security/openssl: Modernize port
- Group options - Migrate to <OPT>_CONFIGURE helpers - Use CONFIGURE_ARGS not EXTRACONFIGURE - Remove make-jobs unsafe (introduced 2009 / 0.9.8) - Remove base SHLIBVER_BASE check (introduced 2006) - Revert to default CPE_VERSION - Rework MAN3 option - Fix plist when SHARED disabled Reviewed by: mat Differential Revision: D8025
This commit is contained in:
Bernard Spil
parent
af43b2e712
commit
d164220a7a
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=423112
2 changed files with 1608 additions and 1663 deletions
|
|
@ -15,15 +15,12 @@ COMMENT= SSL and crypto library
|
|||
LICENSE= OpenSSL
|
||||
LICENSE_FILE= ${WRKSRC}/LICENSE
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
CPE_VERSION= ${PORTVERSION}${DISTVERSIONSUFFIX}
|
||||
CONFLICTS_INSTALL= libressl-[0-9]* \
|
||||
libressl-devel-[0-9]* \
|
||||
openssl-devel-[0-9]*
|
||||
|
||||
OPTIONS_DEFINE= SHARED THREADS SSE2 ASM PADLOCK ZLIB SCTP SSL2 SSL3 RFC3779 MD2 RC5 EXPCIPHERS DOCS MAN3
|
||||
OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP SSL2 SSL3 MD2 MAN3
|
||||
OPTIONS_DEFINE_i386= I386
|
||||
OPTIONS_DEFINE= DOCS MAN3 PADLOCK RFC3779 SHARED THREADS ZLIB
|
||||
OPTIONS_DEFAULT= SHARED THREADS SSE2 SCTP SSL2 SSL3 MD2 MAN3
|
||||
OPTIONS_DEFINE_amd64= EC
|
||||
OPTIONS_DEFAULT_amd64= EC
|
||||
OPTIONS_DEFINE_ia64= EC
|
||||
|
|
@ -33,23 +30,34 @@ TARGET_ARCH?= ${MACHINE_ARCH}
|
|||
OPTIONS_DEFINE_mips= EC
|
||||
OPTIONS_DEFAULT_mips= EC
|
||||
.endif
|
||||
NO_OPTIONS_SORT=yes
|
||||
OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS
|
||||
OPTIONS_GROUP_CIPHERS= EXPCIPHERS RC5
|
||||
OPTIONS_GROUP_HASHES= MD2
|
||||
OPTIONS_GROUP_OPTIMIZE= ASM SSE2
|
||||
OPTIONS_GROUP_PROTOCOLS= SCTP SSL2 SSL3
|
||||
.if ${TARGET_ARCH} == "i386"
|
||||
OPTIONS_GROUP_OPTIMIZE+= I386
|
||||
.endif
|
||||
OPTIONS_SUB= yes
|
||||
I386_DESC?= Optimize for i386 (instead of i486+)
|
||||
ASM_DESC?= optimized Assembler code
|
||||
SSE2_DESC?= runtime SSE2 detection
|
||||
PADLOCK_DESC?= VIA Padlock support
|
||||
SHARED_DESC?= build of shared libs
|
||||
ZLIB_DESC?= zlib compression support
|
||||
SCTP_DESC?= SCTP protocol support
|
||||
SSL2_DESC?= SSLv2 protocol support
|
||||
SSL3_DESC?= SSLv3 protocol support
|
||||
RFC3779_DESC?= RFC3779 support (BGP)
|
||||
MD2_DESC?= MD2 hash (obsolete)
|
||||
RC5_DESC?= RC5 cipher (patented)
|
||||
EXPCIPHERS_DESC?= Include experimental ciphers
|
||||
EC_DESC?= Optimize NIST elliptic curves
|
||||
MAN3_DESC?= Install API manpages (section 3)
|
||||
ASM_DESC= Optimized Assembler code
|
||||
CIPHERS_DESC= Cipher Suite support
|
||||
EC_DESC= Optimize NIST elliptic curves
|
||||
EXPCIPHERS_DESC= Include experimental ciphers
|
||||
HASHES_DESC= Hash Function Support
|
||||
I386_DESC= Optimize for i386 (instead of i486+)
|
||||
MAN3_DESC= Install API manpages (section 3)
|
||||
MD2_DESC= MD2 hash (obsolete)
|
||||
OPTIMIZE_DESC= Optimizations
|
||||
PADLOCK_DESC= VIA Padlock support
|
||||
PROTOCOLS_DESC= Protocol Support
|
||||
RC5_DESC= RC5 cipher (patented)
|
||||
RFC3779_DESC= RFC3779 support (BGP)
|
||||
SCTP_DESC= SCTP protocol support
|
||||
SHARED_DESC= Build shared libs
|
||||
SSE2_DESC= Runtime SSE2 detection
|
||||
SSL2_DESC= SSLv2 protocol support
