Search
j0ke.net Open Build Service
>
Projects
>
home:jg
:
autodns
>
openssl102
> Changes
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
Changes of Revision 4
[-]
[+]
Added
openssl.spec
@@ -0,0 +1,1887 @@ +# For the curious: +# 0.9.5a soversion = 0 +# 0.9.6 soversion = 1 +# 0.9.6a soversion = 2 +# 0.9.6c soversion = 3 +# 0.9.7a soversion = 4 +# 0.9.7ef soversion = 5 +# 0.9.8ab soversion = 6 +# 0.9.8g soversion = 7 +# 0.9.8jk + EAP-FAST soversion = 8 +# 1.0.0 soversion = 10 +%define soversion 10 +%define _prefix /usr/local + +# Number of threads to spawn when testing some threading fixes. +%define thread_test_threads %{?threads:%{threads}}%{!?threads:1} + +# Arches on which we need to prevent arch conflicts on opensslconf.h, must +# also be handled in opensslconf-new.h. +%define multilib_arches %{ix86} ia64 %{mips} ppc %{power64} s390 s390x sparcv9 sparc64 x86_64 + +%global _performance_build 1 + +Summary: Utilities from the general purpose cryptography library with TLS implementation +Name: openssl102 +Version: 1.0.2f +Release: 1 +Epoch: 1 +# We have to remove certain patented algorithms from the openssl source +# tarball with the hobble-openssl script which is included below. +# The original openssl upstream tarball cannot be shipped in the .src.rpm. +Source: openssl-%{version}-hobbled.tar.xz +Source1: hobble-openssl +Source2: Makefile.certificate +Source6: make-dummy-cert +Source7: renew-dummy-cert +Source8: openssl-thread-test.c +Source9: opensslconf-new.h +Source10: opensslconf-new-warning.h +Source11: README.FIPS +Source12: ec_curve.c +Source13: ectest.c +# Build changes +Patch1: openssl-1.0.2e-rpmbuild.patch +Patch2: openssl-1.0.2a-defaults.patch +Patch4: openssl-1.0.2a-enginesdir.patch +Patch5: openssl-1.0.2a-no-rpath.patch +Patch6: openssl-1.0.2a-test-use-localhost.patch +Patch7: openssl-1.0.0-timezone.patch +Patch8: openssl-1.0.1c-perlfind.patch +Patch9: openssl-1.0.1c-aliasing.patch +# Bug fixes +Patch23: openssl-1.0.2c-default-paths.patch +Patch24: openssl-1.0.2a-issuer-hash.patch +# Functionality changes +Patch33: openssl-1.0.0-beta4-ca-dir.patch +Patch34: openssl-1.0.2a-x509.patch +Patch35: openssl-1.0.2a-version-add-engines.patch +Patch39: openssl-1.0.2a-ipv6-apps.patch +Patch40: openssl-1.0.2e-fips.patch +Patch45: openssl-1.0.2a-env-zlib.patch +Patch47: openssl-1.0.2a-readme-warning.patch +Patch49: openssl-1.0.1i-algo-doc.patch +Patch50: openssl-1.0.2a-dtls1-abi.patch +Patch51: openssl-1.0.2a-version.patch +Patch56: openssl-1.0.2a-rsa-x931.patch +Patch58: openssl-1.0.2a-fips-md5-allow.patch +Patch60: openssl-1.0.2a-apps-dgst.patch +Patch63: openssl-1.0.2a-xmpp-starttls.patch +Patch65: openssl-1.0.2a-chil-fixes.patch +Patch66: openssl-1.0.2a-pkgconfig-krb5.patch +Patch68: openssl-1.0.2a-secure-getenv.patch +Patch70: openssl-1.0.2a-fips-ec.patch +Patch71: openssl-1.0.2d-manfix.patch +Patch72: openssl-1.0.2a-fips-ctor.patch +Patch73: openssl-1.0.2c-ecc-suiteb.patch +Patch74: openssl-1.0.2a-no-md5-verify.patch +Patch75: openssl-1.0.2a-compat-symbols.patch +Patch76: openssl-1.0.2f-new-fips-reqs.patch +Patch77: openssl-1.0.2a-weak-ciphers.patch +Patch78: openssl-1.0.2a-cc-reqs.patch +Patch90: openssl-1.0.2a-enc-fail.patch +Patch92: openssl-1.0.2a-system-cipherlist.patch +Patch93: openssl-1.0.2a-disable-sslv2v3.patch +Patch94: openssl-1.0.2d-secp256k1.patch +Patch95: openssl-1.0.2e-remove-nistp224.patch +Patch96: openssl-1.0.2e-speed-doc.patch +# Backported fixes including security fixes +Patch80: openssl-1.0.2e-wrap-pad.patch +Patch81: openssl-1.0.2a-padlock64.patch +Patch82: openssl-1.0.2c-trusted-first-doc.patch + +License: OpenSSL +Group: System Environment/Libraries +URL: http://www.openssl.org/ +BuildRoot: %{_tmppath}/%{name}-%{version}-root +BuildRequires: coreutils, krb5-devel, perl, sed, zlib-devel, /usr/bin/cmp +BuildRequires: lksctp-tools-devel +BuildRequires: /usr/bin/rename +BuildRequires: /usr/bin/pod2man +Requires: coreutils, make +Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} + +%description +The OpenSSL toolkit provides support for secure communications between +machines. OpenSSL includes a certificate management tool and shared +libraries which provide various cryptographic algorithms and +protocols. + +%package libs +Summary: A general purpose cryptography library with TLS implementation +Group: System Environment/Libraries +Requires: ca-certificates >= 2008-5 +Requires: crypto-policies +# Needed obsoletes due to the base/lib subpackage split +Obsoletes: openssl < 1:1.0.1-0.3.beta3 +Obsoletes: openssl-fips < 1:1.0.1e-28 +Provides: openssl-fips = %{epoch}:%{version}-%{release} + +%description libs +OpenSSL is a toolkit for supporting cryptography. The openssl-libs +package contains the libraries that are used by various applications which +support cryptographic algorithms and protocols. + +%package devel +Summary: Files for development of applications which will use OpenSSL +Group: Development/Libraries +Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} +Requires: krb5-devel%{?_isa}, zlib-devel%{?_isa} +Requires: pkgconfig + +%description devel +OpenSSL is a toolkit for supporting cryptography. The openssl-devel +package contains include files needed to develop applications which +support various cryptographic algorithms and protocols. + +%package static +Summary: Libraries for static linking of applications which will use OpenSSL +Group: Development/Libraries +Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release} + +%description static +OpenSSL is a toolkit for supporting cryptography. The openssl-static +package contains static libraries needed for static linking of +applications which support various cryptographic algorithms and +protocols. + +%package perl +Summary: Perl scripts provided with OpenSSL +Group: Applications/Internet +Requires: perl +Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} + +%description perl +OpenSSL is a toolkit for supporting cryptography. The openssl-perl +package provides Perl scripts for converting certificates and keys +from other formats to the formats used by the OpenSSL toolkit. + +%prep +%setup -q -n %{name}-%{version} + +# The hobble_openssl is called here redundantly, just to be sure. +# The tarball has already the sources removed. +%{SOURCE1} > /dev/null + +cp %{SOURCE12} %{SOURCE13} crypto/ec/ + +%patch1 -p1 -b .rpmbuild +%patch2 -p1 -b .defaults +%patch4 -p1 -b .enginesdir %{?_rawbuild} +%patch5 -p1 -b .no-rpath +%patch6 -p1 -b .use-localhost +%patch7 -p1 -b .timezone +%patch8 -p1 -b .perlfind %{?_rawbuild} +%patch9 -p1 -b .aliasing + +%patch23 -p1 -b .default-paths +%patch24 -p1 -b .issuer-hash + +%patch33 -p1 -b .ca-dir +%patch34 -p1 -b .x509 +%patch35 -p1 -b .version-add-engines +%patch39 -p1 -b .ipv6-apps +%patch40 -p1 -b .fips +%patch45 -p1 -b .env-zlib +%patch47 -p1 -b .warning +%patch49 -p1 -b .algo-doc +%patch50 -p1 -b .dtls1-abi +%patch51 -p1 -b .version +%patch56 -p1 -b .x931 +%patch58 -p1 -b .md5-allow +%patch60 -p1 -b .dgst +%patch63 -p1 -b .starttls +%patch65 -p1 -b .chil +%patch66 -p1 -b .krb5 +%patch68 -p1 -b .secure-getenv +%patch70 -p1 -b .fips-ec +%patch71 -p1 -b .manfix +%patch72 -p1 -b .fips-ctor
