to openssl1.1

Makefile.certificate

@@ -1,74 +0,0 @@
-UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
-SERIAL=0
-
-.PHONY: usage
-.SUFFIXES: .key .csr .crt .pem
-.PRECIOUS: %.key %.csr %.crt %.pem
-
-usage:
-	@echo "This makefile allows you to create:"
-	@echo "  o public/private key pairs"
-	@echo "  o SSL certificate signing requests (CSRs)"
-	@echo "  o self-signed SSL test certificates"
-	@echo
-	@echo "To create a key pair, run \"make SOMETHING.key\"."
-	@echo "To create a CSR, run \"make SOMETHING.csr\"."
-	@echo "To create a test certificate, run \"make SOMETHING.crt\"."
-	@echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
-	@echo
-	@echo "To create a key for use with Apache, run \"make genkey\"."
-	@echo "To create a CSR for use with Apache, run \"make certreq\"."
-	@echo "To create a test certificate for use with Apache, run \"make testcert\"."
-	@echo
-	@echo "To create a test certificate with serial number other than zero, add SERIAL=num"
-	@echo
-	@echo Examples:
-	@echo "  make server.key"
-	@echo "  make server.csr"
-	@echo "  make server.crt"
-	@echo "  make stunnel.pem"
-	@echo "  make genkey"
-	@echo "  make certreq"
-	@echo "  make testcert"
-	@echo "  make server.crt SERIAL=1"
-	@echo "  make stunnel.pem SERIAL=2"
-	@echo "  make testcert SERIAL=3"
-
-%.pem:
-	umask 77 ; \
-	PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
-	PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
-	/usr/bin/openssl req $(UTF8) -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
-	cat $$PEM1 >  $@ ; \
-	echo ""    >> $@ ; \
-	cat $$PEM2 >> $@ ; \
-	$(RM) $$PEM1 $$PEM2
-
-%.key:
-	umask 77 ; \
-	/usr/bin/openssl genrsa -des3 1024 > $@
-
-%.csr: %.key
-	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $^ -out $@
-
-%.crt: %.key
-	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
-
-TLSROOT=/etc/pki/tls
-KEY=$(TLSROOT)/private/localhost.key
-CSR=$(TLSROOT)/certs/localhost.csr
-CRT=$(TLSROOT)/certs/localhost.crt
-
-genkey: $(KEY)
-certreq: $(CSR)
-testcert: $(CRT)
-
-$(CSR): $(KEY)
-	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR)
-
-$(CRT): $(KEY)
-	umask 77 ; \
-	/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)

make-dummy-cert

@@ -1,40 +0,0 @@
-#!/bin/sh
-umask 077
-
-answers()
-{
-	echo --
-	echo SomeState
-	echo SomeCity
-	echo SomeOrganization
-	echo SomeOrganizationalUnit
-	echo localhost.localdomain
-	echo root@localhost.localdomain
-}
-
-if [ $# -eq 0 ] ; then
-	echo >&2 "Usage: ${0##*/} filename [...]"
-	exit 1
-fi
-
-WORKDIR=
-exit_handler()
-{
-	[ -z "$WORKDIR" ] || rm -rf "$WORKDIR"
-	exit "$@"
-}
-
-trap 'exit_handler $?' EXIT
-trap 'exit 143' HUP INT QUIT PIPE TERM
-WORKDIR="$(mktemp -dt "${0##*/}.XXXXXXXXXX")" || exit
-PEM1="$WORKDIR/pem1"
-PEM2="$WORKDIR/pem2"
-
-for target; do
-	answers |
-		openssl req -newkey rsa:2048 -keyout "$PEM1" -nodes -x509 -days 365 -out "$PEM2" 2>/dev/null
-	cat "$PEM1" >  "$target"
-	echo        >> "$target"
-	cat "$PEM2" >> "$target"
-	rm -f "$PEM1" "$PEM2"
-done

openssl-config

@@ -1,68 +0,0 @@
-#!/bin/sh
-
-# openssl-config
-# provides configuration info for openssl.
