From de4f2cab643b353fe63de080c5180a2cb09f81a1 Mon Sep 17 00:00:00 2001 From: Bertrand Jacquin Date: Thu, 19 Jul 2007 21:09:52 +0200 Subject: ssl & ssh padlocked --- dev-libs/openssl/Manifest | 49 ++++ dev-libs/openssl/files/digest-openssl-0.9.8d | 6 + dev-libs/openssl/files/gentoo.config-0.9.8 | 107 ++++++++ .../files/openssl-0.9.7-alpha-default-gcc.patch | 12 + dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch | 16 ++ .../files/openssl-0.9.8-hppa-fix-detection.patch | 13 + .../files/openssl-0.9.8-make-engines-dir.patch | 10 + .../openssl/files/openssl-0.9.8-makedepend.patch | 24 ++ dev-libs/openssl/files/openssl-0.9.8-ppc64.patch | 11 + .../openssl/files/openssl-0.9.8-toolchain.patch | 29 +++ .../openssl/files/openssl-0.9.8b-doc-updates.patch | 268 +++++++++++++++++++++ .../files/openssl-0.9.8b-parallel-build.patch | 23 ++ dev-libs/openssl/openssl-0.9.8d.ebuild | 181 ++++++++++++++ net-misc/openssh/Manifest | 25 ++ net-misc/openssh/files/digest-openssh-4.5_p1-r1 | 18 ++ net-misc/openssh/files/sshd.confd | 21 ++ net-misc/openssh/files/sshd.pam_include | 8 + net-misc/openssh/files/sshd.rc6 | 76 ++++++ net-misc/openssh/openssh-4.5_p1-r1.ebuild | 171 +++++++++++++ 19 files changed, 1068 insertions(+) create mode 100644 dev-libs/openssl/Manifest create mode 100644 dev-libs/openssl/files/digest-openssl-0.9.8d create mode 100755 dev-libs/openssl/files/gentoo.config-0.9.8 create mode 100644 dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8-hppa-fix-detection.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8-makedepend.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8-ppc64.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8-toolchain.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch create mode 100644 dev-libs/openssl/files/openssl-0.9.8b-parallel-build.patch create mode 100644 dev-libs/openssl/openssl-0.9.8d.ebuild create mode 100644 net-misc/openssh/Manifest create mode 100644 net-misc/openssh/files/digest-openssh-4.5_p1-r1 create mode 100644 net-misc/openssh/files/sshd.confd create mode 100644 net-misc/openssh/files/sshd.pam_include create mode 100644 net-misc/openssh/files/sshd.rc6 create mode 100644 net-misc/openssh/openssh-4.5_p1-r1.ebuild diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest new file mode 100644 index 00000000..d2a49b69 --- /dev/null +++ b/dev-libs/openssl/Manifest @@ -0,0 +1,49 @@ +AUX gentoo.config-0.9.8 3157 RMD160 794fbfe1b01dff11a2722148e62274f38a242ef5 SHA1 fe9ee8b36dab783201a75d853f15dba6758787b6 SHA256 d34e75afa3e3661d29f8a7b0af8e7e47d39c7ba5db3b0e9cc48d6e41c58e94ed +MD5 f00a44bcd0825f71bb4255e64cae4c0d files/gentoo.config-0.9.8 3157 +RMD160 794fbfe1b01dff11a2722148e62274f38a242ef5 files/gentoo.config-0.9.8 3157 +SHA256 d34e75afa3e3661d29f8a7b0af8e7e47d39c7ba5db3b0e9cc48d6e41c58e94ed files/gentoo.config-0.9.8 3157 +AUX openssl-0.9.7-alpha-default-gcc.patch 533 RMD160 ea2d91421aa4d3f463034b40c2c81c195a71c0dd SHA1 f5ee85db45ab80b66225a222c7655b74760b94fe SHA256 814ae7c09359414e7dcd96008c82d868fba0565de2d1b3e6a4275f8cdbeefb5c +MD5 f8ff492f66404c732e4661cc4443a2e8 files/openssl-0.9.7-alpha-default-gcc.patch 533 +RMD160 ea2d91421aa4d3f463034b40c2c81c195a71c0dd files/openssl-0.9.7-alpha-default-gcc.patch 533 +SHA256 814ae7c09359414e7dcd96008c82d868fba0565de2d1b3e6a4275f8cdbeefb5c files/openssl-0.9.7-alpha-default-gcc.patch 533 +AUX openssl-0.9.7e-gentoo.patch 460 RMD160 60969fd05a15fe00d0d1c27b9098acfde28ba65e SHA1 73ff3c336dfdbeed903ac7b82486674ab4ec66a2 SHA256 ddb8d47429f3aadf3f5142293a2c38cbb9eb3927edfd1b497771337c48a11641 +MD5 f886f4a6a62eb4ec7bc718952d76900d files/openssl-0.9.7e-gentoo.patch 460 +RMD160 60969fd05a15fe00d0d1c27b9098acfde28ba65e files/openssl-0.9.7e-gentoo.patch 460 +SHA256 ddb8d47429f3aadf3f5142293a2c38cbb9eb3927edfd1b497771337c48a11641 files/openssl-0.9.7e-gentoo.patch 460 +AUX openssl-0.9.8-hppa-fix-detection.patch 724 RMD160 31f4b589133900521ac28ae200bc1a1107f3d8de SHA1 9f68d4baabd199c3478deae74194970f138f9768 SHA256 7e5a1e78eff2c32233f274df4bac528566aeece9efffd753a17aee4bbdcd05d7 +MD5 f402ee8807a8a089d1b53d0e4101bcab files/openssl-0.9.8-hppa-fix-detection.patch 724 +RMD160 31f4b589133900521ac28ae200bc1a1107f3d8de files/openssl-0.9.8-hppa-fix-detection.patch 724 +SHA256 7e5a1e78eff2c32233f274df4bac528566aeece9efffd753a17aee4bbdcd05d7 files/openssl-0.9.8-hppa-fix-detection.patch 724 +AUX openssl-0.9.8-make-engines-dir.patch 461 RMD160 78938bd399d705a2364d5f12b412a23111967944 SHA1 17b6deafa1e002f69584f9fb2d096038358f9185 SHA256 1cc5a34eb0c3c687846e4a0e3bf72c81eecf414742e9327f206ba9875f2d16b3 +MD5 8c5ab963e60bc0744408eebf48596981 files/openssl-0.9.8-make-engines-dir.patch 461 +RMD160 78938bd399d705a2364d5f12b412a23111967944 files/openssl-0.9.8-make-engines-dir.patch 461 +SHA256 1cc5a34eb0c3c687846e4a0e3bf72c81eecf414742e9327f206ba9875f2d16b3 files/openssl-0.9.8-make-engines-dir.patch 461 +AUX openssl-0.9.8-makedepend.patch 615 RMD160 aa34fbd2f32a9471f6ee820cdec921f72106cc63 SHA1 3fd4eea708482fe9140553d0d84b2d6c255526b5 SHA256 39ccead670db92f20ab33791b672313778a3e2923cb2bb6cb24297ce597a6a8e +MD5 33e223eaa4049ef18776f412cc2e8a5c files/openssl-0.9.8-makedepend.patch 615 +RMD160 aa34fbd2f32a9471f6ee820cdec921f72106cc63 files/openssl-0.9.8-makedepend.patch 615 +SHA256 39ccead670db92f20ab33791b672313778a3e2923cb2bb6cb24297ce597a6a8e files/openssl-0.9.8-makedepend.patch 615 +AUX openssl-0.9.8-ppc64.patch 1463 RMD160 d285eabc77ad8c8f8720d9047c868168ce1c8973 SHA1 261863f2e864f9850935231612e9068d8644a653 SHA256 9e521f5b76a46a56414cf49cde452f4bd96c9f42f5ac30257c0404808b125886 +MD5 4a170a962292bdd019fe303ba981e3ab files/openssl-0.9.8-ppc64.patch 1463 +RMD160 d285eabc77ad8c8f8720d9047c868168ce1c8973 files/openssl-0.9.8-ppc64.patch 1463 +SHA256 