summaryrefslogtreecommitdiff
path: root/dev-libs
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2024-06-02 00:07:23 +0100
committerV3n3RiX <venerix@koprulu.sector>2024-06-02 00:07:23 +0100
commit6657c680376cedf378fcf328e5fa03ed3b41d580 (patch)
tree44ea8d174f647daca562b9bdcbcb527a85a77d0a /dev-libs
parent1551fe56fd6ba43a94509cffc61b6bf854b7ac9f (diff)
gentoo auto-resync : 02:06:2024 - 00:07:23
Diffstat (limited to 'dev-libs')
-rw-r--r--dev-libs/Manifest.gzbin98556 -> 98550 bytes
-rw-r--r--dev-libs/apache-arrow/Manifest2
-rw-r--r--dev-libs/apache-arrow/apache-arrow-16.1.0.ebuild2
-rw-r--r--dev-libs/boehm-gc/Manifest2
-rw-r--r--dev-libs/boehm-gc/boehm-gc-8.2.6.ebuild2
-rw-r--r--dev-libs/boost/Manifest3
-rw-r--r--dev-libs/boost/boost-1.85.0.ebuild3
-rw-r--r--dev-libs/boost/files/boost-1.85.0-python-numpy-2.patch26
-rw-r--r--dev-libs/libassuan/Manifest2
-rw-r--r--dev-libs/libassuan/libassuan-2.5.7.ebuild2
-rw-r--r--dev-libs/libsodium/Manifest2
-rw-r--r--dev-libs/libsodium/libsodium-1.0.19_p20240117.ebuild2
-rw-r--r--dev-libs/nss/Manifest3
-rw-r--r--dev-libs/nss/nss-3.90.2.ebuild419
-rw-r--r--dev-libs/nss/nss-3.99.ebuild418
-rw-r--r--dev-libs/openssl/Manifest10
-rw-r--r--dev-libs/openssl/openssl-3.0.11.ebuild288
-rw-r--r--dev-libs/openssl/openssl-3.0.12.ebuild288
-rw-r--r--dev-libs/openssl/openssl-3.0.13-r1.ebuild282
-rw-r--r--dev-libs/openssl/openssl-3.0.13.ebuild278
-rw-r--r--dev-libs/openssl/openssl-3.1.5-r1.ebuild285
-rw-r--r--dev-libs/openssl/openssl-3.2.1-r1.ebuild306
-rw-r--r--dev-libs/raft/Manifest2
-rw-r--r--dev-libs/raft/raft-0.22.0.ebuild60
24 files changed, 38 insertions, 2649 deletions
diff --git a/dev-libs/Manifest.gz b/dev-libs/Manifest.gz
index 1c7bb12a2386..3a24871d79ab 100644
--- a/dev-libs/Manifest.gz
+++ b/dev-libs/Manifest.gz
Binary files differ
diff --git a/dev-libs/apache-arrow/Manifest b/dev-libs/apache-arrow/Manifest
index 886e4d0dec83..6d86f9bb71a2 100644
--- a/dev-libs/apache-arrow/Manifest
+++ b/dev-libs/apache-arrow/Manifest
@@ -4,5 +4,5 @@ DIST apache-arrow-16.1.0.tar.gz 21707079 BLAKE2B 5541c364351e59e8164f2461546bce3
DIST apache-arrow-arrow-data-25d16511e8d42c2744a1d94d90169e3a36e92631.tar.gz 3571960 BLAKE2B c1c076bb3ff6427a45d1a157c60fb13c37786f97d213768c0bbe1ae073b5fb8d23cd402bdcfee303061df56bf3421ea8376f7c4ba9fec04c5cb35a85a32280f2 SHA512 abbc18da8f03b123a2d97eee709e929bbb5d567bf23219bbc63508c0e82ef99d7c0d71ca2d952566b63e968cffd96c5e1c62be9cb658323c949f229ff03234a8
DIST apache-arrow-parquet-data-74278bc4a1122d74945969e6dec405abd1533ec3.tar.gz 1037654 BLAKE2B c9bb725a16f6706a3859bb36a60b700af62cb5f96546483ef1de0b65900b02b4f9013841d7b3dc70fd0f2fd8969b4d5c72d0fb68972568f61b4a6863a0df6f60 SHA512 18f8e2480079a0fd29eec2b8e5f753af1ee80255f6fc80af4acbf5c56e6dec08e2f9f54d8c5734c929ef901c63e4009c5d830325333fa6cc947d40ff5dcddfa3
EBUILD apache-arrow-16.0.0.ebuild 3049 BLAKE2B f438fd6983f16626a4f62132345bc4c768c1349f43cec81a7a501bdc6b20b905a1602b961ca9b3ef6c975608b7d0a9af512da2416867f227252017c27b083f17 SHA512 c6164b633e0ea7b2fcdd95cb69b0e09ae031d323bafda63d6f5d5238a4528d59b94aff70361a964ae92f7a1557a3ec948798d3afa26870b52d42f3ee9290038e
-EBUILD apache-arrow-16.1.0.ebuild 3050 BLAKE2B be7e8330ac83642281621755bfd0d247b0b37c6552d91574fa6be1958284632e0a7b69d65f4d3da029b6b6ea4db777f2b47ddebac39dfd6b77c8b9e700aea215 SHA512 fa7fe4fd25c3dd2c475891970eb38c75cafa6ad2fd4d6828bbd3f69b180b83d35eaa94f97ddf1c8c643f61994874ab14df36d8d55773f3cd7ce4a4b02a276232
+EBUILD apache-arrow-16.1.0.ebuild 3049 BLAKE2B f438fd6983f16626a4f62132345bc4c768c1349f43cec81a7a501bdc6b20b905a1602b961ca9b3ef6c975608b7d0a9af512da2416867f227252017c27b083f17 SHA512 c6164b633e0ea7b2fcdd95cb69b0e09ae031d323bafda63d6f5d5238a4528d59b94aff70361a964ae92f7a1557a3ec948798d3afa26870b52d42f3ee9290038e
MISC metadata.xml 912 BLAKE2B bffeb1e6d52455313e89396d9b1821fd7d5064e887213d13ae933ef8185318a40095c1623f3793f62d296ecb1afed591614fadc2ca3f75332df1e5a2f5a28d84 SHA512 11fb4dfe0e8c938e6bf3e7e53d1dccee08d80ba32396ac454226827e7c4ed2db70c53812060a9478e359fb2c48c221a05b3632409d73f2659b2117b7c56e8e51
diff --git a/dev-libs/apache-arrow/apache-arrow-16.1.0.ebuild b/dev-libs/apache-arrow/apache-arrow-16.1.0.ebuild
index 9be18f6b6223..8b1d7dc7296d 100644
--- a/dev-libs/apache-arrow/apache-arrow-16.1.0.ebuild
+++ b/dev-libs/apache-arrow/apache-arrow-16.1.0.ebuild
@@ -28,7 +28,7 @@ S="${WORKDIR}/${P}/cpp"
LICENSE="Apache-2.0"
SLOT="0/$(ver_cut 1)"
-KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~riscv ~s390 ~x86"
+KEYWORDS="amd64 ~arm ~arm64 ~hppa ~loong ~riscv ~s390 ~x86"
IUSE="
+brotli bzip2 compute dataset +json lz4 +parquet re2 +snappy ssl
test zlib zstd
diff --git a/dev-libs/boehm-gc/Manifest b/dev-libs/boehm-gc/Manifest
index d1807026afb8..7dfb46dec28a 100644
--- a/dev-libs/boehm-gc/Manifest
+++ b/dev-libs/boehm-gc/Manifest
@@ -1,5 +1,5 @@
DIST gc-8.2.4.tar.gz 1210929 BLAKE2B 48f058b3f6f9f708d4335a7a0b077aab4ea5df32be73038bb8c20c12483d7ec8798b16db85afed5aa270f0f818de08abf9407036f662c757f361a929f99d951f SHA512 27d014378000f25fb2f5598904be85604822d5ed4553f8b3d1c279122300d3958b4432ec08f951cfd842d92121ea8a030dda34bf2475ec53d4fded551fdd3a98
DIST gc-8.2.6.tar.gz 1216440 BLAKE2B fb1a51ed90ecd2e81a5d398593717ece3079d3d6f265521dd48ee7e1038700272bfccb6788f4e9915fb3fafd6f1be3775a3b69f38912eae0f6578822d168398a SHA512 48afcc1d8570d6b5d62addf8b7b947a3836717e71c073f6dff8982744c06f5973a02e890d17e8dd93f7f997d029b49c652929e6efa0e32aefbcdf7ab0910eda5
EBUILD boehm-gc-8.2.4.ebuild 1447 BLAKE2B 0219afd9bdb00017e8c2e0b763ee48155ddc77059285be61cf5c37dbc30a95e652e99b10bcc23f7e6a7b21bde3993c04ab6785794ba9314c288e327436ba1161 SHA512 65e89ed9a992c4121fb4e56c6edf399760968747efcccae510f6b5bc562513ab91bbf22de195fccd3f91c449ecd02573bdde54c7627d859ea773b916897af2f4
-EBUILD boehm-gc-8.2.6.ebuild 1463 BLAKE2B 184722f20ea243a1477265bde11a8d315f5a73648421e98c4cce42963e2ea5b5eb6f521afaf4aa0efa7fb4fb161c9d934f41a9cdbb3fdbd2700fb91c9c08688a SHA512 6ec42926627a44a64cfd87a15659a4af702ec8ca60bd45641e93d853da41901497a57c67d10efd85a63eb5db9b168977884e651a599190b5c6c80357d4a3ab0a
+EBUILD boehm-gc-8.2.6.ebuild 1462 BLAKE2B fdedd13ce69eb75819b3dc356014a5753d4651fc3ea81a7545d065c33ae5bcc4d76e36baaf3f1b60bb2f054682629f801ec759f316500910735eff4cde245ef9 SHA512 64a699e7471f33957befd8befd6ee71b2c8e1acae67445890149c698753372e0ff6a862fd9cd8c70d2356442e604f4fd396e50b6938e7d681eb36a8b1efc9a22
MISC metadata.xml 441 BLAKE2B 1a5b60a047e52ee63b74e85d8f04fb905a9d7f562054d12286d9bc14d654e6875550186cca2c8c9f149f5fe950b5337cbab510f98c49faeb7c983b07b97726e6 SHA512 c4e4af95746b4270a64e5238999c4ab44568d22350a60118e6e798cfab9a3e4dbd0012c56fa809a1ca115cb8772faa3f161f29afe70770fba8e7cdcd364b83c4
diff --git a/dev-libs/boehm-gc/boehm-gc-8.2.6.ebuild b/dev-libs/boehm-gc/boehm-gc-8.2.6.ebuild
index cbd54c7969a0..e42c17128546 100644
--- a/dev-libs/boehm-gc/boehm-gc-8.2.6.ebuild
+++ b/dev-libs/boehm-gc/boehm-gc-8.2.6.ebuild
@@ -17,7 +17,7 @@ LICENSE="boehm-gc"