-
-version="@VERSION@"
-openssldir="@OPENSSLDIR@"
-cppflags="@CPPFLAGS@"
-cflags="@CFLAGS@"
-ldflags="@LDFLAGS@"
-libs="-lcrypto -lssl"
-
-usage()
-{
-    cat <<EOF
-Usage: openssl-config [OPTION] ...
-
-Known values for OPTION are:
-
-  --openssldir		print OpenSSL directory
-  --cflags              print compiler flags
-  --cppflags            print pre-processor flags
-  --ldflags             print loader flags
-  --libs                print library linking information
-  --help                display this help and exit
-  --version             output version information
-EOF
-
-    exit $1
-}
-
-if test $# -eq 0; then
-    usage 1
-fi
-
-while test $# -gt 0; do
-    case "$1" in
-    --openssldir)
-        echo "${openssldir}"
-        ;;
-    --cflags)
-        echo "${cflags}"
-        ;;
-    --cppflags)
-        echo "${cppflags}"
-        ;;
-    --libs)
-        echo "${libs}"
-        ;;
-    --ldflags)
-        echo "${ldflags}"
-        ;;
-    --version)
-        echo "${version}"
-        exit 0
-        ;;
-    --help)
-        usage 0
-        ;;
-    *)
-        usage
-        exit 1
-        ;;
-    esac
-    shift
-done
-
-exit 0

openssl.spec

@@ -1,336 +0,0 @@
-%define major 1.1
-%define engines_name %mklibname openssl-engines %{major}
-%define libcrypto %mklibname crypto %{major}
-%define libssl %mklibname ssl %{major}
-%define devname %mklibname openssl -d
-%define staticname %mklibname openssl -s -d
-
-# This directory is defined in /usr/bin/openssl-config and %%_rpmmacrodir/*openssl*
-# during the build.
-# The purpose is a system-wide definition of this directory
-# to guarantee consistency across the whole repository.
-%define _openssldir %{_sysconfdir}/pki/tls
-%define openssl_engines_dir %{_libdir}/engines-%{major}
-
-%define _docs %{expand:
-%doc AUTHORS \
-%doc CHANGES \
-%doc LICENSE \
-%doc FAQ \
-%doc NEWS \
-%doc README \
-%doc README.ENGINE
-}
-
-Summary:	Secure Sockets Layer communications libs & utils
-Name:		openssl
-Version:	1.1.1g
-Release:	4
-License:	OpenSSL
-Group:		System/Libraries
-Url:		https://www.openssl.org
-Source0:	ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-Source1:	openssl.rpmlintrc
-Source2:	Makefile.certificate
-Source3:	make-dummy-cert
-Source4:	openssl-thread-test.c
-Source5:	openssl-config
-Patch1:		openssl-alt-e2k-makecontext.patch
-BuildRequires:	bc
-BuildRequires:	sctp-devel
-BuildRequires:	pkgconfig(zlib)
-# for %%check, ./test/run_tests.pl
-BuildRequires:	perl-devel
-BuildRequires:	perl-Module-Load-Conditional
-BuildRequires:	perl(File::Spec::Functions)
-BuildRequires:	perl(File::Basename)
-BuildRequires:	perl(FindBin)
-BuildRequires:	perl(Test::Harness)
-BuildRequires:	perl(Test::More)
-BuildRequires:	/usr/bin/pod2html
-BuildRequires:	/usr/bin/pod2man
-Requires:	%{engines_name} = %{EVRD}
-Requires:	perl-base
-Requires:	rootcerts
-Provides:	openssl%{major} = %{EVRD}
-Provides:	openssl-config = %{EVRD}
-
-%description
-The openssl certificate management tool and the shared libraries that provide
-various encryption and decription algorithms and protocols, including DES, RC4,
-RSA and SSL.
