Djam/openssl1.1
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/openssl1.1.git synced 2025-02-23 16:12:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
openssl1.1/openssl.spec
Mikhail Novosyolov 7539bee3cf Update from 1.0 to 1.1.1g: 
- new major version
- dropped compat libs, seems that there is no more need to be compatible with Red Hat naming (not sure, TODO: check it)
- unified %%docs to easify reading diffs of them
- dropped all patches the aim of which ones is not clear to me and there is not description
- trying to be buildable on e2k for future
- dropped requirements of GOST engine to eventually break this dependency loop, we can preinstall gost-engine where needed by other ways
- GOST engine is no more built here in OpenSSL
- replaced removing of some manuals with renaming them
- now shipping HTML docs (mans)
- switched to upstream location of engines (it now has %%major in it and is OK for us)
- moved everything from /lib to /usr/lib as preparation for merging everything into /usr
- sorted all configure options to improve readability of diffs in the future
- introduced new macros alike LibreSSL package
- added macro %%openssl_engines_dir for reusing in e.g. openssl-gost-engine
- added symlink openssl1.1 -> openssl, because I am thinking of keeping /usr/bin/openssl1.0
  in the openssl1.0 compat package, so adding a similar symlink here for consistency
- explicit file provide /usr/bin/openssl is not needed because it is put automatically by RPM 4
- versionized some provides
- TODO: 2 tests fail for now... Maybe Perl is broken?

Based on:
- 3591a33115
- ALT Linux spec https://packages.altlinux.org/ru/sisyphus/specfiles/openssl1.1
- OpenMandriva spec https://github.com/OpenMandrivaAssociation/openssl/blob/93f1264/openssl.spec
2020-04-23 01:07:26 +03:00

332 lines
9.3 KiB
RPMSpec
Raw Blame History

%define major 1.1
%define engines_name %mklibname openssl-engines %{major}
%define libcrypto %mklibname crypto %{major}
%define libssl %mklibname ssl %{major}
%define devname %mklibname openssl -d
%define staticname %mklibname openssl -s -d
# This directory is defined in /usr/bin/openssl-config and %%_rpmmacrodir/*openssl*
# during the build.
# The purpose is a system-wide definition of this directory
# to guarantee consistency across the whole repository.
%define _openssldir %{_sysconfdir}/pki/tls
%define openssl_engines_dir %{_libdir}/engines-%{major}
%define _docs %{expand:
%doc AUTHORS \
%doc CHANGES \
%doc LICENSE \
%doc FAQ \
%doc NEWS \
%doc README \
%doc README.ENGINE
}
Summary: Secure Sockets Layer communications libs & utils
Name: openssl
Version: 1.1.1g
Release: 1
License: OpenSSL
Group: System/Libraries
Url: https://www.openssl.org
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
Source2: Makefile.certificate
Source3: make-dummy-cert
Source4: openssl-thread-test.c
Source5: openssl-config
Patch1: openssl-alt-e2k-makecontext.patch
BuildRequires: bc
BuildRequires: sctp-devel
BuildRequires: pkgconfig(zlib)
# for %%check, ./test/run_tests.pl
BuildRequires: perl-devel
BuildRequires: perl-Module-Load-Conditional
BuildRequires: perl(File::Spec::Functions)
BuildRequires: perl(File::Basename)
BuildRequires: perl(FindBin)
BuildRequires: perl(Test::Harness)
BuildRequires: perl(Test::More)
Requires: %{engines_name} = %{EVRD}
Requires: perl-base
Requires: rootcerts
Provides: openssl%{major} = %{EVRD}
Provides: openssl-config = %{EVRD}
%description
The openssl certificate management tool and the shared libraries that provide
various encryption and decription algorithms and protocols, including DES, RC4,
RSA and SSL.
%files
%_docs
%dir %{_sysconfdir}/pki
%dir %{_sysconfdir}/pki/CA
%dir %{_sysconfdir}/pki/CA/private
%dir %{_openssldir}
%dir %{_openssldir}/certs
%dir %{_openssldir}/misc
%dir %{_openssldir}/private
%dir %{_openssldir}/rootcerts
%attr(0644,root,root) %config(noreplace) %{_openssldir}/openssl.cnf
%attr(0644,root,root) %config(noreplace) %{_openssldir}/ct_log_list.cnf
%attr(0755,root,root) %{_openssldir}/certs/make-dummy-cert
%attr(0644,root,root) %{_openssldir}/certs/Makefile
%attr(0755,root,root) %{_openssldir}/misc/*
%attr(0755,root,root) %{_bindir}/*
%attr(0644,root,root) %{_mandir}/man[157]/*
%{_defaultdocdir}/openssl/html/man[157]
#----------------------------------------------------------------------------
%package -n %{engines_name}
Summary: Engines for openssl
Group: System/Libraries
Provides: openssl-engines = %{EVRD}
%description -n %{engines_name}
This package provides engines for openssl.