# We've been using subslot 0 for these instead of "1.1".
SLOT="0"
# Don't keyword versions if upstream mark them as pre-release.
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
IUSE="cxx +large static-libs +threads"
RDEPEND=">=dev-libs/libatomic_ops-7.4[${MULTILIB_USEDEP}]"
diff --git a/dev-libs/boost/Manifest b/dev-libs/boost/Manifest
index 332622108793..9f57ad68f816 100644
--- a/dev-libs/boost/Manifest
+++ b/dev-libs/boost/Manifest
@@ -5,8 +5,9 @@ AUX boost-1.83.0-math-gcc14.patch 936 BLAKE2B 8cf731affa3684692b773ed4941240616a
AUX boost-1.84.0-signals2-patch1.patch 5250 BLAKE2B 6e620d8e9fe1dbd4b2dbf7aec8c1cc4bdd36935027e1648a3e51f3c11e31ebe13d8100dcdcc40009a4c356e87f0df01ad1ca38327b8926b5de230d81c322f4a8 SHA512 8ab253eb562587b7d796bc559934a1044b475698986f71d2a3c80d19758fd53eea213356a43dcb87861e198dfb0178f86ab7bbfc54d4e6e44092c1502dfec595
AUX boost-1.84.0-signals2-patch2.patch 783 BLAKE2B 76e989e7df011ecce99e5747ca73997f001d0e76e3453fe952f03b9b8adbcc1f5adbda2935c2a2761eef783e0317d56d36ab3bf63e11875466afa28507a09518 SHA512 4dc438ac7b19edb9640599add2859bd3dfdb58fa53e846c292e1c550e5737daa256d46e14d97ba8dc1e6ea01b0ad0d3075320211d4aba0a48048f0158004378f
AUX boost-1.85.0-bcp-filesystem.patch 7299 BLAKE2B d2792ee52008955a6f4d233c0a130fe698df7d1e060e9a25a2c058fd7a1ba4c8f6b7a92af773183fa73b0511d7f85f5473d5f9cea1cd71ec08f2db92fa7bd09d SHA512 501f71fa1451af7699689c3befc477e6612612f11a3c33d350d680ce8c511ba9e6765e05aefa9608fe98eca0413a43755cf61fea1a4cd2d03ea0962f7884b452
+AUX boost-1.85.0-python-numpy-2.patch 986 BLAKE2B 5f4cd317c75f8eb3183f720ac76afeffeb4f1e2617f32a795a94d9db56c7c27cba7a1b2591f2f851223b85ce962293bf54733e0d3f830340d2ef174a869284ed SHA512 46b3831acbd89980abc8312d8ba0a991d9c8531f0f8b63f5218ef8920fcf18b1ff207748abef2f3753baf6ea0932dc0c4ef524daec7fb265f64e35c5335f7a96
DIST boost_1_84_0.tar.bz2 123110547 BLAKE2B a872ee00402be0383726020f4d13a7df6c2765c52eac2e09aab1604432931d26dd597503f5dcbbf788d7e7528d13c6d1dbfff1e85d22bf92c7828ef74cf2405d SHA512 5dfeb35198bb096e46cf9e131ef0334cb95bc0bf09f343f291b860b112598b3c36111bd8c232439c401a2b2fb832fa0c399a8d5b96afc60bd359dff070154497
DIST boost_1_85_0.tar.bz2 124015250 BLAKE2B dd72a9299cd78d2c260e1c94e28ba04daaa352f5bd023d99e43caa3540b1e0f8c09fc04b91f68db0ef8532e4a91fdef0b66a80bf0f9f838303bccaf0729bf581 SHA512 b4489813a4192b57626589457932338cfc47c4ec05c19b3a58b2d8df9e95f022ff2f5f452811ff82d1cec4fb0a490e991c8825bad0fb5a81318d07a8788d8ca0
EBUILD boost-1.84.0-r3.ebuild 11406 BLAKE2B d0534d67b863800cf37d7e848c69e8b360554dffa8b009959b5b91c85ff69c73e671ac94c07f1e03ae2d52b4ccf6d577526e7402d4f0c95ea93e9e2578444382 SHA512 415ad4e0844fa377fbdfaff5100c44889f30080507a4aa747c866d79bf7aed8b96224c1608cc896c24fe89b6d8c6ba3003adf7789dfb06567465a03254e46ca9
-EBUILD boost-1.85.0.ebuild 11257 BLAKE2B 18f618fc025c4185cb3044a9b9ae7e1a6792aa33523fca975f0a2967aebd8846a40f36b2d8a83dc2bd2d9d0d9694cda546675b494327fd78f5720211adccc840 SHA512 b101dc7141418951015a5617b16cd11a4d5e75b8fb829e9a94e11eb4a259c97b075ba367a8172756c038b543bf5d4983e63f02e858a9f2d16cad5e82017dc850
+EBUILD boost-1.85.0.ebuild 11308 BLAKE2B d5875b770c73c6066343d2ea46d59c5645b0bf2ec14ce99a76b8682075f1f123fe71e9c79616a71faade44f81ea119accc3b6d1f9dae40201a9d52a9b61864ad SHA512 c46b9978b98604a9a670d269f5fc86f3c587db721fd44fe39c8097c5d7182034bc3140a2d3863dc86744b5ad2ecde4a5885de717bc33d7ada90fb7f73113d459
MISC metadata.xml 9162 BLAKE2B c8df087c7fe1e4af3a59f21763777d3f1318aebcd524e077b6a93c374e0910ff31b1e73b8b4908130d63c2bb7d060348602cffd215648f09afd8015c782e2340 SHA512 3c45d74e046e0fd09f152fcfa7af942c9097e3ed91a0915a2541caad14a8b94b9faceccdbc74bf8aa7c8f7b383db7e91e09babba9c2c28fd7855a7b809616839
diff --git a/dev-libs/boost/boost-1.85.0.ebuild b/dev-libs/boost/boost-1.85.0.ebuild
index 30577a1da191..ef6dcf165f8c 100644
--- a/dev-libs/boost/boost-1.85.0.ebuild
+++ b/dev-libs/boost/boost-1.85.0.ebuild
@@ -40,7 +40,7 @@ RDEPEND="
mpi? ( virtual/mpi[${MULTILIB_USEDEP},cxx,threads] )
python? (
${PYTHON_DEPS}
- numpy? ( dev-python/numpy[${PYTHON_USEDEP}] )
+ numpy? ( dev-python/numpy:=[${PYTHON_USEDEP}] )
)
zlib? ( sys-libs/zlib:=[${MULTILIB_USEDEP}] )
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
@@ -51,6 +51,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-1.81.0-disable_icu_rpath.patch
"${FILESDIR}"/${PN}-1.79.0-build-auto_index-tool.patch
"${FILESDIR}"/${PN}-1.85.0-bcp-filesystem.patch
+ "${FILESDIR}"/${PN}-1.85.0-python-numpy-2.patch
)
create_user-config.jam() {
diff --git a/dev-libs/boost/files/boost-1.85.0-python-numpy-2.patch b/dev-libs/boost/files/boost-1.85.0-python-numpy-2.patch
new file mode 100644
index 000000000000..e7a7d98b8573
--- /dev/null
+++ b/dev-libs/boost/files/boost-1.85.0-python-numpy-2.patch
@@ -0,0 +1,26 @@
+https://bugs.gentoo.org/932459
+https://github.com/boostorg/python/issues/431
+https://github.com/boostorg/python/pull/432
+
+From 33ac06ca59a68266d3d26edf08205d31ddab4a6c Mon Sep 17 00:00:00 2001
+From: Alexis DUBURCQ <alexis.duburcq@gmail.com>
+Date: Fri, 15 Mar 2024 14:10:16 +0100
+Subject: [PATCH] Support numpy 2.0.0b1
+
+--- a/libs/python/src/numpy/dtype.cpp
++++ b/libs/python/src/numpy/dtype.cpp
+@@ -98,7 +98,13 @@ python::detail::new_reference dtype::convert(object const & arg, bool align)
+ return python::detail::new_reference(reinterpret_cast<PyObject*>(obj));
+ }
+
+-int dtype::get_itemsize() const { return reinterpret_cast<PyArray_Descr*>(ptr())->elsize;}
++int dtype::get_itemsize() const {
++#if NPY_ABI_VERSION < 0x02000000
++ return reinterpret_cast<PyArray_Descr*>(ptr())->elsize;
++#else
++ return PyDataType_ELSIZE(reinterpret_cast<PyArray_Descr*>(ptr()));
++#endif
++}
+
+ bool equivalent(dtype const & a, dtype const & b) {
+ // On Windows x64, the behaviour described on
diff --git a/dev-libs/libassuan/Manifest b/dev-libs/libassuan/Manifest
index d8360459ffdb..069519c751b2 100644
--- a/dev-libs/libassuan/Manifest
+++ b/dev-libs/libassuan/Manifest
@@ -3,5 +3,5 @@ DIST libassuan-2.5.6.tar.bz2.sig 119 BLAKE2B 379c6566b2369550bfc4b4616fb71ebdbd9
DIST libassuan-2.5.7.tar.bz2 605076 BLAKE2B 67cb01b7ed9be13a52a37db439666bb8eb709cc63204fe250ff57854459aa8b36655479e887b285fe9ad799c49e66f176f971ab3a871e114cfb217a1f2968d16 SHA512 ca33bd0325bbebccb63b6a84cc0aa5c85b25c6275a68df83aeb3f3729b2cd38220198a941c3479bd461f16b7ddb6b558c0664697ca3153c7fb430544303d773f
DIST libassuan-2.5.7.tar.bz2.sig 238 BLAKE2B c30005d67cac32857a0dd59dc8a2b9d0d166c6cd6a413742a1d3117c050e9b1b2b96cc4c470fc3e5693ce4c5a422e2cb008b40ef7883a7d039dc9a2234229265 SHA512 b7a798da0e1252acecf8b58b9cc30a5f10fa432d2581c190e4fb064fcf10e9a1b9e07e86c73ee16f0f25ad0e782fac21142875a06487f612268be7f1a09cc1a9
EBUILD libassuan-2.5.6.ebuild 1719 BLAKE2B 2572ec877ae597485ef373ffb9bf6f6e4dc57b0b16a11b931fa864c862cc796d5fe6e04ec303156175fbbc341007c84a6e10591be8705acf37707c1ee3efac94 SHA512 2be0385bd99aae8a4bf97e9f6a05d19ffcfa2e0542badc9930e3d1414d8f8d20d69afa69c370f4604bdac3ac5953f031d13a36f83f7680f6ab2fd505dad9b7ff
-EBUILD libassuan-2.5.7.ebuild 1720 BLAKE2B a8d48b00be8006baafac4387eb8d005ea78627b2d7ea787c332db3829a44e36461b5a3b8e5645bbdee0c46581539f4879709b2c1632bfa3b7a3d49ffafa638f9 SHA512 d3db6d6e5870aceab4d1b018cc41c49c46497a11b1568764520e923ff02ffc59bc6dc50493725152a802b3c12c3af3c0a0cf850d15e2abf869bf6f460819bac4
+EBUILD libassuan-2.5.7.ebuild 1719 BLAKE2B 589dcf64e927789f2b347bfb38fb2c3b92ac620b32d5428700a4afb9da8f1750fdc867253b7e910027832f8f75ee49e571eea6b252dabb8171801841aa91ea3f SHA512 71f07ceaa22df17586252f59007feac3ac8294decc86860d8ff881ca8102c1c30f1604821c6b3e17f710fc7e8fb307d1df4df5f39be106e74688a43818f885a8
MISC metadata.xml 882 BLAKE2B ca08da3ad8be4a39e30e8e28f58bd5c4c9e70147a29bc55c9b71b45921141326ccd86d9086b6ae8652465c51fabfe4e024a00be0656042011a27423ac2146f01 SHA512 603d947fcaa43d364136558cd158610edfc2349fe0227259992209894f34fcd21f393fe81aa9f2d40ecb41377c8f7c1d6f8528d6a678709d28820d3b6f253b62
diff --git a/dev-libs/libassuan/libassuan-2.5.7.ebuild b/dev-libs/libassuan/libassuan-2.5.7.ebuild
index 3ed1f248fe89..563357cfc0cd 100644
--- a/dev-libs/libassuan/libassuan-2.5.7.ebuild
+++ b/dev-libs/libassuan/libassuan-2.5.7.ebuild
@@ -19,7 +19,7 @@ SRC_URI+=" verify-sig? ( mirror://gnupg/${PN}/${P}.tar.bz2.sig )"
LICENSE="GPL-3 LGPL-2.1"
SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
# Note: On each bump, update dep bounds on each version from configure.ac!
RDEPEND=">=dev-libs/libgpg-error-1.33"
diff --git a/dev-libs/libsodium/Manifest b/dev-libs/libsodium/Manifest
index 5834517622e9..b4555ff65b41 100644
--- a/dev-libs/libsodium/Manifest
+++ b/dev-libs/libsodium/Manifest
@@ -9,5 +9,5 @@ DIST libsodium-1.0.19_p20240117.tar.gz.minisig 318 BLAKE2B f951b547f53b2569ed149
EBUILD libsodium-1.0.18_p20220618.ebuild 1998 BLAKE2B c0971b1d0f9e13ee2365093c311cd6a7186de26a557461b66111a8e9f75691e8ce4318a285074cd873d3e122b15be2f646bd341b261220f94e0fe170ddc21b0b SHA512 1c0e04a0540c2bb0fc9e6f141c370c28a5c20e086f32cf5548cb6d73937ab2bcc4305d973d248b476a4c932b8450f4462e25185c1f82cefa6aff091abd538221
EBUILD libsodium-1.0.19-r1.ebuild 1998 BLAKE2B 50b3fc86c63c7721fd3a3d3bda38648fed17127558c34b6e08e3e025fb47550748aaffe614d8393833c6cc4d433079b854411ae0000029fb79fdeb2876744071 SHA512 165a6d4bfba97d9049af1f9a06160a7d92aec6bc7d23205d2ab1c860a17b3310d305cf8bc16919935503a4ee67ba3cffe347c374b0c1f842909a3b50826100a2
EBUILD libsodium-1.0.19-r2.ebuild 1966 BLAKE2B 575da13973413adc01e6fb9ecdb58e554275b817e5064ec94b7f801274a30ac0a15c6ed4e542ac8d387268d31a0279a291f2d2d5c054d59e9ee06f2dbe8bc4b5 SHA512 1b2a79ea96928e63f0c0194f01626c7a75c264e34640a41417a56e4cbf08a9723d11dfd6890d7b348917dd9d81b38bd07975999d30396d51182dc5ca545f149e
-EBUILD libsodium-1.0.19_p20240117.ebuild 2046 BLAKE2B 3ac0d60bcae397130afb085fef10363148e4dc5b0df92f6d9f04fdda62c61a8aea328f573369cfab211e3ee5422bbde4761bcda221f5e1257a3b0fec54ece050 SHA512 585c988826fb5541a88186c70e3fe42a22bf5acf543cf78b4a106601384fb6a771a385b4fbede2f1c2aa3e1b9441c6a68bbd93597695433803161036bae857aa
+EBUILD libsodium-1.0.19_p20240117.ebuild 2045 BLAKE2B ccf03b49b0495cdf89159644672763a013aae0de1609025c18e00b152b11fd23fa57b885dd1c3e2dea2b54dee1374fc1b45f744fe2350a2adc130671e94df5f2 SHA512 e2c9033937ab8b0bf2ad721f9d59fc8b7059f597edd7ad99ed29c3fd10ccf508f05b5a67498824e7fafd11d5a522440ba735b81d8c4a1ee8e33428b03629300e
MISC metadata.xml 806 BLAKE2B 069f36bae588b263d664f00b50c9a0f4c2348b1a1f0ff2e5c5902217ccf14a81e648997fae2f789220d5b9fa5aef440a7c0526918a7d7f402870dd80067e3744 SHA512 1902268ec9dbb312b9740f9bc9b2df5e66f50dc066ba281b438fbf6d2b5317c589c587305c400c929c068af95c30918fde7a6324ab53b76503ef183aab034886
diff --git a/dev-libs/libsodium/libsodium-1.0.19_p20240117.ebuild b/dev-libs/libsodium/libsodium-1.0.19_p20240117.ebuild
index 18460987441c..3654a117b23e 100644
--- a/dev-libs/libsodium/libsodium-1.0.19_p20240117.ebuild
+++ b/dev-libs/libsodium/libsodium-1.0.19_p20240117.ebuild
@@ -31,7 +31,7 @@ S="${WORKDIR}"/${PN}-stable
LICENSE="ISC"
SLOT="0/26"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~x64-macos"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~x64-macos"
IUSE="+asm static-libs +urandom"
CPU_USE=( cpu_flags_x86_{aes,sse4_1} )
diff --git a/dev-libs/nss/Manifest b/dev-libs/nss/Manifest
index 9cdece7bc0bc..824281b148be 100644
--- a/dev-libs/nss/Manifest
+++ b/dev-libs/nss/Manifest
@@ -6,10 +6,7 @@ AUX nss-3.90.2-backport-D180718.patch 1225 BLAKE2B f18e406371c6f3f9aedc1676344b7
AUX nss-3.90.2-bmo-1885749-disable-ASM-C25519-on-non-X86_64.patch 1325 BLAKE2B c128966b1ea2a73c6957cf53b447a20ff142c277337a74421065e1f77c1de74cac5cbed7c192064fc6c45205e562003a7152e39df7438a1583418625607fc2bc SHA512 5625e3e78e7700bcbb589c734d47b91ebe39315994bd422766ad9100405c36d930ad031be5cf80de6bb4d9914db5fe553ee658daf5a2e66e79d517c0a6d9ad32
DIST nss-3.100.tar.gz 76746058 BLAKE2B 3e114ff7ae5b06a05af9cd62315cbc8d56bf3153126be857b935c5f8db52defcfc2ef13820a896127172a5cb3628c0773965d29a928f41cb5c43630e64095344 SHA512 725c10ffc02fc17347a213b42fabad789aec2c6352fe803b4ad166695ab59495849e9a69684578eb274faf818ec2277f2d433167cdd27997dcf8d8e94dd4df34
DIST nss-3.90.2.tar.gz 72215444 BLAKE2B 74b8eebf5f053dcebd9c6e6ef17c6113ac42a01f910f4ba621dadb09739d5a6090d022800d2c3a4bc0c58413f03512ca611ead1098488d303f1ee1e4bca5c222 SHA512 048a0c0a06fef8cd9c363ac511b9d6125ec131a306c5e093525a937f9e8740f1a2163f274c9a3907ed38331b2fb99b22b528b5e89da1e186c9ba9473d959ef4a
-DIST nss-3.99.tar.gz 76753982 BLAKE2B b6ce605232934644b6d80682615eac2fa171078fcdd75316ab2accc55caeaed5b548f16c2cef5cefcfb37b96a4d6eb918785be3aa195a561e46d2d3fd8fa217b SHA512 8ae032f3cb8eadfe524505d20e430b90ed25af2b4732b2cf286c435b0fcd5701d2f5c48bd2cfb3f9aa0bfdf503c1f3d5394cf34f860f51a1141cc4a7586bba32
DIST nss-cacert-class1-class3-r2.patch 21925 BLAKE2B 7627ff9a09f084c19d72d0490676865e3cab3ca7c920ae1ce4bea2db664f37fd0aa84fcda919809a516891ab2a62e2e7a43a9d6ada4c231adfe4c216525fac7d SHA512 1ce6ff9ab310aaca9005eafb461338b291df8523cc7044e096cd75774ce746c26eed19ec6bb2643c6c67f94650f2f309463492d80a90568f38ce2557f8ada2f4
EBUILD nss-3.100.ebuild 11571 BLAKE2B e37869cece7d551303ca4ba14392eee4f4d48b49225d2658590e7c11f705ff061ef1c76312a50edf480d586f3ab6c429c8693536c6c946f11b15404c81032e6a SHA512 a95608d5046cbdb462faf421f7f9d3a84ec0fe18dbb429a3db66a327bf2e0cad300bf840e4fe5ec967869c0b2cd83a939c0641e4a6d533cbaf340e086e611e0f
EBUILD nss-3.90.2-r1.ebuild 11751 BLAKE2B 1913a65dbe4906361b47280cfc5e456cc675b3ea10eaf074d74851e15a6c0bf515b1e7f1084a4e5947e2e8cee9c54e9be70d7ff7fe0277ae31d741e3f6c88e75 SHA512 02ad0fd006e7b404d3049568cafd6aafb20011a2e1b353e4a013f5d05dac796e9d808f5ebd4917ceecdb82614c404b1626c9deee35ab3c9e23e1a173065a31fb
-EBUILD nss-3.90.2.ebuild 11641 BLAKE2B acd00f630641008af848c854f7868fa4a0496bdaa6afd438cdcc9dd67b6baa44479132a6ffdb387cf5585d272ef4b4f850b0043a2104f17a624463e6ecaeb8db SHA512 1577699e91a6dbf0e3c3887647b0a2677471d2b6efbc3b3a095f6959c24551f2b785d375fd8f04342d8ac07f0ca541fd6f050097c3a4386054a3514c4a970376
-EBUILD nss-3.99.ebuild 11571 BLAKE2B e37869cece7d551303ca4ba14392eee4f4d48b49225d2658590e7c11f705ff061ef1c76312a50edf480d586f3ab6c429c8693536c6c946f11b15404c81032e6a SHA512 a95608d5046cbdb462faf421f7f9d3a84ec0fe18dbb429a3db66a327bf2e0cad300bf840e4fe5ec967869c0b2cd83a939c0641e4a6d533cbaf340e086e611e0f
MISC metadata.xml 603 BLAKE2B 74c5a84f8a860b6a43731ed83cd40373187236de7add14ca33f3417eb0cfc165aa5df5308dca14b4664bcfe453e0f328988df4459af5781da4cbcb7bfc00e93d SHA512 9d7fb0be71d18ad1da440de047f4430bd3b50a8584d8dccd43e5e4cdf050f5c5cfeb34cd82ea617f2419ff092908becd1508eb7efcf54f3cca8c7f36af9517bb
diff --git a/dev-libs/nss/nss-3.90.2.ebuild b/dev-libs/nss/nss-3.90.2.ebuild
deleted file mode 100644
index 930fe521611a..000000000000
--- a/dev-libs/nss/nss-3.90.2.ebuild
+++ /dev/null
@@ -1,419 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit flag-o-matic multilib toolchain-funcs multilib-minimal
-
-NSPR_VER="4.35"
-RTM_NAME="NSS_${PV//./_}_RTM"
-
-DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
-HOMEPAGE="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
-SRC_URI="https://archive.mozilla.org/pub/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz
- cacert? ( https://dev.gentoo.org/~whissi/dist/ca-certificates/nss-cacert-class1-class3-r2.patch )"
-
-LICENSE="|| ( MPL-2.0 GPL-2 LGPL-2.1 )"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~x64-solaris"
-IUSE="cacert test +utils cpu_flags_ppc_altivec cpu_flags_x86_avx2 cpu_flags_x86_sse3 cpu_flags_ppc_vsx"
-RESTRICT="!test? ( test )"
