-# TODO
-# - other language's descriptions look weird, backslashes and quotes
-%define SSLVER 2.8.22
-%define APACHEVER 1.3.33
+%define SSLVER 2.8.31
+%define APACHEVER 1.3.41
%define apxs /usr/sbin/apxs1
%define mod_name ssl
Summary: An SSL module for the Apache Web server
-Summary(cs): Modul s podporou silného ¹ifrování pro WWW server Apache
-Summary(da): Krypteringsunderstøttelse for webtjeneren Apache
-Summary(de): SSL-Modul für den Apache-Webserver
-Summary(es): Soporte criptofráfico para el servidor de WWW Apache
-Summary(fr): Un module SSL pour le serveur Web Apache
-Summary(id): Interpreter Perl untuk web server Apache
-Summary(is): Perl túlkur fyrir Apache vefþjóninn
-Summary(it): Supporto di crittografia per il server Web Apache
-Summary(ja): Apache Web ¥µ¡¼¥Ð¡¼ÍѤΰŹ極¥Ý¡¼¥È
-Summary(nb): Krypteringsstøtte for webtjeneren Apache
-Summary(pl): Modu³ SSL dla serwera WWW Apache
-Summary(pt): O suporte de cifra para o servidor Web Apache
-Summary(ru): íÏÄÕÌØ ÐÏÄÄÅÒÖËÉ SSL × Apache
-Summary(sl): Podpora za ¹ifriranje za spletni stre¾nik Apache
-Summary(sv): Kryptografistöd till webbservern Apache
-Summary(uk): íÏÄÕÌØ Ð¦ÄÔÒÉÍËÉ SSL × Apache
+Summary(cs.UTF-8): Modul s podporou silného šifrování pro WWW server Apache
+Summary(da.UTF-8): Krypteringsunderstøttelse for webtjeneren Apache
+Summary(de.UTF-8): SSL-Modul für den Apache-Webserver
+Summary(es.UTF-8): Soporte criptofráfico para el servidor de WWW Apache
+Summary(fr.UTF-8): Un module SSL pour le serveur Web Apache
+Summary(id.UTF-8): Interpreter Perl untuk web server Apache
+Summary(is.UTF-8): Perl túlkur fyrir Apache vefþjóninn
+Summary(it.UTF-8): Supporto di crittografia per il server Web Apache
+Summary(ja.UTF-8): Apache Web サーバー用の暗号サポート
+Summary(nb.UTF-8): Krypteringsstøtte for webtjeneren Apache
+Summary(pl.UTF-8): Moduł SSL dla serwera WWW Apache
+Summary(pt.UTF-8): O suporte de cifra para o servidor Web Apache
+Summary(ru.UTF-8): Модуль поддержки SSL в Apache
+Summary(sl.UTF-8): Podpora za šifriranje za spletni strežnik Apache
+Summary(sv.UTF-8): Kryptografistöd till webbservern Apache
+Summary(uk.UTF-8): Модуль підтримки SSL в Apache
Name: apache1-mod_%{mod_name}
Version: %{SSLVER}_%{APACHEVER}
-Release: 1.10
+Release: 8
License: BSD
Group: Networking/Daemons
Source0: http://www.modssl.org/source/mod_%{mod_name}-%{SSLVER}-%{APACHEVER}.tar.gz
-# Source0-md5: cdfdf1f576f77768c90825b43b462405
+# Source0-md5: 4d55fc5c7cbf38820b44edf767f571c4
Source1: %{name}.conf
Source2: %{name}-server.crt
Source3: %{name}-server.key
Source4: %{name}-sxnet.html
-Source5: %{name}.logrotate
Patch1: mod_%{mod_name}-cca-openssl-path.patch
Patch2: mod_%{mod_name}-db3.patch
Patch3: %{name}-nohttpd.patch
+Patch4: openssl.patch
URL: http://www.modssl.org/
-BuildRequires: %{apxs}
-BuildRequires: apache1-devel = %{APACHEVER}
-BuildRequires: apache1-devel >= 1.3.33-2
+BuildRequires: apache1-devel >= %{APACHEVER}
BuildRequires: db-devel >= 4.1
BuildRequires: openssl-devel >= 0.9.7d
BuildRequires: openssl-tools >= 0.9.7d
+BuildRequires: rpmbuild(macros) >= 1.268
BuildRequires: sed >= 4.0
-Requires(post,preun): apache1
-Requires(post,preun): grep
-Requires(preun): fileutils
-Requires: apache1 >= %{APACHEVER}
-Conflicts: apache1 < 1.3.33-2
+Requires(triggerpostun): grep
+Requires(triggerpostun): sed >= 4.0
+Requires: apache1-base >= %{APACHEVER}
+# see the config
+Requires: apache1-mod_log_config
+Requires: apache1-mod_setenvif
+Provides: apache(mod_ssl) = %{version}-%{release}
+Obsoletes: apache-mod_ssl < 2
Obsoletes: mod_ssl
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-%define _pkglibdir %(%{apxs} -q LIBEXECDIR)
-%define _sysconfdir %(%{apxs} -q SYSCONFDIR)
+%define _pkglibdir %(%{apxs} -q LIBEXECDIR 2>/dev/null)
+%define _sysconfdir %(%{apxs} -q SYSCONFDIR 2>/dev/null)
+%define _pkglogdir /var/log/apache
%description
The mod_ssl project provides strong cryptography for the Apache 1.3
licensed under a BSD-style licence, which basically means that you are
free to get and use it for commercial and non-commercial purposes.
