X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=openssl.spec;h=3d09b5375c1bbec52729ff0c5dc4c49aef23da5e;hb=HEAD;hp=f732407461776fa37c0ab031097a7ed65ccf56ba;hpb=af30d53f6f296135a60e5056c9e6151d894ee664;p=packages%2Fopenssl.git

diff --git a/openssl.spec b/openssl.spec
index f732407..e1cc8b6 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -1,10 +1,9 @@
 #
 # Conditional build:
 %bcond_without	tests	# don't perform "make tests"
-%bcond_with	purify	# Compile openssl with \-DPURIFY, useful when one wants to
-			# use valgrind debugger against openssl-linked programs
+%bcond_without	zlib	# zlib: note - enables CVE-2012-4929 vulnerability
+%bcond_with	sslv3	# SSLv3: note - enables CVE-2014-3566 vulnerability
 
-%include	/usr/lib/rpm/macros.perl
 Summary:	OpenSSL Toolkit libraries for the "Secure Sockets Layer" (SSL v2/v3)
 Summary(de.UTF-8):	Secure Sockets Layer (SSL)-Kommunikationslibrary
 Summary(es.UTF-8):	Biblioteca C que suministra algoritmos y protocolos criptogrÃ¡ficos
@@ -14,36 +13,51 @@ Summary(pt_BR.UTF-8):	Uma biblioteca C que fornece vÃ¡rios algoritmos e protocol
 Summary(ru.UTF-8):	ÐÐ¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÐ¸ Ð¸ ÑÑÐ¸Ð»Ð¸ÑÑ Ð´Ð»Ñ ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ð¹ ÑÐµÑÐµÐ· Secure Sockets Layer
 Summary(uk.UTF-8):	ÐÑÐ±Ð»ÑÐ¾ÑÐµÐºÐ¸ ÑÐ° ÑÑÐ¸Ð»ÑÑÐ¸ Ð´Ð»Ñ Ð·'ÑÐ´Ð½Ð°Ð½Ñ ÑÐµÑÐµÐ· Secure Sockets Layer
 Name:		openssl
-Version:	1.0.0
-Release:	0.1
-License:	Apache-like
+Version:	3.3.0
+Release:	1
+License:	Apache v2.0
 Group:		Libraries
-Source0:	ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5:	89eaa86e25b2845f920ec00ae4c864ed
+Source0:	https://github.com/openssl/openssl/releases/download/openssl-%{version}/%{name}-%{version}.tar.gz
+# Source0-md5:	c8b063afbea85d867e161ecb8816cfa9
 Source2:	%{name}.1.pl
 Source3:	%{name}-ssl-certificate.sh
 Source4:	%{name}-c_rehash.sh
-Patch0:		%{name}-alpha-ccc.patch
-Patch1:		%{name}-optflags.patch
-Patch2:		%{name}-globalCA.diff
-Patch3:		%{name}-include.patch
-Patch4:		%{name}-man-namespace.patch
-Patch5:		%{name}-asflag.patch
-Patch6:		%{name}-ca-certificates.patch
-Patch7:		%{name}-fips_install.patch
-Patch8:		%{name}-ldflags.patch
+Patch0:		%{name}-optflags.patch
+Patch1:		%{name}-ca-certificates.patch
+Patch2:		%{name}-find.patch
+Patch3:		pic.patch
+Patch4:		engines-dir.patch
 URL:		http://www.openssl.org/
-BuildRequires:	bc
-BuildRequires:	perl-devel >= 1:5.6.1
+%ifarch %{arm} ppc mips sparc sparcv9
+BuildRequires:	libatomic-devel
+%endif
+BuildRequires:	libbrotli-devel
+BuildRequires:	libsctp-devel
+BuildRequires:	linux-libc-headers >= 7:4.13
+BuildRequires:	perl-devel >= 1:5.10.0
+BuildRequires:	pkgconfig
 BuildRequires:	rpm-perlprov >= 4.1-13
-BuildRequires:	rpmbuild(macros) >= 1.213
+BuildRequires:	rpmbuild(macros) >= 1.745
 BuildRequires:	sed >= 4.0
-Requires:	ca-certificates >= 20080809-4
+BuildRequires:	zlib-devel
+BuildRequires:	zstd-devel
+Requires:	ca-certificates >= 20141019-3
 Requires:	rpm-whiteout >= 1.7
-Obsoletes:	SSLeay
-Obsoletes:	SSLeay-devel
-Obsoletes:	SSLeay-perl
-Obsoletes:	libopenssl0
+Obsoletes:	SSLeay < 0.9.3
+Obsoletes:	SSLeay-devel < 0.9.3
+Obsoletes:	SSLeay-perl < 0.9.3
+Obsoletes:	libopenssl0 < 1
+Obsoletes:	openssl-engines < 3.0.0-2
+%if "%{pld_release}" == "ac"
+Conflicts:	neon < 0.26.3-3
+Conflicts:	ntpd < 4.2.4p8-10
+Conflicts:	openssh-clients < 2:5.8p1-9
+Conflicts:	openssh-server < 2:5.8p1-9
+%else
+Conflicts:	neon < 0.29.6-8
+Conflicts:	openssh-clients < 2:6.2p2-3
+Conflicts:	openssh-server < 2:6.2p2-3
+%endif
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %description
@@ -101,7 +115,7 @@ RC4, RSA Ð¸ SSL.
 Summary:	OpenSSL command line tool and utilities
 Summary(pl.UTF-8):	Zestaw narzÄdzi i skryptÃ³w
 Group:		Applications/Communications
-Requires:	%{name} = %{version}-%{release}
+Requires:	%{name}%{?_isa} = %{version}-%{release}
 Requires:	which
 
