From 6e7b8079573af43bfaf053a97bfd763a3fa4a371 Mon Sep 17 00:00:00 2001 From: Jakub Bogusz Date: Sat, 20 Mar 2010 10:04:31 +0000 Subject: [PATCH] - updated to 0.9.8m - updated optflags,include,fips_install patches - fixed ldflags patch (patch Makefile.org, not generated Makefile) - removed obsolete libvar,CVE-2009-1377-1378-1379,parallel-build,x86_64-asm patches Changed files: openssl-CVE-2009-1377-1378-1379.patch -> 1.2 openssl-fips_install.patch -> 1.3 openssl-include.patch -> 1.3 openssl-ldflags.patch -> 1.2 openssl-libvar.patch -> 1.2 openssl-optflags.patch -> 1.20 openssl-parallel-build.patch -> 1.2 openssl-x86_64-asm.patch -> 1.2 openssl.spec -> 1.210 --- openssl-CVE-2009-1377-1378-1379.patch | 83 ----------- openssl-fips_install.patch | 11 +- openssl-include.patch | 26 ++-- openssl-ldflags.patch | 4 +- openssl-libvar.patch | 195 -------------------------- openssl-optflags.patch | 24 ++-- openssl-parallel-build.patch | 24 ---- openssl-x86_64-asm.patch | 56 -------- openssl.spec | 28 ++-- 9 files changed, 45 insertions(+), 406 deletions(-) delete mode 100644 openssl-CVE-2009-1377-1378-1379.patch delete mode 100644 openssl-libvar.patch delete mode 100644 openssl-parallel-build.patch delete mode 100644 openssl-x86_64-asm.patch diff --git a/openssl-CVE-2009-1377-1378-1379.patch b/openssl-CVE-2009-1377-1378-1379.patch deleted file mode 100644 index 873071e..0000000 --- a/openssl-CVE-2009-1377-1378-1379.patch +++ /dev/null @@ -1,83 +0,0 @@ -diff -up openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.c ---- openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos 2005-06-28 14:53:33.000000000 +0200 -+++ openssl-0.9.8k/crypto/pqueue/pqueue.c 2009-05-21 18:26:29.000000000 +0200 -@@ -234,3 +234,17 @@ pqueue_next(pitem **item) - - return ret; - } -+ -+int -+pqueue_size(pqueue_s *pq) -+{ -+ pitem *item = pq->items; -+ int count = 0; -+ -+ while(item != NULL) -+ { -+ count++; -+ item = item->next; -+ } -+ return count; -+} -diff -up openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.h ---- openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos 2009-04-21 11:43:58.000000000 +0200 -+++ openssl-0.9.8k/crypto/pqueue/pqueue.h 2009-05-21 18:26:29.000000000 +0200 -@@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq); - pitem *pqueue_next(piterator *iter); - - void pqueue_print(pqueue pq); -+int pqueue_size(pqueue pq); - - #endif /* ! HEADER_PQUEUE_H */ -diff -up openssl-0.9.8k/ssl/d1_both.c.dtls-dos openssl-0.9.8k/ssl/d1_both.c ---- openssl-0.9.8k/ssl/d1_both.c.dtls-dos 2007-10-17 23:17:49.000000000 +0200 -+++ openssl-0.9.8k/ssl/d1_both.c 2009-05-21 18:26:29.000000000 +0200 -@@ -519,6 +519,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, - - if ( s->d1->handshake_read_seq == frag->msg_header.seq) - { -+ unsigned long frag_len = frag->msg_header.frag_len; - pqueue_pop(s->d1->buffered_messages); - - al=dtls1_preprocess_fragment(s,&frag->msg_header,max); -@@ -536,7 +537,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, - if (al==0) - { - *ok = 1; -- return frag->msg_header.frag_len; -+ return frag_len; - } - - ssl3_send_alert(s,SSL3_AL_FATAL,al); -@@ -561,7 +562,16 @@ dtls1_process_out_of_seq_message(SSL *s, - if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) - goto err; - -- if (msg_hdr->seq <= s->d1->handshake_read_seq) -+ /* Try to find item in queue, to prevent duplicate entries */ -+ pq_64bit_init(&seq64); -+ pq_64bit_assign_word(&seq64, msg_hdr->seq); -+ item = pqueue_find(s->d1->buffered_messages, seq64); -+ pq_64bit_free(&seq64); -+ -+ /* Discard the message if sequence number was already there, is -+ * too far in the future or the fragment is already in the queue */ -+ if (msg_hdr->seq <= s->d1->handshake_read_seq || -+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) - { - unsigned char devnull [256]; - -diff -up openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos openssl-0.9.8k/ssl/d1_pkt.c ---- openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos 2009-04-21 11:44:02.000000000 +0200 -+++ openssl-0.9.8k/ssl/d1_pkt.c 2009-05-21 18:26:29.000000000 +0200 -@@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu - DTLS1_RECORD_DATA *rdata; - pitem *item; - -+ /* Limit the size of the queue to prevent DOS attacks */ -+ if (pqueue_size(queue->q) >= 100) -+ return 0; -+ - rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); - item = pitem_new(priority, rdata); - if (rdata == NULL || item == NULL) diff --git a/openssl-fips_install.patch b/openssl-fips_install.patch index 34d03a1..b2c5c57 100644 --- a/openssl-fips_install.patch +++ b/openssl-fips_install.patch @@ -1,14 +1,13 @@ ---- fips/Makefile.orig 2009-01-08 13:29:36.362699820 +0100 -+++ fips/Makefile 2009-01-08 13:30:25.780295482 +0100 -@@ -186,10 +186,6 @@ +--- openssl-0.9.8m/fips/Makefile.orig 2009-10-15 16:14:34.000000000 +0200 ++++ openssl-0.9.8m/fips/Makefile 2010-03-20 08:50:18.958704379 +0100 +@@ -190,10 +190,6 @@ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ done - cp -p -f $(FIPSLIBDIR)fipscanister.o $(FIPSLIBDIR)fipscanister.o.sha1 \ - $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fips_premain.c.sha1 \ -- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \ -- chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips* +- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/; \ +- chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/fips* lint: @target=lint; $(RECURSIVE_MAKE) - diff --git a/openssl-include.patch b/openssl-include.patch index 552dcf5..24bf68c 100644 --- a/openssl-include.patch +++ b/openssl-include.patch @@ -1,21 +1,27 @@ -diff -Nuard openssl-0.9.7b.orig/Makefile.org openssl-0.9.7b/Makefile.org ---- openssl-0.9.7b.orig/Makefile.org 2003-04-08 13:54:32.000000000 +0200 -+++ openssl-0.9.7b/Makefile.org 2003-08-20 21:12:53.000000000 +0200 -@@ -578,7 +578,7 @@ +--- openssl-0.9.8m/Makefile.org.orig 2010-02-25 18:21:14.000000000 +0100 ++++ openssl-0.9.8m/Makefile.org 2010-03-19 08:59:24.082711921 +0100 +@@ -441,7 +441,7 @@ @ ( echo 'prefix=$(INSTALLTOP)'; \ echo 'exec_prefix=$${prefix}'; \ - echo 'libdir=$${exec_prefix}/lib'; \ + echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ +- echo 'includedir=$${prefix}/include'; \ ++ echo 'includedir=$${prefix}/include/openssl'; \ + echo ''; \ + echo 'Name: OpenSSL-libcrypto'; \ + echo 'Description: OpenSSL cryptography library'; \ +@@ -454,7 +454,7 @@ + @ ( echo 'prefix=$(INSTALLTOP)'; \ + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ - echo 'includedir=$${prefix}/include'; \ + echo 'includedir=$${prefix}/include/openssl'; \ echo ''; \ echo 'Name: OpenSSL'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ ---- openssl-0.9.7e.orig/Makefile 2003-04-10 22:47:14.000000000 +0200 -+++ openssl-0.9.7e/Makefile 2003-08-20 21:01:09.000000000 +0200 -@@ -580,7 +580,7 @@ + echo 'Description: Secure Sockets Layer and cryptography libraries'; \ +@@ -467,7 +467,7 @@ @ ( echo 'prefix=$(INSTALLTOP)'; \ echo 'exec_prefix=$${prefix}'; \ - echo 'libdir=$${exec_prefix}/lib'; \ + echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ - echo 'includedir=$${prefix}/include'; \ + echo 'includedir=$${prefix}/include/openssl'; \ echo ''; \ diff --git a/openssl-ldflags.patch b/openssl-ldflags.patch index 4658c85..462af70 100644 --- a/openssl-ldflags.patch +++ b/openssl-ldflags.patch @@ -2,8 +2,8 @@ http://bugs.gentoo.org/181438 make sure we respect LDFLAGS ---- openssl-0.9.8h/Makefile -+++ openssl-0.9.8h/Makefile +--- openssl-0.9.8h/Makefile.org ++++ openssl-0.9.8h/Makefile.org @@ -180,6 +181,7 @@ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ diff --git a/openssl-libvar.patch b/openssl-libvar.patch deleted file