mingw-openssl/mingw32-openssl.spec

%define __strip %{_mingw32_strip}
%define __objdump %{_mingw32_objdump}
%define _use_internal_dependency_generator 0
%define __find_requires %{_mingw32_findrequires}
%define __find_provides %{_mingw32_findprovides}

# For the curious:
# 0.9.5a soversion = 0
# 0.9.6  soversion = 1
# 0.9.6a soversion = 2
# 0.9.6c soversion = 3
# 0.9.7a soversion = 4
# 0.9.7ef soversion = 5
# 0.9.8ab soversion = 6
# 0.9.8g soversion = 7
# 0.9.8j + EAP-FAST soversion = 8
%define soversion 8

# Enable the tests.
# These only work some of the time, but fail randomly at other times
# (although I have had them complete a few times, so I don't think
# there is any actual problem with the binaries).
%define run_tests 0

# Number of threads to spawn when testing some threading fixes.
%define thread_test_threads %{?threads:%{threads}}%{!?threads:1}

Name:           mingw32-openssl
Version:        0.9.8j
Release:        3%{?dist}
Summary:        MinGW port of the OpenSSL toolkit

License:        OpenSSL
Group:          Development/Libraries
URL:            http://www.openssl.org/

# Use the hobble-openssl script to create the source file.
Source0:        openssl-%{version}-usa.tar.bz2

Source1:        hobble-openssl
Source2:        Makefile.certificate
Source6:        make-dummy-cert
Source8:        openssl-thread-test.c
Source9:        opensslconf-new.h
Source10:       opensslconf-new-warning.h

# Patches from Fedora native package.
# Build changes
Patch0:         openssl-0.9.8j-redhat.patch
Patch1:         openssl-0.9.8a-defaults.patch
Patch2:         openssl-0.9.8a-link-krb5.patch
Patch3:         openssl-0.9.8j-soversion.patch
Patch4:         openssl-0.9.8j-enginesdir.patch
Patch5:         openssl-0.9.8a-no-rpath.patch
Patch6:         openssl-0.9.8b-test-use-localhost.patch
Patch7:         openssl-0.9.8j-shlib-version.patch
# Bug fixes
Patch21:        openssl-0.9.8b-aliasing-bug.patch
Patch22:        openssl-0.9.8b-x509-name-cmp.patch
Patch23:        openssl-0.9.8g-default-paths.patch
Patch24:        openssl-0.9.8g-no-extssl.patch
# Functionality changes
Patch32:        openssl-0.9.8g-ia64.patch
Patch33:        openssl-0.9.8j-ca-dir.patch
Patch34:        openssl-0.9.6-x509.patch
Patch35:        openssl-0.9.8j-version-add-engines.patch
Patch38:        openssl-0.9.8a-reuse-cipher-change.patch
# Disabled this because it uses getaddrinfo which is lacking on Windows.
#Patch39:        openssl-0.9.8g-ipv6-apps.patch
Patch40:        openssl-0.9.8j-nocanister.patch
Patch41:        openssl-0.9.8j-use-fipscheck.patch
Patch42:        openssl-0.9.8j-fipscheck-hmac.patch
Patch43:        openssl-0.9.8j-evp-nonfips.patch
Patch44:        openssl-0.9.8j-kernel-fipsmode.patch
Patch45:        openssl-0.9.8j-env-nozlib.patch
Patch46:        openssl-0.9.8j-eap-fast.patch
Patch47:        openssl-0.9.8j-readme-warning.patch
Patch48:        openssl-0.9.8j-bad-mime.patch
Patch49:        openssl-0.9.8j-fips-no-pairwise.patch
# Backported fixes including security fixes

# MinGW-specific patches.
Patch100:       mingw32-openssl-0.9.8j-header-files.patch
Patch101:       mingw32-openssl-0.9.8j-configure.patch
Patch102:       mingw32-openssl-0.9.8j-shared.patch
Patch103:       mingw32-openssl-0.9.8g-global.patch
Patch104:       mingw32-openssl-0.9.8g-sfx.patch

BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildArch:      noarch

BuildRequires:  mingw32-filesystem >= 49
BuildRequires:  mingw32-gcc
BuildRequires:  mingw32-binutils

BuildRequires:  mingw32-zlib
BuildRequires:  mingw32-pthreads

BuildRequires:  mktemp
#BuildRequires:  krb5-devel
BuildRequires:  perl
BuildRequires:  sed
BuildRequires:  /usr/bin/cmp
BuildRequires:  /usr/bin/rename

# XXX Not really sure about this one.  The build script uses
# /usr/bin/makedepend which comes from imake.
BuildRequires:  imake

%if %{run_tests}
# Required both to build, and to run the tests.
# XXX This needs to be fixed - cross-compilation should not
# require running executables.
BuildRequires:  wine

# Required to run the tests.
BuildRequires:  xorg-x11-server-Xvfb
%endif

#Requires:       ca-certificates >= 2008-5
Requires:       pkgconfig


%description
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

This package contains Windows (MinGW) libraries and development tools.


%prep
%setup -q -n openssl-%{version}

%{SOURCE1} > /dev/null
%patch0 -p1 -b .redhat
%patch1 -p1 -b .defaults
# Fix link line for libssl (bug #111154).
%patch2 -p1 -b .krb5
%patch3 -p1 -b .soversion
%patch4 -p1 -b .enginesdir
%patch5 -p1 -b .no-rpath
%patch6 -p1 -b .use-localhost
%patch7 -p1 -b .shlib-version

%patch21 -p1 -b .aliasing-bug
%patch22 -p1 -b .name-cmp
%patch23 -p1 -b .default-paths
%patch24 -p1 -b .no-extssl

%patch32 -p1 -b .ia64
#patch33 is applied after make test
%patch34 -p1 -b .x509
%patch35 -p1 -b .version-add-engines
%patch38 -p1 -b .cipher-change
#%patch39 -p1 -b .ipv6-apps
%patch40 -p1 -b .nocanister
%patch41 -p1 -b .use-fipscheck
%patch42 -p1 -b .fipscheck-hmac
%patch43 -p1 -b .evp-nonfips
%patch44 -p1 -b .fipsmode
%patch45 -p1 -b .env-nozlib
%patch46 -p1 -b .eap-fast
%patch47 -p1 -b .warning
%patch48 -p1 -b .bad-mime
%patch49 -p1 -b .no-pairwise

%patch100 -p1 -b .mingw-header-files
%patch101 -p1 -b .mingw-configure
%patch102 -p1 -b .mingw-shared
%patch103 -p1 -b .mingw-global
%patch104 -p1 -b .mingw-sfx

# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`

# Generate a table with the compile settings for my perusal.
touch Makefile
make TABLE PERL=%{__perl}

%build
# NB: 'no-hw' is vital.  MinGW cannot build the hardware drivers
# and if you don't have this you'll get an obscure link error.
%{_mingw32_env}; \
sed -i -e "s/MINGW32_CC/%{_mingw32_cc}/" -e "s/MINGW32_CFLAGS/%{_mingw32_cflags}/" -e "s/MINGW32_RANLIB/%{_mingw32_ranlib}/" Configure; \
./Configure \
  --prefix=%{_mingw32_prefix} \
  --openssldir=%{_mingw32_sysconfdir}/pki/tls \
  zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
  no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa no-hw shared \
  --enginesdir=%{_mingw32_libdir}/openssl/engines \
  mingw
#  --with-krb5-flavor=MIT
#  -I%{_mingw32_prefix}/kerberos/include -L%{_mingw32_prefix}/kerberos/%{_lib}
%{_mingw32_make} depend
%{_mingw32_make} all build-shared

# Generate hashes for the included certs.
%{_mingw32_make} rehash build-shared

%if %{run_tests}
#----------------------------------------------------------------------
# Run some tests.  I don't know why this isn't in a %-check section
# but this is how it is in the native RPM.

