-Name: openssl
-BuildRequires: bc
-BuildRequires: ed
-BuildRequires: pkg-config
-BuildRequires: zlib-devel
-%define ssletcdir %{_sysconfdir}/ssl
-%define num_version 1.0.0
-Provides: ssl
-Version: 1.0.2h
-Release: 0
-Summary: Secure Sockets and Transport Layer Security
-License: OpenSSL and BSD-2.0 and Apache-2.0
-Group: Security/Crypto Libraries
-Url: http://www.openssl.org/
-Source: http://www.%{name}.org/source/%{name}-%{version}.tar.gz
-# to get mtime of file:
-Source1: openssl.changes
-Source2: baselibs.conf
-Source1001: openssl.manifest
+%define _unpackaged_files_terminate_build 0
+%define libmaj 1
+%define libmin 0
+%define librel 1
+%define librev l
+Release: 1
+
+%define openssldir %{_sysconfdir}/ssl
+
+Summary: Secure Sockets Layer and cryptography libraries and tools
+Name: openssl
+Version: 1.0.2h
+Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
+License: OpenSSL
+Group: Security/Crypto Libraries
+Provides: SSL
+URL: http://www.openssl.org/
%description
The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, full-featured, and open source toolkit implementing
-the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
-v1) protocols with full-strength cryptography. The project is managed
-by a worldwide community of volunteers that use the Internet to
-communicate, plan, and develop the OpenSSL toolkit and its related
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
documentation.
-Derivation and License
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
-OpenSSL is based on the excellent SSLeay library developed by Eric A.
-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
-Apache-style license, which basically means that you are free to get it
-and to use it for commercial and noncommercial purposes.
+This package contains the base OpenSSL cryptography and SSL/TLS
+libraries and tools.
-%package -n libopenssl
-Summary: Secure Sockets and Transport Layer Security
-Group: Security/Crypto Libraries
-
-%description -n libopenssl
+%package devel
+Summary: Secure Sockets Layer and cryptography static libraries and headers
+Group: Development/Libraries
+Requires: openssl = %{version}-%{release}
+%description devel
The OpenSSL Project is a collaborative effort to develop a robust,
-commercial-grade, full-featured, and open source toolkit implementing
-the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
-v1) protocols with full-strength cryptography. The project is managed
-by a worldwide community of volunteers that use the Internet to
-communicate, plan, and develop the OpenSSL toolkit and its related
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
documentation.
-Derivation and License
-
-OpenSSL is based on the excellent SSLeay library developed by Eric A.
-Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
-Apache-style license, which basically means that you are free to get it
-and to use it for commercial and noncommercial purposes.
-
-
-%package -n libopenssl-devel
-Summary: Include Files and Libraries mandatory for Development
-Group: Development/Libraries
-Obsoletes: openssl-devel < %{version}
-Requires: %name = %version
-Requires: libopenssl = %{version}
-Requires: zlib-devel
-Provides: openssl-devel = %{version}
-
-%description -n libopenssl-devel
-This package contains all necessary include files and libraries needed
-to develop applications that require these.
-
-%package misc
-Summary: Additional data files and scripts for %{name}
-Group: Security/Crypto Libraries
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
-%description misc
-Additional data files and scripts for %{name}.
+This package contains the the OpenSSL cryptography and SSL/TLS
+static libraries and header files required when developing applications.
%package doc
-Summary: Additional Package Documentation
-Group: Security/Crypto Libraries
-BuildArch: noarch
-
+Summary: OpenSSL miscellaneous files
+Group: Documentation
+Requires: openssl
%description doc
-This package contains optional documentation provided in addition to
-this package's base documentation.
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation.
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes.
+
+This package contains the the OpenSSL cryptography and SSL/TLS extra
+documentation and POD files from which the man pages were produced.
%prep
-%setup -q
-cp %{SOURCE1001} .
-echo "adding/overwriting some entries in the 'table' hash in Configure"
-# $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
-export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::'
-cat <<EOF_ED | ed -s Configure
-/^);
--
-i
-#
-# local configuration added from specfile
-# ... MOST of those are now correct in openssl's Configure already,
-# so only add them for new ports!
-#
-#config-string, $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib
-#"linux-elf", "gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG \${x86_gcc_des} \${x86_gcc_opts}:\${x86_elf_asm}:$DSO_SCHEME:",
-#"linux-ia64", "gcc:-DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:\${ia64_asm}: $DSO_SCHEME:",
-#"linux-ppc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:",
-#"linux-ppc64", "gcc:-DB_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
-"linux-elf-arm","gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:",
-"linux-mips", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:",
-"linux-sparcv7","gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:\${no_asm}: $DSO_SCHEME:",
-#"linux-sparcv8","gcc:-DB_ENDIAN -DBN_DIV2W -mv8 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::::: $DSO_SCHEME:",
-#"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
-#"linux-s390", "gcc:-DB_ENDIAN ::(unknown): :-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:",
-#"linux-s390x", "gcc:-DB_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
-"linux-parisc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL DES_RISC1:\${no_asm}: $DSO_SCHEME:",
-.