-# pkg-config called by nss-config -> virtual/pkgconfig in RDEPEND
-RDEPEND="
- >=dev-libs/nspr-${NSPR_VER}[${MULTILIB_USEDEP}]
- >=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}]
- >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}]
- virtual/pkgconfig
-"
-DEPEND="${RDEPEND}"
-BDEPEND="dev-lang/perl"
-
-S="${WORKDIR}/${P}/${PN}"
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/nss-config
-)
-
-PATCHES=(
- "${FILESDIR}/${PN}-3.53-gentoo-fixups.patch"
- "${FILESDIR}/${PN}-3.21-gentoo-fixup-warnings.patch"
- "${FILESDIR}"/nss-3.87-use-clang-as-bgo892686.patch
- "${FILESDIR}"/nss-3.90.2-bmo-1885749-disable-ASM-C25519-on-non-X86_64.patch
-)
-
-src_prepare() {
- default
-
- if use cacert ; then
- eapply -p2 "${DISTDIR}"/nss-cacert-class1-class3-r2.patch
- fi
-
- pushd coreconf >/dev/null || die
- # hack nspr paths
- echo 'INCLUDES += -I$(DIST)/include/dbm' \
- >> headers.mk || die "failed to append include"
-
- # modify install path
- sed -e '/CORE_DEPTH/s:SOURCE_PREFIX.*$:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
- -i source.mk || die
-
- # Respect LDFLAGS
- sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
-
- # Workaround make-4.4's change to sub-make, bmo#1800237, bgo#882069
- sed -i -e "s/^CPU_TAG = _.*/CPU_TAG = _$(nssarch)/" Linux.mk || die
-
- popd >/dev/null || die
-
- # Fix pkgconfig file for Prefix
- sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
- config/Makefile || die
-
- # use host shlibsign if need be #436216
- if tc-is-cross-compiler ; then
- sed -i \
- -e 's:"${2}"/shlibsign:shlibsign:' \
- cmd/shlibsign/sign.sh || die
- fi
-
- # dirty hack
- sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
- lib/ssl/config.mk || die
- sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
- cmd/platlibs.mk || die
-
- multilib_copy_sources
-
- strip-flags
-}
-
-multilib_src_configure() {
- # Ensure we stay multilib aware
- sed -i -e "/@libdir@/ s:lib64:$(get_libdir):" config/Makefile || die
-}
-
-nssarch() {
- # Most of the arches are the same as $ARCH
- local t=${1:-${CHOST}}
- case ${t} in
- *86*-pc-solaris2*) echo "i86pc" ;;
- aarch64*) echo "aarch64" ;;
- hppa*) echo "parisc" ;;
- i?86*) echo "i686" ;;
- x86_64*) echo "x86_64" ;;
- *) tc-arch ${t} ;;
- esac
-}
-
-nssbits() {
- local cc cppflags="${1}CPPFLAGS" cflags="${1}CFLAGS"
- if [[ ${1} == BUILD_ ]]; then
- cc=$(tc-getBUILD_CC)
- else
- cc=$(tc-getCC)
- fi
- # TODO: Port this to toolchain-funcs tc-get-ptr-size/tc-get-build-ptr-size
- echo > "${T}"/test.c || die
- ${cc} ${!cppflags} ${!cflags} -fno-lto -c "${T}"/test.c -o "${T}/${1}test.o" || die
- case $(file -S "${T}/${1}test.o") in
- *32-bit*x86-64*) echo USE_X32=1;;
- *64-bit*|*ppc64*|*x86_64*) echo USE_64=1;;
- *32-bit*|*ppc*|*i386*) ;;
- *) die "Failed to detect whether ${cc} builds 64bits or 32bits, disable distcc if you're using it, please";;
- esac
-}
-
-multilib_src_compile() {
- # use ABI to determine bit'ness, or fallback if unset
- local buildbits mybits
- case "${ABI}" in
- n32) mybits="USE_N32=1";;
- x32) mybits="USE_X32=1";;
- s390x|*64) mybits="USE_64=1";;
- ${DEFAULT_ABI})
- einfo "Running compilation test to determine bit'ness"
- mybits=$(nssbits)
- ;;
- esac
- # bitness of host may differ from target
- if tc-is-cross-compiler; then
- buildbits=$(nssbits BUILD_)
- fi
-
- local makeargs=(
- CC="$(tc-getCC)"
- CCC="$(tc-getCXX)"
- AR="$(tc-getAR) rc \$@"
- RANLIB="$(tc-getRANLIB)"
- OPTIMIZER=
- ${mybits}
- disable_ckbi=0
- )
-
- # Take care of nspr settings #436216
- local myCPPFLAGS="${CPPFLAGS} $($(tc-getPKG_CONFIG) nspr --cflags)"
- unset NSPR_INCLUDE_DIR
-
- export NSS_ALLOW_SSLKEYLOGFILE=1
- export NSS_ENABLE_WERROR=0 #567158
- export BUILD_OPT=1
- export NSS_USE_SYSTEM_SQLITE=1
- export NSDISTMODE=copy
- export FREEBL_NO_DEPEND=1
- export FREEBL_LOWHASH=1
- export NSS_SEED_ONLY_DEV_URANDOM=1
- export USE_SYSTEM_ZLIB=1
- export ZLIB_LIBS=-lz
- export ASFLAGS=""
- # Fix build failure on arm64
- export NS_USE_GCC=1
- # Detect compiler type and set proper environment value
- if tc-is-gcc; then
- export CC_IS_GCC=1
- elif tc-is-clang; then
- export CC_IS_CLANG=1
- fi
-
- export NSS_DISABLE_GTESTS=$(usex !test 1 0)
-
- # Include exportable custom settings defined by users, #900915
- # Two examples uses:
- # EXTRA_NSSCONF="MYONESWITCH=1"
- # EXTRA_NSSCONF="MYVALUE=0 MYOTHERVALUE=1 MYTHIRDVALUE=1"
- # e.g.
- # EXTRA_NSSCONF="NSS_ALLOW_SSLKEYLOGFILE=0"
- # or
- # EXTRA_NSSCONF="NSS_ALLOW_SSLKEYLOGFILE=0 NSS_ENABLE_WERROR=1"
- # etc.
- if [[ -n "${EXTRA_NSSCONF}" ]]; then
- ewarn "EXTRA_NSSCONF applied, please disable custom settings before reporting bugs."
- read -a myextranssconf <<< "${EXTRA_NSSCONF}"
-
- for (( i=0; i<${#myextranssconf[@]}; i++ )); do
- export "${myextranssconf[$i]}"
- echo "exported ${myextranssconf[$i]}"
- done
- fi
-
- # explicitly disable altivec/vsx if not requested
- # https://bugs.gentoo.org/789114
- case ${ARCH} in
- ppc*)
- use cpu_flags_ppc_altivec || export NSS_DISABLE_ALTIVEC=1
- use cpu_flags_ppc_vsx || export NSS_DISABLE_CRYPTO_VSX=1
- ;;
- esac
-
- use cpu_flags_x86_avx2 || export NSS_DISABLE_AVX2=1
- use cpu_flags_x86_sse3 || export NSS_DISABLE_SSE3=1
-
- local d
-
- # Build the host tools first.
- LDFLAGS="${BUILD_LDFLAGS}" \
- XCFLAGS="${BUILD_CFLAGS}" \
- NSPR_LIB_DIR="${T}/fakedir" \
- emake -C coreconf \
- CC="$(tc-getBUILD_CC)" \
- ${buildbits-${mybits}}
- makeargs+=( NSINSTALL="${PWD}/$(find -type f -name nsinstall)" )
-
- # Then build the target tools.
- for d in . lib/dbm ; do
- CPPFLAGS="${myCPPFLAGS}" \
- XCFLAGS="${CFLAGS} ${CPPFLAGS}" \
- NSPR_LIB_DIR="${T}/fakedir" \
- emake "${makeargs[@]}" -C ${d} OS_TEST="$(nssarch)"
- done
-}
-
-multilib_src_test() {
- einfo "Tests can take a *long* time, especially on a multilib system."
- einfo "30-45+ minutes per lib configuration. Bug #852755"
-
- # https://www.linuxfromscratch.org/blfs/view/svn/postlfs/nss.html
- # https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_sources_building_testing/index.html#running_the_nss_test_suite
- # https://www-archive.mozilla.org/projects/security/pki/nss/testnss_32.html (older)
- export BUILD_OPT=1
- export HOST="localhost"
- export DOMSUF="localdomain"
- export USE_IP=TRUE
- export IP_ADDRESS="127.0.0.1"
-
- # Only run the standard cycle instead of full, reducing testing time from 45 minutes to 15
- # per lib implementation.
- export NSS_CYCLES=standard
-
- NSINSTALL="${PWD}/$(find -type f -name nsinstall)"
-
- cd "${BUILD_DIR}"/tests || die
- # Hack to get current objdir (prefixed dir where built binaries are)
- # Without this, at least multilib tests go wrong when building the amd64 variant
- # after x86.
- local objdir=$(find "${BUILD_DIR}"/dist -maxdepth 1 -iname Linux* | rev | cut -d/ -f1 | rev)
-
- # Can tweak to a subset of tests in future if we need to, but would prefer not
- OBJDIR="${objdir}" DIST="${BUILD_DIR}/dist" MOZILLA_ROOT="${BUILD_DIR}" ./all.sh || die
-}
-
-# Altering these 3 libraries breaks the CHK verification.
-# All of the following cause it to break:
-# - stripping
-# - prelink
-# - ELF signing
-# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
-# Either we have to NOT strip them, or we have to forcibly resign after
-# stripping.
