Merge branch 'master' into jtrfix

pentoo · Jan 18, 2025 · 46a16a9 · 46a16a9
2 parents 574458b + 03f544f
commit 46a16a9
Show file tree

Hide file tree

Showing 16 changed files with 450 additions and 598 deletions.
diff --git a/dev-libs/openssl-bad/Manifest b/dev-libs/openssl-bad/Manifest
@@ -1 +1,2 @@
-DIST openssl-bad-1.0.2_p20220901.tar.gz 5530282 BLAKE2B 4e5311392596e40f491e36dbb79d41b20c7fc55d11396a828af23e76eb436e4eb5395cc5285f10dc14dab0be732db0eefe80beba15ecbec814da310526ce9285 SHA512 41b4e3d48e5ad090466ca90b4c6b1be1b166cd2978011f65b67502ca1b9fd0130796cc0d8c87908f0eaf342c9a1fb29f7c9f84c6f1fded8d2999099c12c227ed
+DIST openssl-bad-1.0.2_p20250104.gh.tar.gz 5529207 BLAKE2B 8187086c1b566da364ffbb7d39816750445328d33a7c93d21a62219191e2de4ab3c4fa85493d421de36ef802dff540b567a22c47e0a8a176847fcdbca13cfa92 SHA512 ceaf16082f8e14bd24c6910c8d8a5f48361f02d9f9a5a471b456a91e06fabc08c81ffe71a4c5605fa9f62e927fd66626268ae49e8eb4bc5b72ae14361305934c
+DIST openssl-compat-1.0.2u-versioned-symbols.patch.gz 24633 BLAKE2B 6bfad4ad27dbca0bd85bfd9521ffc844c3e93e6a1cca7c814edd49affc60ece1c706dd3aa7be2ce80857532531eac6f0f03f43c0be22a769d00d9241686eff71 SHA512 3d85aa34f2491e0e36eedc45829709e0fb552f6d558c2726b59dafa98c3e679b88497f3f7399d7565d88e727591e7d9b12f5b1e27116ba19b9a661d7f75b07a9
diff --git a/...sl-bad/files/openssl-1.0.0a-ldflags.patch → ...0_all_openssl-1.0.2-respect-ldflags.patch b/...sl-bad/files/openssl-1.0.0a-ldflags.patch → ...0_all_openssl-1.0.2-respect-ldflags.patch
@@ -1,24 +1,34 @@
-http://bugs.gentoo.org/181438
-http://bugs.gentoo.org/327421
-https://rt.openssl.org/Ticket/Display.html?id=3331&user=guest&pass=guest
-
-make sure we respect LDFLAGS
+From: Mike Frysinger <[email protected]>
+Date: Sun, 27 Apr 2014 11:04:20 +0200
+Subject: make sure we respect LDFLAGS
 
 also make sure we don't add useless -rpath flags to the system libdir
 
+Bug: http://bugs.gentoo.org/181438
+Bug: http://bugs.gentoo.org/327421
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3331&user=guest&pass=guest
+---
+ Makefile.org    | 1 +
+ Makefile.shared | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile.org b/Makefile.org
+index f51f0a7..19ebd38 100644
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -189,6 +189,7 @@
+@@ -220,6 +220,7 @@ BUILDENV=	LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
  		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
  		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
  		MAKEDEPPROG='$(MAKEDEPPROG)'			\
 +		LDFLAGS='${LDFLAGS}'				\
  		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
  		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
  		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
+diff --git a/Makefile.shared b/Makefile.shared
+index e8d222a..72c0144 100644
 --- a/Makefile.shared
 +++ b/Makefile.shared
-@@ -153,7 +153,7 @@
+@@ -153,7 +153,7 @@ DO_GNU_SO=$(CALC_VERSIONS); \
  	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
  	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
 
@@ -27,3 +37,6 @@ also make sure we don't add useless -rpath flags to the system libdir
 
  #This is rather special.  It's a special target with which one can link
  #applications without bothering with any features that have anything to
+-- 
+2.15.1
+
diff --git a/...openssl-1.0.2a-parallel-obj-headers.patch → ...nssl-1.0.2-fix-parallel-obj-headers.patch b/...openssl-1.0.2a-parallel-obj-headers.patch → ...nssl-1.0.2-fix-parallel-obj-headers.patch
@@ -1,23 +1,22 @@
-https://rt.openssl.org/Ticket/Display.html?id=3737&user=guest&pass=guest
-
-From ce279d4361e07e9af9ceca8a6e326e661758ad53 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <[email protected]>
 Date: Sun, 8 Mar 2015 01:34:48 -0500
-Subject: [PATCH] fix parallel generation of obj headers
+Subject: fix parallel generation of obj headers
 
