+#
+# Conditional build:
+%bcond_with purify # Compile openssl with \-DPURIFY, usefull when one wants to
+ # use valgrind debugger against openssl-linked programs
+#
%include /usr/lib/rpm/macros.perl
Summary: OpenSSL Toolkit libraries for the "Secure Sockets Layer" (SSL v2/v3)
Summary(de): Secure Sockets Layer (SSL)-Kommunikationslibrary
Summary(ru): âÉÂÌÉÏÔÅËÉ É ÕÔÉÌÉÔÙ ÄÌÑ ÓÏÅÄÉÎÅÎÉÊ ÞÅÒÅÚ Secure Sockets Layer
Summary(uk): â¦Â̦ÏÔÅËÉ ÔÁ ÕÔÉ̦ÔÉ ÄÌÑ Ú'¤ÄÎÁÎØ ÞÅÒÅÚ Secure Sockets Layer
Name: openssl
-Version: 0.9.7c
-Release: 1
+Version: 0.9.7l
+Release: 3
License: Apache-style License
Group: Libraries
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5: c54fb36218adaaaba01ef733cd88c8ec
+# Source0-md5: b21d6e10817ddeccf5fbe1379987333e
Source1: %{name}-ca-bundle.crt
Source2: %{name}.1.pl
+Source3: %{name}-ssl-certificate.sh
Patch0: %{name}-alpha-ccc.patch
Patch1: %{name}-optflags.patch
Patch2: %{name}-globalCA.diff
-Patch3: %{name}-parallel_make.patch
-Patch4: %{name}-include.patch
-Patch5: %{name}-makefile.patch
+Patch3: %{name}-include.patch
+Patch4: %{name}-md5-sparcv9.patch
+Patch5: %{name}-ssl-algs.patch
+Patch6: %{name}-CVE-2007-3108.patch
URL: http://www.openssl.org/
-BuildRequires: perl-devel >= 5.6.1
-BuildRequires: textutils
-BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+BuildRequires: perl-devel >= 1:5.6.1
+BuildRequires: rpm-perlprov >= 4.1-13
+BuildRequires: rpmbuild(macros) >= 1.213
+BuildRequires: sed >= 4.0
Obsoletes: SSLeay
Obsoletes: SSLeay-devel
Obsoletes: SSLeay-perl
Obsoletes: libopenssl0
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
The OpenSSL Project is a collaborative effort to develop a robust,
Summary: OpenSSL command line tool and utilities
Summary(pl): Zestaw narzêdzi i skryptów
Group: Applications/Communications
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description tools
The OpenSSL Toolkit cmdline tool openssl and utility scripts.
Summary: OpenSSL utilities written in Perl
Summary(pl): Narzêdzia OpenSSL napisane w perlu
Group: Applications/Communications
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
%description tools-perl
OpenSSL Toolkit tools written in Perl.
Summary(ru): âÉÂÌÉÏÔÅËÉ, ÈÅÄÅÒÙ É ÕÔÉÌÉÔÙ ÄÌÑ Secure Sockets Layer
Summary(uk): â¦Â̦ÏÔÅËÉ, ÈÅÄÅÒÉ ÔÁ ÕÔÉ̦ÔÉ ÄÌÑ Secure Sockets Layer
Group: Development/Libraries
-Requires: %{name} = %{version}
+Requires: %{name} = %{version}-%{release}
Obsoletes: libopenssl0-devel
%description devel
Bibliotecas y archivos de inclusión para desarrollo OpenSSL
%description devel -l pl
-Czê¶æ bibiloteki OpenSSL przeznaczona dla programistów.
+Czê¶æ biblioteki OpenSSL przeznaczona dla programistów.
%description devel -l pt_BR
Uma biblioteca C que fornece vários algoritmos e protocolos
Summary(ru): óÔÁÔÉÞÅÓËÉÅ ÂÉÂÌÉÏÔÅËÉ ÒÁÚÒÁÂÏÔÞÉËÁ ÄÌÑ OpenSSL
Summary(uk): óÔÁÔÉÞΦ ¦Â̦ÏÔÅËÉ ÐÒÏÇÒÁͦÓÔÁ ÄÌÑ OpenSSL
Group: Development/Libraries
-Requires: %{name}-devel = %{version}
+Requires: %{name}-devel = %{version}-%{release}
%description static
Static OpenSSL Toolkit libraries.