9e521f5b76a46a56414cf49cde452f4bd96c9f42f5ac30257c0404808b125886 files/openssl-0.9.8-ppc64.patch 1463 +AUX openssl-0.9.8-toolchain.patch 991 RMD160 2a8a3cc1ed798219bc3679f96ddc22f432eeeed6 SHA1 77162af3f64b2528a5a44533ca4bb665e2bd5e82 SHA256 7eb44911807102d488c75d2e2be1e44c5c532c04ed67e1a1803a8fa5cb45b0c9 +MD5 933bb8d7ab02ba7e55a104ec9030c51a files/openssl-0.9.8-toolchain.patch 991 +RMD160 2a8a3cc1ed798219bc3679f96ddc22f432eeeed6 files/openssl-0.9.8-toolchain.patch 991 +SHA256 7eb44911807102d488c75d2e2be1e44c5c532c04ed67e1a1803a8fa5cb45b0c9 files/openssl-0.9.8-toolchain.patch 991 +AUX openssl-0.9.8b-doc-updates.patch 9053 RMD160 9e4de532f156e10f4c80711e0b6da0d3396d4f9e SHA1 58c3e2a530b1e7ace70925dde4e22a2ccbf69e22 SHA256 20cd7b8150f141c3c1f73e6cd36f9444ec8910c4a59649ef89e7f874449c651c +MD5 5121762ec7850db65996d49f7d975b55 files/openssl-0.9.8b-doc-updates.patch 9053 +RMD160 9e4de532f156e10f4c80711e0b6da0d3396d4f9e files/openssl-0.9.8b-doc-updates.patch 9053 +SHA256 20cd7b8150f141c3c1f73e6cd36f9444ec8910c4a59649ef89e7f874449c651c files/openssl-0.9.8b-doc-updates.patch 9053 +AUX openssl-0.9.8b-parallel-build.patch 600 RMD160 ce857d7bfcf2039afc7ffe3d1badf9d3f374f672 SHA1 1b150a93c180300ce781be970ca68df4528076af SHA256 3219c6a1133f6df42909bcb5d30a097b88529e3964049a24dd3e9836a659f08d +MD5 d59919721f04f84d5d395c405a5be30d files/openssl-0.9.8b-parallel-build.patch 600 +RMD160 ce857d7bfcf2039afc7ffe3d1badf9d3f374f672 files/openssl-0.9.8b-parallel-build.patch 600 +SHA256 3219c6a1133f6df42909bcb5d30a097b88529e3964049a24dd3e9836a659f08d files/openssl-0.9.8b-parallel-build.patch 600 +DIST openssl-0.9.8b-sha.diff 17514 RMD160 c067344f7bc636780af710dc88930d089d83a35d SHA1 f507cecf21917c124b8220ab0759e0e0416a5ad5 SHA256 442d249524f720cb52477c44d69180a7752e8a119ff78b6ce5f62f3556689cb8 +DIST openssl-0.9.8d.tar.gz 3315566 RMD160 f2eb6c266009bbbdbdc7f01b6238c55b3fe12073 SHA1 4136fba00303a3d319d2052bfa8e1f09a2e12fc2 SHA256 022194944cc20dad917c86c916db8a4e0050df2de91b9b6740ddd4fb2daf175d +EBUILD openssl-0.9.8d.ebuild 5455 RMD160 b645d9838c8a530dd1e03175fc84e00d8d464e7b SHA1 4010fe0de6b5d345f12b82fb3a199739e9c7b026 SHA256 0257c570824ec6a63a38d64b49e56a7086fdc169df76291737b57e18519833e2 +MD5 4cd67d236d9842db023c4de5d4d1bb42 openssl-0.9.8d.ebuild 5455 +RMD160 b645d9838c8a530dd1e03175fc84e00d8d464e7b openssl-0.9.8d.ebuild 5455 +SHA256 0257c570824ec6a63a38d64b49e56a7086fdc169df76291737b57e18519833e2 openssl-0.9.8d.ebuild 5455 +MD5 e5363af2ff259d130df95888af7fdc1a files/digest-openssl-0.9.8d 494 +RMD160 5965b4bbf46b220cba0e8f4f31bfffb765d2362d files/digest-openssl-0.9.8d 494 +SHA256 9f38380aee273d2dd730f4b9f8d6ec76467b106a1f861f2afa22954c229c1b1e files/digest-openssl-0.9.8d 494 diff --git a/dev-libs/openssl/files/digest-openssl-0.9.8d b/dev-libs/openssl/files/digest-openssl-0.9.8d new file mode 100644 index 00000000..fb8d8045 --- /dev/null +++ b/dev-libs/openssl/files/digest-openssl-0.9.8d @@ -0,0 +1,6 @@ +MD5 b5c671e75c072a4a7c287255adf03b25 openssl-0.9.8b-sha.diff 17514 +RMD160 c067344f7bc636780af710dc88930d089d83a35d openssl-0.9.8b-sha.diff 17514 +SHA256 442d249524f720cb52477c44d69180a7752e8a119ff78b6ce5f62f3556689cb8 openssl-0.9.8b-sha.diff 17514 +MD5 8ed1853538e1d05a1f5ada61ebf8bffa openssl-0.9.8d.tar.gz 3315566 +RMD160 f2eb6c266009bbbdbdc7f01b6238c55b3fe12073 openssl-0.9.8d.tar.gz 3315566 +SHA256 022194944cc20dad917c86c916db8a4e0050df2de91b9b6740ddd4fb2daf175d openssl-0.9.8d.tar.gz 3315566 diff --git a/dev-libs/openssl/files/gentoo.config-0.9.8 b/dev-libs/openssl/files/gentoo.config-0.9.8 new file mode 100755 index 00000000..e2cf248e --- /dev/null +++ b/dev-libs/openssl/files/gentoo.config-0.9.8 @@ -0,0 +1,107 @@ +#!/bin/bash +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-0.9.8,v 1.16 2007/04/01 11:03:52 vapier Exp $ +# +# Openssl doesn't play along nicely with cross-compiling +# like autotools based projects, so let's teach it new tricks. +# +# Review the bundled 'config' script to see why kind of targets +# we can pass to the 'Configure' script. + + +# Testing routines +if [[ $1 == "test" ]] ; then + for c in \ + "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ + "armv5b-linux-gnu |linux-generic32 -DB_ENDIAN" \ + "x86_64-pc-linux-gnu |linux-x86_64" \ + "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ + "i686-pc-linux-gnu |linux-elf" \ + "whatever-gentoo-freebsdX.Y |BSD-generic32" \ + "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ + "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ + "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ + "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ + "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ + "powerpc-gentOO-linux-uclibc |linux-ppc" \ + "powerpc64-unk-linux-gnu |linux-ppc64" \ + ;do + CHOST=${c/|*} + ret_want=${c/*|} + ret_got=$(CHOST=${CHOST} "$0") + + if [[ ${ret_want} == "${ret_got}" ]] ; then + echo "PASS: ${CHOST}" + else + echo "FAIL: ${CHOST}" + echo -e "\twanted: ${ret_want}" + echo -e "\twe got: ${ret_got}" + fi + done + exit 0 +fi +[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 + + +# Detect the operating system +case ${CHOST} in + *-linux*) system="linux";; + *-freebsd*) system="BSD";; + *) exit 0;; +esac + + +# Compiler munging +compiler="gcc" +if [[ ${CC} == "ccc" ]] ; then + compiler=${CC} +fi + + +# Detect target arch +machine="" +chost_machine=${CHOST%%-*} +case ${system} in +linux) + case ${chost_machine} in + alphaev56*) machine=alpha+bwx-${compiler};; + alphaev[678]*)machine=alpha+bwx-${compiler};; + alpha*) machine=alpha-${compiler};; + arm*b*) machine="generic32 -DB_ENDIAN";; + arm*) machine="generic32 -DL_ENDIAN";; + # hppa64*) machine=parisc64;; + hppa*) machine="generic32 -DB_ENDIAN";; + i[0-9]86*) machine=elf;; + ia64*) machine=ia64;; + m68*) machine="generic32 -DB_ENDIAN";; + mips*el*) machine="generic32 -DL_ENDIAN";; + mips*) machine="generic32 -DB_ENDIAN";; + powerpc64*) machine=ppc64;; + powerpc*) machine=ppc;; + # sh64*) machine=elf;; + sh*b*) machine="generic32 -DB_ENDIAN";; + sh*) machine="generic32 -DL_ENDIAN";; + sparc*v7*) machine="generic32 -DB_ENDIAN";; + sparc64*) machine=sparcv9;; + sparc*) machine=sparcv8;; + s390x*) machine="generic64 -DB_ENDIAN";; + s390*) machine="generic32 -DB_ENDIAN";; + x86_64*) machine=x86_64;; + esac + ;; +BSD) + case ${chost_machine} in + alpha*) machine=generic64;; + i[6-9]86*) machine=x86-elf;; + ia64*) machine=ia64;; + sparc64*) machine=sparc64;; + x86_64*) machine=x86_64;; + *) machine=generic32;; + esac + ;; +esac + + +# If we have something, show it +[[ -n ${machine} ]] && echo ${system}-${machine} diff --git a/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch b/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch new file mode 100644 index 00000000..a56e76e1 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch @@ -0,0 +1,12 @@ +diff -ur openssl-0.9.7d.orig/config openssl-0.9.7d/config +--- openssl-0.9.7d.orig/config 2004-12-11 19:01:11.077248504 -0500 ++++ openssl-0.9.7d/config 2004-12-11 19:08:52.099162520 -0500 +@@ -452,7 +452,7 @@ + sed 's/.* C V\([0-9]\)\.\([0-9]\).*/\1\2/'` + CCCVER=${CCCVER:-0} + if [ $CCCVER -gt 60 ]; then +- CC=ccc # overrides gcc!!! well, ccc outperforms inoticeably ++ CC=gcc # overrides gcc!!! well, ccc outperforms inoticeably + # only on hash routines and des, otherwise gcc (2.95) + # keeps along rather tight... + fi diff --git a/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch b/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch new file mode 100644 index 00000000..b3753d20 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch @@ -0,0 +1,16 @@ +diff -r -c -C 2 openssl-0.9.6g-orig/test/Makefile openssl-0.9.6g/test/Makefile +*** openssl-0.9.6g-orig/test/Makefile Thu Sep 26 15:20:47 2002 +--- openssl-0.9.6g/test/Makefile Thu Sep 26 15:23:26 2002 +*************** +*** 28,32 **** + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto + LIBSSL= -L.. -lssl + +--- 28,32 ---- + DLIBCRYPTO= ../libcrypto.a + DLIBSSL= ../libssl.a +! LIBCRYPTO= -L.. -lcrypto -lcrypt + LIBSSL= -L.. -lssl + diff --git a/dev-libs/openssl/files/openssl-0.9.8-hppa-fix-detection.patch b/dev-libs/openssl/files/openssl-0.9.8-hppa-fix-detection.patch new file mode 100644 index 00000000..5ec141f9 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8-hppa-fix-detection.patch @@ -0,0 +1,13 @@ +--- config.orig 2005-10-12 01:05:03.000000000 -0400 ++++ config 2005-10-12 01:05:16.000000000 -0400 +@@ -564,8 +564,8 @@ + parisc*-*-linux2) + # 64-bit builds under parisc64 linux are not supported and + # compiler is expected to generate 32-bit objects... +- CPUARCH=`awk '/cpu family/{print substr($5,1,3); exit(0);}' /proc/cpuinfo` +- CPUSCHEDULE=`awk '/^cpu.[ ]*: PA/{print substr($3,3); exit(0);}' /proc/cpuinfo` ++ CPUARCH=`awk '/cpu family/{print substr($5,1,3); exit(0);}' /proc/cpuinfo | head -n 1` ++ CPUSCHEDULE=`awk '/^cpu.[ ]*: PA/{print substr($3,3); exit(0);}' /proc/cpuinfo | head -n 1` + + # ??TODO ?? Model transformations + # 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off diff --git a/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch b/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch new file mode 100644 index 00000000..c2a07698 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch @@ -0,0 +1,10 @@ +--- openssl-0.9.8/engines/Makefile 2005-07-06 01:19:15.000000000 +0200 ++++ openssl-0.9.8.az/engines/Makefile 2005-07-06 01:20:04.000000000 +0200 +@@ -88,6 +88,7 @@ + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ ++ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines; \ + for l in $(LIBNAMES); do \ + ( echo installing $$l; \ + if [ "$(PLATFORM)" != "Cygwin" ]; then \ diff --git a/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch b/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch new file mode 100644 index 00000000..02a9f578 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch @@ -0,0 +1,24 @@ +http://bugs.gentoo.org/149583 + +--- util/domd ++++ util/domd +@@ -14,7 +14,7 @@ + cp Makefile Makefile.save + # fake the presence of Kerberos + touch $TOP/krb5.h +-if [ "$MAKEDEPEND" = "gcc" ]; then ++if [ "$MAKEDEPEND" != "makedepend" ]; then + args="" + while [ $# -gt 0 ]; do + if [ "$1" != "--" ]; then args="$args $1"; fi +--- Makefile.org ++++ Makefile.org +@@ -69,7 +69,7 @@ + PERL= perl + TAR= tar + TARFLAGS= --no-recursion +-MAKEDEPPROG=makedepend ++MAKEDEPPROG=$(CC) + + # We let the C compiler driver to take care of .s files. This is done in + # order to be excused from maintaining a separate set of architecture diff --git a/dev-libs/openssl/files/openssl-0.9.8-ppc64.patch b/dev-libs/openssl/files/openssl-0.9.8-ppc64.patch new file mode 100644 index 00000000..511af195 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8-ppc64.patch @@ -0,0 +1,11 @@ +--- openssl-0.9.8/Configure.orig 2005-07-05 23:11:15.000000000 +0200 ++++ openssl-0.9.8/Configure 2005-07-05 23:12:12.000000000 +0200 +@@ -322,7 +322,7 @@ + #### + "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + # -bpowerpc64-linux is transient option, -m64 should be the one to use... +-"linux-ppc64", "gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-ppc64", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/dev-libs/openssl/files/openssl-0.9.8-toolchain.patch b/dev-libs/openssl/files/openssl-0.9.8-toolchain.patch new file mode 100644 index 00000000..b6773e92 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8-toolchain.patch @@ -0,0 +1,29 @@ +--- Configure ++++ Configure +@@ -928,7 +928,8 @@ + print "IsMK1MF=$IsMK1MF\n"; + + my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); +-my $cc = $fields[$idx_cc]; ++my $cc = $ENV{'CC'} || $fields[$idx_cc]; ++my $ar = $ENV{'AR'} || "ar"; + my $cflags = $fields[$idx_cflags]; + my $unistd = $fields[$idx_unistd]; + my $thread_cflag = $fields[$idx_thread_cflag]; +@@ -951,7 +951,7 @@ + my $shared_cflag = $fields[$idx_shared_cflag]; + my $shared_ldflag = $fields[$idx_shared_ldflag]; + my $shared_extension = $fields[$idx_shared_extension]; +-my $ranlib = $fields[$idx_ranlib]; ++my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib]; + my $arflags = $fields[$idx_arflags]; + + my $no_shared_warn=0; +@@ -1292,6 +1292,7 @@ + s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; + s/^PROCESSOR=.