forked from rpms/openssl
auto-import changelog data from openssl-0.9.5a-14.src.rpm
Thu Sep 21 2000 Nalin Dahyabhai <nalin@redhat.com> - tweak the makefile some more - disable MD2 support - disable MDC2 support - tweak the makefile - rework certificate makefile to have the right parts for Apache - strip binaries and libraries - enable actual RSA support - use /usr/bin/perl instead of /usr/bin/perl - move the passwd.1 man page out of the passwd package's way - update to 0.9.5a, modified for U.S. - add perl as a build-time requirement - disable RC5, IDEA support - break out python extensions - byte-compile python extensions without the build-root - adjust the makefile to not remove temporary files (like .key files when building .csr files) - fix the building of python modules without openssl-devel already installed Wed Mar 01 2000 Florian La Roche <Florian.LaRoche@redhat.de> - Bero told me to move the Makefile into this package Wed Mar 01 2000 Florian La Roche <Florian.LaRoche@redhat.de> - add lib*.so symlinks to link dynamically against shared libs Tue Feb 29 2000 Florian La Roche <Florian.LaRoche@redhat.de> - update to 0.9.5 - run ldconfig directly in post/postun - add FAQ Sat Dec 18 1999 Bernhard Rosenkrnzer <bero@redhat.de> - Fix build on non-x86 platforms Fri Nov 12 1999 Bernhard Rosenkrnzer <bero@redhat.de> - move /usr/share/ssl/* from -devel to main package Tue Oct 26 1999 Bernhard Rosenkrnzer <bero@redhat.de> - inital packaging - changes from base: - Move /usr/local/ssl to /usr/share/ssl for FHS compliance - handle RPM_OPT_FLAGS
This commit is contained in:
parent
877c1bc373
commit
e21e1846a7
@ -0,0 +1,3 @@
|
||||
m2crypto-0.05-snap3.zip
|
||||
openssl-0.9.5a-usa.tar.bz2
|
||||
swig1.1p5.tar.gz
|
65
Makefile.certificate
Normal file
65
Makefile.certificate
Normal file
@ -0,0 +1,65 @@
|
||||
.PHONY: usage
|
||||
.SUFFIXES: .key .csr .crt .pem
|
||||
.PRECIOUS: %.key %.csr %.crt %.pem
|
||||
|
||||
usage:
|
||||
@echo "This makefile allows you to create:"
|
||||
@echo " o public/private key pairs"
|
||||
@echo " o SSL certificate signing requests (CSRs)"
|
||||
@echo " o self-signed SSL test certificates"
|
||||
@echo
|
||||
@echo "To create a key pair, run \"make SOMETHING.key\"."
|
||||
@echo "To create a CSR, run \"make SOMETHING.csr\"."
|
||||
@echo "To create a test certificate, run \"make SOMETHING.crt\"."
|
||||
@echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
|
||||
@echo
|
||||
@echo "To create a key for use with Apache, run \"make genkey\"."
|
||||
@echo "To create a CSR for use with Apache, run \"make certreq\"."
|
||||
@echo "To create a test certificate for use with Apache, run \"make testcert\"."
|
||||
@echo
|
||||
@echo Examples:
|
||||
@echo " make server.key"
|
||||
@echo " make server.csr"
|
||||
@echo " make server.crt"
|
||||
@echo " make stunnel.pem"
|
||||
@echo " make genkey"
|
||||
@echo " make certreq"
|
||||
@echo " make testcert"
|
||||
|
||||
%.pem:
|
||||
umask 77 ; \
|
||||
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||
/usr/bin/openssl req -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 ; \
|
||||
cat $$PEM1 > $@ ; \
|
||||
echo "" >> $@ ; \
|
||||
cat $$PEM2 >> $@ ; \
|
||||
$(RM) $$PEM1 $$PEM2
|
||||
|
||||
%.key:
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl genrsa -des3 1024 > $@
|
||||
|
||||
%.csr: %.key
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req -new -key $^ -out $@
|
||||
|
||||
%.crt: %.key
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req -new -key $^ -x509 -days 365 -out $@
|
||||
|
||||
KEY=/etc/httpd/conf/ssl.key/server.key
|
||||
CSR=/etc/httpd/conf/ssl.csr/server.csr
|
||||
CRT=/etc/httpd/conf/ssl.crt/server.crt
|
||||
|
||||
genkey: $(KEY)
|
||||
certreq: $(CSR)
|
||||
testcert: $(CRT)
|
||||
|
||||
$(CSR): $(KEY)
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req -new -key $(KEY) -out $(CSR)
|
||||
|
||||
$(CRT): $(KEY)
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req -new -key $(KEY) -x509 -days 365 -out $(CRT)
|
52
hobble-openssl
Executable file
52
hobble-openssl
Executable file
@ -0,0 +1,52 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Clean out patent-protected code.
