HardenedBSD/build.info
Enji Cooper e4520c8bd1 openssl: Vendor import of OpenSSL-3.0.8
Summary:

Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html .

Obtained from:  https://www.openssl.org/source/openssl-3.0.8.tar.gz
Differential Revision:	https://reviews.freebsd.org/D38835

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.8.tar.gz                                    14 MB 4507 kBps    04s
openssl-3.0.8.tar.gz.asc                               833  B   10 MBps    00s
$ set | egrep '(XLIST|OSSLVER)='
OSSLVER=3.0.8
XLIST=FREEBSD-Xlist
$ gpg --list-keys
/home/ngie/.gnupg/pubring.kbx
-----------------------------
pub   rsa4096 2014-10-04 [SC]
      7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
uid           [ unknown] Richard Levitte <richard@levitte.org>
uid           [ unknown] Richard Levitte <levitte@lp.se>
uid           [ unknown] Richard Levitte <levitte@openssl.org>
sub   rsa4096 2014-10-04 [E]

$ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue Feb  7 05:43:55 2023 PST
gpg:                using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown]
gpg:                 aka "Richard Levitte <levitte@lp.se>" [unknown]
gpg:                 aka "Richard Levitte <levitte@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
$ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old)
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* .
$ cat .git
gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout
$ diff -arq ../openssl-3.0.8  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
$ git status FREEBSD*
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$
```

Reviewers: emaste, jkim

Subscribers: imp, andrew, dab

Differential Revision: https://reviews.freebsd.org/D38835
2023-03-06 12:41:29 -08:00

93 lines
3.7 KiB
Plaintext

# Note that some of these directories are filtered in Configure. Look for
# %skipdir there for further explanations.
SUBDIRS=crypto ssl apps util tools fuzz providers doc
IF[{- !$disabled{tests} -}]
SUBDIRS=test
ENDIF
IF[{- !$disabled{'deprecated-3.0'} -}]
SUBDIRS=engines
ENDIF
LIBS=libcrypto libssl
INCLUDE[libcrypto]=. include
INCLUDE[libssl]=. include
DEPEND[libssl]=libcrypto
# Empty DEPEND "indices" means the dependencies are expected to be built
# unconditionally before anything else.
DEPEND[]=include/openssl/asn1.h \
include/openssl/asn1t.h \
include/openssl/bio.h \
include/openssl/cmp.h \
include/openssl/cms.h \
include/openssl/conf.h \
include/openssl/crmf.h \
include/openssl/crypto.h \
include/openssl/ct.h \
include/openssl/err.h \
include/openssl/ess.h \
include/openssl/fipskey.h \
include/openssl/lhash.h \
include/openssl/opensslv.h \
include/openssl/ocsp.h \
include/openssl/pkcs12.h \
include/openssl/pkcs7.h \
include/openssl/safestack.h \
include/openssl/srp.h \
include/openssl/ssl.h \
include/openssl/ui.h \
include/openssl/x509.h \
include/openssl/x509v3.h \
include/openssl/x509_vfy.h \
include/crypto/bn_conf.h include/crypto/dso_conf.h
GENERATE[include/openssl/asn1.h]=include/openssl/asn1.h.in
GENERATE[include/openssl/asn1t.h]=include/openssl/asn1t.h.in
GENERATE[include/openssl/bio.h]=include/openssl/bio.h.in
GENERATE[include/openssl/cmp.h]=include/openssl/cmp.h.in
GENERATE[include/openssl/cms.h]=include/openssl/cms.h.in
GENERATE[include/openssl/conf.h]=include/openssl/conf.h.in
# include/openssl/configuration.h is generated by configdata.pm
# We still need this information for the FIPS module checksum, but the attribute
# 'skip' ensures that nothing is actually done with it.
GENERATE[include/openssl/configuration.h]{skip}=include/openssl/configuration.h.in
GENERATE[include/openssl/crmf.h]=include/openssl/crmf.h.in
GENERATE[include/openssl/crypto.h]=include/openssl/crypto.h.in
GENERATE[include/openssl/ct.h]=include/openssl/ct.h.in
GENERATE[include/openssl/err.h]=include/openssl/err.h.in
GENERATE[include/openssl/ess.h]=include/openssl/ess.h.in
GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in
GENERATE[include/openssl/lhash.h]=include/openssl/lhash.h.in
GENERATE[include/openssl/ocsp.h]=include/openssl/ocsp.h.in
GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in
GENERATE[include/openssl/pkcs12.h]=include/openssl/pkcs12.h.in
GENERATE[include/openssl/pkcs7.h]=include/openssl/pkcs7.h.in
GENERATE[include/openssl/safestack.h]=include/openssl/safestack.h.in
GENERATE[include/openssl/srp.h]=include/openssl/srp.h.in
GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in
GENERATE[include/openssl/ui.h]=include/openssl/ui.h.in
GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in
GENERATE[include/openssl/x509v3.h]=include/openssl/x509v3.h.in
GENERATE[include/openssl/x509_vfy.h]=include/openssl/x509_vfy.h.in
GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in
GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in
IF[{- defined $target{shared_defflag} -}]
SHARED_SOURCE[libcrypto]=libcrypto.ld
SHARED_SOURCE[libssl]=libssl.ld
GENERATE[libcrypto.ld]=util/libcrypto.num libcrypto
GENERATE[libssl.ld]=util/libssl.num libssl
DEPEND[libcrypto.ld libssl.ld]=configdata.pm util/perl/OpenSSL/Ordinals.pm
ENDIF
IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}]
GENERATE[libcrypto.rc]=util/mkrc.pl libcrypto
GENERATE[libssl.rc]=util/mkrc.pl libssl
DEPEND[libcrypto.rc libssl.rc]=configdata.pm
SHARED_SOURCE[libcrypto]=libcrypto.rc
SHARED_SOURCE[libssl]=libssl.rc
ENDIF