pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openssl Rewrite this file so that we can spec...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6c8f7123e84c
branches: trunk
changeset: 461110:6c8f7123e84c
user: jlam <jlam%pkgsrc.org@localhost>
date: Thu Sep 11 04:10:38 2003 +0000
description:
Rewrite this file so that we can specify the version of OpenSSL that we
need by simply setting BUILDLINK_DEPENDS.openssl. This buildlink2.mk file
now functions just like any other typical buildlink2.mk file.
diffstat:
security/openssl/buildlink2.mk | 228 ++++++++++++++++++++++------------------
1 files changed, 123 insertions(+), 105 deletions(-)
diffs (258 lines):
diff -r bd6f51b53dc9 -r 6c8f7123e84c security/openssl/buildlink2.mk
--- a/security/openssl/buildlink2.mk Thu Sep 11 03:42:02 2003 +0000
+++ b/security/openssl/buildlink2.mk Thu Sep 11 04:10:38 2003 +0000
@@ -1,131 +1,149 @@
-# $NetBSD: buildlink2.mk,v 1.8 2003/09/10 16:43:14 jlam Exp $
-#
-# Optionally define USE_OPENSSL_VERSION to the mininum OpenSSL version
-# number in <openssl/opensslv.h>, i.e. 0x0090600fL, etc.
+# $NetBSD: buildlink2.mk,v 1.9 2003/09/11 04:10:38 jlam Exp $
.if !defined(OPENSSL_BUILDLINK2_MK)
OPENSSL_BUILDLINK2_MK= # defined
.include "../../mk/bsd.prefs.mk"
-# OpenSSL version numbers from <openssl/opensslv.h>
-OPENSSL_VERSION_095A= 0x0090581fL
-OPENSSL_VERSION_096= 0x0090600fL
-OPENSSL_VERSION_096A= 0x0090601fL
-OPENSSL_VERSION_096B= 0x0090602fL
-OPENSSL_VERSION_096D= 0x0090604fL
-OPENSSL_VERSION_096E= 0x0090605fL
-OPENSSL_VERSION_096F= 0x0090606fL
-OPENSSL_VERSION_096G= 0x0090607fL
-OPENSSL_VERSION_096H= 0x0090608fL
-OPENSSL_VERSION_096I= 0x0090609fL
-OPENSSL_VERSION_096J= 0x0090610fL
-OPENSSL_VERSION_097A= 0x0090701fL
-OPENSSL_VERSION_097B= 0x0090702fL
-
-# Check for a usable installed version of OpenSSL. Version must be greater
-# than 0.9.6f, or else contain a fix for the 2002-07-30 security advisory.
-# If a usable version isn't present, then use the pkgsrc OpenSSL package.
+# This is the ${PKGNAME} of the version of the OpenSSL package installed
+# by pkgsrc.
#
-_NEED_OPENSSL= YES
-
-_OPENSSLV_H= /usr/include/openssl/opensslv.h
-_SSL_H= /usr/include/openssl/ssl.h
-
-.if exists(${_OPENSSLV_H}) && exists(${_SSL_H})
-_IN_TREE_OPENSSL_HAS_FIX!= \
- ${AWK} 'BEGIN { ans = "NO" } \
- /SSL_R_SSL2_CONNECTION_ID_TOO_LONG/ { ans = "YES" } \
- END { print ans; exit 0 }' ${_SSL_H}
-
-. if ${_IN_TREE_OPENSSL_HAS_FIX} == "YES"
-USE_OPENSSL_VERSION?= ${OPENSSL_VERSION_096F}
-. else
-USE_OPENSSL_VERSION?= ${OPENSSL_VERSION_096G}
-. endif
-
-_OPENSSL_VERSION!= ${AWK} '/.*OPENSSL_VERSION_NUMBER.*/ { print $$3 }' \
- ${_OPENSSLV_H}
-
-# There never was a package for this; only the in-tree openssl had it.
-#_VALID_SSL_VERSIONS= ${OPENSSL_VERSION_096F} # OpenSSL 0.9.6f
-#BUILDLINK_DEPENDS.openssl= openssl>=0.9.6f
-
-. if ${USE_OPENSSL_VERSION} == ${OPENSSL_VERSION_096G} # OpenSSL 0.9.6g
-_VALID_SSL_VERSIONS= ${OPENSSL_VERSION_096G}
-BUILDLINK_DEPENDS.openssl= openssl>=0.9.6g
-. else
-_VALID_SSL_VERSIONS+= ${OPENSSL_VERSION_096G}
-. endif
-
-# For 0.9.7a or 0.9.7b it must be installed as the package currently only
-# support through 0.9.6g
-. if ${USE_OPENSSL_VERSION} == ${OPENSSL_VERSION_097A} # OpenSSL 0.9.7a
-. if (${_OPENSSL_VERSION} != ${OPENSSL_VERSION_097A}) && (${_OPENSSL_VERSION} != OPENSSL_VERSION_097B})
-PKG_SKIP_REASON= "OpenSSL 0.9.7a or higher not installed."