-#local_libdir="$(get_libdir)"
-#export STRIP_MASK="
-# */${local_libdir}/libfreebl3.so*
-# */${local_libdir}/libnssdbm3.so*
-# */${local_libdir}/libsoftokn3.so*"
-
-export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
-
-generate_chk() {
- local shlibsign="$1"
- local libdir="$2"
- einfo "Resigning core NSS libraries for FIPS validation"
- shift 2
- local i
- for i in ${NSS_CHK_SIGN_LIBS} ; do
- local libname=lib${i}.so
- local chkname=lib${i}.chk
- "${shlibsign}" \
- -i "${libdir}"/${libname} \
- -o "${libdir}"/${chkname}.tmp \
- && mv -f \
- "${libdir}"/${chkname}.tmp \
- "${libdir}"/${chkname} \
- || die "Failed to sign ${libname}"
- done
-}
-
-cleanup_chk() {
- local libdir="$1"
- shift 1
- local i
- for i in ${NSS_CHK_SIGN_LIBS} ; do
- local libfname="${libdir}/lib${i}.so"
- # If the major version has changed, then we have old chk files.
- [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
- && rm -f "${libfname}.chk"
- done
-}
-
-multilib_src_install() {
- pushd dist >/dev/null || die
-
- dodir /usr/$(get_libdir)
- cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
- local i
- for i in crmf freebl nssb nssckfw ; do
- cp -L */lib/lib${i}.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
- done
-
- # Install nss-config and pkgconfig file
- dodir /usr/bin
- cp -L */bin/nss-config "${ED}"/usr/bin || die
- dodir /usr/$(get_libdir)/pkgconfig
- cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
-
- # create an nss-softokn.pc from nss.pc for libfreebl and some private headers
- # bug 517266
- sed -e 's#Libs:#Libs: -lfreebl#' \
- -e 's#Cflags:#Cflags: -I${includedir}/private#' \
- */lib/pkgconfig/nss.pc >"${ED}"/usr/$(get_libdir)/pkgconfig/nss-softokn.pc \
- || die "could not create nss-softokn.pc"
-
- # all the include files
- insinto /usr/include/nss
- doins public/nss/*.{h,api}
- insinto /usr/include/nss/private
- doins private/nss/{blapi,alghmac,cmac}.h
-
- popd >/dev/null || die
-
- local f nssutils
- # Always enabled because we need it for chk generation.
- nssutils=( shlibsign )
-
- if multilib_is_native_abi ; then
- if use utils; then
- # The tests we do not need to install.
- #nssutils_test="bltest crmftest dbtest dertimetest
- #fipstest remtest sdrtest"
- # checkcert utils has been removed in nss-3.22:
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1187545
- # https://hg.mozilla.org/projects/nss/rev/df1729d37870
- # certcgi has been removed in nss-3.36:
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1426602
- nssutils+=(
- addbuiltin
- atob
- baddbdir
- btoa
- certutil
- cmsutil
- conflict
- crlutil
- derdump
- digest
- makepqg
- mangle
- modutil
- multinit
- nonspr10
- ocspclnt
- oidcalc
- p7content
- p7env
- p7sign
- p7verify
- pk11mode
- pk12util
- pp
- rsaperf
- selfserv
- signtool
- signver
- ssltap
- strsclnt
- symkeyutil
- tstclnt
- vfychain
- vfyserv
- )
- # install man-pages for utils (bug #516810)
- doman doc/nroff/*.1
- fi
- pushd dist/*/bin >/dev/null || die
- for f in ${nssutils[@]}; do
- dobin ${f}
- done
- popd >/dev/null || die
- fi
-}
-
-pkg_postinst() {
- multilib_pkg_postinst() {
- # We must re-sign the libraries AFTER they are stripped.
- local shlibsign="${EROOT}/usr/bin/shlibsign"
- # See if we can execute it (cross-compiling & such). #436216
- "${shlibsign}" -h >&/dev/null
- if [[ $? -gt 1 ]] ; then
- shlibsign="shlibsign"
- fi
- generate_chk "${shlibsign}" "${EROOT}"/usr/$(get_libdir)
- }
-
- multilib_foreach_abi multilib_pkg_postinst
-}
-
-pkg_postrm() {
- multilib_pkg_postrm() {
- cleanup_chk "${EROOT}"/usr/$(get_libdir)
- }
-
- multilib_foreach_abi multilib_pkg_postrm
-}
diff --git a/dev-libs/nss/nss-3.99.ebuild b/dev-libs/nss/nss-3.99.ebuild
deleted file mode 100644
index 0977ca4223fb..000000000000
--- a/dev-libs/nss/nss-3.99.ebuild
+++ /dev/null
@@ -1,418 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit flag-o-matic multilib toolchain-funcs multilib-minimal
-
-NSPR_VER="4.35"
-RTM_NAME="NSS_${PV//./_}_RTM"
-
-DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
-HOMEPAGE="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
-SRC_URI="https://archive.mozilla.org/pub/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz
- cacert? ( https://dev.gentoo.org/~whissi/dist/ca-certificates/nss-cacert-class1-class3-r2.patch )"
-
-LICENSE="|| ( MPL-2.0 GPL-2 LGPL-2.1 )"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x64-solaris"
-IUSE="cacert test +utils cpu_flags_ppc_altivec cpu_flags_x86_avx2 cpu_flags_x86_sse3 cpu_flags_ppc_vsx"
-RESTRICT="!test? ( test )"
-# pkg-config called by nss-config -> virtual/pkgconfig in RDEPEND
-RDEPEND="
- >=dev-libs/nspr-${NSPR_VER}[${MULTILIB_USEDEP}]
- >=dev-db/sqlite-3.8.2[${MULTILIB_USEDEP}]
- >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}]
- virtual/pkgconfig
-"
-DEPEND="${RDEPEND}"
-BDEPEND="dev-lang/perl"
-
-S="${WORKDIR}/${P}/${PN}"
-
-MULTILIB_CHOST_TOOLS=(
- /usr/bin/nss-config
-)
-
-PATCHES=(
- "${FILESDIR}/${PN}-3.53-gentoo-fixups.patch"
- "${FILESDIR}/${PN}-3.21-gentoo-fixup-warnings.patch"
- "${FILESDIR}"/nss-3.87-use-clang-as-bgo892686.patch
-)
-
-src_prepare() {
- default
-
- if use cacert ; then
- eapply -p2 "${DISTDIR}"/nss-cacert-class1-class3-r2.patch
- fi
-
- pushd coreconf >/dev/null || die
- # hack nspr paths
- echo 'INCLUDES += -I$(DIST)/include/dbm' \
- >> headers.mk || die "failed to append include"
-
- # modify install path
- sed -e '/CORE_DEPTH/s:SOURCE_PREFIX.*$:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
- -i source.mk || die
-
- # Respect LDFLAGS
- sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
-
- # Workaround make-4.4's change to sub-make, bmo#1800237, bgo#882069
- sed -i -e "s/^CPU_TAG = _.*/CPU_TAG = _$(nssarch)/" Linux.mk || die
-
- popd >/dev/null || die
-
- # Fix pkgconfig file for Prefix
- sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
- config/Makefile || die
-
- # use host shlibsign if need be #436216
- if tc-is-cross-compiler ; then
- sed -i \
- -e 's:"${2}"/shlibsign:shlibsign:' \
- cmd/shlibsign/sign.sh || die
- fi
-
- # dirty hack
- sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
- lib/ssl/config.mk || die
- sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
- cmd/platlibs.mk || die
-
- multilib_copy_sources
-
- strip-flags
-}
-
-multilib_src_configure() {
- # Ensure we stay multilib aware
- sed -i -e "/@libdir@/ s:lib64:$(get_libdir):" config/Makefile || die
-}
-
-nssarch() {
- # Most of the arches are the same as $ARCH
- local t=${1:-${CHOST}}
- case ${t} in
- *86*-pc-solaris2*) echo "i86pc" ;;
- aarch64*) echo "aarch64" ;;
- hppa*) echo "parisc" ;;
- i?86*) echo "i686" ;;
- x86_64*) echo "x86_64" ;;
- *) tc-arch ${t} ;;
- esac
-}
-
-nssbits() {
- local cc cppflags="${1}CPPFLAGS" cflags="${1}CFLAGS"
- if [[ ${1} == BUILD_ ]]; then
- cc=$(tc-getBUILD_CC)
- else
- cc=$(tc-getCC)
- fi
- # TODO: Port this to toolchain-funcs tc-get-ptr-size/tc-get-build-ptr-size
- echo > "${T}"/test.c || die
- ${cc} ${!cppflags} ${!cflags} -fno-lto -c "${T}"/test.c -o "${T}/${1}test.o" || die
- case $(file -S "${T}/${1}test.o") in
- *32-bit*x86-64*) echo USE_X32=1;;
- *64-bit*|*ppc64*|*x86_64*) echo USE_64=1;;
- *32-bit*|*ppc*|*i386*) ;;
- *) die "Failed to detect whether ${cc} builds 64bits or 32bits, disable distcc if you're using it, please";;
- esac
-}
-
-multilib_src_compile() {
- # use ABI to determine bit'ness, or fallback if unset
- local buildbits mybits
- case "${ABI}" in
- n32) mybits="USE_N32=1";;
- x32) mybits="USE_X32=1";;
- s390x|*64) mybits="USE_64=1";;
- ${DEFAULT_ABI})
- einfo "Running compilation test to determine bit'ness"
- mybits=$(nssbits)
- ;;
- esac
- # bitness of host may differ from target
- if tc-is-cross-compiler; then
- buildbits=$(nssbits BUILD_)
- fi
-
- local makeargs=(
- CC="$(tc-getCC)"
- CCC="$(tc-getCXX)"
- AR="$(tc-getAR) rc \$@"
- RANLIB="$(tc-getRANLIB)"
- OPTIMIZER=
- ${mybits}
- disable_ckbi=0
- )
-
- # Take care of nspr settings #436216
- local myCPPFLAGS="${CPPFLAGS} $($(tc-getPKG_CONFIG) nspr --cflags)"
- unset NSPR_INCLUDE_DIR
-
- export NSS_ALLOW_SSLKEYLOGFILE=1
- export NSS_ENABLE_WERROR=0 #567158
- export BUILD_OPT=1
- export NSS_USE_SYSTEM_SQLITE=1
- export NSDISTMODE=copy
- export FREEBL_NO_DEPEND=1
- export FREEBL_LOWHASH=1
- export NSS_SEED_ONLY_DEV_URANDOM=1
- export USE_SYSTEM_ZLIB=1
- export ZLIB_LIBS=-lz
- export ASFLAGS=""
- # Fix build failure on arm64
- export NS_USE_GCC=1
- # Detect compiler type and set proper environment value
- if tc-is-gcc; then
- export CC_IS_GCC=1
- elif tc-is-clang; then
- export CC_IS_CLANG=1
- fi
-
- export NSS_DISABLE_GTESTS=$(usex !test 1 0)
-
- # Include exportable custom settings defined by users, #900915
- # Two examples uses:
- # EXTRA_NSSCONF="MYONESWITCH=1"
- # EXTRA_NSSCONF="MYVALUE=0 MYOTHERVALUE=1 MYTHIRDVALUE=1"
- # e.g.
