Index: openssl-pkg-install.sh
===================================================================
--- openssl-pkg-install.sh (.../openssl/1.1.1r) (revision 419)
+++ openssl-pkg-install.sh (.../openssl11/1.1.1w) (nonexistent)
@@ -1,67 +0,0 @@
-#!/bin/sh
-
-# Preserve new files
-install_file() {
- NEW="$1"
- OLD="`dirname $NEW`/`basename $NEW .new`"
- # If there's no file by that name, mv it over:
- if [ ! -r $OLD ]; then
- mv $NEW $OLD
- elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
- rm $NEW
- fi
- # Otherwise, we leave the .new copy for the admin to consider...
-}
-
-
-# arg 1: the new package version
-pre_install() {
- /bin/true
-}
-
-# arg 1: the new package version
-post_install() {
- # If there is a known buggy certwatch script with no local modifications, just replace it:
- if [ "$(md5sum etc/cron.daily/certwatch 2> /dev/null)" = "f4cf63e557820781f40c4cac67a44d77 etc/cron.daily/certwatch" ]; then
- cat etc/cron.daily/certwatch.new > etc/cron.daily/certwatch
- touch -r etc/cron.daily/certwatch.new etc/cron.daily/certwatch
- fi
-
- install_file etc/ssl/openssl.cnf.new
- install_file etc/cron.daily/certwatch.new
-
- # Rehash certificates if the package is upgraded on a running system:
- # Note that we have to be sure that we are on the working system
- # on the target hardware ("proc/sys/kernel/osrelease" - relative path).
- if [ -r proc/sys/kernel/osrelease -a -x /usr/bin/c_rehash ]; then
- /usr/bin/c_rehash 1> /dev/null 2> /dev/null
- fi
-}
-
-# arg 1: the new package version
-# arg 2: the old package version
-pre_update() {
- /bin/true
-}
-
-# arg 1: the new package version
-# arg 2: the old package version
-post_update() {
- post_install
-}
-
-# arg 1: the old package version
-pre_remove() {
- /bin/true
-}
-
-# arg 1: the old package version
-post_remove() {
- /bin/true
-}
-
-
-operation=$1
-shift
-
-$operation $*
Property changes on: openssl-pkg-install.sh
___________________________________________________________________
Deleted: svn:executable
## -1 +0,0 ##
-*
\ No newline at end of property
Index: openssl-pkg-description.in
===================================================================
--- openssl-pkg-description.in (.../openssl/1.1.1r) (revision 419)
+++ openssl-pkg-description.in (.../openssl11/1.1.1w) (nonexistent)
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-----handy-ruler------------------------------------------------------|
-openssl: openssl @VERSION@ (Secure Sockets Layer toolkit)
-openssl:
-openssl: The OpenSSL certificate management tool and the shared libraries
-openssl: that provide various encryption and decryption algorithms and
-openssl: protocols.
-openssl: This product includes software developed by the OpenSSL Project for
-openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product
-openssl: includes cryptographic software written by Eric Young
-openssl: (eay@cryptsoft.com). This product includes software written by Tim
-openssl: Hudson (tjh@cryptsoft.com).
