From 95fd1f6ec9ce583a46e4351179d93b744a17d1ad Mon Sep 17 00:00:00 2001 From: jlam Date: Wed, 1 Jun 2005 18:02:37 +0000 Subject: Massive cleanup of buildlink3.mk and builtin.mk files in pkgsrc. Several changes are involved since they are all interrelated. These changes affect about 1000 files. The first major change is rewriting bsd.builtin.mk as well as all of the builtin.mk files to follow the new example in bsd.builtin.mk. The loop to include all of the builtin.mk files needed by the package is moved from bsd.builtin.mk and into bsd.buildlink3.mk. bsd.builtin.mk is now included by each of the individual builtin.mk files and provides some common logic for all of the builtin.mk files. Currently, this includes the computation for whether the native or pkgsrc version of the package is preferred. This causes USE_BUILTIN.* to be correctly set when one builtin.mk file includes another. The second major change is teach the builtin.mk files to consider files under ${LOCALBASE} to be from pkgsrc-controlled packages. Most of the builtin.mk files test for the presence of built-in software by checking for the existence of certain files, e.g. , and we now assume that if that file is under ${LOCALBASE}, then it must be from pkgsrc. This modification is a nod toward LOCALBASE=/usr. The exceptions to this new check are the X11 distribution packages, which are handled specially as noted below. The third major change is providing builtin.mk and version.mk files for each of the X11 distribution packages in pkgsrc. The builtin.mk file can detect whether the native X11 distribution is the same as the one provided by pkgsrc, and the version.mk file computes the version of the X11 distribution package, whether it's built-in or not. The fourth major change is that the buildlink3.mk files for X11 packages that install parts which are part of X11 distribution packages, e.g. Xpm, Xcursor, etc., now use imake to query the X11 distribution for whether the software is already provided by the X11 distribution. This is more accurate than grepping for a symbol name in the imake config files. Using imake required sprinkling various builtin-imake.mk helper files into pkgsrc directories. These files are used as input to imake since imake can't use stdin for that purpose. The fifth major change is in how packages note that they use X11. Instead of setting USE_X11, package Makefiles should now include x11.buildlink3.mk instead. This causes the X11 package buildlink3 and builtin logic to be executed at the correct place for buildlink3.mk and builtin.mk files that previously set USE_X11, and fixes packages that relied on buildlink3.mk files to implicitly note that X11 is needed. Package buildlink3.mk should also include x11.buildlink3.mk when linking against the package libraries requires also linking against the X11 libraries. Where it was obvious, redundant inclusions of x11.buildlink3.mk have been removed. --- security/openssl/builtin.mk | 211 +++++++++++++++++++------------------------- 1 file changed, 92 insertions(+), 119 deletions(-) (limited to 'security/openssl') diff --git a/security/openssl/builtin.mk b/security/openssl/builtin.mk index 6d8fe6e0609..35a9f1ef9c4 100644 --- a/security/openssl/builtin.mk +++ b/security/openssl/builtin.mk @@ -1,172 +1,145 @@ -# $NetBSD: builtin.mk,v 1.12 2005/03/23 09:06:38 jlam Exp $ +# $NetBSD: builtin.mk,v 1.13 2005/06/01 18:03:21 jlam Exp $ -_OPENSSL_PKGSRC_PKGNAME= openssl-0.9.7f -_OPENSSL_OPENSSLV_H= /usr/include/openssl/opensslv.h +BUILTIN_PKG:= openssl -.for _lib_ in des -. if !defined(_BLNK_LIB_FOUND.${_lib_}) -_BLNK_LIB_FOUND.${_lib_}!= \ - if ${TEST} "`${ECHO} /usr/lib/lib${_lib_}.*`" != "/usr/lib/lib${_lib_}.*"; then \ - ${ECHO} "yes"; \ - elif ${TEST} "`${ECHO} /lib/lib${_lib_}.*`" != "/lib/lib${_lib_}.*"; then \ - ${ECHO} "yes"; \ - else \ - ${ECHO} "no"; \ - fi -BUILDLINK_VARS+= _BLNK_LIB_FOUND.${_lib_} -. endif -.endfor -.undef _lib_ +BUILTIN_FIND_LIBS:= des +BUILTIN_FIND_FILES_VAR:= H_OPENSSL +BUILTIN_FIND_FILES.H_OPENSSL= /usr/include/openssl/opensslv.h + +.include "../../mk/buildlink3/bsd.builtin.mk" +### +### Determine if there is a built-in implementation of the package and +### set IS_BUILTIN. appropriately ("yes" or "no"). +### .if !defined(IS_BUILTIN.openssl) IS_BUILTIN.openssl= no -. if exists(${_OPENSSL_OPENSSLV_H}) +. if empty(H_OPENSSL:M${LOCALBASE}/*) && exists(${H_OPENSSL}) IS_BUILTIN.openssl= yes -# -# Create an appropriate name for the built-in package distributed -# with the system. This package name can be used to check against -# BUILDLINK_DEPENDS. to see if we need to install the pkgsrc -# version or if the built-in one is sufficient. -# -_OPENSSL_MAJOR!= \ - ${AWK} 'BEGIN { hex="0123456789abcdef" } \ - /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \ - i = index(hex, substr($$3, 3, 1)) - 1; \ - print i; \ - exit 0; \ +. endif +.endif +MAKEVARS+= IS_BUILTIN.openssl + +### +### If there is a built-in implementation, then set BUILTIN_PKG. to +### a package name to represent the built-in package. +### +.if !defined(BUILTIN_PKG.openssl) && \ + !empty(IS_BUILTIN.openssl:M[yY][eE][sS]) && \ + exists (${H_OPENSSL}) +BUILTIN_VERSION.openssl!= \ + ${AWK} 'BEGIN { hex="0123456789abcdef"; \ + split("abcdefghijklmnopqrstuvwxyz", alpha, ""); \ } \ - ' ${_OPENSSL_OPENSSLV_H} -_OPENSSL_MINOR!= \ - ${AWK} 'BEGIN { hex="0123456789abcdef" } \ /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \ + major = index(hex, substr($$3, 3, 1)) - 1; \ i = 16 * (index(hex, substr($$3, 4, 1)) - 1); \ i += index(hex, substr($$3, 5, 1)) - 1; \ - print i; \ - exit 0; \ - } \ - ' ${_OPENSSL_OPENSSLV_H} -_OPENSSL_TEENY!= \ - ${AWK} 'BEGIN { hex="0123456789abcdef" } \ - /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \ + minor = "."i; \ i = 16 * (index(hex, substr($$3, 6, 1)) - 1); \ i += index(hex, substr($$3, 7, 1)) - 1; \ - print i; \ - exit 0; \ - } \ - ' ${_OPENSSL_OPENSSLV_H} -_OPENSSL_PATCHLEVEL!