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
+
+# conflicts with i386-only DES implementation
+# (missing #ifdef OPENSSL_FIPS ... #endif)
+:> fips-1.0/des/asm/fips-dx86-elf.s
%build
-for f in ` grep -r "%{_prefix}/local/bin/perl" . | cut -d":" -f1`; do
-%{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' $f
-done
+%{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' \
+ `grep -l -r "%{_prefix}/local/bin/perl" *`
touch Makefile.*
%{__perl} util/perlpath.pl %{__perl}
-OPTFLAGS="%{rpmcflags}"
+OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}"
export OPTFLAGS
-%ifarch i386 i486
+%ifarch %{ix86}
+%ifarch i386
+# allow running on 80386 (default code uses bswapl available on i486+)
./Configure --openssldir=%{_var}/lib/%{name} linux-elf shared 386
-%endif
-%ifarch i586 i686 athlon
+%else
./Configure --openssldir=%{_var}/lib/%{name} linux-elf shared
%endif
-%ifarch ppc
-./Configure --openssldir=%{_var}/lib/%{name} linux-ppc shared
%endif
%ifarch alpha
./Configure --openssldir=%{_var}/lib/%{name} threads linux-alpha+bwx-gcc shared
%endif
+%ifarch %{x8664}
+./Configure --openssldir=%{_var}/lib/%{name} linux-x86_64 shared
+%endif
+%ifarch ia64
+./Configure --openssldir=%{_var}/lib/%{name} linux-ia64 shared
+%endif
+%ifarch ppc
+./Configure --openssldir=%{_var}/lib/%{name} linux-ppc shared
+%endif
%ifarch sparc
./Configure --openssldir=%{_var}/lib/%{name} threads linux-sparcv8 shared
%endif
+%ifarch sparcv9
+./Configure --openssldir=%{_var}/lib/%{name} threads linux-sparcv9 shared
+%endif
+%ifarch sparc64
+./Configure --openssldir=%{_var}/lib/%{name} threads linux64-sparcv9 shared
+%endif
%{__make} \
CC="%{__cc}" \
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sysconfdir}/%{name},%{_libdir}/%{name}} \
- $RPM_BUILD_ROOT{%{_mandir}/{pl/man1,man{1,3,5,7}},%{_datadir}/ssl}
+ $RPM_BUILD_ROOT{%{_mandir}/{pl/man1,man{1,3,5,7}},%{_datadir}/ssl} \
+ $RPM_BUILD_ROOT%{_pkgconfigdir}
%{__make} install \
+ CC="%{__cc}" \
INSTALLTOP=%{_prefix} \
INSTALL_PREFIX=$RPM_BUILD_ROOT \
MANDIR=%{_mandir}
+if [ "%{_prefix}/lib/pkgconfig" != "%{_pkgconfigdir}" ] ; then
+ mv $RPM_BUILD_ROOT%{_prefix}/lib/pkgconfig/* \
+ $RPM_BUILD_ROOT%{_pkgconfigdir}
+fi
+sed -i -e 's,^libdir=.*,libdir=%{_libdir},' $RPM_BUILD_ROOT%{_pkgconfigdir}/*.pc
+
install %{SOURCE1} $RPM_BUILD_ROOT%{_datadir}/ssl/ca-bundle.crt
install libcrypto.a libssl.a $RPM_BUILD_ROOT%{_libdir}
install lib*.so.*.* $RPM_BUILD_ROOT%{_libdir}
mv -f $RPM_BUILD_ROOT%{_var}/lib/%{name}/misc/* $RPM_BUILD_ROOT%{_libdir}/%{name}
rm -rf $RPM_BUILD_ROOT%{_var}/lib/%{name}/misc
-mv -f $RPM_BUILD_ROOT%{_bindir}/c_rehash $RPM_BUILD_ROOT%{_libdir}/%{name}
-
find $RPM_BUILD_ROOT%{_mandir} -type f | xargs rm -f
install doc/apps/*.1 $RPM_BUILD_ROOT%{_mandir}/man1
