diff options
Diffstat (limited to 'dev-libs')
-rw-r--r-- | dev-libs/Manifest.gz | bin | 101158 -> 101153 bytes | |||
-rw-r--r-- | dev-libs/dotconf/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/dotconf/dotconf-1.4.1.ebuild | 2 | ||||
-rw-r--r-- | dev-libs/immer/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/immer/immer-0.8.1-r1.ebuild | 2 | ||||
-rw-r--r-- | dev-libs/lager/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/lager/lager-0.1.1-r1.ebuild | 2 | ||||
-rw-r--r-- | dev-libs/libfilezilla/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/libfilezilla/libfilezilla-0.48.1.ebuild | 2 | ||||
-rw-r--r-- | dev-libs/libfmt/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/libfmt/libfmt-9.1.0-r2.ebuild | 2 | ||||
-rw-r--r-- | dev-libs/openssl/Manifest | 12 | ||||
-rw-r--r-- | dev-libs/openssl/openssl-3.0.15.ebuild | 283 | ||||
-rw-r--r-- | dev-libs/openssl/openssl-3.1.7.ebuild | 284 | ||||
-rw-r--r-- | dev-libs/openssl/openssl-3.2.3.ebuild | 302 | ||||
-rw-r--r-- | dev-libs/openssl/openssl-3.3.2.ebuild | 300 | ||||
-rw-r--r-- | dev-libs/zug/Manifest | 2 | ||||
-rw-r--r-- | dev-libs/zug/zug-0.1.1-r1.ebuild | 2 |
18 files changed, 1193 insertions, 12 deletions
diff --git a/dev-libs/Manifest.gz b/dev-libs/Manifest.gz Binary files differindex b3f24b99e361..f4909e37fc1c 100644 --- a/dev-libs/Manifest.gz +++ b/dev-libs/Manifest.gz diff --git a/dev-libs/dotconf/Manifest b/dev-libs/dotconf/Manifest index 1596ab50b3ad..c2cb453b4f5d 100644 --- a/dev-libs/dotconf/Manifest +++ b/dev-libs/dotconf/Manifest @@ -1,6 +1,6 @@ DIST dotconf-1.3.tar.gz 333301 BLAKE2B df3f4c9bc4539ed5b21bd4d6059bd911bb319d9dbe4f48c6d45c34559eaaa646abea847f6d0b35678c12d9b5e89e2f112047557d458be608215d76bb50af004c SHA512 ced0e66f70d11a309e77add1bfac1da8e85dcbe193633bd4bd1ae4bfd043b66880406e93ec18327b8c5d3de8d4bfc5278db6e5cb39b030ee1dabfa1ce267a98e DIST dotconf-1.4.1.tar.gz 46565 BLAKE2B 8eb7508b6ca13f0f4cc2ca0c1d889ce7801c3d60d826078a23b68807f1c2fa38fed4e638ac4b1a2ddf9c1e204293e57acce29bbd5cf3d6fd12abb140b6cb0d3e SHA512 a6cada8621295b268d4b4fd85bc0c207e78324c9e84754ead2fdf6c1598ec8bdf626f9c24e66063d921c95d73e83b50ab50416a9b4c9a7a631392552ec46f55a EBUILD dotconf-1.3-r2.ebuild 601 BLAKE2B a13a2ed0fbf2c65c282e9f35ec9a79039db5b098cb03bb3a9e7d99fb930a9c2fd406a60722daa5be053fb1cb902cbca8533e92cc1768a70f3ddda06fe7b07342 SHA512 d94953454c997bbbf0ed54f97c33421b41278297cac04710f7f3cc69554edfc69c39680def782df82a3ac2d4f186843420a4b3e7646a489c5c1f09036922df88 -EBUILD dotconf-1.4.1.ebuild 817 BLAKE2B f8e067b417eaaac1b131cae9271ebd19fdda492bdee34470d763af94a81ea143916ed521b34982ea2a2eaa51e3d692faa6f674beb5073e0a94178ee105ae8ddf SHA512 2a3f9573db7ff02ced7909cb87e1f3cea604cb7acf317641185e57084eb7759c5a1049c548f2f25c4fac0b72361ac9b144748501404d085de2b50064c5d8a6c1 +EBUILD dotconf-1.4.1.ebuild 816 BLAKE2B d082ce1274a2d7b6d0cab472c15a5ec20848315f938b4706644a1eecaf6e43bb07c158cf886938938cbc0cbcd4db129bcd8b85752885a2af9a058880c88f1c93 SHA512 7e64bd2dbb47ea65a057c26a40e2f0c88c6c72d7a3262b34923c268df3a7d3252e20595c149bacaf245135b2c32befe728e0618c905ea10a997c3c18c1efe879 EBUILD dotconf-9999.ebuild 822 BLAKE2B 2c5686e936142daeaf456120f7eff43ac9ec976b5db8299752c184020abcbd2e29ef8e0799a1a76ee2d89da1bacdbc0e345c859397b7387d11ebc39614453548 SHA512 1ebfcc40ea93e21a5d49456f6f296aa14b7205586e4c65542046b6860576f1df7af1cf78ac5142c3ad62a22507b76690baed55aede13c65d3980fa9f68c08e42 MISC metadata.xml 445 BLAKE2B 2c3daf69f3893a6cef9c473c24b8a998fc566c1e0fff66ce5e9d780859bd1cdae789616b443f007903e6dd1372fd8494307680fbcf775863adcab5437b933b0f SHA512 46c77d13292b855f78b096d42406733af924d90ed8687ea4fa541902084367d1c830ee4500f03bc1662c545922c32ac136d4f08ec06d51da05dc88ef7689459d diff --git a/dev-libs/dotconf/dotconf-1.4.1.ebuild b/dev-libs/dotconf/dotconf-1.4.1.ebuild index a7f18592c808..017b270abdfc 100644 --- a/dev-libs/dotconf/dotconf-1.4.1.ebuild +++ b/dev-libs/dotconf/dotconf-1.4.1.ebuild @@ -14,7 +14,7 @@ if [[ ${PV} == 9999* ]]; then EGIT_REPO_URI="https://github.com/williamh/dotconf.git" else SRC_URI="https://github.com/williamh/dotconf/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~loong ppc ppc64 ~riscv ~sparc x86 ~amd64-linux ~x86-linux" + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ppc ppc64 ~riscv ~sparc x86 ~amd64-linux ~x86-linux" fi LICENSE="LGPL-2.1" diff --git a/dev-libs/immer/Manifest b/dev-libs/immer/Manifest index 9c2995989378..e9882a20905c 100644 --- a/dev-libs/immer/Manifest +++ b/dev-libs/immer/Manifest @@ -1,4 +1,4 @@ AUX immer-0.8.1-fix-dvector-test.patch 616 BLAKE2B 