Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 399290 Details for
Bug 543826
dev-libs/openssl-1.0.1k fails with musl
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
version bump for musl
0002-dev-libs-openssl-version-bump-for-musl.patch (text/plain), 33.25 KB, created by
Travis Tilley
on 2015-03-20 02:46:38 UTC
(
hide
)
Description:
version bump for musl
Filename:
MIME Type:
Creator:
Travis Tilley
Created:
2015-03-20 02:46:38 UTC
Size:
33.25 KB
patch
obsolete
>From efaa6faa159ae509a18825cabf5cd600d7d32f0a Mon Sep 17 00:00:00 2001 >From: layman <layman@localhost> >Date: Thu, 19 Mar 2015 22:43:29 -0400 >Subject: [PATCH 2/2] dev-libs/openssl: version bump for musl > >--- > dev-libs/openssl/Manifest | 17 +- > .../files/openssl-1.0.1l-CVE-2015-0286.patch | 356 +++++++++++++++++++++ > dev-libs/openssl/openssl-1.0.1l-r99.ebuild | 261 +++++++++++++++ > 3 files changed, 627 insertions(+), 7 deletions(-) > create mode 100644 dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch > create mode 100644 dev-libs/openssl/openssl-1.0.1l-r99.ebuild > >diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest >index cf48b35..faa3460 100644 >--- a/dev-libs/openssl/Manifest >+++ b/dev-libs/openssl/Manifest >@@ -1,22 +1,25 @@ > AUX gentoo.config-1.0.1 4784 SHA256 26d1b360f094dd4e1acf47c3e830b52343c0f778dcd8f2c5b6c213b7e5192d13 SHA512 605e86cc68bbce5405b359098cc0a5abdc071a36462ca868d2fce57cabd928536fbcb0f5dea7318c96b3f9fca39b8c303601fff4442a8e68d7f99254180980e7 WHIRLPOOL eb7540c99ad4bbc60a3decd30e9d7d3816bb7cdd948c9c76950b278acec34a4737f1afaf543e9e524ea0cef8ae26008c065bef44129673e40ccaec9509052575 >-AUX openssl-1.0.0a-ldflags.patch 891 SHA256 f04cef1b912681393236f9631792cd404783586c2fd8e0f011ace6236cc6dc4a SHA512 8ced9f22e413f81ff0563793bd6b765912af16671a0d10bff0c518c44bced0177dbcd6536359ff5b6bd5d49fa5032de47c719198444254d4814e4b21301f606c WHIRLPOOL f9b2641b8df926ff5d9d5cf5a7737f5cb4a3a2be2225911ebebd944f13219acfac07d496eec9a8e91af3f50ac1275dc7b0652354e8e958a0d3f6708e641f8970 >-AUX openssl-1.0.0d-windres.patch 2890 SHA256 27664cfab4852f1a301c4020375eba029c8a1728d58829c831a36d3aa2fbe9f4 SHA512 32187d0a04c85118cc763ff1fe8c4635622294fe629b920c47e16408aa720fee2bcc42f97120f6750b59996878e0a3d249143d728a5b5775ec3a022f81bc230a WHIRLPOOL d5979143f7e637b0072f7d5f214d80f5cc0e53f54358781d7f10c0cdb15c2b52813e12d2aa07dde2b40e7a88fcb26d1d619443a8012530d90789609cf5ac4083 >-AUX openssl-1.0.0h-pkg-config.patch 1289 SHA256 542dea12747b1cb667707250e3eb3803cbdd396bd0d8e836e48a8018417dc1b8 SHA512 4d1f66dc8615cdf7c96719c8cc909c7d908089e91b0cfe2dd08ae7a332c525b5384e2eb8eb3922e89cbc035167f581eaa606ba826fca6253f16f89f66a9ef225 WHIRLPOOL cdd63a06205b0237ddef1f56df2accf29e5f43f886aed01f95711b49a3af07d87afd0953cb3c12c7e97d4a3392f7c691257dcb7ad3e97cc6fbf1cf399a8a6394 >-AUX openssl-1.0.1-parallel-build.patch 9918 SHA256 bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221 SHA512 7255b3315133e415631b2ecadc8f5c50a705b9db507c46efded0190363ce9eb31ffbfe01c500669c060878e5202f858b1d2475c64948426fbf70820b4c798ba1 WHIRLPOOL 8a8c71c3806db85d6c6b355717cb4aa1e421fa1777aa7dcd7ee817ac1e552d4b671cdd7cceef9aee1a7dc1b305eb722b1ba0219832c7a6c1b808a0c49212df05 >+AUX openssl-1.0.0a-ldflags.patch 1095 SHA256 2489ffbae4af11e1642d54992c404ca81b0c2a9c169032281f4f7778d945836f SHA512 d5a3f90ca0e9755940da525b8daba5b5d09b2b251863e9ca4f2b3b0a5db461e0aa25b2ae7a7d36d13a92ff64f2a37d4809b70aff9672c0f43398369bc7099979 WHIRLPOOL b7c2fbc833be856388110f2ac891976903e7c5dd4030249bcd79f915ae94fa93bff955ff3eaaf4a4bab306a09512bd861099c2738f5af7027174b79d023f7261 >+AUX openssl-1.0.0d-windres.patch 2912 SHA256 e5dbfd6af69bc3f69b51787cf1f6245207be9824dfffbdd9b4e278772ed8ab32 SHA512 d7a0238edea29aac7d20dca0778c67f8ae4dc0da190e5277e1b3519ae536f2c44533ac5dc1cbcd138bc4277ad669b13fca316bd962f26e2cb387f2ad3fd0111b WHIRLPOOL d62156820e55898d0a0393473c6ad8e49c5aa7bb9d3fc7043795de7102c3003d5f8b874c751e03cf832e306ac290790e871e1318bb830b3558a43e09be5b45b4 >+AUX openssl-1.0.0h-pkg-config.patch 1363 SHA256 dbbcc175f02e5edced01a13dd1e7d35dc4322c0970f78a7fd781a6c0766886af SHA512 