-%description -l cs
-"Modul mod_ssl pro WWW server Apache umo¾òuje pou¾ití silného
-¹ifrování\n" "komunikace klienta (WWW prohlí¾eè) a serveru - SSL
-(Secure Sockets Layer)\n" "a TLS (Transport Layer Security)
-protokoly."
+%description -l cs.UTF-8
+Modul mod_ssl pro WWW server Apache umožňuje použití silného šifrování
+komunikace klienta (WWW prohlížeč) a serveru - SSL (Secure Sockets
+Layer) a TLS (Transport Layer Security) protokoly.
-%description -l de
-Das mod_ssl-Projekt stellt kryptographie für den Apache 1.3-Webserver
-über Secure Sockets Layer (SSL v2/v3) und Transport Layer Security
-(TLS v1)-Protokolle zur Verfügung. Dazu wird das Open Source
+%description -l de.UTF-8
+Das mod_ssl-Projekt stellt kryptographie für den Apache 1.3-Webserver
+über Secure Sockets Layer (SSL v2/v3) und Transport Layer Security
+(TLS v1)-Protokolle zur Verfügung. Dazu wird das Open Source
SSL/TLS-Toolkit OpenSSL, das auf SSLeay basiert, verwendet.
-%description -l es
-El módulo mod_ssl proporciona la criptografía para el servidor Web
-Apache, los sockets seguros, los protocolos de la seguridad (SSL) y
-de la capa tranparente (TLS).
+%description -l es.UTF-8
+El módulo mod_ssl proporciona la criptografía para el servidor Web
+Apache, los sockets seguros, los protocolos de la seguridad (SSL) y de
+la capa tranparente (TLS).
-%description -l fr
+%description -l fr.UTF-8
Le projet mod_ssl fournit de la forte cryptographie pour le serveur
web Apache 1.3 via les protocoles Secure Sockets Layer (SSL v2/v3) et
Transport Layer Security (TLS v1) avec l'aide du kit d'outils Open
Source SSL/TLS, OpenSSL, base sur SSLeay d'Eric A. Young et Tim J.
Hudson.
-%description -l it
-"Il modulo mod_ssl fornisce un supporto di crittografia molto potente
-per\n" "il server Web Apache tramite i protocolli SSL (Secure Sockets
-Layer) e i\n" "protocolli TLS (Transport Layer Security)."
+%description -l it.UTF-8
+Il modulo mod_ssl fornisce un supporto di crittografia molto potente
+per il server Web Apache tramite i protocolli SSL (Secure Sockets
+Layer) e i protocolli TLS (Transport Layer Security).