9bd70b13da9f5e2c17fa20a4d2c61e2c1c74d559230b5d6ebcb82005d84fc4865ba7acdde859c5dac79d0a8252fbd3a5cfc03c02bb27eb2354955e9aca0d225f SHA512 9b76e01703a5b7633f2af38c7e9755cf759fc831222ef590b7a2cb41270b4dc2cc71eaafa9d48a4ca8ba84a7aa32bb3b1ac5a4ab6e18c9a26764716e5ee7b9d2 DIST immer-0.8.1.tar.gz 654638 BLAKE2B 23c8fc8d8e341ae271ea2881f3cba8bd446844dc48a79d959623ec9c7e1254feba22ae916d9e8d962d8afd8801671ac3dfc8a136e4ce40d2a1a019449c34554f SHA512 3a9aafeb5daad1881d00fb999b78f86b1c8f0e8ef2d6befe9025d8eea10392557ce7186f14878b36cbce0f2f5d38c8ffb39c9115a9496803acfc0ef2289f5cbf -EBUILD immer-0.8.1-r1.ebuild 979 BLAKE2B ded1d106bcb131140a9c347bc2de8e59db3481722687ca2b3e50a44c4bca0037754186a353e5391e16bf9fb11ec3f92e2b62319771c04cf8c0d649cbcb60381a SHA512 cd73e93a1191093ca18bdc8ea0b87870ce28ba51ebb8791edcb52779620cc768f1fe562586dacd7f1999807b1ae806c8bcd4cc3feb2fe5edfe9ee758a0ffdb76 +EBUILD immer-0.8.1-r1.ebuild 984 BLAKE2B 54a4543998e23fb946e849edef7ebfbdbc2f87b3485c5a2132df7c9778a4dc0f4420ce5bcad0b129b1acc20e59eb8cc24bcd79dc5b5ef960b871de79272a9885 SHA512 3ba354bf43b6a2afb6fd9e9cd246c686f4cc632757a66632ca7f5bb02d57e7d2da901f19cf30ceb5040955b31c33baeedee8982efa4ae4a6160c4ba3e18f18af MISC metadata.xml 483 BLAKE2B 7ded9309ad46060a624a1eed80845a752070fbdc606cee368b1fad5b73bdb1f1628657b9efa298f4c90c8d4f1ce809abe9558596f613e6e91edb4e817c6e81bb SHA512 3e086a36cf68feaf501df66a59e9d3f3c7b2576293bd0ef0c1eb80de5bb2737e1a13ecb36af60541504f3c4b572909e919fed2c7f0d18505d6a85e5fc1b25589 diff --git a/dev-libs/immer/immer-0.8.1-r1.ebuild b/dev-libs/immer/immer-0.8.1-r1.ebuild index c8dc26c2312f..3d52cf8cbd2a 100644 --- a/dev-libs/immer/immer-0.8.1-r1.ebuild +++ b/dev-libs/immer/immer-0.8.1-r1.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/arximboldi/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.g LICENSE="Boost-1.0" SLOT="0" -KEYWORDS="amd64 ~arm64 ~riscv" +KEYWORDS="amd64 ~arm64 ~riscv ~x86" IUSE="test" RESTRICT="!test? ( test )" diff --git a/dev-libs/lager/Manifest b/dev-libs/lager/Manifest index 4fa1eaa21334..ae3db35f4460 100644 --- a/dev-libs/lager/Manifest +++ b/dev-libs/lager/Manifest @@ -1,3 +1,3 @@ DIST lager-0.1.1.tar.gz 874540 BLAKE2B d2ab1dcd7b94a9251f6b0c55a41dd94d47d8d11715f44f694e129031bb698843144deb4c70d1b86c1c4fc6be108d6ccdd24d79af89e08815686b72ff8b8278ba SHA512 f88f22dbe1d0e099b1c1f0d8b165c155c44db61a51297ca445d82db8ed4efb918016678a5d6977147214540c69b72f7364d0d14ddc7f300625c19553c88a4e39 -EBUILD lager-0.1.1-r1.ebuild 982 BLAKE2B 157735dd30305e88bd66c247deb8e07b53e34417c7fb836ce5d96c67ef41ae4fd204fe7ff13a24a2c9a709846072db3b67b0e2d5153c6d451885252fa8a49c0b SHA512 5908c4828aa7a9da1fcc510e7f7eed9c288318054361fe79a8659f588a2d955329dff3bc582d83ad9c3a2bcb8a09fb2d2f799e3fb69ba1c612c42a434f1b645a +EBUILD lager-0.1.1-r1.ebuild 987 BLAKE2B 5d9f266c5131d9a0f01b770142ce079e884002c42c8572df7cc654a3c3af3f89962c9227e1701361daec3a0a4f659ccbe451f3438c48de112f4ab36046e959a3 SHA512 3bd158438dc9592c692d310c5beb5a93fe4eeaa60a61dfc95e373387be5c468b2563e4d06ca3cc9fb4e43f08d5028300b444e13a5a210b16eb5ca7f74e3431ca MISC metadata.xml 483 BLAKE2B e0dcd48fbc0a4a3d09a2e69cf9cd8a29ac6fcde1462033b5c1423b20331bfbabd249838f187dea9c20fed27c2231ee24c756814250f4180584f2862c98f62ab9 SHA512 67c2d9b611be8222e075e403f76bedff2cb4c49a31aa5945f0177614c79c1c87f9d1c1c89411d692b02cef5c787e447ae1a6efd3ec25f5dec7cee857c7ccff55 diff --git a/dev-libs/lager/lager-0.1.1-r1.ebuild b/dev-libs/lager/lager-0.1.1-r1.ebuild index 76f20f1d7ed8..5cdb5221643e 100644 --- a/dev-libs/lager/lager-0.1.1-r1.ebuild +++ b/dev-libs/lager/lager-0.1.1-r1.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/arximboldi/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.g LICENSE="MIT" SLOT="0" -KEYWORDS="amd64 ~arm64 ~riscv" +KEYWORDS="amd64 ~arm64 ~riscv ~x86" IUSE="test" RESTRICT="!test? ( test )" diff --git a/dev-libs/libfilezilla/Manifest b/dev-libs/libfilezilla/Manifest index 4ce64f1f7d37..3b1df7fd96e5 100644 --- a/dev-libs/libfilezilla/Manifest +++ b/dev-libs/libfilezilla/Manifest @@ -3,5 +3,5 @@ AUX libfilezilla-0.41.0-gcc13.patch 2201 BLAKE2B b253114cf862dc4a77dc1968c9a39a5 DIST libfilezilla-0.47.0.tar.xz 551484 BLAKE2B ba35bd990889a779f4c14c5c76c29dc5fed1bb97168e8dec75a59984133d6dbd56850208c55d6549c80dc2069ea007e0a26d7b604dbf9752c6ac018493a96627 SHA512 28af8aeacc5b6b188613c2afebb23477aa0c6908cd2bfe7dc39ba4b69fa67f2d18a64cdefe52968f429b18545fe03c031363b3aa9ed07b2ecb9faa56b1275282 DIST libfilezilla-0.48.1.tar.xz 552864 BLAKE2B fd08bbe3279cb1eec21c864e1b1547ee562d9fca970fed4dc3f78740bb9131b98410cc5ba317a05a5218b100dd498107dd2caed3ff3453b1516405c1075bbb62 SHA512 