c2f7a68c96098bd742235a40f27d6b1e5a0ebece53ca32dd0be74b85210479064efa1d5dc76e457b786067185768492fab2ed53762a22c511c2a2e3d43ed137b WHIRLPOOL 7f795dbed2124d8d2d126886d106675662f09b8e79c70fa2af3298486fdb75b7f1285dc17a53daf985bd4af1e58c36e13e49f46d18af860f0dabad1b3898c3b0 >+AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc > AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1 > AUX openssl-1.0.1c-force-termios.patch 1849 SHA256 3c5a65f2961e5fd0031b0fabe0021f8531e901a5c8674c03d2b03157a184998b SHA512 6f938fc0778040104bd7d9fdf08e1200f25337089fdb0c2df935b6f5144849be550c66a9a83699bbec5b32304de5fea2ded325505412e2e4d3439dd49ed05db9 WHIRLPOOL 44f080f5f2ba75421495865486fbacc92a1d1b32100f1c4b384430957179b49ed0e91472832db12758504c87ffca2455a03db9d56da61532f5baffdefd94b390 > AUX openssl-1.0.1e-ipv6.patch 18596 SHA256 430d15f2f62c2d7b9bbb968d3c1d3cea51c97d549e01683fd6befb20e2b60946 SHA512 15bfcafc8c173d2875954a43db19d15956619528a0fc356b6d36877f7434321071cf707d950767491261adc1e6403e56b3e014e3d0ffb6cef563daca00a128bd WHIRLPOOL d1dd63d00b166efb1ca9e5d8da931a47e571f5784e3b47780355553b4d0cf656885375e3fe7fc1554b6c5eb749371efeb370c7462e4fcc52c0dd85c6e2318ad8 > AUX openssl-1.0.1e-perl-5.18.patch 8211 SHA256 0d2263de7cd1e814cf7583a738d7c439dadb6f195793a29356186b336edc5a98 SHA512 4b56cae218af916c5d7f1006f0a17e34eebc6ee9fb08789db0b18b7e0d6ca7ea0b297efdc712f8951b4db55d15dffea33faa939d2daa42db6be61670e43f0412 WHIRLPOOL 78ced5c41dba502f93f92322516ac8774ff73ce236c7cf793f7e502822c8b0c288f2ed4360d89d2ff2bfaf969f6bd0cc12b28151eda0217197c60bf6a561d8cf >-AUX openssl-1.0.1e-s_client-verify.patch 585 SHA256 e5a7093d80a52f741a40aa6dbf85dd46dbbaa466b5093a13f0b1dffc0cd73a24 SHA512 d6d308016d6c6449703f5edcebd97c77a96bb47b2adfe7beade078055b4fe743f0b19e39cb23326678b7b908798e45557931e4b46751ba88a7f4233c3ad833bd WHIRLPOOL 0a4c8f489ab9a964f3ad753078cafdbdcd329a428acb47bf90f4500436873052a4bc5e24634f657272683c030bcf263ce28a6938d91c0c965ddb2c7207167911 >+AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7 > AUX openssl-1.0.1e-tls-ver-crash.patch 1203 SHA256 4868de1b15bea5cc695ffd22ae414b03aaa6bdd5b99313654043e29d4d0c9f76 SHA512 b87457ae5c0f2b605b47a683eb16ab2f3432873765b401a49d0ad300e3f96fa817fc5a85c6fd2c65143d355322911d6da2bdf576d0c212715d6c6b3c662e96d2 WHIRLPOOL e728ce3f2c7325469629ea0ef5a3c02860df9264a46218bdf553ad8eec56c5d4bf3fd6c63e0b67ff5734d503e4c3182f29f16ce80198b272eacca11177f48e5c > AUX openssl-1.0.1f-perl-5.18.patch 7820 SHA256 e45c6856ef35b16e150282afa59432e783943e6aee62394f8a0e79ccd469fd84 SHA512 2fcda9f76968e8a193892170b2acc06b246c5a04bda2c501fa223231af0e4b2a38afd1adaf83cce4afd4210cdfd9cae8251aeb9510f24bcb50e7aeaa9fa09364 WHIRLPOOL 38768056d2bc4cd719c88038d201f765420a7d47b5dbd73b6d86347e59b4a1fc62f5f27d6c576fb73184fcfe26917446753d871db22aeac2a205f0bd18d2bbc3 >-AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3029 SHA256 3b4b3e40f70330219a139d8562ed5ebc171c5e7ebf1ab2b29e295ccf435fb6eb SHA512 77f45b12211cb790ae362bed9417590f87a1749d6300dde408f00590ed86e7b05d05909f0a2356e5c64711319d2f8759ad452eaccc0f64c7578916b31462251f WHIRLPOOL a2140b00e69b2dc74d290db0c2d12d3d5e5ca7452710c3f3b2fdde8a06aa0f398212bd263d9a37cfea3df407aa1d26a996b852183955ca5eb4e8c061ca8cb68c >-AUX openssl-1.0.1h-ipv6.patch 18675 SHA256 4ccbabad8c6b3e6710d54beb56322cddb79a55222198466843bb101fb4b4e4c6 SHA512 fc54a6e1afc4c395b0318bc264a31fa5e26add1106c61650aa9d2027a783d5d2390d223bae858149bc460e00114008577d30c6f45fccf43fbf9ab1019bcb7d25 WHIRLPOOL 539e101f8d5f53f266793880ea0cf197f246fbccdea22b802a51cf8f85ed2a3a172525c5c8796f3b457f3a0b84654db633a0df9d297c02491da40055036f9594 >+AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3102 SHA256 6e502275b32ac0eca80f28448ae1bb88506f9135258f420fd857ea0b9b485778 SHA512 c80439da3d268e70fd492d0ca73c0a17ddb088b9330610794a338d1921ee13dad9caca4c81ca103b82a7541c8712f77e51f352ec1b1b02789d9aed291acb0cdc WHIRLPOOL cb760366c8759b1c78c5307134bb48c4fc12b1556276c2ef55455ea54725d20cb433ade966a7453f512d2feb5ae89a9798078ab535e4605366633a8e003c7ac6 >+AUX openssl-1.0.1h-ipv6.patch 17788 SHA256 7adeeb88cc544f8b210efbe2baff48fccf5029b582dff7010ae70e0e1f097d7b