- # EXTRA_NSSCONF="NSS_ALLOW_SSLKEYLOGFILE=0"
- # or
- # EXTRA_NSSCONF="NSS_ALLOW_SSLKEYLOGFILE=0 NSS_ENABLE_WERROR=1"
- # etc.
- if [[ -n "${EXTRA_NSSCONF}" ]]; then
- ewarn "EXTRA_NSSCONF applied, please disable custom settings before reporting bugs."
- read -a myextranssconf <<< "${EXTRA_NSSCONF}"
-
- for (( i=0; i<${#myextranssconf[@]}; i++ )); do
- export "${myextranssconf[$i]}"
- echo "exported ${myextranssconf[$i]}"
- done
- fi
-
- # explicitly disable altivec/vsx if not requested
- # https://bugs.gentoo.org/789114
- case ${ARCH} in
- ppc*)
- use cpu_flags_ppc_altivec || export NSS_DISABLE_ALTIVEC=1
- use cpu_flags_ppc_vsx || export NSS_DISABLE_CRYPTO_VSX=1
- ;;
- esac
-
- use cpu_flags_x86_avx2 || export NSS_DISABLE_AVX2=1
- use cpu_flags_x86_sse3 || export NSS_DISABLE_SSE3=1
-
- local d
-
- # Build the host tools first.
- LDFLAGS="${BUILD_LDFLAGS}" \
- XCFLAGS="${BUILD_CFLAGS}" \
- NSPR_LIB_DIR="${T}/fakedir" \
- emake -C coreconf \
- CC="$(tc-getBUILD_CC)" \
- ${buildbits-${mybits}}
- makeargs+=( NSINSTALL="${PWD}/$(find -type f -name nsinstall)" )
-
- # Then build the target tools.
- for d in . lib/dbm ; do
- CPPFLAGS="${myCPPFLAGS}" \
- XCFLAGS="${CFLAGS} ${CPPFLAGS}" \
- NSPR_LIB_DIR="${T}/fakedir" \
- emake "${makeargs[@]}" -C ${d} OS_TEST="$(nssarch)"
- done
-}
-
-multilib_src_test() {
- einfo "Tests can take a *long* time, especially on a multilib system."
- einfo "30-45+ minutes per lib configuration. Bug #852755"
-
- # https://www.linuxfromscratch.org/blfs/view/svn/postlfs/nss.html
- # https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_sources_building_testing/index.html#running_the_nss_test_suite
- # https://www-archive.mozilla.org/projects/security/pki/nss/testnss_32.html (older)
- export BUILD_OPT=1
- export HOST="localhost"
- export DOMSUF="localdomain"
- export USE_IP=TRUE
- export IP_ADDRESS="127.0.0.1"
-
- # Only run the standard cycle instead of full, reducing testing time from 45 minutes to 15
- # per lib implementation.
- export NSS_CYCLES=standard
-
- NSINSTALL="${PWD}/$(find -type f -name nsinstall)"
-
- cd "${BUILD_DIR}"/tests || die
- # Hack to get current objdir (prefixed dir where built binaries are)
- # Without this, at least multilib tests go wrong when building the amd64 variant
- # after x86.
- local objdir=$(find "${BUILD_DIR}"/dist -maxdepth 1 -iname Linux* | rev | cut -d/ -f1 | rev)
-
- # Can tweak to a subset of tests in future if we need to, but would prefer not
- OBJDIR="${objdir}" DIST="${BUILD_DIR}/dist" MOZILLA_ROOT="${BUILD_DIR}" ./all.sh || die
-}
-
-# Altering these 3 libraries breaks the CHK verification.
-# All of the following cause it to break:
-# - stripping
-# - prelink
-# - ELF signing
-# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
-# Either we have to NOT strip them, or we have to forcibly resign after
-# stripping.
-#local_libdir="$(get_libdir)"
-#export STRIP_MASK="
-# */${local_libdir}/libfreebl3.so*
-# */${local_libdir}/libnssdbm3.so*
-# */${local_libdir}/libsoftokn3.so*"
-
-export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
-
-generate_chk() {
- local shlibsign="$1"
- local libdir="$2"
- einfo "Resigning core NSS libraries for FIPS validation"
- shift 2
- local i
- for i in ${NSS_CHK_SIGN_LIBS} ; do
- local libname=lib${i}.so
- local chkname=lib${i}.chk
- "${shlibsign}" \
- -i "${libdir}"/${libname} \
- -o "${libdir}"/${chkname}.tmp \
- && mv -f \
- "${libdir}"/${chkname}.tmp \
- "${libdir}"/${chkname} \
- || die "Failed to sign ${libname}"
- done
-}
-
-cleanup_chk() {
- local libdir="$1"
- shift 1
- local i
- for i in ${NSS_CHK_SIGN_LIBS} ; do
- local libfname="${libdir}/lib${i}.so"
- # If the major version has changed, then we have old chk files.
- [ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
- && rm -f "${libfname}.chk"
- done
-}
-
-multilib_src_install() {
- pushd dist >/dev/null || die
-
- dodir /usr/$(get_libdir)
- cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
- local i
- for i in crmf freebl nssb nssckfw ; do
- cp -L */lib/lib${i}.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
- done
-
- # Install nss-config and pkgconfig file
- dodir /usr/bin
- cp -L */bin/nss-config "${ED}"/usr/bin || die
- dodir /usr/$(get_libdir)/pkgconfig
- cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
-
- # create an nss-softokn.pc from nss.pc for libfreebl and some private headers
- # bug 517266
- sed -e 's#Libs:#Libs: -lfreebl#' \
- -e 's#Cflags:#Cflags: -I${includedir}/private#' \
- */lib/pkgconfig/nss.pc >"${ED}"/usr/$(get_libdir)/pkgconfig/nss-softokn.pc \
- || die "could not create nss-softokn.pc"
-
- # all the include files
- insinto /usr/include/nss
- doins public/nss/*.{h,api}
- insinto /usr/include/nss/private
- doins private/nss/{blapi,alghmac,cmac}.h
-
- popd >/dev/null || die
-
- local f nssutils
- # Always enabled because we need it for chk generation.
- nssutils=( shlibsign )
-
- if multilib_is_native_abi ; then
- if use utils; then
- # The tests we do not need to install.
- #nssutils_test="bltest crmftest dbtest dertimetest
- #fipstest remtest sdrtest"
- # checkcert utils has been removed in nss-3.22:
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1187545
- # https://hg.mozilla.org/projects/nss/rev/df1729d37870
- # certcgi has been removed in nss-3.36:
- # https://bugzilla.mozilla.org/show_bug.cgi?id=1426602
- nssutils+=(
- addbuiltin
- atob
- baddbdir
- btoa
- certutil
- cmsutil
- conflict
- crlutil
- derdump
- digest
- makepqg
- mangle
- modutil
- multinit
- nonspr10
- ocspclnt
- oidcalc
- p7content
- p7env
- p7sign
- p7verify
- pk11mode
- pk12util
- pp
- rsaperf
- selfserv
- signtool
- signver
- ssltap
- strsclnt
- symkeyutil
- tstclnt
- vfychain
- vfyserv
- )
- # install man-pages for utils (bug #516810)
- doman doc/nroff/*.1
- fi
- pushd dist/*/bin >/dev/null || die
- for f in ${nssutils[@]}; do
- dobin ${f}
- done
- popd >/dev/null || die
- fi
-}
-
-pkg_postinst() {
- multilib_pkg_postinst() {
- # We must re-sign the libraries AFTER they are stripped.
- local shlibsign="${EROOT}/usr/bin/shlibsign"
- # See if we can execute it (cross-compiling & such). #436216
- "${shlibsign}" -h >&/dev/null
- if [[ $? -gt 1 ]] ; then
- shlibsign="shlibsign"
- fi
- generate_chk "${shlibsign}" "${EROOT}"/usr/$(get_libdir)
- }
-
- multilib_foreach_abi multilib_pkg_postinst
-}
-
-pkg_postrm() {
- multilib_pkg_postrm() {
- cleanup_chk "${EROOT}"/usr/$(get_libdir)
- }
-
- multilib_foreach_abi multilib_pkg_postrm
-}
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 2df241b55656..9d04efec04e2 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -15,10 +15,6 @@ DIST openssl-1.0.2t-bindist-1.0.tar.xz 13872 BLAKE2B b2aade96a6e0ca6209a39e205b1
DIST openssl-1.0.2u.tar.gz 5355412 BLAKE2B b2ff2a10e5851af5aca4093422a9a072c794e87b997263826c1c35910c040f695fac63decac5856cb49399ed03d410f97701d9fd4e1ebfbcacd8f3a74ce8bf57 SHA512 c455bb309e20e2c2d47fdc5619c734d107d5c8c38c1409903ce979acc120b0d5fa0312917c0aa0d630e402d092a703d4249643f36078e8528a3cafc9dac6ab32
DIST openssl-1.1.1w.tar.gz 9893384 BLAKE2B 2fdba6ca0188928ab2f74e606136afca66cfa0467170fa6298ef160b64ac6fdcad1e81e5dd14013ce0e9921d0f7417edec531cd0beaf1196fec704c2c6d48395 SHA512 b4c625fe56a4e690b57b6a011a225ad0cb3af54bd8fb67af77b5eceac55cc7191291d96a660c5b568a08a2fbf62b4612818e7cca1bb95b2b6b4fc649b0552b6d
DIST openssl-1.1.1w.tar.gz.asc 833 BLAKE2B d990be69ed913509d52b78e7473668429d4485adb29ef03e4612dd0cadbac4f04c7289d8e5baf6f397bcedeaac9f802f18fc719964d882ae0514ed1ca16ae277 SHA512 0f3d7aa48b1cabf8dd43e8108aeed10a4dffb4f5a244d4da9c86ea358b0c8b90c46da561d21e01c567c2f5035d824ed82ec104aad1776b7f33a1be85990e98ef
-DIST openssl-3.0.11.tar.gz 15198318 BLAKE2B e522573aa72c8f6ffef82f20de36178fc6f97a8fee8443df4bf1bd9a6448b315742e9cb698717c1b7d9a91d0768d7ce08d55956ddc415b9dc6cb33fe3a98131b SHA512 393e7262cce0e7980d1cbba861291c8791f6c2a290e9867895c4310ab6e16b449067d8b780ae6081dc8d42529a4f32d545c66e8b1e69d301281d92f1882c85b7
-DIST openssl-3.0.11.tar.gz.asc 833 BLAKE2B e6e2636d5bb5fffb86833e64437fb440bbfd1c4e2bfbfdd72280cf1ce388b70d30eeea56ef6f3bb673e7dcd12020d993ef95f96bf099ded38e8cde4b549b38fa SHA512 3c1fe94fc46861870d99d1edcfe3c151272f7864dde36b66e87a0c79d2289e9ed5cfc48bfa65ba0e88eadcb3cc8307d702e01155f48af8ffc2d4f8fbbf3aa03c
-DIST openssl-3.0.12.tar.gz 15204575 BLAKE2B 1f00e33a5ed64a51cf28f0dbe7d53a9197c1edae7538dea9573394ee4dc03a885483d74b0b47a78b9067e87b4f420b9d7103f351bfec91710c168051cb7148df SHA512 63e003653dd1126c66e278969a626cdf0801b97da8b7076824d661e4a77e1572c3171cf7f006c972b95bcfa284889ee0362d8a46a851f7d8e743e2a1fe593b24
