X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=blobdiff_plain;f=lfs%2Fopenssl;h=df068f3a78b86e9025f5c46dc062a98267bfb77e;hp=285cae343bf1b7f7f56fa6d8320c75163d43c738;hb=d0bd5afe1b27020b41d0e7e043578e313a0ebf39;hpb=6f928c4d380d096a1abd0831c2c1de1a920b3ad1 diff --git a/lfs/openssl b/lfs/openssl index 285cae343b..df068f3a78 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2011 IPFire Team # +# Copyright (C) 2007-2014 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 0.9.8r +VER = 1.0.1k THISAPP = openssl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,6 +32,17 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) +ifeq "$(MACHINE)" "i586" + CONFIGURE_ARGS = linux-elf no-asm 386 +endif + +ifeq "$(MACHINE)" "armv5tel" + CONFIGURE_ARGS = linux-generic32 +endif + +CFLAGS += -DPURIFY +export RPM_OPT_FLAGS = $(CFLAGS) + ############################################################################### # Top-level Rules ############################################################################### @@ -40,7 +51,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 0352932ea863bc02b056cda7c9ac5b79 +$(DL_FILE)_MD5 = d4f002bd22a56881340105028842ae1f install : $(TARGET) @@ -70,18 +81,50 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-0.9.8n-cryptodev.diff -ifeq "$(PADLOCK)" "1" - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-0.9.8g-engine-padlock.patch -endif - @rm -rf /etc/ssl - cd $(DIR_APP) && sed -i -e 's/mcpu/march/' config - cd $(DIR_APP) && sed -i -e 's/-O3/-O2/' -e 's/-march=i486/-march=i586/' Configure - cd $(DIR_APP) && ./Configure --openssldir=/etc/ssl --prefix=/usr shared linux-elf \ - zlib-dynamic no-asm 386 - cd $(DIR_APP) && make MANDIR=/usr/share/man - cd $(DIR_APP) && make MANDIR=/usr/share/man install - rm -rf /etc/ssl/lib + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.0-beta5-enginesdir.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1-beta2-build.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1e-cryptodev.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1e-fix_parallel_build-1.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1e-weak-ciphers.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-disable-sslv2-sslv3.patch + + cd $(DIR_APP) && find crypto/ -name Makefile -exec \ + sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \; + + cd $(DIR_APP) && ./Configure \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + --enginesdir=/usr/lib/openssl/engines \ + shared \ + zlib-dynamic \ + enable-camellia \ + enable-md2 \ + enable-seed \ + enable-tlsext \ + enable-rfc3779 \ + no-idea \ + no-mdc2 \ + no-rc5 \ + no-srp \ + $(CONFIGURE_ARGS) \ + -DSSL_FORBID_ENULL \ + -DHAVE_CRYPTODEV \ + -DUSE_CRYPTODEV_DIGEST + + cd $(DIR_APP) && make depend + cd $(DIR_APP) && make + + # Install everything. + cd $(DIR_APP) && make install install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/ssl + + # Remove man pages. + -rm -vfr /etc/ssl/man + + # Move engines to the right place. + -mkdir -pv /usr/lib/openssl + rm -vfr /usr/lib/openssl/engines + mv -v /usr/lib/engines /usr/lib/openssl + @rm -rf $(DIR_APP) @$(POSTBUILD)