[gentoo-commits] proj/hardened-dev:musl commit in: dev-libs/openssl/files/

Anthony G. Basile Fri, 20 Mar 2015 11:11:36 -0700

commit:     0b8e65ac58e7a78bf16107b33a7b81368e62429d
Author:     layman <layman <AT> localhost>
AuthorDate: Fri Mar 20 02:42:20 2015 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Fri Mar 20 18:05:50 2015 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-dev.git/commit/?id=0b8e65ac


dev-libs/openssl: update local patches to match non-overlay versions

Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>

 .../openssl/files/openssl-1.0.0a-ldflags.patch     |  6 ++++
 .../openssl/files/openssl-1.0.0d-windres.patch     |  2 +-
 .../openssl/files/openssl-1.0.0h-pkg-config.patch  |  2 ++
 .../files/openssl-1.0.1-parallel-build.patch       | 17 +++++++++++
 .../files/openssl-1.0.1e-s_client-verify.patch     | 13 ++++----
 ...enssl-1.0.1f-revert-alpha-perl-generation.patch |  5 ++--
 dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch   | 35 +---------------------
 7 files changed, 37 insertions(+), 43 deletions(-)

diff --git a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch 
b/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch
index c0b3bc3..7ba3984 100644
--- a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch
+++ b/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch
@@ -1,4 +1,10 @@
+http://bugs.gentoo.org/181438
 http://bugs.gentoo.org/327421
+https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest
+
+make sure we respect LDFLAGS
+
+also make sure we don't add useless -rpath flags to the system libdir
 
 --- Makefile.org
 +++ Makefile.org

diff --git a/dev-libs/openssl/files/openssl-1.0.0d-windres.patch 
b/dev-libs/openssl/files/openssl-1.0.0d-windres.patch
index 3f88980..0b360d2 100644
--- a/dev-libs/openssl/files/openssl-1.0.0d-windres.patch
+++ b/dev-libs/openssl/files/openssl-1.0.0d-windres.patch
@@ -1,4 +1,4 @@
-URL: http://rt.openssl.org/Ticket/Display.html?id=2558
+URL: http://rt.openssl.org/Ticket/Display.html?id=2558&user=guest&pass=guest
 Subject: make windres controllable via build env var settings
 
 atm, the windres code in openssl is only usable via the cross-compile prefix 

diff --git a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch 
b/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch
index 6c02182..66fd822 100644
--- a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch
+++ b/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch
@@ -1,3 +1,5 @@
+https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest
+
 depend on other pc files rather than encoding library info directly in
 every pkg-config file
 

diff --git a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch 
b/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch
index 7c804b5..19f859a 100644
--- a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch
+++ b/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch
@@ -335,3 +335,20 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
  
  # DO NOT DELETE THIS LINE -- make depend depends on it.
  
+--- a/crypto/objects/Makefile
++++ b/crypto/objects/Makefile
+@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h
+ # objects.pl both reads and writes obj_mac.num
+ obj_mac.h: objects.pl objects.txt obj_mac.num
+       $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+-      @sleep 1; touch obj_mac.h; sleep 1
+ 
+-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
++# This doesn't really need obj_mac.h, but since that rule reads & writes
++# obj_mac.num, we can't run in parallel with it.
++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
+       $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+-      @sleep 1; touch obj_xref.h; sleep 1
+ 
+ files:
+       $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO

diff --git a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch 
b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
index 8561d78..03e4f59 100644
--- a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
+++ b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
@@ -7,11 +7,12 @@ we properly fallback to setting the default paths.
 --- a/apps/s_client.c
 +++ b/apps/s_client.c
 @@ -899,7 +899,7 @@
-       if (!set_cert_key_stuff(ctx,cert,key))
-               goto end;
-
+       if (!set_cert_key_stuff(ctx,cert,key))
+               goto end;
+ 
 -      if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
 +      if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) &&
-               (!SSL_CTX_set_default_verify_paths(ctx)))
-               {
-               /* BIO_printf(bio_err,"error setting default verify 
locations\n"); */
+               (!SSL_CTX_set_default_verify_paths(ctx)))
+               {
+               /* BIO_printf(bio_err,"error setting default verify 
locations\n"); */
+

diff --git 
a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch 
b/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
index 42a6fbd..1a942d2 100644
--- a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
+++ b/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
@@ -1,6 +1,7 @@
-when gcc is given a .s file and told to preprocess it, it outputs nothing
-
 https://bugs.gentoo.org/499086
+https://rt.openssl.org/Ticket/Display.html?id=3333&user=guest&pass=guest
+
+when gcc is given a .s file and told to preprocess it, it outputs nothing
 
 From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <vap...@gentoo.org>

diff --git a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch 
b/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch
index 9143a4d..10c1ba2 100644
--- a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch
+++ b/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch
@@ -1,5 +1,4 @@
-http://rt.openssl.org/Ticket/Display.html?id=2051
-user/pass: guest/guest
+http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
 
 Forward ported from openssl-1.0.1e-ipv6.patch
 
@@ -641,35 +640,3 @@ Signed-off-by: Lars Wendler <polynomia...@gentoo.org>
                if (ret == NULL) return(NULL);
                /* else add to cache */
                if(strlen(name) < sizeof ghbn_cache[0].name)
---- openssl-1.0.1h/apps/s_socket.c.rej
-+++ openssl-1.0.1h/apps/s_socket.c.rej
-@@ -0,0 +1,29 @@
-+--- apps/s_socket.c   2 Dec 2011 14:39:40 -0000       1.43.2.3.2.2
-++++ apps/s_socket.c   28 Dec 2011 00:28:14 -0000
-+@@ -546,15 +646,23 @@
-+                      }
-+              BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
-+ 
-+-             h2=GetHostByName(*host);
-++#if OPENSSL_USE_IPV6
-++             h2=GetHostByName(*host, from.ss_family);
-++#else
-++             h2=GetHostByName(*host, from.sin_family);
-++#endif
-+              if (h2 == NULL)
-+                      {
-+                      BIO_printf(bio_err,"gethostbyname failure\n");
-+                      return(0);
-+                      }
-+-             if (h2->h_addrtype != AF_INET)
-++#if OPENSSL_USE_IPV6
-++             if (h2->h_addrtype != from.ss_family)
-++#else
-++             if (h2->h_addrtype != from.sin_family)
-++#endif
-+                      {
-+-                     BIO_printf(bio_err,"gethostbyname addr is not 
AF_INET\n");
-++                     BIO_printf(bio_err,"gethostbyname addr address is not 
correct\n");
-+                      return(0);
-+                      }
-+              }

[gentoo-commits] proj/hardened-dev:musl commit in: dev-libs/openssl/files/

Reply via email to