From ea622a836a0e5ea116693c3560567b25e250352a Mon Sep 17 00:00:00 2001
From: Ian Leonard <antonlacon@gmail.com>
Date: Tue, 19 Jan 2021 19:34:14 +0000
Subject: [PATCH] security: automated code cleanup

Signed-off-by: Ian Leonard <antonlacon@gmail.com>
---
 packages/security/gnutls/package.mk       |  2 +-
 packages/security/libgcrypt/package.mk    | 12 ++---
 packages/security/libgpg-error/package.mk | 14 ++---
 packages/security/nettle/package.mk       |  4 +-
 packages/security/nspr/package.mk         | 12 ++---
 packages/security/nss/package.mk          | 64 +++++++++++------------
 packages/security/openssl/package.mk      | 60 ++++++++++-----------
 7 files changed, 84 insertions(+), 84 deletions(-)

diff --git a/packages/security/gnutls/package.mk b/packages/security/gnutls/package.mk
index 7da861e623..03dedb3a52 100644
--- a/packages/security/gnutls/package.mk
+++ b/packages/security/gnutls/package.mk
@@ -7,7 +7,7 @@ PKG_VERSION="3.7.0"
 PKG_SHA256="49e2a22691d252c9f24a9829b293a8f359095bc5a818351f05f1c0a5188a1df8"
 PKG_LICENSE="LGPL2.1"
 PKG_SITE="https://gnutls.org"
-PKG_URL="https://www.gnupg.org/ftp/gcrypt/gnutls/v${PKG_VERSION:0:3}/$PKG_NAME-$PKG_VERSION.tar.xz"
+PKG_URL="https://www.gnupg.org/ftp/gcrypt/gnutls/v${PKG_VERSION:0:3}/${PKG_NAME}-${PKG_VERSION}.tar.xz"
 PKG_DEPENDS_TARGET="toolchain libidn2 nettle zlib"
 PKG_LONGDESC="A library which provides a secure layer over a reliable transport layer."
 
diff --git a/packages/security/libgcrypt/package.mk b/packages/security/libgcrypt/package.mk
index 5747925354..8c5d43182f 100644
--- a/packages/security/libgcrypt/package.mk
+++ b/packages/security/libgcrypt/package.mk
@@ -7,7 +7,7 @@ PKG_VERSION="1.8.7"
 PKG_SHA256="03b70f028299561b7034b8966d7dd77ef16ed139c43440925fe8782561974748"
 PKG_LICENSE="GPLv2"
 PKG_SITE="https://www.gnupg.org/"
-PKG_URL="https://www.gnupg.org/ftp/gcrypt/libgcrypt/$PKG_NAME-$PKG_VERSION.tar.bz2"
+PKG_URL="https://www.gnupg.org/ftp/gcrypt/libgcrypt/${PKG_NAME}-${PKG_VERSION}.tar.bz2"
 PKG_DEPENDS_TARGET="toolchain libgpg-error"
 PKG_LONGDESC="A General purpose cryptographic library."
 PKG_TOOLCHAIN="autotools"
@@ -15,17 +15,17 @@ PKG_TOOLCHAIN="autotools"
 # see for example https://bugs.gentoo.org/show_bug.cgi?id=581114
 
 pre_configure_target() {
-  PKG_CONFIGURE_OPTS_TARGET="CC_FOR_BUILD=$HOST_CC \
+  PKG_CONFIGURE_OPTS_TARGET="CC_FOR_BUILD=${HOST_CC} \
                              ac_cv_sys_symbol_underscore=no \
                              --enable-asm \
                              --with-gnu-ld \
-                             --with-libgpg-error-prefix=$SYSROOT_PREFIX/usr \
+                             --with-libgpg-error-prefix=${SYSROOT_PREFIX}/usr \
                              --disable-doc"
 }
 
 post_makeinstall_target() {
-  sed -e "s:\(['= ]\)\"/usr:\\1\"$SYSROOT_PREFIX/usr:g" -i src/$PKG_NAME-config
-  cp src/$PKG_NAME-config $SYSROOT_PREFIX/usr/bin
+  sed -e "s:\(['= ]\)\"/usr:\\1\"${SYSROOT_PREFIX}/usr:g" -i src/${PKG_NAME}-config
+  cp src/${PKG_NAME}-config ${SYSROOT_PREFIX}/usr/bin
 