# This is a bit of a hack, but the test scripts look for 'openssl'
# by name.
pushd apps
ln -s openssl.exe openssl
popd

# This is useful for diagnosing Wine problems.
WINEDEBUG=+loaddll
export WINEDEBUG

# Make sure we can find the installed DLLs.
WINEDLLPATH=%{_mingw32_bindir}
export WINEDLLPATH

# The tests run Wine and require an X server (but don't really use
# it).  Therefore we create a virtual framebuffer for the duration of
# the tests.
# XXX There is no good way to choose a random, unused display.
# XXX Setting depth to 24 bits avoids bug 458219.
unset DISPLAY
display=:21
Xvfb $display -screen 0 1024x768x24 -ac -noreset & xpid=$!
trap "kill -TERM $xpid ||:" EXIT
sleep 3
DISPLAY=$display
export DISPLAY

%{_mingw32_make} LDCMD=%{_mingw32_cc} -C test apps tests

# Disable this thread test, because we don't have pthread on Windows.
%{_mingw32_cc} -o openssl-thread-test \
  -I./include \
  %-{_mingw32_cflags} \
  %-{SOURCE8} \
  -L. \
  -lssl -lcrypto \
  -lpthread -lz -ldl

## `krb5-config --cflags`
## `krb5-config --libs`
#
./openssl-thread-test --threads %{thread_test_threads}

#----------------------------------------------------------------------
%endif

# Patch33 must be patched after tests otherwise they will fail
patch -p1 -b -z .ca-dir < %{PATCH33}

# Add generation of HMAC checksum of the final stripped library
#%define __spec_install_post \
#    %{?__debug_package:%{__debug_install_post}} \
#    %{__arch_install_post} \
#    %{__os_install_post} \
#    fips/fips_standalone_sha1 $RPM_BUILD_ROOT/%{_lib}/libcrypto.so.%{version} >$RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{version}.hmac \
#    ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{soversion}.hmac \
#%{nil}

if ! iconv -f UTF-8 -t ASCII//TRANSLIT CHANGES >/dev/null 2>&1 ; then
  iconv -f ISO-8859-1 -t UTF-8 -o CHANGES.utf8 CHANGES && \
    mv -f CHANGES.utf8 CHANGES
fi


%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}
mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}/openssl
mkdir -p $RPM_BUILD_ROOT%{_mingw32_bindir}
mkdir -p $RPM_BUILD_ROOT%{_mingw32_includedir}
mkdir -p $RPM_BUILD_ROOT%{_mingw32_mandir}
make INSTALL_PREFIX=$RPM_BUILD_ROOT install build-shared

# Install the actual DLLs.
install libcrypto-%{soversion}.dll $RPM_BUILD_ROOT%{_mingw32_bindir}
install libssl-%{soversion}.dll $RPM_BUILD_ROOT%{_mingw32_bindir}

# Remove static libraries but DON'T remove *.dll.a files.
rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.a
rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.a

# I have no idea why it installs the manpages in /etc, but
# we remove them anyway.
rm -r $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/man

# Set permissions on lib*.dll.a so that strip works.
chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.dll.a
chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.dll.a

# Install a makefile for generating keys and self-signed certs, and a script
# for generating them on the fly.
mkdir -p $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs
install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs/Makefile
install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs/make-dummy-cert

# Pick a CA script.
pushd  $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/misc
mv CA.sh CA
popd

mkdir -m700 $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/CA
mkdir -m700 $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/CA/private

%clean
rm -rf $RPM_BUILD_ROOT


%files
%defattr(-,root,root)
%doc LICENSE
%{_mingw32_bindir}/openssl.exe
%{_mingw32_bindir}/c_rehash
%{_mingw32_bindir}/libcrypto-%{soversion}.dll
%{_mingw32_bindir}/libssl-%{soversion}.dll
#{_mingw32_bindir}/.libcrypto*.hmac
%{_mingw32_libdir}/libcrypto.dll.a
%{_mingw32_libdir}/libssl.dll.a
%{_mingw32_libdir}/engines
%{_mingw32_libdir}/pkgconfig/*.pc
%{_mingw32_includedir}/openssl
%config(noreplace) %{_mingw32_sysconfdir}/pki


%changelog
* Fri Feb 20 2009 Richard W.M. Jones <rjones@redhat.com> - 0.9.8j-3
- Rebuild for mingw32-gcc 4.4

* Mon Feb  2 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-2
- Various build fixes.

