diff options
| author | agc <agc@pkgsrc.org> | 2015-12-31 02:57:35 +0000 |
|---|---|---|
| committer | agc <agc@pkgsrc.org> | 2015-12-31 02:57:35 +0000 |
| commit | d1ee0e37471780931d3116a97d9538be5b2d37fa (patch) | |
| tree | d847f009e4173475e22d35989ad7e6b592f07577 /security | |
| parent | 1f38f0797276aae23b34c5c07a8d195e4464b496 (diff) | |
| download | pkgsrc-d1ee0e37471780931d3116a97d9538be5b2d37fa.tar.gz | |
Import boringssl into the packages collection. This is a tar file of
the sources taken at 20151230 from
https://boringssl.googlesource.com/boringssl/
with portability fixes for NetBSD. It installs into ${PREFIX}/bssl to
avoid conflicts with openssl.
BoringSSL is a fork of OpenSSL that is designed to meet Google's
needs.
Although BoringSSL is an open source project, it is not intended for
general use, as OpenSSL is. We don't recommend that third parties
depend upon it. Doing so is likely to be frustrating because there
are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we
update everything as needed when deciding to make API changes. This
allows us to mostly avoid compromises in the name of compatibility.
It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various
ways and, over time, built up a large number of patches that were
maintained while tracking upstream OpenSSL. As Google's product
portfolio became more complex, more copies of OpenSSL sprung up and
the effort involved in maintaining all these patches in multiple
places was growing steadily.
Diffstat (limited to 'security')
| -rw-r--r-- | security/boringssl/DESCR | 19 | ||||
| -rw-r--r-- | security/boringssl/Makefile | 38 | ||||
| -rw-r--r-- | security/boringssl/PLIST | 77 | ||||
| -rw-r--r-- | security/boringssl/distinfo | 12 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-crypto__bio__bio_test.cc | 16 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-crypto__bio__internal.h | 15 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-crypto__bio__socket_helper.c | 17 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-crypto__lhash__lhash_test.c | 16 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-crypto__mem.c | 16 | ||||
| -rw-r--r-- | security/boringssl/patches/patch-include__openssl__thread.h | 16 |
10 files changed, 242 insertions, 0 deletions
diff --git a/security/boringssl/DESCR b/security/boringssl/DESCR new file mode 100644 index 00000000000..7935d0ea0fb --- /dev/null +++ b/security/boringssl/DESCR @@ -0,0 +1,19 @@ +BoringSSL is a fork of OpenSSL that is designed to meet Google's +needs. + +Although BoringSSL is an open source project, it is not intended for +general use, as OpenSSL is. We don't recommend that third parties +depend upon it. Doing so is likely to be frustrating because there +are no guarantees of API or ABI stability. + +Programs ship their own copies of BoringSSL when they use it and we +update everything as needed when deciding to make API changes. This +allows us to mostly avoid compromises in the name of compatibility. +It works for us, but it may not work for you. + +BoringSSL arose because Google used OpenSSL for many years in various +ways and, over time, built up a large number of patches that were +maintained while tracking upstream OpenSSL. As Google's product +portfolio became more complex, more copies of OpenSSL sprung up and +the effort involved in maintaining all these patches in multiple +places was growing steadily. diff --git a/security/boringssl/Makefile b/security/boringssl/Makefile new file mode 100644 index 00000000000..475a59eb97d --- /dev/null +++ b/security/boringssl/Makefile @@ -0,0 +1,38 @@ +# $NetBSD: Makefile,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +DISTNAME= boringssl-20151230 +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_LOCAL} + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= https://boringssl.googlesource.com/boringssl/ +COMMENT= Fork of OpenSSL designed to meet Google's needs +LICENSE= openssl + +WRKSRC= ${WRKDIR}/boringssl + +USE_TOOLS+= cmake perl +USE_LANGUAGES+= c c++ + +AUTO_MKDIRS= yes + +do-build: + mkdir -p ${WRKSRC}/build + cd ${WRKSRC}/build && cmake .. + cd ${WRKSRC}/build && make + +do-install: + for d in bssl/bin bssl/lib bssl/include/openssl; do \ + mkdir -p ${DESTDIR}${PREFIX}/$$d; \ + done + ${INSTALL_LIB} ${WRKSRC}/build/crypto/libcrypto.a ${DESTDIR}${PREFIX}/bssl/lib + ${INSTALL_LIB} ${WRKSRC}/build/ssl/libssl.a ${DESTDIR}${PREFIX}/bssl/lib + ${INSTALL_PROGRAM} ${WRKSRC}/build/ssl/test/bssl_shim ${DESTDIR}${PREFIX}/bssl/bin/bssl_shim + ${INSTALL_PROGRAM} ${WRKSRC}/build/ssl/ssl_test ${DESTDIR}${PREFIX}/bssl/bin/ssl_test + ${INSTALL_PROGRAM} ${WRKSRC}/build/tool/bssl ${DESTDIR}${PREFIX}/bssl/bin/bssl + (cd ${WRKSRC}/include/openssl && \ + for f in *.h; do \ + ${INSTALL_DATA} $$f ${DESTDIR}${PREFIX}/bssl/include/openssl/$$f; \ + done) + +.include "../../mk/bsd.pkg.mk" diff --git a/security/boringssl/PLIST b/security/boringssl/PLIST new file mode 100644 index 00000000000..d85db7ec62c --- /dev/null +++ b/security/boringssl/PLIST @@ -0,0 +1,77 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ +bssl/bin/bssl +bssl/bin/bssl_shim +bssl/bin/ssl_test +bssl/include/openssl/aead.h +bssl/include/openssl/aes.h +bssl/include/openssl/arm_arch.h +bssl/include/openssl/asn1.h +bssl/include/openssl/asn1_mac.h +bssl/include/openssl/asn1t.h +bssl/include/openssl/base.h +bssl/include/openssl/base64.h +bssl/include/openssl/bio.h +bssl/include/openssl/blowfish.h +bssl/include/openssl/bn.h +bssl/include/openssl/buf.h +bssl/include/openssl/buffer.h +bssl/include/openssl/bytestring.h +bssl/include/openssl/cast.h +bssl/include/openssl/chacha.h +bssl/include/openssl/cipher.h +bssl/include/openssl/cmac.h +bssl/include/openssl/conf.h +bssl/include/openssl/cpu.h +bssl/include/openssl/crypto.h +bssl/include/openssl/curve25519.h +bssl/include/openssl/des.h +bssl/include/openssl/dh.h +bssl/include/openssl/digest.h +bssl/include/openssl/dsa.h +bssl/include/openssl/dtls1.h +bssl/include/openssl/ec.h +bssl/include/openssl/ec_key.h +bssl/include/openssl/ecdh.h +bssl/include/openssl/ecdsa.h +bssl/include/openssl/engine.h +bssl/include/openssl/err.h +bssl/include/openssl/evp.h +bssl/include/openssl/ex_data.h +bssl/include/openssl/hkdf.h +bssl/include/openssl/hmac.h +bssl/include/openssl/lhash.h +bssl/include/openssl/lhash_macros.h +bssl/include/openssl/md4.h +bssl/include/openssl/md5.h +bssl/include/openssl/mem.h +bssl/include/openssl/obj.h +bssl/include/openssl/obj_mac.h +bssl/include/openssl/objects.h +bssl/include/openssl/opensslfeatures.h +bssl/include/openssl/opensslv.h +bssl/include/openssl/ossl_typ.h +bssl/include/openssl/pem.h +bssl/include/openssl/pkcs12.h +bssl/include/openssl/pkcs7.h +bssl/include/openssl/pkcs8.h +bssl/include/openssl/poly1305.h +bssl/include/openssl/pqueue.h +bssl/include/openssl/rand.h +bssl/include/openssl/rc4.h +bssl/include/openssl/rsa.h +bssl/include/openssl/safestack.h +bssl/include/openssl/sha.h +bssl/include/openssl/srtp.h +bssl/include/openssl/ssl.h +bssl/include/openssl/ssl3.h +bssl/include/openssl/stack.h +bssl/include/openssl/stack_macros.h +bssl/include/openssl/thread.h +bssl/include/openssl/time_support.h +bssl/include/openssl/tls1.h +bssl/include/openssl/type_check.h +bssl/include/openssl/x509.h +bssl/include/openssl/x509_vfy.h +bssl/include/openssl/x509v3.h +bssl/lib/libcrypto.a +bssl/lib/libssl.a diff --git a/security/boringssl/distinfo b/security/boringssl/distinfo new file mode 100644 index 00000000000..ef5f3459b6b --- /dev/null +++ b/security/boringssl/distinfo @@ -0,0 +1,12 @@ +$NetBSD: distinfo,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +SHA1 (boringssl-20151230.tar.gz) = eb3681358044990bc54c9ab58a3ce8d951edd022 +RMD160 (boringssl-20151230.tar.gz) = cf2b15e5dc261efcba44cb493947e9c48d346c36 +SHA512 (boringssl-20151230.tar.gz) = 868e53f5cc695c115b261cae67855f95bc017278aecb86b57941a8f0bfa553cb01ebc8cef65d82c18c65cf34b36fbd33a663805b1fcde37f40a88a11c30d7b73 +Size (boringssl-20151230.tar.gz) = 21984504 bytes +SHA1 (patch-crypto__bio__bio_test.cc) = 441f14b565c566528d175d56fec34b905c1400cf +SHA1 (patch-crypto__bio__internal.h) = ca998dc82f208fcc46144c932154c456474a9e88 +SHA1 (patch-crypto__bio__socket_helper.c) = 6ac17f5899817522d3ba883a88d87b5d8541213e +SHA1 (patch-crypto__lhash__lhash_test.c) = 9f411a45fcb8d861911f8ef69651f591a70211b2 +SHA1 (patch-crypto__mem.c) = 186c7f7af8b28defc80266a351456328df0976cc +SHA1 (patch-include__openssl__thread.h) = 0faf11db8591026c10ae3271936b1ef6381d977a diff --git a/security/boringssl/patches/patch-crypto__bio__bio_test.cc