 %description tools
@@ -132,8 +146,8 @@ Summary(pt_BR.UTF-8):	Bibliotecas e arquivos de inclusÃ£o para desenvolvimento O
 Summary(ru.UTF-8):	ÐÐ¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÐ¸, ÑÐµÐ´ÐµÑÑ Ð¸ ÑÑÐ¸Ð»Ð¸ÑÑ Ð´Ð»Ñ Secure Sockets Layer
 Summary(uk.UTF-8):	ÐÑÐ±Ð»ÑÐ¾ÑÐµÐºÐ¸, ÑÐµÐ´ÐµÑÐ¸ ÑÐ° ÑÑÐ¸Ð»ÑÑÐ¸ Ð´Ð»Ñ Secure Sockets Layer
 Group:		Development/Libraries
-Requires:	%{name} = %{version}-%{release}
-Obsoletes:	libopenssl0-devel
+Requires:	%{name}%{?_isa} = %{version}-%{release}
+Obsoletes:	libopenssl0-devel < 1
 
 %description devel
 Development part of OpenSSL library.
@@ -193,42 +207,44 @@ RC4, RSA Ð¸ SSL. ÐÐºÐ»ÑÑÐ°ÐµÑ ÑÑÐ°ÑÐ¸ÑÐµÑÐºÐ¸Ðµ Ð±Ð¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÐ¸ Ð´
 
 %prep
 %setup -q
-#%patch0 -p1
-#%patch1 -p1
+%patch0 -p1
+%patch1 -p1
 %patch2 -p1
 %patch3 -p1
-#%patch4 -p1
-#%patch5 -p1
-%patch6 -p1
-#%patch7 -p1
-#%patch8 -p1
-
-%{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' \
-	`grep -l -r "%{_prefix}/local/bin/perl" *`
+%patch4 -p1
 
-sed -i -e 's|$prefix/lib/engines|/%{_lib}/engines|g' Configure
+# fails with enable-sctp as of 1.1.1
+%{__rm} test/recipes/80-test_ssl_new.t
 
