%bcond_without zlib # zlib: note - enables CVE-2012-4929 vulnerability
%bcond_with sslv2 # SSLv2: note - many flaws http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0
%bcond_with sslv3 # SSLv3: note - enables CVE-2014-3566 vulnerability
+%bcond_with snap # use GitHub snapshot to build branch release
-%include /usr/lib/rpm/macros.perl
Summary: OpenSSL Toolkit libraries for the "Secure Sockets Layer" (SSL v2/v3)
Summary(de.UTF-8): Secure Sockets Layer (SSL)-Kommunikationslibrary
Summary(es.UTF-8): Biblioteca C que suministra algoritmos y protocolos criptográficos
Name: openssl
# Version 1.1.1 is LTS, supported until 2023-09-11.
# https://www.openssl.org/about/releasestrat.html
-Version: 1.1.1d
+Version: 1.1.1h
Release: 1
License: Apache-like
Group: Libraries
+%if %{without snap}
Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5: 3be209000dbc7e1b95bcdf47980a3baa
+# Source0-md5: 53840c70434793127a3574433494e8d3
+%else
+Source1: https://github.com/openssl/openssl/archive/OpenSSL_1_1_1-stable/%{name}-%{version}-dev.tar.gz
+%endif
Source2: %{name}.1.pl
Source3: %{name}-ssl-certificate.sh
Source4: %{name}-c_rehash.sh
Patch1: %{name}-optflags.patch
-# https://github.com/openssl/openssl/commit/4245d63be73402df5917bbd099178ba56c136e13.patch
-Patch2: %{name}-zlib-fix.patch
-Patch3: %{name}-man-namespace.patch
+Patch3: %{name}-man-namespace.patch
Patch5: %{name}-ca-certificates.patch
Patch6: %{name}-no-win32.patch
Patch7: %{name}-find.patch
%prep
%if %{with snap}
%setup -qcT -a1
-%{__mv} %{name}-OpenSSL_1_1_0-stable/* .
+%{__mv} %{name}-OpenSSL_1_1_1-stable/* .
%else
%setup -q %{?subver:-n %{name}-%{version}-%{subver}}
%endif
-
%patch1 -p1
-%patch2 -p1
-%patch3 -p1
+%patch3 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%{_mandir}/man7/openssl-x509.7*
%{_mandir}/man7/ossl_store.7*
%{_mandir}/man7/ossl_store-file.7*
+%{_mandir}/man7/proxy-certificates.7*
%{_mandir}/man7/RSA-PSS.7.gz
%files static