-%description -l ja
-"mod_ssl ¥â¥¸¥å¡¼¥ë¤Ï¡¢SSL (Secure Sockets Layer) ¤ª¤è¤Ó TLS
-(Transport \n" "Layer Security) ¥×¥í¥È¥³¥ë¤ò²ð¤·¤Æ Apache Web
-¥µ¡¼¥Ð¡¼ÍѤζ¯ÎϤʰŹ沽\n" "µ¡Ç½¤òÄ󶡤·¤Þ¤¹¡£"
+%description -l ja.UTF-8
+mod_ssl モジュールは、SSL (Secure Sockets Layer) および TLS (Transport
+Layer Security) プロトコルを介して Apache Web サーバー用の強力な暗号化
+機能を提供します。
-%description -l pl
-Projekt mod_ssl ma za zadanie zapewniæ serwerowi WWW Apache 1.3 wysoki
-poziom szyfrowania dziêki protoko³om Secure Sockets Layer (SSL v2/v3)
-i Transport Layer Security (TLS v1) przy pomocy pakiety narzêdziowego
+%description -l pl.UTF-8
+Projekt mod_ssl ma za zadanie zapewnić serwerowi WWW Apache 1.3 wysoki
+poziom szyfrowania dzięki protokołom Secure Sockets Layer (SSL v2/v3)
+i Transport Layer Security (TLS v1) przy pomocy pakiety narzędziowego
Open Source SSL/TSL -- OpenSSL, stworzonego na podstawie SSLeay Erica
A.Younga i Tima J.Hudsona.
-%description -l pt
-"O módulo mod_ssl oferece uma criptografia robusta para o servidor
-Web\n" "Apache através dos protocolos SSL (Secure Sockets Layer) e TLS
-(Transport\n" "Layer Security)."
+%description -l pt.UTF-8
+O módulo mod_ssl oferece uma criptografia robusta para o servidor Web
+Apache através dos protocolos SSL (Secure Sockets Layer) e TLS
+(Transport Layer Security).
-%description -l ru
-Apache -- ÍÏÝÎÙÊ Ó×ÏÂÏÄÎÏ ÒÁÓÐÒÏÓÔÒÁÎÑÅÍÙÊ ÓÅÒ×ÅÒ Á ÔÁËÖÅ É ÓÁÍÙÍ
-ÐÏÐÕÌÑÒÎÙÊ × Internet'Å (ÏÎ ÉÓÐÏÌØÚÕÅÔÓÑ ÎÁ ÂÏÌÅÅ, ÞÅÍ 50%% ÓÅÒ×ÅÒÏ× ×
-ÍÉÒÅ). üÔÁ ×ÅÒÓÉÑ ×ËÌÀÞÁÅÔ × ÓÅÂÑ ÐÏÄÄÅÒÖËÕ SSL v2, v3 É TLS v1.
+%description -l ru.UTF-8
+Apache -- мощный свободно распространяемый сервер а также и самым
+попÑ\83лÑ\8fÑ\80нÑ\8bй в Internet'е (он иÑ\81полÑ\8cзÑ\83еÑ\82Ñ\81Ñ\8f на более, Ñ\87ем 50%% Ñ\81еÑ\80веÑ\80ов в
+мире). Эта версия включает в себя поддержку SSL v2, v3 и TLS v1.
-%description -l sv
-"Modulen mod_ssl förser webbservern Apache med stark kryptografi
-via\n" "protokollen SSL (Secure Sockets Layer) och TLS (Transport
-Layer\n" "Security)."
+%description -l sv.UTF-8
+Modulen mod_ssl förser webbservern Apache med stark kryptografi via
+protokollen SSL (Secure Sockets Layer) och TLS (Transport Layer
+Security).
-%description -l uk
-Apache -- ÐÏÔÕÖÎÉÊ ×¦ÌØÎÏ ÒÏÚÐÏ×ÓÀÄÖÕ×ÁÎÉÊ ÓÅÒ×ÅÒ HTTP. ãÅ
-ÎÁÊÐÏÐÕÌÑÒΦÛÉÊ ÓÅÒ×ÅÒ Õ ÓצԦ (×ÉËÏÒÉÓÔÏ×Õ¤ÔØÓÑ Â¦ÌØÛ ÑË ÎÁ 50%%
-ÓÅÒ×ÅÒ¦×). ãÑ ×ÅÒÓ¦Ñ Í¦ÓÔÉÔØ Ð¦ÄÔÒÉÍËÕ SSL v2, v3 ÔÁ TLS v1.
+%description -l uk.UTF-8
+Apache -- поÑ\82Ñ\83жний вÑ\96лÑ\8cно Ñ\80озповÑ\81Ñ\8eджÑ\83ваний Ñ\81еÑ\80веÑ\80 HTTP. Це
+найпопулярніший сервер у світі (використовується більш як на 50%%
+серверів). Ця версія містить підтримку SSL v2, v3 та TLS v1.