 %build
 touch Makefile.*
 
-%{__perl} util/perlpath.pl %{__perl}
-
-OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \
-./Configure \
-%if "%{pld_release}" == "ti"
-	--openssldir=%{_var}/lib/%{name} \
-%else
+PERL="%{__perl}" \
+%{__perl} ./Configure \
+	--prefix=%{_prefix} \
 	--openssldir=%{_sysconfdir}/%{name} \
-%endif
 	--libdir=%{_lib} \
-	shared threads \
-	enable-tlsext \
-	enable-seed \
-	enable-rfc3779 \
+	-Wa,--noexecstack \
+	shared \
+	threads \
+	%{?with_sslv3:enable-ssl3}%{!?with_sslv3:no-ssl3} \
+	%{!?with_zlib:no-}zlib \
+	enable-brotli \
 	enable-cms \
 	enable-idea \
+	enable-md2 \
 	enable-mdc2 \
 	enable-rc5 \
+	enable-rfc3779 \
+	enable-sctp \
+	enable-seed \
+	enable-camellia \
+	enable-ktls \
+	enable-fips \
+	enable-zstd \
+%ifarch %{x8664}
+	enable-ec_nistp_64_gcc_128 \
+%endif
 %ifarch %{ix86}
 %ifarch i386
 	386 linux-elf
@@ -238,11 +254,14 @@ OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \
 %endif
 %endif
 %ifarch alpha
-	linux-alpha+bwx-gcc
+	linux-alpha-gcc
 %endif
 %ifarch %{x8664}
 	linux-x86_64
 %endif
+%ifarch x32
+	linux-x32
+%endif
 %ifarch ia64
 	linux-ia64
 %endif
@@ -261,60 +280,49 @@ OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \
 %ifarch sparc64
 	linux64-sparcv9
 %endif
+%ifarch %{arm}
+	linux-armv4
+%endif
+%ifarch aarch64
+	linux-aarch64
+%endif
 
-%{__make} -j1 all rehash %{?with_tests:tests} \
+v=$(awk -F= '/^VERSION=/{print $2}' Makefile)
+test "$v" = %{version}
+
+%{__make} all \
 	CC="%{__cc}" \
-	ASFLAG='$(CFLAG) -Wa,--noexecstack' \
+	OPTFLAGS="%{rpmcflags} %{rpmcppflags}" \
 	INSTALLTOP=%{_prefix}
 
-# Rename POD sources of man pages. "openssl_" prefix is added to each
-# manpage to avoid potential conflicts with other packages.
-
-for dir in doc/{apps,ssl,crypto}; do
-	cd $dir || exit 1;
-	%{__perl} -pi -e 's/(\W)((?<!openssl_)\w+)(\(\d\))/$1openssl_$2$3/g; s/openssl_openssl/openssl/g;' *.pod;
-
-	for pod in !(openssl*).pod; do
-		mv -f $pod openssl_$pod;
-	done
-	cd ../..
-done
+%if %{with tests}
+%{__make} -j1 tests \
+	CC="%{__cc}" \
+	OPTFLAGS="%{rpmcflags} %{rpmcppflags}" \
+	INSTALLTOP=%{_prefix}
+%endif
 
 %install
 rm -rf $RPM_BUILD_ROOT
 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/%{name},%{_libdir}/%{name}} \
 	$RPM_BUILD_ROOT{%{_mandir}/{pl/man1,man{1,3,5,7}},%{_datadir}/ssl} \
-	$RPM_BUILD_ROOT/%{_lib}/engines \
 	$RPM_BUILD_ROOT%{_pkgconfigdir}
 
 %{__make} install \
-	INSTALLTOP=%{_prefix} \
-	INSTALL_PREFIX=$RPM_BUILD_ROOT \
-	MANDIR=%{_mandir}
-
-mv -f $RPM_BUILD_ROOT/%{_libdir}/engines/* $RPM_BUILD_ROOT/%{_lib}/engines
-mv -f $RPM_BUILD_ROOT/%{_libdir}/lib*.so.*.* $RPM_BUILD_ROOT/%{_lib}
-ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libcrypto.*.*) $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
-ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libssl.*.*) $RPM_BUILD_ROOT%{_libdir}/libssl.so
-
-%if "%{pld_release}" == "ti"
-ln -sf %{_var}/lib/%{name}/%{name}.cnf \
-	$RPM_BUILD_ROOT%{_sysconfdir}/%{name}/openssl.cnf
-ln -sf %{_var}/lib/%{name}/certs \
-	$RPM_BUILD_ROOT%{_sysconfdir}/%{name}/certs
-ln -sf %{_var}/lib/%{name}/private \
-	$RPM_BUILD_ROOT%{_sysconfdir}/%{name}/private
-mv -f $RPM_BUILD_ROOT%{_var}/lib/%{name}/misc/* $RPM_BUILD_ROOT%{_libdir}/%{name}
-rm -rf $RPM_BUILD_ROOT%{_var}/lib/%{name}/misc
-%else
-mv -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/misc/* $RPM_BUILD_ROOT%{_libdir}/%{name}
-rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/misc
-%endif
+	CC="%{__cc}" \
+	DESTDIR=$RPM_BUILD_ROOT
+
+%{__mv} $RPM_BUILD_ROOT%{_libdir}/lib*.so.* $RPM_BUILD_ROOT/%{_lib}
+ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libcrypto.*) $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
+ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libssl.*) $RPM_BUILD_ROOT%{_libdir}/libssl.so
 
