mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-12-08 23:03:46 +00:00
112 lines
3.6 KiB
Bash
112 lines
3.6 KiB
Bash
# $Id$
|
|
# Maintainer: Pierre Schmitz <pierre@archlinux.de>
|
|
|
|
# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
|
|
# - use linux-armv4 target for our architectures
|
|
# - cryptodev-enabled version
|
|
#
|
|
# moonman <moonman [dot] ca [at] gmail [dot] com>
|
|
# - replace eng_cryptodev in openssl with the one provided with cryptodev
|
|
# - get cryptodev.h from cryptodev tarball instead of the kernel headers
|
|
#
|
|
|
|
buildarch=6
|
|
|
|
pkgname=openssl-cryptodev
|
|
_pkgname=openssl
|
|
_ver=1.0.1e
|
|
# use a pacman compatible version scheme
|
|
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
|
|
#pkgver=$_ver
|
|
pkgrel=5
|
|
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
|
|
arch=('arm' 'armv7h')
|
|
url='https://www.openssl.org'
|
|
license=('custom:BSD')
|
|
depends=('perl')
|
|
optdepends=('ca-certificates')
|
|
options=('!makeflags')
|
|
backup=('etc/ssl/openssl.cnf')
|
|
conflicts=('openssl')
|
|
provides=("openssl=${pkgver}")
|
|
_cryptover=1.6
|
|
|
|
source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"
|
|
'no-rpath.patch'
|
|
'ca-dir.patch'
|
|
'openssl-1.0.1e-fix_pod_syntax-1.patch'
|
|
"http://download.gna.org/cryptodev-linux/cryptodev-linux-${_cryptover}.tar.gz"
|
|
'openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch'
|
|
'openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch')
|
|
|
|
md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
|
|
'dc78d3d06baffc16217519242ce92478'
|
|
'3bf51be3a1bbd262be46dc619f92aa90'
|
|
'88d3bef4bbdc640b0412315d8d347bdf'
|
|
'eade38998313c25fd7934719cdf8a2ea'
|
|
'ae7848bb152b8834ceff30c8c480d422'
|
|
'c5cc62a47cef72f4e5ad119a88e97ae4')
|
|
|
|
prepare() {
|
|
cd $srcdir/${_pkgname}-$_ver
|
|
|
|
# remove rpath: http://bugs.archlinux.org/task/14367
|
|
patch -p0 -i $srcdir/no-rpath.patch
|
|
# set ca dir to /etc/ssl by default
|
|
patch -p0 -i $srcdir/ca-dir.patch
|
|
|
|
patch -p1 -i $srcdir/openssl-1.0.1e-fix_pod_syntax-1.patch
|
|
|
|
# OpenSSL 1.0.0k, 1.0.1.d, 1.0.1e fail handshake with DTLS1_BAD_VER
|
|
# http://rt.openssl.org/Ticket/Display.html?id=2984
|
|
patch -p1 -i $srcdir/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
|
|
|
|
# Communication problems with 1.0.1e
|
|
# http://rt.openssl.org/Ticket/Display.html?id=3002
|
|
patch -p1 -i $srcdir/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
|
|
|
|
#Replace eng_cryptodev.c with cryptodev version
|
|
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/extras/eng_cryptodev.c ${srcdir}/openssl-${_ver}/crypto/engine/
|
|
|
|
#Copy the header file
|
|
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/crypto/cryptodev.h ${srcdir}/openssl-${_ver}/crypto/
|
|
|
|
}
|
|
|
|
build() {
|
|
cd $srcdir/${_pkgname}-$_ver
|
|
|
|
if [ "${CARCH}" == 'x86_64' ]; then
|
|
openssltarget='linux-x86_64'
|
|
elif [ "${CARCH}" == 'i686' ]; then
|
|
openssltarget='linux-elf'
|
|
elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv7h' ]; then
|
|
openssltarget='linux-armv4'
|
|
fi
|
|
|
|
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
|
|
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
|
|
-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 \
|
|
shared threads zlib \
|
|
"${openssltarget}" \
|
|
-Wa,--noexecstack "${CFLAGS}"
|
|
|
|
make depend
|
|
make
|
|
}
|
|
|
|
check() {
|
|
cd $srcdir/$_pkgname-$_ver
|
|
# the test fails due to missing write permissions in /etc/ssl
|
|
# revert this patch for make test
|
|
patch -p0 -R -i $srcdir/ca-dir.patch
|
|
# make test
|
|
patch -p0 -i $srcdir/ca-dir.patch
|
|
}
|
|
|
|
package() {
|
|
depends=('cryptodev_friendly')
|
|
cd $srcdir/$_pkgname-$_ver
|
|
make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
|
|
install -D -m644 LICENSE $pkgdir/usr/share/licenses/$_pkgname/LICENSE
|
|
}
|