diff options
author | jlam <jlam> | 2004-12-14 19:24:29 +0000 |
---|---|---|
committer | jlam <jlam> | 2004-12-14 19:24:29 +0000 |
commit | c6cd2687e3e1e9868865b6affd8086c7118f6424 (patch) | |
tree | e416cb16d25bfad873bc7eaecd5852cef2126929 /security | |
parent | c9e369310c68516b71f80c022b6b2d2832a9e662 (diff) | |
download | pkgsrc-c6cd2687e3e1e9868865b6affd8086c7118f6424.tar.gz |
Change the way that openssl/builtin.mk handles the USE_OLD_DES_API flag.
The idea is to prevent needing to patch source files for packages that
use OpenSSL for DES support by ensuring that including <openssl/des.h>
will always present the old DES API.
(1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and
<openssl/des.h> already does the right thing.
(2) If des_old.h doesn't exist, then one of two things is happening:
(a) If <openssl/des.h> is old and (only) supports the old DES API,
then <openssl/des.h> does the right thing.
(b) If it's NetBSD's Special(TM) one that stripped out the old DES
support into a separate library and header (-ldes, <des.h>),
then we create a new header <openssl/des.h> that includes the
system one and <des.h>.
Also modify existing packages that set USE_OLD_DES_API to simply include
<openssl/des.h> instead of either <des.h> or <openssl/des_old.h> (This
step is mostly just removing unnecessary patches).
This should fix building packages that use OpenSSL's old DES API support
on non-NetBSD systems where the built-in OpenSSL is at least 0.9.7.
Diffstat (limited to 'security')
-rw-r--r-- | security/heimdal/distinfo | 5 | ||||
-rw-r--r-- | security/heimdal/patches/patch-ad | 38 | ||||
-rw-r--r-- | security/heimdal/patches/patch-ah | 13 | ||||
-rw-r--r-- | security/openssl/builtin.mk | 82 |
4 files changed, 57 insertions, 81 deletions
diff --git a/security/heimdal/distinfo b/security/heimdal/distinfo index 6451dd01593..b46aef126f9 100644 --- a/security/heimdal/distinfo +++ b/security/heimdal/distinfo @@ -1,9 +1,8 @@ -$NetBSD: distinfo,v 1.8 2004/12/04 03:59:26 jlam Exp $ +$NetBSD: distinfo,v 1.9 2004/12/14 19:24:29 jlam Exp $ SHA1 (heimdal-0.6.3.tar.gz) = 91863a1bd9f8a55063a09c28a5f41985b7a31145 Size (heimdal-0.6.3.tar.gz) = 3333604 bytes SHA1 (patch-ab) = 400a9ac3a76ac7e8b4dcc230e0bdf7fc5222fbb7 SHA1 (patch-ac) = 121961811f559822c6a4f3d7f7e4646b16908942 -SHA1 (patch-ad) = b2ebbf5ad71125634fd569a0ee0245d23bcfd068 +SHA1 (patch-ad) = 20347c61cf79c17500ab3508424632efc3545b65 SHA1 (patch-ae) = 518eabed07d4fc69e86ace3f02d23ca3064d4bd1 -SHA1 (patch-ah) = b7ef27e2a218d5f69180f799b31a1b6c08ec602f diff --git a/security/heimdal/patches/patch-ad b/security/heimdal/patches/patch-ad index abdd50b2b5e..5ba870a2b88 100644 --- a/security/heimdal/patches/patch-ad +++ b/security/heimdal/patches/patch-ad @@ -1,4 +1,4 @@ -$NetBSD: patch-ad,v 1.4 2004/12/04 03:59:27 jlam Exp $ +$NetBSD: patch-ad,v 1.5 2004/12/14 19:24:29 jlam Exp $ --- configure.orig 2004-09-13 08:27:10.000000000 -0400 +++ configure @@ -12,39 +12,3 @@ $NetBSD: patch-ad,v 1.4 2004/12/04 03:59:27 jlam Exp $ # Make sure we can run config.sub. $ac_config_sub sun4 >/dev/null 2>&1 || { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5 -@@ -22005,7 +22002,7 @@ cat >>conftest.$ac_ext <<_ACEOF - #include <openssl/md5.h> - #include <openssl/sha.h> - #define OPENSSL_DES_LIBDES_COMPATIBILITY -- #include <openssl/des.h> -+ #include <openssl/des_old.h> - #include <openssl/rc4.h> - #include <openssl/rand.h> - #else -@@ -22101,7 +22098,7 @@ cat >>conftest.$ac_ext <<_ACEOF - #include <openssl/md5.h> - #include <openssl/sha.h> - #define OPENSSL_DES_LIBDES_COMPATIBILITY -- #include <openssl/des.h> -+ #include <openssl/des_old.h> - #include <openssl/rc4.h> - #include <openssl/rand.h> - #else -@@ -22197,7 +22194,7 @@ cat >>conftest.$ac_ext <<_ACEOF - #include <openssl/md5.h> - #include <openssl/sha.h> - #define OPENSSL_DES_LIBDES_COMPATIBILITY -- #include <openssl/des.h> -+ #include <openssl/des_old.h> - #include <openssl/rc4.h> - #include <openssl/rand.h> - #else -@@ -22324,7 +22321,7 @@ cat >>conftest.