%define oname openssl %define major 3 %define minor 1 %define ssl_ver %{major}.%{minor} %define engines_name %mklibname openssl-engines %{major} %define libcrypto %mklibname crypto %{major} %define libssl %mklibname ssl %{major} %define openssl_engines_dir %{_libdir}/engines-%{major} %define _optdir /opt %define _docs %{expand: %doc CONTRIBUTING.md \ %doc CHANGES.md \ %doc LICENSE* \ %doc README* } Summary: OpenSSL %{ssl_ver} for platforms with OpenSSL 1.0 as the main version of OpenSSL Name: %{oname}%{ssl_ver} Version: 3.1.7 Release: 1 License: OpenSSL Group: System/Libraries URL: https://www.openssl.org #Source0: https://ftp.openssl.org/source/%{oname}-%{version}.tar.gz Source0: https://github.com/openssl/openssl/releases/download/%{oname}-%{version}/%{oname}-%{version}.tar.gz Source1: fixsimlink.sh Source1000: %{name}.rpmlintrc Source4: openssl-thread-test.c Patch1: openssl-alt-e2k-makecontext.patch BuildRequires: bc BuildRequires: sctp-devel # Take %%_openssldir from here BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(libzstd) # for %%check, ./test/run_tests.pl BuildRequires: perl-devel BuildRequires: perl-Module-Load-Conditional BuildRequires: perl(File::Spec::Functions) BuildRequires: perl(File::Basename) BuildRequires: perl(FindBin) BuildRequires: perl(Test::Harness) BuildRequires: perl(Test::More) %if %{mdvver} <= 201610 BuildRequires: perl %else BuildRequires: /usr/bin/pod2html BuildRequires: /usr/bin/pod2man %endif #Requires: %{engines_name} = %{EVRD} Requires: perl-base Requires: rootcerts # using /etc/pki/tls from the main openssl package (openssl 1.0) #Requires: openssl Provides: openssl%{major} = %{EVRD} %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This is OpenSSL %{major} for platforms with OpenSSL 1.0 as the main version of OpenSSL. %files %_docs #attr(0755,root,root) %{_bindir}/%{name} #{_mandir}/man[157]/%{name}_* #{_mandir}/man1/%{name}.1* #{_defaultdocdir}/openssl/html/man[157] %{_bindir}/%{name} %{_optdir}/%{name}/bin %{_optdir}/%{name}/%{_lib}/*.so.* %{_optdir}/%{name}/%{_lib}/engines-%{major}/* %{_optdir}/%{name}/ssl/* %{_optdir}/%{name}/%{_lib}/ossl-modules/legacy.so %{_optdir}/%{name}/lib %{_libdir}/*.so.* #---------------------------------------------------------------------------- %package devel Summary: Development files for openssl%{ssl_ver} Requires: %{name} = %{EVRD} %description devel Development files for openssl%{ssl_ver} %files devel %_docs %{_optdir}/%{name}/include %{_optdir}/%{name}/%{_lib}/*.so %{_optdir}/%{name}/%{_lib}/pkgconfig/*.pc #{_optdir}/%{name}/%{_lib}/cmake/OpenSSL/*.cmake #---------------------------------------------------------------------------- %package docs Summary: Documentation for openssl%{major} %description docs Documentation for openssl%{ssl_ver} %files docs %{_optdir}/%{name}/share/doc/* %{_optdir}/%{name}/share/man/* #---------------------------------------------------------------------------- #%package -n %{engines_name} #Summary: Engines for %{name} #Group: System/Libraries #Provides: %{name}-engines = %{EVRD} #description -n %{engines_name} #This package provides engines for openssl. #files -n %{engines_name} #_docs #attr(0755,root,root) %dir %{openssl_engines_dir}/ #attr(0755,root,root) %{openssl_engines_dir}/*.so #---------------------------------------------------------------------------- #package -n %{libcrypto} #Summary: Secure Sockets Layer communications libs #Group: System/Libraries #Requires: %{libssl} = %{EVRD} #description -n %{libcrypto} #The libraries files are needed for various cryptographic algorithms #and protocols, including DES, RC4, RSA and SSL. #files -n %{libcrypto} #_docs #{_libdir}/libcrypto.so.%{major}* #---------------------------------------------------------------------------- #package -n %{libssl} #Summary: Secure Sockets Layer communications libs #Group: System/Libraries #description -n %{libssl} #The libraries files are needed for various cryptographic algorithms #and protocols, including DES, RC4, RSA and SSL. #files -n %{libssl} #_docs #{_libdir}/libssl.so.%{major}* #---------------------------------------------------------------------------- %prep %setup -qn %{oname}-%{version} cp %{SOURCE4} openssl-thread-test.c chmod +x %{SOURCE1} %build # In rosa2016.1: /usr/bin/ld: crypto/bio/bio_cb.o: relocation R_X86_64_PC32 against undefined symbol # `stderr@@GLIBC_2.2.5' can not be used when making a shared object; recompile with -fPIC %if %{mdvver} <= 201610 %setup_compile_flags # (From openssl rosa2016.1) # Add -Wa,--noexecstack here so that libcrypto's assembler modules will be # marked as not requiring an executable stack. export CFLAGS="$CFLAGS -Wa,--noexecstack" %else %serverbuild %endif # Figure out which flags we want to use. # default sslarch=%{_os}-%{_arch} %ifarch %{ix86} sslarch=linux-elf if ! echo %{_target} | grep -q i[56]86 ; then sslflags="no-asm" fi %endif %ifarch %{arm} sslarch=linux-generic32 %endif # from ALT %ifarch riscv64 %{e2k} sslarch=linux-generic64 %endif # ia64, x86_64, ppc, ppc64 are OK by default # Configure the build tree. Override OpenSSL defaults with known-good defaults # usable on all platforms. The Configure script already knows to use -fPIC and # RPM_OPT_FLAGS, so we can skip specifiying them here. ./Configure \ --prefix=%{_optdir}/%{name} \ ${sslflags} \ enable-camellia \ enable-cms \ enable-md2 \ enable-rc5 \ enable-rfc3779 \ enable-sctp \ enable-seed \ enable-ssl3 \ enable-ssl3-method \ no-ec2m \ no-mdc2 \ no-srp \ zlib-dynamic \ enable-gost \ sctp \ shared \ ${sslarch} # --libdir=%{_libdir} \ # --openssldir=%{_openssldir} \ # enable-quic \ # enable-zstd \ # enable-zstd-dynamic \ %make all %check # Verify that what was compiled actually works. export LD_LIBRARY_PATH=%{buildroot}%{_optdir}/%{name}/%{_lib} # from OMV and ALT OPENSSL_ENABLE_MD5_VERIFY= export OPENSSL_ENABLE_MD5_VERIFY OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_SYSTEM_CIPHERS_OVERRIDE # (mikhailnov) TODO: they fail, fix them?! rm -f test/recipes/10-test_bn.t rm -f test/recipes/80-test_ssl_new.t make test %__cc -o openssl-thread-test \ -I./include \ %{optflags} \ openssl-thread-test.c \ -L. -lssl -lcrypto \ -lpthread -lz -ldl ./openssl-thread-test --threads 4 %install %makeinstall_std install -d %{buildroot}%{_bindir} ln -sf %{_optdir}/%{name}/bin/%{oname} %{buildroot}%{_bindir}/%{name} # rename pkg-config pushd %{buildroot}%{_optdir}/%{name}/%{_lib}/pkgconfig mv libcrypto.pc libcrypto%{ssl_ver}.pc mv libssl.pc libssl%{ssl_ver}.pc mv openssl.pc openssl%{ssl_ver}.pc popd # remove TESTs in man rm -f %{buildroot}%{_optdir}/%{name}/share/man/man*/*SELF_TEST* %ifarch x86_64 amd64 # fix lib install -d %{buildroot}%{_libdir} pushd %{buildroot}%{_optdir}/%{name}/ ln -s lib64 lib popd pushd %{buildroot}%{_libdir} ln -sf %{_optdir}/%{name}/%{_lib}/libcrypto.so.3 %{buildroot}%{_libdir}/libcrypto.so.3 ln -sf %{_optdir}/%{name}/%{_lib}/libssl.so.3 %{buildroot}%{_libdir}/libssl.so.3 popd %endif # clean .a rm -f %{buildroot}%{_optdir}/%{name}/%{_lib}/*.a # mans compress find %{buildroot}%{_optdir}/%{name}/share/man -type f -name "*.*" -exec xz -z {} \; find %{buildroot}%{_optdir}/%{name}/share/man -type l -name "*.*" -exec %{SOURCE1} {} \; find %{buildroot}%{_optdir}/%{name}/share/man -type l -name "*.*" -exec mv -f {} {}.xz \;