commit: 789295f3248259c7d4421cf83ec1f8e82d012dd4 Author: James Le Cuirot <chewi <AT> gentoo <DOT> org> AuthorDate: Wed Jul 9 12:30:12 2025 +0000 Commit: James Le Cuirot <chewi <AT> gentoo <DOT> org> CommitDate: Thu Jul 10 09:11:34 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=789295f3
dev-libs/openssl: Run openssl fipsinstall via sysroot_run_prefixed helper This fixes cross-compiling. Also make failure here fatal. We don't normally `die` in pkg_preinst, but if a user explicitly asked for FIPS, then we should ensure it works by not ignoring this failure. Closes: https://github.com/gentoo/gentoo/pull/42939 Signed-off-by: James Le Cuirot <chewi <AT> gentoo.org> dev-libs/openssl/openssl-3.5.0.ebuild | 10 +++++----- dev-libs/openssl/openssl-3.5.9999.ebuild | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/dev-libs/openssl/openssl-3.5.0.ebuild b/dev-libs/openssl/openssl-3.5.0.ebuild index 41de3131f213..a7df1d73c9c6 100644 --- a/dev-libs/openssl/openssl-3.5.0.ebuild +++ b/dev-libs/openssl/openssl-3.5.0.ebuild @@ -4,7 +4,7 @@ EAPI=8 VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc -inherit edo flag-o-matic linux-info toolchain-funcs +inherit edo flag-o-matic linux-info sysroot toolchain-funcs inherit multilib multilib-minimal multiprocessing preserve-libs DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" @@ -272,11 +272,11 @@ multilib_src_install_all() { pkg_preinst() { if use fips; then # Regen fipsmodule.cnf, bug 900625 - ebegin "Running openssl fipsinstall" - "${ED}/usr/bin/openssl" fipsinstall -quiet \ + einfo "Running openssl fipsinstall" + sysroot_run_prefixed "${ED}/usr/bin/openssl" fipsinstall \ -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ - -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" - eend $? + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" \ + || die "fipsinstall failed" fi preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \ diff --git a/dev-libs/openssl/openssl-3.5.9999.ebuild b/dev-libs/openssl/openssl-3.5.9999.ebuild index 41de3131f213..a7df1d73c9c6 100644 --- a/dev-libs/openssl/openssl-3.5.9999.ebuild +++ b/dev-libs/openssl/openssl-3.5.9999.ebuild @@ -4,7 +4,7 @@ EAPI=8 VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc -inherit edo flag-o-matic linux-info toolchain-funcs +inherit edo flag-o-matic linux-info sysroot toolchain-funcs inherit multilib multilib-minimal multiprocessing preserve-libs DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)" @@ -272,11 +272,11 @@ multilib_src_install_all() { pkg_preinst() { if use fips; then # Regen fipsmodule.cnf, bug 900625 - ebegin "Running openssl fipsinstall" - "${ED}/usr/bin/openssl" fipsinstall -quiet \ + einfo "Running openssl fipsinstall" + sysroot_run_prefixed "${ED}/usr/bin/openssl" fipsinstall \ -out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \ - -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" - eend $? + -module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so" \ + || die "fipsinstall failed" fi preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