|
||||
SSL3_DESC= SSLv3 protocol support
|
||||
ZLIB_DESC= zlib compression support
|
||||
|
||||
USES= cpe perl5
|
||||
USE_PERL5= build
|
||||
|
|
@ -57,6 +65,38 @@ MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive
|
|||
MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS=
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
ASM_CONFIGURE_OFF= no-asm
|
||||
EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128
|
||||
EC_CONFIGURE_OFF= no-ec_nistp_64_gcc_128
|
||||
I386_CONFIGURE_ON= 386
|
||||
MD2_CONFIGURE_ON= enable-md2
|
||||
MD2_CONFIGURE_OFF= no-md2
|
||||
PADLOCK_PATCH_SITES= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
|
||||
PADLOCK_PATCHFILES= 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
|
||||
1002-backport-changes-from-upstream-padlock-module.patch:padlock \
|
||||
1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
|
||||
1004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
|
||||
PADLOCK_VARS= PATCH_DIST_STRIP=-p1
|
||||
RC5_CONFIGURE_ON= enable-rc5
|
||||
RC5_CONFIGURE_OFF= no-rc5
|
||||
RFC3779_CONFIGURE_ON= enable-rfc3779
|
||||
RFC3779_CONFIGURE_OFF= no-rfc3779
|
||||
SCTP_CONFIGURE_ON= sctp
|
||||
SCTP_CONFIGURE_OFF= no-sctp
|
||||
SHARED_CONFIGURE_ON= shared
|
||||
SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER}
|
||||
SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER}
|
||||
SHARED_USE= ldconfig
|
||||
SSE2_CONFIGURE_OFF= no-sse2
|
||||
SSL2_CONFIGURE_ON= enable-ssl2
|
||||
SSL2_CONFIGURE_OFF= no-ssl2
|
||||
SSL3_CONFIGURE_ON= enable-ssl3
|
||||
SSL3_CONFIGURE_OFF= no-ssl3 no-ssl3-method
|
||||
THREADS_CONFIGURE_ON= threads
|
||||
THREADS_CONFIGURE_OFF= no-threads
|
||||
ZLIB_CONFIGURE_ON= zlib zlib-dynamic
|
||||
ZLIB_CONFIGURE_OFF= no-zlib no-zlib-dynamic
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${PREFIX} == /usr
|
||||
|
|
@ -66,110 +106,13 @@ IGNORE= the OpenSSL port can not be installed over the base version
|
|||
OPENSSLDIR?= ${PREFIX}/openssl
|
||||
PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==}
|
||||
|
||||
OPENSSL_BASE_SONAME!= readlink ${DESTDIR}/usr/lib/libcrypto.so || true
|
||||
OPENSSL_SHLIBVER_BASE= ${OPENSSL_BASE_SONAME:E}
|
||||
OPENSSL_BASE_SOPATH= ${OPENSSL_BASE_SONAME:H}
|
||||
|
||||
.include "version.mk"
|
||||
|
||||
.if ${PORT_OPTIONS:MI386}
|
||||
.if ${ARCH} == "i386"
|
||||
EXTRACONFIGURE+= 386
|
||||
.endif
|
||||
.endif
|
||||
|
||||
.if empty(PORT_OPTIONS:MSSE2)
|
||||
# disable runtime SSE2 detection
|
||||
EXTRACONFIGURE+= no-sse2
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MASM}
|
||||
BROKEN_sparc64= option ASM generates illegal instructions
|
||||
.else
|
||||
EXTRACONFIGURE+= no-asm
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MTHREADS}
|
||||
EXTRACONFIGURE+= threads
|
||||
.else
|
||||
EXTRACONFIGURE+= no-threads
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSHARED}
|
||||
EXTRACONFIGURE+= shared
|
||||
MAKE_ENV+= SHLIBVER=${OPENSSL_SHLIBVER}
|
||||
PLIST_SUB+= SHLIBVER=${OPENSSL_SHLIBVER}
|
||||
USE_LDCONFIG= yes
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MZLIB}
|
||||
EXTRACONFIGURE+= zlib zlib-dynamic
|
||||
.else
|
||||
EXTRACONFIGURE+= no-zlib no-zlib-dynamic