-openssl:
Index: Makefile
===================================================================
--- Makefile (.../openssl/1.1.1r) (revision 419)
+++ Makefile (.../openssl11/1.1.1w) (revision 420)
@@ -58,7 +58,7 @@
include ../../../build-system/constants.mk
-SOURCE_REQUIRES = sources/packages/n/openssl
+SOURCE_REQUIRES = sources/packages/n/openssl11
ifeq ($(__USE_BUILT_GCC_LIBS__),yes)
REQUIRES = dev/gcc/14.2.0
@@ -70,12 +70,13 @@
# ======= __END_OF_REQUIRES__ =======
-version = 1.1.1r
-tar_xz_archive = $(SRC_PACKAGE_PATH)/packages/n/openssl/openssl-$(version).tar.xz
+version = 1.1.1w
+tar_xz_archive = $(SRC_PACKAGE_PATH)/packages/n/openssl11/openssl-$(version).tar.xz
SRC_ARCHIVE = $(tar_xz_archive)
SRC_DIR = $(TARGET_BUILD_DIR)/openssl-$(version)
src_dir_name = openssl-$(version)
src_done = $(TARGET_BUILD_DIR)/.source_done
+doc_dir_name = openssl-$(version)
PATCHES = PATCHES
@@ -82,9 +83,7 @@
build_target = $(TARGET_BUILD_DIR)/.build_done
install_target = $(TARGET_BUILD_DIR)/.install_done
-cron_script = $(CURDIR)/cron/certwatch
-
####### Targets
PKG_GROUP = net
@@ -92,14 +91,14 @@
#
# *PKG_NAME & *PKG_VERSION shouldn't be a reference to value.
#
-OPENSSL_PKG_NAME = openssl
-OPENSSL_PKG_VERSION = 1.1.1r
+OPENSSL_PKG_NAME = openssl11
+OPENSSL_PKG_VERSION = 1.1.1w
OPENSSL_PKG_ARCH = $(PKGARCH)
OPENSSL_PKG_DISTRO_NAME = $(DISTRO_NAME)
OPENSSL_PKG_DISTRO_VERSION = $(DISTRO_VERSION)
OPENSSL_PKG_GROUP = $(PKG_GROUP)
### |---handy-ruler-------------------------------|
-OPENSSL_PKG_SHORT_DESCRIPTION = Secure Sockets Layer toolkit
+OPENSSL_PKG_SHORT_DESCRIPTION = Secure Sockets Layer toolkit 1.1.x
OPENSSL_PKG_URL = $(BUG_URL)
OPENSSL_PKG_LICENSE = GPLv2
OPENSSL_PKG_DESCRIPTION_FILE = $(TARGET_BUILD_DIR)/$(OPENSSL_PKG_NAME)-pkg-description
@@ -140,7 +139,7 @@
# probably not a good idea to include them as there
# are better algorithms to use.
#
-extra_configure_switches = --libdir=lib$(LIBSUFFIX)
+extra_configure_switches = --libdir=lib$(LIBSUFFIX)/openssl-1.1
extra_configure_switches += --openssldir=/etc/ssl
extra_configure_switches += no-mdc2
extra_configure_switches += no-ec2m
@@ -200,7 +199,9 @@
openssl_environment += MACHINE=$(arch) SYSTEM=Linux
+LDFLAGS += -Wl,-rpath,/lib$(LIBSUFFIX):/usr/lib$(LIBSUFFIX):/usr/lib$(LIBSUFFIX)/openssl-1.1
+
####### Dependencies
$(src_done): $(SRC_ARCHIVE) $(PATCHES_DEP)
@@ -225,64 +226,41 @@
@mkdir -p $(OPENSSL_PKG)
@cd $(SRC_DIR) && $(BUILD_ENVIRONMENT) $(MAKE) -j1 MANDIR=/usr/share/man install $(env_sysroot)
ifneq ($(__ENABLE_STATIC__),yes)
- @rm -f $(OPENSSL_PKG)/usr/lib$(LIBSUFFIX)/*.a
+ @rm -f $(OPENSSL_PKG)/usr/lib$(LIBSUFFIX)/openssl-1.1/*.a
endif
- @mv $(OPENSSL_PKG)/etc/ssl/openssl.cnf $(OPENSSL_PKG)/etc/ssl/openssl.cnf.new
- @rm $(OPENSSL_PKG)/etc/ssl/openssl.cnf.dist
- @rm $(OPENSSL_PKG)/etc/ssl/ct_log_list.cnf.dist
- # ======= Add a cron script to warn root if a certificate is going to expire soon:
- @mkdir -p $(OPENSSL_PKG)/etc/cron.daily
- @cat $(cron_script) > $(OPENSSL_PKG)/etc/cron.daily/certwatch.new
- @chmod 755 $(OPENSSL_PKG)/etc/cron.daily/certwatch.new
+ # ======= Move libraries: =======
@mkdir -p $(OPENSSL_PKG)/lib$(LIBSUFFIX)
- @( cd $(OPENSSL_PKG)/usr/lib$(LIBSUFFIX) ; \
+ @( cd $(OPENSSL_PKG)/usr/lib$(LIBSUFFIX)/openssl-1.1 ; \
chmod +w lib*.so.?.? ; \
- mv lib*.so.?.? ../../lib$(LIBSUFFIX) ; \
- ln -sf ../../lib$(LIBSUFFIX)/lib*.so.?.? . ; \
+ mv lib*.so.?.? ../../../lib$(LIBSUFFIX) ; \
+ ln -sf ../../../lib$(LIBSUFFIX)/lib*.so.?.? . ; \
ln -sf libcrypto.so.?.? libcrypto.so.1 ; \
ln -sf libssl.so.?.? libssl.so.1 ; \
- cp -a lib*.so.? ../../lib$(LIBSUFFIX) ; \
+ cp -a lib*.so.? ../../../lib$(LIBSUFFIX) ; \
)
- # ======= Fix manpage name collisions =======
- @( cd $(OPENSSL_PKG)/usr/share/man/man1 ; \
- mv passwd.1 ssl_passwd.1 ; \
- for file in *.1 ; do \
- if [ -L $$file ]; then \
- if [ "$$(readlink $$file)" = "passwd.1" ]; then \
- rm -f $$file ; \
- ln -sf ssl_passwd.1 $$file ; \
- fi ; \
- fi ; \
- done \
- )
+ # ======= Move include files: =======
+ @mkdir -p $(OPENSSL_PKG)/usr/include/openssl-1.1
+ @mv $(OPENSSL_PKG)/usr/include/openssl $(OPENSSL_PKG)/usr/include/openssl-1.1/openssl
+ @sed -e 's,/include$$,/include/openssl-1.1,' -i $(OPENSSL_PKG)/usr/lib$(LIBSUFFIX)/openssl-1.1/pkgconfig/*.pc
+ # ======= Rename openssl binary: =======
+ @mv $(OPENSSL_PKG)/usr/bin/openssl $(OPENSSL_PKG)/usr/bin/openssl-1.1
+ # ======= Remove not needed package things: =======
+ @rm -f $(OPENSSL_PKG)/usr/bin/c_rehash
+ @rm -rf $(OPENSSL_PKG)/etc
+ @rm -rf $(OPENSSL_PKG)/usr/share
# ======= Install Documentation =======
- @if [ -d $(OPENSSL_PKG)/usr/share/man ]; then \
- ( cd $(OPENSSL_PKG)/usr/share/man ; \
- for manpagedir in `find . -type d -name "man*"` ; do \
- ( cd $$manpagedir ; \
- for eachpage in `find . -type l -maxdepth 1` ; do \
- ln -s `readlink $$eachpage`.gz $$eachpage.gz ; \
- rm $$eachpage ; \
- done ; \
- gzip -9 *.? ; \
- ) \
- done \
- ) \
- fi
- @mkdir -p $(OPENSSL_PKG)/usr/doc/$(src_dir_name)
+ @mkdir -p $(OPENSSL_PKG)/usr/doc/$(doc_dir_name)
@cp -a $(SRC_DIR)/AUTHORS $(SRC_DIR)/LICENSE \
- $(OPENSSL_PKG)/usr/doc/$(src_dir_name)
- @( cd $(OPENSSL_PKG)/usr/share/doc ; \
- mv openssl $(src_dir_name) ; \
- )
+ $(OPENSSL_PKG)/usr/doc/$(doc_dir_name)
+ @mkdir -p $(OPENSSL_PKG)/usr/share/doc/$(doc_dir_name)
@( cd $(SRC_DIR) ; \
cp -a ACKNOWLEDGEMENTS AUTHORS CONTRIBUTING FAQ INSTALL LICENSE NEWS \
README README.ENGINE doc/HOWTO doc/*.txt \
- $(OPENSSL_PKG)/usr/share/doc/$(src_dir_name) ; \
+ $(OPENSSL_PKG)/usr/share/doc/$(doc_dir_name) ; \
)
@( cd $(SRC_DIR) ; \
if [ -r CHANGES ]; then \
- DOCSDIR=`echo $(OPENSSL_PKG)/usr/share/doc/$(src_dir_name)` ; \
+ DOCSDIR=`echo $(OPENSSL_PKG)/usr/share/doc/$(doc_dir_name)` ; \
cat CHANGES | head -n 1000 > $$DOCSDIR/CHANGES ; \
touch -r CHANGES $$DOCSDIR/CHANGES ; \
fi \
@@ -289,8 +267,8 @@
)