*/PROCESSOR= $processor/; + s/^RANLIB=.*/RANLIB= $ranlib/; ++ s/^AR=ar /AR= $ar /; + s/^ARFLAGS=.*/ARFLAGS= $arflags/; + s/^PERL=.*/PERL= $perl/; + s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; diff --git a/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch b/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch new file mode 100644 index 00000000..321e4861 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch @@ -0,0 +1,268 @@ +--- doc/crypto/ASN1_generate_nconf.pod ++++ doc/crypto/ASN1_generate_nconf.pod +@@ -6,6 +6,8 @@ ASN1_generate_nconf, ASN1_generate_v3 - + + =head1 SYNOPSIS + ++ #include ++ + ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); + ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); + +--- doc/crypto/ASN1_OBJECT_new.pod ++++ doc/crypto/ASN1_OBJECT_new.pod +@@ -6,6 +6,8 @@ ASN1_OBJECT_new, ASN1_OBJECT_free, - obj + + =head1 SYNOPSIS + ++ #include ++ + ASN1_OBJECT *ASN1_OBJECT_new(void); + void ASN1_OBJECT_free(ASN1_OBJECT *a); + +--- doc/crypto/ASN1_STRING_length.pod ++++ doc/crypto/ASN1_STRING_length.pod +@@ -8,6 +8,8 @@ ASN1_STRING utility functions + + =head1 SYNOPSIS + ++ #include ++ + int ASN1_STRING_length(ASN1_STRING *x); + unsigned char * ASN1_STRING_data(ASN1_STRING *x); + +--- doc/crypto/ASN1_STRING_new.pod ++++ doc/crypto/ASN1_STRING_new.pod +@@ -7,6 +7,8 @@ ASN1_STRING allocation functions + + =head1 SYNOPSIS + ++ #include ++ + ASN1_STRING * ASN1_STRING_new(void); + ASN1_STRING * ASN1_STRING_type_new(int type); + void ASN1_STRING_free(ASN1_STRING *a); +--- doc/crypto/bn_internal.pod ++++ doc/crypto/bn_internal.pod +@@ -13,6 +13,8 @@ library internal functions + + =head1 SYNOPSIS + ++ #include ++ + BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); + BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, + BN_ULONG w); +--- doc/crypto/CRYPTO_set_ex_data.pod ++++ doc/crypto/CRYPTO_set_ex_data.pod +@@ -6,6 +6,8 @@ CRYPTO_set_ex_data, CRYPTO_get_ex_data - + + =head1 SYNOPSIS + ++ #include ++ + int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg); + + void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx); +--- doc/crypto/OBJ_nid2obj.pod ++++ doc/crypto/OBJ_nid2obj.pod +@@ -8,6 +8,8 @@ functions + + =head1 SYNOPSIS + ++ #include ++ + ASN1_OBJECT * OBJ_nid2obj(int n); + const char * OBJ_nid2ln(int n); + const char * OBJ_nid2sn(int n); +--- doc/crypto/PKCS7_decrypt.pod ++++ doc/crypto/PKCS7_decrypt.pod +@@ -6,7 +6,9 @@ PKCS7_decrypt - decrypt content from a P + + =head1 SYNOPSIS + +-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); ++ #include ++ ++ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); + + =head1 DESCRIPTION + +--- doc/crypto/PKCS7_encrypt.pod ++++ doc/crypto/PKCS7_encrypt.pod +@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelope + + =head1 SYNOPSIS + +-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); ++ #include ++ ++ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); + + =head1 DESCRIPTION + +--- doc/crypto/PKCS7_sign.pod ++++ doc/crypto/PKCS7_sign.pod +@@ -6,7 +6,9 @@ PKCS7_sign - create a PKCS#7 signedData + + =head1 SYNOPSIS + +-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); ++ #include ++ ++ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); + + =head1 DESCRIPTION + +--- doc/crypto/PKCS7_verify.pod ++++ doc/crypto/PKCS7_verify.pod +@@ -6,9 +6,11 @@ PKCS7_verify - verify a PKCS#7 signedDat + + =head1 SYNOPSIS + +-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); ++ #include + +-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); ++ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); ++ ++ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); + + =head1 DESCRIPTION + +--- doc/crypto/SMIME_read_PKCS7.pod ++++ doc/crypto/SMIME_read_PKCS7.pod +@@ -6,7 +6,9 @@ SMIME_read_PKCS7 - parse S/MIME message. + + =head1 SYNOPSIS + +-PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont); ++ #include ++ ++ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont); + + =head1 DESCRIPTION + +--- doc/crypto/SMIME_write_PKCS7.pod ++++ doc/crypto/SMIME_write_PKCS7.pod +@@ -6,7 +6,9 @@ SMIME_write_PKCS7 - convert PKCS#7 struc + + =head1 SYNOPSIS + +-int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags); ++ #include ++ ++ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags); + + =head1 DESCRIPTION + +--- doc/crypto/ui_compat.pod ++++ doc/crypto/ui_compat.pod +@@ -7,6 +7,8 @@ Compatibility user interface functions + + =head1 SYNOPSIS + ++ #include ++ + int des_read_password(DES_cblock *key,const char *prompt,int verify); + int des_read_2passwords(DES_cblock *key1,DES_cblock *key2, + const char *prompt,int verify); +--- doc/crypto/X509_NAME_add_entry_by_txt.pod ++++ doc/crypto/X509_NAME_add_entry_by_txt.pod +@@ -7,15 +7,17 @@ X509_NAME_add_entry, X509_NAME_delete_en + + =head1 SYNOPSIS + +-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set); ++ #include + +-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set); ++ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set); + +-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set); ++ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set); + +-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set); ++ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set); + +-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); ++ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set); ++ ++ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); + + =head1 DESCRIPTION + +--- doc/crypto/X509_NAME_ENTRY_get_object.pod ++++ doc/crypto/X509_NAME_ENTRY_get_object.pod +@@ -9,15 +9,17 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAM + + =head1 SYNOPSIS + +-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); +-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); ++ #include + +-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); +-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len); ++ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); ++ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); + +-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len); +-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len); +-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len); ++ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); ++ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len); ++ ++ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len); ++ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len); ++ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len); + + =head1 DESCRIPTION + +--- doc/crypto/X509_NAME_get_index_by_NID.pod ++++ doc/crypto/X509_NAME_get_index_by_NID.pod +@@ -8,14 +8,16 @@ X509_NAME lookup and enumeration functio + + =head1 SYNOPSIS + +-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); +-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos); ++ #include + +-int X509_NAME_entry_count(X509_NAME *name); +-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); ++ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); ++ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos); + +-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len); +-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len); ++ int X509_NAME_entry_count(X509_NAME *name); ++ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); ++ ++ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len); ++ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len); + + =head1 DESCRIPTION + +--- doc/crypto/X509_new.pod ++++ doc/crypto/X509_new.pod +@@ -6,6 +6,8 @@ X509_new, X509_free - X509 certificate A + + =head1 SYNOPSIS + ++ #include ++ + X509 *X509_new(void); + void X509_free(X509 *a); + +--- Makefile.org ++++ Makefile.org +@@ -218,7 +218,7 @@ + MANDIR=$(OPENSSLDIR)/man + MAN1=1 + MAN3=3 +-MANSUFFIX= ++MANSUFFIX=ssl + SHELL=/bin/sh + + TOP= . diff --git a/dev-libs/openssl/files/openssl-0.9.8b-parallel-build.patch b/dev-libs/openssl/files/openssl-0.9.8b-parallel-build.patch new file mode 100644 index 00000000..64cc8ef1 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8b-parallel-build.patch @@ -0,0 +1,23 @@ +--- openssl-0.9.8b/Makefile.org ++++ openssl-0.9.8b/Makefile.org +@@ -229,15 +229,15 @@ + + build_crypto: + @dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: ++build_ssl: build_crypto + @dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: ++build_engines: build_crypto + @dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: ++build_apps: build_libs + @dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: ++build_tests: build_libs + @dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: ++build_tools: build_libs + @dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps diff --git a/dev-libs/openssl/openssl-0.9.8d.ebuild b/dev-libs/openssl/openssl-0.9.8d.ebuild new file mode 100644 index 00000000..b0884042 --- /dev/null +++ b/dev-libs/openssl/openssl-0.9.8d.ebuild @@ -0,0 +1,181 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8d.ebuild,v 1.23 2007/04/22 22:41:31 kloeri Exp $ + +inherit eutils flag-o-matic toolchain-funcs + +PADLOCK_PATCH="openssl-0.9.8b-sha.diff" + +DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" +HOMEPAGE="http://www.openssl.org/" +SRC_URI="mirror://openssl/source/${P}.tar.gz + padlock? ( http://www.logix.cz/michal/devel/padlock/${PADLOCK_PATCH} )" + +LICENSE="openssl" +SLOT="0" +KEYWORDS="-* alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86" +IUSE="bindist emacs sse2 test zlib padlock" + +RDEPEND="" +DEPEND="${RDEPEND} + sys-apps/diffutils + >=dev-lang/perl-5 + test? ( sys-devel/bc )" +PDEPEND="app-misc/ca-certificates" + +src_unpack() { + unpack ${A} + + cd "${S}" + + use padlock && epatch "${DISTDIR}"/${PADLOCK_PATCH} + + epatch "${FILESDIR}"/${PN}-0.9.8-ppc64.patch + epatch "${FILESDIR}"/${PN}-0.9.7e-gentoo.patch + epatch "${FILESDIR}"/${PN}-0.9.8-hppa-fix-detection.patch + epatch "${FILESDIR}"/${PN}-0.9.7-alpha-default-gcc.patch + epatch "${FILESDIR}"/${PN}-0.9.8b-parallel-build.patch + epatch "${FILESDIR}"/${PN}-0.9.8-make-engines-dir.patch + epatch "${FILESDIR}"/${PN}-0.9.8-toolchain.patch + epatch "${FILESDIR}"/${PN}-0.9.8b-doc-updates.patch + epatch "${FILESDIR}"/${PN}-0.9.8-makedepend.patch #149583 + + # allow openssl to be cross-compiled + cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" + chmod a+rx gentoo.config + + # Don't build manpages if we don't want them + has noman FEATURES \ + && sed -i '/^install:/s:install_docs::' Makefile.org \ + || sed -i '/^MANDIR=/s:=.*:=/usr/share/man:' Makefile.org + + # Try to derice users and work around broken ass toolchains + if [[ $(gcc-major-version) == "3" ]] ; then + filter-flags -fprefetch-loop-arrays -freduce-all-givs -funroll-loops + [[ $(tc-arch) == "ppc64" ]] && replace-flags -O? -O + fi + [[ $(tc-arch) == ppc* ]] && append-flags -fno-strict-aliasing + append-flags -Wa,--noexecstack + + # using a library directory other than lib requires some magic + sed -i \ + -e "s+\(\$(INSTALL_PREFIX)\$(INSTALLTOP)\)/lib+\1/$(get_libdir)+g" \ + -e "s+libdir=\$\${exec_prefix}/lib+libdir=\$\${exec_prefix}/$(get_libdir)+g" \ + Makefile.org engines/Makefile \ + || die "sed failed" + ./config --test-sanity || die "I AM NOT SANE" +} + +src_compile() { + tc-export CC AR RANLIB + + # Clean out patent-or-otherwise-encumbered code + # IDEA: 5,214,703 25/05/2010 + # RC5: 5,724,428 03/03/2015 + # EC: ????????? ??/??/2015 + local confopts="" + if use bindist ; then + confopts="no-idea no-rc5 no-ec" + else + confopts="enable-idea enable-rc5 enable-mdc2 enable-ec" + fi + use zlib && confopts="${confopts} zlib-dynamic" + use sse2 || confopts="${confopts} no-sse2" + + local sslout=$(./gentoo.config) + einfo "Use configuration ${sslout:-(openssl knows best)}" + local config="Configure" + [[ -z ${sslout} ]] && config="config" + ./${config} \ + ${sslout} \ + ${confopts} \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + shared threads \ + || die "Configure failed" + + # Clean out hardcoded flags that openssl uses + local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ + -e 's:^CFLAG=::' \ + -e 's:-fomit-frame-pointer ::g' \ + -e 's:-O[0-9] ::g' \ + -e 's:-march=[-a-z0-9]* ::g' \ + -e 's:-mcpu=[-a-z0-9]* ::g' \ + -e 's:-m[a-z0-9]* ::g' \ + ) + sed -i \ + -e "/^CFLAG/s:=.*:=${CFLAG} ${CFLAGS}:" \ + -e "/^SHARED_LDFLAGS=/s:$: ${LDFLAGS}:" \ + Makefile || die + + # depend is needed to use $confopts + # rehash is needed to prep the certs/ dir + emake -j1 depend || die "depend failed" + emake all rehash || die "make all failed" + + # force until we get all the gentoo.config kinks worked out + if has test ${FEATURES} && ! tc-is-cross-compiler ; then + src_test + fi +} + +src_test() { + # make sure sandbox doesnt die on *BSD + addpredict /dev/crypto + + make test || die "make test failed" +} + +src_install() { + emake -j1 INSTALL_PREFIX="${D}" install || die + dodoc CHANGES* FAQ NEWS README doc/*.txt + dohtml doc/* + + if use emacs ; then + insinto /usr/share/emacs/site-lisp + doins doc/c-indentation.el + fi + + # create the certs directory + dodir /etc/ssl/certs + cp -RP certs/* "${D}"/etc/ssl/certs/ || die "failed to install certs" + rm -r "${D}"/etc/ssl/certs/{demo,expired} + + # Namespace openssl programs to prevent conflicts with other man pages + cd "${D}"/usr/share/man + local m d s + for m in $(find . -type f | xargs grep -L '#include') ; do + d=${m%/*} ; d=${d#./} ; m=${m##*/} + [[ ${m} == openssl.1* ]] && continue + mv ${d}/{,ssl-}${m} + ln -s ssl-${m} ${d}/openssl-${m} + # locate any symlinks that point to this man page + for s in $(find ${d} -lname ${m}) ; do + s=${s##*/} + rm -f ${d}/${s} + ln -s ssl-${m} ${d}/ssl-${s} + ln -s ssl-${s} ${d}/openssl-${s} + done + done + + diropts -m0700 + keepdir /etc/ssl/private +} + +pkg_preinst() { + preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7} +} + +pkg_postinst() { + preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7} + + if [[ ${CHOST} == i686* ]] ; then + ewarn "Due to the way openssl is architected, you cannot" + ewarn "switch between optimized versions without breaking" + ewarn "ABI. The default i686 0.9.8 ABI was an unoptimized" + ewarn "version with horrible performance. This version uses" + ewarn "the optimized ABI. If you experience segfaults when" + ewarn "using ssl apps (like openssh), just re-emerge the" + ewarn "offending package." + fi +} diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest new file mode 100644 index 00000000..52af5014 --- /dev/null +++ b/net-misc/openssh/Manifest @@ -0,0 +1,25 @@ +AUX sshd.confd 396 RMD160 029680b2281961130a815ef599750c4fc4e84987 SHA1 23c283d0967944b6125be26ed4628f49abf586b2 SHA256 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 +MD5 b35e9f3829f4cfca07168fcba98749c7 files/sshd.confd 396 +RMD160 029680b2281961130a815ef599750c4fc4e84987 files/sshd.confd 396 +SHA256 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 files/sshd.confd 396 +AUX sshd.pam_include 205 RMD160 6b20ea83c69ef613d75daf43515aaec88d4cd815 SHA1 122472d859c24f7c776bb10fbfcb0221146ed056 SHA256 8d59135e96f4eff6b80c143b82cced7beb0bbca19ff91b479f1ba92916243d5e +MD5 2b66f75047edfac5d5e6cdbffa35383e files/sshd.pam_include 205 +RMD160 6b20ea83c69ef613d75daf43515aaec88d4cd815 files/sshd.pam_include 205 +SHA256 8d59135e96f4eff6b80c143b82cced7beb0bbca19ff91b479f1ba92916243d5e files/sshd.pam_include 205 +AUX sshd.rc6 2046 RMD160 68df8ff7933b7a232882b2a6140fe1a2637609b6 SHA1 c3f74dbd764d570f69e60f18a081f19e3cefb037 SHA256 6569cb934cb1d5b9016c2828ff8c79b5c8477dd27b7078c609445cfc16692e9e +MD5 c3acc27dddafb1e8c6d437e668e08c25 files/sshd.rc6 2046 +RMD160 68df8ff7933b7a232882b2a6140fe1a2637609b6 files/sshd.rc6 2046 +SHA256 6569cb934cb1d5b9016c2828ff8c79b5c8477dd27b7078c609445cfc16692e9e files/sshd.rc6 2046 +DIST openssh-4.4p1+SecurID_v1.3.2.patch 48240 RMD160 45d5734f7e65709cce581f1f85c06f60a73b825b SHA1 10bece428f6f36a0bb59b8fe9b9fb4321b544fa5 SHA256 189ad59139d86e5c808650add131af20ade00439713c3abcfac9a4e53580a196 +DIST openssh-4.5p1+x509-5.5.2.diff.gz 137561 RMD160 2e7597bc97d634ecc3d434cc714cc5b1d4076fec SHA1 5f29fbf73a991d778f81f9029fd90ffc4be9b726 SHA256 580b9b2be2a5224852f9979180fa9570059c1aa398b908dc1907d2a5a5e1f4a2 +DIST openssh-4.5p1-engines.diff 4190 RMD160 f20464e72d6138df287c694e0dc7c47c3a601b88 SHA1 ba47f2557b08c68464f1ed09cfd2767967e38670 SHA256 48e1dd6e218f9583fb896b19c7632b8b023e511dc9fc697e5834c8e7181592f6 +DIST openssh-4.5p1-hpn12v14.diff.gz 15791 RMD160 1f937174d5418d578da5d9dfab16b5cc8960efc5 SHA1 8bea17b13e7e91135785f4222252c28d08c9c887 SHA256 5cc6cd882cbb94498483b44722b3e81c8e6d7854dc2b2c57e1d56040bfdc23bd +DIST openssh-4.5p1.tar.gz 965925 RMD160 3f70b6f4228e84c7b9b8b3bee7fd3875f3e3bad3 SHA1 2eefcbbeb9e4fa16fa4500dec107d1a09d3d02d7 SHA256 7046b9d372f9e31ca654a66492310c188470480ddab300eb715dbf5e2177ae55 +DIST openssh-lpk-4.4p1-0.3.7.patch 61187 RMD160 90b0bbe07a3617f6eecb9f77c1a38c5f4dd4dcaf SHA1 b1854a4391c5d11f1a5ab09059643bbaf2278009 SHA256 c74aa642b4b2eeceb0c3f554752d172f8d5a7cd30f2aae517e93ef3bf1bd24e7 +EBUILD openssh-4.5_p1-r1.ebuild 5573 RMD160 f0f1336dffb2eb92af883b18c850f2f9bb201d0c SHA1 2cd9ca7bbd9b25a7f97645e9f453b324e5494c9a SHA256 7c95b14eb03eb2f4d150ce43744a384a10bbed67d10b66db914d354aace86201 +MD5 52ca8a17777a04b98d06be2221abca6b openssh-4.5_p1-r1.ebuild 5573 +RMD160 f0f1336dffb2eb92af883b18c850f2f9bb201d0c openssh-4.5_p1-r1.ebuild 5573 +SHA256 7c95b14eb03eb2f4d150ce43744a384a10bbed67d10b66db914d354aace86201 openssh-4.5_p1-r1.ebuild 5573 +MD5 aba975f88f0adfab72938ca76c488b61 files/digest-openssh-4.5_p1-r1 1584 +RMD160 ff35f63baac9cb01986718a9e171da1d2d3a1c5d files/digest-openssh-4.5_p1-r1 1584 +SHA256 d2234f3b58e6ce9fc342ad82e0be4aa8bec6c63355e05638f481dd5cdecbb0ea files/digest-openssh-4.5_p1-r1 1584 diff --git a/net-misc/openssh/files/digest-openssh-4.5_p1-r1 b/net-misc/openssh/files/digest-openssh-4.5_p1-r1 new file mode 100644 index 00000000..ba123bc4 --- /dev/null +++ b/net-misc/openssh/files/digest-openssh-4.5_p1-r1 @@ -0,0 +1,18 @@ +MD5 4a374fe5f6c353bc051b00781de8067c openssh-4.4p1+SecurID_v1.3.2.patch 48240 +RMD160 45d5734f7e65709cce581f1f85c06f60a73b825b openssh-4.4p1+SecurID_v1.3.2.patch 48240 +SHA256 189ad59139d86e5c808650add131af20ade00439713c3abcfac9a4e53580a196 openssh-4.4p1+SecurID_v1.3.2.patch 48240 +MD5 9a7987815f6901150f843dd21d8a339e openssh-4.5p1+x509-5.5.2.diff.gz 137561 +RMD160 2e7597bc97d634ecc3d434cc714cc5b1d4076fec openssh-4.5p1+x509-5.5.2.diff.gz 137561 +SHA256 580b9b2be2a5224852f9979180fa9570059c1aa398b908dc1907d2a5a5e1f4a2 openssh-4.5p1+x509-5.5.2.diff.gz 137561 +MD5 2b8dee2d9bfaa51d263446b3ea96f031 openssh-4.5p1-engines.diff 4190 +RMD160 f20464e72d6138df287c694e0dc7c47c3a601b88 openssh-4.5p1-engines.diff 4190 +SHA256 48e1dd6e218f9583fb896b19c7632b8b023e511dc9fc697e5834c8e7181592f6 openssh-4.5p1-engines.diff 4190 +MD5 86d3751f777c9c99663aebbb36281a0e openssh-4.5p1-hpn12v14.diff.gz 15791 +RMD160 1f937174d5418d578da5d9dfab16b5cc8960efc5 openssh-4.5p1-hpn12v14.diff.gz 15791 +SHA256 5cc6cd882cbb94498483b44722b3e81c8e6d7854dc2b2c57e1d56040bfdc23bd openssh-4.5p1-hpn12v14.diff.gz 15791 +MD5 6468c339886f78e8a149b88f695839dd openssh-4.5p1.tar.gz 965925 +RMD160 3f70b6f4228e84c7b9b8b3bee7fd3875f3e3bad3 openssh-4.5p1.tar.gz 965925 +SHA256 7046b9d372f9e31ca654a66492310c188470480ddab300eb715dbf5e2177ae55 openssh-4.5p1.tar.gz 965925 +MD5 4db76f98b1ecbcff2bda11ff8050ad71 openssh-lpk-4.4p1-0.3.7.patch 61187 +RMD160 90b0bbe07a3617f6eecb9f77c1a38c5f4dd4dcaf openssh-lpk-4.4p1-0.3.7.patch 61187 +SHA256 c74aa642b4b2eeceb0c3f554752d172f8d5a7cd30f2aae517e93ef3bf1bd24e7 openssh-lpk-4.4p1-0.3.7.patch 61187 diff --git a/net-misc/openssh/files/sshd.confd b/net-misc/openssh/files/sshd.confd new file mode 100644 index 00000000..28952b4a --- /dev/null +++ b/net-misc/openssh/files/sshd.confd @@ -0,0 +1,21 @@ +# /etc/conf.d/sshd: config file for /etc/init.d/sshd + +# Where is your sshd_config file stored? + +SSHD_CONFDIR="/etc/ssh" + + +# Any random options you want to pass to sshd. +# See the sshd(8) manpage for more info. + +SSHD_OPTS="" + + +# Pid file to use (needs to be absolute path). + +#SSHD_PIDFILE="/var/run/sshd.pid" + + +# Path to the sshd binary (needs to be absolute path). + +#SSHD_BINARY="/usr/sbin/sshd" diff --git a/net-misc/openssh/files/sshd.pam_include b/net-misc/openssh/files/sshd.pam_include new file mode 100644 index 00000000..14d9016a --- /dev/null +++ b/net-misc/openssh/files/sshd.pam_include @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth include system-auth +auth required pam_shells.so +auth required pam_nologin.so +account include system-auth +password include system-auth +session include system-auth diff --git a/net-misc/openssh/files/sshd.rc6 b/net-misc/openssh/files/sshd.rc6 new file mode 100644 index 00000000..258c3a3f --- /dev/null +++ b/net-misc/openssh/files/sshd.rc6 @@ -0,0 +1,76 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6,v 1.22 2007/02/23 10:51:48 uberlord Exp $ + +opts="reload" + +depend() { + use logger dns + need net +} + +SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh} +SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid} +SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd} + +checkconfig() { + if [ ! -d /var/empty ] ; then + mkdir -p /var/empty || return 1 + fi + + if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then + eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd" + eerror "There is a sample file in /usr/share/doc/openssh" + return 1 + fi + + gen_keys || return 1 + + "${SSHD_BINARY}" -t ${myopts} || return 1 +} + +gen_keys() { + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_key ] ; then + einfo "Generating Hostkey..." + /usr/bin/ssh-keygen -t rsa1 -b 1024 -f "${SSHD_CONFDIR}"/ssh_host_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_dsa_key ] ; then + einfo "Generating DSA-Hostkey..." + /usr/bin/ssh-keygen -d -f "${SSHD_CONFDIR}"/ssh_host_dsa_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_rsa_key ] ; then + einfo "Generating RSA-Hostkey..." + /usr/bin/ssh-keygen -t rsa -f "${SSHD_CONFDIR}"/ssh_host_rsa_key -N '' || return 1 + fi + return 0 +} + +start() { + local myopts="" + [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \ + && myopts="${myopts} -o PidFile=${SSHD_PIDFILE}" + [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \ + && myopts="${myopts} -f ${SSHD_CONFDIR}/sshd_config" + + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" \ + -- ${myopts} ${SSHD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" --quiet + eend $? +} + +reload() { + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --stop --signal HUP --oknodo \ + --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" + eend $? +} diff --git a/net-misc/openssh/openssh-4.5_p1-r1.ebuild b/net-misc/openssh/openssh-4.5_p1-r1.ebuild new file mode 100644 index 00000000..933b9fc3 --- /dev/null +++ b/net-misc/openssh/openssh-4.5_p1-r1.ebuild @@ -0,0 +1,171 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.5_p1-r1.ebuild,v 1.4 2007/04/24 22:03:29 eroyf Exp $ + +WANT_AUTOCONF="latest" +WANT_AUTOMAKE="latest" +# Please leave pam at end, so that dopamd and newpamd from eutils eclass are not used +inherit eutils flag-o-matic ccc multilib autotools pam + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_/} + +X509_PATCH="${PARCH}+x509-5.5.2.diff.gz" +SECURID_PATCH="${PARCH/4.5/4.4}+SecurID_v1.3.2.patch" +LDAP_PATCH="${PARCH/-4.5p1/-lpk-4.4p1}-0.3.7.patch" +HPN_PATCH="${PARCH}-hpn12v14.diff.gz" +PADLOCK_PATCH="openssh-4.5p1-engines.diff" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.com/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + X509? ( http://roumenpetrov.info/openssh/x509-5.5.2/${X509_PATCH} ) + ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} ) + hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} ) + smartcard? ( http://omniti.com/~jesus/projects/${SECURID_PATCH} ) + padlock? ( http://www.logix.cz/michal/devel/padlock/contrib/${PADLOCK_PATCH} )" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" +IUSE="static pam tcpd kerberos skey selinux chroot X509 ldap smartcard hpn libedit X padlock" + +RDEPEND="pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + selinux? ( >=sys-libs/libselinux-1.28 ) + skey? ( >=app-admin/skey-1.1.5-r1 ) + ldap? ( net-nds/openldap ) + libedit? ( dev-libs/libedit ) + >=dev-libs/openssl-0.9.6d + >=sys-libs/zlib-1.2.3 + smartcard? ( dev-libs/opensc ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) + X? ( x11-apps/xauth ) + userland_GNU? ( sys-apps/shadow )" +DEPEND="${RDEPEND} + dev-util/pkgconfig + virtual/os-headers + sys-devel/autoconf" +PROVIDE="virtual/ssh" + +S=${WORKDIR}/${PARCH} + +pkg_setup() { + # this sucks, but i'd rather have people unable to `emerge -u openssh` + # than not be able to log in to their server any more + local fail="" + [[ -z ${X509_PATCH} ]] && use X509 && fail="${fail} X509" + [[ -z ${SECURID_PATCH} ]] && use smartcard && fail="${fail} smartcard" + if [[ -n ${fail} ]] ; then + eerror "Sorry, but this version does not yet support features" + eerror "that you requested: ${fail}" + eerror "Please mask ${PF} for now and check back later:" + eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" + die "booooo" + fi +} + +src_unpack() { + unpack ${PARCH}.tar.gz + cd "${S}" + + sed -i \ + -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ + pathnames.h || die + + use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${PN}-4.4_p1-x509-hpn-glue.patch + use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch + use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch + use padlock && epatch "${DISTDIR}"/${PADLOCK_PATCH} + + if ! use X509 ; then + if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then + epatch "${DISTDIR}"/${SECURID_PATCH} \ + "${FILESDIR}"/${PN}-4.3_p2-securid-updates.patch \ + "${FILESDIR}"/${PN}-4.3_p2-securid-hpn-glue.patch + use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch + fi + if use ldap ; then + epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${PN}-4.4_p1-ldap-hpn-glue.patch + fi + elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then + ewarn "Sorry, X509 and smartcard/ldap don't get along, disabling smartcard/ldap" + fi + [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH} + + sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid" + + sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die + + eautoreconf +} + +src_compile() { + addwrite /dev/ptmx + addpredict /etc/skey/skeykeys #skey configure code triggers this + + local myconf="" + if use static ; then + append-ldflags -static + use pam && ewarn "Disabling pam support becuse of static flag" + myconf="${myconf} --without-pam" + else + myconf="${myconf} $(use_with pam)" + fi + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/$(get_libdir)/misc \ + --datadir=/usr/share/openssh \ + --disable-suid-ssh \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + $(use_with ldap) \ + $(use_with libedit) \ + $(use_with kerberos kerberos5 /usr) \ + $(use_with tcpd tcp-wrappers) \ + $(use_with selinux) \ + $(use_with skey) \ + $(use_with smartcard opensc) \ + ${myconf} \ + || die "bad configure" + emake || die "compile problem" +} + +src_install() { + emake install-nokeys DESTDIR="${D}" || die + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id + newinitd "${FILESDIR}"/sshd.rc6 sshd + newconfd "${FILESDIR}"/sshd.confd sshd + keepdir /var/empty + + newpamd "${FILESDIR}"/sshd.pam_include sshd + dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config + use pam \ + && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ + && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config + + diropts -m 0700 + dodir /etc/skel/.ssh +} + +pkg_postinst() { + enewgroup sshd 22 + enewuser sshd 22 -1 /var/empty sshd + + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "restart sshd: '/etc/init.d/sshd restart'." + if use pam ; then + echo + ewarn "Please be aware users need a valid shell in /etc/passwd" + ewarn "in order to be allowed to login." + fi +} -- cgit v1.2.3