-  rm -rf $INSTALL/usr/bin
+  rm -rf ${INSTALL}/usr/bin
 }
diff --git a/packages/security/libgpg-error/package.mk b/packages/security/libgpg-error/package.mk
index 3187ee8499..167412999d 100644
--- a/packages/security/libgpg-error/package.mk
+++ b/packages/security/libgpg-error/package.mk
@@ -7,12 +7,12 @@ PKG_VERSION="1.41"
 PKG_SHA256="64b078b45ac3c3003d7e352a5e05318880a5778c42331ce1ef33d1a0d9922742"
 PKG_LICENSE="GPLv2"
 PKG_SITE="https://www.gnupg.org"
-PKG_URL="https://www.gnupg.org/ftp/gcrypt/libgpg-error/$PKG_NAME-$PKG_VERSION.tar.bz2"
+PKG_URL="https://www.gnupg.org/ftp/gcrypt/libgpg-error/${PKG_NAME}-${PKG_VERSION}.tar.bz2"
 PKG_DEPENDS_TARGET="toolchain"
 PKG_LONGDESC="A library that defines common error values for all GnuPG components."
 
 pre_configure_target() {
-  PKG_CONFIGURE_OPTS_TARGET="CC_FOR_BUILD=$HOST_CC --enable-static --disable-shared --disable-nls --disable-rpath --with-gnu-ld --with-pic"
+  PKG_CONFIGURE_OPTS_TARGET="CC_FOR_BUILD=${HOST_CC} --enable-static --disable-shared --disable-nls --disable-rpath --with-gnu-ld --with-pic"
 
 # inspired by openembedded
   case ${TARGET_ARCH} in
@@ -30,13 +30,13 @@ pre_configure_target() {
       ;;
   esac
 
-  cp $PKG_BUILD/src/syscfg/lock-obj-pub.$GPGERROR_TUPLE.h $PKG_BUILD/src/syscfg/lock-obj-pub.$GPGERROR_TARGET.h
+  cp ${PKG_BUILD}/src/syscfg/lock-obj-pub.${GPGERROR_TUPLE}.h ${PKG_BUILD}/src/syscfg/lock-obj-pub.${GPGERROR_TARGET}.h
 }
 
 post_makeinstall_target() {
-  rm -rf $INSTALL/usr/bin
-  rm -rf $INSTALL/usr/share
+  rm -rf ${INSTALL}/usr/bin
+  rm -rf ${INSTALL}/usr/share
 
-  sed -e "s:\(['= ]\)/usr:\\1$SYSROOT_PREFIX/usr:g" -i src/gpg-error-config
-  cp src/gpg-error-config $SYSROOT_PREFIX/usr/bin
+  sed -e "s:\(['= ]\)/usr:\\1${SYSROOT_PREFIX}/usr:g" -i src/gpg-error-config
+  cp src/gpg-error-config ${SYSROOT_PREFIX}/usr/bin
 }
diff --git a/packages/security/nettle/package.mk b/packages/security/nettle/package.mk
index 74433eff72..12bac17fb6 100644
--- a/packages/security/nettle/package.mk
+++ b/packages/security/nettle/package.mk
@@ -7,7 +7,7 @@ PKG_VERSION="3.7"
 PKG_SHA256="f001f64eb444bf13dd91bceccbc20acbc60c4311d6e2b20878452eb9a9cec75a"
 PKG_LICENSE="GPL2"
 PKG_SITE="http://www.lysator.liu.se/~nisse/nettle"
-PKG_URL="http://ftpmirror.gnu.org/gnu/nettle/nettle-$PKG_VERSION.tar.gz"
+PKG_URL="http://ftpmirror.gnu.org/gnu/nettle/nettle-${PKG_VERSION}.tar.gz"
 PKG_DEPENDS_TARGET="toolchain gmp"
 PKG_LONGDESC="A low-level cryptographic library."
 