|
||||
# RSA: 4,405,829 20/09/2000
|
||||
# MDC-2: 4,908,861 13/03/2007
|
||||
# IDEA: 5,214,703 25/05/2010
|
||||
# RC5: 5,724,428 03/03/2015
|
||||
|
||||
# RSA's patented parts.
|
||||
function nullify_rsa() {
|
||||
echo Removing patented parts from crypto/rsa/rsa_eay.c
|
||||
cat crypto/rsa/rsa_eay.c | \
|
||||
awk 'BEGIN {ech=1;} \
|
||||
/#if/ {if(ech < 1) ech--;} \
|
||||
/#ifndef.*RSA_NULL/ {ech--;} \
|
||||
{if(ech>0) {;print $0};} \
|
||||
/#endif/ {if(ech < 1) ech++;}' > crypto/rsa/nullrsa_eay.c && \
|
||||
mv crypto/rsa/nullrsa_eay.c crypto/rsa/rsa_eay.c
|
||||
rm -fr crypto/rsa/asm
|
||||
}
|
||||
|
||||
if [ `date +%Y%m%d` -lt 20000921 ] ; then
|
||||
nullify_rsa
|
||||
fi
|
||||
|
||||
# Bah. Assembler is hard to port.
|
||||
(find crypto/{idea,mdc2,rc5,md2}/asm -type f | xargs -r rm -fv)
|
||||
|
||||
# IDEA, MDC2 and RC5.
|
||||
for c in `find crypto/{idea,mdc2,rc5,md2} -name "*.c" -a \! -name "*test*" -type f` ; do
|
||||
echo Destroying $c
|
||||
cat /dev/null > $c
|
||||
done
|
||||
for c in `find crypto/evp -name "*_r5.c" -o -name "*_i.c" -o -name "*_mdc2.c" -o -name "*_md2.c"`; do
|
||||
echo Destroying $c
|
||||
cat /dev/null > $c
|
||||
done
|
||||
for h in `find include crypto ssl apps test -name "*.h"` ; do
|
||||
echo Removing IDEA, MDC2, MD2 and RC5 references from $h
|
||||
cat $h | \
|
||||
awk 'BEGIN {ech=1;} \
|
||||
/#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||
/#[ \t]*ifndef.*NO_IDEA/ {ech--;} \
|
||||
/#[ \t]*ifndef.*NO_MDC2/ {ech--;} \
|
||||
/#[ \t]*ifndef.*NO_MD2/ {ech--;} \
|
||||
/#[ \t]*ifndef.*NO_RC5/ {ech--;} \
|
||||
{if(ech>0) {;print $0};} \
|
||||
/#endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
||||
mv $h.hobbled $h
|
||||
done
|
||||
# Make the makefiles happy.
|
||||
touch crypto/rc5/asm/rc5-586.pl
|
273
openssl.spec
Normal file
273
openssl.spec
Normal file
@ -0,0 +1,273 @@
|
||||
%define m2crypto_version 0.05-snap3
|
||||
%define swig_version 1.1p5
|
||||
|
||||
Summary: Secure Sockets Layer Toolkit
|
||||
Name: openssl
|
||||
Version: 0.9.5a
|
||||
Release: 14
|
||||
Source: openssl-%{version}-usa.tar.bz2
|
||||
Source1: hobble-openssl
|
||||
Source2: Makefile.certificate
|
||||
Source3: http://download.sourceforge.net/swig/swig%{swig_version}.tar.gz
|
||||
Source4: http://mars.post1.com/home/ngps/m2/m2crypto-%{m2crypto_version}.zip
|
||||
Patch0: openssl-0.9.5-redhat.patch
|
||||
Patch1: openssl-0.9.5-rsanull.patch
|
||||
Patch2: openssl-0.9.5a-64.patch
|
||||
Patch3: openssl-0.9.5a-defaults.patch
|
||||
Copyright: BSDish
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.openssl.org/
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
||||
BuildPreReq: perl, python-devel
|
||||
|
||||
%description
|
||||
The OpenSSL certificate management tool and the shared libraries that
|
||||
provide various cryptographic algorithms and protocols.