-
-%files
-%_docs
-%dir %{_sysconfdir}/pki
-%dir %{_sysconfdir}/pki/CA
-%dir %{_sysconfdir}/pki/CA/private
-%dir %{_openssldir}
-%dir %{_openssldir}/certs
-%dir %{_openssldir}/misc
-%dir %{_openssldir}/private
-%dir %{_openssldir}/rootcerts
-%attr(0644,root,root) %config(noreplace) %{_openssldir}/openssl.cnf
-%attr(0644,root,root) %config(noreplace) %{_openssldir}/ct_log_list.cnf
-%attr(0755,root,root) %{_openssldir}/certs/make-dummy-cert
-%attr(0644,root,root) %{_openssldir}/certs/Makefile
-%attr(0755,root,root) %{_openssldir}/misc/*
-%attr(0755,root,root) %{_bindir}/*
-%attr(0644,root,root) %{_mandir}/man[157]/*
-%{_defaultdocdir}/openssl/html/man[157]
-
-#----------------------------------------------------------------------------
-
-%package -n %{engines_name}
-Summary:	Engines for openssl
-Group:		System/Libraries
-Provides:	openssl-engines = %{EVRD}
-
-%description -n %{engines_name}
-This package provides engines for openssl.
-
-%files -n %{engines_name}
-%_docs
-%attr(0755,root,root) %dir %{openssl_engines_dir}/
-%attr(0755,root,root) %{openssl_engines_dir}/*.so
-
-#----------------------------------------------------------------------------
-
-%package -n %{libcrypto}
-Summary:	Secure Sockets Layer communications libs
-Group:		System/Libraries
-Requires:	%{libssl} = %{EVRD}
-
-%description -n %{libcrypto}
-The libraries files are needed for various cryptographic algorithms
-and protocols, including DES, RC4, RSA and SSL.
-
-%files -n %{libcrypto}
-%_docs
-%{_libdir}/libcrypto.so.%{major}*
-
-#----------------------------------------------------------------------------
-
-%package -n %{libssl}
-Summary:	Secure Sockets Layer communications libs
-Group:		System/Libraries
-
-%description -n %{libssl}
-The libraries files are needed for various cryptographic algorithms
-and protocols, including DES, RC4, RSA and SSL.
-
-%files -n %{libssl}
-%_docs
-%{_libdir}/libssl.so.%{major}*
-
-#----------------------------------------------------------------------------
-
-%package -n %{devname}
-Summary:	Secure Sockets Layer communications libs & headers & utils
-Group:		Development/Other
-Requires:	%{libssl} = %{EVRD}
-Requires:	%{libcrypto} = %{EVRD}
-Provides:	libopenssl-devel = %{EVRD}
-Provides:	%{name}-devel = %{EVRD}
-
-%description -n %{devname}
-The libraries and include files needed to compile apps with support
-for various cryptographic algorithms and protocols, including DES, RC4, RSA
-and SSL.
-
-%files -n %{devname}
-%_docs
-%dir %{_includedir}/openssl
-%{_includedir}/openssl/*
-%{_libdir}/libcrypto.so
-%{_libdir}/libssl.so
-%{_mandir}/man3/*
-%{_defaultdocdir}/openssl/html/man3
-%{_libdir}/pkgconfig/*
-%{_rpmmacrodir}/*openssl*
-
-#----------------------------------------------------------------------------
-
-%package -n %{staticname}
-Summary:	Secure Sockets Layer communications static libs
-Group:		Development/Other
-Requires:	%{devname} = %{EVRD}
-Provides:	libopenssl-static-devel = %{EVRD}
-Provides:	%{name}-static-devel = %{EVRD}
-
-%description -n %{staticname}
-The static libraries needed to compile apps with support for various
-cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
-
-%files -n %{staticname}
-%_docs
-%attr(0644,root,root) %{_libdir}/lib*.a
-
-#----------------------------------------------------------------------------
-
-%prep
-%autosetup -p1
-
-cp %{SOURCE2} Makefile.certificate
-cp %{SOURCE3} make-dummy-cert
-cp %{SOURCE4} openssl-thread-test.c
-
-%build
-%serverbuild
-
-# Figure out which flags we want to use.
-# default
-sslarch=%{_os}-%{_arch}
-%ifarch %{ix86}
-sslarch=linux-elf
-if ! echo %{_target} | grep -q i[56]86 ; then
-	sslflags="no-asm"
-fi
-%endif
-%ifarch %{arm}
-sslarch=linux-generic32
-%endif
-# from ALT
-%ifarch riscv64 %{e2k}
-sslarch=linux-generic64
-%endif
-
-# ia64, x86_64, ppc, ppc64 are OK by default
-# Configure the build tree.  Override OpenSSL defaults with known-good defaults
-# usable on all platforms.  The Configure script already knows to use -fPIC and
-# RPM_OPT_FLAGS, so we can skip specifiying them here.
-./Configure \
-	--prefix=%{_prefix} \
-	--libdir=%{_libdir} \
-	--openssldir=%{_openssldir} \
-	${sslflags} \
-	enable-camellia \
-	enable-cms \
-	enable-md2 \
-	enable-rc5 \
-	enable-rfc3779 \
-	enable-sctp \
-	enable-seed \
-	enable-ssl3 \
-	enable-ssl3-method \
-	no-ec2m \
-	no-mdc2 \
-	no-srp \
-	zlib-dynamic \
-	shared \
-	${sslarch}
-
-%make all
-
-%check
-# Verify that what was compiled actually works.
-export LD_LIBRARY_PATH=%{buildroot}%{_libdir}
-# from OMV and ALT
-OPENSSL_ENABLE_MD5_VERIFY=
-export OPENSSL_ENABLE_MD5_VERIFY
-OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
-export OPENSSL_SYSTEM_CIPHERS_OVERRIDE
-# (mikhailnov) TODO: they fail, fix them?!
-rm -f test/recipes/10-test_bn.t
-rm -f test/recipes/80-test_ssl_new.t   
-make test
-
-%__cc -o openssl-thread-test \
-	-I./include \
-	%{optflags} \
-	openssl-thread-test.c \
-	-L. -lssl -lcrypto \
-	-lpthread -lz -ldl
-
-./openssl-thread-test --threads 4
-
-%install
-
-%makeinstall_std
-
-# make the rootcerts dir
-install -d %{buildroot}%{_openssldir}/rootcerts
-
-# Install a makefile for generating keys and self-signed certs, and a script
-# for generating them on the fly.
-install -d %{buildroot}%{_openssldir}/certs
-install -m0644 Makefile.certificate %{buildroot}%{_openssldir}/certs/Makefile
-install -m0755 make-dummy-cert %{buildroot}%{_openssldir}/certs/make-dummy-cert
-
-# Pick a CA script.
-mv %{buildroot}%{_openssldir}/misc/CA.pl %{buildroot}%{_openssldir}/misc/CA
-
-install -d %{buildroot}%{_sysconfdir}/pki/CA
-install -d %{buildroot}%{_sysconfdir}/pki/CA/private
-
-# openssl was named ssleay in "ancient" times.
-ln -snf openssl %{buildroot}%{_bindir}/ssleay
-
-ln -snf openssl %{buildroot}%{_bindir}/openssl%{major}
-
-# From ALT Linux
-# Rename some man pages, fix references.
-for f in passwd.1 config.5; do
-name="${f%%.*}"
-sect="${f##*.}"
-NAME=`printf %%s "$name" |tr '[:lower:]' '[:upper:]'`
-sed -i "s/\\<$NAME $sect\\>/SSL&/" %{buildroot}%{_mandir}/man"$sect/$f"
-mv -v %{buildroot}%{_mandir}/man"$sect"/{,ssl}"$f"
-find %{buildroot}%{_mandir} -type f -print0 |
-xargs -r0 grep -FZl "\\fI$name\\fR\\|($sect)" -- |
-xargs -r0 subst -p "s/\\\\fI$name\\\\fR\\\\|($sect)/\\\\fIssl$name\\\\fR\\\\|($sect)/" --
-find %{buildroot}%{_mandir} -type l |while read link; do
-[ "$(readlink -n "$link")" = "$f" ] || continue
-ln -sfv "ssl$f" "$link"
-done
-done
-
-chmod 755 %{buildroot}%{_libdir}/pkgconfig
-
-# strip cannot touch these unless 755
-chmod 755 %{buildroot}%{openssl_engines_dir}/*.so*
-chmod 755 %{buildroot}%{_libdir}/*.so*
-chmod 755 %{buildroot}%{_bindir}/*
-
-# Fix libdir.