b/security/boringssl/patches/patch-crypto__bio__bio_test.cc new file mode 100644 index 00000000000..24e5ee69dff --- /dev/null +++ b/security/boringssl/patches/patch-crypto__bio__bio_test.cc @@ -0,0 +1,16 @@ +$NetBSD: patch-crypto__bio__bio_test.cc,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- crypto/bio/bio_test.cc.orig 2015-12-30 15:55:50.000000000 -0800 ++++ crypto/bio/bio_test.cc 2015-12-30 18:06:05.000000000 -0800 +@@ -13,7 +13,9 @@ + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + + #if !defined(_POSIX_C_SOURCE) ++# if !defined(__NetBSD__) + #define _POSIX_C_SOURCE 201410L ++# endif + #endif + + #include <openssl/base.h> diff --git a/security/boringssl/patches/patch-crypto__bio__internal.h b/security/boringssl/patches/patch-crypto__bio__internal.h new file mode 100644 index 00000000000..de0fa77e10c --- /dev/null +++ b/security/boringssl/patches/patch-crypto__bio__internal.h @@ -0,0 +1,15 @@ +$NetBSD: patch-crypto__bio__internal.h,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- crypto/bio/internal.h.orig 2015-12-30 15:55:50.000000000 -0800 ++++ crypto/bio/internal.h 2015-12-30 18:06:05.000000000 -0800 +@@ -59,6 +59,8 @@ + + #include <openssl/base.h> + ++#include <netdb.h> ++ + #if !defined(OPENSSL_WINDOWS) + #if defined(OPENSSL_PNACL) + /* newlib uses u_short in socket.h without defining it. */ diff --git a/security/boringssl/patches/patch-crypto__bio__socket_helper.c b/security/boringssl/patches/patch-crypto__bio__socket_helper.c new file mode 100644 index 00000000000..e8f3c01e3ce --- /dev/null +++ b/security/boringssl/patches/patch-crypto__bio__socket_helper.c @@ -0,0 +1,17 @@ +$NetBSD: patch-crypto__bio__socket_helper.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- crypto/bio/socket_helper.c.orig 2015-12-30 15:55:50.000000000 -0800 ++++ crypto/bio/socket_helper.c 2015-12-30 18:06:05.000000000 -0800 +@@ -12,8 +12,10 @@ + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + ++#if !defined(__NetBSD__) + #undef _POSIX_C_SOURCE + #define _POSIX_C_SOURCE 200112L ++#endif + + #include <openssl/bio.h> + #include <openssl/err.h> diff --git a/security/boringssl/patches/patch-crypto__lhash__lhash_test.c b/security/boringssl/patches/patch-crypto__lhash__lhash_test.c new file mode 100644 index 00000000000..98f58a8b258 --- /dev/null +++ b/security/boringssl/patches/patch-crypto__lhash__lhash_test.c @@ -0,0 +1,16 @@ +$NetBSD: patch-crypto__lhash__lhash_test.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- crypto/lhash/lhash_test.c.orig 2015-12-30 15:55:51.000000000 -0800 ++++ crypto/lhash/lhash_test.c 2015-12-30 18:06:05.000000000 -0800 +@@ -13,7 +13,9 @@ + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + + #if !defined(_POSIX_C_SOURCE) ++# if !defined(__NetBSD__) + #define _POSIX_C_SOURCE 201410L ++# endif + #endif + + #include <openssl/crypto.h> diff --git a/security/boringssl/patches/patch-crypto__mem.c b/security/boringssl/patches/patch-crypto__mem.c new file mode 100644 index 00000000000..2ca276ad3c8 --- /dev/null +++ b/security/boringssl/patches/patch-crypto__mem.c @@ -0,0 +1,16 @@ +$NetBSD: patch-crypto__mem.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- crypto/mem.c.orig 2015-12-30 15:55:51.000000000 -0800 ++++ crypto/mem.c 2015-12-30 18:06:05.000000000 -0800 +@@ -55,7 +55,9 @@ + * [including the GNU Public Licence.] */ + + #if !defined(_POSIX_C_SOURCE) ++# if !defined(__NetBSD__) + #define _POSIX_C_SOURCE 201410L /* needed for strdup, snprintf, vprintf etc */ ++# endif + #endif + + #include <openssl/mem.h> diff --git a/security/boringssl/patches/patch-include__openssl__thread.h b/security/boringssl/patches/patch-include__openssl__thread.h new file mode 100644 index 00000000000..1c0ede384ca --- /dev/null +++ b/security/boringssl/patches/patch-include__openssl__thread.h @@ -0,0 +1,16 @@ +$NetBSD: patch-include__openssl__thread.h,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $ + +NetBSD portability patches + +--- include/openssl/thread.h.orig 2015-12-30 15:55:52.000000000 -0800 ++++ include/openssl/thread.h 2015-12-30 18:06:05.000000000 -0800 +@@ -87,6 +87,9 @@ + typedef union crypto_mutex_st { + double alignment; + uint8_t padding[3*sizeof(int) + 5*sizeof(unsigned) + 16 + 8]; ++#if defined(__NetBSD__) ++ uint8_t nbpad[64 + 8]; ++#endif + } CRYPTO_MUTEX; + #endif + |