|
||||
|
||||
%package devel
|
||||
Summary: OpenSSL libraries and development headers.
|
||||
Group: Development/Libraries
|
||||
|
||||
%description devel
|
||||
The static libraries and include files needed to compile apps
|
||||
with support for various cryptographic algorithms and protocols.
|
||||
|
||||
Patches for many networking apps can be found at:
|
||||
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
|
||||
|
||||
%package perl
|
||||
Summary: OpenSSL scripts which require Perl.
|
||||
Group: Applications/Internet
|
||||
Requires: perl
|
||||
|
||||
%description perl
|
||||
Perl scripts provided with OpenSSL for converting certificates and keys
|
||||
from other formats to those used by OpenSSL.
|
||||
|
||||
%package python
|
||||
Summary: Support for using OpenSSL in python scripts.
|
||||
Group: Applications/Internet
|
||||
Requires: python
|
||||
|
||||
%description python
|
||||
This package allows you to call OpenSSL functions from python scripts.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
#%{SOURCE1}
|
||||
%patch0 -p1 -b .redhat
|
||||
%patch1 -p1 -b .rsanull
|
||||
%ifarch alpha
|
||||
%patch2 -p1
|
||||
%endif
|
||||
%ifarch ia64
|
||||
%patch2 -p1
|
||||
%endif
|
||||
%patch3 -p1
|
||||
|
||||
# Extract what we need for building extensions.
|
||||
gzip -dc %{SOURCE3} | tar xf -
|
||||
unzip -q %{SOURCE4}
|
||||
pushd m2crypto-%{m2crypto_version}
|
||||
for file in demo/evp_ciph_test.py demo/bio_ciph_test.py swig/_evp.i ; do
|
||||
grep -v idea_ ${file} > ${file}.tmp
|
||||
grep -v rc5_ ${file}.tmp > ${file}
|
||||
done
|
||||
popd
|
||||
|
||||
chmod 644 FAQ LICENSE CHANGES NEWS INSTALL README
|
||||
chmod 644 doc/README doc/c-indentation.el doc/openssl.txt
|
||||
chmod 644 doc/openssl_button.html doc/openssl_button.gif
|
||||
chmod 644 doc/ssleay.txt
|
||||
|
||||
%build
|
||||
PATH=${PATH}:${PWD}/bin
|
||||
TOPDIR=${PWD}
|
||||
|
||||
# Figure out which flags we want to use. Assembly is broken on some platforms,
|
||||
# required on others.
|
||||
perl util/perlpath.pl `dirname %{__perl}`
|
||||
%ifarch %ix86
|
||||
sslarch=linux-elf
|
||||
%endif
|
||||
%ifarch sparc
|
||||
sslarch=linux-sparcv9
|
||||
%endif
|
||||
%ifarch ia64
|
||||
sslarch=linux-ia64
|
||||
sslflags=no-asm
|
||||
%endif
|
||||
%ifarch alpha
|
||||
sslarch=alpha-gcc
|
||||
sslflags=no-asm
|
||||
%endif
|
||||
# Configure the build tree. Override OpenSSL defaults with known-good defaults
|
||||
# usable on all platforms.
|
||||
CFLAGS="-fPIC -ggdb"; export CFLAGS
|
||||
#./Configure --prefix=%{_prefix} --openssldir=%{_datadir}/ssl ${sslarch}
|
||||
./config --prefix=%{_prefix} --openssldir=%{_datadir}/ssl ${sslflags} $CFLAGS no-idea no-mdc2 no-rc5 no-md2
