openssl: Update to 1.0.2m
[ipfire-2.x.git] / lfs / openssl
1 ###############################################################################
2 #                                                                             #
3 # IPFire.org - A linux based firewall                                         #
4 # Copyright (C) 2007-2016  IPFire Team  <info@ipfire.org>                     #
5 #                                                                             #
6 # This program is free software: you can redistribute it and/or modify        #
7 # it under the terms of the GNU General Public License as published by        #
8 # the Free Software Foundation, either version 3 of the License, or           #
9 # (at your option) any later version.                                         #
10 #                                                                             #
11 # This program is distributed in the hope that it will be useful,             #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
14 # GNU General Public License for more details.                                #
15 #                                                                             #
16 # You should have received a copy of the GNU General Public License           #
17 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
18 #                                                                             #
19 ###############################################################################
20
21 ###############################################################################
22 # Definitions
23 ###############################################################################
24
25 include Config
26
27 VER        = 1.0.2m
28
29 THISAPP    = openssl-$(VER)
30 DL_FILE    = $(THISAPP).tar.gz
31 DL_FROM    = $(URL_IPFIRE)
32 DIR_APP    = $(DIR_SRC)/$(THISAPP)
33
34 TARGET = $(DIR_INFO)/$(THISAPP)$(KCFG)
35
36 ifneq "$(KCFG)" "-sse2"
37 CFLAGS += -DPURIFY
38 else
39 CFLAGS =-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fPIC
40 CFLAGS+= -fstack-protector-all --param=ssp-buffer-size=4
41 CFLAGS+= -march=i686 -mmmx -msse -msse2 -mfpmath=sse
42 CFLAGS+= -fomit-frame-pointer -DPURIFY
43 CXXFLAGS="${CFLAGS}"
44 endif
45
46 export RPM_OPT_FLAGS = $(CFLAGS)
47
48 CONFIGURE_OPTIONS = \
49         --prefix=/usr \
50         --openssldir=/etc/ssl \
51         --enginesdir=/usr/lib/openssl/engines \
52         shared \
53         zlib-dynamic \
54         enable-camellia \
55         enable-md2 \
56         disable-ssl2 \
57         enable-seed \
58         enable-tlsext \
59         enable-rfc3779 \
60         no-idea \
61         no-mdc2 \
62         no-rc5 \
63         no-srp \
64         -DSSL_FORBID_ENULL \
65         $(OPENSSL_ARCH)
66
67 ifeq "$(IS_64BIT)" "1"
68         OPENSSL_ARCH = linux-generic64
69 else
70         OPENSSL_ARCH = linux-generic32
71 endif
72
73 ifeq "$(BUILD_ARCH)" "aarch64"
74         OPENSSL_ARCH = linux-aarch64
75 endif
76
77 ifeq "$(BUILD_ARCH)" "x86_64"
78         OPENSSL_ARCH = linux-x86_64
79 endif
80
81 ifeq "$(BUILD_ARCH)" "i586"
82         OPENSSL_ARCH = linux-elf
83
84   ifneq "$(KCFG)" "-sse2"
85         OPENSSL_ARCH += no-sse2
86   endif
87 endif
88
89 ###############################################################################
90 # Top-level Rules
91 ###############################################################################
92
93 objects = $(DL_FILE)
94
95 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
96
97 $(DL_FILE)_MD5 = 10e9e37f492094b9ef296f68f24a7666
98
99 install : $(TARGET)
100
101 check : $(patsubst %,$(DIR_CHK)/%,$(objects))
102
103 download :$(patsubst %,$(DIR_DL)/%,$(objects))
104
105 md5 : $(subst %,%_MD5,$(objects))
106
107 ###############################################################################
108 # Downloading, checking, md5sum
109 ###############################################################################
110
111 $(patsubst %,$(DIR_CHK)/%,$(objects)) :
112         @$(CHECK)
113
114 $(patsubst %,$(DIR_DL)/%,$(objects)) :
115         @$(LOAD)
116
117 $(subst %,%_MD5,$(objects)) :
118         @$(MD5)
119
120 ###############################################################################
121 # Installation Details
122 ###############################################################################
123
124 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
125         @$(PREBUILD)
126         @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
127         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.0-beta5-enginesdir.patch
128         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a-rpmbuild.patch
129         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2h-weak-ciphers.patch
130         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2g-disable-sslv2v3.patch
131
132         # i586 specific patches
133 ifeq "$(BUILD_ARCH)" "i586"
134         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a_auto_enable_padlock.patch
135         cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a_disable_ssse3_for_amd.patch
136 endif
137
138         # With openssl 1.0.2e, pod2mantest is missing
139         echo -e "#!/bin/bash\necho \$$(which pod2man)" > $(DIR_APP)/util/pod2mantest
140         chmod a+x $(DIR_APP)/util/pod2mantest
141
142         # Apply our CFLAGS
143         cd $(DIR_APP) && sed -i Configure \
144                 -e "s/-O3 -fomit-frame-pointer/$(CFLAGS)/g"
145
146         cd $(DIR_APP) && find crypto/ -name Makefile -exec \
147                 sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \;
148
149         cd $(DIR_APP) && ./Configure $(CONFIGURE_OPTIONS)
150
151         cd $(DIR_APP) && make depend
152         cd $(DIR_APP) && make
153
154 ifeq "$(KCFG)" "-sse2"
155         -mkdir -pv /usr/lib/sse2
156         cd $(DIR_APP) && install -m 755 \
157                 libcrypto.so.10 /usr/lib/sse2
158 else
159         # Install everything.
160         cd $(DIR_APP) && make install
161         install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/ssl
162
163         # Remove man pages.
164         -rm -vfr /etc/ssl/man
165
166         # Move engines to the right place.
167         -mkdir -pv /usr/lib/openssl
168         rm -vfr /usr/lib/openssl/engines
169         mv -v /usr/lib/engines /usr/lib/openssl
170 endif
171
172         @rm -rf $(DIR_APP)
173         @$(POSTBUILD)