%package devel
Summary: Header files for mod_ssl
-Summary(pl): Pliki nag³ówkowe dla mod_ssl
+Summary(pl.UTF-8): Pliki nagłówkowe dla mod_ssl
Group: Development/Building
Requires: apache1-devel >= %{APACHEVER}
%description devel
Header files for mod_ssl.
-%description devel -l pl
-Pliki nag³ówkowe dla mod_ssl.
+%description devel -l pl.UTF-8
+Pliki nagłówkowe dla mod_ssl.
%package -n apache1-mod_sxnet
Summary: Strong Extranet module for mod_ssl and apache
-Summary(fr): Module d'Extranet Fort pour Apache et mod_ssl
-Summary(pl): Modu³ Strong Extranet dla pakietu mod_ssl i serwera WWW Apache
+Summary(fr.UTF-8): Module d'Extranet Fort pour Apache et mod_ssl
+Summary(pl.UTF-8): Moduł Strong Extranet dla pakietu mod_ssl i serwera WWW Apache
Group: Networking/Daemons
-Requires(post,preun): %{apxs}
+Requires(triggerpostun): grep
+Requires(triggerpostun): sed >= 4.0
Requires: apache1(EAPI) >= %{APACHEVER}
+Obsoletes: apache-mod_sxnet < 2
%description -n apache1-mod_sxnet
The Strong Extranet allows you to use digital certificates to
your Strong Extranet, under your control, through the Thawte Personal
Cert System.
-%description -n apache1-mod_sxnet -l fr
+%description -n apache1-mod_sxnet -l fr.UTF-8
L'Extranet Fort vous permet d'utiliser des certificats numeriques pour
authentifier les usagers sur votre serveur web. Typiquement, vos
usagers s'enrolent dans votre Extranet Fort, sous votre controle, a
travers le Thawte Personal Cert System.
-%description -n apache1-mod_sxnet -l pl
-Pakiet Strong Extranet umo¿liwia u¿ywanie cyfrowych certyfikatów dla
-uwierzytelniania u¿ytkowników serwera WWW. Zwykle u¿ytkownicy
-rejestruj± siê pod opiek± administratora poprzez Thawte Personal Cert
+%description -n apache1-mod_sxnet -l pl.UTF-8
+Pakiet Strong Extranet umożliwia używanie cyfrowych certyfikatów dla
+uwierzytelniania użytkowników serwera WWW. Zwykle użytkownicy
+rejestrują się pod opieką administratora poprzez Thawte Personal Cert
System.
%prep
%setup -q -n mod_%{mod_name}-%{SSLVER}-%{APACHEVER}
+%{__tar} -C pkg.contrib -xf pkg.contrib/sxnet.tar
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
-%{__perl} -pi -e 's@ /lib /usr/lib @ /%{_lib} /usr/%{_lib} @' pkg.sslmod/libssl.module
+%{__sed} -i -e 's@ /lib /usr/lib @ /%{_lib} /usr/%{_lib} @' pkg.sslmod/libssl.module
+%{__sed} -i -e 's,@APACHE_VERSION@,%{APACHEVER},' configure
%build
-SSL_BASE=SYSTEM; export SSL_BASE
+export SSL_BASE=SYSTEM
%configure \
--with-apxs=%{apxs} \
--enable-shared=ssl \
%{__make}
-cd pkg.contrib
-tar xvf sxnet.tar
-cd sxnet
+cd pkg.contrib/sxnet
%{apxs} -DMalloc=malloc -DFree=free -I%{_includedir}/openssl -L%{_libdir} -l ssl -l crypto -c mod_sxnet.c
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_libdir}/mod_%{mod_name},%{_pkglibdir}} \
+install -d $RPM_BUILD_ROOT{%{_libdir}/mod_%{mod_name},%{_pkglibdir},%{_pkglogdir}} \
$RPM_BUILD_ROOT%{_includedir}/apache1 \
- $RPM_BUILD_ROOT%{_sysconfdir}/conf.d \
- $RPM_BUILD_ROOT/etc/logrotate.d
+ $RPM_BUILD_ROOT%{_sysconfdir}/conf.d
-install pkg.sslmod/libssl.so $RPM_BUILD_ROOT%{_pkglibdir}
-install pkg.contrib/sxnet/mod_sxnet.so $RPM_BUILD_ROOT%{_pkglibdir}
+install -p pkg.sslmod/libssl.so $RPM_BUILD_ROOT%{_pkglibdir}
+install -p pkg.contrib/sxnet/mod_sxnet.so $RPM_BUILD_ROOT%{_pkglibdir}
-install pkg.contrib/*.sh $RPM_BUILD_ROOT%{_libdir}/mod_%{mod_name}
-install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/40_mod_%{mod_name}.conf