* Wed Jan 28 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-1
- update to new upstream version.

* Mon Dec 29 2008 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8g-2
- minor cleanup.

* Tue Sep 30 2008 Richard W.M. Jones <rjones@redhat.com> - 0.9.8g-1
- Initial RPM release.
Initial import. 2009-02-09 09:33:37 +00:00			`%define __strip %{_mingw32_strip}`
			`%define __objdump %{_mingw32_objdump}`
			`%define _use_internal_dependency_generator 0`
			`%define __find_requires %{_mingw32_findrequires}`
			`%define __find_provides %{_mingw32_findprovides}`

			`# For the curious:`
			`# 0.9.5a soversion = 0`
			`# 0.9.6 soversion = 1`
			`# 0.9.6a soversion = 2`
			`# 0.9.6c soversion = 3`
			`# 0.9.7a soversion = 4`
			`# 0.9.7ef soversion = 5`
			`# 0.9.8ab soversion = 6`
			`# 0.9.8g soversion = 7`
			`# 0.9.8j + EAP-FAST soversion = 8`
			`%define soversion 8`

			`# Enable the tests.`
			`# These only work some of the time, but fail randomly at other times`
			`# (although I have had them complete a few times, so I don't think`
			`# there is any actual problem with the binaries).`
			`%define run_tests 0`

			`# Number of threads to spawn when testing some threading fixes.`
			`%define thread_test_threads %{?threads:%{threads}}%{!?threads:1}`

			`Name: mingw32-openssl`
			`Version: 0.9.8j`
Rebuild for gcc 4.4 2009-02-20 23:29:13 +00:00			`Release: 3%{?dist}`
Initial import. 2009-02-09 09:33:37 +00:00			`Summary: MinGW port of the OpenSSL toolkit`

			`License: OpenSSL`
			`Group: Development/Libraries`
			`URL: http://www.openssl.org/`

			`# Use the hobble-openssl script to create the source file.`
			`Source0: openssl-%{version}-usa.tar.bz2`

			`Source1: hobble-openssl`
			`Source2: Makefile.certificate`
			`Source6: make-dummy-cert`
			`Source8: openssl-thread-test.c`
			`Source9: opensslconf-new.h`
			`Source10: opensslconf-new-warning.h`