SHA512 0f0990d4294abcb5f3e51c84080883046a054c710b57a23f99b3323727d5e9aeb5ddeb6b6c2565b4be364f7c21419c90ce5288154e404cd663678f87e0d1c259 WHIRLPOOL cfe7a2e141a4a6252ffcfe215b16dd1082bc14a757dad7eb01bb9819de41ef0ee51a4b2dbf110c27b52e483341c337bf4d1f77f4f9f3172d2fee9e348c30af7e >+AUX openssl-1.0.1l-CVE-2015-0286.patch 10790 SHA256 3d234f4b7bd79b7de1a6fe2f42016531732c81dcb73af45edc5b280858d32cb8 SHA512 432a9e556df26e3f0059f53556dbc088cfe7e30e2c38354e7a7879bb4db204330702ab8050b9b31b3ef48badb8f0abdbf047445b71aa0c4c96f5aeb0bf16f9df WHIRLPOOL c4834efebdca3bee769819fee40099f2d83f4282db98a96da853164dae2639adaef18fe3caf87801f52e53b47752a99fd693aab66239e30344b714119c4c1c7a > DIST openssl-1.0.1i.tar.gz 4422117 SHA256 3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7 SHA512 6cbcdcec8568236e8f20f0461f93df8a193a0ad88102ff548443e6ec87e2a7f649e314beee1e6bafda693934b4fb142244b61d14bf736828dda09e277b941d93 WHIRLPOOL 4baefe8a203243d08c2ca4dc9e1019a539135604a8ddfb09b9a7f2711108ad6ebd45eef1cfa09331f19fe57defbe7e1390f9ac2de086437a484c5819cabb5a4a > DIST openssl-1.0.1j.tar.gz 4432964 SHA256 1b60ca8789ba6f03e8ef20da2293b8dc131c39d83814e775069f02d26354edf3 SHA512 a786bb99b68d88c1de79d3c5372767f091ebeefb5abc1d4883253fd3ab5a86af53389f5ff36fdd8faa27c5fb78be8bbff406392c373358697da80d250eadebb8 WHIRLPOOL 467aa3b02d04837e3281670401985e492d15b561c03b97246e3c8e61b0d3b1927332e3a226de4ed5bd02265a04fb31ce84c3501f4af9685633d00a9b43c56978 > DIST openssl-1.0.1k.tar.gz 4434910 SHA256 8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c SHA512 8b000fbd1bf919d9913a314f99aedd48a69f6caa4ccf43237889e73e08cbe0d82bfc27e9c7c4cade09fc459f91d6c4a831a9b3fc8bca0344fb864eadd7d1e8e8 WHIRLPOOL 5236a966d610c971e473cfc30e5412a72eef116fd259ada9c50da08bcd4ca967f80bb19babf530b4e5b9f1f24e9275e00391eb2e12a26d4544f593e2b4ba20b8 >+DIST openssl-1.0.1l.tar.gz 4429979 SHA256 b2cf4d48fe5d49f240c61c9e624193a6f232b5ed0baf010681e725963c40d1d4 SHA512 27fe42f33815a3aafff75f2b9a5604c328fe5945c5cecaca74e5d2c2a1e066d64ddcc1fdb14b54fc7523cc730ab8a57d7d56b2879c289e86673f91fee0cca65e WHIRLPOOL 79f5698585c68ba647fcdfc4b342a43d06d69230658ca1bc265dd10d8da939c3e27b9a4125bd2adfbf50002b1dddef18be086dfc23a5050e69fb77350131909f > DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1 > EBUILD openssl-1.0.1i-r99.ebuild 8253 SHA256 dc8968fd4bf6b3b411830b7595a930da7b1d650bb16f19df3230f88ab1da049d SHA512 11df471e90ca2cbd39da411a491c9aa2e0afcd92fbcaa544ba2becda4a9fdb898cfafe416ec1c33e056c1c33c0e391bced26cf54874aa416a28a760fbeec5c9f WHIRLPOOL 6894250255bd7795c265c2a068b34ac46afb7204bef11e92bb69b227ee7d91a0bfdd2a8761746aeaa8cd1c61d00ec6f248c2ae49491122ac7b3cc163190b9cea > EBUILD openssl-1.0.1j-r99.ebuild 8702 SHA256 fecb57c49f7204e493712133b2d66b7683191fc538b4a49ec99d034682593d1b SHA512 5ed7256e544f1cc7097c3aa35b9b7e0a61a4afc565e876ee56fbd7d286f9f04184d31095431cd4cc109dee4c09dadfc360bed3ba5ce8c442170ffc079e22d9a1 WHIRLPOOL cae51be227c1dab31cbd339d58d23ad6e301d58171f564f9b1f8c20f4170103023bf636888f05cd23b579fcece5b7f9c6354962bdf50bdfd57d410b3c9d9675f > EBUILD openssl-1.0.1k-r99.ebuild 8702 SHA256 344303432380e2f0ea53ee64ca1a6cb8dfd2fbbddad419c26173f032a9d912e5 SHA512 3b8905b5f864ce18ac6241be4187ce0a2f9db465b3b09a42ce301307f3c82a65339308019a27c0541a383a3f03f3d38962aa909800d9ae2859b6e37fcdc5a3fc WHIRLPOOL 1ceb2f34f0f1f95ac27f36765e02b7797063a74333944e29a607639bf4aeed1bc3557ff50a73714fb87e689abbce0a226ddcf5c2352fc94f081815923e69fcc2 >+EBUILD openssl-1.0.1l-r99.ebuild 8936 SHA256 799412294dae22e173d59877717badb63ed427f7ca60bc1c15eb48faf7c509c4 SHA512 a32610227322954a2cf18cb1e0ce6e3bc957a90fd1111ee68ed3c6a550ff4b7a25bc52f8db91b943dd38f93e91eab9257fc888c47c3a04faf28db0921c0082ea WHIRLPOOL e0edfe12ad42a37b341bfbeb84b23ac6d5e07c8e44d9570c45d38c1cdc0cc16cef309354578b0ca29763710efee34acf00ad430c86849436721adb6ba7858147 > MISC metadata.xml 537 SHA256 dfb61bab6de1d7e943f92be14ed54fb9275d568a11d6ba29e395f23f547603ee SHA512 0417c438c7f9586c7bbe7694707fec94f2ecf6fb59e36bc87d707fab0b24346a6c9fac5e58c69302e767cd8a7e50a508cdb2430b2cdf8fcc88921286e09756e1 WHIRLPOOL 