-wq
-EOF_ED
-# fix ENGINESDIR path
-sed -i 's,/lib/engines,/%_lib/engines,' Configure
-# Record mtime of changes file instead of build time
-CHANGES=`stat --format="%y" %SOURCE1`
-sed -i -e "s|#define DATE \(.*\).LC_ALL.*date.|#define DATE \1$CHANGES|" crypto/Makefile
+%setup -q
%build
-MODIFIED_RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/--param=ssp-buffer-size=32//g")
-MODIFIED_RPM_OPT_FLAGS=$(echo $MODIFIED_RPM_OPT_FLAGS | sed -s "s/-mcpu=cortex-a15.cortex-a7//g")
-MODIFIED_RPM_OPT_FLAGS=$(echo $MODIFIED_RPM_OPT_FLAGS | sed -s "s/-march=armv7ve/-march=armv7-a/g")
-./config --test-sanity
-#
-config_flags="threads shared no-rc5 no-idea no-asm no-ssl2-method \
-enable-camellia enable-md2 \
-zlib \
---prefix=%{_prefix} \
---libdir=%{_lib} \
---openssldir=%{ssletcdir} \
-$MODIFIED_RPM_OPT_FLAGS -std=gnu99 \
--Wa,--noexecstack \
--fomit-frame-pointer \
--DTERMIO \
--DPURIFY \
--DSSL_FORBID_ENULL \
--D_GNU_SOURCE \
-$(getconf LFS_CFLAGS) \
--Wall \
--fstack-protector "
-#
-#%{!?do_profiling:%define do_profiling 0}
-#%if %do_profiling
-# # generate feedback
-# ./config $config_flags
-# make depend CC="gcc %cflags_profile_generate"
-# make CC="gcc %cflags_profile_generate"
-# LD_LIBRARY_PATH=`pwd` make rehash CC="gcc %cflags_profile_generate"
-# LD_LIBRARY_PATH=`pwd` make test CC="gcc %cflags_profile_generate"
-# LD_LIBRARY_PATH=`pwd` apps/openssl speed
-# make clean
-# # compile with feedback
-# # but not if it makes a cipher slower:
-# #find crypto/aes -name '*.da' | xargs -r rm
-# ./config $config_flags %cflags_profile_feedback
-# make depend
-# make
-# LD_LIBRARY_PATH=`pwd` make rehash
-# LD_LIBRARY_PATH=`pwd` make test
-#%else
-# OpenSSL relies on uname -m (not good). Thus that little sparc line.
- ./config \
- $config_flags
- make depend
- make
- LD_LIBRARY_PATH=`pwd` make rehash
- #LD_LIBRARY_PATH=`pwd` make test
-#%endif
-# show settings
-make TABLE
-echo $RPM_OPT_FLAGS
-eval $(egrep PLATFORM='[[:alnum:]]' Makefile)
-grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE
+RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/--param=ssp-buffer-size=32//g")
+RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/-mcpu=cortex-a15.cortex-a7//g")
+RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/-march=armv7ve/-march=armv7-a/g")
+
+CONFIG_FLAGS="--prefix=%_prefix --openssldir=%openssldir --libdir=%_lib \
+ threads shared no-idea no-rc5 no-camellia no-asm no-ssl2-method enable-md2 \
+ $RPM_OPT_FLAGS -std=gnu99"
+
+BINARY_FORMAT=
+%ifarch %{arm}
+BINARY_FORMAT=armv4
+%endif
+%ifarch aarch64
+BINARY_FORMAT=aarch64
+%endif
+%ifarch %{ix86}
+BINARY_FORMAT=elf
+%endif
+%ifarch ppc
+BINARY_FORMAT=ppc
+%endif
+%ifarch alpha
+BINARY_FORMAT=alpha
+%endif
+%ifarch x86_64
+BINARY_FORMAT=x86_64
+%endif
+
+./Configure $CONFIG_FLAGS linux-$BINARY_FORMAT
+
+LD_LIBRARH_PATH=`pwd` make depend
+LD_LIBRARY_PATH=`pwd` make %{?_smp_mflags}
+
+%check
+LD_LIBRARY_PATH=`pwd` make test
%install
rm -rf $RPM_BUILD_ROOT
-make MANDIR=%{_mandir} INSTALL_PREFIX=$RPM_BUILD_ROOT install
-ln -sf ./%{name} $RPM_BUILD_ROOT/%{_includedir}/ssl
-mkdir $RPM_BUILD_ROOT/%{_datadir}/ssl
-mv $RPM_BUILD_ROOT/%{ssletcdir}/misc $RPM_BUILD_ROOT/%{_datadir}/ssl/
-# ln -s %{ssletcdir}/certs $RPM_BUILD_ROOT/%{_datadir}/ssl/certs
-# ln -s %{ssletcdir}/private $RPM_BUILD_ROOT/%{_datadir}/ssl/private
-# ln -s %{ssletcdir}/openssl.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf
-#
-
-# avoid file conflicts with man pages from other packages
-#
-pushd $RPM_BUILD_ROOT/%{_mandir}
-# some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check.
