source: trunk/dports/devel/openssl/Portfile @ 146162

Last change on this file since 146162 was 146162, checked in by cal@…, 19 months ago

openssl: 1.0.2g, several vulnerabilities

Fixes CVE-2016-0800 ("DROWN"), CVE-2016-0705, CVE-2016-0798, CVE-2016-0797,
CVE-2016-0799, CVE-2016-0702, CVE-2016-0703, CVE-2016-0704.

For more information, see http://openssl.org/news/secadv/20160301.txt

Note that this update disables SSLv2.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 3.5 KB
Line 
1# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
2# $Id: Portfile 146162 2016-03-01 17:10:33Z cal@macports.org $
3
4PortSystem          1.0
5PortGroup           muniversal 1.0
6
7name                openssl
8epoch               1
9version             1.0.2g
10
11# Please revbump these ports when updating OpenSSL.
12#  - freeradius (#43461)
13#  - tor, tor-devel (#44256)
14
15categories          devel security
16platforms           darwin
17license             OpenSSL SSLeay
18maintainers         larryv cal openmaintainer
19
20description         OpenSSL SSL/TLS cryptography library
21long_description    The OpenSSL Project is a collaborative effort to \
22                    develop a robust, commercial-grade, full-featured, \
23                    and Open Source toolkit implementing the Secure \
24                    Sockets Layer (SSL v2/v3) and Transport Layer \
25                    Security (TLS v1) protocols as well as \
26                    a full-strength general purpose cryptography \
27                    library.
28homepage            http://www.openssl.org
29
30conflicts           libressl
31
32depends_lib         port:zlib
33
34master_sites        http://www.openssl.org/source
35checksums           rmd160  b5a697ac0195dc84e17f2089b0e649d7129b36c2 \
36                    sha256  b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33
37
38patchfiles          install-headers-HFS+.patch \
39                    parallel-building.patch \
40                    remove-duplicate-bn_print-doc.patch \
41                    x86_64-asm-on-i386.patch \
42                    fix-Apple-clang-version-detection.patch
43
44configure.ccache    no
45configure.perl      /usr/bin/perl
46configure.cmd       ./Configure
47configure.args     -L${prefix}/lib \
48                    no-krb5 \
49                  --openssldir=${prefix}/etc/openssl \
50                    shared \
51                    zlib
52# Use SDK if necessary.
53if {${configure.sdkroot} ne ""} {
54    configure.args-append   '-isysroot ${configure.sdkroot}' \
55                            -Wl,-syslibroot,${configure.sdkroot}
56}
57
58set merger_arch_compiler no
59array set merger_configure_args {
60    ppc     darwin-ppc-cc
61    i386    darwin-i386-cc
62    ppc64   darwin64-ppc-cc
63    x86_64  darwin64-x86_64-cc
64}
65platform darwin {
66    # Don't use i386 assembly on Tiger (#38015, #43303).
67    if {${os.major} <= 8} {
68        append merger_configure_args(i386) { no-asm}
69    }
70    # Don't use x86-64 assembly on Tiger or Leopard.
71    if {${os.major} <= 9} {
72        append merger_configure_args(x86_64) { no-asm}
73    }
74}
75# Don't pass --host to configure.
76array set merger_host {ppc {} i386 {} ppc64 {} x86_64 {}}
77
78if {![variant_isset universal]
79        && [info exists merger_configure_args(${configure.build_arch})]} {
80    configure.args-append $merger_configure_args(${configure.build_arch})
81}
82configure.universal_args-delete --disable-dependency-tracking
83
84# Parallel builds don't quite work (#46719).
85use_parallel_build  no
86
87test.run            yes
88
89if {[variant_isset universal]} {
90    pre-destroot {
91        global merger_dont_diff
92        if {[llength ${universal_archs_to_use}] > 2} {
93            lappend merger_dont_diff ${prefix}/include/openssl/opensslconf.h
94        }
95    }
96}
97
98destroot.args       MANDIR=${prefix}/share/man MANSUFFIX=ssl
99destroot.destdir    INSTALL_PREFIX=${destroot}
100
101variant rfc3779 description {enable RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers} {
102    configure.args-append   enable-rfc3779
103}
104
105livecheck.type      regex
106livecheck.url       [lindex ${master_sites} 0]
107livecheck.regex     ${name}-(\[0-9.\]+\[a-z\]?)\\.tar\\.gz
Note: See TracBrowser for help on using the repository browser.