4 BuildRequires: pkg-config
5 BuildRequires: zlib-devel
6 %define ssletcdir %{_sysconfdir}/ssl
7 %define num_version 1.0.0
11 Summary: Secure Sockets and Transport Layer Security
13 Group: Security/Crypto Libraries
14 Url: http://www.openssl.org/
15 Source: http://www.%{name}.org/source/%{name}-%{version}.tar.gz
16 # to get mtime of file:
17 Source1: openssl.changes
18 Source2: baselibs.conf
19 Source1001: openssl.manifest
22 The OpenSSL Project is a collaborative effort to develop a robust,
23 commercial-grade, full-featured, and open source toolkit implementing
24 the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
25 v1) protocols with full-strength cryptography. The project is managed
26 by a worldwide community of volunteers that use the Internet to
27 communicate, plan, and develop the OpenSSL toolkit and its related
30 Derivation and License
32 OpenSSL is based on the excellent SSLeay library developed by Eric A.
33 Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
34 Apache-style license, which basically means that you are free to get it
35 and to use it for commercial and noncommercial purposes.
37 %package -n libopenssl
38 Summary: Secure Sockets and Transport Layer Security
39 Group: Security/Crypto Libraries
41 %description -n libopenssl
42 The OpenSSL Project is a collaborative effort to develop a robust,
43 commercial-grade, full-featured, and open source toolkit implementing
44 the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
45 v1) protocols with full-strength cryptography. The project is managed
46 by a worldwide community of volunteers that use the Internet to
47 communicate, plan, and develop the OpenSSL toolkit and its related
50 Derivation and License
52 OpenSSL is based on the excellent SSLeay library developed by Eric A.
53 Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
54 Apache-style license, which basically means that you are free to get it
55 and to use it for commercial and noncommercial purposes.
58 %package -n libopenssl-devel
59 Summary: Include Files and Libraries mandatory for Development
60 Group: Development/Libraries
61 Obsoletes: openssl-devel < %{version}
62 Requires: %name = %version
63 Requires: libopenssl = %{version}
65 Provides: openssl-devel = %{version}
67 %description -n libopenssl-devel
68 This package contains all necessary include files and libraries needed
69 to develop applications that require these.
72 Summary: Additional data files and scripts for %{name}
73 Group: Security/Crypto Libraries
76 Additional data files and scripts for %{name}.
79 Summary: Additional Package Documentation
80 Group: Security/Crypto Libraries
84 This package contains optional documentation provided in addition to
85 this package's base documentation.
91 echo "adding/overwriting some entries in the 'table' hash in Configure"
92 # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
93 export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::'
94 cat <<EOF_ED | ed -s Configure
99 # local configuration added from specfile
100 # ... MOST of those are now correct in openssl's Configure already,
101 # so only add them for new ports!
103 #config-string, $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib
104 #"linux-elf", "gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG \${x86_gcc_des} \${x86_gcc_opts}:\${x86_elf_asm}:$DSO_SCHEME:",
105 #"linux-ia64", "gcc:-DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:\${ia64_asm}: $DSO_SCHEME:",
106 #"linux-ppc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:",
107 #"linux-ppc64", "gcc:-DB_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
108 "linux-elf-arm","gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:",
109 "linux-mips", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:",
110 "linux-sparcv7","gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:\${no_asm}: $DSO_SCHEME:",
111 #"linux-sparcv8","gcc:-DB_ENDIAN -DBN_DIV2W -mv8 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::::: $DSO_SCHEME:",
112 #"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
113 #"linux-s390", "gcc:-DB_ENDIAN ::(unknown): :-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:",
114 #"linux-s390x", "gcc:-DB_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64",
115 "linux-parisc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL DES_RISC1:\${no_asm}: $DSO_SCHEME:",
119 # fix ENGINESDIR path
120 sed -i 's,/lib/engines,/%_lib/engines,' Configure
121 # Record mtime of changes file instead of build time
122 CHANGES=`stat --format="%y" %SOURCE1`
123 sed -i -e "s|#define DATE \(.*\).LC_ALL.*date.|#define DATE \1$CHANGES|" crypto/Makefile
126 RPM_OPT_FLAGS=$(echo $RPM_OPT_FLAGS | sed -s "s/--param=ssp-buffer-size=32//g")
129 ./config --test-sanity
131 config_flags="threads shared no-rc5 no-idea \
132 enable-camellia enable-md2 \
134 --prefix=%{_prefix} \
136 --openssldir=%{ssletcdir} \
137 $RPM_OPT_FLAGS -std=gnu99 \
139 -fomit-frame-pointer \
144 $(getconf LFS_CFLAGS) \
148 #%{!?do_profiling:%define do_profiling 0}
150 # # generate feedback
151 # ./config $config_flags
152 # make depend CC="gcc %cflags_profile_generate"
153 # make CC="gcc %cflags_profile_generate"
154 # LD_LIBRARY_PATH=`pwd` make rehash CC="gcc %cflags_profile_generate"
155 # LD_LIBRARY_PATH=`pwd` make test CC="gcc %cflags_profile_generate"
156 # LD_LIBRARY_PATH=`pwd` apps/openssl speed
158 # # compile with feedback
159 # # but not if it makes a cipher slower:
160 # #find crypto/aes -name '*.da' | xargs -r rm
161 # ./config $config_flags %cflags_profile_feedback
164 # LD_LIBRARY_PATH=`pwd` make rehash
165 # LD_LIBRARY_PATH=`pwd` make test
167 # OpenSSL relies on uname -m (not good). Thus that little sparc line.