|
||||
make all
|
||||
|
||||
# Build the Perl bindings.
|
||||
#pushd perl
|
||||
#perl Makefile.PL
|
||||
#make
|
||||
#popd
|
||||
|
||||
# Verify that what was compiled actually works.
|
||||
make -C test apps tests
|
||||
|
||||
# Build shared libraries.
|
||||
majorver=`echo %{version} | cut -f1 -d.`
|
||||
for shlib in crypto ssl ; do
|
||||
pushd $shlib
|
||||
objs=`ar t ../lib${shlib}.a | xargs -n 1 find . -name`
|
||||
%{__cc} -shared -o ../lib${shlib}.so.%{version} \
|
||||
-Wl,-soname=lib${shlib}.so.${majorver} $objs && \
|
||||
ln -sf lib${shlib}.so.%{version} ../lib${shlib}.so
|
||||
popd
|
||||
done
|
||||
|
||||
# Build a copy of swig with which to build the extensions.
|
||||
pushd SWIG%{swig_version}
|
||||
autoconf
|
||||
CFLAGS="%{optflags}" \
|
||||
CCFLAGS="%{optflags}" \
|
||||
FFLAGS="%{optflags}" \
|
||||
./configure --prefix=${TOPDIR}
|
||||
make all install
|
||||
popd
|
||||
|
||||
# Build the python extensions.
|
||||
pushd m2crypto-%{m2crypto_version}/swig
|
||||
make \
|
||||
INCLUDE=-I. -I../../include \
|
||||
LIBS="-L${TOPDIR} -lssl -lcrypto -lc" \
|
||||
PYINCLUDE="-DHAVE_CONFIG_H -I/usr/include/python1.5 -I/usr/lib/python1.5/config"
|
||||
PYLIB=/usr/lib/python1.5/config
|
||||
cd ../doc
|
||||
sh -x go
|
||||
popd
|
||||
|
||||
%install
|
||||
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
|
||||
# Install OpenSSL.
|
||||
install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir}}
|
||||
make INSTALL_PREFIX=$RPM_BUILD_ROOT install
|
||||
mv $RPM_BUILD_ROOT%{_datadir}/ssl/man/* $RPM_BUILD_ROOT%{_mandir}
|
||||
rmdir $RPM_BUILD_ROOT%{_datadir}/ssl/man
|
||||
install -m 755 *.so.* $RPM_BUILD_ROOT%{_libdir}
|
||||
for lib in $RPM_BUILD_ROOT%{_libdir}/*.so.%{version} ; do
|
||||
ln -s -f `basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}`
|
||||
done
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{_datadir}/ssl/certs
|
||||
install -m644 $RPM_SOURCE_DIR/Makefile.certificate $RPM_BUILD_ROOT%{_datadir}/ssl/certs/Makefile
|
||||
|
||||
strip $RPM_BUILD_ROOT%{_bindir}/* ||:
|
||||
strip -g $RPM_BUILD_ROOT%{_libdir}/lib* ||:
|
||||
|
||||
# Fudge this.
|
||||
mv $RPM_BUILD_ROOT%{_mandir}/man1/passwd.1 $RPM_BUILD_ROOT%{_mandir}/man1/sslpasswd.1
|
||||
mv $RPM_BUILD_ROOT%{_mandir}/man3/rand.3 $RPM_BUILD_ROOT%{_mandir}/man3/sslrand.3