-. else
-_VALID_SSL_VERSIONS= ${OPENSSL_VERSION_097A}
-BUILDLINK_DEPENDS.openssl= openssl>=0.9.7a
-. endif
-. else
-. if (${_OPENSSL_VERSION} == ${OPENSSL_VERSION_097A}) || (${_OPENSSL_VERSION} == OPENSSL_VERSION_097B})
-_VALID_SSL_VERSIONS+= ${OPENSSL_VERSION_097A}
-. endif
-. endif
-
-. if ${USE_OPENSSL_VERSION} == ${OPENSSL_VERSION_097B} # OpenSSL 0.9.7b
-. if ${_OPENSSL_VERSION} != ${OPENSSL_VERSION_097B}
-PKG_SKIP_REASON= "OpenSSL 0.9.7b or higher not installed."
-. else
-_VALID_SSL_VERSIONS= ${OPENSSL_VERSION_097B}
-BUILDLINK_DEPENDS.openssl= openssl>=0.9.7b
-. endif
-. else
-. if ${_OPENSSL_VERSION} == ${OPENSSL_VERSION_097B}
-_VALID_SSL_VERSIONS+= ${OPENSSL_VERSION_097B}
-. endif
-. endif
-
-. for PATTERN in ${_VALID_SSL_VERSIONS}
-. if ${_OPENSSL_VERSION:M${PATTERN}} != ""
-_NEED_OPENSSL= NO
-. endif
-. endfor
-.endif # exists(${_OPENSSLV_H}) && exists(${_SSL_H})
+_OPENSSL_PKGSRC_PKGNAME= openssl-0.9.6gnb2
BUILDLINK_DEPENDS.openssl?= openssl>=0.9.6g
BUILDLINK_PKGSRCDIR.openssl?= ../../security/openssl
-.if ${_NEED_OPENSSL} == "YES"
-BUILDLINK_PACKAGES+= openssl
-EVAL_PREFIX+= BUILDLINK_PREFIX.openssl=openssl
-BUILDLINK_PREFIX.openssl_DEFAULT= ${LOCALBASE}
-SSLBASE= ${BUILDLINK_PREFIX.openssl}
-.else
-BUILDLINK_PREFIX.openssl= /usr
-SSLBASE= /usr
+BUILDLINK_CHECK_BUILTIN.openssl?= NO
+
+_OPENSSL_OPENSSLV_H= /usr/include/openssl/opensslv.h
+_OPENSSL_SSL_H= /usr/include/openssl/ssl.h
+
+.if !defined(BUILDLINK_IS_BUILTIN.openssl)
+BUILDLINK_IS_BUILTIN.openssl= NO
+. if exists(${_OPENSSL_OPENSSLV_H})
+BUILDLINK_IS_BUILTIN.openssl= YES
+. endif
.endif
+.if !empty(BUILDLINK_CHECK_BUILTIN.openssl:M[yY][eE][sS])
+_NEED_OPENSSL= NO
+.else
+. if !empty(BUILDLINK_IS_BUILTIN.openssl:M[nN][oO])
+_NEED_OPENSSL= YES
+. elif !defined(_NEED_OPENSSL)
+_OPENSSL_HAS_FIX= NO
+. if exists(${_OPENSSL_SSL_H})
+_OPENSSL_HAS_20020730_FIX!= \
+ ${AWK} 'BEGIN { ans = "NO" } \
+ /SSL_R_SSL2_CONNECTION_ID_TOO_LONG/ { ans = "YES" } \
+ END { print ans; exit 0 } \
+ ' ${_OPENSSL_SSL_H}
+. endif
+#
+# Create an appropriate name for the built-in package distributed
+# with the system. This package name can be used to check against
+# BUILDLINK_DEPENDS.<pkg> to see if we need to install the pkgsrc
+# version or if the built-in one is sufficient.