-DIST openssl-3.0.12.tar.gz.asc 833 BLAKE2B 5c7914e0449a1f2fad433544fa637263b237c2637b86960f904a7840ef6bd627728dfa45373e03a6ce7a0a4570d03e1dcd0188059bd5dbcc83d49d10be64dd39 SHA512 072d1572e6cc5240fed69c01b1f7f74958ceba33cec3b0a7f0db5929dc884381320fb737ec6b38f95ef81c855e2d382d7ecd19431a328b08efad70288ec4a964
DIST openssl-3.0.13.tar.gz 15294843 BLAKE2B 869aa5f70a8c1d0cac6027e9261530df70ab5a8b448c785f5f8ff3f206e742c5364424132d0e109a6449af9b4082c4c179c7103dccb16a4539f776ca834c8ccc SHA512 22f4096781f0b075f5bf81bd39a0f97e111760dfa73b6f858f6bb54968a7847944d74969ae10f9a51cc21a2f4af20d9a4c463649dc824f5e439e196d6764c4f9
DIST openssl-3.0.13.tar.gz.asc 833 BLAKE2B 519515b6faa505d68ff9acc30db9515fac494145086fa5ad9561c39385a6fabb39ad9de10fedd49c8fc716ec59ea1b13ec5e6b466e549ea9f29b8d0bb74ba7b3 SHA512 c52d97c93d16f3ca2a7026fb25890482b6d86c37b5ab686c56b0e08522743ec4ea3f84afa4deb64b0df0d9a16b557430c4d4139ab42ffcf97d769b61d1e6197c
DIST openssl-3.1.5.tar.gz 15663524 BLAKE2B a12eb88b0a4f2d927123e0d3ca7d2f80f2bdc867c710d24700fe39b631b93d90c73c3deceff151a9fa818ac88026eb798f3253f22d03c839ab9574086fa61eee SHA512 82e2ac6b3d9b03f8fc66d2ec421246e989eb702eb94586515abfb5afb5300391a0beedf6a2602f61ac10896b41e5608feeeeb4d37714fa17ac0f2ce465249fa9
@@ -29,14 +25,8 @@ DIST openssl-3.3.0.tar.gz 18038030 BLAKE2B c68efaf8aca87961f396e305acc767b56d651
DIST openssl-3.3.0.tar.gz.asc 833 BLAKE2B 207b9fd53de6f57fe24d6a6e5e9f735b7649258bb2873b6c1e29b7d2689c9a75774dbf09392be40f8a8ab240e4e6c745e2864155e8b0f2f3f5ca3b45051e869a SHA512 8750daa607e6bfd2326a4d4f04c9c04608d9fa852fc1515acf1fcf3d1ad33b8ba8435d9ef1ac3a032fecd09aa90446c53996045506bcfbddb7544bb61b26af24
EBUILD openssl-1.0.2u-r1.ebuild 10129 BLAKE2B fe03657452c1218e9ed6fff4b939ae5a1b648b20495690c8cc5f8668b6985c860176733080b4f0265d4bae6bc060bf432995a404be24733735ede3f5440f793a SHA512 e843699fac5b1bdf348fb13cd7de96af09af709e6b9dd5d0ca20d867a38ad870504ac58e7bf21efc01f8303520938031f36f0f5e5d1e76458c6e954ee464f364
EBUILD openssl-1.1.1w.ebuild 8233 BLAKE2B 4657e3e413f25f4503dbc5484e3d06e63c25c64f9132e3ce64629601f729380b6e1918d34f19e9269ac8ed066b2014d2163d54808e67476d033b2af1603cf609 SHA512 122f5d3e3577d9da17d0a49b38925d3fbbaab4117c116f37d0430463d5dcaa3803089cacbc5fddbc5466506eb6a59f1b5fef130dec200c5951f67d9d6c5b160b
-EBUILD openssl-3.0.11.ebuild 8719 BLAKE2B fa28b31cc2f72147114cdc89b4253603855bd6cdf93b62a124caaff88f927412fdd1811e50ca35adb9885fa3fccb53203a46f231479373047fbd0fe709c8e228 SHA512 b5a46310bc8a5e842cca20c7755494fa6ff1d63eab24efbad516362cd68dce74380790050143beee437808fd724a41f323e04f4815833f6ea535c8022bc12162
-EBUILD openssl-3.0.12.ebuild 8719 BLAKE2B fa28b31cc2f72147114cdc89b4253603855bd6cdf93b62a124caaff88f927412fdd1811e50ca35adb9885fa3fccb53203a46f231479373047fbd0fe709c8e228 SHA512 b5a46310bc8a5e842cca20c7755494fa6ff1d63eab24efbad516362cd68dce74380790050143beee437808fd724a41f323e04f4815833f6ea535c8022bc12162
-EBUILD openssl-3.0.13-r1.ebuild 8556 BLAKE2B 5e6b7dd5cd4a4ddba9e894281d5aab747360774fc2f588d9c026bc01fa850b8ae682f867d32484c206d35e67b19744accc2f090845e586088e106139df3cff02 SHA512 865c22ec6db34e4f7249828bcdfe1cb677ae435fcd50a4007905f4f72b84a4dc0dfd4a039d2d0d1945cd1e8220613b8e4946135f8e918a2619eb9209b5b911ec
EBUILD openssl-3.0.13-r2.ebuild 8579 BLAKE2B 98d8a2d6365a80150fb3f4a061162f8c18d6195a8585a27ee6f1d71ee217f159d8699f485d1191305409f3dc44344758228d9f751c7f12aaa5efd9484fbf48e3 SHA512 94a298c01fcd5e48ea00079b2a039efb2165ff71153a6d1cf810555ab977e820754fd504a4d7dfe32f2e8764c0ac05696b57155531ec8dcdb158612efd7f2a8f
-EBUILD openssl-3.0.13.ebuild 8487 BLAKE2B f59e012d00584a3d17b51dd8ce6a1e0e77071fbc9a4144f604314e19e8cc57addcc32d12f2d4c03eda2b1e9c8023ad629ca27369f0d7b6d9983d092d53dbf6d7 SHA512 7ccae792fdaae34aec986e59630d64e5dc4ba2916b37093c95dc4649a2d314e701f38018f79c4e10af7eab5a809fa7dbfd1b35ae49bef74327804c6d00170267
-EBUILD openssl-3.1.5-r1.ebuild 8586 BLAKE2B c22d038b5af42c19389048b43618e3aad090062a8b5ca78eccf3572714d5d2469c1535ea3c4801241d313bf508191448dfa7e8bb52efc24f82523d1fc5273f85 SHA512 fa711d41776c086f9b31001143730e7f8524a41f6272d9df11fe7315c666113b8ba817fbaed7cd85482275014112e8f6a95213f0078531b2bd6a9f503c3f96a1
EBUILD openssl-3.1.5-r2.ebuild 8626 BLAKE2B ae09c41b277f416c8ad0180384fc3fbe7cee002e180ebb4817b6b4b2562a3b4782fe2e9240a275aff8c1a34d22160485dc1e6bac4a03546a3859d454a20b7cae SHA512 d7d687dd36f5839ac75c616f454fb8192d9826057638db17b6ea63dee11da6b5449d89d1a0cf47e0e67a98f51a5a46ca368770e0f03e3d77ce0642b1627d8d5b
-EBUILD openssl-3.2.1-r1.ebuild 9305 BLAKE2B 9be044f9fd88230cf5bcfaca16458bcdbb9abc2ad6d66f56ebbc1dd74a2bfcf17dd43d1ca713be1e07bc99f775f620b214fcee5f46ab7a1d2bc1b80778bddb50 SHA512 829c77aecfa5acc0949fd481be6297ec0ecf1d12d2e65846ca75436bef359cb96b1617ed8acb60b2a665da80de31b971614221a9000a3e8e5c8954c50c89d22c
EBUILD openssl-3.2.1-r2.ebuild 9377 BLAKE2B d8a1bd16284002ec39c926bbe9da25c371e2b54f668146d68f72e8f210e1e0073c1bbeb243f9e24ae970023c207906141e7232e925be718ca244e71dc2f604e9 SHA512 9c6f800d565a7c615ce77e04501b0d9f78c4047465242b9bd6f2c64dc0e0b68a6ff0f3effbf70aba0fe0339455d40095609b4a0df33b07e5afbc7543fe9aef58
EBUILD openssl-3.3.0.ebuild 9191 BLAKE2B c32b7a3f223a748f05baae1c885a3f96c7d2626499efd5d349f54dbf3c4a65fd32d794b2f1dc162917517103590f584e8cf6bee7cce4d864fbfc439dfa7e42ce SHA512 c2b3b14b43a738a49c29bfb3ee34c0307ce607a0b0b8c1b7bbdf4224f7c6deda2fdf09ca2f941cc860beff7ab97d022d00cbc8e4fc791700d8b71767c453c72c
MISC metadata.xml 1566 BLAKE2B ae4515c90356b8a2d3e2df8e0cea43c587f73bd2e08f696c065c2254639009b6806806df8a84c63d00781b0cbf906a0d11e94b715749ab1292e77afa9cd5bcc2 SHA512 4a5e6b894476e74f1f93f00c326139eadf1afd498f4508fb723322539f29e53aec6dd198da878db714d2da61ab266089c2dd2f91b9fc66a34375ceb6f68ca394
diff --git a/dev-libs/openssl/openssl-3.0.11.ebuild b/dev-libs/openssl/openssl-3.0.11.ebuild
deleted file mode 100644
index 9437bff8e937..000000000000
--- a/dev-libs/openssl/openssl-3.0.11.ebuild
+++ /dev/null
@@ -1,288 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.0.12.ebuild b/dev-libs/openssl/openssl-3.0.12.ebuild
deleted file mode 100644
index 9437bff8e937..000000000000
--- a/dev-libs/openssl/openssl-3.0.12.ebuild
+++ /dev/null
@@ -1,288 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.0.13-r1.ebuild b/dev-libs/openssl/openssl-3.0.13-r1.ebuild
deleted file mode 100644
index 4241ad7f72ed..000000000000
--- a/dev-libs/openssl/openssl-3.0.13-r1.ebuild
+++ /dev/null
@@ -1,282 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-3.0.13-CVE-2024-2511.patch
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile || die
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.0.13.ebuild b/dev-libs/openssl/openssl-3.0.13.ebuild
deleted file mode 100644
index a709a5ecde4a..000000000000
--- a/dev-libs/openssl/openssl-3.0.13.ebuild
+++ /dev/null
@@ -1,278 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile || die
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.1.5-r1.ebuild b/dev-libs/openssl/openssl-3.1.5-r1.ebuild
deleted file mode 100644
index 23a3463ec688..000000000000
--- a/dev-libs/openssl/openssl-3.1.5-r1.ebuild
+++ /dev/null
@@ -1,285 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )
- "
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-PATCHES=(
- "${FILESDIR}"/${P}-p11-segfault.patch
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308
- append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.2.1-r1.ebuild b/dev-libs/openssl/openssl-3.2.1-r1.ebuild
deleted file mode 100644
index ee2e112cd6f0..000000000000
--- a/dev-libs/openssl/openssl-3.2.1-r1.ebuild
+++ /dev/null
@@ -1,306 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://www.openssl.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
- EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
- inherit git-r3
-else
- SRC_URI="
- mirror://openssl/source/${MY_P}.tar.gz
- verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )
- "
-
- if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
- fi
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
- !<net-misc/openssh-9.2_p1-r3
- tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- app-alternatives/bc
- sys-process/procps
- )
- verify-sig? ( >=sec-keys/openpgp-keys-openssl-20230801 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/openssl/configuration.h
-)
-
-PATCHES=(
- "${FILESDIR}"/${P}-p11-segfault.patch
- # bug 923956 (drop on next version bump)
- "${FILESDIR}"/${P}-riscv.patch
-)
-
-pkg_setup() {
- if use ktls ; then
- if kernel_is -lt 4 18 ; then
- ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
- else
- CONFIG_CHECK="~TLS ~TLS_DEVICE"
- ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
- ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
- use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
- linux-info_pkg_setup
- fi
- fi
-
- [[ ${MERGE_TYPE} == binary ]] && return
-
- # must check in pkg_setup; sysctl doesn't work with userpriv!