			`# Patches from Fedora native package.`
			`# Build changes`
			`Patch0: openssl-0.9.8j-redhat.patch`
			`Patch1: openssl-0.9.8a-defaults.patch`
			`Patch2: openssl-0.9.8a-link-krb5.patch`
			`Patch3: openssl-0.9.8j-soversion.patch`
			`Patch4: openssl-0.9.8j-enginesdir.patch`
			`Patch5: openssl-0.9.8a-no-rpath.patch`
			`Patch6: openssl-0.9.8b-test-use-localhost.patch`
			`Patch7: openssl-0.9.8j-shlib-version.patch`
			`# Bug fixes`
			`Patch21: openssl-0.9.8b-aliasing-bug.patch`
			`Patch22: openssl-0.9.8b-x509-name-cmp.patch`
			`Patch23: openssl-0.9.8g-default-paths.patch`
			`Patch24: openssl-0.9.8g-no-extssl.patch`
			`# Functionality changes`
			`Patch32: openssl-0.9.8g-ia64.patch`
			`Patch33: openssl-0.9.8j-ca-dir.patch`
			`Patch34: openssl-0.9.6-x509.patch`
			`Patch35: openssl-0.9.8j-version-add-engines.patch`
			`Patch38: openssl-0.9.8a-reuse-cipher-change.patch`
			`# Disabled this because it uses getaddrinfo which is lacking on Windows.`
			`#Patch39: openssl-0.9.8g-ipv6-apps.patch`
			`Patch40: openssl-0.9.8j-nocanister.patch`
			`Patch41: openssl-0.9.8j-use-fipscheck.patch`
			`Patch42: openssl-0.9.8j-fipscheck-hmac.patch`
			`Patch43: openssl-0.9.8j-evp-nonfips.patch`
			`Patch44: openssl-0.9.8j-kernel-fipsmode.patch`
			`Patch45: openssl-0.9.8j-env-nozlib.patch`
			`Patch46: openssl-0.9.8j-eap-fast.patch`
			`Patch47: openssl-0.9.8j-readme-warning.patch`
			`Patch48: openssl-0.9.8j-bad-mime.patch`
			`Patch49: openssl-0.9.8j-fips-no-pairwise.patch`
			`# Backported fixes including security fixes`

			`# MinGW-specific patches.`
			`Patch100: mingw32-openssl-0.9.8j-header-files.patch`
			`Patch101: mingw32-openssl-0.9.8j-configure.patch`
			`Patch102: mingw32-openssl-0.9.8j-shared.patch`
			`Patch103: mingw32-openssl-0.9.8g-global.patch`
			`Patch104: mingw32-openssl-0.9.8g-sfx.patch`

			`BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)`

			`BuildArch: noarch`

Rebuild for gcc 4.4 2009-02-20 23:29:13 +00:00			`BuildRequires: mingw32-filesystem >= 49`
Initial import. 2009-02-09 09:33:37 +00:00			`BuildRequires: mingw32-gcc`
			`BuildRequires: mingw32-binutils`

			`BuildRequires: mingw32-zlib`
			`BuildRequires: mingw32-pthreads`

			`BuildRequires: mktemp`
			`#BuildRequires: krb5-devel`
			`BuildRequires: perl`
			`BuildRequires: sed`
			`BuildRequires: /usr/bin/cmp`
			`BuildRequires: /usr/bin/rename`

			`# XXX Not really sure about this one. The build script uses`
			`# /usr/bin/makedepend which comes from imake.`
			`BuildRequires: imake`

			`%if %{run_tests}`
			`# Required both to build, and to run the tests.`
			`# XXX This needs to be fixed - cross-compilation should not`
			`# require running executables.`
			`BuildRequires: wine`

			`# Required to run the tests.`
			`BuildRequires: xorg-x11-server-Xvfb`
			`%endif`

			`#Requires: ca-certificates >= 2008-5`
			`Requires: pkgconfig`


			`%description`
			`The OpenSSL toolkit provides support for secure communications between`
			`machines. OpenSSL includes a certificate management tool and shared`
			`libraries which provide various cryptographic algorithms and`
			`protocols.`

			`This package contains Windows (MinGW) libraries and development tools.`


			`%prep`
			`%setup -q -n openssl-%{version}`

			`%{SOURCE1} > /dev/null`
			`%patch0 -p1 -b .redhat`
			`%patch1 -p1 -b .defaults`
			`# Fix link line for libssl (bug #111154).`
			`%patch2 -p1 -b .krb5`
			`%patch3 -p1 -b .soversion`
			`%patch4 -p1 -b .enginesdir`
			`%patch5 -p1 -b .no-rpath`
			`%patch6 -p1 -b .use-localhost`
			`%patch7 -p1 -b .shlib-version`

			`%patch21 -p1 -b .aliasing-bug`
			`%patch22 -p1 -b .name-cmp`
			`%patch23 -p1 -b .default-paths`
			`%patch24 -p1 -b .no-extssl`