 The current code has dummy sleep/touch commands to try and work
 around the parallel issue, but that is obviously racy.  Instead
 lets force one of the files to depend on the other so we know
 they'll never run in parallel.
+
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3737&user=guest&pass=guest
 ---
  crypto/objects/Makefile | 6 +++---
  1 file changed, 3 insertions(+), 3 deletions(-)
 
 diff --git a/crypto/objects/Makefile b/crypto/objects/Makefile
-index ad2db1e..7d32504 100644
+index f93d2f9..383c5bc 100644
 --- a/crypto/objects/Makefile
 +++ b/crypto/objects/Makefile
-@@ -44,11 +44,11 @@
+@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h
  # objects.pl both reads and writes obj_mac.num
  obj_mac.h: objects.pl objects.txt obj_mac.num
  	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
@@ -33,5 +32,5 @@ index ad2db1e..7d32504 100644
  files:
  	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
 -- 
-2.3.4
+2.15.1
 
diff --git a/...penssl-1.0.2a-parallel-install-dirs.patch → ...ssl-1.0.2-fix-parallel-install-dirs.patch b/...penssl-1.0.2a-parallel-install-dirs.patch → ...ssl-1.0.2-fix-parallel-install-dirs.patch
@@ -1,27 +1,26 @@
-https://rt.openssl.org/Ticket/Display.html?id=3736&user=guest&pass=guest
-
-From aba899f2eca21e11e5e9797bf8258e7265dea9f5 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <[email protected]>
 Date: Sun, 8 Mar 2015 01:32:01 -0500
-Subject: [PATCH] fix parallel install with dir creation
+Subject: fix parallel install with dir creation
 
 The mkdir-p.pl does not handle parallel creation of directories.
 This comes up when the install_sw and install_docs rules run and
 both call mkdir-p.pl on sibling directory trees.
 
 Instead, lets create a single install_dirs rule that makes all of
 the dirs we need, and have these two install steps depend on that.
+
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3736&user=guest&pass=guest
 ---
- Makefile.org | 17 +++++++++--------
- 1 file changed, 9 insertions(+), 8 deletions(-)
+ Makefile.org | 18 ++++++++++--------
+ 1 file changed, 10 insertions(+), 8 deletions(-)
 
 diff --git a/Makefile.org b/Makefile.org
-index a6d9471..78e6143 100644
+index 1ba910c..5ca5127 100644
 --- a/Makefile.org
 +++ b/Makefile.org
-@@ -536,9 +536,9 @@
- dist_pem_h:
- 	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+@@ -541,9 +541,9 @@ dist:
+ 	@$(MAKE) SDIRS='$(SDIRS)' clean
+ 	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
 
 -install: all install_docs install_sw
 +install: install_docs install_sw
@@ -31,7 +30,7 @@ index a6d9471..78e6143 100644
  	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
  		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
  		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-@@ -547,6 +547,13 @@
+@@ -552,6 +552,13 @@ install_sw:
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
  		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
@@ -45,7 +44,7 @@ index a6d9471..78e6143 100644
  	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
  	do \
  	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-@@ -636,12 +643,7 @@
+@@ -641,12 +648,7 @@ install_html_docs:
  		done; \
  	done
 
@@ -60,5 +59,5 @@ index a6d9471..78e6143 100644
  	here="`pwd`"; \
  	filecase=; \
 -- 
-2.3.4
+2.15.1
 
diff --git a/.../openssl-1.0.2a-parallel-symlinking.patch → ...enssl-1.0.2-fix-parallel-symlinking.patch b/.../openssl-1.0.2a-parallel-symlinking.patch → ...enssl-1.0.2-fix-parallel-symlinking.patch
@@ -1,49 +1,47 @@
-https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest
-
-From cc81af135bda47eaa6956a0329cbbc55bf993ac1 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <[email protected]>
 Date: Fri, 3 Apr 2015 01:16:23 -0400
-Subject: [PATCH] fix race when symlink shareds libs
+Subject: fix race when symlink shareds libs
 
 When the crypto/ssl targets attempt to build their shared libs, they run:
-	cd ..; make libcrypto.so.1.0.0
+        cd ..; make libcrypto.so.1.0.0
 The top level Makefile in turn runs the build-shared target for that lib.
 
