commit 18d6d50aeb35f5842782aa359c8a590f706dc54e
parent 4e3b8d4c8685add103daf4096f93c26bb0489ddc
Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Thu, 24 Apr 2014 22:35:54 +0200
ports: add openssl
initial version, will need more work
Signed-off-by: Hiltjo Posthuma <hiltjo@codemadness.org>
Diffstat:
10 files changed, 1284 insertions(+), 0 deletions(-)
diff --git a/openssl/depsinc.mk b/openssl/depsinc.mk
@@ -0,0 +1,6 @@
+<$openssl_DEPDIR/v.mk
+
+openssl_includedir = $openssl_DEPDIR/openssl-$v/include
+openssl_libdir = $openssl_DEPDIR/openssl-$v
+DEPS_CFLAGS = $DEPS_CFLAGS -I$openssl_includedir
+DEPS_LDFLAGS = $DEPS_LDFLAGS -L$openssl_libdir -lssl
diff --git a/openssl/mkfile b/openssl/mkfile
@@ -0,0 +1,6 @@
+<$mkbuild/mk.3rdparty
+
+<v.mk
+src = openssl-$v
+url = https://www.openssl.org/source/openssl-$v.tar.gz
+mkfile = ../openssl.mk
diff --git a/openssl/openssl-1.0.0a-ldflags.patch b/openssl/openssl-1.0.0a-ldflags.patch
@@ -0,0 +1,23 @@
+http://bugs.gentoo.org/327421
+
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -189,6 +189,7 @@
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
++ LDFLAGS='${LDFLAGS}' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+--- a/Makefile.shared
++++ b/Makefile.shared
+@@ -153,7 +153,7 @@
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
+
+ #This is rather special. It's a special target with which one can link
+ #applications without bothering with any features that have anything to
diff --git a/openssl/openssl-1.0.0d-windres.patch b/openssl/openssl-1.0.0d-windres.patch
@@ -0,0 +1,76 @@
+URL: http://rt.openssl.org/Ticket/Display.html?id=2558
+Subject: make windres controllable via build env var settings
+
+atm, the windres code in openssl is only usable via the cross-compile prefix
+option unlike all the other build tools. so add support for the standard $RC
+/ $WINDRES env vars as well.
+
+Index: Configure
+===================================================================
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Configure,v
+retrieving revision 1.621.2.40
+diff -u -p -r1.621.2.40 Configure
+--- a/Configure 30 Nov 2010 22:19:26 -0000 1.621.2.40
++++ b/Configure 4 Jul 2011 23:12:32 -0000
+@@ -1094,6 +1094,7 @@ my $shared_extension = $fields[$idx_shar
+ my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
+ my $ar = $ENV{'AR'} || "ar";
+ my $arflags = $fields[$idx_arflags];
++my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
+ my $multilib = $fields[$idx_multilib];
+
+ # if $prefix/lib$multilib is not an existing directory, then
+@@ -1511,12 +1512,14 @@ while (<IN>)
+ s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
+ s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
+ s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
++ s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
+ }
+ else {
+ s/^CC=.*$/CC= $cc/;
+ s/^AR=\s*ar/AR= $ar/;
+ s/^RANLIB=.*/RANLIB= $ranlib/;
++ s/^WINDRES=.*/WINDRES= $windres/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+ }
+ s/^CFLAG=.*$/CFLAG= $cflags/;
+Index: Makefile.org
+===================================================================
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.org,v
+retrieving revision 1.295.2.10
+diff -u -p -r1.295.2.10 Makefile.org
+--- a/Makefile.org 27 Jan 2010 16:06:58 -0000 1.295.2.10
++++ b/Makefile.org 4 Jul 2011 23:13:08 -0000
+@@ -66,6 +66,7 @@ EXE_EXT=
+ ARFLAGS=
+ AR=ar $(ARFLAGS) r
+ RANLIB= ranlib
++WINDRES= windres
+ NM= nm
+ PERL= perl
+ TAR= tar
+@@ -180,6 +181,7 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESS
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
++ WINDRES='$(WINDRES)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+Index: Makefile.shared
+===================================================================
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.shared,v
+retrieving revision 1.72.2.4
+diff -u -p -r1.72.2.4 Makefile.shared
+--- a/Makefile.shared 21 Aug 2010 11:36:49 -0000 1.72.2.4
++++ b/Makefile.shared 4 Jul 2011 23:13:52 -0000
+@@ -293,7 +293,7 @@ link_a.cygwin:
+ fi; \
+ dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+ $(PERL) util/mkrc.pl $$dll_name | \
+- $(CROSS_COMPILE)windres -o rc.o; \
++ $(WINDRES) -o rc.o; \
+ extras="$$extras rc.o"; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
diff --git a/openssl/openssl-1.0.0h-pkg-config.patch b/openssl/openssl-1.0.0h-pkg-config.patch
@@ -0,0 +1,32 @@
+depend on other pc files rather than encoding library info directly in
+every pkg-config file
+
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -335,11 +335,11 @@ libssl.pc: Makefile
+ echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+ echo 'includedir=$${prefix}/include'; \
+ echo ''; \
+- echo 'Name: OpenSSL'; \
++ echo 'Name: OpenSSL-libssl'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+ echo 'Version: '$(VERSION); \
+- echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
++ echo 'Requires.private: libcrypto'; \
++ echo 'Libs: -L$${libdir} -lssl'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
+ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+@@ -352,10 +353,7 @@ openssl.pc: Makefile
+ echo 'Name: OpenSSL'; \
+ echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+ echo 'Version: '$(VERSION); \
+- echo 'Requires: '; \
+- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+- echo 'Libs.private: $(EX_LIBS)'; \
+- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
++ echo 'Requires: libssl libcrypto' ) > openssl.pc
+
+ Makefile: Makefile.org Configure config
+ @echo "Makefile is older than Makefile.org, Configure or config."
