packaging/openssl.spec

   1 Name:           openssl
   2 BuildRequires:  bc
   3 BuildRequires:  ed
   4 BuildRequires:  pkg-config
   5 BuildRequires:  zlib-devel
   6 %define ssletcdir %{_sysconfdir}/ssl
   7 %define num_version 1.0.0
   8 Provides:       ssl
   9 Version:        1.0.2d
  10 Release:        0
  11 Summary:        Secure Sockets and Transport Layer Security
  12 License:        OpenSSL
  13 Group:          Security/Crypto Libraries
  14 Url:            http://www.openssl.org/
  15 Source:         http://www.%{name}.org/source/%{name}-%{version}.tar.gz
  16 # to get mtime of file:
  17 Source1:        openssl.changes
  18 Source2:        baselibs.conf
  19 Source1001:     openssl.manifest
  20
  21 %description
  22 The OpenSSL Project is a collaborative effort to develop a robust,
  23 commercial-grade, full-featured, and open source toolkit implementing
  24 the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
  25 v1) protocols with full-strength cryptography. The project is managed
  26 by a worldwide community of volunteers that use the Internet to
  27 communicate, plan, and develop the OpenSSL toolkit and its related
  28 documentation.
  29
  30 Derivation and License
  31
  32 OpenSSL is based on the excellent SSLeay library developed by Eric A.
  33 Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
  34 Apache-style license, which basically means that you are free to get it
  35 and to use it for commercial and noncommercial purposes.
  36
  37 %package -n libopenssl
  38 Summary:        Secure Sockets and Transport Layer Security
  39 Group:          Security/Crypto Libraries
  40
  41 %description -n libopenssl
  42 The OpenSSL Project is a collaborative effort to develop a robust,
  43 commercial-grade, full-featured, and open source toolkit implementing
  44 the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
  45 v1) protocols with full-strength cryptography. The project is managed
  46 by a worldwide community of volunteers that use the Internet to
  47 communicate, plan, and develop the OpenSSL toolkit and its related
  48 documentation.
  49
  50 Derivation and License
  51
  52 OpenSSL is based on the excellent SSLeay library developed by Eric A.
  53 Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
  54 Apache-style license, which basically means that you are free to get it
  55 and to use it for commercial and noncommercial purposes.
  56
  57
  58 %package -n libopenssl-devel
  59 Summary:        Include Files and Libraries mandatory for Development
  60 Group:          Development/Libraries
  61 Obsoletes:      openssl-devel < %{version}
  62 Requires:       %name = %version
  63 Requires:       libopenssl = %{version}
  64 Requires:       zlib-devel
  65 Provides:       openssl-devel = %{version}
  66
  67 %description -n libopenssl-devel
  68 This package contains all necessary include files and libraries needed
  69 to develop applications that require these.
  70
  71 %package misc
  72 Summary:        Additional data files and scripts for %{name}
  73 Group:          Security/Crypto Libraries
  74
  75 %description misc
  76 Additional data files and scripts for %{name}.
  77
  78 %package doc
  79 Summary:        Additional Package Documentation
  80 Group:          Security/Crypto Libraries
  81 BuildArch:      noarch
  82
  83 %description doc
  84 This package contains optional documentation provided in addition to
  85 this package's base documentation.
  86
  87 %prep
  88 %setup -q
  89 cp %{SOURCE1001} .
  90
  91 echo "adding/overwriting some entries in the 'table' hash in Configure"
  92 # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
  93 export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::'
  94 cat <<EOF_ED | ed -s Configure
  95 /^);
  96 -
  97 i
  98 #
  99 # local configuration added from specfile
 100 # ... MOST of those are now correct in openssl's Configure already,
 101 # so only add them for new ports!
 102 #
 103 #config-string,  $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib
 104 #"linux-elf",    "gcc:-DL_ENDIAN                        ::-D_REENTRANT::-ldl:BN_LLONG \${x86_gcc_des} \${x86_gcc_opts}:\${x86_elf_asm}:$DSO_SCHEME:",
 105 #"linux-ia64",   "gcc:-DL_ENDIAN        -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:\${ia64_asm}:               $DSO_SCHEME:",
 106 #"linux-ppc",    "gcc:-DB_ENDIAN                        ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}:               $DSO_SCHEME:",
 107 #"linux-ppc64",  "gcc:-DB_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL SIXTY_FOUR_BIT_LONG:\${no_asm}:   $DSO_SCHEME:64",
 108 "linux-elf-arm","gcc:-DL_ENDIAN                 ::-D_REENTRANT::-ldl:BN_LLONG:\${no_asm}:                                                       $DSO_SCHEME:",
 109 "linux-mips",   "gcc:-DB_ENDIAN                 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}:               $DSO_SCHEME:",
 110 "linux-sparcv7","gcc:-DB_ENDIAN                 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:\${no_asm}:                  $DSO_SCHEME:",
 111 #"linux-sparcv8","gcc:-DB_ENDIAN -DBN_DIV2W -mv8        ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o:::::::::::::  $DSO_SCHEME:",
 112 #"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}:                                          $DSO_SCHEME:64",
 113 #"linux-s390",   "gcc:-DB_ENDIAN                        ::(unknown):   :-ldl:BN_LLONG:\${no_asm}:                                                       $DSO_SCHEME:",
 114 #"linux-s390x",  "gcc:-DB_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}:                                  $DSO_SCHEME:64",
 115 "linux-parisc", "gcc:-DB_ENDIAN                 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL DES_RISC1:\${no_asm}:                 $DSO_SCHEME:",
 116 .