 The build-shared target depends on both do_$(SHLIB_TARGET) & link-shared.
 When building in parallel, make is allowed to run both of these.  They
 both run Makefile.shared for their respective targets:
 do_$(SHLIB_TARGET) ->
-	link_a.linux-shared ->
-	link_a.gnu ->
-	...; $(LINK_SO_A) ->
-	$(LINK_SO) ->
-	$(SYMLINK_SO)
+        link_a.linux-shared ->
+        link_a.gnu ->
+        ...; $(LINK_SO_A) ->
+        $(LINK_SO) ->
+        $(SYMLINK_SO)
 link-shared ->
-	symlink.linux-shared ->
-	symlink.gnu ->
-	...; $(SYMLINK_SO)
+        symlink.linux-shared ->
+        symlink.gnu ->
+        ...; $(SYMLINK_SO)
 
 The shell code for SYMLINK_SO attempts to do a [ -e lib ] check, but fails
 basic TOCTOU semantics.  Depending on the load, that means two processes
 will run the sequence:
-	rm -f libcrypto.so
-	ln -s libcrypto.so.1.0.0 libcrypto.so
+        rm -f libcrypto.so
+        ln -s libcrypto.so.1.0.0 libcrypto.so
 
 Which obviously fails:
-	ln: failed to create symbolic link 'libcrypto.so': File exists
+        ln: failed to create symbolic link 'libcrypto.so': File exists
 
 Since we know do_$(SHLIB_TARGET) will create the symlink for us, don't
 bother depending on link-shared at all in the top level Makefile when
 building things.
 
 Reported-by: Martin von Gagern <[email protected]>
-URL: https://bugs.gentoo.org/545028
+Bug: https://bugs.gentoo.org/545028
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest
 ---
  Makefile.org | 5 ++++-
  1 file changed, 4 insertions(+), 1 deletion(-)
 
 diff --git a/Makefile.org b/Makefile.org
-index 890bfe4..576c60e 100644
+index 5ca5127..d413743 100644
 --- a/Makefile.org
 +++ b/Makefile.org
 @@ -350,7 +350,10 @@ link-shared:
@@ -59,5 +57,5 @@ index 890bfe4..576c60e 100644
  do_$(SHLIB_TARGET):
  	@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
 -- 
-2.3.4
+2.15.1
 
diff --git a/dev-libs/openssl-bad/files/patch/015_all_openssl-1.0.2-fix-parallel-install-dirs2.patch b/dev-libs/openssl-bad/files/patch/015_all_openssl-1.0.2-fix-parallel-install-dirs2.patch
@@ -0,0 +1,42 @@
+From: Sebastian Andrzej Siewior <[email protected]>
+Date: Fri, 10 Jun 2016 20:04:51 +0200
+Subject: utils/mkdir-p: check if dir exists also after mkdir failed
+
+Commit 70a56b914772e6b21cda2a5742817ae4bb7290f1 upstream.
+
+With "make install -j8" it happens very often that two or more make
+instances are creating the same directory in parallel. As a result one
+instace creates the directory and second mkdir fails because the
+directory exists already (but it did not while testing for it earlier).
+
+Signed-off-by: Sebastian Andrzej Siewior <[email protected]>
+
+Reviewed-by: Matt Caswell <[email protected]>
+Reviewed-by: Rich Salz <[email protected]>
+(Merged from https://github.com/openssl/openssl/pull/1204)
+Bug: https://bugs.gentoo.org/651880
+---
+ util/mkdir-p.pl | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/util/mkdir-p.pl b/util/mkdir-p.pl
+index e73d02b073..78bada3f99 100755
+--- a/util/mkdir-p.pl
++++ b/util/mkdir-p.pl
+@@ -29,6 +29,12 @@ sub do_mkdir_p {
+     do_mkdir_p($parent);
+   }
+
+-  mkdir($dir, 0777) || die "Cannot create directory $dir: $!\n";
++  unless (mkdir($dir, 0777)) {
++    if (-d $dir) {
++      # We raced against another instance doing the same thing.
++      return;
++    }
++    die "Cannot create directory $dir: $!\n";
++  }
+   print "created directory `$dir'\n";
+ }
+-- 
+2.16.3
+
diff --git a/...sl-bad/files/openssl-1.0.2a-x32-asm.patch → ...patch/040_all_openssl-1.0.2-x32-asm.patch b/...sl-bad/files/openssl-1.0.2a-x32-asm.patch → ...patch/040_all_openssl-1.0.2-x32-asm.patch
@@ -1,9 +1,6 @@
-https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest
-
-From 6257d59b3a68d2feb9d64317a1c556dc3813ee61 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <[email protected]>
 Date: Sat, 21 Mar 2015 06:01:25 -0400
-Subject: [PATCH] crypto: use bigint in x86-64 perl
+Subject: crypto: use bigint in x86-64 perl
 
 When building on x32 systems where the default type is 32bit, make sure
 we can transparently represent 64bit integers.  Otherwise we end up with
@@ -18,26 +15,27 @@ We don't enable this globally as there are some cases where we'd get
 32bit values interpreted as unsigned when we need them as signed.
 