0f21bab1258c7ee675c27cb7d78a90985437dc8d001a232661657549cebd9f2f26802686435bdd3a1346c5a0ff14bfffa740d6ded2288dc211ad0183f5b3f686 >diff --git a/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch b/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch >new file mode 100644 >index 0000000..811f573 >--- /dev/null >+++ b/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch >@@ -0,0 +1,356 @@ >+--- openssl-1.0.1l/crypto/asn1/a_type.c >++++ openssl-1.0.1l/crypto/asn1/a_type.c >+@@ -124,6 +124,9 @@ >+ case V_ASN1_OBJECT: >+ result = OBJ_cmp(a->value.object, b->value.object); >+ break; >++ case V_ASN1_BOOLEAN: >++ result = a->value.boolean - b->value.boolean; >++ break; >+ case V_ASN1_NULL: >+ result = 0; /* They do not have content. */ >+ break; >+--- openssl-1.0.1l/crypto/asn1/tasn_dec.c >++++ openssl-1.0.1l/crypto/asn1/tasn_dec.c >+@@ -130,11 +130,17 @@ >+ { >+ ASN1_TLC c; >+ ASN1_VALUE *ptmpval = NULL; >+- if (!pval) >+- pval = &ptmpval; >+ asn1_tlc_clear_nc(&c); >+- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) >+- return *pval; >++ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) >++ ptmpval = *pval; >++ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { >++ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { >++ if (*pval) >++ ASN1_item_free(*pval, it); >++ *pval = ptmpval; >++ } >++ return ptmpval; >++ } >+ return NULL; >+ } >+ >+@@ -311,9 +317,16 @@ >+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) >+ goto auxerr; >+ >+- /* Allocate structure */ >+- if (!*pval && !ASN1_item_ex_new(pval, it)) >+- { >++ if (*pval) { >++ /* Free up and zero CHOICE value if initialised */ >++ i = asn1_get_choice_selector(pval, it); >++ if ((i >= 0) && (i < it->tcount)) { >++ tt = it->templates + i; >++ pchptr = asn1_get_field_ptr(pval, tt); >++ ASN1_template_free(pchptr, tt); >++ asn1_set_choice_selector(pval, -1, it); >++ } >++ } else if (!ASN1_item_ex_new(pval, it)) { >+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, >+ ERR_R_NESTED_ASN1_ERROR); >+ goto err; >+@@ -407,6 +420,17 @@ >+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) >+ goto auxerr; >+ >++ /* Free up and zero any ADB found */ >++ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { >++ if (tt->flags & ASN1_TFLG_ADB_MASK) { >++ const ASN1_TEMPLATE *seqtt; >++ ASN1_VALUE **pseqval; >++ seqtt = asn1_do_adb(pval, tt, 1); >++ pseqval = asn1_get_field_ptr(pval, seqtt); >++ ASN1_template_free(pseqval, seqtt); >++ } >++ } >++ >+ /* Get each field entry */ >+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) >+ { >+--- openssl-1.0.1l/crypto/pkcs7/pk7_doit.c >++++ openssl-1.0.1l/crypto/pkcs7/pk7_doit.c >+@@ -272,6 +272,25 @@ >+ PKCS7_RECIP_INFO *ri=NULL; >+ ASN1_OCTET_STRING *os=NULL; >+ >++ if (p7 == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); >++ return NULL; >++ } >++ /* >++ * The content field in the PKCS7 ContentInfo is optional, but that really >++ * only applies to inner content (precisely, detached signatures). >++ * >++ * When reading content, missing outer content is therefore treated as an >++ * error. >++ * >++ * When creating content, PKCS7_content_new() must be called before >++ * calling this method, so a NULL p7->d is always an error. >++ */ >++ if (p7->d.ptr == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); >++ return NULL; >++ } >++ >+ i=OBJ_obj2nid(p7->type); >+ p7->state=PKCS7_S_HEADER; >+ >+@@ -433,6 +452,16 @@ >+ unsigned char *ek = NULL, *tkey = NULL; >+ int eklen = 0, tkeylen = 0; >+ >++ if (p7 == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); >++ return NULL; >++ } >++ >++ if (p7->d.ptr == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); >++ return NULL; >++ } >++ >+ i=OBJ_obj2nid(p7->type); >+ p7->state=PKCS7_S_HEADER; >+ >+@@ -752,6 +781,16 @@ >+ STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; >+ ASN1_OCTET_STRING *os=NULL; >+ >++ if (p7 == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); >++ return 0; >++ } >++ >++ if (p7->d.ptr == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); >++ return 0; >++ } >++ >+ EVP_MD_CTX_init(&ctx_tmp); >+ i=OBJ_obj2nid(p7->type); >+ p7->state=PKCS7_S_HEADER; >+@@ -796,6 +835,7 @@ >+ /* If detached data then the content is excluded */ >+ if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { >+ M_ASN1_OCTET_STRING_free(os); >++ os = NULL; >+ p7->d.sign->contents->d.data = NULL; >+ } >+ break; >+@@ -806,6 +846,7 @@ >+ if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) >+ { >+ M_ASN1_OCTET_STRING_free(os); >++ os = NULL; >+ p7->d.digest->contents->d.data = NULL; >+ } >+ break; >+@@ -878,24 +919,31 @@ >+ M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); >+ } >+ >+- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) >+- { >++ if (!PKCS7_is_detached(p7)) { >++ /* >++ * NOTE(emilia): I think we only reach os == NULL here because detached >++ * digested data support is broken. >++ */ >++ if (os == NULL) >++ goto err; >++ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { >+ char *cont; >+ long contlen; >+- btmp=BIO_find_type(bio,BIO_TYPE_MEM); >+- if (btmp == NULL) >+- { >+- PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); >+- goto err; >+- } >++ btmp = BIO_find_type(bio, BIO_TYPE_MEM); >++ if (btmp == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); >++ goto err; >++ } >+ contlen = BIO_get_mem_data(btmp, &cont); >+- /* Mark the BIO read only then we can use its copy of the data >++ /* >++ * Mark the BIO read only then we can use its copy of the data >+ * instead of making an extra copy. >+ */ >+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); >+ BIO_set_mem_eof_return(btmp, 0); >+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen); >+- } >++ } >++ } >+ ret=1; >+ err: >+ EVP_MD_CTX_cleanup(&ctx_tmp); >+@@ -971,6 +1019,16 @@ >+ STACK_OF(X509) *cert; >+ X509 *x509; >+ >++ if (p7 == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); >++ return 0; >++ } >++ >++ if (p7->d.ptr == NULL) { >++ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); >++ return 0; >++ } >++ >+ if (PKCS7_type_is_signed(p7)) >+ { >+ cert=p7->d.sign->cert; >+--- openssl-1.0.1l/crypto/pkcs7/pk7_lib.c >++++ openssl-1.0.1l/crypto/pkcs7/pk7_lib.c >+@@ -71,6 +71,7 @@ >+ >+ switch (cmd) >+ { >++ /* NOTE(emilia): does not support detached digested data. */ >+ case PKCS7_OP_SET_DETACHED_SIGNATURE: >+ if (nid == NID_pkcs7_signed) >+ { >+@@ -459,6 +460,8 @@ >+ >+ STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) >+ { >++ if (p7 == NULL || p7->d.ptr == NULL) >++ return NULL; >+ if (PKCS7_type_is_signed(p7)) >+ { >+ return(p7->d.sign->signer_info); >+--- openssl-1.0.1l/doc/crypto/d2i_X509.pod >++++ openssl-1.0.1l/doc/crypto/d2i_X509.pod >+@@ -199,6 +199,12 @@ >+ persist if they are not present in the new one. As a result the use >+ of this "reuse" behaviour is strongly discouraged. >+ >++Current versions of OpenSSL will not modify B<*px> if an error occurs. >++If parsing succeeds then B<*px> is freed (if it is not NULL) and then >++set to the value of the newly decoded structure. As a result B<*px> >++B<must not> be allocated on the stack or an attempt will be made to >++free an invalid pointer. >++ >+ i2d_X509() will not return an error in many versions of OpenSSL, >+ if mandatory fields are not initialized due to a programming error >+ then the encoded structure may contain invalid data or omit the >+@@ -210,7 +216,9 @@ >+ >+ d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure >+ or B<NULL> if an error occurs. The error code that can be obtained by >+-L<ERR_get_error(3)|ERR_get_error(3)>. >++L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used >++with a valid X509 structure being passed in via B<px> then the object is not >++modified in the event of error. >+ >+ i2d_X509() returns the number of bytes successfully encoded or a negative >+ value if an error occurs. The error code can be obtained by >+--- openssl-1.0.1l/ssl/s2_lib.c >++++ openssl-1.0.1l/ssl/s2_lib.c >+@@ -488,7 +488,7 @@ >+ >+ OPENSSL_assert(s->session->master_key_length >= 0 >+ && s->session->master_key_length >+- < (int)sizeof(s->session->master_key)); >++ <= (int)sizeof(s->session->master_key)); >+ EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); >+ EVP_DigestUpdate(&ctx,&c,1); >+ c++; >+--- openssl-1.0.1l/ssl/s2_srvr.c >++++ openssl-1.0.1l/ssl/s2_srvr.c >+@@ -454,10 +454,6 @@ >+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); >+ return(-1); >+ } >+- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, >+- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), >+- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); >+- >+ is_export=SSL_C_IS_EXPORT(s->session->cipher); >+ >+ if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) >+@@ -475,21 +471,59 @@ >+ else >+ ek=5; >+ >++ /* >++ * The format of the CLIENT-MASTER-KEY message is >++ * 1 byte message type >++ * 3 bytes cipher >++ * 2-byte clear key length (stored in s->s2->tmp.clear) >++ * 2-byte encrypted key length (stored in s->s2->tmp.enc) >++ * 2-byte key args length (IV etc) >++ * clear key >++ * encrypted key >++ * key args >++ * >++ * If the cipher is an export cipher, then the encrypted key bytes >++ * are a fixed portion of the total key (5 or 8 bytes). The size of >++ * this portion is in |ek|. If the cipher is not an export cipher, >++ * then the entire key material is encrypted (i.e., clear key length >++ * must be zero). >++ */ >++ if ((!is_export && s->s2->tmp.clear != 0) || >++ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { >++ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); >++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); >++ return -1; >++ } >++ /* >++ * The encrypted blob must decrypt to the encrypted portion of the key. >++ * Decryption can't be expanding, so if we don't have enough encrypted >++ * bytes to fit the key in the buffer, stop now. >++ */ >++ if ((is_export && s->s2->tmp.enc < ek) || >++ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { >++ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); >++ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); >++ return -1; >++ } >++ >++ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, >++ &(p[s->s2->tmp.clear]), >++ &(p[s->s2->tmp.clear]), >++ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : >++ RSA_PKCS1_PADDING); >++ >+ /* bad decrypt */ >+ #if 1 >+ /* If a bad decrypt, continue with protocol but with a >+ * random master secret (Bleichenbacher attack) */ >+- if ((i < 0) || >+- ((!is_export && (i != EVP_CIPHER_key_length(c))) >+- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != >+- (unsigned int)EVP_CIPHER_key_length(c)))))) >+- { >++ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) >++ || (is_export && i != ek))) { >+ ERR_clear_error(); >+ if (is_export) >+ i=ek; >+ else >+ i=EVP_CIPHER_key_length(c); >+- if (RAND_pseudo_bytes(p,i) <= 0) >++ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) >+ return 0; >+ } >+ #else >+@@ -513,7 +547,8 @@ >+ } >+ #endif >+ >+- if (is_export) i+=s->s2->tmp.clear; >++ if (is_export) >++ i = EVP_CIPHER_key_length(c); >+ >+ if (i > SSL_MAX_MASTER_KEY_LENGTH) >+ { >diff --git a/dev-libs/openssl/openssl-1.0.1l-r99.ebuild b/dev-libs/openssl/openssl-1.0.1l-r99.ebuild >new file mode 100644 >index 0000000..5b9d3dc >--- /dev/null >+++ b/dev-libs/openssl/openssl-1.0.1l-r99.ebuild >@@ -0,0 +1,261 @@ >+# Copyright 1999-2015 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1l-r1.ebuild,v 1.5 2015/03/19 18:03:39 vapier Exp $ >+ >+EAPI="4" >+ >+inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal >+ >+REV="1.7" >+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" >+HOMEPAGE="http://www.openssl.org/" >+SRC_URI="mirror://openssl/source/${P}.tar.gz >+ http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" >+ >+LICENSE="openssl" >+SLOT="0" >+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" >+IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" >+RESTRICT="!bindist? ( bindist )" >+ >+# The blocks are temporary just to make sure people upgrade to a >+# version that lack runtime version checking. We'll drop them in >+# the future. >+RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) >+ zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) >+ kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) >+ abi_x86_32? ( >+ !