%define oname openssl %define major 1.1 %define engines_name %mklibname openssl-engines %{major} %define libcrypto %mklibname crypto %{major} %define libssl %mklibname ssl %{major} %define openssl_engines_dir %{_libdir}/engines-%{major} %define _optdir /opt %define _docs %{expand: %doc AUTHORS \ %doc CHANGES \ %doc LICENSE \ %doc FAQ \ %doc NEWS \ %doc README \ %doc README.ENGINE } Summary: OpenSSL 1.1 for platforms with OpenSSL 1.0 as the main version of OpenSSL Name: %{oname}%{major} Version: 1.1.1j Release: 1 License: OpenSSL Group: System/Libraries URL: https://www.openssl.org Source0: https://ftp.openssl.org/source/%{oname}-%{version}.tar.gz Source1: fixsimlink.sh Source1000: %{name}.rpmlintrc Source4: openssl-thread-test.c Patch1: openssl-alt-e2k-makecontext.patch BuildRequires: bc BuildRequires: sctp-devel # Take %%_openssldir from here BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(zlib) # for %%check, ./test/run_tests.pl BuildRequires: perl-devel BuildRequires: perl-Module-Load-Conditional BuildRequires: perl(File::Spec::Functions) BuildRequires: perl(File::Basename) BuildRequires: perl(FindBin) BuildRequires: perl(Test::Harness) BuildRequires: perl(Test::More) %if %{mdvver} <= 201610 BuildRequires: perl %else BuildRequires: /usr/bin/pod2html BuildRequires: /usr/bin/pod2man %endif Requires: %{engines_name} = %{EVRD} Requires: perl-base Requires: rootcerts # using /etc/pki/tls from the main openssl package (openssl 1.0) Requires: openssl Provides: openssl%{major} = %{EVRD} %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This is OpenSSL 1.1 for platforms with OpenSSL 1.0 as the main version of OpenSSL. %files %_docs #attr(0755,root,root) %{_bindir}/%{name} #{_mandir}/man[157]/%{name}_* #{_mandir}/man1/%{name}.1* #{_defaultdocdir}/openssl/html/man[157] %{_bindir}/%{name} %{_optdir}/%{name}/bin %{_optdir}/%{name}/lib/*.so.* %{_optdir}/%{name}/lib/engines-%{major}/* %{_optdir}/%{name}/ssl/* #---------------------------------------------------------------------------- %package devel Summary: Development files for openssl1.1 %description devel Development files for openssl1.1 %files devel %_docs %{_optdir}/%{name}/include %{_optdir}/%{name}/lib/*.so %{_optdir}/%{name}/lib/pkgconfig/*.pc #---------------------------------------------------------------------------- %package docs Summary: Documentation for openssl1.1 %description docs Documentation for openssl1.1 %files docs %{_optdir}/%{name}/share/doc/* %{_optdir}/%{name}/share/man/* #---------------------------------------------------------------------------- #%package -n %{engines_name} #Summary: Engines for %{name} #Group: System/Libraries #Provides: %{name}-engines = %{EVRD} #description -n %{engines_name} #This package provides engines for openssl. #files -n %{engines_name} #_docs #attr(0755,root,root) %dir %{openssl_engines_dir}/ #attr(0755,root,root) %{openssl_engines_dir}/*.so #---------------------------------------------------------------------------- #package -n %{libcrypto} #Summary: Secure Sockets Layer communications libs #Group: System/Libraries #Requires: %{libssl} = %{EVRD} #description -n %{libcrypto} #The libraries files are needed for various cryptographic algorithms #and protocols, including DES, RC4, RSA and SSL. #files -n %{libcrypto} #_docs #{_libdir}/libcrypto.so.%{major}* #---------------------------------------------------------------------------- #package -n %{libssl} #Summary: Secure Sockets Layer communications libs #Group: System/Libraries #description -n %{libssl} #The libraries files are needed for various cryptographic algorithms #and protocols, including DES, RC4, RSA and SSL. #files -n %{libssl} #_docs #{_libdir}/libssl.so.