mode 100644 index ad361a4..0000000 --- a/openssl-libvar.patch +++ /dev/null @@ -1,195 +0,0 @@ -diff -ur openssl-0.9.8b/apps/Makefile openssl-0.9.8b.varLIB/apps/Makefile ---- openssl-0.9.8b/apps/Makefile 2005-07-05 20:41:28.000000000 +0200 -+++ openssl-0.9.8b.varLIB/apps/Makefile 2006-07-14 21:37:55.000000000 +0200 -@@ -102,16 +102,12 @@ - @set -e; for i in $(EXE); \ - do \ - (echo installing $$i; \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ -- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ -+ install $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ - done; - @set -e; for i in $(SCRIPTS); \ - do \ - (echo installing $$i; \ -- cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ -- chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ -+ install $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ - done - @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ - chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ -Només a openssl-0.9.8b.varLIB/apps: Makefile~ -diff -ur openssl-0.9.8b/Configure openssl-0.9.8b.varLIB/Configure ---- openssl-0.9.8b/Configure 2006-07-14 21:12:31.000000000 +0200 -+++ openssl-0.9.8b.varLIB/Configure 2006-07-14 21:21:09.000000000 +0200 -@@ -561,6 +561,7 @@ - my $idx_arflags = $idx++; - - my $prefix=""; -+my $lib="lib"; - my $openssldir=""; - my $exe_ext=""; - my $install_prefix=""; -@@ -737,6 +738,10 @@ - { - $prefix=$1; - } -+ elsif (/^--lib=(.*)$/) -+ { -+ $lib=$1; -+ } - elsif (/^--openssldir=(.*)$/) - { - $openssldir=$1; -@@ -1283,6 +1288,7 @@ - s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/; - s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/; - s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; -+ s/^LIBD=.*$/LIBD=$lib/; - s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/; - s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/; - s/^PLATFORM=.*$/PLATFORM=$target/; -diff -ur openssl-0.9.8b/engines/Makefile openssl-0.9.8b.varLIB/engines/Makefile ---- openssl-0.9.8b/engines/Makefile 2006-02-04 02:49:34.000000000 +0100 -+++ openssl-0.9.8b.varLIB/engines/Makefile 2006-07-14 21:34:48.000000000 +0200 -@@ -97,13 +97,12 @@ - *DSO_DL*) sfx="sl";; \ - *) sfx="bad";; \ - esac; \ -- cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ -+ install lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/engines/lib$$l.$$sfx; \ - else \ - sfx="so"; \ -- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ -+ install cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/engines/lib$$l.$$sfx; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx ); \ -+ ); \ - done; \ - fi - -diff -ur openssl-0.9.8b/Makefile.org openssl-0.9.8b.varLIB/Makefile.org ---- openssl-0.9.8b/Makefile.org 2006-07-14 21:12:31.000000000 +0200 -+++ openssl-0.9.8b.varLIB/Makefile.org 2006-07-14 21:32:12.000000000 +0200 -@@ -25,6 +25,7 @@ - # Normally it is left empty. - INSTALL_PREFIX= - INSTALLTOP=/usr/local/ssl -+LIBD=lib - - # Do not edit this manually. Use Configure --openssldir=DIR do change this! - OPENSSLDIR=/usr/local/ssl -@@ -172,7 +173,7 @@ - CC='${CC}' CFLAG='${CFLAG}' \ - AS='${CC}' ASFLAG='${CFLAG} -c' \ - AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \ -- SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/lib' \ -+ SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/$(LIBD)' LIBD='$(LIBD)' \ - INSTALL_PREFIX='${INSTALL_PREFIX}' \ - INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \ - MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ -@@ -301,7 +302,7 @@ - libcrypto.pc: Makefile - @ ( echo 'prefix=$(INSTALLTOP)'; \ - echo 'exec_prefix=$${prefix}'; \ -- echo 'libdir=$${exec_prefix}/lib'; \ -+ echo 'libdir=$${exec_prefix}/$(LIBD)'; \ - echo 'includedir=$${prefix}/include'; \ - echo ''; \ - echo 'Name: OpenSSL-libcrypto'; \ -@@ -314,7 +315,7 @@ - libssl.pc: Makefile - @ ( echo 'prefix=$(INSTALLTOP)'; \ - echo 'exec_prefix=$${prefix}'; \ -- echo 'libdir=$${exec_prefix}/lib'; \ -+ echo 'libdir=$${exec_prefix}/$(LIBD)'; \ - echo 'includedir=$${prefix}/include'; \ - echo ''; \ - echo 'Name: OpenSSL'; \ -@@ -327,7 +328,7 @@ - openssl.pc: Makefile - @ ( echo 'prefix=$(INSTALLTOP)'; \ - echo 'exec_prefix=$${prefix}'; \ -- echo 'libdir=$${exec_prefix}/lib'; \ -+ echo 'libdir=$${exec_prefix}/$(LIBD)'; \ - echo 'includedir=$${prefix}/include/openssl'; \ - echo ''; \ - echo 'Name: OpenSSL'; \ -@@ -477,9 +478,9 @@ - - install_sw: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ -- $(INSTALL_PREFIX)$(INSTALLTOP)/lib \ -- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \ -- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \ -+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD) \ -+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/engines \ -+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig \ - $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ -@@ -494,10 +495,9 @@ - do \ - if [ -f "$$i" ]; then \ - ( echo installing $$i; \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ -+ install $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/$$i; \ -+ $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/$$i; \ -+ ); \ - fi; \ - done; - @set -e; if [ -n "$(SHARED_LIBS)" ]; then \ -@@ -507,36 +507,30 @@ - if [ -f "$$i" -o -f "$$i.a" ]; then \ - ( echo installing $$i; \ - if [ "$(PLATFORM)" != "Cygwin" ]; then \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ -+ install $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/$$i; \ - else \ - c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ -- cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ -- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ -+ install $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ -+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/$$i; \ - fi ); \ - fi; \ - done; \ - ( here="`pwd`"; \ -- cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ -+ cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD); \ - $(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \ - if [ "$(INSTALLTOP)" != "/usr" ]; then \ - echo 'OpenSSL shared libraries have been installed in:'; \ -- echo ' $(INSTALLTOP)'; \ -+ echo ' $(INSTALLTOP)/$(LIBD)'; \ - echo ''; \ - sed -e '1,/^$$/d' doc/openssl-shared.txt; \ - fi; \ - fi -- cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig -- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libcrypto.pc -- cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig -- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/libssl.pc -- cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig -- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc -+ cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig -+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig/libcrypto.pc -+ cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig -+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig/libssl.pc -+ cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig -+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBD)/pkgconfig/openssl.pc - - install_docs: - @$(PERL) $(TOP)/util/mkdir-p.pl \ diff --git a/openssl-optflags.patch b/openssl-optflags.patch index 3df987b..07828be 100644 --- a/openssl-optflags.patch +++ b/openssl-optflags.patch @@ -1,6 +1,6 @@ ---- openssl-0.9.8h/Configure.orig 2008-05-30 00:34:52.856047264 +0200 -+++ openssl-0.9.8h/Configure 2008-05-30 07:06:59.720767714 +0200 -@@ -147,8 +147,8 @@ +--- openssl-0.9.8m/Configure.orig 2010-03-19 08:12:32.938715273 +0100 ++++ openssl-0.9.8m/Configure 2010-03-19 08:46:19.618713597 +0100 +@@ -156,8 +156,8 @@ #"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::", # Our development configs @@ -11,7 +11,7 @@ "debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o", "debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", "debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", -@@ -169,8 +169,8 @@ +@@ -179,8 +179,8 @@ "debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", @@ -19,10 +19,10 @@ -"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g $ENV{OPTFLAGS} -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g $ENV{OPTFLAGS} -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "dist", "cc:-O::(unknown)::::::", - - # Basic configs that should work on any (32 and less bit) box -@@ -318,28 +318,28 @@ + "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +@@ -331,28 +331,28 @@ #### # *-generic* is endian-neutral target, but ./config is free to # throw in -D[BL]_ENDIAN, whichever appropriate... @@ -43,13 +43,13 @@ -"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", --"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-generic64","gcc:-DTERMIO $ENV{OPTFLAGS} -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO $ENV{OPTFLAGS} -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### SPARC Linux setups # Ray Miller has patiently # assisted with debugging of following two configs. @@ -65,7 +65,7 @@ #### Alpha Linux with GNU C and Compaq C setups # Special notes: # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you -@@ -353,8 +353,8 @@ +@@ -366,8 +366,8 @@ # # # @@ -76,7 +76,7 @@ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}", "linux-alpha+bwx-ccc-generic","ccc:-fast -generic -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}", -@@ -1399,7 +1399,7 @@ +@@ -1567,7 +1567,7 @@ elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/) { my $sotmp = $1; diff --git a/openssl-parallel-build.patch b/openssl-parallel-build.patch deleted file mode 100644 index eace0f4..0000000 --- a/openssl-parallel-build.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -uNr openssl-0.9.8j.ORIG/Makefile.org openssl-0.9.8j/Makefile.org ---- openssl-0.9.8j.ORIG/Makefile.org 2009-01-07 18:06:31.000000000 +0000 -+++ openssl-0.9.8j/Makefile.org 2009-01-07 18:08:38.000000000 +0000 -@@ -333,15 +333,15 @@ - dir=crypto; target=all; $(BUILD_ONE_CMD) - build_fips: - @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto - @dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto - @dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs - @dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs - @dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs - @dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps diff --git a/openssl-x86_64-asm.patch b/openssl-x86_64-asm.patch deleted file mode 100644 index 512a717..0000000 --- a/openssl-x86_64-asm.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -ur openssl-0.9.8l.org/crypto/md5/asm/md5-x86_64.pl openssl-0.9.8l/crypto/md5/asm/md5-x86_64.pl ---- openssl-0.9.8l.org/crypto/md5/asm/md5-x86_64.pl 2007-11-11 14:34:06.000000000 +0100 -+++ openssl-0.9.8l/crypto/md5/asm/md5-x86_64.pl 2009-11-06 23:23:15.528442820 +0100 -@@ -19,6 +19,7 @@ - sub round1_step - { - my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_; -+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal - $code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1); - $code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1); - $code .= <= 1:5.6.1 @@ -204,11 +200,7 @@ RC4, RSA и SSL. Включает статические библиотеки д %patch5 -p1 %patch6 -p1 %patch7 -p1 -%patch8 -p0 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 +%patch8 -p1 %{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' \ `grep -l -r "%{_prefix}/local/bin/perl" *` @@ -227,7 +219,7 @@ OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \ %else --openssldir=%{_sysconfdir}/%{name} \ %endif - --lib=%{_lib} \ + --libdir=%{_lib} \ shared threads \ enable-tlsext \ enable-seed \ -- 2.43.0