diff --git a/openssl/openssl-1.0.1-parallel-build.patch b/openssl/openssl-1.0.1-parallel-build.patch
@@ -0,0 +1,337 @@
+http://rt.openssl.org/Ticket/Display.html?id=2084
+
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -247,17 +247,17 @@
+ build_libs: build_crypto build_ssl build_engines
+
+ build_crypto:
+- @dir=crypto; target=all; $(BUILD_ONE_CMD)
++ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
+-build_ssl:
++build_ssl: build_crypto
+- @dir=ssl; target=all; $(BUILD_ONE_CMD)
++ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
+-build_engines:
++build_engines: build_crypto
+- @dir=engines; target=all; $(BUILD_ONE_CMD)
++ +@dir=engines; target=all; $(BUILD_ONE_CMD)
+-build_apps:
++build_apps: build_libs
+- @dir=apps; target=all; $(BUILD_ONE_CMD)
++ +@dir=apps; target=all; $(BUILD_ONE_CMD)
+-build_tests:
++build_tests: build_libs
+- @dir=test; target=all; $(BUILD_ONE_CMD)
++ +@dir=test; target=all; $(BUILD_ONE_CMD)
+-build_tools:
++build_tools: build_libs
+- @dir=tools; target=all; $(BUILD_ONE_CMD)
++ +@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+ all_testapps: build_libs build_testapps
+ build_testapps:
+@@ -497,9 +497,9 @@
+ dist_pem_h:
+ (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+
+-install: all install_docs install_sw
++install: install_docs install_sw
+
+-install_sw:
++install_dirs:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+@@ -508,6 +508,13 @@
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/private
++ @$(PERL) $(TOP)/util/mkdir-p.pl \
++ $(INSTALL_PREFIX)$(MANDIR)/man1 \
++ $(INSTALL_PREFIX)$(MANDIR)/man3 \
++ $(INSTALL_PREFIX)$(MANDIR)/man5 \
++ $(INSTALL_PREFIX)$(MANDIR)/man7
++
++install_sw: install_dirs
+ @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+@@ -511,7 +518,7 @@
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+@@ -593,12 +600,7 @@
+ done; \
+ done
+
+-install_docs:
+- @$(PERL) $(TOP)/util/mkdir-p.pl \
+- $(INSTALL_PREFIX)$(MANDIR)/man1 \
+- $(INSTALL_PREFIX)$(MANDIR)/man3 \
+- $(INSTALL_PREFIX)$(MANDIR)/man5 \
+- $(INSTALL_PREFIX)$(MANDIR)/man7
++install_docs: install_dirs
+ @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+ here="`pwd`"; \
+ filecase=; \
+--- a/Makefile.shared
++++ b/Makefile.shared
+@@ -105,6 +105,7 @@ LINK_SO= \
+ SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
+ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
+ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
+ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
+ $${SHAREDCMD} $${SHAREDFLAGS} \
+ -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+@@ -122,6 +123,7 @@ SYMLINK_SO= \
+ done; \
+ fi; \
+ if [ -n "$$SHLIB_SOVER" ]; then \
++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
+ ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+ ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+ fi; \
+--- a/crypto/Makefile
++++ b/crypto/Makefile
+@@ -85,11 +85,11 @@
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+ subdirs:
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+- @target=files; $(RECURSIVE_MAKE)
++ +@target=files; $(RECURSIVE_MAKE)
+
+ links:
+ @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+@@ -100,7 +100,7 @@
+ # lib: $(LIB): are splitted to avoid end-less loop
+ lib: $(LIB)
+ @touch lib
+-$(LIB): $(LIBOBJ)
++$(LIB): $(LIBOBJ) | subdirs
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+
+@@ -110,7 +110,7 @@
+ fi
+
+ libs:
+- @target=lib; $(RECURSIVE_MAKE)
++ +@target=lib; $(RECURSIVE_MAKE)
+
+ install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+@@ -119,7 +119,7 @@
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ lint:
+ @target=lint; $(RECURSIVE_MAKE)
+--- a/engines/Makefile
++++ b/engines/Makefile
+@@ -72,7 +72,7 @@
+
+ all: lib subdirs
+
+-lib: $(LIBOBJ)
++lib: $(LIBOBJ) | subdirs
+ @if [ -n "$(SHARED_LIBS)" ]; then \
+ set -e; \
+ for l in $(LIBNAMES); do \
+@@ -89,7 +89,7 @@
+
+ subdirs:
+ echo $(EDIRS)
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+@@ -128,7 +128,7 @@
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+ done; \
+ fi
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ tags:
+ ctags $(SRC)
+--- a/test/Makefile
++++ b/test/Makefile
+@@ -123,7 +123,7 @@
+ tags:
+ ctags $(SRC)
+
+-tests: exe apps $(TESTS)
++tests: exe $(TESTS)
+
+ apps:
+ @(cd ..; $(MAKE) DIRS=apps all)
+@@ -365,109 +365,109 @@
+ link_app.$${shlib_target}
+
+ $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+- @target=$(RSATEST); $(BUILD_CMD)
++ +@target=$(RSATEST); $(BUILD_CMD)
+
+ $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+- @target=$(BNTEST); $(BUILD_CMD)