-pushd %{buildroot}%{_libdir}/pkgconfig
-	for i in *.pc ; do
-		sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_libdir},g' \
-			$i >$i.tmp && \
-			cat $i.tmp >$i && \
-			rm -f $i.tmp
-	done
-popd
-
-# adjust ssldir
-perl -pi -e "s|^CATOP=.*|CATOP=%{_openssldir}|g" %{buildroot}%{_openssldir}/misc/CA
-perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_openssldir}\";|g" %{buildroot}%{_openssldir}/misc/CA.pl
-perl -pi -e "s|\./demoCA|%{_openssldir}|g" %{buildroot}%{_openssldir}/openssl.cnf
-
-# remove example configs
-rm -fv %{buildroot}%{_openssldir}/*.dist
-
-# install openssl-config
-install -m0755 %{SOURCE5} %{buildroot}/%{_bindir}/
-# define values in openssl-config
-sed -i %{buildroot}/%{_bindir}/openssl-config \
-	-e "s#@VERSION@#%{version}#g" \
-	-e "s#@OPENSSLDIR@#%{_openssldir}#g" \
-	-e "s#@CPPFLAGS@#${CPPFLAGS}#g" \
-	-e "s#@CFLAGS@#${RPM_OPT_FLAGS}#g" \
-	-e "s#@LDFLAGS@#%{ldflags}#g"
-# test openssl-config
-[ "$(%{buildroot}/%{_bindir}/openssl-config --openssldir)" = '%{_openssldir}' ]
-
-# Having sovers as macros may be useful to check that binaries are linked against OpenSSL
-# Alike LibreSSL package
-cat << EOF > macros.file
-%%_openssldir %{_openssldir}
-%%openssl_version %{version}
-%%openssl_major %{major}
-%%openssl_libcrypto_sover %{major}
-%%openssl_libssl_sover %{major}
-%%openssl_prefix %{_prefix}
-%%openssl_engines_dir %{openssl_engines_dir}
-EOF
-%install_macro openssl macros.file

openssl1.1.spec

@@ -0,0 +1,256 @@
+%define major 1.1
+%define engines_name %mklibname openssl-engines %{major}
+%define libcrypto %mklibname crypto %{major}
+%define libssl %mklibname ssl %{major}
+
+%define openssl_engines_dir %{_libdir}/engines-%{major}
+
+%define _docs %{expand:
+%doc AUTHORS \
+%doc CHANGES \
+%doc LICENSE \
+%doc FAQ \
+%doc NEWS \
+%doc README \
+%doc README.ENGINE
+}
+
+Summary:	OpenSSL 1.1 for platforms with OpenSSL 1.0 as the main version of OpenSSL
+Name:		openssl1.1
+Version:	1.1.1g
+Release:	1
+License:	OpenSSL
+Group:		System/Libraries
+Url:		https://www.openssl.org
+Source0:	ftp://ftp.openssl.org/source/openssl-%{version}.tar.gz
+Source1:	%{name}.rpmlintrc
+Source4:	openssl-thread-test.c
+Patch1:		openssl-alt-e2k-makecontext.patch
+BuildRequires:	bc
+BuildRequires:	sctp-devel
+# Take %%_openssldir from here
+BuildRequires:	pkgconfig(openssl)
+BuildRequires:	pkgconfig(zlib)
+# for %%check, ./test/run_tests.pl
+BuildRequires:	perl-devel
+BuildRequires:	perl-Module-Load-Conditional
+BuildRequires:	perl(File::Spec::Functions)
+BuildRequires:	perl(File::Basename)
+BuildRequires:	perl(FindBin)
+BuildRequires:	perl(Test::Harness)
+BuildRequires:	perl(Test::More)
+BuildRequires:	/usr/bin/pod2html
+BuildRequires:	/usr/bin/pod2man
+Requires:	%{engines_name} = %{EVRD}
+Requires:	perl-base
+Requires:	rootcerts
+# using /etc/pki/tls from the main openssl package (openssl 1.0)
+Requires:	openssl
+Provides:	openssl%{major} = %{EVRD}
+
+%description
+The openssl certificate management tool and the shared libraries that provide
+various encryption and decription algorithms and protocols, including DES, RC4,
+RSA and SSL.