@@ -19,5 +19,5 @@ if target_has_feature neon; then
 fi
 
 post_makeinstall_target() {
-  rm -rf $INSTALL/usr/bin
+  rm -rf ${INSTALL}/usr/bin
 }
diff --git a/packages/security/nspr/package.mk b/packages/security/nspr/package.mk
index 024d7402d8..6e964f0e72 100644
--- a/packages/security/nspr/package.mk
+++ b/packages/security/nspr/package.mk
@@ -13,17 +13,17 @@ PKG_LONGDESC="Netscape Portable Runtime (NSPR) provides a platform-neutral API f
 PKG_TOOLCHAIN="configure"
 PKG_BUILD_FLAGS="-parallel"
 
-if [ "$TARGET_ARCH" = "x86_64" ] ; then
+if [ "${TARGET_ARCH}" = "x86_64" ]; then
   TARGET_USE_64="--enable-64bit"
 fi
 
-PKG_CONFIGURE_OPTS_TARGET="--with-pthreads $TARGET_USE_64"
-PKG_MAKE_OPTS_TARGET="NSINSTALL=$TOOLCHAIN/bin/nsinstall"
-PKG_MAKEINSTALL_OPTS_TARGET="NSINSTALL=$TOOLCHAIN/bin/nsinstall"
+PKG_CONFIGURE_OPTS_TARGET="--with-pthreads ${TARGET_USE_64}"
+PKG_MAKE_OPTS_TARGET="NSINSTALL=${TOOLCHAIN}/bin/nsinstall"
+PKG_MAKEINSTALL_OPTS_TARGET="NSINSTALL=${TOOLCHAIN}/bin/nsinstall"
 
 configure_host() {
   cd $(get_build_dir nss)/nspr
-  ./configure --with-pthreads --enable-64bit --with-pthreads --prefix=$TOOLCHAIN
+  ./configure --with-pthreads --enable-64bit --with-pthreads --prefix=${TOOLCHAIN}
 }
 
 pre_make_host() {
@@ -33,7 +33,7 @@ pre_make_host() {
 
 configure_target() {
   cd $(get_build_dir nss)/nspr
-  ./configure --with-pthreads $TARGET_USE_64 $TARGET_CONFIGURE_OPTS
+  ./configure --with-pthreads ${TARGET_USE_64} ${TARGET_CONFIGURE_OPTS}
 }
 
 pre_make_target() {
diff --git a/packages/security/nss/package.mk b/packages/security/nss/package.mk
index 1856259b7b..9a8a2b30d6 100644
--- a/packages/security/nss/package.mk
+++ b/packages/security/nss/package.mk
@@ -15,64 +15,64 @@ PKG_TOOLCHAIN="manual"
 PKG_BUILD_FLAGS="-parallel"
 
 make_host() {
-  cd $PKG_BUILD/nss
+  cd ${PKG_BUILD}/nss
 
   make clean || true
-  rm -rf $PKG_BUILD/dist
+  rm -rf ${PKG_BUILD}/dist
 
-  INCLUDES="-I$TOOLCHAIN/include" \
+  INCLUDES="-I${TOOLCHAIN}/include" \
   make BUILD_OPT=1 USE_64=1 \
-     PREFIX=$TOOLCHAIN \
-     NSPR_INCLUDE_DIR=$TOOLCHAIN/include/nspr \
-     USE_SYSTEM_ZLIB=1 ZLIB_LIBS="-lz -L$TOOLCHAIN/lib" \
+     PREFIX=${TOOLCHAIN} \
+     NSPR_INCLUDE_DIR=${TOOLCHAIN}/include/nspr \
+     USE_SYSTEM_ZLIB=1 ZLIB_LIBS="-lz -L${TOOLCHAIN}/lib" \
      SKIP_SHLIBSIGN=1 \
      NSS_TESTS="dummy" \
-     CC=$CC LDFLAGS="$LDFLAGS -L$TOOLCHAIN/lib" \
+     CC=${CC} LDFLAGS="${LDFLAGS} -L${TOOLCHAIN}/lib" \
      V=1
 }
 
