%bcond_without tests # don't perform "make tests"
%bcond_without zlib # zlib: note - enables CVE-2012-4929 vulnerability
%bcond_with sslv2 # SSLv2: note - many flaws http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0
-%bcond_with sslv3 # SSLv3: note - enables CVE-2014-3566 vulnerability
+%bcond_with sslv3 # SSLv3: note - enables CVE-2014-3566 vulnerability
+%bcond_with snap # use GitHub snapshot to build branch release
-%include /usr/lib/rpm/macros.perl
Summary: OpenSSL Toolkit libraries for the "Secure Sockets Layer" (SSL v2/v3)
Summary(de.UTF-8): Secure Sockets Layer (SSL)-Kommunikationslibrary
Summary(es.UTF-8): Biblioteca C que suministra algoritmos y protocolos criptográficos
Name: openssl
# Version 1.1.1 is LTS, supported until 2023-09-11.
# https://www.openssl.org/about/releasestrat.html
-Version: 1.1.1
+Version: 1.1.1t
Release: 1
License: Apache-like
Group: Libraries
+%if %{without snap}
Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5: 7079eb017429e0ffb9efb42bf80ccb21
+# Source0-md5: 1cfee919e0eac6be62c88c5ae8bcd91e
+%else
+Source1: https://github.com/openssl/openssl/archive/OpenSSL_1_1_1-stable/%{name}-%{version}-dev.tar.gz
+%endif
Source2: %{name}.1.pl
Source3: %{name}-ssl-certificate.sh
Source4: %{name}-c_rehash.sh
Patch1: %{name}-optflags.patch
Patch3: %{name}-man-namespace.patch
-
Patch5: %{name}-ca-certificates.patch
-
+Patch6: %{name}-no-win32.patch
Patch7: %{name}-find.patch
Patch8: pic.patch
Patch11: engines-dir.patch
URL: http://www.openssl.org/
+BuildRequires: libsctp-devel
BuildRequires: perl-devel >= 1:5.10.0
BuildRequires: pkgconfig
BuildRequires: rpm-perlprov >= 4.1-13
BuildRequires: zlib-devel
Requires: ca-certificates >= 20141019-3
Requires: rpm-whiteout >= 1.7
-Obsoletes: SSLeay
-Obsoletes: SSLeay-devel
-Obsoletes: SSLeay-perl
-Obsoletes: libopenssl0
+Obsoletes: SSLeay < 0.9.3
+Obsoletes: SSLeay-devel < 0.9.3
+Obsoletes: SSLeay-perl < 0.9.3
+Obsoletes: libopenssl0 < 1
%if "%{pld_release}" == "ac"
Conflicts: neon < 0.26.3-3
Conflicts: ntpd < 4.2.4p8-10
Summary(uk.UTF-8): Бібліотеки, хедери та утиліти для Secure Sockets Layer
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
-Obsoletes: libopenssl0-devel
+Obsoletes: libopenssl0-devel < 1
%description devel
Development part of OpenSSL library.
%prep
%if %{with snap}
%setup -qcT -a1
-%{__mv} %{name}-OpenSSL_1_1_0-stable/* .
+%{__mv} %{name}-OpenSSL_1_1_1-stable/* .
%else
%setup -q %{?subver:-n %{name}-%{version}-%{subver}}
%endif
-
%patch1 -p1
%patch3 -p1
-
%patch5 -p1
-
+%patch6 -p1
%patch7 -p1
%patch8 -p1
v=$(awk -F= '/^VERSION/{print $2}' Makefile)
test "$v" = %{version}%{?subver:-%{subver}}%{?with_snap:-dev}
+# fails with enable-sctp as of 1.1.1
+%{__rm} test/recipes/80-test_ssl_new.t
+
%{__make} -j1 all %{?with_tests:tests} \
CC="%{__cc}" \
OPTFLAGS="%{rpmcflags} %{rpmcppflags}" \
INSTALLTOP=%{_prefix}
# Rename POD sources of man pages. "openssl-" prefix is added to each
-# manpage to avoid potential conflicts with other packages.
+# manpage to avoid potential conflicts with other packages.
# openssl-man-namespace.patch mostly marks these pages with "openssl-" prefix.
for podfile in $(grep -rl '^openssl-' doc/man*); do
%doc CHANGES LICENSE NEWS README doc/*.txt
%attr(755,root,root) /%{_lib}/libcrypto.so.*.*
%attr(755,root,root) /%{_lib}/libssl.so.*.*
+%dir /%{_lib}/engines-1.1
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/certs
%dir %attr(700,root,root) %{_sysconfdir}/%{name}/private
%files engines
%defattr(644,root,root,755)
-%dir /%{_lib}/engines-1.1
%attr(755,root,root) /%{_lib}/engines-1.1/*.so
%files tools
%{_mandir}/man7/openssl-x509.7*
%{_mandir}/man7/ossl_store.7*
%{_mandir}/man7/ossl_store-file.7*
+%{_mandir}/man7/proxy-certificates.7*
%{_mandir}/man7/RSA-PSS.7.gz
%files static
projects / packages / openssl.git / blobdiff