+This is OpenSSL 1.1 for platforms with OpenSSL 1.0 as the main version of OpenSSL.
+
+%files
+%_docs
+%attr(0755,root,root) %{_bindir}/%{name}
+%{_mandir}/man[157]/%{name}_*
+%{_mandir}/man1/%{name}.1*
+%{_defaultdocdir}/openssl/html/man[157]
+
+#----------------------------------------------------------------------------
+
+%package -n %{engines_name}
+Summary:	Engines for %{name}
+Group:		System/Libraries
+Provides:	%{name}-engines = %{EVRD}
+
+%description -n %{engines_name}
+This package provides engines for openssl.
+
+%files -n %{engines_name}
+%_docs
+%attr(0755,root,root) %dir %{openssl_engines_dir}/
+%attr(0755,root,root) %{openssl_engines_dir}/*.so
+
+#----------------------------------------------------------------------------
+
+%package -n %{libcrypto}
+Summary:	Secure Sockets Layer communications libs
+Group:		System/Libraries
+Requires:	%{libssl} = %{EVRD}
+
+%description -n %{libcrypto}
+The libraries files are needed for various cryptographic algorithms
+and protocols, including DES, RC4, RSA and SSL.
+
+%files -n %{libcrypto}
+%_docs
+%{_libdir}/libcrypto.so.%{major}*
+
+#----------------------------------------------------------------------------
+
+%package -n %{libssl}
+Summary:	Secure Sockets Layer communications libs
+Group:		System/Libraries
+
+%description -n %{libssl}
+The libraries files are needed for various cryptographic algorithms
+and protocols, including DES, RC4, RSA and SSL.
+
+%files -n %{libssl}
+%_docs
+%{_libdir}/libssl.so.%{major}*
+
+#----------------------------------------------------------------------------
+
+%prep
+%autosetup -p1 -n openssl-%{version}
+
+cp %{SOURCE4} openssl-thread-test.c
+
+%build
+%serverbuild
+
+# Figure out which flags we want to use.
+# default
+sslarch=%{_os}-%{_arch}
+%ifarch %{ix86}
+sslarch=linux-elf
+if ! echo %{_target} | grep -q i[56]86 ; then
+	sslflags="no-asm"
+fi
+%endif
+%ifarch %{arm}
+sslarch=linux-generic32
+%endif
+# from ALT
+%ifarch riscv64 %{e2k}
+sslarch=linux-generic64
+%endif
+
+# ia64, x86_64, ppc, ppc64 are OK by default
+# Configure the build tree.  Override OpenSSL defaults with known-good defaults
+# usable on all platforms.  The Configure script already knows to use -fPIC and
+# RPM_OPT_FLAGS, so we can skip specifiying them here.
+./Configure \
+	--prefix=%{_prefix} \
+	--libdir=%{_libdir} \
+	--openssldir=%{_openssldir} \
+	${sslflags} \
+	enable-camellia \
+	enable-cms \
+	enable-md2 \
+	enable-rc5 \
+	enable-rfc3779 \
+	enable-sctp \
+	enable-seed \
+	enable-ssl3 \
+	enable-ssl3-method \
+	no-ec2m \
+	no-mdc2 \
+	no-srp \
+	zlib-dynamic \
+	shared \
+	${sslarch}
+
+%make all
+
+%check
+# Verify that what was compiled actually works.