172 LD_LIBRARY_PATH=`pwd` make rehash
173 #LD_LIBRARY_PATH=`pwd` make test
178 eval $(egrep PLATFORM='[[:alnum:]]' Makefile)
179 grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE
182 rm -rf $RPM_BUILD_ROOT
183 make MANDIR=%{_mandir} INSTALL_PREFIX=$RPM_BUILD_ROOT install
184 install -d -m755 $RPM_BUILD_ROOT%{ssletcdir}/certs
185 ln -sf ./%{name} $RPM_BUILD_ROOT/%{_includedir}/ssl
186 mkdir $RPM_BUILD_ROOT/%{_datadir}/ssl
187 mv $RPM_BUILD_ROOT/%{ssletcdir}/misc $RPM_BUILD_ROOT/%{_datadir}/ssl/
188 # ln -s %{ssletcdir}/certs $RPM_BUILD_ROOT/%{_datadir}/ssl/certs
189 # ln -s %{ssletcdir}/private $RPM_BUILD_ROOT/%{_datadir}/ssl/private
190 # ln -s %{ssletcdir}/openssl.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf
193 # avoid file conflicts with man pages from other packages
195 pushd $RPM_BUILD_ROOT/%{_mandir}
196 # some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check.
197 # replace spaces by underscores
198 #for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done
199 which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) }
204 ln -sf ${LDEST}ssl ${i}ssl
208 case `basename ${i%.*}` in
209 asn1parse|ca|config|crl|crl2pkcs7|crypto|dgst|dhparam|dsa|dsaparam|enc|gendsa|genrsa|nseq|openssl|passwd|pkcs12|pkcs7|pkcs8|rand|req|rsa|rsautl|s_client|s_server|smime|spkac|ssl|verify|version|x509)
210 # these are the pages mentioned in openssl(1). They go into the main package.
211 echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
213 # the rest goes into the openssl-doc package.
214 echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
219 # check wether some shared library has been installed
221 ls -l $RPM_BUILD_ROOT%{_libdir}
222 test -f $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version}
223 test -f $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version}
224 test -L $RPM_BUILD_ROOT%{_libdir}/libssl.so
225 test -L $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
229 cat > showciphers.c <<EOF
230 #include <openssl/err.h>
231 #include <openssl/ssl.h>
237 meth = SSLv23_client_method();
238 SSLeay_add_ssl_algorithms();
239 ctx = SSL_CTX_new(meth);
240 if (ctx == NULL) return 0;
246 sc = (meth->get_cipher)(i);
248 k = SSL_CIPHER_get_bits(sc, &j);
249 printf("%s\n", sc->name);
254 gcc $RPM_OPT_FLAGS -I${RPM_BUILD_ROOT}%{_includedir} -c showciphers.c
255 gcc -o showciphers showciphers.o -L${RPM_BUILD_ROOT}%{_libdir} -lssl -lcrypto
256 LD_LIBRARY_PATH=${RPM_BUILD_ROOT}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true
257 cat AVAILABLE_CIPHERS
258 # Do not install demo scripts executable under /usr/share/doc
259 find demos -type f -perm /111 -exec chmod 644 {} \;
262 mkdir $RPM_BUILD_ROOT/%{_lib}
263 mv $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
264 mv $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
265 mv $RPM_BUILD_ROOT%{_libdir}/engines $RPM_BUILD_ROOT/%{_lib}/
266 cd $RPM_BUILD_ROOT%{_libdir}/
267 ln -sf /%{_lib}/libssl.so.%{num_version} ./libssl.so
268 ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so
273 %post -n libopenssl -p /sbin/ldconfig
275 %postun -n libopenssl -p /sbin/ldconfig
278 %manifest %{name}.manifest
279 %defattr(-, root, root)
281 /%{_lib}/libssl.so.%{num_version}
282 /%{_lib}/libcrypto.so.%{num_version}
285 %files -n libopenssl-devel
286 %manifest %{name}.manifest
287 %defattr(-, root, root)
288 %{_includedir}/%{name}/
290 %exclude %{_libdir}/libcrypto.a
291 %exclude %{_libdir}/libssl.a
293 %{_libdir}/libcrypto.so
294 %_libdir/pkgconfig/libcrypto.pc
295 %_libdir/pkgconfig/libssl.pc
296 %_libdir/pkgconfig/openssl.pc
298 %files doc -f filelist.doc
299 %manifest %{name}.manifest
300 %defattr(-, root, root)
305 %manifest %{name}.manifest
306 %defattr(-, root, root)
309 %dir %{ssletcdir}/certs
310 %config (noreplace) %{ssletcdir}/openssl.cnf
311 %attr(700,root,root) %{ssletcdir}/private
316 %manifest %{name}.manifest