# Contributor: Sören Tempel # Contributor: Orion # Maintainer: Orion # # secfixes: # 3.4.3-r0: # - CVE-2022-0778 # 3.1.5-r0: # - CVE-2020-1971 # 2.7.4-r0: # - CVE-2018-0732 # - CVE-2018-0495 # 2.5.3-r1: # - CVE-2017-8301 # pkgname=libressl pkgver=3.7.3 _namever=${pkgname}${pkgver%.*} pkgrel=0 pkgdesc="Version of the TLS/crypto stack forked from OpenSSL" url="https://www.libressl.org/" # s390x: does not build there anymore due to missing arch detection and arch code # even with asm disabled arch="all !s390x" license="custom" pcprefix="libressl:" # avoid mix up with openssl pkg-config sonameprefix="libressl:" # avoid mix up with libretls #makedepends_build="automake autoconf libtool" makedepends_host="linux-headers" makedepends="$makedepends_host $makedepends_build" subpackages="$pkgname-dbg $_namever-libcrypto:_libs $_namever-libssl:_libs $_namever-libtls:_libs $pkgname-dev $pkgname-doc $pkgname-nc" source="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-$pkgver.tar.gz 0001-libressl.cnf.patch" #prepare() { # default_prepare # # autoreconf -vif #} build() { CFLAGS="-L$CBUILDROOT/usr/lib $CFLAGS" \ ./configure \ --build=$CBUILD \ --host=$CHOST \ --with-sysroot=$CBUILDROOT \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --localstatedir=/var \ --enable-nc \ --program-prefix "libressl-" make } check() { make check } package() { make DESTDIR="$pkgdir" install install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING # Remove symlinks that point to OpenSSL man pages. # The symlink creation does not account for --program-prefix. find -L "$pkgdir"/usr/share/man/man3/ -type l -delete cd "$pkgdir" # compatibility symlink (binary was called libressl previously). ln -s libressl-ocspcheck "$pkgdir"/usr/bin/ocspcheck ln -s libressl-ocspcheck.8 "$pkgdir"/usr/share/man/man8/ocspcheck.8 ln -s libressl-openssl "$pkgdir"/usr/bin/libressl ln -s libressl-openssl.1 "$pkgdir"/usr/share/man/man1/libressl.1 # Provided by ca-certificates-cacerts rm etc/ssl/cert.pem rmdir etc/ssl/certs mv etc/ssl/openssl.cnf etc/ssl/libressl.cnf } nc() { pkgdesc="libressl TLS-enabled nc(1)" mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/libressl-nc "$subpkgdir"/usr/bin/nc } _libs() { local name="${subpkgname#$_namever-}" pkgdesc="libressl $name library" depends="" amove usr/lib/$name.so.* if [ "$name" = "libcrypto" ]; then amove etc fi } sha512sums=" 657942b5c127c2478ba29fc29b8bfd607ffd64e73646c01aa570e62776175e880f6d32762de9b95bb944608a195f9a958a1dd87bbd5ef473c4b1d06c63041fdd libressl-3.7.3.tar.gz aefa5dc99345462a93f97061fdee6b5b148eed30c4bf7a7097ade8cef9dd890d8d7100558d5e1ebe6790372261c76ce04a874526cb521dea068ec1439259a035 0001-libressl.cnf.patch "