|
||||
|
||||
# Pick a CA script.
|
||||
pushd $RPM_BUILD_ROOT%{_datadir}/ssl/misc
|
||||
mv CA.sh CA
|
||||
mv der_chop der_chop.pl
|
||||
popd
|
||||
|
||||
# Install the python extensions.
|
||||
pushd m2crypto-%{m2crypto_version}/M2Crypto
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/lib/python1.5/site-packages/M2Crypto/{PGP,SSL}
|
||||
find -name "*.py" | xargs -i install -m644 '{}' $RPM_BUILD_ROOT/usr/lib/python1.5/site-packages/M2Crypto/'{}'
|
||||
find -name "*.so" | xargs -i install -m755 '{}' $RPM_BUILD_ROOT/usr/lib/python1.5/site-packages/M2Crypto/'{}'
|
||||
python -c "import compileall; compileall.compile_dir('"$RPM_BUILD_ROOT/usr/lib/python1.5/site-packages/M2Crypto"', 3, '/usr/lib/python1.5/site-packages/M2Crypto')"
|
||||
popd
|
||||
|
||||
%clean
|
||||
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc FAQ LICENSE CHANGES NEWS INSTALL README
|
||||
%doc doc/README doc/c-indentation.el doc/openssl.txt
|
||||
%doc doc/openssl_button.html doc/openssl_button.gif
|
||||
%doc doc/ssleay.txt
|
||||
%dir %{_datadir}/ssl
|
||||
%{_datadir}/ssl/certs
|
||||
%{_datadir}/ssl/lib
|
||||
%{_datadir}/ssl/misc/c_*
|
||||
%{_datadir}/ssl/private
|
||||
|
||||
%config %{_datadir}/ssl/openssl.cnf
|
||||
|
||||
%attr(0755,root,root) %{_bindir}/*
|
||||
%attr(0755,root,root) %{_libdir}/*.so.*
|
||||
%attr(0644,root,root) %{_mandir}/man1/*
|
||||
%attr(0644,root,root) %{_mandir}/man5/*
|
||||
%attr(0644,root,root) %{_mandir}/man7/*
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%{_prefix}/include/openssl
|
||||
%attr(0644,root,root) %{_libdir}/*.a
|
||||
%attr(0755,root,root) %{_libdir}/*.so
|
||||
%attr(0644,root,root) %{_mandir}/man3/*
|
||||
|
||||
%files perl
|
||||
%defattr(-,root,root)
|
||||
%{_datadir}/ssl/misc/*.pl
|
||||
|
||||
%files python
|
||||
%defattr(-,root,root)
|
||||
%doc m2crypto-%{m2crypto_version}/{BUGS,CHANGES,LIC*,README,TODO}
|
||||
%doc m2crypto-%{m2crypto_version}/doc/{README,*.html}
|
||||
%{_libdir}/python1.5/site-packages/M2Crypto
|
||||
|
||||
%post -p /sbin/ldconfig
|
||||
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Thu Sep 21 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- tweak the makefile some more
|
||||
- disable MD2 support
|
||||
- disable MDC2 support
|
||||
- tweak the makefile
|
||||
- rework certificate makefile to have the right parts for Apache
|
||||
- strip binaries and libraries
|
||||
- enable actual RSA support
|
||||
- use %{__perl} instead of /usr/bin/perl
|
||||
- move the passwd.1 man page out of the passwd package's way
|
||||
- update to 0.9.5a, modified for U.S.
|
||||
- add perl as a build-time requirement
|
||||
- disable RC5, IDEA support
|
||||
- break out python extensions
|
||||
- byte-compile python extensions without the build-root
|
||||
- adjust the makefile to not remove temporary files (like .key files when
|
||||
building .csr files)
|
||||
- fix the building of python modules without openssl-devel already installed
|
||||
|
||||
* Wed Mar 1 2000 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- Bero told me to move the Makefile into this package
|
||||
|
||||
* Wed Mar 1 2000 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- add lib*.so symlinks to link dynamically against shared libs
|
||||
|
||||
* Tue Feb 29 2000 Florian La Roche <Florian.LaRoche@redhat.de>
|
||||
- update to 0.9.5
|
||||
- run ldconfig directly in post/postun
|
||||
- add FAQ
|
||||
|
||||
* Sat Dec 18 1999 Bernhard Rosenkränzer <bero@redhat.de>
|
||||
- Fix build on non-x86 platforms
|
||||
|
||||
* Fri Nov 12 1999 Bernhard Rosenkränzer <bero@redhat.de>
|
||||
- move /usr/share/ssl/* from -devel to main package
|
||||
|
||||
* Tue Oct 26 1999 Bernhard Rosenkränzer <bero@redhat.de>
|
||||
- inital packaging
|
||||
- changes from base:
|
||||
- Move /usr/local/ssl to /usr/share/ssl for FHS compliance
|
||||
- handle RPM_OPT_FLAGS
|
Loading…
Reference in New Issue
Block a user