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 >+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] >+ ) >+ !<net-misc/openssh-5.9_p1-r4 >+ !<net-libs/neon-0.29.6-r1" >+DEPEND="${RDEPEND} >+ sys-apps/diffutils >+ >=dev-lang/perl-5 >+ test? ( sys-devel/bc )" >+PDEPEND="app-misc/ca-certificates" >+ >+src_unpack() { >+ unpack ${P}.tar.gz >+ SSL_CNF_DIR="/etc/ssl" >+ sed \ >+ -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ >+ -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ >+ "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ >+ > "${WORKDIR}"/c_rehash || die #416717 >+} >+ >+MULTILIB_WRAPPED_HEADERS=( >+ usr/include/openssl/opensslconf.h >+) >+ >+src_prepare() { >+ # Make sure we only ever touch Makefile.org and avoid patching a file >+ # that gets blown away anyways by the Configure script in src_configure >+ rm -f Makefile >+ >+ if ! use vanilla ; then >+ epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 >+ epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 >+ epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch >+ epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch >+ epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch >+ epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch >+ epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 >+ epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 >+ epatch "${FILESDIR}"/${PN}-1.0.1l-CVE-2015-0286.patch #543552 >+ epatch "${FILESDIR}"/${PN}-1.0.1c-force-termios.patch >+ epatch_user #332661 >+ fi >+ >+ # disable fips in the build >+ # make sure the man pages are suffixed #302165 >+ # don't bother building man pages if they're disabled >+ sed -i \ >+ -e '/DIRS/s: fips : :g' \ >+ -e '/^MANSUFFIX/s:=.*:=ssl:' \ >+ -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ >+ -e $(has noman FEATURES \ >+ && echo '/^install:/s:install_docs::' \ >+ || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ >+ Makefile.org \ >+ || die >+ # show the actual commands in the log >+ sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared >+ >+ # since we're forcing $(CC) as makedep anyway, just fix >+ # the conditional as always-on >+ # helps clang (#417795), and versioned gcc (#499818) >+ sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die >+ >+ # quiet out unknown driver argument warnings since openssl >+ # doesn't have well-split CFLAGS and we're making it even worse >+ # and 'make depend' uses -Werror for added fun (#417795 again) >+ [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments >+ >+ # allow openssl to be cross-compiled >+ cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die >+ chmod a+rx gentoo.config >+ >+ append-flags -fno-strict-aliasing >+ append-flags $(test-flags-CC -Wa,--noexecstack) >+ >+ sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 >+ # The config script does stupid stuff to prompt the user. Kill it. >+ sed -i '/stty -icanon min 0 time 50; read waste/d' config || die >+ ./config --test-sanity || die "I AM NOT SANE" >+ >+ multilib_copy_sources >+} >+ >+multilib_src_configure() { >+ unset APPS #197996 >+ unset SCRIPTS #312551 >+ unset CROSS_COMPILE #311473 >+ >+ tc-export CC AR RANLIB RC >+ >+ # Clean out patent-or-otherwise-encumbered code >+ # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) >+ # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm >+ # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography >+ # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 >+ # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 >+ >+ use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } >+ echoit() { echo "$@" ; "$@" ; } >+ >+ local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") >+ >+ # See if our toolchain supports __uint128_t. If so, it's 64bit >+ # friendly and can use the nicely optimized code paths. #460790 >+ local ec_nistp_64_gcc_128 >+ # Disable it for now though #469976 >+ #if ! use bindist ; then >+ # echo "__uint128_t i;" > "${T}"/128.c >+ # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then >+ # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" >+ # fi >+ #fi >+ >+ local sslout=$(./gentoo.config) >+ einfo "Use configuration ${sslout:-(openssl knows best)}" >+ local config="Configure" >+ [[ -z ${sslout} ]] && config="config" >+ >+ echoit \ >+ ./${config} \ >+ ${sslout} \ >+ $(use cpu_flags_x86_sse2 || echo "no-sse2") \ >+ enable-camellia \ >+ $(use_ssl !bindist ec) \ >+ ${ec_nistp_64_gcc_128} \ >+ enable-idea \ >+ enable-mdc2 \ >+ $(use_ssl !bindist rc5) \ >+ enable-tlsext \ >+ $(use_ssl gmp gmp -lgmp) \ >+ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ >+ $(use_ssl rfc3779) \ >+ $(use_ssl tls-heartbeat heartbeats) \ >+ $(use_ssl zlib) \ >+ --prefix="${EPREFIX}"/usr \ >+ --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ >+ --libdir=$(get_libdir) \ >+ shared threads \ >+ || die >+ >+ # Clean out hardcoded flags that openssl uses >+ local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ >+ -e 's:^CFLAG=::' \ >+ -e 's:-fomit-frame-pointer ::g' \ >+ -e 's:-O[0-9] ::g' \ >+ -e 's:-march=[-a-z0-9]* ::g' \ >+ -e 's:-mcpu=[-a-z0-9]* ::g' \ >+ -e 's:-m[a-z0-9]* ::g' \ >+ ) >+ sed -i \ >+ -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ >+ -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ >+ Makefile || die >+} >+ >+multilib_src_compile() { >+ # depend is needed to use $confopts; it also doesn't matter >+ # that it's -j1 as the code itself serializes subdirs >+ emake -j1 depend >+ emake all >+ # rehash is needed to prep the certs/ dir; do this >+ # separately to avoid parallel build issues. >+ emake rehash >+} >+ >+multilib_src_test() { >+ emake -j1 test >+} >+ >+multilib_src_install() { >+ emake INSTALL_PREFIX="${D}" install >+} >+ >+multilib_src_install_all() { >+ dobin "${WORKDIR}"/c_rehash #333117 >+ dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el >+ dohtml -r doc/* >+ use rfc3779 && dodoc engines/ccgost/README.gost >+ >+ # This is crappy in that the static archives are still built even >+ # when USE=static-libs. But this is due to a failing in the openssl >+ # build system: the static archives are built as PIC all the time. >+ # Only way around this would be to manually configure+compile openssl >+ # twice; once with shared lib support enabled and once without. >+ use static-libs || rm -f "${ED}"/usr/lib*/lib*.a >+ >+ # create the certs directory >+ dodir ${SSL_CNF_DIR}/certs >+ cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die >+ rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} >+ >+ # Namespace openssl programs to prevent conflicts with other man pages >+ cd "${ED}"/usr/share/man >+ local m d s >+ for m in $(find . -type f | xargs grep -L '#include') ; do >+ d=${m%/*} ; d=${d#./} ; m=${m##*/} >+ [[ ${m} == openssl.1* ]] && continue >+ [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" >+ mv ${d}/{,ssl-}${m} >+ # fix up references to renamed man pages >+ sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} >+ ln -s ssl-${m} ${d}/openssl-${m} >+ # locate any symlinks that point to this man page ... we assume >+ # that any broken links are due to the above renaming >+ for s in $(find -L ${d} -type l) ; do >+ s=${s##*/} >+ rm -f ${d}/${s} >+ ln -s ssl-${m} ${d}/ssl-${s} >+ ln -s ssl-${s} ${d}/openssl-${s} >+ done >+ done >+ [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" >+ >+ dodir /etc/sandbox.d #254521 >+ echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl >+ >+ diropts -m0700 >+ keepdir ${SSL_CNF_DIR}/private >+} >+ >+pkg_preinst() { >+ has_version ${CATEGORY}/${PN}:0.9.8 && return 0 >+ preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 >+} >+ >+pkg_postinst() { >+ ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" >+ c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null >+ eend $? >+ >+ has_version ${CATEGORY}/${PN}:0.9.8 && return 0 >+ preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 >+} >-- >2.0.5 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=399290">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 543826
:
399288
| 399290