 117 wq
 118 EOF_ED
 119 # fix ENGINESDIR path
 120 sed -i 's,/lib/engines,/%_lib/engines,' Configure
 121 # Record mtime of changes file instead of build time
 122 CHANGES=`stat --format="%y" %SOURCE1`
 123 sed -i -e "s|#define DATE \(.*\).LC_ALL.*date.|#define DATE \1$CHANGES|" crypto/Makefile
 124
 125 %build
 126 RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/--param=ssp-buffer-size=32//g")
 127 export RPM_OPT_FLAGS
 128
 129 ./config --test-sanity
 130 #
 131 config_flags="threads shared no-rc5 no-idea \
 132 enable-camellia enable-md2 \
 133 zlib \
 134 --prefix=%{_prefix} \
 135 --libdir=%{_lib} \
 136 --openssldir=%{ssletcdir} \
 137 $RPM_OPT_FLAGS -std=gnu99 \
 138 -Wa,--noexecstack \
 139 -fomit-frame-pointer \
 140 -DTERMIO \
 141 -DPURIFY \
 142 -DSSL_FORBID_ENULL \
 143 -D_GNU_SOURCE \
 144 $(getconf LFS_CFLAGS) \
 145 -Wall \
 146 -fstack-protector "
 147 #
 148 #%{!?do_profiling:%define do_profiling 0}
 149 #%if %do_profiling
 150 #       # generate feedback
 151 #       ./config $config_flags
 152 #       make depend CC="gcc %cflags_profile_generate"
 153 #       make CC="gcc %cflags_profile_generate"
 154 #       LD_LIBRARY_PATH=`pwd` make rehash CC="gcc %cflags_profile_generate"
 155 #       LD_LIBRARY_PATH=`pwd` make test CC="gcc %cflags_profile_generate"
 156 #       LD_LIBRARY_PATH=`pwd` apps/openssl speed
 157 #       make clean
 158 #       # compile with feedback
 159 #       # but not if it makes a cipher slower:
 160 #       #find crypto/aes -name '*.da' | xargs -r rm
 161 #       ./config $config_flags %cflags_profile_feedback
 162 #       make depend
 163 #       make
 164 #       LD_LIBRARY_PATH=`pwd` make rehash
 165 #       LD_LIBRARY_PATH=`pwd` make test
 166 #%else
 167 # OpenSSL relies on uname -m (not good). Thus that little sparc line.
 168         ./config \
 169                 $config_flags
 170         make depend
 171         make
 172         LD_LIBRARY_PATH=`pwd` make rehash
 173         #LD_LIBRARY_PATH=`pwd` make test
 174 #%endif
 175 # show settings
 176 make TABLE
 177 echo $RPM_OPT_FLAGS
 178 eval $(egrep PLATFORM='[[:alnum:]]' Makefile)
 179 grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE
 180
 181 %install
 182 rm -rf $RPM_BUILD_ROOT
 183 make MANDIR=%{_mandir} INSTALL_PREFIX=$RPM_BUILD_ROOT install
 184 install -d -m755 $RPM_BUILD_ROOT%{ssletcdir}/certs
 185 ln -sf ./%{name} $RPM_BUILD_ROOT/%{_includedir}/ssl
 186 mkdir $RPM_BUILD_ROOT/%{_datadir}/ssl
 187 mv $RPM_BUILD_ROOT/%{ssletcdir}/misc $RPM_BUILD_ROOT/%{_datadir}/ssl/
 188 # ln -s %{ssletcdir}/certs      $RPM_BUILD_ROOT/%{_datadir}/ssl/certs
 189 # ln -s %{ssletcdir}/private    $RPM_BUILD_ROOT/%{_datadir}/ssl/private
 190 # ln -s %{ssletcdir}/openssl.cnf        $RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf
 191 #
 192
 193 # avoid file conflicts with man pages from other packages
 194 #
 195 pushd $RPM_BUILD_ROOT/%{_mandir}
 196 # some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check.
