Djam/openssl
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/openssl.git synced 2025-02-23 16:22:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
openssl/openssl.spec
Andrey Bondrov 3591a33115 New version 1.1.0b 
New library major 1.1
Adjust patchset to match new version
Update files
2016-09-27 03:25:32 +10:00

285 lines
9.1 KiB
RPMSpec
Raw Blame History

%define major 1.1
%define engines_name %mklibname openssl-engines %{major}
%define libcrypto %mklibname crypto %{major}
%define libssl %mklibname ssl %{major}
%define devname %mklibname openssl -d
%define staticname %mklibname openssl -s -d
%define conflict2 %mklibname openssl 0.9.8
%define with_krb5 %{?_with_krb5:1}%{!?_with_krb5:0}
Summary: Secure Sockets Layer communications libs & utils
Name: openssl
Version: 1.1.0b
Release: 1
License: BSD-like
Group: System/Libraries
Url: https://www.openssl.org
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
Source1: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz.asc
Source2: Makefile.certificate
Source3: make-dummy-cert
Source4: openssl-thread-test.c
# (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
# http://www.iti.gov.br/resolucoes/RESOLU__O_13_DE_26_04_2002.PDF
Patch6: openssl-1.0.2-icpbrasil.patch
Patch7: openssl-1.0.2-defaults.patch
Patch8: openssl-0.9.8a-link-krb5.patch
Patch12: openssl-1.0.2-x509.patch
Patch13: openssl-1.1.0-version-add-engines.patch
Patch303: openssl-1.1.0-no-rpath.patch
BuildRequires: bc
%{?_with_krb5:BuildRequires: krb5-devel}
BuildRequires: sctp-devel
BuildRequires: pkgconfig(zlib)
Requires: %{engines_name} = %{EVRD}
Requires: perl-base
Requires: rootcerts
Provides: /usr/bin/openssl
%description
The openssl certificate management tool and the shared libraries that provide
various encryption and decription algorithms and protocols, including DES, RC4,
RSA and SSL.
%files
%doc FAQ INSTALL LICENSE NEWS main-doc-info/README*
%doc README README.ENGINE
%dir %{_sysconfdir}/pki
%dir %{_sysconfdir}/pki/CA
%dir %{_sysconfdir}/pki/CA/private
%dir %{_sysconfdir}/pki/tls
%dir %{_sysconfdir}/pki/tls/certs
%dir %{_sysconfdir}/pki/tls/misc
%dir %{_sysconfdir}/pki/tls/private
%dir %{_sysconfdir}/pki/tls/rootcerts
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
%attr(0755,root,root) %{_sysconfdir}/pki/tls/certs/make-dummy-cert
%attr(0644,root,root) %{_sysconfdir}/pki/tls/certs/Makefile
%attr(0755,root,root) %{_sysconfdir}/pki/tls/misc/*
%attr(0755,root,root) %{_bindir}/*
%attr(0644,root,root) %{_mandir}/man[157]/*
#----------------------------------------------------------------------------
%package -n %{engines_name}
Summary: Engines for openssl
Group: System/Libraries
Provides: openssl-engines = %{EVRD}
%description -n %{engines_name}
This package provides engines for openssl.
%files -n %{engines_name}
%attr(0755,root,root) %dir %{_libdir}/engines-%{major}/
%attr(0755,root,root) %{_libdir}/engines-%{major}/*.so
#----------------------------------------------------------------------------
%package -n %{libcrypto}
Summary: Secure Sockets Layer communications libs
Group: System/Libraries
Conflicts: %{_lib}openssl1.0.0 < 1.0.1n
%description -n %{libcrypto}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.
%files -n %{libcrypto}
%doc FAQ INSTALL LICENSE NEWS README*
%{_libdir}/libcrypto.so.%{major}*
#----------------------------------------------------------------------------
%package -n %{libssl}
Summary: Secure Sockets Layer communications libs
Group: System/Libraries
Conflicts: %{_lib}openssl1.0.0 < 1.0.1n
Obsoletes: %{_lib}openssl1.0.0 < 1.0.1n
# needed to avoid undefined symbols in rpm (rpm depends on neon library)
Conflicts: %{_lib}neon0.27 < 0.30.1
# needed to avoid undefined symbols in curl and wget as they block update
Conflicts: curl < 1:7.47.1
Conflicts: wget < 1.17.1
%description -n %{libssl}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.
%files -n %{libssl}
%doc FAQ INSTALL LICENSE NEWS README*
%{_libdir}/libssl.so.%{major}*
#----------------------------------------------------------------------------
%package -n %{devname}
Summary: Secure Sockets Layer communications libs & headers & utils
Group: Development/Other
Requires: %{libssl} = %{EVRD}
Requires: %{libcrypto} = %{EVRD}
Provides: libopenssl-devel
Provides: openssl-devel = %{EVRD}
Provides: %{name}-devel = %{EVRD}
%description -n %{devname}
The libraries and include files needed to compile apps with support
for various cryptographic algorithms and protocols, including DES, RC4, RSA
and SSL.