+export LD_LIBRARY_PATH=%{buildroot}%{_libdir}
+# from OMV and ALT
+OPENSSL_ENABLE_MD5_VERIFY=
+export OPENSSL_ENABLE_MD5_VERIFY
+OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
+export OPENSSL_SYSTEM_CIPHERS_OVERRIDE
+# (mikhailnov) TODO: they fail, fix them?!
+rm -f test/recipes/10-test_bn.t
+rm -f test/recipes/80-test_ssl_new.t   
+make test
+
+%__cc -o openssl-thread-test \
+	-I./include \
+	%{optflags} \
+	openssl-thread-test.c \
+	-L. -lssl -lcrypto \
+	-lpthread -lz -ldl
+
+./openssl-thread-test --threads 4
+
+%install
+
+%makeinstall_std
+( cd %{buildroot}%{_bindir}
+  mv openssl openssl%{major}
+)
+
+# Based on libressl, rename mans xxx.N to openssl1.1_xxx.N
+for i in $(seq 1 8)
+do
+  man_dir="%{buildroot}%{_mandir}/man${i}"
+  if [ ! -d "$man_dir" ]; then continue; fi
+  ( cd "$man_dir"
+    grep -Irl '/etc/ssl' . | xargs sed -i 's,/etc/ssl,%{_openssldir},g' || :
+    if find . -name '%{name}_*' | grep -q '.' ; then
+      echo 'Rewrite spec because upstream %{name}_* manpages appeared!'
+      exit 1
+    fi
+    # Make all man pages with potentially the same names as in OpenSSL
+    # be avaialble in standard man directories, but prevent conflicts with OpenSSL
+    for openssl_manpage in $(ls -1v | grep -vE '^OPENSSL_|^openssl\.') ; do
+      openssl_LibreSSL_manpage="%{name}_${openssl_manpage}"
+      mv -v "$openssl_manpage" "$openssl_LibreSSL_manpage"
+    done
+    for openssl_manpage in $(ls -1v | grep '^openssl\.') ; do
+      openssl_LibreSSL_manpage="$(echo "$openssl_manpage" | sed -e 's,openssl,%{name},g')"
+      mv -v "$openssl_manpage" "$openssl_LibreSSL_manpage"
+    done
+
+    # relink symlinks
+    error=0
+    for i in *
+    do
+	  if [ ! -L "$i" ]; then continue; fi
+      realpath="$(realpath "$i")"
+      if [ ! -e "$realpath"; then
+	    if echo "$realpath" | grep -q '/openssl_'
+	      then new_dest="$(echo "$realpath" | sed -e 's,/openssl_,/%{name}_,g')"
+	      else new_dest="%{name}_$(echo "$realpath" | awk -F '/' '{print $NF}')"
+	    fi
+	    if [ ! -e "$new_dest" ]; then
+		  list_not_e="${list_not_e}\n${new_dest}"
+		  error=1
+		fi
+		rm -fv "$i"
+		ln -s "$new_dest" "$i"
+	  fi
+	done
+	if [ "$error" != 0 ]; then
+	  echo "Not existing destinations: ${list_not_e}"
+	  exit 1
+	fi
+  )
+done
+
+# strip cannot touch these unless 755
+chmod 755 %{buildroot}%{openssl_engines_dir}/*.so*
+chmod 755 %{buildroot}%{_libdir}/*.so*
+chmod 755 %{buildroot}%{_bindir}/*
+
+# Remove devel parts (openssl 1.0 is devel)
+( cd %{buildroot}
+  rm -fvr \
+	./%{_bindir}/c_rehash \
+	./%{_libdir}/*.so \
+	./%{_libdir}/*.a \
+	./%{_includedir} \
+	./%{_openssldir} \
+	./%{_libdir}/pkgconfig \
+	./%{_mandir}/man3 \
+	./%{_defaultdocdir}/openssl/html/man3
+)
+