SRC_FETCH_PATH="http://www.openssl.org/source/openssl-${PKGVER}.tar.gz" SRC_FETCH_METHOD="http" # The first 2 patches reduce the per-session memory usage from 72 to 38 kB # during handshake (measured). The next ones are fixes picked from the stable # branch. The last one fixes parallel build and is maintained here : # https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/ PATCH_LIST=" 0001-no-wbuf-during-handshake.diff 0002-release-rbuf-during-handshake.diff 0006-modes-ctr128.c-pay-attention-to-ecount_buf-alignment.patch 0007-Fix-double-free-in-DSA-private-key-parsing.patch 0008-GH714-missing-field-initialisation.patch fix-md-init-return-not-checked-cause-null-deref.diff default_ciphers.patch small-records-1.0.1m.patch openssl-1.0.1p-parallel-build.patch " function do_config { # To find these options, try "./Configure LIST" then "./Configure TABLE". # The colons are just delimiters and all words are allowed on the line. # Please read the Configure script in openssl to fin the relevant keywords, # as most of them are already implied by the OS target definition and the # default compiler ! if [ "$FLXARCH" == "x86_64" ]; then os="linux-x86_64" #os="debug-linux-x86_64" # Note: enable-ec_nistp_64_gcc_128 must be disabled on 1.0.2 to use asm code opt=( -g $GCC_ARCH_CURRENT $GCC_CPU_CURRENT $GCC_OPT_FASTEST enable-ec_nistp_64_gcc_128 ) elif [ "$FLX_ARCH_SMALL" == "i386" ]; then os="linux-elf" opt=( $GCC_ARCH_CURRENT $GCC_CPU_CURRENT $GCC_OPT_FASTEST ) elif [ -n "$FLXARCH" -a -z "${FLXARCH##arm*}" ]; then os="linux-armv4" opt=( $GCC_ARCH_CURRENT $GCC_CPU_CURRENT $GCC_OPT_FASTEST ) elif [ "$FLXARCH" == "sparc" ]; then os="linux-sparcv9" opt="" elif [ "$FLXARCH" == "sparc64" ]; then os="linux64-sparcv9" opt="" elif [ -n "$FLX_GNU_ARCH" -a "$FLX_BITS" == "64" ]; then os="linux-generic64" opt="" elif [ -n "$FLX_GNU_ARCH" -a "$FLX_BITS" == "32" ]; then os="linux-generic32" opt="" else echo "Error: cannot find a suitable OS configuration or this platform." echo "FLXARCH=$FLXARCH is not handled by this script." echo "Please check instructions in do_config() using 'pkg cat'." exit 1 fi opt=( "${opt[@]}" ) CC="$CC" ./Configure --prefix=/usr --openssldir=/usr/share/openssl threads shared "${opt[@]}" "$os" } function do_compile_only { local MK=$FLXMAKE if grep -q ^install_dirs Makefile; then # parallel build supported MK=$FLXPMAKE fi $MK CC=$CC AR='${FLXCROSS}ar r' RANLIB='${FLXCROSS}ranlib' || exit $? $MK build-shared CC=$CC AR='${FLXCROSS}ar r' RANLIB='${FLXCROSS}ranlib' || exit $? $MK -C apps CC=$CC DLIBCRYPTO=../libcrypto.so AR='${FLXCROSS}ar r' RANLIB='${FLXCROSS}ranlib' || exit $? } function do_prepack { $FLXMAKE install_sw LIBDIR=/lib INSTALL_PREFIX=$ROOTDIR || exit $? set_default_perm $ROOTDIR }