%files -n %{devname}
%doc CHANGES doc/*
%dir %{_includedir}/openssl
%{multiarch_includedir}/openssl/opensslconf.h
%{_includedir}/openssl/*
%{_libdir}/libcrypto.so
%{_libdir}/libssl.so
%{_mandir}/man3/*
%{_libdir}/pkgconfig/*
#----------------------------------------------------------------------------
%package -n %{staticname}
Summary: Secure Sockets Layer communications static libs
Group: Development/Other
Requires: %{devname} = %{EVRD}
Provides: libopenssl-static-devel
Provides: openssl-static-devel = %{EVRD}
Provides: %{name}-static-devel = %{EVRD}
%description -n %{staticname}
The static libraries needed to compile apps with support for various
cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
%files -n %{staticname}
%attr(0644,root,root) %{_libdir}/lib*.a
#----------------------------------------------------------------------------
%prep
%setup -q
%patch6 -p1 -b .icpbrasil
%patch7 -p1 -b .defaults
%{?_with_krb5:%patch8 -p1 -b .krb5}
%patch12 -p1 -b .x509
%patch13 -p1 -b .version-add-engines
%patch303 -p1 -b .no-rpath
# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
# marked as not requiring an executable stack.
sed -i -e 's|-O3|%{optflags} -Wa,--noexecstack|g' Configurations/10-main.conf
cp %{SOURCE2} Makefile.certificate
cp %{SOURCE3} make-dummy-cert
cp %{SOURCE4} openssl-thread-test.c
%build
%serverbuild
# Figure out which flags we want to use.
# default
sslarch=%{_os}-%{_arch}
%ifarch %{ix86}
sslarch=linux-elf
if ! echo %{_target} | grep -q i[56]86 ; then
sslflags="no-asm"
fi
%endif
%ifarch %{arm}
sslarch=linux-generic32
%endif
# ia64, x86_64, ppc, ppc64 are OK by default
# Configure the build tree. Override OpenSSL defaults with known-good defaults
# usable on all platforms. The Configure script already knows to use -fPIC and
# RPM_OPT_FLAGS, so we can skip specifiying them here.
./Configure \
--openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
--prefix=%{_prefix} --libdir=%{_lib}/ %{?_with_krb5:--with-krb5-flavor=MIT -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib}} \
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
enable-cms enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method \
no-mdc2 no-ec2m no-gost no-srp \
shared ${sslarch}
%make all
%install
%makeinstall_std
# make the rootcerts dir
install -d %{buildroot}%{_sysconfdir}/pki/tls/rootcerts
# Install a makefile for generating keys and self-signed certs, and a script
# for generating them on the fly.
install -d %{buildroot}%{_sysconfdir}/pki/tls/certs
install -m0644 Makefile.certificate %{buildroot}%{_sysconfdir}/pki/tls/certs/Makefile
install -m0755 make-dummy-cert %{buildroot}%{_sysconfdir}/pki/tls/certs/make-dummy-cert
# Pick a CA script.
mv %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA/private
# openssl was named ssleay in "ancient" times.
ln -snf openssl %{buildroot}%{_bindir}/ssleay
# The man pages rand.3 and passwd.1 conflict with other packages
# Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
ln -sf ssl-passwd.1%{_extension} %{buildroot}%{_mandir}/man1/openssl-passwd.1%{_extension}
rm -rf {main,devel}-doc-info
mkdir -p {main,devel}-doc-info
cat - << EOF > main-doc-info/README.Mandriva-manpage
Warning:
The man page of passwd, passwd.1, has been renamed to ssl-passwd.1
to avoid a conflict with passwd.1 man page from the package passwd.
EOF
chmod 755 %{buildroot}%{_libdir}/pkgconfig
%multiarch_includes %{buildroot}%{_includedir}/openssl/opensslconf.h
# strip cannot touch these unless 755
chmod 755 %{buildroot}%{_libdir}/engines-%{major}/*.so*
chmod 755 %{buildroot}%{_libdir}/*.so*
chmod 755 %{buildroot}%{_bindir}/*
# Fix libdir.
pushd %{buildroot}%{_libdir}/pkgconfig
for i in *.pc ; do
sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_lib},g' \
$i >$i.tmp && \
cat $i.tmp >$i && \
rm -f $i.tmp
done
popd
# adjust ssldir
perl -pi -e "s|^CATOP=.*|CATOP=%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
perl -pi -e "s|\./demoCA|%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf
# drop example config
rm -f %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf.dist
%check
# Verify that what was compiled actually works.
export LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
make test
gcc -o openssl-thread-test \
%{?_with_krb5:`krb5-config --cflags`} \
-I./include \
%{optflags} \
openssl-thread-test.c \
-L. -lssl -lcrypto \
%{?_with_krb5:`krb5-config --libs`} \
-lpthread -lz -ldl
./openssl-thread-test --threads 1
Reference in a new issue View git blame Copy permalink