Skip to content

openssl: install version 3.3.2 and 1-1.1.1za #3173

Merged
merged 1 commit into from
Oct 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
54 changes: 54 additions & 0 deletions openssl.be0
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
#!/usr/bin/env beesh

# BEE_VERSION openssl-3.3.2-0

#SRCURL[0]="https://github.com/openssl/openssl/releases/download/openssl-${PKGVERSION}/openssl-${PKGVERSION}.tar.gz"
SRCURL[0]="https://beehive.molgen.mpg.de/015fca2692596560b6fe8a2d8fecd84b/openssl-3.3.2.tar.gz"

# PATCHURL+=()

# build_in_sourcedir

# sourcesubdir_append src

#mee_extract() {
# bee_extract "${@}"
#}

#mee_patch() {
# bee_patch "${@}"
#}

mee_configure_pre() {
# html, and man(3) is unwanted, prevent clutter from the beginning
sed \
-e '/^build_docs:/ s/build_html_docs//' \
-e '/^build_man_docs:/ s/$(MANDOCS3)\s//' \
-e '/^install_docs:/ s/install_html_docs//' \
-e '/for x in dummy/ s/$(MANDOCS3)//' \
-i ${S}/Configurations/unix-Makefile.tmpl
}

mee_configure() {
${S}/config \
--prefix=${PREFIX} \
--openssldir=${SYSCONFDIR}/ssl \
--libdir=lib \
shared \
zlib-dynamic
}

mee_build() {
make depend
make ${BEE_MAKEFLAGS}
make -j1 test || true # one failure '04-test_bio_dgram.t' -> Testing with AF_INET6, local=0, mariux issue ...
}

mee_install() {
make DESTDIR=${D} MANDIR=${MANDIR} MANSUFFIX=ssl install
}

mee_install_post() {
rm -vf ${D}/usr/lib/*.a # hmmm, see 'shared' above ...
rmdir ${D}/usr/share/man/man3
}
41 changes: 36 additions & 5 deletions openssl1.be0
Original file line number Diff line number Diff line change
@@ -1,11 +1,22 @@
#!/usr/bin/env beesh

# BEE_VERSION openssl1-1.1.1t-0
# BEE_VERSION openssl1-1.1.1za-0
donald marked this conversation as resolved.
Show resolved Hide resolved

#SRCURL[0]="https://www.openssl.org/source/openssl-${PKGVERSION}.tar.gz"
SRCURL[0]="https://beehive.molgen.mpg.de/1cfee919e0eac6be62c88c5ae8bcd91e/openssl-1.1.1t.tar.gz"
#SRCURL[0]="https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz"
SRCURL[0]="https://beehive.molgen.mpg.de/3f76825f195e52d4b10c70040681a275/openssl-1.1.1w.tar.gz"

# PATCHURL+=()
# The patches and the message below are from Slackware
# Patches themselves are under the Apache License v2.0. After patching the package
# identifies itself as version 'za'
#
# Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
# were only available to subscribers to OpenSSL's premium extended support.
# These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
# Thanks to Ken Zalewski!

PATCHURL+=("https://beehive.molgen.mpg.de/61daee1e6724b5b2d9dcd8e7a0c45553/0001-openssl-1.1.1x_CVE-2023-5678_CVE-2024-0727.patch")
PATCHURL+=("https://beehive.molgen.mpg.de/23347a1a7cc77d1b5e8b3832d36bbf71/0002-openssl-1.1.1y_CVE-2024-2511_CVE-2024-4741.patch")
PATCHURL+=("https://beehive.molgen.mpg.de/ee9011230a6b4317644b04b9e9a7ff57/0003-openssl-1.1.1za_CVE-2024-5535.patch")

# build_in_sourcedir

Expand All @@ -27,7 +38,7 @@ mee_configure() {
start_cmd ${S}/config \
--prefix=${PREFIX} \
--openssldir=${SYSCONFDIR}/ssl \
--libdir=lib \
--libdir=lib/openssl-1.1 \
shared \
zlib-dynamic
}
Expand All @@ -41,3 +52,23 @@ mee_build() {
mee_install() {
start_cmd make DESTDIR=${D} MANDIR=${MANDIR} MANSUFFIX=ssl install
}

mee_install_post() {
rm -f ${D}/usr/lib/openssl-1.1/*.a # hmmm, see 'shared' above ...

# now provide the libraries as 'compat-package', and rearrange
# everything in a way, that
# PKG_CONFIG_PATH=/usr/lib/openssl-1.1/pkgconfig
# allows to build 'legacy' packages.
( cd ${D}/usr/lib/openssl-1.1
for file in lib*.so.?.* ; do
mv $file ../../lib
ln -sf ../../lib/$file .
done
)
mkdir -p ${D}/usr/include/openssl-1.1
mv ${D}/usr/include/openssl ${D}/usr/include/openssl-1.1/openssl
sed -e "s|/include$|/include/openssl-1.1|" -i ${D}/usr/lib/openssl-1.1/pkgconfig/*.pc
mv ${D}/usr/bin/openssl ${D}/usr/bin/openssl-1.1
rm -rf ${D}/etc ${D}/usr/bin/c_rehash ${D}/usr/share
}