44881abbed985eabe0b5a19c6a2fc5f39c5258b49633eae79c7498c5c96583b24883ddce66b9ab7fafdaab7657092edc5da8e5d3b604897b76c02038fa4cd482 EBUILD libfilezilla-0.47.0.ebuild 1418 BLAKE2B 7e6bd0b27ce49d0c5a5114ad7ceb45674f7316a53d7a0f1ceeb3cea4c10e7d0e191296145a0206c13e13a1f67f418ac453d665e7f59f8779f2a97051294dbf9d SHA512 97082d3a42c6c67d0b719e2ba1d4a3c1bd0c9b48db813518afaa2f0e6e9eb3ada65231d362aaf59f058f08b3e2845046c6e0a96d24cebb28b20b0d9d8eae00ae -EBUILD libfilezilla-0.48.1.ebuild 1422 BLAKE2B c067e3f7cd316184b2ba362d5d42295433f4529d753e5a159ec23ea5e4dd904a92c1eec0a7c94ba4fc3a28e40af291a6bdd92dc0cf688e8e82de5d4d1c55abc0 SHA512 22a49186c4a9d91949a8ce39cb0db1670d9a08ef67e4aded38bf280b0c6c352b83b1dbf9afcfb10fa3e574193506ae9ab25e492f7e6fdaf1d13c15a3e0e51d2c +EBUILD libfilezilla-0.48.1.ebuild 1419 BLAKE2B ebaaa16246af6034971dba1b47aaf36eaba3ab88eeced598310144fd8b9e0009c47f6c7b38657c2388ab65d65c58048565293ecc20169f478e04fa6e467a25f8 SHA512 b34aeee8b745a00b20cf05d240b15fa6d39f484af5867d96a5f7c3aaa6ad08f75339ae8137ee580cae6174e8efce3d405528530e26217b6517330d0156fcbda5 MISC metadata.xml 1125 BLAKE2B eddf5dd9e7af700c9cdfd68918acef8a6064a8f26e4531f047315df70a4c2d1e2d2a4b3257062e5af1973fef5490606f08a0c6460e220d25b3d615c7d4626e57 SHA512 6038a9eb07bf8c4adaf9bd3abaa3abc283ba8d8c432aa193fcc1932071afdbd6a6bb50a16e5e7f4f0cce4afbc341bb26b1b265b8f0da12728f8db06103d73ba5 diff --git a/dev-libs/libfilezilla/libfilezilla-0.48.1.ebuild b/dev-libs/libfilezilla/libfilezilla-0.48.1.ebuild index e04a339a4c99..45fd1083f62d 100644 --- a/dev-libs/libfilezilla/libfilezilla-0.48.1.ebuild +++ b/dev-libs/libfilezilla/libfilezilla-0.48.1.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://download.filezilla-project.org/${PN}/${P}.tar.xz" LICENSE="GPL-2+" SLOT="0/45" # libfilezilla.so version -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~x86" +KEYWORDS="amd64 ~arm ~arm64 ppc ppc64 ~riscv ~x86" IUSE="test" RESTRICT="!test? ( test )" diff --git a/dev-libs/libfmt/Manifest b/dev-libs/libfmt/Manifest index 3164c2122636..ec9b64b35391 100644 --- a/dev-libs/libfmt/Manifest +++ b/dev-libs/libfmt/Manifest @@ -16,6 +16,6 @@ EBUILD libfmt-11.0.0.ebuild 787 BLAKE2B 2af8fae57e10abe207cb1dd31f80d995ff54cf89 EBUILD libfmt-11.0.1.ebuild 787 BLAKE2B 2af8fae57e10abe207cb1dd31f80d995ff54cf89147220d327a0df3cd8d801eef479e767b9711b2a819e666995e2c932fea1af2d50168e62b3fd2e1f24130bdd SHA512 70bc875129a415f915103903181b57150cac24de0f268afba1f418b2c9d1c754f660db29ba43b0c0044292439d1777892f161f9c28cb97b552e2e5a42936dc17 EBUILD libfmt-11.0.2.ebuild 787 BLAKE2B 2af8fae57e10abe207cb1dd31f80d995ff54cf89147220d327a0df3cd8d801eef479e767b9711b2a819e666995e2c932fea1af2d50168e62b3fd2e1f24130bdd SHA512 70bc875129a415f915103903181b57150cac24de0f268afba1f418b2c9d1c754f660db29ba43b0c0044292439d1777892f161f9c28cb97b552e2e5a42936dc17 EBUILD libfmt-9.1.0-r1.ebuild 750 BLAKE2B 3d15e8e04f952fbe6cb1ace2e81d297089035e06a6897993a2035d5b47bc0b003730964d8fe02ce2044ca13536a1174dd41a333a6eab9f541dd2d187bc17c63b SHA512 018f72730e4ba3be606a08b8cdc502b6b05f6c5e312ba8119f97c3f1627dbd2eb1af4e923a875bdcb04528bb7bd806ec54b42312c1693841175a7e5a26ecc143 -EBUILD libfmt-9.1.0-r2.ebuild 780 BLAKE2B be4e1d071327bee7984c84e21b2ae82f0f40cb593d62896a229ff4f9995c52017e930715c8666eb514b2728d96a73256b8e133413e0297ffb2c987404cb88a66 SHA512 204526f8ced0b2e38f377fc4c9e2f574184dbe20a9285f8ab30b0884cd9907b9ddd5045cfa707205ecc0a209257fecd64c6455ab3b512411adcdf3544cbdfe2d +EBUILD libfmt-9.1.0-r2.ebuild 779 BLAKE2B b24aa4df3dfaed35ab99c07ab877e8bab82f925194707ae2af5780b5e5874517fef9efe05e400ef58b4e23aa1f0eafccbdadd3b791dc323466d3421e26958885 SHA512 f7934c3363cbab56263a6791e07f2e044db8c980f9d5f47c189fe996713c45031a3dadd066f45376913f4be6a12f2daff0c4c14eea66207d6f0e2c221038eb13 EBUILD libfmt-9999.ebuild 787 BLAKE2B 2af8fae57e10abe207cb1dd31f80d995ff54cf89147220d327a0df3cd8d801eef479e767b9711b2a819e666995e2c932fea1af2d50168e62b3fd2e1f24130bdd SHA512 70bc875129a415f915103903181b57150cac24de0f268afba1f418b2c9d1c754f660db29ba43b0c0044292439d1777892f161f9c28cb97b552e2e5a42936dc17 MISC metadata.xml 441 BLAKE2B c3066057cd80ba82a45de5b971c42ab23af1ec250285c677e119bdab5950a59c3052228a91bb52b049a63fe1c6697032ce665751baf20bf4d8714f298c70e3a6 SHA512 ab2ccd3fff9f22a8034b8a0979878550c3d0d909860935fe7f1d45ceed919a58fe2a8e36b1da86099a0e379a7bf139bf8490efbec1f69843b382b4cb6d2db246 diff --git a/dev-libs/libfmt/libfmt-9.1.0-r2.ebuild b/dev-libs/libfmt/libfmt-9.1.0-r2.ebuild index bdb2b723df22..b617d773ca86 100644 --- a/dev-libs/libfmt/libfmt-9.1.0-r2.ebuild +++ b/dev-libs/libfmt/libfmt-9.1.0-r2.ebuild @@ -13,7 +13,7 @@ if [[ ${PV} == *9999 ]] ; then inherit git-r3 else SRC_URI="https://github.com/fmtlib/fmt/archive/${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 sparc ~x86" + KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 sparc x86" S="${WORKDIR}/fmt-${PV}" fi diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 95c02ea9d774..ebcd73f293fc 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -17,17 +17,29 @@ DIST openssl-3.0.13.tar.gz 15294843 BLAKE2B 869aa5f70a8c1d0cac6027e9261530df70ab DIST openssl-3.0.13.tar.gz.asc 833 BLAKE2B 519515b6faa505d68ff9acc30db9515fac494145086fa5ad9561c39385a6fabb39ad9de10fedd49c8fc716ec59ea1b13ec5e6b466e549ea9f29b8d0bb74ba7b3 SHA512 c52d97c93d16f3ca2a7026fb25890482b6d86c37b5ab686c56b0e08522743ec4ea3f84afa4deb64b0df0d9a16b557430c4d4139ab42ffcf97d769b61d1e6197c DIST openssl-3.0.14.tar.gz 15305497 BLAKE2B 7426aea63d5495775c4a0440658cc9c46c4aa31c31473cd5519c2b1ca158e122634e0bbc275237d3eb124fc8bed3d58808d8ac1d228f24f7281d2630ff7813e0 SHA512 1c59c01e60da902a20780d71f1fa5055d4037f38c4bc3fb27ed5b91f211b36a6018055409441ad4df58b5e9232b2528240d02067272c3c9ccb8c221449ca9ac0 DIST openssl-3.0.14.tar.gz.asc 833 BLAKE2B 8a700452f6f698fbfa206469888fd72706f1798be212e712fd8a4c1ae87f0d98d54820974c64a3db3b5ac69d7beda665f462e83182337391212c0e72e1feb72e SHA512 003d17a2b71176517f5bfba6699c18b271111e5fec3effc275b965286140d1281fa6f5f5e6bcf63feca89dfa035ab776bda8d2af4b71ae921ca9e7a936581fb4 +DIST openssl-3.0.15.tar.gz 15318633 BLAKE2B f2900d0894b97e86c709079ca4336d5dc508d69e91d3a4de4420c8d9344cb54dada6ea2cdd408166e53db0c652b06654e670701166b67a0a40578676e1cea535 SHA512 acd80f2f7924d90c1416946a5c61eff461926ad60f4821bb6b08845ea18f8452fd5e88a2c2c5bd0d7590a792cb8341a3f3be042fd0a5b6c9c1b84a497c347bbf +DIST openssl-3.0.15.tar.gz.asc 833 BLAKE2B 43088d6ae9e95aec8cfa08c0d338d76c2299ee89a1719a39c497b25c83a4c0c2d155fa00a62b47e15a7f2889680197741390c850d62a84ec5ce27ed1bbddcd28 SHA512 8b9471074130fd26b511820a1c2586792fd0105421515734c213ae18de27b5b026261e64d4cb8f5e7b568d1f4193484ebe0e99eda9d99df72474310a568ca3bf DIST openssl-3.1.6.tar.gz 15672690 BLAKE2B 70112a7ece66bb6faf1a262c503c1df08924b8c1b9b08a1395856f903b1d1b4a38956b485e83415c29fafbf990ae8aced9b2fb0a2af84863b5c0a2a6581282cf SHA512 18ca07ee6a98d5fe46accfa0156e0354ad770d78bbbbe8e4bb92b316a0e4404f17a34eb700f17ed355d826a4b2166894aa46d8dd81fedbcb16aa1aad0926a390 DIST openssl-3.1.6.tar.gz.asc 833 BLAKE2B 24fbb26ccf60ede99b9ea6ef6a2a8f1ae89c7881c21eafafeae7a498332dbaf7e52c94b2c52247e34511cc4bd204e71a68aa1a6dab133376e1f15bf676ef58be SHA512 ef3ca59527ca7b00430c251df399ea2cbe47ef0deebf4158250baac8e575ea26582756228f12dd0f7009b55199b0134e77ec47ade9835f1785c74703aa84987e +DIST openssl-3.1.7.tar.gz 15684836 BLAKE2B 1332f4b2454b6c9bf3ff2099aa343d6202bec98c6e44fba6377d5bb8efd9bf337df3a95549d874a2908f376056f6f333e6f65cbec7e27377d1ab8cbefddaa241 SHA512 bb4743c1a95148901d2d2bc51460c14cea3387c7dda9323524adbdb11334562f72aa3a873913c51ea1ffce606e675e22a74f78b3119b6a956da3f75c942cd0e2 +DIST openssl-3.1.7.tar.gz.asc 833 BLAKE2B 17220aa3274a5eda3df8c04f60f87a48fcf5c773167e746bf3f9feb6cc3c03b024a2e83b1c93122b6baa073b12417e2910230f270287be7b7f2c5300814b7fda SHA512 89b6f4b913aac8b2519aac586ba0c70a3df331eb70ea79c2aa45355bfd9430ba1af3c8ea0d31b171f55036a8cc332207787cabf58da871f400d666a5ae09ce2a DIST openssl-3.2.2.tar.gz 17744472 BLAKE2B f42d44f31dc9ccf26ffe1fdd4a0119506a211808f92e860a34118109eae2ee7bcb5b0f43cbdf9eb811cd185cb53e092e62d652f7c0c0ce55b13289f7489073c9 SHA512 ebc945065f62a8a2ea4e2f136a2afaea4d38a03bb07a148f7fb73c34a64475a4069de122ebee11a66e421dbd58756ad7ab2d3f905dc90acee72d62757d8c0a2d DIST openssl-3.2.2.tar.gz.asc 833 BLAKE2B 09ef1766e771e1d7aac675a09bd9588ee9d76a1fe39794826fd5d9057ae41366a7e92fe81a40bc2fe19a309be612687d8ff760da3f3c44115e3b21b0342b5f46 SHA512 7a798e9c02d25510f4ec49b8956ebf4288760e1272bf327f36b253045ab2f50ac8042071f78984d1b463f07aa2b027f26ad2fbc31deacaac5658fc35437ddc66 +DIST openssl-3.2.3.tar.gz 17762604 BLAKE2B 1445336aa92d0fd9df266ad570fe2bf5701279e462dd3fccd4cf662f328bfee923dc6c72c42c1921fd38bce43e1c60cacdec3f1c2963fe0ffda6a0e8e34ac6e4 SHA512 9e9f06ab630914e32e64bfb945dfa375ea3595b3db4eb8ef68288a58909baf753b34998439907c22ff2b8561cfd3f3f6b7fbf22981479e66a98c2e92fda172a2 +DIST openssl-3.2.3.tar.gz.asc 833 BLAKE2B 5a7289ed40534a058b9eb7686ce444b9d453a2973ab7ebda01c99f7245f6ba19197123f8bb3b16940d4bfbc5e313babc0249f280e55911190b47da3a47ed1e6a SHA512 e727adb88f84c48082ef0cae963bf999cce11619f7322014cc7f36c16e8375a60542f518c1b86319208cf8da33044e942b3d65208bc59fd4a5f522ab78ff1c23 DIST openssl-3.3.1.tar.gz 18055752 BLAKE2B b09bbe94f49c33015fbcee5f578a20c0da33c289791bf33292170d5d3de44ea2e22144ee11067947aef2733e979c0fded875a4ec92d81468285837053447e68e