%files -n %{engines_name}
%_docs
%attr(0755,root,root) %dir %{openssl_engines_dir}/
%attr(0755,root,root) %{openssl_engines_dir}/*.so
#----------------------------------------------------------------------------
%package -n %{libcrypto}
Summary: Secure Sockets Layer communications libs
Group: System/Libraries
Requires: %{libssl} = %{EVRD}
%description -n %{libcrypto}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.
%files -n %{libcrypto}
%_docs
%{_libdir}/libcrypto.so.%{major}*
#----------------------------------------------------------------------------
%package -n %{libssl}
Summary: Secure Sockets Layer communications libs
Group: System/Libraries
%description -n %{libssl}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.
%files -n %{libssl}
%_docs
%{_libdir}/libssl.so.%{major}*
#----------------------------------------------------------------------------
%package -n %{devname}
Summary: Secure Sockets Layer communications libs & headers & utils
Group: Development/Other
Requires: %{libssl} = %{EVRD}
Requires: %{libcrypto} = %{EVRD}
Provides: libopenssl-devel = %{EVRD}
Provides: %{name}-devel = %{EVRD}
%description -n %{devname}
The libraries and include files needed to compile apps with support
for various cryptographic algorithms and protocols, including DES, RC4, RSA
and SSL.
%files -n %{devname}
%_docs
%dir %{_includedir}/openssl
%{_includedir}/openssl/*
%{_libdir}/libcrypto.so
%{_libdir}/libssl.so
%{_mandir}/man3/*
%{_defaultdocdir}/openssl/html/man3
%{_libdir}/pkgconfig/*
%{_rpmmacrodir}/*openssl*
#----------------------------------------------------------------------------
%package -n %{staticname}
Summary: Secure Sockets Layer communications static libs
Group: Development/Other
Requires: %{devname} = %{EVRD}
Provides: libopenssl-static-devel = %{EVRD}
Provides: %{name}-static-devel = %{EVRD}
%description -n %{staticname}
The static libraries needed to compile apps with support for various
cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
%files -n %{staticname}
%_docs
%attr(0644,root,root) %{_libdir}/lib*.a
#----------------------------------------------------------------------------
%prep
%autosetup -p1
cp %{SOURCE2} Makefile.certificate
cp %{SOURCE3} make-dummy-cert
cp %{SOURCE4} openssl-thread-test.c
%build
%serverbuild
# Figure out which flags we want to use.
# default
sslarch=%{_os}-%{_arch}
%ifarch %{ix86}
sslarch=linux-elf
if ! echo %{_target} | grep -q i[56]86 ; then
sslflags="no-asm"
fi
%endif
%ifarch %{arm}
sslarch=linux-generic32
%endif
# from ALT
%ifarch riscv64 %{e2k}
sslarch=linux-generic64
%endif
# ia64, x86_64, ppc, ppc64 are OK by default
# Configure the build tree. Override OpenSSL defaults with known-good defaults
# usable on all platforms. The Configure script already knows to use -fPIC and
# RPM_OPT_FLAGS, so we can skip specifiying them here.
./Configure \
--prefix=%{_prefix} \
--libdir=%{_libdir} \
--openssldir=%{_openssldir} \
${sslflags} \
enable-camellia \
enable-cms \
enable-md2 \
enable-rc5 \
enable-rfc3779 \
enable-sctp \
enable-seed \
enable-ssl3 \
enable-ssl3-method \
no-ec2m \
no-mdc2 \
no-srp \
zlib-dynamic \
shared \
${sslarch}
%make all
%check
# Verify that what was compiled actually works.
export LD_LIBRARY_PATH=%{buildroot}%{_libdir}
# from OMV and ALT
OPENSSL_ENABLE_MD5_VERIFY=
export OPENSSL_ENABLE_MD5_VERIFY
OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
export OPENSSL_SYSTEM_CIPHERS_OVERRIDE
# (mikhailnov) TODO: they fail, fix them?!
rm -f test/recipes/10-test_bn.t
rm -f test/recipes/80-test_ssl_new.t
make test
%__cc -o openssl-thread-test \
-I./include \
%{optflags} \
openssl-thread-test.c \
-L. -lssl -lcrypto \
-lpthread -lz -ldl
./openssl-thread-test --threads 4
%install
%makeinstall_std
# make the rootcerts dir
install -d %{buildroot}%{_openssldir}/rootcerts
# Install a makefile for generating keys and self-signed certs, and a script
# for generating them on the fly.
install -d %{buildroot}%{_openssldir}/certs
install -m0644 Makefile.certificate %{buildroot}%{_openssldir}/certs/Makefile
install -m0755 make-dummy-cert %{buildroot}%{_openssldir}/certs/make-dummy-cert
# Pick a CA script.
mv %{buildroot}%{_openssldir}/misc/CA.pl %{buildroot}%{_openssldir}/misc/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA/private
# openssl was named ssleay in "ancient" times.
ln -snf openssl %{buildroot}%{_bindir}/ssleay
ln -snf openssl %{buildroot}%{_bindir}/openssl%{major}
# From ALT Linux
# Rename some man pages, fix references.
for f in passwd.1 config.5; do
name="${f%%.*}"
sect="${f##*.}"
NAME=`printf %%s "$name" |tr '[:lower:]' '[:upper:]'`
sed -i "s/\\<$NAME $sect\\>/SSL&/" %{buildroot}%{_mandir}/man"$sect/$f"
mv -v %{buildroot}%{_mandir}/man"$sect"/{,ssl}"$f"
find %{buildroot}%{_mandir} -type f -print0 |
xargs -r0 grep -FZl "\\fI$name\\fR\\|($sect)" -- |
xargs -r0 subst -p "s/\\\\fI$name\\\\fR\\\\|($sect)/\\\\fIssl$name\\\\fR\\\\|($sect)/" --
find %{buildroot}%{_mandir} -type l |while read link; do
[ "$(readlink -n "$link")" = "$f" ] || continue
ln -sfv "ssl$f" "$link"
done
done
chmod 755 %{buildroot}%{_libdir}/pkgconfig
# strip cannot touch these unless 755
chmod 755 %{buildroot}%{openssl_engines_dir}/*.so*
chmod 755 %{buildroot}%{_libdir}/*.so*
chmod 755 %{buildroot}%{_bindir}/*
# Fix libdir.
pushd %{buildroot}%{_libdir}/pkgconfig
for i in *.pc ; do
sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_libdir},g' \
$i >$i.tmp && \
cat $i.tmp >$i && \
rm -f $i.tmp
done
popd
# adjust ssldir
perl -pi -e "s|^CATOP=.*|CATOP=%{_openssldir}|g" %{buildroot}%{_openssldir}/misc/CA
perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_openssldir}\";|g" %{buildroot}%{_openssldir}/misc/CA.pl
perl -pi -e "s|\./demoCA|%{_openssldir}|g" %{buildroot}%{_openssldir}/openssl.cnf
# remove example configs
rm -fv %{buildroot}%{_openssldir}/*.dist
# install openssl-config
install -m0755 %{SOURCE5} %{buildroot}/%{_bindir}/
# define values in openssl-config
sed -i %{buildroot}/%{_bindir}/openssl-config \
-e "s#@VERSION@#%{version}#g" \
-e "s#@OPENSSLDIR@#%{_openssldir}#g" \
-e "s#@CPPFLAGS@#${CPPFLAGS}#g" \
-e "s#@CFLAGS@#${RPM_OPT_FLAGS}#g" \
-e "s#@LDFLAGS@#%{ldflags}#g"
# test openssl-config
[ "$(%{buildroot}/%{_bindir}/openssl-config --openssldir)" = '%{_openssldir}' ]
# Having sovers as macros may be useful to check that binaries are linked against OpenSSL
# Alike LibreSSL package
cat << EOF > macros.file
%%_openssldir %{_openssldir}
%%openssl_version %{version}
%%openssl_libcrypto_sover %{major}
%%openssl_libssl_sover %{major}
%%openssl_prefix %{_prefix}
%%openssl_engines_dir %{openssl_engines_dir}
EOF
%install_macro openssl macros.file
Reference in a new issue View git blame Copy permalink