658cf74b6ae91d7d8a9da7291697bd9be3063ada8a9df879e58ed52 DIST openssl-3.2.0.tar.gz.asc 833 BLAKE2B b73fd622276e9c8c592b49853c4aec04a9a84bab296aedf1489866ea6e0b5bfe0f299eadbd6e8eecb54e350958f253308f197ed5998cebf0512ca058bf48fdac SHA512 636ed26fc3e9ad63f0666407f254be885c3e8e5db15e5d95f13207099853bac5dbb4e682113a9339f795630396fda78a735aa04b72098d34d5c65ae3c2ed7a33 +DIST openssl-3.2.1.tar.gz 17733249 BLAKE2B 960222e0305166160e5ab000e29650b92063bf726551ee9ad46060166d99738d1e3a5b86fd28b14c8f4fb3a72f5aa70850defb87c02990acff3dbcbdac40b347 SHA512 bab2b2419319f1feffaba4692f03edbf13b44d1090c6e075a2d69dad67a2d51e64e6edbf83456a26c83900a726d20d2c4ee4ead9c94b322fd0b536f3b5a863c4 +DIST openssl-3.2.1.tar.gz.asc 833 BLAKE2B a1d25fe30bf1804d13a8b6b98edf56be5bf744d9e2706f4169455c24efe2e3a361487d00d0d4bac240c3f0170693d77a39dd0d4ee5c792d2247aa00c47e74ebf SHA512 de39516c7b77612f33cdc830a8d13ef6bcd91c03d24a6ed105480f140f9e1ad7049844e234c96a516d62e0e33ce90442ffd0f309ea674884c735f04d8562f372 EBUILD openssl-1.0.2u-r1.ebuild 10129 BLAKE2B fe03657452c1218e9ed6fff4b939ae5a1b648b20495690c8cc5f8668b6985c860176733080b4f0265d4bae6bc060bf432995a404be24733735ede3f5440f793a SHA512 e843699fac5b1bdf348fb13cd7de96af09af709e6b9dd5d0ca20d867a38ad870504ac58e7bf21efc01f8303520938031f36f0f5e5d1e76458c6e954ee464f364 EBUILD openssl-1.1.1u.ebuild 8233 BLAKE2B 77778affcb905c13b135e558e94acb286cb0acaf430cae2f352410403679cc2b7161f567a0256bd3fcf56a6d5cb80b6fc29a0e9394d63ad9d74c11d0dce5aa05 SHA512 690fc0132105393611283f679d9c6a44b59178dc5902413a6f5bf7ca900676fd5d8f2e980f9200278509eba8f9d9f68db44d6874246a76363a862d7f1cc2b5b8 EBUILD openssl-1.1.1w.ebuild 8241 BLAKE2B 1c8b255f34e9de7c2aa59772a949c10809e1c0296a64e4e6dc24e2fddd4777d61674149bd4ba1b822852a36fe16fc927377c685e0ec209f5b43efc4a23466c40 SHA512 4b6c89c71cff8bbc8f49d6acea55d1606797b9b5a8f5f9b5408ba3d8afaf041b66309d0b6e96e0e646668dcd68a80be15f85ca7898bd80d67f826ab7e067c964 EBUILD openssl-3.0.11.ebuild 8719 BLAKE2B fa28b31cc2f72147114cdc89b4253603855bd6cdf93b62a124caaff88f927412fdd1811e50ca35adb9885fa3fccb53203a46f231479373047fbd0fe709c8e228 SHA512 b5a46310bc8a5e842cca20c7755494fa6ff1d63eab24efbad516362cd68dce74380790050143beee437808fd724a41f323e04f4815833f6ea535c8022bc12162 EBUILD openssl-3.0.12.ebuild 8719 BLAKE2B fa28b31cc2f72147114cdc89b4253603855bd6cdf93b62a124caaff88f927412fdd1811e50ca35adb9885fa3fccb53203a46f231479373047fbd0fe709c8e228 SHA512 b5a46310bc8a5e842cca20c7755494fa6ff1d63eab24efbad516362cd68dce74380790050143beee437808fd724a41f323e04f4815833f6ea535c8022bc12162 +EBUILD openssl-3.0.13.ebuild 8495 BLAKE2B 622335e6f8a5186131dc7f0b037127785bef026e843b376b03b37b53c5e8a3cdf52682627b18407329e0ac519eaa3533a394bdfdfcc6fba38ab7eee406316fa2 SHA512 1718ff8b1afddd18604863f0a3cce9675bf77d0e49d45c87405aaf5e4b40f5e7c00f78904ce9b67c92b941627e2addcb4c887b90701ffa406b87b350c5570548 EBUILD openssl-3.1.4.ebuild 8773 BLAKE2B efccc59361afb398ff899f09c07c1cba34498d7ceea6acf6d26b10088a32830855c03946f5ec56d0f9a842aed448b8b7438a05520164f9edffd37b4d5c0aebed SHA512 0796f29900094b5d7cd7e500d726c7a941fd9776afad2e699a326ea7381a78078cc6fb60df02fd90410c7770f33ca7401852f9be867fdf3896486532d8c7279e +EBUILD openssl-3.1.5.ebuild 8534 BLAKE2B b0d0b4c64ad7b025272ac54150ef9ea18e6ab974d558c002098a058600d8aff9253fe9a5d9eb78866f7734e6b2c0cc3222141a7738c5b21311d8d64f0867e2b9 SHA512 6b2c1cb64541d043048864110d4eb35df6c9b45228a4224a9788ac392f59358e1fb62a6c821bc5c05af4cf7ba29b7a0bfbb7f8ef3fbeb619b5b97444b1daff39 EBUILD openssl-3.2.0.ebuild 9212 BLAKE2B 4e0af2380d1ad5195f5172bfa4607e5f86f3b92b5dd0948b5fa507c97213d8049504690b0b6706a299550db95050a3f60f0000fb93c9da1b06e26e42821fd41b