 makeinstall_host() {
-  cd $PKG_BUILD
-  $STRIP dist/Linux*/lib/*.so
-  cp -L dist/Linux*/lib/*.so $TOOLCHAIN/lib
-  mkdir -p $TOOLCHAIN/include/nss
-  cp -RL dist/{public,private}/nss/* $TOOLCHAIN/include/nss
-  cp -L dist/Linux*/lib/pkgconfig/nss.pc $TOOLCHAIN/lib/pkgconfig
-  cp -L nss/coreconf/nsinstall/*/nsinstall $TOOLCHAIN/bin
+  cd ${PKG_BUILD}
+  ${STRIP} dist/Linux*/lib/*.so
+  cp -L dist/Linux*/lib/*.so ${TOOLCHAIN}/lib
+  mkdir -p ${TOOLCHAIN}/include/nss
+  cp -RL dist/{public,private}/nss/* ${TOOLCHAIN}/include/nss
+  cp -L dist/Linux*/lib/pkgconfig/nss.pc ${TOOLCHAIN}/lib/pkgconfig
+  cp -L nss/coreconf/nsinstall/*/nsinstall ${TOOLCHAIN}/bin
 }
 
 make_target() {
-  cd $PKG_BUILD/nss
+  cd ${PKG_BUILD}/nss
 
   local TARGET_USE_64=""
-  [ "$TARGET_ARCH" = "x86_64" -o "$TARGET_ARCH" = "aarch64" ] && TARGET_USE_64="USE_64=1"
+  [ "${TARGET_ARCH}" = "x86_64" -o "${TARGET_ARCH}" = "aarch64" ] && TARGET_USE_64="USE_64=1"
 
   make clean || true
-  rm -rf $PKG_BUILD/dist
+  rm -rf ${PKG_BUILD}/dist
 
-  make BUILD_OPT=1 $TARGET_USE_64 \
+  make BUILD_OPT=1 ${TARGET_USE_64} \
      NSS_USE_SYSTEM_SQLITE=1 \
-     NSPR_INCLUDE_DIR=$SYSROOT_PREFIX/usr/include/nspr \
+     NSPR_INCLUDE_DIR=${SYSROOT_PREFIX}/usr/include/nspr \
      NSS_USE_SYSTEM_SQLITE=1 \
      USE_SYSTEM_ZLIB=1 ZLIB_LIBS=-lz \
      SKIP_SHLIBSIGN=1 \
-     OS_TEST=$TARGET_ARCH \
+     OS_TEST=${TARGET_ARCH} \
      NSS_TESTS="dummy" \
-     NSINSTALL=$TOOLCHAIN/bin/nsinstall \
-     CPU_ARCH_TAG=$TARGET_ARCH \
-     CC=$CC \
-     LDFLAGS="$LDFLAGS -L$SYSROOT_PREFIX/usr/lib" \
+     NSINSTALL=${TOOLCHAIN}/bin/nsinstall \
+     CPU_ARCH_TAG=${TARGET_ARCH} \
+     CC=${CC} \
+     LDFLAGS="${LDFLAGS} -L${SYSROOT_PREFIX}/usr/lib" \
      V=1
 }
 
 makeinstall_target() {
-  cd $PKG_BUILD
-  $STRIP dist/Linux*/lib/*.so
-  cp -L dist/Linux*/lib/*.so $SYSROOT_PREFIX/usr/lib
-  mkdir -p $SYSROOT_PREFIX/usr/include/nss
-  cp -RL dist/{public,private}/nss/* $SYSROOT_PREFIX/usr/include/nss
-  cp -L dist/Linux*/lib/pkgconfig/nss.pc $SYSROOT_PREFIX/usr/lib/pkgconfig
+  cd ${PKG_BUILD}
+  ${STRIP} dist/Linux*/lib/*.so
+  cp -L dist/Linux*/lib/*.so ${SYSROOT_PREFIX}/usr/lib
+  mkdir -p ${SYSROOT_PREFIX}/usr/include/nss
+  cp -RL dist/{public,private}/nss/* ${SYSROOT_PREFIX}/usr/include/nss
+  cp -L dist/Linux*/lib/pkgconfig/nss.pc ${SYSROOT_PREFIX}/usr/lib/pkgconfig
 
-  mkdir -p $PKG_INSTALL/usr/lib
-    cp -PL dist/Linux*/lib/*.so $PKG_INSTALL/usr/lib
+  mkdir -p ${PKG_INSTALL}/usr/lib
+    cp -PL dist/Linux*/lib/*.so ${PKG_INSTALL}/usr/lib
 }
diff --git a/packages/security/openssl/package.mk b/packages/security/openssl/package.mk
index 1f6bb5ec95..e0b70b395a 100644
--- a/packages/security/openssl/package.mk
+++ b/packages/security/openssl/package.mk
@@ -7,7 +7,7 @@ PKG_VERSION="1.1.1i"
 PKG_SHA256="e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
 PKG_LICENSE="BSD"
 PKG_SITE="https://www.openssl.org"
-PKG_URL="https://www.openssl.org/source/$PKG_NAME-$PKG_VERSION.tar.gz"
+PKG_URL="https://www.openssl.org/source/${PKG_NAME}-${PKG_VERSION}.tar.gz"
 PKG_DEPENDS_HOST="ccache:host"
 PKG_DEPENDS_TARGET="toolchain"
 PKG_LONGDESC="The Open Source toolkit for Secure Sockets Layer and Transport Layer Security"
@@ -30,23 +30,23 @@ PKG_CONFIGURE_OPTS_SHARED="--libdir=lib \
                            no-zlib-dynamic \
                            no-static-engine"
 
-PKG_CONFIGURE_OPTS_HOST="--prefix=$TOOLCHAIN \
-                         --openssldir=$TOOLCHAIN/etc/ssl"
+PKG_CONFIGURE_OPTS_HOST="--prefix=${TOOLCHAIN} \
+                         --openssldir=${TOOLCHAIN}/etc/ssl"
 PKG_CONFIGURE_OPTS_TARGET="--prefix=/usr \
                            --openssldir=/etc/ssl"
 
 post_unpack() {
-  find $PKG_BUILD/apps -type f | xargs -n 1 -t sed 's|./demoCA|/etc/ssl|' -i
+  find ${PKG_BUILD}/apps -type f | xargs -n 1 -t sed 's|./demoCA|/etc/ssl|' -i
 }
 
 pre_configure_host() {
-  mkdir -p $PKG_BUILD/.$HOST_NAME
-  cp -a $PKG_BUILD/* $PKG_BUILD/.$HOST_NAME/
+  mkdir -p ${PKG_BUILD}/.${HOST_NAME}
+  cp -a ${PKG_BUILD}/* ${PKG_BUILD}/.${HOST_NAME}/
 }
 
 configure_host() {
-  cd $PKG_BUILD/.$HOST_NAME
-  ./Configure $PKG_CONFIGURE_OPTS_HOST $PKG_CONFIGURE_OPTS_SHARED linux-${MACHINE_HARDWARE_NAME} $CFLAGS $LDFLAGS
+  cd ${PKG_BUILD}/.${HOST_NAME}
+  ./Configure ${PKG_CONFIGURE_OPTS_HOST} ${PKG_CONFIGURE_OPTS_SHARED} linux-${MACHINE_HARDWARE_NAME} ${CFLAGS} ${LDFLAGS}
 }
 
 makeinstall_host() {
@@ -54,10 +54,10 @@ makeinstall_host() {
 }
 
 pre_configure_target() {
-  mkdir -p $PKG_BUILD/.$TARGET_NAME
-  cp -a $PKG_BUILD/* $PKG_BUILD/.$TARGET_NAME/
+  mkdir -p ${PKG_BUILD}/.${TARGET_NAME}
+  cp -a ${PKG_BUILD}/* ${PKG_BUILD}/.${TARGET_NAME}/
 
