X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;ds=sidebyside;f=openssl%2Fopenssl.nm;h=6b0cd8d6e5944890aa28740c6789bbf377c2bccd;hb=292a724635ec02c9b02e3f833bf38d4dd7eafc9b;hp=0cbe7f99416b0102850fd4b8a4a43d4d4a5a5d4a;hpb=347a982fccd536e8d0ec78f6a9e312eee56a8ec4;p=ipfire-3.x.git diff --git a/openssl/openssl.nm b/openssl/openssl.nm index 0cbe7f994..6b0cd8d6e 100644 --- a/openssl/openssl.nm +++ b/openssl/openssl.nm @@ -4,7 +4,7 @@ ############################################################################### name = openssl -version = 1.0.1 +version = 1.1.0g release = 1 maintainer = Michael Tremer @@ -23,123 +23,120 @@ source_dl = http://openssl.org/source/ build requires - bc - gnutls-devel + ca-certificates + coreutils perl - util-linux + perl(Math::BigInt) + perl(Module::Load::Conditional) + perl(Test::Harness) + perl(Test::More) + sed zlib-devel end - CFLAGS += -DPURIFY + export HASHBANGPERL = %{bindir}/perl - prepare_cmds - find crypto/ -name Makefile -exec \ - sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \; - - # Modify the various perl scripts to reference perl in the right location. - perl util/perlpath.pl /usr/bin - - # Generate a table with the compile settings for my perusal. - touch Makefile - make TABLE PERL=/usr/bin/perl - end + CFLAGS += -DPURIFY -Wa,--noexecstack # Set default ssl_arch. ssl_arch = linux-%{DISTRO_ARCH} + if "%{DISTRO_ARCH}" == "x86_64" + ssl_arch += enable-ec_nistp_64_gcc_128 + end + if "%{DISTRO_ARCH}" == "i686" # 386 implies no-sse2 ssl_arch = linux-elf no-asm 386 end + if "%{DISTRO_ARCH}" == "aarch64" + ssl_arch += enable-ec_nistp_64_gcc_128 + end + if "%{DISTRO_ARCH}" == "armv5tel" - ssl_arch = linux-generic32 + ssl_arch = linux-armv4 end if "%{DISTRO_ARCH}" == "armv7hl" - ssl_arch = linux-generic32 + ssl_arch = linux-armv4 end build ./Configure \ - --prefix=/usr \ - --openssldir=/etc/pki/tls \ - --enginesdir=%{libdir}/openssl/engines \ + --prefix=%{prefix} \ + --openssldir=%{sysconfdir}/pki/tls \ shared \ - zlib-dynamic \ + zlib \ enable-camellia \ - enable-md2 \ enable-seed \ - enable-tlsext \ enable-rfc3779 \ - no-idea \ - no-mdc2 \ + enable-ssl3 \ + enable-ssl3-method \ + no-rc4 \ no-rc5 \ - no-ec no-ecdh no-ecdsa \ - no-srp \ - -DSSL_FORBID_ENULL \ - %{ssl_arch} \ - fips + %{ssl_arch} \ + ${CFLAGS} \ + ${LDFLAGS} - # Build. - make depend all build-shared RPM_OPT_FLAGS="%{CFLAGS}" #%{PARALLELISMFLAGS} + util/mkdef.pl crypto update + make all - # Generate hashes for the included certs. - make rehash build-shared + # Clean up the .pc files + for i in libcrypto.pc libssl.pc openssl.pc; do + sed -i '/^Libs.private:/{s/-L[^ ]* //;s/-Wl[^ ]* //}' $i + done end test # Revert ca-dir patch. Otherwise the tests will fail. - patch -Np1 -R < %{DIR_PATCHES}/openssl-1.0.0-beta4-ca-dir.patch + patch -Np1 -R < %{DIR_PATCHES}/openssl-1.1.0-ca-dir.patch make test end install - make install build-shared INSTALL_PREFIX=%{BUILDROOT} - - # Install manpages do right place - mkdir -pv %{BUILDROOT}/usr/share - mv -v %{BUILDROOT}/etc/pki/tls/man %{BUILDROOT}/usr/share/ - - mkdir -pv %{BUILDROOT}%{libdir}/openssl - mv -v %{BUILDROOT}%{libdir}/engines %{BUILDROOT}%{libdir}/openssl - - mkdir -pv %{BUILDROOT}/etc/pki/CA/private - chmod -v 700 -R %{BUILDROOT}/etc/pki/CA - - mkdir -pv %{BUILDROOT}/etc/pki/tls - install -m 0644 %{DIR_SOURCE}/openssl.cnf %{BUILDROOT}/etc/pki/tls - cp -v -r certs %{BUILDROOT}/etc/pki/tls + make install DESTDIR=%{BUILDROOT} # Rename man pages so that they don't conflict with other system man pages. - pushd ${BUILDROOT}/usr/share/man + pushd %{BUILDROOT}%{mandir} + ln -svf config.5 man5/openssl.cnf.5 for manpage in man*/*; do - if [ -L ${manpage} ]; then - TARGET=`ls -l ${manpage} | awk '{ print $NF }'` - ln -snf ${TARGET}ssl ${manpage}ssl - rm -f ${manpage} + if [ -L "${manpage}" ]; then + TARGET=$(ls -l "${manpage}" | awk '{ print $NF }') + ln -snf "${TARGET}ssl" "${manpage}ssl" + rm -f "${manpage}" else mv ${manpage} ${manpage}ssl fi done - - mv -v %{BUILDROOT}/usr/share/man/man1/{,ssl}passwd.1 - mv -v %{BUILDROOT}/usr/share/man/man1/{,ssl}rand.1 + for conflict in passwd rand; do + rename ${conflict} ssl${conflict} man*/${conflict}* + ln -svf ssl${conflict}.1ssl %{BUILDROOT}%{mandir}/man1/openssl-${conflict}.1ssl + done popd + + # Remove dist config + rm -vf %{BUILDROOT}%{sysconfdir}/pki/tls/openssl.cnf.dist + + # Move executable stuff to %{bindir} + mv -v %{BUILDROOT}%{sysconfdir}/pki/tls/misc/{CA.pl,tsget} %{BUILDROOT}%{bindir} end end packages package %{name} + requires += %{name}-libs = %{thisver} + end package %{name}-libs template LIBS requires += ca-certificates - provides += libcrypto.so.10(libcrypto.so.10) - provides += libssl.so.10(libssl.so.10) + conflicts += %{name} < %{thisver} + + files += %{libdir}/openssl %{libdir}/engines* end package %{name}-devel