SHA512 a2fbb05ea65c0c0a18df39ab4ce21421cb8c47971049c37758ed992fadfde2e5b89a1de75e56bd3de73b407915187fba79dc97d73c475ee13e55ab8ee8242c07 +EBUILD openssl-3.2.1.ebuild 9106 BLAKE2B ebf124ec47719b760b4afe73bebdbc8a1c3bb72e4817ae040a4613523b3d87a2f1183e4039cef376e6240f2776ddd7d449355c11015ae5efb59d592f3754c3fc SHA512 efe7e4100a2ad23e2a8df3739c5c60c5520ccb62f6ea09b0d159ed6fd8f88a8f8bb88a3abba4f93f3ae11e732fb3f27772adccc96bae3e5aaca8317b3c35bdeb MISC metadata.xml 1566 BLAKE2B ae4515c90356b8a2d3e2df8e0cea43c587f73bd2e08f696c065c2254639009b6806806df8a84c63d00781b0cbf906a0d11e94b715749ab1292e77afa9cd5bcc2 SHA512 4a5e6b894476e74f1f93f00c326139eadf1afd498f4508fb723322539f29e53aec6dd198da878db714d2da61ab266089c2dd2f91b9fc66a34375ceb6f68ca394 diff --git a/dev-libs/openssl/openssl-3.0.13.ebuild b/dev-libs/openssl/openssl-3.0.13.ebuild new file mode 100644 index 000000000000..647c4ee7dbf9 --- /dev/null +++ b/dev-libs/openssl/openssl-3.0.13.ebuild @@ -0,0 +1,278 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://www.openssl.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI="mirror://openssl/source/${MY_P}.tar.gz + verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/3" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )" + +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile || die + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 + append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/openssl/openssl-3.1.5.ebuild b/dev-libs/openssl/openssl-3.1.5.ebuild new file mode 100644 index 000000000000..a95bf0b407ff --- /dev/null +++ b/dev-libs/openssl/openssl-3.1.5.ebuild @@ -0,0 +1,281 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://www.openssl.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + mirror://openssl/source/${MY_P}.tar.gz + verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc ) + " + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + !<net-misc/openssh-9.2_p1-r3 + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )" + +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 + append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/openssl/openssl-3.2.1.ebuild b/dev-libs/openssl/openssl-3.2.1.ebuild new file mode 100644 index 000000000000..d64504cbcd91 --- /dev/null +++ b/dev-libs/openssl/openssl-3.2.1.ebuild @@ -0,0 +1,300 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://www.openssl.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + mirror://openssl/source/${MY_P}.tar.gz + verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc ) + " + + #if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then + # KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + #fi +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + !<net-misc/openssh-9.2_p1-r3 + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )" + +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_unpack() { + # Can delete this once test fix patch is dropped + if use verify-sig ; then + # Needed for downloaded patch (which is unsigned, which is fine) + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc} + fi + + default +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 + append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # See https://github.com/openssl/openssl/blob/master/test/README.md for options. + # + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + # + # -j1 here for https://github.com/openssl/openssl/issues/21999, but it + # shouldn't matter as tests were already built earlier, and HARNESS_JOBS + # controls running the tests. + emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} |