= \ - ${AWK} 'BEGIN { hex="0123456789abcdef"; \ - split("abcdefghijklmnopqrstuvwxyz", alpha, ""); \ - } \ - /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \ + teeny = "."i; \ i = 16 * (index(hex, substr($$3, 8, 1)) - 1); \ i += index(hex, substr($$3, 9, 1)) - 1; \ if (i == 0) { \ - print ""; \ + patchlevel = ""; \ } else if (i > 26) { \ - print "a"; \ + patchlevel = "a"; \ } else { \ - print alpha[i]; \ + patchlevel = alpha[i]; \ } \ + printf "%s%s%s%s\n", \ + major, minor, teeny, patchlevel; \ exit 0; \ } \ - ' ${_OPENSSL_OPENSSLV_H} -_OPENSSL_VERSION= ${_OPENSSL_MAJOR}.${_OPENSSL_MINOR}.${_OPENSSL_TEENY}${_OPENSSL_PATCHLEVEL} -BUILTIN_PKG.openssl= openssl-${_OPENSSL_VERSION} -. if !empty(_OPENSSL_VERSION:M0\.9\.6g) + ' ${H_OPENSSL} + +. if !empty(BUILTIN_VERSION.openssl:M0\.9\.6g) && \ + exists(${H_OPENSSL}) # # If the native OpenSSL contains the security fixes pulled up to the # netbsd-1-6 branch on 2003-11-07, then pretend it's openssl-0.9.6l. # -_OPENSSL_HAS_20031107_FIX!= \ +BUILTIN_OPENSSL_HAS_20031107_FIX!= \ ${AWK} 'BEGIN { ans = "no" } \ /OPENSSL_HAS_20031107_FIX/ { ans = "yes" } \ END { print ans; exit 0 } \ - ' ${_OPENSSL_OPENSSLV_H} -. if !empty(_OPENSSL_HAS_20031107_FIX:M[yY][eE][sS]) -BUILTIN_PKG.openssl= openssl-0.9.6l -. endif + ' ${H_OPENSSL} +. if !empty(BUILTIN_OPENSSL_HAS_20031107_FIX:M[yY][eE][sS]) +BUILTIN_VERSION.openssl= 0.9.6l +. endif # # If the native OpenSSL contains the security fixes pulled up to the # netbsd-1-6 branch on 2004-04-01, then pretend it's openssl-0.9.6m. # -_OPENSSL_HAS_20040401_FIX!= \ +BUILTIN_OPENSSL_HAS_20040401_FIX!= \ ${AWK} 'BEGIN { ans = "no" } \ /OPENSSL_HAS_20040401_FIX/ { ans = "yes" } \ END { print ans; exit 0 } \ - ' ${_OPENSSL_OPENSSLV_H} -. if !empty(_OPENSSL_HAS_20040401_FIX:M[yY][eE][sS]) -BUILTIN_PKG.openssl= openssl-0.9.6m -. endif + ' ${H_OPENSSL} +. if !empty(BUILTIN_OPENSSL_HAS_20040401_FIX:M[yY][eE][sS]) +BUILTIN_VERSION.openssl= -0.9.6m . endif -BUILDLINK_VARS+= BUILTIN_PKG.openssl . endif -BUILDLINK_VARS+= IS_BUILTIN.openssl -.endif # IS_BUILTIN.openssl +BUILTIN_PKG.openssl= openssl-${BUILTIN_VERSION.openssl} +.endif +MAKEVARS+= BUILTIN_PKG.openssl +### +### Determine whether we should use the built-in implementation if it +### exists, and set USE_BUILTIN. appropriate ("yes" or "no"). +### .if !defined(USE_BUILTIN.openssl) -USE_BUILTIN.openssl?= ${IS_BUILTIN.openssl} - -. if defined(BUILTIN_PKG.openssl) +. if ${PREFER.openssl} == "pkgsrc" +USE_BUILTIN.openssl= ${IS_BUILTIN.openssl} +. else +USE_BUILTIN.openssl= ${IS_BUILTIN.openssl} +. if defined(BUILTIN_PKG.openssl) && \ + !empty(IS_BUILTIN.openssl:M[yY][eE][sS]) USE_BUILTIN.openssl= yes -. for _depend_ in ${BUILDLINK_DEPENDS.openssl} -. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) -USE_BUILTIN.openssl!= \ - if ${PKG_ADMIN} pmatch '${_depend_}' ${BUILTIN_PKG.openssl}; then \ - ${ECHO} "yes"; \ - else \ - ${ECHO} "no"; \ - fi -. endif -. endfor -. endif -.endif # USE_BUILTIN.openssl - -CHECK_BUILTIN.openssl?= no -.if !empty(CHECK_BUILTIN.openssl:M[nN][oO]) - -.if !defined(_NEED_NEWER_OPENSSL) -_NEED_NEWER_OPENSSL?= no -. for _depend_ in ${BUILDLINK_DEPENDS.openssl} -. if !empty(_NEED_NEWER_OPENSSL:M[nN][oO]) -_NEED_NEWER_OPENSSL!= \ - if ${PKG_ADMIN} pmatch '${_depend_}' ${_OPENSSL_PKGSRC_PKGNAME}; then \ - ${ECHO} "no"; \ +. for _dep_ in ${BUILDLINK_DEPENDS.openssl} +. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +USE_BUILTIN.openssl!= \ + if ${PKG_ADMIN} pmatch ${_dep_:Q} ${BUILTIN_PKG.openssl:Q}; then \ + ${ECHO} yes; \ else \ - ${ECHO} "yes"; \ + ${ECHO} no; \ fi +. endif +. endfor . endif -. endfor -BUILDLINK_VARS+= _NEED_NEWER_OPENSSL +. endif # PREFER.openssl .endif +MAKEVARS+= USE_BUILTIN.openssl -.if !empty(USE_BUILTIN.openssl:M[nN][oO]) && \ - !empty(_NEED_NEWER_OPENSSL:M[yY][eE][sS]) -PKG_SKIP_REASON= \ - "Unable to satisfy dependency: ${BUILDLINK_DEPENDS.openssl}" -.endif +### +### The section below only applies if we are not including this file +### solely to determine whether a built-in implementation exists. +### +CHECK_BUILTIN.openssl?= no +.if !empty(CHECK_BUILTIN.openssl:M[nN][oO]) -.if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) BUILDLINK_PREFIX.openssl= /usr -.endif +. endif # By default, we don't bother with the old DES API. USE_OLD_DES_API?= no -.if !empty(USE_OLD_DES_API:M[yY][eE][sS]) +. if !empty(USE_OLD_DES_API:M[yY][eE][sS]) # # If we're using the old DES API, then check to see if the old DES # code was factored out into a separate library and header files and # no longer a part of libcrypto. # -. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) -. if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \ - !empty(_BLNK_LIB_FOUND.des:M[yY][eE][sS]) +. if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +. if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \ + !empty(BUILTIN_LIB_FOUND.des:M[yY][eE][sS]) BUILDLINK_TRANSFORM+= l:crypto:des:crypto WRAPPER_REORDER_CMDS+= reorder:l:des:crypto +. endif . endif -. endif -# The idea is to prevent needing to patch source files for packages that +# The idea is to avoid the need to patch source files for packages that # use OpenSSL for DES support by ensuring that including # will always present the old DES API. # @@ -182,7 +155,7 @@ WRAPPER_REORDER_CMDS+= reorder:l:des:crypto # system one and . # BUILDLINK_TARGETS+= buildlink-openssl-des-h -. if !target(buildlink-openssl-des-h) +. if !target(buildlink-openssl-des-h) .PHONY: buildlink-openssl-des-h buildlink-openssl-des-h: ${_PKG_SILENT}${_PKG_DEBUG} \ @@ -209,22 +182,22 @@ buildlink-openssl-des-h: ${ECHO} "Unable to find headers for old DES API."; \ exit 1; \ fi -. endif -.endif # USE_OLD_DES_API == yes +. endif +. endif # USE_OLD_DES_API == yes -.if defined(PKG_SYSCONFDIR.openssl) +. if defined(PKG_SYSCONFDIR.openssl) SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs SSLKEYS= ${PKG_SYSCONFDIR.openssl}/private -.elif ${OPSYS} == "NetBSD" +. elif ${OPSYS} == "NetBSD" SSLCERTS= /etc/openssl/certs SSLKEYS= /etc/openssl/private -.elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +. elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) SSLCERTS= /etc/ssl/certs # likely place where certs live SSLKEYS= /etc/ssl/private # likely place where private keys live -.else +. else SSLCERTS= ${PKG_SYSCONFBASEDIR}/openssl/certs SSLKEYS= ${PKG_SYSCONFBASEDIR}/openssl/private -.endif +. endif BUILD_DEFS+= SSLCERTS SSLKEYS .endif # CHECK_BUILTIN.openssl -- cgit v1.2.3