SHA512 d3682a5ae0721748c6b9ec2f1b74d2b1ba61ee6e4c0d42387b5037a56ef34312833b6abb522d19400b45d807dd65cc834156f5e891cb07fbaf69fcf67e1c595d DIST openssl-3.3.1.tar.gz.asc 833 BLAKE2B e22c068dfcd0205f1cd27f965b76dcaf59bed61181523f198e40d61a4867b20a7636c853c427497559362a92766f430807f02b693821ac38daaa898946f2dba2 SHA512 ae2db74829b71a68e1fc86229396d76f60a9a98e6bba9adc62bdcf2581b60fb0e29ecde2b53a5686c452e754801568e05d3c4f47e8faf02219ac1aae78283338 +DIST openssl-3.3.2.tar.gz 18076531 BLAKE2B cc53d45418673bc2a406d6697b8bd17ff6c726463c4ccc87bb2fa5a6592d0d178dc8cfeb2fbb980ea354a5dc2c86f31c48453427c6937896c7221273e623c9b5 SHA512 5ae47bf1aed2740a33ba5df7dc7345a6738aa6bfa3c9c4de5e51742485e24b25192988d7a2c1b8201ef70056ad8abd0ca78b3d55abe24c0b0373d83b47ed9b74 +DIST openssl-3.3.2.tar.gz.asc 833 BLAKE2B c318e2dcef085b83ced77048dc136d9bc8438d49a7985f3c6ebd4ffd0e5e290ece47e8fd1074c6cc056e87b2bae2101dd58b8d70dbc0eb99aa134d776125439c SHA512 981f8438bbd541b97e745aca1bb77cde68900ce4b5ffefc9eccc2f18c675292203f6b4c7bffefde2256a442b7310d8438279b52fb21aac65921e9a529bc00067 EBUILD openssl-1.0.2u-r1.ebuild 9768 BLAKE2B 46d26e3dd92c898c6fe715e5d07b4e2e9c3e3a66d3566798774d1d30ca267c8815beb1a777c75d555060934761c43f7b92d89fca73617262ea33a7cab96d44e6 SHA512 3888a1bc9a604bbbd04dd4bc843ba79dbadc85d8a396dde3d657bc05423478f225896c5274b883c309a9b79da42738342a83bba9f7157cda16e46c6a8b7ba84b EBUILD openssl-1.1.1w.ebuild 8231 BLAKE2B 01d3535cea73f706462c507fefca5ced3af57921ccc7f97c7062ca886549f7df8fff0b97d32a9acb3ee253c2b13a3dd6d6c0504756574a7fd9062eab7849e3c6 SHA512 460fcc3391d24bda575d4804100545e622201cd87975926cbee94f206b21d8d890b6911ac0628daf46ac560b817ddea2a1db895eadee5244ad971b6818acd344 EBUILD openssl-3.0.13-r2.ebuild 8577 BLAKE2B 6e644b355c675972db2de28bac685f53358bb835883917bd7b7bcc788f9c65c102906dfea09f1794d8bc4f23db2d072b74ee86cc7e32f5f4e018b3ca36f8efd0 SHA512 d582761f386b2bba7d0b75983f25beb30c37251252a194f0bded8e92b9f99e14d12148e33d898b8e65a42c4077f307ca90896785401a89c059f7611687475bdc EBUILD openssl-3.0.14.ebuild 8487 BLAKE2B 444641f8cec4fd14a1d8f01158ba10117167619354f34da3d42730a54b4c7bec6632e59403040a50e7107e9aa3c153037ee7e094b97f1e9d5d4fe8647ce40a61 SHA512 2fa43de098935be689c05ac2099d42188331c01e413b40dfa7c6bbd4575c40793059aac747a209c5122371b052ae050b9472959cd0edda5f55ee97b23c3366fd +EBUILD openssl-3.0.15.ebuild 8566 BLAKE2B 0af25191fb8faa98e9fcb56718c04dd57fe78c25646ad5f9899d0f172c9460334ed3d7e440da4703979f80aefdb0a1d7948a8d5573f609de2f8023516a902bea SHA512 1b1824bacb1e804ea7d41afff7f51ad31b4fc600eca054fea1dd8e4bd6346715fe26455649ebed1ad399d7ce4d21cd9311271204562b5c85874f0a0e5f1709bb EBUILD openssl-3.1.6.ebuild 8599 BLAKE2B 8847c20f72fc8424365afa82b82fac3b3ba34110c025ff4077c95231a63f237b9c1a472e10183bff0c628f944ce5c528a5a5c3a13c0e7e8d5e53a45caeb2e34f SHA512 1a5515fc28711f0b343581140b013084dfefa100a71c84c249d78d134a90b259610cd57d6b42fcd99f35b26e7f13fb89fc70038b057dc1210e909a44bcc0e316 +EBUILD openssl-3.1.7.ebuild 8600 BLAKE2B e529f65f0160aad596a7e66eb65b6b420a691492f09b1fcbf1742199094f41961191a0660ddf7323e346d2ea86228d31f0a8a0805f90926a4f59892e5145b4c9 SHA512 7ce1f229410baeddb0a32e919e655283c474af04d963d72c6218c907dbada5aa73c87deec04ddee0253030a89211367bd5e968c68810d07c6b46138d37317ecf EBUILD openssl-3.2.2.ebuild 9244 BLAKE2B f81444200f218553598ef85672dce613ed0d5805c9da6bdd5304a76e91ea24262c08fe0c9d3e37a801cad25274a98674d783c0228220e938ecfcc46f36b5be3e SHA512 200b5d63b96bda52c093de1bc1f96b48984347ccd88fd54046cf92243b174b30d63a94d8f947b97e6d333ed2c85b5b1ed33b58f43c3114d4bd26c39a8e8b51bc +EBUILD openssl-3.2.3.ebuild 9244 BLAKE2B ea5d608dc392835f979919ac1835e74520dc57e50f83981eb23877fd8d920583aa9bace217e8b74e33ca7be155ba00af48e5f584944d32d28caf1eb8efde7ef7 SHA512 2cc9092d801aabba5617fb9007e73e094bb31f7c4f18245a44ecc7113020595cbee702e58eb400ddc424ebc6e98f0ebef2e2a68e659463d0be6bf06350fad3d7 EBUILD openssl-3.3.1-r3.ebuild 9618 BLAKE2B ddab56cdea600bab19bb2441564c5356af892e3db3cc915ed38a95a0f76a1e193c1bd0a54b5f961331ba0a6ca0f542c674b7e625434c458125919e68d669f833 SHA512 9c02c40f286cc1c75b5acf455564c6fc2d32df2a7f75a157ab0f845f1ef0968915cb4f01f6727f6014da93a0a7f2c74a6ac851bb9838768714c970125a0a45dd +EBUILD openssl-3.3.2.ebuild 9282 BLAKE2B 8abfb8923a85d68dc124955573db798278969b7cecaf9ae22b83df480029fff631d3c835d05fb933852dc9987e5ebee439b4ce27d80bc1d1c48fba5ac0179b53 SHA512 917af4043179c83520e242c2c9d06df4b5d6939b7f9e725a61529a32a55966c4b0e7fc85c7b6f3cf2fcf6c2247e1c0f73bc63c706b65d6ada598173c4973e2cd MISC metadata.xml 1674 BLAKE2B 2195a6538e1b4ec953c707460988f153e40abe7495fd761403c9a54b44ecb7cb5c69ac37ac7d4d18bc0086cf9b4accaaac19926fe5b2ac4b2c547ce1c9e08a6d SHA512 d4eda999c1027f9d8102c59275665f5b01d234c4a7636755a6d3c64b9aad2a657d14256b1527d9b7067cb653458b058db7f5bb20873e48927291092d9ccdd1c6 diff --git a/dev-libs/openssl/openssl-3.0.15.ebuild b/dev-libs/openssl/openssl-3.0.15.ebuild new file mode 100644 index 000000000000..201de29640f3 --- /dev/null +++ b/dev-libs/openssl/openssl-3.0.15.ebuild @@ -0,0 +1,283 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://openssl-library.