++ +@target=$(BNTEST); $(BUILD_CMD)
+
+ $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+- @target=$(ECTEST); $(BUILD_CMD)
++ +@target=$(ECTEST); $(BUILD_CMD)
+
+ $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+- @target=$(EXPTEST); $(BUILD_CMD)
++ +@target=$(EXPTEST); $(BUILD_CMD)
+
+ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+- @target=$(IDEATEST); $(BUILD_CMD)
++ +@target=$(IDEATEST); $(BUILD_CMD)
+
+ $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+- @target=$(MD2TEST); $(BUILD_CMD)
++ +@target=$(MD2TEST); $(BUILD_CMD)
+
+ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+- @target=$(SHATEST); $(BUILD_CMD)
++ +@target=$(SHATEST); $(BUILD_CMD)
+
+ $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+- @target=$(SHA1TEST); $(BUILD_CMD)
++ +@target=$(SHA1TEST); $(BUILD_CMD)
+
+ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+- @target=$(SHA256TEST); $(BUILD_CMD)
++ +@target=$(SHA256TEST); $(BUILD_CMD)
+
+ $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+- @target=$(SHA512TEST); $(BUILD_CMD)
++ +@target=$(SHA512TEST); $(BUILD_CMD)
+
+ $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+- @target=$(RMDTEST); $(BUILD_CMD)
++ +@target=$(RMDTEST); $(BUILD_CMD)
+
+ $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+- @target=$(MDC2TEST); $(BUILD_CMD)
++ +@target=$(MDC2TEST); $(BUILD_CMD)
+
+ $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+- @target=$(MD4TEST); $(BUILD_CMD)
++ +@target=$(MD4TEST); $(BUILD_CMD)
+
+ $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+- @target=$(MD5TEST); $(BUILD_CMD)
++ +@target=$(MD5TEST); $(BUILD_CMD)
+
+ $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+- @target=$(HMACTEST); $(BUILD_CMD)
++ +@target=$(HMACTEST); $(BUILD_CMD)
+
+ $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+- @target=$(WPTEST); $(BUILD_CMD)
++ +@target=$(WPTEST); $(BUILD_CMD)
+
+ $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+- @target=$(RC2TEST); $(BUILD_CMD)
++ +@target=$(RC2TEST); $(BUILD_CMD)
+
+ $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+- @target=$(BFTEST); $(BUILD_CMD)
++ +@target=$(BFTEST); $(BUILD_CMD)
+
+ $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+- @target=$(CASTTEST); $(BUILD_CMD)
++ +@target=$(CASTTEST); $(BUILD_CMD)
+
+ $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+- @target=$(RC4TEST); $(BUILD_CMD)
++ +@target=$(RC4TEST); $(BUILD_CMD)
+
+ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+- @target=$(RC5TEST); $(BUILD_CMD)
++ +@target=$(RC5TEST); $(BUILD_CMD)
+
+ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+- @target=$(DESTEST); $(BUILD_CMD)
++ +@target=$(DESTEST); $(BUILD_CMD)
+
+ $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+- @target=$(RANDTEST); $(BUILD_CMD)
++ +@target=$(RANDTEST); $(BUILD_CMD)
+
+ $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+- @target=$(DHTEST); $(BUILD_CMD)
++ +@target=$(DHTEST); $(BUILD_CMD)
+
+ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+- @target=$(DSATEST); $(BUILD_CMD)
++ +@target=$(DSATEST); $(BUILD_CMD)
+
+ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+- @target=$(METHTEST); $(BUILD_CMD)
++ +@target=$(METHTEST); $(BUILD_CMD)
+
+ $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+ $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+- @target=$(ENGINETEST); $(BUILD_CMD)
++ +@target=$(ENGINETEST); $(BUILD_CMD)
+
+ $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+- @target=$(EVPTEST); $(BUILD_CMD)
++ +@target=$(EVPTEST); $(BUILD_CMD)
+
+ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+- @target=$(ECDSATEST); $(BUILD_CMD)
++ +@target=$(ECDSATEST); $(BUILD_CMD)
+
+ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+- @target=$(ECDHTEST); $(BUILD_CMD)
++ +@target=$(ECDHTEST); $(BUILD_CMD)
+
+ $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+- @target=$(IGETEST); $(BUILD_CMD)
++ +@target=$(IGETEST); $(BUILD_CMD)
+
+ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+- @target=$(JPAKETEST); $(BUILD_CMD)
++ +@target=$(JPAKETEST); $(BUILD_CMD)
+
+ $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+- @target=$(ASN1TEST); $(BUILD_CMD)
++ +@target=$(ASN1TEST); $(BUILD_CMD)
+
+ $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+- @target=$(SRPTEST); $(BUILD_CMD)
++ +@target=$(SRPTEST); $(BUILD_CMD)
+
+ #$(AESTEST).o: $(AESTEST).c
+ # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+@@ -480,7 +480,7 @@
+ # fi
+
+ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+- @target=dummytest; $(BUILD_CMD)
++ +@target=dummytest; $(BUILD_CMD)
+
+ # DO NOT DELETE THIS LINE -- make depend depends on it.
+
diff --git a/openssl/openssl-1.0.1-x32.patch b/openssl/openssl-1.0.1-x32.patch
@@ -0,0 +1,79 @@
+http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721
+
+UpstreamStatus: Pending
+
+Received from H J Liu @ Intel
+Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
+
+ported the patch to the 1.0.0e version
+Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
+Index: openssl-1.0.0e/Configure
+===================================================================
+--- openssl-1.0.0e.orig/Configure
++++ openssl-1.0.0e/Configure
+@@ -393,6 +393,7 @@ my %table=(
+ "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
++"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "dist", "cc:-O::(unknown)::::::",
+
+ # Basic configs that should work on any (32 and less bit) box
+Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
+===================================================================
+--- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c
++++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
+@@ -55,7 +55,7 @@
+ * machine.
+ */
+
+-#ifdef _WIN64
++#if defined _WIN64 || !defined __LP64__
+ #define BN_ULONG unsigned long long
+ #else
+ #define BN_ULONG unsigned long
+@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
+ asm (
+ " subq %2,%2 \n"
+ ".p2align 4 \n"
+- "1: movq (%4,%2,8),%0 \n"
+- " adcq (%5,%2,8),%0 \n"
+- " movq %0,(%3,%2,8) \n"
++ "1: movq (%q4,%2,8),%0 \n"
++ " adcq (%q5,%2,8),%0 \n"
++ " movq %0,(%q3,%2,8) \n"
+ " leaq 1(%2),%2 \n"
+ " loop 1b \n"
+ " sbbq %0,%0 \n"
+@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
+ asm (
+ " subq %2,%2 \n"
+ ".p2align 4 \n"
+- "1: movq (%4,%2,8),%0 \n"
+- " sbbq (%5,%2,8),%0 \n"
+- " movq %0,(%3,%2,8) \n"
++ "1: movq (%q4,%2,8),%0 \n"
++ " sbbq (%q5,%2,8),%0 \n"
++ " movq %0,(%q3,%2,8) \n"
+ " leaq 1(%2),%2 \n"
+ " loop 1b \n"
+ " sbbq %0,%0 \n"
+Index: openssl-1.0.0e/crypto/bn/bn.h
+===================================================================
+--- openssl-1.0.0e.orig/crypto/bn/bn.h
++++ openssl-1.0.0e/crypto/bn/bn.h
+@@ -172,6 +172,13 @@ extern "C" {
+ # endif
+ #endif
+
++/* Address type. */
++#ifdef _WIN64
++#define BN_ADDR unsigned long long
++#else
++#define BN_ADDR unsigned long
++#endif
++
+ /* assuming long is 64bit - this is the DEC Alpha
+ * unsigned long long is only 64 bits :-(, don't define
+ * BN_LLONG for the DEC Alpha */
diff --git a/openssl/openssl-1.0.1e-ipv6.patch b/openssl/openssl-1.0.1e-ipv6.patch
@@ -0,0 +1,656 @@
+http://rt.openssl.org/Ticket/Display.html?id=2051
+user/pass: guest/guest
+
+Index: apps/s_apps.h
+===================================================================
+RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v
+retrieving revision 1.21.2.1
+diff -u -r1.21.2.1 s_apps.h
+--- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1
++++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000
+@@ -148,7 +148,7 @@
+ #define PORT_STR "4433"
+ #define PROTOCOL "tcp"
+
+-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
++int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6);
+ #ifdef HEADER_X509_H
+ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+ #endif
+@@ -156,7 +156,7 @@
+ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
+ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
+ #endif
+-int init_client(int *sock, char *server, int port, int type);
++int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6);
+ int should_retry(int i);
+ int extract_port(char *str, short *port_ptr);
+ int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+Index: apps/s_client.c
+===================================================================
+RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v
+retrieving revision 1.123.2.6.2.10
+diff -u -r1.123.2.6.2.10 s_client.c
+--- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10
++++ apps/s_client.c 28 Dec 2011 00:28:14 -0000
+@@ -285,6 +285,10 @@
+ {
+ BIO_printf(bio_err,"usage: s_client args\n");
+ BIO_printf(bio_err,"\n");
++ BIO_printf(bio_err," -4 - use IPv4 only\n");
++#if OPENSSL_USE_IPV6
++ BIO_printf(bio_err," -6 - use IPv6 only\n");
++#endif
+ BIO_printf(bio_err," -host host - use -connect instead\n");
+ BIO_printf(bio_err," -port port - use -connect instead\n");
+ BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
+@@ -564,6 +567,7 @@
+ int sbuf_len,sbuf_off;
+ fd_set readfds,writefds;
+ short port=PORT;
++ int use_ipv4, use_ipv6;
+ int full_log=1;
+ char *host=SSL_HOST_NAME;
+ char *cert_file=NULL,*key_file=NULL;
+@@ -609,7 +613,11 @@
+ #endif
+ char *sess_in = NULL;
+ char *sess_out = NULL;
+- struct sockaddr peer;
++#if OPENSSL_USE_IPV6
++ struct sockaddr_storage peer;
++#else
++ struct sockaddr_in peer;
++#endif
+ int peerlen = sizeof(peer);
+ int enable_timeouts = 0 ;
+ long socket_mtu = 0;
+@@ -630,6 +638,12 @@
+ meth=SSLv2_client_method();
+ #endif
+
++ use_ipv4 = 1;
++#if OPENSSL_USE_IPV6
++ use_ipv6 = 1;
++#else
++ use_ipv6 = 0;
++#endif
+ apps_startup();
+ c_Pause=0;
+ c_quiet=0;
+@@ -951,6 +961,18 @@
+ jpake_secret = *++argv;
+ }
+ #endif
++ else if (strcmp(*argv,"-4") == 0)
++ {
++ use_ipv4 = 1;
++ use_ipv6 = 0;
++ }
++#if OPENSSL_USE_IPV6
++ else if (strcmp(*argv,"-6") == 0)
++ {
++ use_ipv4 = 0;
++ use_ipv6 = 1;
++ }
++#endif
+ #ifndef OPENSSL_NO_SRTP
+ else if (strcmp(*argv,"-use_srtp") == 0)
+ {
+@@ -1259,7 +1276,7 @@
+
+ re_start:
+
+- if (init_client(&s,host,port,socket_type) == 0)
++ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0)
+ {
+ BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
+ SHUTDOWN(s);
+@@ -1285,7 +1302,7 @@
+ {
+
+ sbio=BIO_new_dgram(s,BIO_NOCLOSE);
+- if (getsockname(s, &peer, (void *)&peerlen) < 0)
++ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0)
+ {
+ BIO_printf(bio_err, "getsockname:errno=%d\n",
+ get_last_socket_error());
+===================================================================
+RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v
+retrieving revision 1.136.2.15.2.13
+diff -u -r1.136.2.15.2.13 s_server.c
+--- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13
++++ apps/s_server.c 28 Dec 2011 00:28:14 -0000
+@@ -558,6 +558,10 @@
+ # endif
+ BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list");
+ #endif
++ BIO_printf(bio_err," -4 - use IPv4 only\n");
++#if OPENSSL_USE_IPV6
++ BIO_printf(bio_err," -6 - use IPv6 only\n");
++#endif
+ BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
+ BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
+ }
+@@ -943,6 +947,7 @@
+ int state=0;
+ const SSL_METHOD *meth=NULL;
+ int socket_type=SOCK_STREAM;
++ int use_ipv4, use_ipv6;
+ ENGINE *e=NULL;
+ char *inrand=NULL;
+ int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
+@@ -981,6 +986,12 @@
+ /* #error no SSL version enabled */
+ #endif
+
++ use_ipv4 = 1;
++#if OPENSSL_USE_IPV6
++ use_ipv6 = 1;
++#else
++ use_ipv6 = 0;
++#endif
+ local_argc=argc;
+ local_argv=argv;
+
+@@ -1329,6 +1340,18 @@
+ jpake_secret = *(++argv);
+ }
+ #endif
++ else if (strcmp(*argv,"-4") == 0)
++ {
++ use_ipv4 = 1;
++ use_ipv6 = 0;
++ }
++#if OPENSSL_USE_IPV6
++ else if (strcmp(*argv,"-6") == 0)
++ {
++ use_ipv4 = 0;
++ use_ipv6 = 1;
++ }
++#endif
+ #ifndef OPENSSL_NO_SRTP
+ else if (strcmp(*argv,"-use_srtp") == 0)
+ {
+@@ -1884,9 +1907,9 @@
+ BIO_printf(bio_s_out,"ACCEPT\n");
+ (void)BIO_flush(bio_s_out);
+ if (www)
+- do_server(port,socket_type,&accept_socket,www_body, context);
++ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6);
+ else
+- do_server(port,socket_type,&accept_socket,sv_body, context);
++ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6);
+ print_stats(bio_s_out,ctx);
+ ret=0;
+ end:
+Index: apps/s_socket.c
+===================================================================
+RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v
+retrieving revision 1.43.2.3.2.2
+diff -u -r1.43.2.3.2.2 s_socket.c
+--- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2
++++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000
+@@ -97,16 +97,16 @@
+ #include "netdb.h"
+ #endif
+
+-static struct hostent *GetHostByName(char *name);
++static struct hostent *GetHostByName(char *name, int domain);
+ #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+ static void ssl_sock_cleanup(void);
+ #endif
+ static int ssl_sock_init(void);
+-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
+-static int init_server(int *sock, int port, int type);
+-static int init_server_long(int *sock, int port,char *ip, int type);
++static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain);
++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
++static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6);
+ static int do_accept(int acc_sock, int *sock, char **host);
+-static int host_ip(char *str, unsigned char ip[4]);
++static int host_ip(char *str, unsigned char *ip, int domain);
+
+ #ifdef OPENSSL_SYS_WIN16
+ #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+@@ -234,38 +234,68 @@
+ return(1);
+ }
+
+-int init_client(int *sock, char *host, int port, int type)
++int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