- if use test && use sctp ; then
- # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
- # if sctp.auth_enable is not enabled.
- local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
- if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
- die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
- fi
- fi
-}
-
-src_unpack() {
- # Can delete this once test fix patch is dropped
- if use verify-sig ; then
- # Needed for downloaded patch (which is unsigned, which is fine)
- verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
- fi
-
- default
-}
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- PATCHES+=(
- # Add patches which are Gentoo-specific customisations here
- )
- fi
-
- default
-
- if use test && use sctp && has network-sandbox ${FEATURES} ; then
- einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
- rm test/recipes/80-test_ssl_new.t || die
- fi
-
- # Test fails depending on kernel configuration, bug #699134
- rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
- # Keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (bug #417795 again)
- tc-is-clang && append-flags -Qunused-arguments
-
- # We really, really need to build OpenSSL w/ strict aliasing disabled.
- # It's filled with violations and it *will* result in miscompiled
- # code. This has been in the ebuild for > 10 years but even in 2022,
- # it's still relevant:
- # - https://github.com/llvm/llvm-project/issues/55255
- # - https://github.com/openssl/openssl/issues/12247
- # - https://github.com/openssl/openssl/issues/18225
- # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
- # Don't remove the no strict aliasing bits below!
- filter-flags -fstrict-aliasing
- append-flags -fno-strict-aliasing
- # The OpenSSL developers don't test with LTO right now, it leads to various
- # warnings/errors (which may or may not be false positives), it's considered
- # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
- filter-lto
-
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- # bug #895308 -- check inserts GNU ld-compatible arguments
- [[ ${CHOST} == *-darwin* ]] || append-atomic-flags
- # Configure doesn't respect LIBS
- export LDLIBS="${LIBS}"
-
- # bug #197996
- unset APPS
- # bug #312551
- unset SCRIPTS
- # bug #311473
- unset CROSS_COMPILE
-
- tc-export AR CC CXX RANLIB RC
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths, bug #460790.
- #local ec_nistp_64_gcc_128
- #
- # Disable it for now though (bug #469976)
- # Do NOT re-enable without substantial discussion first!
- #
- #echo "__uint128_t i;" > "${T}"/128.c
- #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- #fi
-
- local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
- einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
- # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
- local myeconfargs=(
- ${sslout}
-
- $(use cpu_flags_x86_sse2 || echo "no-sse2")
- enable-camellia
- enable-ec
- enable-ec2m
- enable-sm2
- enable-srp
- $(use elibc_musl && echo "no-async")
- enable-idea
- enable-mdc2
- enable-rc5
- $(use fips && echo "enable-fips")
- $(use_ssl asm)
- $(use_ssl ktls)
- $(use_ssl rfc3779)
- $(use_ssl sctp)
- $(use test || echo "no-tests")
- $(use_ssl tls-compression zlib)
- $(use_ssl weak-ssl-ciphers)
-
- --prefix="${EPREFIX}"/usr
- --openssldir="${EPREFIX}"${SSL_CNF_DIR}
- --libdir=$(get_libdir)
-
- shared
- threads
- )
-
- edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
- emake build_sw
-
- if multilib_is_native_abi; then
- emake build_docs
- fi
-}
-
-multilib_src_test() {
- # See https://github.com/openssl/openssl/blob/master/test/README.md for options.
- #
- # VFP = show subtests verbosely and show failed tests verbosely
- # Normal V=1 would show everything verbosely but this slows things down.
- #
- # -j1 here for https://github.com/openssl/openssl/issues/21999, but it
- # shouldn't matter as tests were already built earlier, and HARNESS_JOBS
- # controls running the tests.
- emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test
-}
-
-multilib_src_install() {
- # Only -j1 is supported for the install targets:
- # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
- emake DESTDIR="${D}" -j1 install_sw
- if use fips; then
- emake DESTDIR="${D}" -j1 install_fips
- # Regen this in pkg_preinst, bug 900625
- rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
- fi
-
- if multilib_is_native_abi; then
- emake DESTDIR="${D}" -j1 install_ssldirs
- emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
- fi
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- if ! use static-libs ; then
- rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
- fi
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
- # Create the certs directory
- keepdir ${SSL_CNF_DIR}/certs
-
- # bug #254521
- dodir /etc/sandbox.d
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- if use fips; then
- # Regen fipsmodule.cnf, bug 900625
- ebegin "Running openssl fipsinstall"
- "${ED}/usr/bin/openssl" fipsinstall -quiet \
- -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
- -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
- eend $?
- fi
-
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
- ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
- openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
- eend $?
-
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
- /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/raft/Manifest b/dev-libs/raft/Manifest
index f75a07489c8e..6ca9dbda03ae 100644
--- a/dev-libs/raft/Manifest
+++ b/dev-libs/raft/Manifest
@@ -1,6 +1,4 @@
AUX raft-0.10.0-toggle-zfs.patch 955 BLAKE2B bb9f351a6b7d0b7d95b7cdb6cf89db8963d46c44bd2613c69c7f3bd2c910cc185c8409cd80d218cab1569fe4729f649ac922ad1eb2b5652e5eeba441642e9588 SHA512 907f50fd1dc907d2a9aa1a89601064205c26d48956ddf56389a843e8c81b00acbc461125cbea5caef315be4a4a1d3a8f9bfd0a45ff0dedbeef1e0851e899b277
-DIST raft-0.22.0.tar.gz 365710 BLAKE2B b5084867ebd7e80f59edebcf5feb83cc7ffbf798deecbf96d3b31c0de7213c8fc1e3e5f558602f5864fb04f8de0326ee2f70d2f6164a08dd444a8db95593c328 SHA512 0ebda5764c866443ee2749c0c8fe798f111ed500b9d59bc9536d01e01ee82a8ed72125fb02e6a0c3bf51e4004520d4c5fdb583220599cb22bb9a8e6dd9d1a54b
DIST raft-0.22.1.tar.gz 362393 BLAKE2B b6fc8f8e9dc6801ac8ad1b9d94f984b249b83def00a08776292500b079bb777330e8a83cf40153bfb1baae921105788d758c9f61a021d5519d5c27048b6be8b9 SHA512 fb4ea98321336daaa605e1c3cd55f672860fc8894d479fdff4e1862a4eb5622dbaf7a943e030dd2bcdaa14cc639e7e11ac43d71f00bdbd27f12c6b67653b70e4
-EBUILD raft-0.22.0.ebuild 1185 BLAKE2B 5851712e61e7472ee2ba68381cedb569a7cc71732a17bfdc393705992877ccbaa4009618823344157b8b4ab70c7366af9e74805722feca4c918bd40d4d81ea24 SHA512 03d2e13ce831d6bf59afc538e70370b342d22223d844dc3707dcc2ef96841dbf8798ed1aaf1834d522f482410cf6a65d180909bca15735e31ba54086f271563a
EBUILD raft-0.22.1.ebuild 1185 BLAKE2B 5851712e61e7472ee2ba68381cedb569a7cc71732a17bfdc393705992877ccbaa4009618823344157b8b4ab70c7366af9e74805722feca4c918bd40d4d81ea24 SHA512 03d2e13ce831d6bf59afc538e70370b342d22223d844dc3707dcc2ef96841dbf8798ed1aaf1834d522f482410cf6a65d180909bca15735e31ba54086f271563a
MISC metadata.xml 894 BLAKE2B f5f18621f9238af58d307f4e7ab675efc2da37172c395362c0a15f4595fcd67bb67eaedbdb789396e5bd515ca1d10ef466bc80b5f5d07d8835d83700ec451930 SHA512 8a8b1021d4b9d3007c47d20471a90fbf9fc25a4fe7123717bc6a74742b3eae54bc779326776f0fd6e2126bf05d7be0d2d47e458b0bd99adc87298c51deeea8cc
diff --git a/dev-libs/raft/raft-0.22.0.ebuild b/dev-libs/raft/raft-0.22.0.ebuild
deleted file mode 100644
index 39daa1268bef..000000000000
--- a/dev-libs/raft/raft-0.22.0.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 2020-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools
-
-DESCRIPTION="C implementation of the Raft consensus protocol"
-HOMEPAGE="https://github.com/cowsql/raft"
-SRC_URI="https://github.com/cowsql/raft/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="LGPL-3-with-linking-exception"
-
-# Upstream change from canonical to cowsql resetted SONAME, 3 -> 0. bgo#915960
-SLOT="0/0"
-KEYWORDS="amd64 ~arm64 ~x86"
-IUSE="lz4 test zfs"
-RESTRICT="!test? ( test )"
-
-DEPEND="dev-libs/libuv:=
- lz4? ( app-arch/lz4:= )"
-RDEPEND="${DEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
- "${FILESDIR}"/raft-0.10.0-toggle-zfs.patch
-)
-
-src_prepare() {
- default
- eautoreconf
-}
-
-src_configure() {
- # --disable-hardening: most of these are covered on non-hardened Gentoo already.
- local myeconfargs=(
- --enable-uv
- --enable-v0
-
- --disable-backtrace
- --disable-benchmark
- --disable-debug
- --disable-example
- --disable-hardening
- --disable-sanitize
- --disable-static
-
- $(use_enable test fixture)
-
- $(use_with lz4)
- $(use_with zfs)
- )
-
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
- find "${ED}" -name '*.la' -delete || die
-}