commit: a45331733cf318e1e81901bc64a64540afe2ad59 Author: Okamura Kazuya <gentoo-guru <AT> danceylove <DOT> net> AuthorDate: Tue Jun 27 15:04:07 2023 +0000 Commit: Okamura Kazuya <trakrailysurely <AT> danceylove <DOT> net> CommitDate: Tue Jun 27 15:04:07 2023 +0000 URL: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=a4533173
dev-libs/boringssl-fips: new package, add 20230428 Signed-off-by: Okamura Kazuya <gentoo-guru <AT> danceylove.net> .../boringssl-fips/boringssl-fips-20230428.ebuild | 39 +++++++++++++++ .../fix-boringssl-fips-collisions-openssl.patch | 55 ++++++++++++++++++++++ dev-libs/boringssl-fips/metadata.xml | 11 +++++ 3 files changed, 105 insertions(+) diff --git a/dev-libs/boringssl-fips/boringssl-fips-20230428.ebuild b/dev-libs/boringssl-fips/boringssl-fips-20230428.ebuild new file mode 100644 index 000000000..13fac1a4f --- /dev/null +++ b/dev-libs/boringssl-fips/boringssl-fips-20230428.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake go-module git-r3 + +EGIT_REPO_URI="https://github.com/google/boringssl"; +EGIT_BRANCH="fips-${PV}" + +DESCRIPTION="BoringSSL is a fork of OpenSSL that is designed to meet Google's needs." +HOMEPAGE="https://github.com/google/boringssl"; + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" +IUSE="static-libs" + +DEPEND=" + dev-libs/openssl:=[static-libs=] +" + +PATCHES=( + "${FILESDIR}"/fix-${PN}-collisions-openssl.patch +) + +src_configure() { + local mycmakeargs=( + -DBUILD_SHARED_LIBS=$(usex !static-libs) + ) + cmake_src_configure +} + +pkg_preinst() { + mkdir -p ${D}/usr/lib64/boringssl/ + cp ${WORKDIR}/${PN}-${PV}_build/crypto/libcrypto.so ${D}/usr/lib64/boringssl/libcrypto.so + cp ${WORKDIR}/${PN}-${PV}_build/ssl/libssl.so ${D}/usr/lib64/boringssl/libssl.so + return +} diff --git a/dev-libs/boringssl-fips/files/fix-boringssl-fips-collisions-openssl.patch b/dev-libs/boringssl-fips/files/fix-boringssl-fips-collisions-openssl.patch new file mode 100644 index 000000000..ce26756a5 --- /dev/null +++ b/dev-libs/boringssl-fips/files/fix-boringssl-fips-collisions-openssl.patch @@ -0,0 +1,55 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -589,11 +589,11 @@ add_custom_target( + DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any + USES_TERMINAL) + +-install_if_enabled(DIRECTORY include/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) ++install_if_enabled(DIRECTORY include/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/boringssl) + +-install_if_enabled(EXPORT OpenSSLTargets +- FILE OpenSSLTargets.cmake +- NAMESPACE OpenSSL:: +- DESTINATION lib/cmake/OpenSSL +-) ++#install_if_enabled(EXPORT OpenSSLTargets ++# FILE OpenSSLTargets.cmake ++# NAMESPACE OpenSSL:: ++# DESTINATION lib/cmake/OpenSSL ++#) + install_if_enabled(FILES cmake/OpenSSLConfig.cmake DESTINATION lib/cmake/OpenSSL) +--- a/crypto/CMakeLists.txt ++++ b/crypto/CMakeLists.txt +@@ -304,8 +304,8 @@ target_include_directories(crypto PUBLIC + $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include> + $<INSTALL_INTERFACE:include> + ) +-install_if_enabled(TARGETS crypto EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAULT}) +-set_property(TARGET crypto PROPERTY EXPORT_NAME Crypto) ++#install_if_enabled(TARGETS crypto EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAULT}) ++#set_property(TARGET crypto PROPERTY EXPORT_NAME Crypto) + + if(FIPS_SHARED) + # Rewrite libcrypto.so to inject the correct module hash value. This assumes +--- a/ssl/CMakeLists.txt ++++ b/ssl/CMakeLists.txt +@@ -42,8 +42,8 @@ add_library( + # Although libssl also provides headers that require an include directory, the + # flag is already specified by libcrypto, so we omit target_include_directories + # here. +-install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAULT}) +-set_property(TARGET ssl PROPERTY EXPORT_NAME SSL) ++#install_if_enabled(TARGETS ssl EXPORT OpenSSLTargets ${INSTALL_DESTINATION_DEFAULT}) ++#set_property(TARGET ssl PROPERTY EXPORT_NAME SSL) + target_link_libraries(ssl crypto) + + add_executable( +--- a/tool/CMakeLists.txt ++++ b/tool/CMakeLists.txt +@@ -19,5 +19,5 @@ add_executable( + tool.cc + transport_common.cc + ) +-install_if_enabled(TARGETS bssl DESTINATION ${INSTALL_DESTINATION_DEFAULT}) ++#install_if_enabled(TARGETS bssl DESTINATION ${INSTALL_DESTINATION_DEFAULT}) + target_link_libraries(bssl ssl crypto) diff --git a/dev-libs/boringssl-fips/metadata.xml b/dev-libs/boringssl-fips/metadata.xml new file mode 100644 index 000000000..524d87ec9 --- /dev/null +++ b/dev-libs/boringssl-fips/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> + <maintainer type="person"> + <email>[email protected]</email> + <name>Okamura Kazuya</name> + </maintainer> + <upstream> + <remote-id type="github">google/boringssl</remote-id> + </upstream> +</pkgmetadata>