install doc/apps/*.5 $RPM_BUILD_ROOT%{_mandir}/man5
install doc/ssl/*.3 doc/crypto/*.3 $RPM_BUILD_ROOT%{_mandir}/man3
install doc/crypto/*.7 $RPM_BUILD_ROOT%{_mandir}/man7
install %{SOURCE2} $RPM_BUILD_ROOT%{_mandir}/pl/man1/openssl.1
+install %{SOURCE3} $RPM_BUILD_ROOT%{_bindir}/ssl-certificate
+install fips-1.0/openssl_fips_fingerprint $RPM_BUILD_ROOT%{_bindir}
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/lib*.so.*.*
%doc CHANGES CHANGES.SSLeay LICENSE NEWS README doc/*.txt
%doc doc/openssl_button.gif doc/openssl_button.html
+%attr(755,root,root) %{_libdir}/libcrypto.so.*.*.*
+%attr(755,root,root) %{_libdir}/libssl.so.*.*.*
+%dir %{_var}/lib/%{name}
+%dir %{_var}/lib/%{name}/certs
+%dir %{_var}/lib/%{name}/private
+%dir %{_datadir}/ssl
+%config(noreplace) %verify(not md5 mtime size) %{_datadir}/ssl/ca-bundle.crt
%files tools
%defattr(644,root,root,755)
%dir %{_sysconfdir}/%{name}
-%dir %{_var}/lib/%{name}
-%dir %{_var}/lib/%{name}/private
-%dir %{_var}/lib/%{name}/certs
-%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/%{name}/openssl.cnf
-%verify(not md5 size mtime) %config(noreplace) %{_var}/lib/%{name}/openssl.cnf
-%dir %{_datadir}/ssl
-%verify(not md5 size mtime) %config(noreplace) %{_datadir}/ssl/ca-bundle.crt
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/openssl.cnf
+%config(noreplace) %verify(not md5 mtime size) %{_var}/lib/%{name}/openssl.cnf
%attr(755,root,root) %{_bindir}/%{name}
+%attr(755,root,root) %{_bindir}/openssl_fips_fingerprint
+%attr(754,root,root) %{_bindir}/ssl-certificate
+
%dir %{_libdir}/%{name}
%attr(755,root,root) %{_libdir}/%{name}/CA.sh
%attr(755,root,root) %{_libdir}/%{name}/c_hash
%{_mandir}/man1/openssl_dsa.1*
%{_mandir}/man1/openssl_dsaparam.1*
%{_mandir}/man1/openssl_enc.1*
+%{_mandir}/man1/openssl_errstr.1*
%{_mandir}/man1/openssl_gendsa.1*
%{_mandir}/man1/openssl_genrsa.1*
%{_mandir}/man1/openssl_nseq.1*
%{_mandir}/man1/openssl_rsautl.1*
%{_mandir}/man1/openssl_s_client.1*
%{_mandir}/man1/openssl_s_server.1*
+%{_mandir}/man1/openssl_s_time.1*
%{_mandir}/man1/openssl_sess_id.1*
%{_mandir}/man1/openssl_smime.1*
%{_mandir}/man1/openssl_speed.1*
%files tools-perl
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/%{name}/CA.pl
-%attr(755,root,root) %{_libdir}/%{name}/der_chop
-%attr(755,root,root) %{_libdir}/%{name}/c_rehash
+%attr(755,root,root) %{_bindir}/c_rehash
%{_mandir}/man1/openssl_CA.pl.1*
%files devel
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/lib*.so
+%attr(755,root,root) %{_libdir}/libcrypto.so
+%attr(755,root,root) %{_libdir}/libssl.so
%{_includedir}/%{name}
-%{_libdir}/pkgconfig/openssl.pc
+%{_pkgconfigdir}/openssl.pc
%{_mandir}/man3/openssl*.3*
%{_mandir}/man7/*.7*