-  case $TARGET_ARCH in
+  case ${TARGET_ARCH} in
     x86_64)
       OPENSSL_TARGET=linux-x86_64
       PLATFORM_FLAGS=enable-ec_nistp_64_gcc_128
@@ -72,38 +72,38 @@ pre_configure_target() {
 }
 
 configure_target() {
-  cd $PKG_BUILD/.$TARGET_NAME
-  ./Configure $PKG_CONFIGURE_OPTS_TARGET $PKG_CONFIGURE_OPTS_SHARED $PLATFORM_FLAGS $OPENSSL_TARGET $CFLAGS $LDFLAGS
+  cd ${PKG_BUILD}/.${TARGET_NAME}
+  ./Configure ${PKG_CONFIGURE_OPTS_TARGET} ${PKG_CONFIGURE_OPTS_SHARED} ${PLATFORM_FLAGS} ${OPENSSL_TARGET} ${CFLAGS} ${LDFLAGS}
 }
 
 makeinstall_target() {
-  make DESTDIR=$INSTALL install_sw
-  make DESTDIR=$SYSROOT_PREFIX install_sw
+  make DESTDIR=${INSTALL} install_sw
+  make DESTDIR=${SYSROOT_PREFIX} install_sw
 }
 
 post_makeinstall_target() {
-  rm -rf $INSTALL/etc/ssl/misc
-  rm -rf $INSTALL/usr/bin/c_rehash
+  rm -rf ${INSTALL}/etc/ssl/misc
+  rm -rf ${INSTALL}/usr/bin/c_rehash
 
-  debug_strip $INSTALL/usr/bin/openssl
+  debug_strip ${INSTALL}/usr/bin/openssl
 
   # cert from https://curl.haxx.se/docs/caextract.html
-  mkdir -p $INSTALL/etc/ssl
-    cp $PKG_DIR/cert/cacert.pem $INSTALL/etc/ssl/cacert.pem.system
+  mkdir -p ${INSTALL}/etc/ssl
+    cp ${PKG_DIR}/cert/cacert.pem ${INSTALL}/etc/ssl/cacert.pem.system
 
   # give user the chance to include their own CA
-  mkdir -p $INSTALL/usr/bin
-    cp $PKG_DIR/scripts/openssl-config $INSTALL/usr/bin
-    ln -sf /run/libreelec/cacert.pem $INSTALL/etc/ssl/cacert.pem
-    ln -sf /run/libreelec/cacert.pem $INSTALL/etc/ssl/cert.pem
+  mkdir -p ${INSTALL}/usr/bin
+    cp ${PKG_DIR}/scripts/openssl-config ${INSTALL}/usr/bin
+    ln -sf /run/libreelec/cacert.pem ${INSTALL}/etc/ssl/cacert.pem
+    ln -sf /run/libreelec/cacert.pem ${INSTALL}/etc/ssl/cert.pem
 
   # backwards comatibility
-  mkdir -p $INSTALL/etc/pki/tls
-    ln -sf /run/libreelec/cacert.pem $INSTALL/etc/pki/tls/cacert.pem
-  mkdir -p $INSTALL/etc/pki/tls/certs
-    ln -sf /run/libreelec/cacert.pem $INSTALL/etc/pki/tls/certs/ca-bundle.crt
-  mkdir -p $INSTALL/usr/lib/ssl
-    ln -sf /run/libreelec/cacert.pem $INSTALL/usr/lib/ssl/cert.pem
+  mkdir -p ${INSTALL}/etc/pki/tls
+    ln -sf /run/libreelec/cacert.pem ${INSTALL}/etc/pki/tls/cacert.pem
+  mkdir -p ${INSTALL}/etc/pki/tls/certs
+    ln -sf /run/libreelec/cacert.pem ${INSTALL}/etc/pki/tls/certs/ca-bundle.crt
+  mkdir -p ${INSTALL}/usr/lib/ssl
+    ln -sf /run/libreelec/cacert.pem ${INSTALL}/usr/lib/ssl/cert.pem
 }
 
 post_install() {