 Reported-by: Bertrand Jacquin <[email protected]>
-URL: https://bugs.gentoo.org/542618
+Bug: https://bugs.gentoo.org/542618
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest
 ---
  crypto/perlasm/x86_64-xlate.pl | 4 ++++
  1 file changed, 4 insertions(+)
 
 diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
-index aae8288..0bf9774 100755
+index d19195e..96d9edd 100755
 --- a/crypto/perlasm/x86_64-xlate.pl
 +++ b/crypto/perlasm/x86_64-xlate.pl
-@@ -195,6 +195,10 @@ my %globals;
-     sub out {
-     	my $self = shift;
+@@ -269,6 +269,10 @@ my %globals;
+ 		$self->{base} = $self->{index}; $self->{index} = $1;
+ 	}
 
 +	# When building on x32 ABIs, the expanded hex value might be too
 +	# big to fit into 32bits.  Enable transparent 64bit support here
 +	# so we can safely print it out.
 +	use bigint;
  	if ($gas) {
- 	    # Solaris /usr/ccs/bin/as can't handle multiplications
- 	    # in $self->{value}
+ 	    $self->{label} =~ s/^___imp_/__imp__/   if ($flavour eq "mingw64");
+
 -- 
-2.3.3
+2.15.1
 
diff --git a/...files/openssl-1.0.1p-default-source.patch → ...41_all_openssl-1.0.2-default-source.patch b/...files/openssl-1.0.1p-default-source.patch → ...41_all_openssl-1.0.2-default-source.patch
@@ -1,20 +1,19 @@
-https://bugs.gentoo.org/554338
-https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest
-
-From 7c2e97f8bbae517496fdc11f475b4ae54b2534f5 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <[email protected]>
 Date: Fri, 10 Jul 2015 01:50:52 -0400
-Subject: [PATCH] test: use _DEFAULT_SOURCE with newer glibc versions
+Subject: test: use _DEFAULT_SOURCE with newer glibc versions
 
 The _BSD_SOURCE macro is replaced by the _DEFAULT_SOURCE macro.  Using
 just the former with newer versions leads to a build time warning, so
 make sure to use the new macro too.
+
+Bug: https://bugs.gentoo.org/554338
+Upstream-Bug: https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest
 ---
  ssl/ssltest.c | 1 +
  1 file changed, 1 insertion(+)
 
 diff --git a/ssl/ssltest.c b/ssl/ssltest.c
-index 26cf96c..b36f667 100644
+index f6a8f19..97ef221 100644
 --- a/ssl/ssltest.c
 +++ b/ssl/ssltest.c
 @@ -141,6 +141,7 @@
@@ -23,8 +22,8 @@ index 26cf96c..b36f667 100644
  /* Or gethostname won't be declared properly on Linux and GNU platforms. */
 +#define _DEFAULT_SOURCE 1
  #define _BSD_SOURCE 1
+ #define _DEFAULT_SOURCE 1
 
- #include <assert.h>
 -- 
-2.4.4
+2.15.1
 
diff --git a/dev-libs/openssl-bad/files/patch/042_all_openssl-1.0.2o-pc-no_kerberos_includes.patch b/dev-libs/openssl-bad/files/patch/042_all_openssl-1.0.2o-pc-no_kerberos_includes.patch
@@ -0,0 +1,25 @@
+Don't include kerberos dir into pkgconfig files.
+
+https://bugs.gentoo.org/401665
+Thanks-to: Arfrever Frehtes Taifersar Arahesis <[email protected]>
+
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -377,7 +377,7 @@
+ 	    echo 'Requires: '; \
+ 	    echo 'Libs: -L$${libdir} -lcrypto'; \
+ 	    echo 'Libs.private: $(EX_LIBS)'; \
+-	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
++	    echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
+
+ libssl.pc: Makefile
+ 	@ ( echo 'prefix=$(INSTALLTOP)'; \
+@@ -391,7 +391,7 @@
+ 	    echo 'Requires.private: libcrypto'; \
+ 	    echo 'Libs: -L$${libdir} -lssl'; \
+ 	    echo 'Libs.private: $(EX_LIBS)'; \
+-	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
++	    echo 'Cflags: -I$${includedir}' ) > libssl.pc
+
+ openssl.pc: Makefile
+ 	@ ( echo 'prefix=$(INSTALLTOP)'; \