%{major}* #---------------------------------------------------------------------------- %prep %autosetup -p1 -n openssl-%{version} cp %{SOURCE4} openssl-thread-test.c chmod +x %{SOURCE1} %build # In rosa2016.1: /usr/bin/ld: crypto/bio/bio_cb.o: relocation R_X86_64_PC32 against undefined symbol # `stderr@@GLIBC_2.2.5' can not be used when making a shared object; recompile with -fPIC %if %{mdvver} <= 201610 %setup_compile_flags # (From openssl rosa2016.1) # Add -Wa,--noexecstack here so that libcrypto's assembler modules will be # marked as not requiring an executable stack. export CFLAGS="$CFLAGS -Wa,--noexecstack" %else %serverbuild %endif # Figure out which flags we want to use. # default sslarch=%{_os}-%{_arch} %ifarch %{ix86} sslarch=linux-elf if ! echo %{_target} | grep -q i[56]86 ; then sslflags="no-asm" fi %endif %ifarch %{arm} sslarch=linux-generic32 %endif # from ALT %ifarch riscv64 %{e2k} sslarch=linux-generic64 %endif # ia64, x86_64, ppc, ppc64 are OK by default # Configure the build tree. Override OpenSSL defaults with known-good defaults # usable on all platforms. The Configure script already knows to use -fPIC and # RPM_OPT_FLAGS, so we can skip specifiying them here. ./Configure \ --prefix=%{_optdir}/%{name} \ ${sslflags} \ enable-camellia \ enable-cms \ enable-md2 \ enable-rc5 \ enable-rfc3779 \ enable-sctp \ enable-seed \ enable-ssl3 \ enable-ssl3-method \ no-ec2m \ no-mdc2 \ no-srp \ zlib-dynamic \ shared \ ${sslarch} # --libdir=%{_libdir} \ # --openssldir=%{_openssldir} \ %make all %check # Verify that what was compiled actually works. export LD_LIBRARY_PATH=%{buildroot}%{_libdir} # from OMV and ALT OPENSSL_ENABLE_MD5_VERIFY= export OPENSSL_ENABLE_MD5_VERIFY OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_SYSTEM_CIPHERS_OVERRIDE # (mikhailnov) TODO: they fail, fix them?! rm -f test/recipes/10-test_bn.t rm -f test/recipes/80-test_ssl_new.t make test %__cc -o openssl-thread-test \ -I./include \ %{optflags} \ openssl-thread-test.c \ -L. -lssl -lcrypto \ -lpthread -lz -ldl ./openssl-thread-test --threads 4 %install %makeinstall_std #( cd %{buildroot}%{_bindir} # mv openssl openssl%{major} #) # Based on libressl, rename mans xxx.N to openssl1.1_xxx.N #for i in $(seq 1 8) #do # man_dir="%{buildroot}%{_mandir}/man${i}" # if [ ! -d "$man_dir" ]; then continue; fi # ( cd "$man_dir" # grep -Irl '/etc/ssl' . | xargs sed -i 's,/etc/ssl,%{_openssldir},g' || : # if find . -name '%{name}_*' | grep -q '.' ; then # echo 'Rewrite spec because upstream %{name}_* manpages appeared!' # exit 1 # fi # # Make all man pages with potentially the same names as in OpenSSL # # be avaialble in standard man directories, but prevent conflicts with OpenSSL # for openssl_manpage in $(ls -1v | grep -vE '^OPENSSL_|^openssl\.') ; do # openssl_LibreSSL_manpage="%{name}_${openssl_manpage}" # mv -v "$openssl_manpage" "$openssl_LibreSSL_manpage" # done # for openssl_manpage in $(ls -1v | grep '^openssl\.') ; do # openssl_LibreSSL_manpage="$(echo "$openssl_manpage" | sed -e 's,openssl,%{name},g')" # mv -v "$openssl_manpage" "$openssl_LibreSSL_manpage" # done # # relink symlinks # error=0 # for i in * # do # if [ ! -L "$i" ]; then continue; fi # realpath="$(realpath "$i")" # if [ ! -e "$realpath"; then # if echo "$realpath" | grep -q '/openssl_' # then new_dest="$(echo "$realpath" | sed -e 's,/openssl_,/%{name}_,g')" # else new_dest="%{name}_$(echo "$realpath" | awk -F '/' '{print $NF}')" # fi # if [ ! -e "$new_dest" ]; then # list_not_e="${list_not_e}\n${new_dest}" # error=1 # fi # rm -fv "$i" # ln -s "$new_dest" "$i" # fi # done # if [ "$error" != 0 ]; then # echo "Not existing destinations: ${list_not_e}" # exit 1 # fi # ) #done # strip cannot touch these unless 755 #chmod 755 %{buildroot}%{openssl_engines_dir}/*.so* #chmod 755 %{buildroot}%{_libdir}/*.so* #chmod 755 %{buildroot}%{_bindir}/* # Remove devel parts (openssl 1.0 is devel) #( cd %{buildroot} # rm -fvr \ # ./%{_bindir}/c_rehash \ # ./%{_libdir}/*.so \ # ./%{_libdir}/*.a \ # ./%{_includedir} \ # ./%{_openssldir} \ # ./%{_libdir}/pkgconfig \ # ./%{_mandir}/man3 \ # ./%{_defaultdocdir}/openssl/html/man3 #) install -d %{buildroot}%{_bindir} ln -sf %{_optdir}/%{name}/bin/%{oname} %{buildroot}%{_bindir}/%{name} # clean .a rm -f %{buildroot}%{_optdir}/%{name}/lib/*.a # mans compress find %{buildroot}%{_optdir}/%{name}/share/man -type f -name "*.*" -exec xz -z {} \; find %{buildroot}%{_optdir}/%{name}/share/man -type l -name "*.*" -exec %{SOURCE1} {} \; find %{buildroot}%{_optdir}/%{name}/share/man -type l -name "*.*" -exec mv -f {} {}.xz \;