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz + verify-sig? ( + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc + ) + " + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/3" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 ) +" + +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile || die + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 + append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/openssl/openssl-3.1.7.ebuild b/dev-libs/openssl/openssl-3.1.7.ebuild new file mode 100644 index 000000000000..3145f12953ae --- /dev/null +++ b/dev-libs/openssl/openssl-3.1.7.ebuild @@ -0,0 +1,284 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://openssl-library.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz + verify-sig? ( + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc + ) + " + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + !<net-misc/openssh-9.2_p1-r3 + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 ) +" + +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 + append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/openssl/openssl-3.2.3.ebuild b/dev-libs/openssl/openssl-3.2.3.ebuild new file mode 100644 index 000000000000..39d5d62b0df1 --- /dev/null +++ b/dev-libs/openssl/openssl-3.2.3.ebuild @@ -0,0 +1,302 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://openssl-library.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz + verify-sig? ( + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc + ) + " + + if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + fi +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + !<net-misc/openssh-9.2_p1-r3 + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 ) +" +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_unpack() { + # Can delete this once test fix patch is dropped + if use verify-sig ; then + # Needed for downloaded patch (which is unsigned, which is fine) + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc} + fi + + default +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 -- check inserts GNU ld-compatible arguments + [[ ${CHOST} == *-darwin* ]] || append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw + + if multilib_is_native_abi; then + emake build_docs + fi +} + +multilib_src_test() { + # See https://github.com/openssl/openssl/blob/master/test/README.md for options. + # + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + # + # -j1 here for https://github.com/openssl/openssl/issues/21999, but it + # shouldn't matter as tests were already built earlier, and HARNESS_JOBS + # controls running the tests. + emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/openssl/openssl-3.3.2.ebuild b/dev-libs/openssl/openssl-3.3.2.ebuild new file mode 100644 index 000000000000..efaab4546c7d --- /dev/null +++ b/dev-libs/openssl/openssl-3.3.2.ebuild @@ -0,0 +1,300 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc +inherit edo flag-o-matic linux-info toolchain-funcs +inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig + +DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" +HOMEPAGE="https://openssl-library.org/" + +MY_P=${P/_/-} + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/openssl/openssl.git" + + inherit git-r3 +else + SRC_URI=" + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz + verify-sig? ( + https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc + ) + " + + if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + fi +fi + +S="${WORKDIR}"/${MY_P} + +LICENSE="Apache-2.0" +SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto +IUSE="+asm cpu_flags_x86_sse2 fips ktls +quic rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + !<net-misc/openssh-9.2_p1-r3 + tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) +" +BDEPEND=" + >=dev-lang/perl-5 + sctp? ( >=net-misc/lksctp-tools-1.0.12 ) + test? ( + sys-apps/diffutils + app-alternatives/bc + sys-process/procps + ) + verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 ) +" +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" +PDEPEND="app-misc/ca-certificates" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/openssl/configuration.h +) + +pkg_setup() { + if use ktls ; then + if kernel_is -lt 4 18 ; then + ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!" + else + CONFIG_CHECK="~TLS ~TLS_DEVICE" + ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!" + ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!" + use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER" + + linux-info_pkg_setup + fi + fi + + [[ ${MERGE_TYPE} == binary ]] && return + + # must check in pkg_setup; sysctl doesn't work with userpriv! + if use test && use sctp ; then + # test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel" + # if sctp.auth_enable is not enabled. + local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null) + if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then + die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!" + fi + fi +} + +src_unpack() { + # Can delete this once test fix patch is dropped + if use verify-sig ; then + # Needed for downloaded patch (which is unsigned, which is fine) + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc} + fi + + default +} + +src_prepare() { + # Make sure we only ever touch Makefile.org and avoid patching a file + # that gets blown away anyways by the Configure script in src_configure + rm -f Makefile || die + + if ! use vanilla ; then + PATCHES+=( + # Add patches which are Gentoo-specific customisations here + ) + fi + + default + + if use test && use sctp && has network-sandbox ${FEATURES} ; then + einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..." + rm test/recipes/80-test_ssl_new.t || die + fi + + # Test fails depending on kernel configuration, bug #699134 + rm test/recipes/30-test_afalg.t || die +} + +src_configure() { + # Keep this in sync with app-misc/c_rehash + SSL_CNF_DIR="/etc/ssl" + + # Quiet out unknown driver argument warnings since openssl + # doesn't have well-split CFLAGS and we're making it even worse + # and 'make depend' uses -Werror for added fun (bug #417795 again) + tc-is-clang && append-flags -Qunused-arguments + + # We really, really need to build OpenSSL w/ strict aliasing disabled. + # It's filled with violations and it *will* result in miscompiled + # code. This has been in the ebuild for > 10 years but even in 2022, + # it's still relevant: + # - https://github.com/llvm/llvm-project/issues/55255 + # - https://github.com/openssl/openssl/issues/12247 + # - https://github.com/openssl/openssl/issues/18225 + # - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 + # Don't remove the no strict aliasing bits below! + filter-flags -fstrict-aliasing + append-flags -fno-strict-aliasing + # The OpenSSL developers don't test with LTO right now, it leads to various + # warnings/errors (which may or may not be false positives), it's considered + # unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663. + filter-lto + + append-flags $(test-flags-CC -Wa,--noexecstack) + + # bug #895308 -- check inserts GNU ld-compatible arguments + [[ ${CHOST} == *-darwin* ]] || append-atomic-flags + # Configure doesn't respect LIBS + export LDLIBS="${LIBS}" + + # bug #197996 + unset APPS + # bug #312551 + unset SCRIPTS + # bug #311473 + unset CROSS_COMPILE + + tc-export AR CC CXX RANLIB RC + + multilib-minimal_src_configure +} + +multilib_src_configure() { + use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } + + local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") + + # See if our toolchain supports __uint128_t. If so, it's 64bit + # friendly and can use the nicely optimized code paths, bug #460790. + #local ec_nistp_64_gcc_128 + # + # Disable it for now though (bug #469976) + # Do NOT re-enable without substantial discussion first! + # + #echo "__uint128_t i;" > "${T}"/128.c + #if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then + # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" + #fi + + local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4") + einfo "Using configuration: ${sslout:-(openssl knows best)}" + + # https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features + local myeconfargs=( + ${sslout} + + $(multilib_is_native_abi || echo "no-docs") + $(use cpu_flags_x86_sse2 || echo "no-sse2") + enable-camellia + enable-ec + enable-ec2m + enable-sm2 + enable-srp + $(use elibc_musl && echo "no-async") + enable-idea + enable-mdc2 + enable-rc5 + $(use fips && echo "enable-fips") + $(use quic && echo "enable-quic") + $(use_ssl asm) + $(use_ssl ktls) + $(use_ssl rfc3779) + $(use_ssl sctp) + $(use test || echo "no-tests") + $(use_ssl tls-compression zlib) + $(use_ssl weak-ssl-ciphers) + + --prefix="${EPREFIX}"/usr + --openssldir="${EPREFIX}"${SSL_CNF_DIR} + --libdir=$(get_libdir) + + shared + threads + ) + + edo perl "${S}/Configure" "${myeconfargs[@]}" +} + +multilib_src_compile() { + emake build_sw +} + +multilib_src_test() { + # See https://github.com/openssl/openssl/blob/master/test/README.md for options. + # + # VFP = show subtests verbosely and show failed tests verbosely + # Normal V=1 would show everything verbosely but this slows things down. + # + # -j1 here for https://github.com/openssl/openssl/issues/21999, but it + # shouldn't matter as tests were already built earlier, and HARNESS_JOBS + # controls running the tests. + emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test +} + +multilib_src_install() { + # Only -j1 is supported for the install targets: + # https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305 + emake DESTDIR="${D}" -j1 install_sw + if use fips; then + emake DESTDIR="${D}" -j1 install_fips + # Regen this in pkg_preinst, bug 900625 + rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die + fi + + if multilib_is_native_abi; then + emake DESTDIR="${D}" -j1 install_ssldirs + emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs + fi + + # This is crappy in that the static archives are still built even + # when USE=static-libs. But this is due to a failing in the openssl + # build system: the static archives are built as PIC all the time. + # Only way around this would be to manually configure+compile openssl + # twice; once with shared lib support enabled and once without. + if ! use static-libs ; then + rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die + fi +} + +multilib_src_install_all() { + # openssl installs perl version of c_rehash by default, but + # we provide a shell version via app-misc/c_rehash + rm "${ED}"/usr/bin/c_rehash || die + + dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el + + # Create the certs directory + keepdir ${SSL_CNF_DIR}/certs + + # bug #254521 + dodir /etc/sandbox.d + echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl + + diropts -m0700 + keepdir ${SSL_CNF_DIR}/private +} + +pkg_preinst() { + if use fips; then + # Regen fipsmodule.cnf, bug 900625 + ebegin "Running openssl fipsinstall" + "${ED}/usr/bin/openssl" fipsinstall -quiet \ + -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" + eend $? + fi + + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} + +pkg_postinst() { + ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)" + openssl rehash "${EROOT}${SSL_CNF_DIR}/certs" + eend $? + + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ + /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1) +} diff --git a/dev-libs/zug/Manifest b/dev-libs/zug/Manifest index e7a562d6ec52..792e0d9314b2 100644 --- a/dev-libs/zug/Manifest +++ b/dev-libs/zug/Manifest @@ -1,3 +1,3 @@ DIST zug-0.1.1.tar.gz 102857 BLAKE2B 659e557fcac7c00d8ec3dcb54839bd6fbb23ca46b9d2052197b2f5e983eec1dc4251b36ed920b6f43225ff98a8bd1d3e65218f301dd121bdf8c2394efbb5e1b3 SHA512 1348a0bdd7aed1a590287ff3a1c45c0cb1aef2aca12dc37e77705c2b2015704f766fac82833fa28beb79efe00f6ff63ee1dcb220cdc43517f625ba5edecc090c -EBUILD zug-0.1.1-r1.ebuild 779 BLAKE2B e92dd2252208b84afc27f60ea08e7ee0ba283245b4211ec77c6a78e4b5f688f219492cb450a6ec0a0cc393e72e635e7d7abc23bee11f4eba3a5ed87d915f0210 SHA512 a9e63021a9ef3c3c9e868fb29b5a72bb36ddf45671d7cf40caa02d767171796e05c23d0f6e20fa7642564198ef95a11ce1be4dd58c95bd2a276d8e8ae0b75bdb +EBUILD zug-0.1.1-r1.ebuild 784 BLAKE2B 5843ce4dcc50196b7eff2fe82e5ab84c01da983790931a3a1a19a7e0a53e79db275fe1bb5abdae38d323e92a94d90a882e54b94b8c59c7064810a189c8da2876 SHA512 c27481542e86779c3bd24f96a46e1e9ff5077cfd7cd381a0730dce3b8b6ee4f36a05cf5b4a1455ccf5df4ec20caf8d6ea6a01e7dcaf19bd0b66be690e1e22f41 MISC metadata.xml 481 BLAKE2B 9002b34caea756a7792af4ae8f0fb295dce30af399c19f5a0264bc4c98d460799ddd475fc7566c7f4d296097d3d1392f49133a40bc13255f8a617254f0426afb SHA512 1bbd0646c2569e2ab80869e427239a26a145d3d0c7cd64adf5994c1396f595286f7df26a3e9904f3abf7f5e32a1072d82b7dcf55e40b3a6c5f7bc6ac616e19b7 diff --git a/dev-libs/zug/zug-0.1.1-r1.ebuild b/dev-libs/zug/zug-0.1.1-r1.ebuild index e4460dfc0aba..aeaf0a9f2fb6 100644 --- a/dev-libs/zug/zug-0.1.1-r1.ebuild +++ b/dev-libs/zug/zug-0.1.1-r1.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/arximboldi/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.g LICENSE="Boost-1.0" SLOT="0" -KEYWORDS="amd64 ~arm64 ~riscv" +KEYWORDS="amd64 ~arm64 ~riscv ~x86" IUSE="test" RESTRICT="!test? ( test )" |