$ac_ext <<_ACEOF - #include <openssl/md5.h> - #include <openssl/sha.h> - #define OPENSSL_DES_LIBDES_COMPATIBILITY -- #include <openssl/des.h> -+ #include <openssl/des_old.h> - #include <openssl/rc4.h> - #include <openssl/rand.h> - #else diff --git a/security/heimdal/patches/patch-ah b/security/heimdal/patches/patch-ah deleted file mode 100644 index 81eccd55fa1..00000000000 --- a/security/heimdal/patches/patch-ah +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ah,v 1.1 2004/12/04 03:59:27 jlam Exp $ - ---- include/make_crypto.c.orig 2003-05-05 16:10:27.000000000 -0400 -+++ include/make_crypto.c -@@ -61,7 +61,7 @@ main(int argc, char **argv) - fprintf(f, "#define __%s__\n", argv[1]); - #ifdef HAVE_OPENSSL - fputs("#define OPENSSL_DES_LIBDES_COMPATIBILITY\n", f); -- fputs("#include <openssl/des.h>\n", f); -+ fputs("#include <openssl/des_old.h>\n", f); - fputs("#include <openssl/rc4.h>\n", f); - fputs("#include <openssl/md4.h>\n", f); - fputs("#include <openssl/md5.h>\n", f); diff --git a/security/openssl/builtin.mk b/security/openssl/builtin.mk index 19379a56959..ee5755821ca 100644 --- a/security/openssl/builtin.mk +++ b/security/openssl/builtin.mk @@ -1,4 +1,4 @@ -# $NetBSD: builtin.mk,v 1.7 2004/12/11 00:04:14 jlam Exp $ +# $NetBSD: builtin.mk,v 1.8 2004/12/14 19:24:29 jlam Exp $ _OPENSSL_PKGSRC_PKGNAME= openssl-0.9.6m _OPENSSL_OPENSSLV_H= /usr/include/openssl/opensslv.h @@ -146,45 +146,71 @@ PKG_SKIP_REASON= \ "Unable to satisfy dependency: ${BUILDLINK_DEPENDS.openssl}" .endif -# By default, we don't bother with the old DES API. -USE_OLD_DES_API?= no - .if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) BUILDLINK_PREFIX.openssl= /usr +.endif + +# By default, we don't bother with the old DES API. +USE_OLD_DES_API?= no +.if !empty(USE_OLD_DES_API:M[yY][eE][sS]) # # If we're using the old DES API, then check to see if the old DES # code was factored out into a separate library and header files and # no longer a part of libcrypto. # -. if !empty(USE_OLD_DES_API:M[yY][eE][sS]) && \ - !exists(${BUILDLINK_PREFIX.openssl}/include/openssl/des_old.h) +. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) . if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \ - !empty(_BLNK_LIB_FOUND.des:M[yY][eE][sS]) -BUILDLINK_TRANSFORM+= l:crypto:des:crypto -WRAPPER_REORDER_CMDS+= reorder:l:des:crypto + !empty(_BLNK_LIB_FOUND.des:M[yY][eE][sS]) +BUILDLINK_TRANSFORM+= l:crypto:des:crypto +WRAPPER_REORDER_CMDS+= reorder:l:des:crypto . endif +. endif -BUILDLINK_TARGETS+= buildlink-openssl-des-old.h -. if !target(buildlink-openssl-des-old.h) -.PHONY: buildlink-openssl-des-old.h -buildlink-openssl-des-old.h: +# The idea is to prevent needing to patch source files for packages that +# use OpenSSL for DES support by ensuring that including <openssl/des.h> +# will always present the old DES API. +# +# (1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and +# <openssl/des.h> already does the right thing. +# +# (2) If des_old.h doesn't exist, then one of two things is happening: +# (a) If <openssl/des.h> is old and (only) supports the old DES API, +# then <openssl/des.h> does the right thing. +# (b) If it's NetBSD's Special(TM) one that stripped out the old DES +# support into a separate library and header (-ldes, <des.h>), +# then we create a new header <openssl/des.h> that includes the +# system one and <des.h>. +# +BUILDLINK_TARGETS+= buildlink-openssl-des-h +. if !target(buildlink-openssl-des-h) +.PHONY: buildlink-openssl-des-h +buildlink-openssl-des-h: ${_PKG_SILENT}${_PKG_DEBUG} \ - dest="${BUILDLINK_DIR}/include/openssl/des_old.h"; \ - if ${TEST} ! -f "$$dest"; then \ - for src in \ - ${BUILDLINK_PREFIX.openssl}/include/des.h \ - ${BUILDLINK_PREFIX.openssl}/include/openssl/des.h; \ - do \ - if ${TEST} -f "$$src"; then \ - ${MKDIR} -p `${DIRNAME} "$$dest"`; \ - ${LN} -fs $$src $$dest; \ - break; \ - fi; \ - done; \ + bl_odes_h="${BUILDLINK_DIR}/include/openssl/des.h"; \ + odes_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des.h"; \ + odes_old_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des_old.h"; \ + des_h="${BUILDLINK_PREFIX.openssl}/include/des.h"; \ + if ${TEST} -f "$$odes_old_h"; then \ + ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \ + exit 0; \ + elif ${GREP} -q "des_cblock" "$$ossl_h" 2>/dev/null; then \ + ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \ + exit 0; \ + elif ${TEST} -f "$$des_h" -a -f "$$odes_h"; then \ + ${ECHO_BUILDLINK_MSG} "Creating $$bl_odes_h"; \ + ${RM} -f $$bl_odes_h; \ + ${MKDIR} `${DIRNAME} $$bl_odes_h`; \ + ( ${ECHO} "/* Created by openssl/builtin.mk:${.TARGET} */"; \ + ${ECHO} "#include \"$$odes_h\""; \ + ${ECHO} "#include \"$$des_h\""; \ + ) > $$bl_odes_h; \ + exit 0; \ + else \ + ${ECHO} "Unable to find headers for old DES API."; \ + exit 1; \ fi -. endif -. endif # USE_OLD_DES_API == yes -.endif # USE_BUILTIN.openssl == yes +. endif +.endif # USE_OLD_DES_API == yes .if defined(PKG_SYSCONFDIR.openssl) SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs |