Bug 31844: Use DESTDIR instead of --prefix when building OpenSSL

This is fixing CVE-2019-1552:
http://cve.circl.lu/cve/CVE-2019-1552

In oder to avoid changing the OPENSSLDIR to a directory that might be
writable on the user system, we don't set the --prefix/--openssldir
option anymore and use DESTDIR to select the packaging installation
directory.

projects/openssl/build

@@ -14,10 +14,11 @@ export CC='gcc -m32'
   export CC="cc [% c("var/FLAGS") %]"
 [% END -%]
 export SOURCE_DATE_EPOCH='[% c("timestamp") %]'
-./Configure --prefix=$distdir [% c('var/configure_opts') %]
+./Configure [% c('var/configure_opts') %]
 make
-make install
+make DESTDIR="$distdir" install
 cd /var/tmp/dist
+ln -s '[% c("var/openssldir") %]' openssl/openssl
 [% c('tar', {
         tar_src => [ project ],
         tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),

projects/openssl/config

@@ -3,6 +3,7 @@ version: 1.1.1d
 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
 
 var:
+  openssldir: 'usr/local'
   container:
     use_container: 1
 
@@ -17,6 +18,7 @@ targets:
     var:
       flag_mwindows: ''
       configure_opts: '-shared --cross-compile-prefix=[% c("arch") %]-w64-mingw32- mingw[% IF c("var/windows-x86_64") %]64[% END %] "[% c("var/CFLAGS") %] [% c("var/LDFLAGS") %]"'
+      openssldir: 'Program Files[% IF c("var/windows-i686") %] (x86)[% END %]/OpenSSL'
   osx-x86_64:
     var:
       configure_opts: --cross-compile-prefix=x86_64-apple-darwin11- darwin64-x86_64-cc enable-ec_nistp_64_gcc_128

projects/tor/build

@@ -30,7 +30,7 @@ tar -C /var/tmp/dist -xf [% c('input_files_by_name/libevent') %]
 [% END %]
 tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
 libeventdir=/var/tmp/dist/libevent
-openssldir=/var/tmp/dist/openssl
+openssldir=/var/tmp/dist/openssl/openssl
 
 [% IF c("var/windows") %]
   [% IF c("var/nightly") %]