+#
+_OPENSSL_MAJOR!= \
+ ${AWK} '/\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
+ print int(substr($$3, 3, 1)); exit 0; \
+ } \
+ ' ${_OPENSSL_OPENSSLV_H}
+_OPENSSL_MINOR!= \
+ ${AWK} '/\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
+ print "." int(substr($$3, 4, 2)); exit 0; \
+ } \
+ ' ${_OPENSSL_OPENSSLV_H}
+_OPENSSL_TEENY!= \
+ ${AWK} '/\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
+ print "." int(substr($$3, 6, 2)); exit 0; \
+ } \
+ ' ${_OPENSSL_OPENSSLV_H}
+_OPENSSL_PATCHLEVEL!= \
+ ${AWK} 'BEGIN { split("abcdefghijklmnopqrstuvwxyz", alpha, "") } \
+ /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
+ i = int(substr($$3, 8, 2)); \
+ if (i == 0) { \
+ print ""; \
+ } else if (i > 26) { \
+ print "a"; \
+ } else { \
+ print alpha[i]; \
+ } \
+ exit 0; \
+ } \
+ ' ${_OPENSSL_OPENSSLV_H}
+_OPENSSL_VERSION= ${_OPENSSL_MAJOR}${_OPENSSL_MINOR}${_OPENSSL_TEENY}${_OPENSSL_PATCHLEVEL}
+_OPENSSL_PKG= openssl-${_OPENSSL_VERSION}
+#
+# If the built-in OpenSSL software is 0.9.6[ef], then check whether it
+# contains the fix for the 20020730 security advisory. If it does, then
+# treat it as the equivalent of openssl-0.9.6g. This is not strictly
+# true, but is good enough since the main differences between 0.9.6e
+# and 0.9.6g are security fixes that NetBSD has already patched into it's
+# built-in OpenSSL software.
+#
+. if !empty(_OPENSSL_VERSION:M0\.9\.6[ef]) && \
+ (${_OPENSSL_HAS_20020730_FIX} == "YES")
+_OPENSSL_PKG= openssl-0.9.6g
+. endif
+_OPENSSL_DEPENDS= ${BUILDLINK_DEPENDS.openssl}
+_NEED_OPENSSL!= \
+ if ${PKG_ADMIN} pmatch '${_OPENSSL_DEPENDS}' ${_OPENSSL_PKG}; then \
+ ${ECHO} "NO"; \
+ else \
+ ${ECHO} "YES"; \
+ fi
+MAKEFLAGS+= _NEED_OPENSSL="${_NEED_OPENSSL}"
+. endif # !defined(_NEED_OPENSSL)
+.endif
+
+.if !defined(_NEED_NEWER_OPENSSL)
+_NEED_NEWER_OPENSSL!= \
+ if ${PKG_ADMIN} pmatch '${BUILDLINK_DEPENDS.openssl}' ${_OPENSSL_PKGSRC_PKGNAME}; then \
+ ${ECHO} "NO"; \
+ else \
+ ${ECHO} "YES"; \
+ fi
+MAKEFLAGS+= _NEED_NEWER_OPENSSL="${_NEED_NEWER_OPENSSL}"
+.endif
+
+.if (${_NEED_OPENSSL} == "YES") && (${_NEED_NEWER_OPENSSL} == "YES")
+PKG_SKIP_REASON= "Unable to satisfy dependency: ${BUILDLINK_DEPENDS.openssl}"
+.endif
+
+.if ${_NEED_OPENSSL} == "YES"
+. if defined(USE_RSAREF2) && !empty(USE_RSAREF2:M[yY][eE][sS])
+BUILDLINK_DEPENDS+= rsaref
+. include "../../security/rsaref/buildlink3.mk"
+. endif
+.endif
+
+.if ${_NEED_OPENSSL} == "YES"
+BUILDLINK_PACKAGES+= openssl
+EVAL_PREFIX+= BUILDLINK_PREFIX.openssl=openssl
+BUILDLINK_PREFIX.openssl_DEFAULT= ${LOCALBASE}
+.else
+BUILDLINK_PREFIX.openssl= /usr
+.endif
+SSLBASE= ${BUILDLINK_PREFIX.openssl}
+BUILD_DEFS+= SSLBASE
+
.if defined(PKG_SYSCONFDIR.openssl)
-SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs
+SSLCERTS= ${PKG_SYSCONFDIR.openssl}/certs
.elif ${OPSYS} == "NetBSD"
-SSLCERTS= /etc/openssl/certs
+SSLCERTS= /etc/openssl/certs
.else
-SSLCERTS= ${PKG_SYSCONFBASE}/openssl/certs
+SSLCERTS= ${PKG_SYSCONFBASE}/openssl/certs
.endif
-BUILD_DEFS+= SSLBASE SSLCERTS
+BUILD_DEFS+= SSLCERTS
BUILDLINK_FILES.openssl= include/openssl/*
BUILDLINK_FILES.openssl+= lib/libRSAglue.*
BUILDLINK_FILES.openssl+= lib/libcrypto.*
BUILDLINK_FILES.openssl+= lib/libssl.*
-.if ${_NEED_OPENSSL} == "YES"
-. if defined(USE_RSAREF2) && ${USE_RSAREF2} == YES
-. include "../../security/rsaref/buildlink2.mk"
-. endif
-.endif
-
BUILDLINK_TARGETS+= openssl-buildlink
openssl-buildlink: _BUILDLINK_USE
Home |
Main Index |
Thread Index |
Old Index