 197 # replace spaces by underscores
 198 #for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done
 199 which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) }
 200 for i in man?/*; do
 201         if test -L $i ; then
 202             LDEST=`readlink $i`
 203             rm -f $i ${i}ssl
 204             ln -sf ${LDEST}ssl ${i}ssl
 205         else
 206             mv $i ${i}ssl
 207         fi
 208         case `basename ${i%.*}` in
 209             asn1parse|ca|config|crl|crl2pkcs7|crypto|dgst|dhparam|dsa|dsaparam|enc|gendsa|genrsa|nseq|openssl|passwd|pkcs12|pkcs7|pkcs8|rand|req|rsa|rsautl|s_client|s_server|smime|spkac|ssl|verify|version|x509)
 210                 # these are the pages mentioned in openssl(1). They go into the main package.
 211                 echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
 212             *)
 213                 # the rest goes into the openssl-doc package.
 214                 echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
 215         esac
 216 done
 217 popd
 218 #
 219 # check wether some shared library has been installed
 220 #
 221 ls -l $RPM_BUILD_ROOT%{_libdir}
 222 test -f $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version}
 223 test -f $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version}
 224 test -L $RPM_BUILD_ROOT%{_libdir}/libssl.so
 225 test -L $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
 226 #
 227 # see what we've got
 228 #
 229 cat > showciphers.c <<EOF
 230 #include <openssl/err.h>
 231 #include <openssl/ssl.h>
 232 int main(){
 233 unsigned int i;
 234 SSL_CTX *ctx;
 235 SSL *ssl;
 236 SSL_METHOD *meth;
 237   meth = SSLv23_client_method();
 238   SSLeay_add_ssl_algorithms();
 239   ctx = SSL_CTX_new(meth);
 240   if (ctx == NULL) return 0;
 241   ssl = SSL_new(ctx);
 242   if (!ssl) return 0;
 243   for (i=0; ; i++) {
 244     int j, k;
 245     SSL_CIPHER *sc;
 246     sc = (meth->get_cipher)(i);
 247     if (!sc) break;
 248     k = SSL_CIPHER_get_bits(sc, &j);
 249     printf("%s\n", sc->name);
 250   }
 251   return 0;
 252 };
 253 EOF
 254 gcc $RPM_OPT_FLAGS -I${RPM_BUILD_ROOT}%{_includedir} -c showciphers.c
 255 gcc -o showciphers showciphers.o -L${RPM_BUILD_ROOT}%{_libdir} -lssl -lcrypto
 256 LD_LIBRARY_PATH=${RPM_BUILD_ROOT}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true
 257 cat AVAILABLE_CIPHERS
 258 # Do not install demo scripts executable under /usr/share/doc
 259 find demos -type f -perm /111 -exec chmod 644 {} \;
 260
 261 #process openssllib
 262 mkdir $RPM_BUILD_ROOT/%{_lib}
 263 mv $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
 264 mv $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
 265 mv $RPM_BUILD_ROOT%{_libdir}/engines $RPM_BUILD_ROOT/%{_lib}/
 266 cd $RPM_BUILD_ROOT%{_libdir}/
 267 ln -sf /%{_lib}/libssl.so.%{num_version} ./libssl.so
 268 ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so
 269
 270 cd $RPM_BUILD_DIR
 271
 272
 273 %post -n libopenssl -p /sbin/ldconfig
 274
 275 %postun -n libopenssl -p /sbin/ldconfig
 276
 277 %files -n libopenssl
 278 %manifest %{name}.manifest
 279 %defattr(-, root, root)
 280 %license LICENSE
 281 /%{_lib}/libssl.so.%{num_version}
 282 /%{_lib}/libcrypto.so.%{num_version}
 283 /%{_lib}/engines
 284
 285 %files -n libopenssl-devel
 286 %manifest %{name}.manifest
 287 %defattr(-, root, root)
 288 %{_includedir}/%{name}/
 289 %{_includedir}/ssl
 290 %exclude %{_libdir}/libcrypto.a
 291 %exclude %{_libdir}/libssl.a
 292 %{_libdir}/libssl.so
 293 %{_libdir}/libcrypto.so
 294 %_libdir/pkgconfig/libcrypto.pc
 295 %_libdir/pkgconfig/libssl.pc
 296 %_libdir/pkgconfig/openssl.pc
 297
 298 %files doc -f filelist.doc
 299 %manifest %{name}.manifest
 300 %defattr(-, root, root)
 301 %doc doc/* demos
 302 %doc showciphers.c
 303
 304 %files
 305 %manifest %{name}.manifest
 306 %defattr(-, root, root)
 307 %license LICENSE
 308 %dir %{ssletcdir}
 309 %dir %{ssletcdir}/certs
 310 %config (noreplace) %{ssletcdir}/openssl.cnf
 311 %attr(700,root,root) %{ssletcdir}/private
 312 %dir %{_datadir}/ssl
 313 %{_bindir}/%{name}
 314
 315 %files misc
 316 %manifest %{name}.manifest
 317 %{_datadir}/ssl/misc
 318 %{_bindir}/c_rehash
 319
 320
 321 %changelog