-# not installed as individual utilities (see openssl dgst instead)
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/{md2,md4,md5,mdc2,ripemd160,sha,sha1}.1
+%{__mv} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/misc/* $RPM_BUILD_ROOT%{_libdir}/%{name}
+%{__rm} -r $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/misc
 
-cp -a %{SOURCE2} $RPM_BUILD_ROOT%{_mandir}/pl/man1/openssl.1
+# html version of man pages - not packaged
+%{__rm} -r $RPM_BUILD_ROOT%{_docdir}/%{name}/html/man[1357]
+
+cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_mandir}/pl/man1/openssl.1
 install -p %{SOURCE3} $RPM_BUILD_ROOT%{_bindir}/ssl-certificate
 install -p %{SOURCE4} $RPM_BUILD_ROOT%{_bindir}/c_rehash.sh
 
@@ -324,15 +332,15 @@ rm -rf $RPM_BUILD_ROOT
 %post   -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
 
-%if "%{pld_release}" == "ti"
-%triggerin -- %{name}-tools < 0.9.8i-2
-if [ -L /var/lib/openssl/openssl.cnf ] ; then
-	echo "Saving old configuration as /var/lib/openssl/openssl.cnf.rpmsave"
-	rm /var/lib/openssl/openssl.cnf
-	mv %{_sysconfdir}/%{name}/openssl.cnf /var/lib/openssl/openssl.cnf.rpmsave 2>/dev/null || :
-fi
-%else
+%triggerpostun -- %{name}-tools < 1.0.0-5
+# the hashing format has changed in 1.0.0
+[ ! -x %{_sbindir}/update-ca-certificates ] || %{_sbindir}/update-ca-certificates --fresh || :
+
 %triggerpostun -- %{name} < 0.9.8i-2
+# don't do anything on --downgrade
+if [ $1 -le 1 ]; then
+	exit 0
+fi
 if [ -d /var/lib/openssl/certs ] ; then
 	mv /var/lib/openssl/certs/* %{_sysconfdir}/%{name}/certs 2>/dev/null || :
 fi
@@ -343,107 +351,114 @@ if [ -d /var/lib/openssl ] ; then
 	for f in /var/lib/openssl/* ; do
 		[ -f "$f" ] && mv "$f" %{_sysconfdir}/%{name} 2>/dev/null || :
 	done
+	rmdir /var/lib/openssl/* 2>/dev/null || :
+	rmdir /var/lib/openssl 2>/dev/null || :
 fi
-%endif
 
 %files
 %defattr(644,root,root,755)
-%doc CHANGES CHANGES.SSLeay LICENSE NEWS README doc/*.txt
-%doc doc/openssl_button.gif doc/openssl_button.html
-%attr(755,root,root) /%{_lib}/libcrypto.so.*.*.*
-%attr(755,root,root) /%{_lib}/libssl.so.*.*.*
-%dir /%{_lib}/engines
-%attr(755,root,root) /%{_lib}/engines/*.so
-%if "%{pld_release}" == "ti"
-%dir %{_var}/lib/%{name}
-%dir %{_var}/lib/%{name}/certs
-%dir %{_var}/lib/%{name}/private
-%dir %{_sysconfdir}/%{name}
-%attr(755,root,root) %{_sysconfdir}/%{name}/certs
-%attr(755,root,root) %{_sysconfdir}/%{name}/private
-%else
+%doc CHANGES.md NEWS.md README.md doc/*.txt
+%attr(755,root,root) /%{_lib}/libcrypto.so.*
+%attr(755,root,root) /%{_lib}/libssl.so.*
+%dir /%{_lib}/engines-3
+%attr(755,root,root) /%{_lib}/engines-3/*.so
+%dir /%{_lib}/ossl-modules
+%attr(755,root,root) /%{_lib}/ossl-modules/fips.so
+%attr(755,root,root) /%{_lib}/ossl-modules/legacy.so
 %dir %{_sysconfdir}/%{name}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/ct_log_list.cnf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fipsmodule.cnf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/openssl.cnf
 %dir %{_sysconfdir}/%{name}/certs
-%dir %{_sysconfdir}/%{name}/private
-%endif
+%dir %attr(700,root,root) %{_sysconfdir}/%{name}/private
 %dir %{_datadir}/ssl
+%{_mandir}/man5/config.5ossl*
 
 %files tools
 %defattr(644,root,root,755)
-%if "%{pld_release}" == "ti"
-%{_sysconfdir}/%{name}/openssl.cnf
-%config(noreplace) %verify(not md5 mtime size) %{_var}/lib/%{name}/openssl.cnf
-%else
-%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/openssl.cnf
-%endif
-%attr(755,root,root) %{_bindir}/%{name}
 %attr(755,root,root) %{_bindir}/c_rehash.sh
+%attr(755,root,root) %{_bindir}/openssl
 %attr(754,root,root) %{_bindir}/ssl-certificate
-
-%dir %{_libdir}/%{name}
-%attr(755,root,root) %{_libdir}/%{name}/CA.sh
-%attr(755,root,root) %{_libdir}/%{name}/c_hash
-%attr(755,root,root) %{_libdir}/%{name}/c_info
-%attr(755,root,root) %{_libdir}/%{name}/c_issuer
-%attr(755,root,root) %{_libdir}/%{name}/c_name
-
+%{_mandir}/man1/asn1parse.1ossl*
+%{_mandir}/man1/ca.1ossl*
+%{_mandir}/man1/ciphers.1ossl*
+%{_mandir}/man1/cmp.1ossl*
+%{_mandir}/man1/cms.1ossl*
+%{_mandir}/man1/crl.1ossl*
+%{_mandir}/man1/crl2pkcs7.1ossl*
+%{_mandir}/man1/dgst.1ossl*
+%{_mandir}/man1/dhparam.1ossl*
+%{_mandir}/man1/dsa.1ossl*
+%{_mandir}/man1/dsaparam.1ossl*
+%{_mandir}/man1/ec.1ossl*
+%{_mandir}/man1/ecparam.1ossl*
+%{_mandir}/man1/enc.1ossl*
+%{_mandir}/man1/engine.1ossl*
+%{_mandir}/man1/errstr.1ossl*
+%{_mandir}/man1/gendsa.1ossl*
+%{_mandir}/man1/genpkey.1ossl*
+%{_mandir}/man1/genrsa.1ossl*
+%{_mandir}/man1/info.1ossl*
+%{_mandir}/man1/kdf.1ossl*
+%{_mandir}/man1/mac.1ossl*
+%{_mandir}/man1/nseq.1ossl*
+%{_mandir}/man1/ocsp.1ossl*
 %{_mandir}/man1/openssl.1*
-%{_mandir}/man1/openssl_asn1parse.1*
-%{_mandir}/man1/openssl_ca.1*
-%{_mandir}/man1/openssl_ciphers.1*
-%{_mandir}/man1/openssl_crl.1*
-%{_mandir}/man1/openssl_crl2pkcs7.1*
-%{_mandir}/man1/openssl_dgst.1*
-%{_mandir}/man1/openssl_dhparam.1*
-%{_mandir}/man1/openssl_dsa.1*
-%{_mandir}/man1/openssl_dsaparam.1*
-%{_mandir}/man1/openssl_ec.1*
-%{_mandir}/man1/openssl_ecparam.1*
-%{_mandir}/man1/openssl_enc.1*
-%{_mandir}/man1/openssl_errstr.1*
-%{_mandir}/man1/openssl_gendsa.1*
-%{_mandir}/man1/openssl_genrsa.1*
-%{_mandir}/man1/openssl_nseq.1*
-%{_mandir}/man1/openssl_ocsp.1*
-%{_mandir}/man1/openssl_passwd.1*
-%{_mandir}/man1/openssl_pkcs12.1*
-%{_mandir}/man1/openssl_pkcs7.1*
-%{_mandir}/man1/openssl_pkcs8.1*
-%{_mandir}/man1/openssl_rand.1*
-%{_mandir}/man1/openssl_req.1*
-%{_mandir}/man1/openssl_rsa.1*
-%{_mandir}/man1/openssl_rsautl.1*
-%{_mandir}/man1/openssl_s_client.1*
-%{_mandir}/man1/openssl_s_server.1*
-%{_mandir}/man1/openssl_s_time.1*
-%{_mandir}/man1/openssl_sess_id.1*
-%{_mandir}/man1/openssl_smime.1*
-%{_mandir}/man1/openssl_speed.1*
-%{_mandir}/man1/openssl_spkac.1*
-%{_mandir}/man1/openssl_verify.1*
-%{_mandir}/man1/openssl_version.1*
-%{_mandir}/man1/openssl_x509.1*
-%{_mandir}/man5/openssl_config.5*
-%{_mandir}/man5/openssl_x509v3_config.5*
+%{_mandir}/man1/openssl-*.1*
+%{_mandir}/man1/passwd.1ossl*
+%{_mandir}/man1/pkcs12.1ossl*
+%{_mandir}/man1/pkcs7.1ossl*
+%{_mandir}/man1/pkcs8.1ossl*
+%{_mandir}/man1/pkey.1ossl*
+%{_mandir}/man1/pkeyparam.1ossl*
+%{_mandir}/man1/pkeyutl.1ossl*
+%{_mandir}/man1/prime.1ossl*
+%{_mandir}/man1/rand.1ossl*
+%{_mandir}/man1/rehash.1ossl*
+%{_mandir}/man1/req.1ossl*
+%{_mandir}/man1/rsa.1ossl*
+%{_mandir}/man1/rsautl.1ossl*
+%{_mandir}/man1/s_client.1ossl*
+%{_mandir}/man1/sess_id.1ossl*
+%{_mandir}/man1/smime.1ossl*
+%{_mandir}/man1/speed.1ossl*
+%{_mandir}/man1/spkac.1ossl*
+%{_mandir}/man1/srp.1ossl*
+%{_mandir}/man1/s_server.1ossl*
+%{_mandir}/man1/s_time.1ossl*
+%{_mandir}/man1/storeutl.1ossl*
+%{_mandir}/man1/ts.1ossl*
+%{_mandir}/man1/verify.1ossl*
+%{_mandir}/man1/version.1ossl*
+%{_mandir}/man1/x509.1ossl*
+%{_mandir}/man5/fips_config.5ossl*
+%{_mandir}/man5/x509v3_config.5ossl*
 %lang(pl) %{_mandir}/pl/man1/openssl.1*
 
