diff options
Diffstat (limited to 'main/openssl1.0/APKBUILD')
| -rw-r--r-- | main/openssl1.0/APKBUILD | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/main/openssl1.0/APKBUILD b/main/openssl1.0/APKBUILD new file mode 100644 index 0000000000..d0f7765c89 --- /dev/null +++ b/main/openssl1.0/APKBUILD @@ -0,0 +1,156 @@ +# Maintainer: Timo Teras <timo.teras@iki.fi> +pkgname=openssl1.0 +_pkgname=openssl +pkgver=1.0.2o +pkgrel=0 +pkgdesc="Toolkit for SSL v2/v3 and TLS v1" +url="https://www.openssl.org" +arch="all" +license="OpenSSL" +depends_dev="zlib-dev" +makedepends_build="perl" +makedepends_host="zlib-dev" +makedepends="$makedepends_host $makedepends_build" +provides="openssl" # for backward compatibility +replaces="openssl" # for backward compatibility +subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl" +source="http://www.openssl.org/source/$_pkgname-$pkgver.tar.gz + 0002-busybox-basename.patch + 0003-use-termios.patch + 0004-fix-default-ca-path-for-apps.patch + 0005-fix-parallel-build.patch + 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch + 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch + 0009-no-rpath.patch + 0010-ssl-env-zlib.patch + 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch + 1002-backport-changes-from-upstream-padlock-module.patch + 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch + CVE-2018-0732.patch + " +builddir="$srcdir/$_pkgname-$pkgver" + +# secfixes: +# 1.0.2h-r0: +# - CVE-2016-2107 +# - CVE-2016-2105 +# - CVE-2016-2106 +# - CVE-2016-2109 +# - CVE-2016-2176 +# 1.0.2h-r1: +# - CVE-2016-2177 +# - CVE-2016-2178 +# 1.0.2h-r2: +# - CVE-2016-2180 +# 1.0.2h-r3: +# - CVE-2016-2179 +# - CVE-2016-2182 +# - CVE-2016-6302 +# - CVE-2016-6303 +# 1.0.2h-r4: +# - CVE-2016-2181 +# 1.0.2i-r0: +# - CVE-2016-2183 +# - CVE-2016-6304 +# - CVE-2016-6306 +# 1.0.2m-r0: +# - CVE-2017-3735 +# - CVE-2017-3736 +# 1.0.2n-r0: +# - CVE-2017-3737 +# - CVE-2017-3738 +# 1.0.2o-r0: +# - CVE-2017-3738 +# - CVE-2018-0733 +# - CVE-2018-0739 +# 1.0.2o-r1: +# - CVE-2018-0732 + +build() { + local _target _optflags + cd "$builddir" + + # openssl will prepend crosscompile always core CC et al + CC=${CC#${CROSS_COMPILE}} + CXX=${CXX#${CROSS_COMPILE}} + CPP=${CPP#${CROSS_COMPILE}} + + # determine target OS for openssl + case "$CARCH" in + aarch64*) _target="linux-aarch64" ;; + arm*) _target="linux-armv4" ;; + ppc64le) _target="linux-ppc64le" ;; + x86) _target="linux-elf" ;; + x86_64) _target="linux-x86_64"; _optflags="enable-ec_nistp_64_gcc_128" ;; + s390x) _target="linux64-s390x";; + *) msg "Unable to determine architecture from (CARCH=$CARCH)" ; return 1 ;; + esac + + # Configure assumes --options are for it, so can't use + # gcc's --sysroot fake this by overriding CC + [ -n "$CBUILDROOT" ] && CC="$CC --sysroot=${CBUILDROOT}" + + perl ./Configure $_target --prefix=/usr \ + --libdir=lib \ + --openssldir=/etc/ssl \ + shared zlib enable-montasm enable-md2 $_optflags \ + -DOPENSSL_NO_BUF_FREELISTS \ + $CPPFLAGS $CFLAGS $LDFLAGS -Wa,--noexecstack \ + enable-ssl2 + + make && make build-shared +} + +check() { + cd "$builddir" + make -j1 test +} + +package() { + cd "$builddir" + make INSTALL_PREFIX="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install + # remove the script c_rehash + rm "$pkgdir"/usr/bin/c_rehash +} + +dev() { + provides="openssl-dev" # for backward compatibility + replaces="openssl-dev" # for backward compatibility + + default_dev +} + +libcrypto() { + pkgdesc="Crypto library from openssl" + + mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib + for i in "$pkgdir"/usr/lib/libcrypto*; do + mv $i "$subpkgdir"/lib/ + ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/} + done + mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/ +} + +libssl() { + pkgdesc="SSL shared libraries" + + mkdir -p "$subpkgdir"/lib "$subpkgdir"/usr/lib + for i in "$pkgdir"/usr/lib/libssl*; do + mv $i "$subpkgdir"/lib/ + ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/} + done +} + +sha512sums="8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd openssl-1.0.2o.tar.gz +2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch +58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch +c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch +5d4191482f8bbf62c75fe6bc2d9587388022c3310703c2a913788a983b1d1406e706cf3916a5792604f0b0f220a87432d3b82b442cea9915f2abb6fdd8478fcb 0005-fix-parallel-build.patch +820d4ce1c222696fe3f1dd0d11815c06262ec230fdb174532fd507286667a0aefbf858ea5edac4245a54b950cd0556545ecd0c5cf494692a2ba131c667e7bcd5 0006-add-ircv3-tls-3.1-extension-support-to-s_client.patch +17ad683bb91a3a3c5bcc456c8aed7f0b42414c6de06ebafa4753af93c42d9827c9978a43d4d53d741a45df7f7895c6f6163172af57cc7b391cfd15f45ce6c351 0008-maintain-abi-compat-with-no-freelist-and-regular-bui.patch +5dbbc01985190ae1254350fb12565beb6abb916b6a7bb1f0f22d9762b1e575d124aaf9aa4cfe5f908e420978f691072d48c61a72660f09dfd6d9a2f83f862bc1 0009-no-rpath.patch +5febe20948e3f12d981e378e1f4ea538711657aacb6865a1aa91339d4a04277e250f490a1f2abc2c6f290bdc2b1bffdba1d00983b4c09f7ea983eef8163f9420 0010-ssl-env-zlib.patch +8c181760d7a149aa18d246d50f1c0438ffb63c98677b05306dfc00400ad0429b47d31e7c8d85126005c67f743d23e7a8a81174ffe98556f4caf9cf6b04d9ff17 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch +a3555440b5f544bfd6b9ad97557d8f4c1d673f6a35219f65056a72035d186be5f354717ddf9784899b602464d48657b090ade24379552d43af97609c0f48c389 1002-backport-changes-from-upstream-padlock-module.patch +6353c7a94016c20db5d683dde37775f6780952ecdb1a5f39f878d04ba37f6ad79ae10fb6d65d181d912505a5d1e22463004cd855d548b364c00b120da2b0fdbc 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch +ff91298629f157496a012da00ba7325923f5d087bfa54b60e205bf2dfb06374e958912e0df39dbdf39773555455c1a3afa3dcde1ddfec6e85cf89b0b62cc0eb4 CVE-2018-0732.patch" |