############################################################################### # IPFire.org - An Open Source Firewall Solution # # Copyright (C) - IPFire Development Team # ############################################################################### name = openssl version = 1.0.2c release = 1 maintainer = Michael Tremer groups = System/Libraries url = http://www.openssl.org/ license = OpenSSL summary = A general purpose cryptography library with TLS implementation. description The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. end source_dl = http://openssl.org/source/ build requires bc gnutls-devel perl util-linux zlib-devel end CFLAGS += -DPURIFY export RPM_OPT_FLAGS = %{CFLAGS} prepare_cmds sed -e 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' \ -i crypto/opensslv.h find crypto/ -name Makefile -exec \ sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \; # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl /usr/bin # Generate a table with the compile settings for my perusal. touch Makefile make TABLE PERL=/usr/bin/perl end # Set default ssl_arch. ssl_arch = linux-%{DISTRO_ARCH} if "%{DISTRO_ARCH}" == "i686" # 386 implies no-sse2 ssl_arch = linux-elf no-asm 386 end if "%{DISTRO_ARCH}" == "armv5tel" ssl_arch = linux-generic32 end if "%{DISTRO_ARCH}" == "armv7hl" ssl_arch = linux-generic32 end build ./Configure \ --prefix=/usr \ --openssldir=/etc/pki/tls \ --enginesdir=%{libdir}/openssl/engines \ shared \ zlib-dynamic \ enable-camellia \ enable-md2 \ enable-seed \ enable-tlsext \ enable-rfc3779 \ no-idea \ no-mdc2 \ no-rc5 \ no-ec2m \ no-srp \ -DSSL_FORBID_ENULL \ %{ssl_arch} # Build. make depend make all # Generate hashes for the included certs. make rehash end test # Revert ca-dir patch. Otherwise the tests will fail. patch -Np1 -R < %{DIR_PATCHES}/openssl-1.0.0-beta4-ca-dir.patch make test end install make install build-shared INSTALL_PREFIX=%{BUILDROOT} # Install manpages do right place mkdir -pv %{BUILDROOT}/usr/share mv -v %{BUILDROOT}/etc/pki/tls/man %{BUILDROOT}/usr/share/ mkdir -pv %{BUILDROOT}%{libdir}/openssl mv -v %{BUILDROOT}%{libdir}/engines %{BUILDROOT}%{libdir}/openssl mkdir -pv %{BUILDROOT}/etc/pki/CA/private chmod -v 700 -R %{BUILDROOT}/etc/pki/CA mkdir -pv %{BUILDROOT}/etc/pki/tls install -m 0644 %{DIR_SOURCE}/openssl.cnf %{BUILDROOT}/etc/pki/tls cp -v -r certs %{BUILDROOT}/etc/pki/tls # Rename man pages so that they don't conflict with other system man pages. pushd %{BUILDROOT}%{mandir} for m in $(find . -type f | xargs grep -L '#include'); do d="${m%/*}" d="${d#./}" m="${m##*/}" [[ ${m} == openssl.1* ]] && continue [[ -n "$(find -L "${d}" -type l)" ]] && exit 1 mv ${d}/{,ssl-}${m} # fix up references to renamed man pages sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' "${d}/ssl-${m}" ln -s "ssl-${m}" "${d}/openssl-${m}" # locate any symlinks that point to this man page ... we assume # that any broken links are due to the above renaming for s in $(find -L "${d}" -type l); do s="${s##*/}" rm -f "${d}/${s}" ln -s "ssl-${m}" "${d}/ssl-${s}" ln -s "ssl-${s}" "${d}/openssl-${s}" done done [[ -n "$(find -L "${d}" -type l)" ]] && exit 1 # "broken manpage links found :(" popd #pushd %{BUILDROOT}%{mandir} #for manpage in man*/*; do # if [ -L "${manpage}" ]; then # TARGET="$(ls -l "${manpage}" | awk '{ print $NF }')" # ln -snf "${TARGET}ssl" "${manpage}ssl" # rm -f "${manpage}" # else # mv "${manpage}" "${manpage}ssl" # fi #done #popd end end packages package %{name} requires += %{name}-libs = %{thisver} end package %{name}-libs template LIBS requires += ca-certificates conflicts += %{name} < %{thisver} files += %{libdir}/openssl end package %{name}-devel template DEVEL end package %{name}-debuginfo template DEBUGINFO end end