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSCTP}
|
||||
EXTRACONFIGURE+= sctp
|
||||
.else
|
||||
EXTRACONFIGURE+= no-sctp
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSSL2}
|
||||
EXTRACONFIGURE+= enable-ssl2
|
||||
.else
|
||||
EXTRACONFIGURE+= no-ssl2
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSSL3}
|
||||
EXTRACONFIGURE+= enable-ssl3
|
||||
.else
|
||||
EXTRACONFIGURE+= no-ssl3 no-ssl3-method
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MMD2}
|
||||
EXTRACONFIGURE+= enable-md2
|
||||
.else
|
||||
EXTRACONFIGURE+= no-md2
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MRC5}
|
||||
EXTRACONFIGURE+= enable-rc5
|
||||
.else
|
||||
EXTRACONFIGURE+= no-rc5
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MPADLOCK}
|
||||
PATCH_DIST_STRIP= -p1
|
||||
PATCH_SITES+= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
|
||||
PATCHFILES+= 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
|
||||
1002-backport-changes-from-upstream-padlock-module.patch:padlock \
|
||||
1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
|
||||
1004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
|
||||
.endif
|
||||
|
||||
EXTRACONFIGURE+= no-gmp
|
||||
|
||||
.if ${PORT_OPTIONS:MRFC3779}
|
||||
EXTRACONFIGURE+= enable-rfc3779
|
||||
.else
|
||||
EXTRACONFIGURE+= no-rfc3779
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MEC}
|
||||
EXTRACONFIGURE+= enable-ec_nistp_64_gcc_128
|
||||
.else
|
||||
EXTRACONFIGURE+= no-ec_nistp_64_gcc_128
|
||||
.endif
|
||||
|
||||
.if ${OPENSSL_SHLIBVER_BASE} > ${OPENSSL_SHLIBVER}
|
||||
pre-everything::
|
||||
@${ECHO_CMD} "#"
|
||||
@${ECHO_CMD} "# this ports conflicts with your base system"
|
||||
@${ECHO_CMD} "# you have to uninstall your ssl port"
|
||||
@${ECHO_CMD} "# please use DEFAULT_VERSIONS+= ssl=base instead."
|
||||
@${ECHO_CMD} "#"
|
||||
@${FALSE}
|
||||
.endif
|
||||
CONFIGURE_ARGS+= no-gmp
|
||||
|
||||
post-patch:
|
||||
${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \
|
||||
|
|
@ -183,6 +126,11 @@ post-patch:
|
|||
${WRKSRC}/ssl/tls1.h
|
||||
.endif
|
||||
|
||||
post-patch-MAN3-off:
|
||||
${GREP} -L openssl_manual_section ${WRKSRC}/doc/crypto/*.pod | ${XARGS} ${RM}
|
||||
${RM} -rf ${WRKSRC}/doc/ssl/*.pod
|
||||
${REINPLACE_CMD} -e 's|pod doc/ssl/\*\.pod|pod|' ${WRKSRC}/Makefile.org
|
||||
|
||||
do-configure:
|
||||
${REINPLACE_CMD} -e "s|options 386|options|" \
|
||||
${WRKSRC}/config
|
||||
|
|
@ -190,7 +138,7 @@ do-configure:
|
|||
&& ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \
|
||||
./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \
|
||||
--install_prefix=${STAGEDIR} \
|
||||
-L${PREFIX}/lib ${EXTRACONFIGURE}
|
||||
-L${PREFIX}/lib ${CONFIGURE_ARGS}
|
||||
|
||||
post-configure:
|
||||
${REINPLACE_CMD} \
|
||||
|
|
@ -205,10 +153,6 @@ post-install-SHARED-on:
|
|||
${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so
|
||||
.endfor
|
||||
|
||||
post-install-MAN3-off:
|
||||
${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3
|
||||
${REINPLACE_CMD} -e 's|^man/man3/.*||' ${TMPPLIST}
|
||||
|
||||
post-install-DOCS-on:
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/openssl.txt ${STAGEDIR}${DOCSDIR}/
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue