###############################################################################
name = openssl
-version = 1.0.0e
-release = 3
+version = 1.0.2d
+release = 2
maintainer = Michael Tremer <michael.tremer@ipfire.org>
groups = System/Libraries
zlib-devel
end
+ CFLAGS += -DPURIFY
+ export RPM_OPT_FLAGS = %{CFLAGS}
+
prepare_cmds
+ sed -e 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' \
+ -i crypto/opensslv.h
+
find crypto/ -name Makefile -exec \
sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \;
- # # Modify the various perl scripts to reference perl in the right location.
- perl util/perlpath.pl /usr/bin
-
# Generate a table with the compile settings for my perusal.
touch Makefile
make TABLE PERL=/usr/bin/perl
end
+ # Set default ssl_arch.
+ ssl_arch = linux-%{DISTRO_ARCH}
+
if "%{DISTRO_ARCH}" == "i686"
# 386 implies no-sse2
ssl_arch = linux-elf no-asm 386
end
if "%{DISTRO_ARCH}" == "armv5tel"
- ssl_arch = linux-generic32
+ ssl_arch = linux-armv4
+ end
+
+ if "%{DISTRO_ARCH}" == "armv7hl"
+ ssl_arch = linux-armv4
end
build
./Configure \
--prefix=/usr \
--openssldir=/etc/pki/tls \
- --enginesdir=/usr/lib/openssl/engines \
+ --enginesdir=%{libdir}/openssl/engines \
shared \
zlib-dynamic \
enable-camellia \
no-idea \
no-mdc2 \
no-rc5 \
- no-ec no-ecdh no-ecdsa \
+ no-ec2m \
+ no-srp \
-DSSL_FORBID_ENULL \
%{ssl_arch}
# Build.
- make depend all build-shared RPM_OPT_FLAGS="%{CFLAGS}" #%{PARALLELISMFLAGS}
+ make depend
+ make all
# Generate hashes for the included certs.
- make rehash build-shared
+ make rehash
end
test
+ # Revert ca-dir patch. Otherwise the tests will fail.
+ patch -Np1 -R < %{DIR_PATCHES}/openssl-1.0.0-beta4-ca-dir.patch
+
make test
end
install
make install build-shared INSTALL_PREFIX=%{BUILDROOT}
- mkdir -pv %{BUILDROOT}/lib
- mv -vf %{BUILDROOT}/usr/lib/lib{crypto,ssl}.so.* %{BUILDROOT}/lib
- ln -svf ../../lib/libcrypto.so.10 %{BUILDROOT}/usr/lib/libcrypto.so
- ln -svf ../../lib/libssl.so.10 %{BUILDROOT}/usr/lib/libssl.so
-
# Install manpages do right place
mkdir -pv %{BUILDROOT}/usr/share
mv -v %{BUILDROOT}/etc/pki/tls/man %{BUILDROOT}/usr/share/
- mkdir -pv %{BUILDROOT}/usr/lib/openssl
- mv -v %{BUILDROOT}/usr/lib/engines %{BUILDROOT}/usr/lib/openssl
+ mkdir -pv %{BUILDROOT}%{libdir}/openssl
+ mv -v %{BUILDROOT}%{libdir}/engines %{BUILDROOT}%{libdir}/openssl
mkdir -pv %{BUILDROOT}/etc/pki/CA/private
chmod -v 700 -R %{BUILDROOT}/etc/pki/CA
cp -v -r certs %{BUILDROOT}/etc/pki/tls
# Rename man pages so that they don't conflict with other system man pages.
- pushd ${BUILDROOT}/usr/share/man
- for manpage in man*/*; do
- if [ -L ${manpage} ]; then
- TARGET=`ls -l ${manpage} | awk '{ print $NF }'`
- ln -snf ${TARGET}ssl ${manpage}ssl
- rm -f ${manpage}
- else
- mv ${manpage} ${manpage}ssl
- fi
+ pushd %{BUILDROOT}%{mandir}
+ for m in $(find . -type f | xargs grep -L '#include'); do
+ d="${m%/*}"
+ d="${d#./}"
+ m="${m##*/}"
+ [[ ${m} == openssl.1* ]] && continue
+ [[ -n "$(find -L "${d}" -type l)" ]] && exit 1
+ mv ${d}/{,ssl-}${m}
+
+ # fix up references to renamed man pages
+ sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' "${d}/ssl-${m}"
+ ln -s "ssl-${m}" "${d}/openssl-${m}"
+
+ # locate any symlinks that point to this man page ... we assume
+ # that any broken links are due to the above renaming
+ for s in $(find -L "${d}" -type l); do
+ s="${s##*/}"
+ rm -f "${d}/${s}"
+ ln -s "ssl-${m}" "${d}/ssl-${s}"
+ ln -s "ssl-${s}" "${d}/openssl-${s}"
+ done
done
- mv -v %{BUILDROOT}/usr/share/man/man1/{,ssl}passwd.1
- mv -v %{BUILDROOT}/usr/share/man/man1/{,ssl}rand.1
+ [[ -n "$(find -L "${d}" -type l)" ]] && exit 1 # "broken manpage links found :("
popd
end
end
packages
package %{name}
+ requires += %{name}-libs = %{thisver}
+ end
+
+ package %{name}-libs
+ template LIBS
+
+ requires += ca-certificates
+
+ conflicts += %{name} < %{thisver}
+
+ files += %{libdir}/openssl
+ end
package %{name}-devel
template DEVEL