			`%patch32 -p1 -b .ia64`
			`#patch33 is applied after make test`
			`%patch34 -p1 -b .x509`
			`%patch35 -p1 -b .version-add-engines`
			`%patch38 -p1 -b .cipher-change`
			`#%patch39 -p1 -b .ipv6-apps`
			`%patch40 -p1 -b .nocanister`
			`%patch41 -p1 -b .use-fipscheck`
			`%patch42 -p1 -b .fipscheck-hmac`
			`%patch43 -p1 -b .evp-nonfips`
			`%patch44 -p1 -b .fipsmode`
			`%patch45 -p1 -b .env-nozlib`
			`%patch46 -p1 -b .eap-fast`
			`%patch47 -p1 -b .warning`
			`%patch48 -p1 -b .bad-mime`
			`%patch49 -p1 -b .no-pairwise`

			`%patch100 -p1 -b .mingw-header-files`
			`%patch101 -p1 -b .mingw-configure`
			`%patch102 -p1 -b .mingw-shared`
			`%patch103 -p1 -b .mingw-global`
			`%patch104 -p1 -b .mingw-sfx`

			`# Modify the various perl scripts to reference perl in the right location.`
			perl util/perlpath.pl `dirname %{__perl}`

			`# Generate a table with the compile settings for my perusal.`
			`touch Makefile`
			`make TABLE PERL=%{__perl}`

			`%build`
			`# NB: 'no-hw' is vital. MinGW cannot build the hardware drivers`
			`# and if you don't have this you'll get an obscure link error.`
			`%{_mingw32_env}; \`
			`sed -i -e "s/MINGW32_CC/%{_mingw32_cc}/" -e "s/MINGW32_CFLAGS/%{_mingw32_cflags}/" -e "s/MINGW32_RANLIB/%{_mingw32_ranlib}/" Configure; \`
			`./Configure \`
			`--prefix=%{_mingw32_prefix} \`
			`--openssldir=%{_mingw32_sysconfdir}/pki/tls \`
			`zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \`
			`no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa no-hw shared \`
			`--enginesdir=%{_mingw32_libdir}/openssl/engines \`
			`mingw`
			`# --with-krb5-flavor=MIT`
			`# -I%{_mingw32_prefix}/kerberos/include -L%{_mingw32_prefix}/kerberos/%{_lib}`
			`%{_mingw32_make} depend`
			`%{_mingw32_make} all build-shared`

			`# Generate hashes for the included certs.`
			`%{_mingw32_make} rehash build-shared`

			`%if %{run_tests}`
			`#----------------------------------------------------------------------`
			`# Run some tests. I don't know why this isn't in a %-check section`
			`# but this is how it is in the native RPM.`

			`# This is a bit of a hack, but the test scripts look for 'openssl'`
			`# by name.`
			`pushd apps`
			`ln -s openssl.exe openssl`
			`popd`

			`# This is useful for diagnosing Wine problems.`
			`WINEDEBUG=+loaddll`
			`export WINEDEBUG`

			`# Make sure we can find the installed DLLs.`
			`WINEDLLPATH=%{_mingw32_bindir}`
			`export WINEDLLPATH`

			`# The tests run Wine and require an X server (but don't really use`
			`# it). Therefore we create a virtual framebuffer for the duration of`
			`# the tests.`
			`# XXX There is no good way to choose a random, unused display.`
			`# XXX Setting depth to 24 bits avoids bug 458219.`
			`unset DISPLAY`
			`display=:21`
			`Xvfb $display -screen 0 1024x768x24 -ac -noreset & xpid=$!`
			`trap "kill -TERM $xpid \|\|:" EXIT`
			`sleep 3`
			`DISPLAY=$display`
			`export DISPLAY`

			`%{_mingw32_make} LDCMD=%{_mingw32_cc} -C test apps tests`

			`# Disable this thread test, because we don't have pthread on Windows.`
			`%{_mingw32_cc} -o openssl-thread-test \`
			`-I./include \`
			`%-{_mingw32_cflags} \`
			`%-{SOURCE8} \`
			`-L. \`
			`-lssl -lcrypto \`
			`-lpthread -lz -ldl`