 %files tools-perl
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_bindir}/c_rehash
+%dir %{_libdir}/%{name}
 %attr(755,root,root) %{_libdir}/%{name}/CA.pl
-%{_mandir}/man1/openssl_CA.pl.1*
+%attr(755,root,root) %{_libdir}/%{name}/tsget
+%attr(755,root,root) %{_libdir}/%{name}/tsget.pl
+%{_mandir}/man1/CA.pl.1ossl*
+%{_mandir}/man1/c_rehash.1ossl*
+%{_mandir}/man1/tsget.1ossl*
 
 %files devel
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_libdir}/libcrypto.so
 %attr(755,root,root) %{_libdir}/libssl.so
 %{_includedir}/%{name}
+%{_libdir}/cmake/OpenSSL
 %{_pkgconfigdir}/libcrypto.pc
 %{_pkgconfigdir}/libssl.pc
 %{_pkgconfigdir}/openssl.pc
-%{_mandir}/man3/openssl*.3*
-%{_mandir}/man7/openssl_des_modes.7*
+%{_mandir}/man3/*.3ossl*
+%{_mandir}/man7/*.7ossl*
 
 %files static
 %defattr(644,root,root,755)
-%{_libdir}/lib*.a
+%{_libdir}/libcrypto.a
+%{_libdir}/libssl.a