-install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/server.crt
-install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/server.key
-install %{SOURCE5} $RPM_BUILD_ROOT/etc/logrotate.d/apache-mod_%{mod_name}
+install -p pkg.contrib/*.sh $RPM_BUILD_ROOT%{_libdir}/mod_%{mod_name}
+cp -a %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/40_mod_%{mod_name}.conf
+cp -a %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/server.crt
+cp -a %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/server.key
cp -a pkg.ssldoc ssl-doc
-install %{SOURCE4} sxnet.html
-CFG="$RPM_BUILD_ROOT%{_sysconfdir}/conf.d"
-echo "LoadModule sxnet_module modules/mod_sxnet.so" > $CFG/41_mod_sxnet.conf
+cp -a %{SOURCE4} sxnet.html
+echo 'LoadModule sxnet_module modules/mod_sxnet.so' > \
+ $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/90_mod_sxnet.conf
install pkg.sslmod/*.h $RPM_BUILD_ROOT%{_includedir}/apache1
+> $RPM_BUILD_ROOT%{_pkglogdir}/ssl_engine_log
+> $RPM_BUILD_ROOT%{_pkglogdir}/ssl_request_log
+
%clean
rm -rf $RPM_BUILD_ROOT
%post
-if [ -f /var/lock/subsys/apache ]; then
- /etc/rc.d/init.d/apache restart 1>&2
-else
- echo "Run \"/etc/rc.d/init.d/apache start\" to start apache HTTP daemon."
-fi
+%service -q apache restart
-%preun
+%postun
if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/apache ]; then
- /etc/rc.d/init.d/apache restart 1>&2
- fi
+ %service -q apache restart
fi
%triggerpostun -- apache1-mod_ssl < 2.8.22_1.3.33-1.7
-if grep -q '^Include conf.d' /etc/apache/apache.conf; then
+if grep -q '^Include conf\.d/\*\.conf' /etc/apache/apache.conf; then
sed -i -e '
/^Include.*mod_%{mod_name}.conf/d
' /etc/apache/apache.conf
%triggerpostun -- apache1-mod_sxnet < 2.8.22_1.3.33-1.9
# check that they're not using old apache.conf
-if ! grep -q '^Include conf.d' /etc/apache/apache.conf; then
- %{apxs} -e -A -n sxnet %{_pkglibdir}/mod_sxnet.so 1>&2
+if grep -q '^Include conf\.d' /etc/apache/apache.conf; then
+ sed -i -e '/^\(Add\|Load\)Module.*mod_sxnet\.\(so\|c\)/d' /etc/apache/apache.conf
fi
%post -n apache1-mod_sxnet
-if [ -f /var/lock/subsys/apache ]; then
- /etc/rc.d/init.d/apache restart 1>&2
-fi
+%service -q apache restart
-%preun -n apache1-mod_sxnet
+%postun -n apache1-mod_sxnet
if [ "$1" = "0" ]; then
- if [ -f /var/lock/subsys/apache ]; then
- /etc/rc.d/init.d/apache restart 1>&2
- fi
+ %service -q apache restart
fi
%files
%defattr(644,root,root,755)
-%doc ANNOUNCE CHANGES CREDITS NEWS README* ssl-doc
-%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/conf.d/*_mod_ssl.conf
-%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/server.crt
-%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/server.key
-%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/logrotate.d/*
+%doc ANNOUNCE CHANGES CREDITS LICENSE NEWS README* ssl-doc
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*_mod_ssl.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/server.crt
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/server.key
+%attr(640,root,root) %ghost %{_pkglogdir}/*
%attr(755,root,root) %{_pkglibdir}/libssl.so
%files -n apache1-mod_sxnet
%defattr(644,root,root,755)
%doc sxnet.html
-%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/conf.d/*_mod_sxnet.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*_mod_sxnet.conf
%attr(755,root,root) %{_pkglibdir}/mod_sxnet.so