+ {
++#if OPENSSL_USE_IPV6
++ unsigned char ip[16];
++#else
+ unsigned char ip[4];
++#endif
+
+- memset(ip, '\0', sizeof ip);
+- if (!host_ip(host,&(ip[0])))
+- return 0;
+- return init_client_ip(sock,ip,port,type);
+- }
+-
+-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
+- {
+- unsigned long addr;
++ if (use_ipv4)
++ if (host_ip(host,ip,AF_INET))
++ return(init_client_ip(sock,ip,port,type,AF_INET));
++#if OPENSSL_USE_IPV6
++ if (use_ipv6)
++ if (host_ip(host,ip,AF_INET6))
++ return(init_client_ip(sock,ip,port,type,AF_INET6));
++#endif
++ return 0;
++ }
++
++static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
++ {
++#if OPENSSL_USE_IPV6
++ struct sockaddr_storage them;
++ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
++ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
++#else
+ struct sockaddr_in them;
++ struct sockaddr_in *them_in = &them;
++#endif
++ socklen_t addr_len;
+ int s,i;
+
+ if (!ssl_sock_init()) return(0);
+
+ memset((char *)&them,0,sizeof(them));
+- them.sin_family=AF_INET;
+- them.sin_port=htons((unsigned short)port);
+- addr=(unsigned long)
+- ((unsigned long)ip[0]<<24L)|
+- ((unsigned long)ip[1]<<16L)|
+- ((unsigned long)ip[2]<< 8L)|
+- ((unsigned long)ip[3]);
+- them.sin_addr.s_addr=htonl(addr);
++ if (domain == AF_INET)
++ {
++ addr_len = (socklen_t)sizeof(struct sockaddr_in);
++ them_in->sin_family=AF_INET;
++ them_in->sin_port=htons((unsigned short)port);
++#ifndef BIT_FIELD_LIMITS
++ memcpy(&them_in->sin_addr.s_addr, ip, 4);
++#else
++ memcpy(&them_in->sin_addr, ip, 4);
++#endif
++ }
++ else
++#if OPENSSL_USE_IPV6
++ {
++ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
++ them_in6->sin6_family=AF_INET6;
++ them_in6->sin6_port=htons((unsigned short)port);
++ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
++ }
++#else
++ return(0);
++#endif
+
+ if (type == SOCK_STREAM)
+- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
++ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
+ else /* ( type == SOCK_DGRAM) */
+- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
++ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP);
+
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+@@ -277,29 +315,27 @@
+ if (i < 0) { perror("keepalive"); return(0); }
+ }
+ #endif
+-
+- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
++ if (connect(s,(struct sockaddr *)&them,addr_len) == -1)
+ { closesocket(s); perror("connect"); return(0); }
+ *sock=s;
+ return(1);
+ }
+
+-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
++int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6)
+ {
+ int sock;
+ char *name = NULL;
+ int accept_socket = 0;
+ int i;
+
+- if (!init_server(&accept_socket,port,type)) return(0);
+-
++ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0);
+ if (ret != NULL)
+ {
+ *ret=accept_socket;
+ /* return(1);*/
+ }
+- for (;;)
+- {
++ for (;;)
++ {
+ if (type==SOCK_STREAM)
+ {
+ if (do_accept(accept_socket,&sock,&name) == 0)
+@@ -322,41 +358,88 @@
+ }
+ }
+
+-static int init_server_long(int *sock, int port, char *ip, int type)
++static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
+ {
+ int ret=0;
++ int domain;
++#if OPENSSL_USE_IPV6
++ struct sockaddr_storage server;
++ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
++ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
++#else
+ struct sockaddr_in server;
++ struct sockaddr_in *server_in = &server;
++#endif
++ socklen_t addr_len;
+ int s= -1;
+
++ if (!use_ipv4 && !use_ipv6)
++ goto err;
++#if OPENSSL_USE_IPV6
++ /* we are fine here */
++#else
++ if (use_ipv6)
++ goto err;
++#endif
+ if (!ssl_sock_init()) return(0);
+
+- memset((char *)&server,0,sizeof(server));
+- server.sin_family=AF_INET;
+- server.sin_port=htons((unsigned short)port);
+- if (ip == NULL)
+- server.sin_addr.s_addr=INADDR_ANY;
+- else
+-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
+-#ifndef BIT_FIELD_LIMITS
+- memcpy(&server.sin_addr.s_addr,ip,4);
++#if OPENSSL_USE_IPV6
++ domain = use_ipv6 ? AF_INET6 : AF_INET;
+ #else
+- memcpy(&server.sin_addr,ip,4);
++ domain = AF_INET;
+ #endif
+-
+- if (type == SOCK_STREAM)
+- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+- else /* type == SOCK_DGRAM */
+- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
++ if (type == SOCK_STREAM)
++ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
++ else /* type == SOCK_DGRAM */
++ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP);
+
+ if (s == INVALID_SOCKET) goto err;
+ #if defined SOL_SOCKET && defined SO_REUSEADDR
++ {
++ int j = 1;
++ setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
++ (void *) &j, sizeof j);
++ }
++#endif
++#if OPENSSL_USE_IPV6
++ if ((use_ipv4 == 0) && (use_ipv6 == 1))
+ {
+- int j = 1;
+- setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
+- (void *) &j, sizeof j);
++ const int on = 1;
++
++ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
++ (const void *) &on, sizeof(int));
+ }
+ #endif
+- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
++ if (domain == AF_INET)
++ {
++ addr_len = (socklen_t)sizeof(struct sockaddr_in);
++ memset(server_in, 0, sizeof(struct sockaddr_in));
++ server_in->sin_family=AF_INET;
++ server_in->sin_port = htons((unsigned short)port);
++ if (ip == NULL)
++ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
++ else
++/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
++#ifndef BIT_FIELD_LIMITS
++ memcpy(&server_in->sin_addr.s_addr, ip, 4);
++#else
++ memcpy(&server_in->sin_addr, ip, 4);
++#endif
++ }
++#if OPENSSL_USE_IPV6
++ else
++ {
++ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
++ memset(server_in6, 0, sizeof(struct sockaddr_in6));
++ server_in6->sin6_family = AF_INET6;
++ server_in6->sin6_port = htons((unsigned short)port);
++ if (ip == NULL)
++ server_in6->sin6_addr = in6addr_any;
++ else
++ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
++ }
++#endif
++ if (bind(s, (struct sockaddr *)&server, addr_len) == -1)
+ {
+ #ifndef OPENSSL_SYS_WINDOWS
+ perror("bind");
+@@ -375,16 +458,23 @@
+ return(ret);
+ }
+
+-static int init_server(int *sock, int port, int type)
++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
+ {
+- return(init_server_long(sock, port, NULL, type));
++ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
+ }
+
+ static int do_accept(int acc_sock, int *sock, char **host)
+ {
+ int ret;
+ struct hostent *h1,*h2;
+- static struct sockaddr_in from;
++#if OPENSSL_USE_IPV6
++ struct sockaddr_storage from;
++ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
++ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
++#else
++ struct sockaddr_in from;
++ struct sockaddr_in *from_in = &from;
++#endif
+ int len;
+ /* struct linger ling; */
+
+@@ -431,13 +521,23 @@
+ */
+
+ if (host == NULL) goto end;
++#if OPENSSL_USE_IPV6
++ if (from.ss_family == AF_INET)
++#else
++ if (from.sin_family == AF_INET)
++#endif
+ #ifndef BIT_FIELD_LIMITS
+- /* I should use WSAAsyncGetHostByName() under windows */
+- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
+- sizeof(from.sin_addr.s_addr),AF_INET);
++ /* I should use WSAAsyncGetHostByName() under windows */
++ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr,
++ sizeof(from_in->sin_addr.s_addr), AF_INET);
+ #else
+- h1=gethostbyaddr((char *)&from.sin_addr,
+- sizeof(struct in_addr),AF_INET);
++ h1=gethostbyaddr((char *)&from_in->sin_addr,
++ sizeof(struct in_addr), AF_INET);
++#endif
++#if OPENSSL_USE_IPV6
++ else
++ h1=gethostbyaddr((char *)&from_in6->sin6_addr,
++ sizeof(struct in6_addr), AF_INET6);
+ #endif
+ if (h1 == NULL)
+ {
+@@ -454,15 +554,23 @@
+ }
+ BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
+
+- h2=GetHostByName(*host);
++#if OPENSSL_USE_IPV6
++ h2=GetHostByName(*host, from.ss_family);
++#else
++ h2=GetHostByName(*host, from.sin_family);
++#endif
+ if (h2 == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ return(0);
+ }
+- if (h2->h_addrtype != AF_INET)
++#if OPENSSL_USE_IPV6
++ if (h2->h_addrtype != from.ss_family)
++#else
++ if (h2->h_addrtype != from.sin_family)
++#endif
+ {
+- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
++ BIO_printf(bio_err,"gethostbyname addr address is not correct\n");
+ return(0);
+ }
+ }
+@@ -477,7 +585,7 @@
+ char *h,*p;
+
+ h=str;
+- p=strchr(str,':');
++ p=strrchr(str,':');
+ if (p == NULL)
+ {
+ BIO_printf(bio_err,"no port defined\n");
+@@ -485,7 +593,7 @@
+ }
+ *(p++)='\0';
+
+- if ((ip != NULL) && !host_ip(str,ip))
++ if ((ip != NULL) && !host_ip(str,ip,AF_INET))
+ goto err;
+ if (host_ptr != NULL) *host_ptr=h;
+
+@@ -496,48 +604,58 @@
+ return(0);
+ }
+
+-static int host_ip(char *str, unsigned char ip[4])
++static int host_ip(char *str, unsigned char *ip, int domain)
+ {
+- unsigned int in[4];
++ unsigned int in[4];
++ unsigned long l;
+ int i;
+
+- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
++ if ((domain == AF_INET) &&
++ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4))
+ {
++
+ for (i=0; i<4; i++)
+ if (in[i] > 255)
+ {
+ BIO_printf(bio_err,"invalid IP address\n");
+ goto err;
+ }
+- ip[0]=in[0];
+- ip[1]=in[1];
+- ip[2]=in[2];
+- ip[3]=in[3];
+- }
++ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
++ memcpy(ip, &l, 4);
++ return 1;
++ }
++#if OPENSSL_USE_IPV6
++ else if ((domain == AF_INET6) &&
++ (inet_pton(AF_INET6, str, ip) == 1))
++ return 1;
++#endif
+ else
+ { /* do a gethostbyname */
+ struct hostent *he;
+
+ if (!ssl_sock_init()) return(0);
+
+- he=GetHostByName(str);
++ he=GetHostByName(str,domain);
+ if (he == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ goto err;
+ }
+ /* cast to short because of win16 winsock definition */
+- if ((short)he->h_addrtype != AF_INET)
++ if ((short)he->h_addrtype != domain)
+ {
+- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
++ BIO_printf(bio_err,"gethostbyname addr family is not correct\n");
+ return(0);
+ }
+- ip[0]=he->h_addr_list[0][0];
+- ip[1]=he->h_addr_list[0][1];
+- ip[2]=he->h_addr_list[0][2];
+- ip[3]=he->h_addr_list[0][3];
++ if (domain == AF_INET)
++ memset(ip, 0, 4);
++#if OPENSSL_USE_IPV6
++ else
++ memset(ip, 0, 16);
++#endif
++ memcpy(ip, he->h_addr_list[0], he->h_length);
++ return 1;
+ }
+- return(1);
+ err:
+ return(0);
+ }
+@@ -574,7 +692,7 @@
+ static unsigned long ghbn_hits=0L;
+ static unsigned long ghbn_miss=0L;
+
+-static struct hostent *GetHostByName(char *name)
++static struct hostent *GetHostByName(char *name, int domain)
+ {
+ struct hostent *ret;
+ int i,lowi=0;
+@@ -589,14 +707,20 @@
+ }
+ if (ghbn_cache[i].order > 0)
+ {
+- if (strncmp(name,ghbn_cache[i].name,128) == 0)
++ if ((strncmp(name,ghbn_cache[i].name,128) == 0) &&
++ (ghbn_cache[i].ent.h_addrtype == domain))
+ break;
+ }
+ }
+ if (i == GHBN_NUM) /* no hit*/
+ {
+ ghbn_miss++;
+- ret=gethostbyname(name);
++ if (domain == AF_INET)
++ ret=gethostbyname(name);
++#if OPENSSL_USE_IPV6
++ else
++ ret=gethostbyname2(name, AF_INET6);
++#endif
+ if (ret == NULL) return(NULL);
+ /* else add to cache */
+ if(strlen(name) < sizeof ghbn_cache[0].name)
diff --git a/openssl/openssl.mk b/openssl/openssl.mk
@@ -0,0 +1,68 @@
+TARG = openssl
+LIB = libssl.a
+DEPS= zlib
+# TODO: add perl, patch to DEPS
+
+<$mkbuild/mk.common-noinst
+
+openssl:QV:
+ # apply patches
+ patch -p1 < ../openssl-1.0.0a-ldflags.patch #327421
+ patch -p1 < ../openssl-1.0.0d-windres.patch #373743
+ patch -p1 < ../openssl-1.0.0h-pkg-config.patch
+ patch -p1 < ../openssl-1.0.1-parallel-build.patch
+ patch -p1 < ../openssl-1.0.1-x32.patch
+ patch -p0 < ../openssl-1.0.1e-ipv6.patch
+ # disable fips in the build
+ # make sure the man pages are suffixed #302165
+ # don't bother building man pages if they're disabled
+ sed -i \
+ -e '/DIRS/s: fips : :g' \
+ -e '/^MANSUFFIX/s:=.*:=ssl:' \
+ -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
+ -e '/^MANDIR=/s:=.*:=/share/man:' \
+ Makefile.org \
+ || die
+ # show the actual commands in the log
+ sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
+ #
+ sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
+ #./config --test-sanity || die "I AM NOT SANE"
+ #
+ sed -i 's/-DTERMIO/-DTERMIOS/g' Configure
+ sed -i 's/defined(linux)/0/' crypto/ui/ui_openssl.c
+ #
+ # this is asm generated by perl (asm/cast-586.pl) which will cause textrel's that
+ # will require musl's dynlinker to mprotect(PROT_EXEC), which is not allowed by grsec.
+ sed -i 's@cast-586.o:@c_enc.o:@' Configure
+ #
+ export CFLAGS="-fPIC -Wa,--noexecstack -fno-strict-aliasing -D_GNU_SOURCE -Wl,-Bsymbolic \
+ $optcflags $DEPS_CFLAGS"
+ export LDFLAGS="$optldflags $DEPS_LDFLAGS"
+ #
+ #disable_asm=
+ disable_asm=no-asm
+ #
+ ./config --prefix="$prefix" --openssldir="$prefix"/etc/ssl \
+ --libdir="$prefix"/lib no-dso $disable_asm zlib enable-md2 $CFLAGS
+ # Clean out hardcoded flags that openssl uses
+ local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
+ -e 's:^CFLAG=::' \
+ -e 's:-fomit-frame-pointer ::g' \
+ -e 's:-O[0-9] ::g' \
+ -e 's:-march=[-a-z0-9]* ::g' \
+ -e 's:-mcpu=[-a-z0-9]* ::g' \
+ -e 's:-m[a-z0-9]* ::g' \
+ )
+ for mak in Makefile ; do
+ # for mak in Makefile crypto/cast/Makefile ; do
+ sed -i \
+ -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS} ${INCLUDES}|" \
+ -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
+ "$mak" || die
+ done
+ # second part of our cast-586 fix: CFLAGS need to be picked up by the makefile.
+ sed -i 's@CFLAG=-g@CFLAG=${CFLAG} ${CFLAGS}@' crypto/cast/Makefile
+ #sed -i 's@#include "e_os.h"@#define CAST_LONG unsigned@' crypto/cast/cast_lcl.h
+ make -j$nprocs depend
+ make -j$nprocs build_libs
diff --git a/openssl/v.mk b/openssl/v.mk
@@ -0,0 +1 @@
+v = 1.0.1g
