Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
executable file 74 lines (61 sloc) 2.54 KB
#!/usr/bin/env beesh
# BEE_VERSION openssl1-1.1.1za-0
#SRCURL[0]="https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz"
SRCURL[0]="https://beehive.molgen.mpg.de/3f76825f195e52d4b10c70040681a275/openssl-1.1.1w.tar.gz"
# The patches and the message below are from Slackware
# Patches themselves are under the Apache License v2.0. After patching the package
# identifies itself as version 'za'
#
# Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
# were only available to subscribers to OpenSSL's premium extended support.
# These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
# Thanks to Ken Zalewski!
PATCHURL+=("https://beehive.molgen.mpg.de/61daee1e6724b5b2d9dcd8e7a0c45553/0001-openssl-1.1.1x_CVE-2023-5678_CVE-2024-0727.patch")
PATCHURL+=("https://beehive.molgen.mpg.de/23347a1a7cc77d1b5e8b3832d36bbf71/0002-openssl-1.1.1y_CVE-2024-2511_CVE-2024-4741.patch")
PATCHURL+=("https://beehive.molgen.mpg.de/ee9011230a6b4317644b04b9e9a7ff57/0003-openssl-1.1.1za_CVE-2024-5535.patch")
# build_in_sourcedir
# sourcesubdir_append src
#mee_extract() {
# bee_extract "${@}"
#}
mee_patch() {
bee_patch "${@}"
# no html
sed -e '/^install_docs:/ s/install_html_docs//' -i Configurations/unix-Makefile.tmpl
# no func() docs
sed -e 's/podpath=man1:man3:man5:man7/podpath=man1:man5:man7/;s/\[ 1, 3, 5, 7 \]/[ 1, 5, 7 ]/;' -i util/process_docs.pl
}
mee_configure() {
start_cmd ${S}/config \
--prefix=${PREFIX} \
--openssldir=${SYSCONFDIR}/ssl \
--libdir=lib/openssl-1.1 \
shared \
zlib-dynamic
}
mee_build() {
start_cmd make depend
start_cmd make ${BEE_MAKEFLAGS}
start_cmd make -j1 test
}
mee_install() {
start_cmd make DESTDIR=${D} MANDIR=${MANDIR} MANSUFFIX=ssl install
}
mee_install_post() {
rm -f ${D}/usr/lib/openssl-1.1/*.a # hmmm, see 'shared' above ...
# now provide the libraries as 'compat-package', and rearrange
# everything in a way, that
# PKG_CONFIG_PATH=/usr/lib/openssl-1.1/pkgconfig
# allows to build 'legacy' packages.
( cd ${D}/usr/lib/openssl-1.1
for file in lib*.so.?.* ; do
mv $file ../../lib
ln -sf ../../lib/$file .
done
)
mkdir -p ${D}/usr/include/openssl-1.1
mv ${D}/usr/include/openssl ${D}/usr/include/openssl-1.1/openssl
sed -e "s|/include$|/include/openssl-1.1|" -i ${D}/usr/lib/openssl-1.1/pkgconfig/*.pc
mv ${D}/usr/bin/openssl ${D}/usr/bin/openssl-1.1
rm -rf ${D}/etc ${D}/usr/bin/c_rehash ${D}/usr/share
}