-# replace spaces by underscores
-#for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done
-which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) }
-for i in man?/*; do
- if test -L $i ; then
- LDEST=`readlink $i`
- rm -f $i ${i}ssl
- ln -sf ${LDEST}ssl ${i}ssl
- else
- mv $i ${i}ssl
- fi
- case `basename ${i%.*}` in
- asn1parse|ca|config|crl|crl2pkcs7|crypto|dgst|dhparam|dsa|dsaparam|enc|gendsa|genrsa|nseq|openssl|passwd|pkcs12|pkcs7|pkcs8|rand|req|rsa|rsautl|s_client|s_server|smime|spkac|ssl|verify|version|x509)
- # these are the pages mentioned in openssl(1). They go into the main package.
- echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
- *)
- # the rest goes into the openssl-doc package.
- echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
- esac
-done
-popd
-#
-# check wether some shared library has been installed
-#
-ls -l $RPM_BUILD_ROOT%{_libdir}
-test -f $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version}
-test -f $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version}
-test -L $RPM_BUILD_ROOT%{_libdir}/libssl.so
-test -L $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
-#
-# see what we've got
-#
-cat > showciphers.c <<EOF
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-int main(){
-unsigned int i;
-SSL_CTX *ctx;
-SSL *ssl;
-SSL_METHOD *meth;
- meth = SSLv23_client_method();
- SSLeay_add_ssl_algorithms();
- ctx = SSL_CTX_new(meth);
- if (ctx == NULL) return 0;
- ssl = SSL_new(ctx);
- if (!ssl) return 0;
- for (i=0; ; i++) {
- int j, k;
- SSL_CIPHER *sc;
- sc = (meth->get_cipher)(i);
- if (!sc) break;
- k = SSL_CIPHER_get_bits(sc, &j);
- printf("%s\n", sc->name);
- }
- return 0;
-};
-EOF
-gcc $RPM_OPT_FLAGS -I${RPM_BUILD_ROOT}%{_includedir} -c showciphers.c
-gcc -o showciphers showciphers.o -L${RPM_BUILD_ROOT}%{_libdir} -lssl -lcrypto
-LD_LIBRARY_PATH=${RPM_BUILD_ROOT}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true
-cat AVAILABLE_CIPHERS
-# Do not install demo scripts executable under /usr/share/doc
-find demos -type f -perm /111 -exec chmod 644 {} \;
-
-%post -n libopenssl -p /sbin/ldconfig
-
-%postun -n libopenssl -p /sbin/ldconfig
-
-%files -n libopenssl
-%manifest %{name}.manifest
-%defattr(-, root, root)
-%license LICENSE
-%license LICENSE.Apache-2.0
-%license LICENSE.BSD-2.0
-%{_libdir}/libssl.so.%{num_version}
-%{_libdir}/libcrypto.so.%{num_version}
-%{_libdir}/engines
-
-%files -n libopenssl-devel
-%manifest %{name}.manifest
-%defattr(-, root, root)
-%{_includedir}/%{name}/
-%{_includedir}/ssl
-%exclude %{_libdir}/libcrypto.a
-%exclude %{_libdir}/libssl.a
-%{_libdir}/libssl.so
-%{_libdir}/libcrypto.so
-%_libdir/pkgconfig/libcrypto.pc
-%_libdir/pkgconfig/libssl.pc
-%_libdir/pkgconfig/openssl.pc
-
-%files doc -f filelist.doc
-%manifest %{name}.manifest
-%defattr(-, root, root)
-%doc doc/* demos
-%doc showciphers.c
+make INSTALL_PREFIX="$RPM_BUILD_ROOT" install_sw
%files
-%manifest %{name}.manifest
-%defattr(-, root, root)
+%manifest %name.manifest
+%defattr(0644,root,root,0755)
%license LICENSE
-%dir %{ssletcdir}
-%config (noreplace) %{ssletcdir}/openssl.cnf
-%attr(700,root,root) %{ssletcdir}/private
-%dir %{_datadir}/ssl
-%{_bindir}/%{name}
-
-%files misc
-%manifest %{name}.manifest
-%{_datadir}/ssl/misc
-%{_bindir}/c_rehash
+%attr(0755,root,root) %_libdir/libcrypto.so.*
+%attr(0755,root,root) %_libdir/libssl.so.*
+%attr(0755,root,root) %_libdir/engines/*.so
+%exclude %openssldir/openssl.cnf
+%exclude %openssldir/misc
+%exclude %_bindir/c_rehash
+%exclude %_bindir/%name
+
+%files devel
+%defattr(0644,root,root,0755)
+%license LICENSE
+%_libdir/libcrypto.so
+%_libdir/libssl.so
+%exclude %attr(0644,root,root) %_libdir/libcrypto.a
+%exclude %attr(0644,root,root) %_libdir/libssl.a
+%attr(0644,root,root) %_libdir/pkgconfig/*.pc
+%attr(0644,root,root) %_includedir/openssl/*
+
+%files doc
+%license LICENSE
+%doc CHANGES CHANGES.SSLeay NEWS README
+%post
+ldconfig
-%changelog
+%postun
+ldconfig