diff options
| author | jlam <jlam> | 2004-12-03 23:03:09 +0000 |
|---|---|---|
| committer | jlam <jlam> | 2004-12-03 23:03:09 +0000 |
| commit | dbf49756ec839cc0a8de419b5831df2947d9076f (patch) | |
| tree | d3d7be1305fa4db598d14e072117dfd5c1a2890f /security | |
| parent | 9e190c13f506e2f4384d4dd96a4ea45c2e41af6e (diff) | |
| download | pkgsrc-dbf49756ec839cc0a8de419b5831df2947d9076f.tar.gz | |
Attempt to deal with the differing DES APIs between OpenSSL 0.9.6 (in
pkgsrc and in NetBSD-1.6.x) and OpenSSL 0.9.7 (in NetBSD-2.0), by
creating a new yes/no variable USE_OLD_DES_API that flags whether the
package wants to use the old DES API. If USE_OLD_DES_API is "yes",
then:
* For OpenSSL 0.9.6, symlink ${BUILDLINK_DIR}/include/openssl/des_old.h
to ${SSLBASE}/include/openssl/des.h.
* For NetBSD 2.0's "special" installation of OpenSSL 0.9.7, symlink
${BUILDLINK_DIR}/include/openssl/des_old.h to /usr/include/des.h,
and transform "-lcrypto" into "-ldes -lcrypto". This makes it
behave like stock OpenSSL 0.9.7 where the old DES functions are
part of libcrypto.
Software that wants to use the old DES API should be taught to do it
in a way that works with a stock installation of OpenSSL 0.9.7 -- by
including <openssl/des_old.h> and linking against "-lcrypto". Software
that wants to use the new DES API should simply depend on openssl>=0.9.7.
This change has no impact on existing packages as the new code is
active only when USE_OLD_DES_API == "yes".
Diffstat (limited to 'security')
| -rw-r--r-- | security/openssl/builtin.mk | 57 |
1 files changed, 56 insertions, 1 deletions
diff --git a/security/openssl/builtin.mk b/security/openssl/builtin.mk index 325ea72636a..240613ad55e 100644 --- a/security/openssl/builtin.mk +++ b/security/openssl/builtin.mk @@ -1,8 +1,23 @@ -# $NetBSD: builtin.mk,v 1.5 2004/04/02 23:41:50 wiz Exp $ +# $NetBSD: builtin.mk,v 1.6 2004/12/03 23:03:09 jlam Exp $ _OPENSSL_PKGSRC_PKGNAME= openssl-0.9.6m _OPENSSL_OPENSSLV_H= /usr/include/openssl/opensslv.h +.for _lib_ in des +. if !defined(_BLNK_LIB_FOUND.${_lib_}) +_BLNK_LIB_FOUND.${_lib_}!= \ + if ${TEST} "`${ECHO} /usr/lib/lib${_lib_}.*`" != "/usr/lib/lib${_lib_}.*"; then \ + ${ECHO} "yes"; \ + elif ${TEST} "`${ECHO} /lib/lib${_lib_}.*`" != "/lib/lib${_lib_}.*"; then \ + ${ECHO} "yes"; \ + else \ + ${ECHO} "no"; \ + fi +BUILDLINK_VARS+= _BLNK_LIB_FOUND.${_lib_} +. endif +.endfor +.undef _lib_ + .if !defined(IS_BUILTIN.openssl) IS_BUILTIN.openssl= no . if exists(${_OPENSSL_OPENSSLV_H}) @@ -131,6 +146,46 @@ PKG_SKIP_REASON= \ "Unable to satisfy dependency: ${BUILDLINK_DEPENDS.openssl}" .endif +# By default, we don't bother with the old DES API. +USE_OLD_DES_API?= no + +.if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +BUILDLINK_PREFIX.openssl= /usr +# +# If we're using the old DES API, then check to see if the old DES +# code was factored out into a separate library and header files and +# no longer a part of libcrypto. +# +. if !empty(USE_OLD_DES_API:M[yY][eE][sS]) && \ + !exists(${BUILDLINK_PREFIX.openssl}/include/openssl/des_old.h) +. if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \ + !empty(_BLNK_LIB_FOUND.des:M[yY][eE][sS]) +BUILDLINK_TRANSFORM+= l:crypto:des:crypto +WRAPPER_REORDER_CMDS+= reorder:l:des:crypto +. endif + +BUILDLINK_TARGETS+= buildlink-openssl-des-old.h +. if !target(buildlink-openssl-des-old.h) +.PHONY: buildlink-openssl-des-old.h +buildlink-openssl-des-old.h: + ${_PKG_SILENT}${_PKG_DEBUG} \ + dest="${BUILDLINK_DIR}/include/openssl/des_old.h"; \ + if ${TEST} ! -f "$$dest"; then \ + for src in \ + ${BUILDLINK_PREFIX.openssl}/include/des.h \ + ${BUILDLINK_PREFIX.openssl}/include/openssl/des.h; \ + do \ + if ${TEST} -f "$$src"; then \ + ${MKDIR} -p `${DIRNAME} "$$dest"`; \ + ${LN} -fs $$src $$dest; \ + break; \ + fi; \ + done; \ + fi +. endif +. endif # USE_OLD_DES_API == yes +.endif # USE_BUILTIN.openssl == yes + .if defined(PKG_SYSCONFDIR.openssl) SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs .elif ${OPSYS} == "NetBSD" |