# ======= Install the same to $(TARGET_DEST_DIR) =======
$(call install-into-devenv, $(OPENSSL_PKG))
- # ======= tune pkg-config *.pc search path to the target destination for development =======
- @( cd $(TARGET_DEST_DIR)/usr/lib$(LIBSUFFIX)/pkgconfig ; \
+ # ======= Tune pkg-config *.pc search path to the target destination for development =======
+ @( cd $(TARGET_DEST_DIR)/usr/lib$(LIBSUFFIX)/openssl-1.1/pkgconfig ; \
sed -i "s,/usr,$(TARGET_DEST_DIR)/usr,g" libcrypto.pc libssl.pc openssl.pc \
)
# ======= Strip binaries =======
Index: PATCHES
===================================================================
--- PATCHES (.../openssl/1.1.1r) (revision 419)
+++ PATCHES (.../openssl11/1.1.1w) (revision 420)
@@ -0,0 +1,2 @@
+
+../../../sources/packages/n/openssl11/patches/openssl-1.1.1w-CVE-2024-5535.patch -p0
Index: openssl11-pkg-description.in
===================================================================
--- openssl11-pkg-description.in (.../openssl/1.1.1r) (nonexistent)
+++ openssl11-pkg-description.in (.../openssl11/1.1.1w) (revision 420)
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+openssl11: openssl11 @VERSION@ (Secure Sockets Layer toolkit 1.1.x)
+openssl11:
+openssl11: The OpenSSL certificate management tool and the shared libraries
+openssl11: that provide various encryption and decryption algorithms and
+openssl11: protocols.
+openssl11: This product includes software developed by the OpenSSL Project for
+openssl11: use in the OpenSSL Toolkit (http://www.openssl.org). This product
+openssl11: includes cryptographic software written by Eric Young
+openssl11: (eay@cryptsoft.com). This product includes software written by Tim
+openssl11: Hudson (tjh@cryptsoft.com).
+openssl11:
Index: openssl11-pkg-install.sh
===================================================================
--- openssl11-pkg-install.sh (.../openssl/1.1.1r) (nonexistent)
+++ openssl11-pkg-install.sh (.../openssl11/1.1.1w) (revision 420)
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+# Preserve new files
+install_file() {
+ NEW="$1"
+ OLD="`dirname $NEW`/`basename $NEW .new`"
+ # If there's no file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+
+# arg 1: the new package version
+pre_install() {
+ /bin/true
+}
+
+# arg 1: the new package version
+post_install() {
+ /bin/true
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+pre_update() {
+ /bin/true
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_update() {
+ post_install
+}
+
+# arg 1: the old package version
+pre_remove() {
+ /bin/true
+}
+
+# arg 1: the old package version
+post_remove() {
+ /bin/true
+}
+
+
+operation=$1
+shift
+
+$operation $*
Property changes on: openssl11-pkg-install.sh
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Radix cross Linux
The main Radix cross Linux repository contains the build scripts of packages, which have the most complete and common functionality for desktop machines
452 Commits
2 Branches
1 Tag