			## `krb5-config --cflags`
			## `krb5-config --libs`
			`#`
			`./openssl-thread-test --threads %{thread_test_threads}`

			`#----------------------------------------------------------------------`
			`%endif`

			`# Patch33 must be patched after tests otherwise they will fail`
			`patch -p1 -b -z .ca-dir < %{PATCH33}`

			`# Add generation of HMAC checksum of the final stripped library`
			`#%define __spec_install_post \`
			`# %{?__debug_package:%{__debug_install_post}} \`
			`# %{__arch_install_post} \`
			`# %{__os_install_post} \`
			`# fips/fips_standalone_sha1 $RPM_BUILD_ROOT/%{_lib}/libcrypto.so.%{version} >$RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{version}.hmac \`
			`# ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{soversion}.hmac \`
			`#%{nil}`

			`if ! iconv -f UTF-8 -t ASCII//TRANSLIT CHANGES >/dev/null 2>&1 ; then`
			`iconv -f ISO-8859-1 -t UTF-8 -o CHANGES.utf8 CHANGES && \`
			`mv -f CHANGES.utf8 CHANGES`
			`fi`


			`%install`
			`rm -rf $RPM_BUILD_ROOT`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}/openssl`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_bindir}`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_includedir}`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_mandir}`
			`make INSTALL_PREFIX=$RPM_BUILD_ROOT install build-shared`

			`# Install the actual DLLs.`
			`install libcrypto-%{soversion}.dll $RPM_BUILD_ROOT%{_mingw32_bindir}`
			`install libssl-%{soversion}.dll $RPM_BUILD_ROOT%{_mingw32_bindir}`

			`# Remove static libraries but DON'T remove *.dll.a files.`
			`rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.a`
			`rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.a`

			`# I have no idea why it installs the manpages in /etc, but`
			`# we remove them anyway.`
			`rm -r $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/man`

			`# Set permissions on lib*.dll.a so that strip works.`
			`chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.dll.a`
			`chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.dll.a`

			`# Install a makefile for generating keys and self-signed certs, and a script`
			`# for generating them on the fly.`
			`mkdir -p $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs`
			`install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs/Makefile`
			`install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/certs/make-dummy-cert`

			`# Pick a CA script.`
			`pushd $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/misc`
			`mv CA.sh CA`
			`popd`

			`mkdir -m700 $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/CA`
			`mkdir -m700 $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/CA/private`

			`%clean`
			`rm -rf $RPM_BUILD_ROOT`


			`%files`
			`%defattr(-,root,root)`
			`%doc LICENSE`
			`%{_mingw32_bindir}/openssl.exe`
			`%{_mingw32_bindir}/c_rehash`
			`%{_mingw32_bindir}/libcrypto-%{soversion}.dll`
			`%{_mingw32_bindir}/libssl-%{soversion}.dll`
			`#{_mingw32_bindir}/.libcrypto*.hmac`
			`%{_mingw32_libdir}/libcrypto.dll.a`
			`%{_mingw32_libdir}/libssl.dll.a`
			`%{_mingw32_libdir}/engines`
			`%{_mingw32_libdir}/pkgconfig/*.pc`
			`%{_mingw32_includedir}/openssl`
			`%config(noreplace) %{_mingw32_sysconfdir}/pki`


			`%changelog`
Rebuild for gcc 4.4 2009-02-20 23:29:13 +00:00			`* Fri Feb 20 2009 Richard W.M. Jones <rjones@redhat.com> - 0.9.8j-3`
			`- Rebuild for mingw32-gcc 4.4`

Initial import. 2009-02-09 09:33:37 +00:00			`* Mon Feb 2 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-2`
			`- Various build fixes.`

			`* Wed Jan 28 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-1`
			`- update to new upstream version.`

			`* Mon Dec 29 2008 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8g-2`
			`- minor cleanup.`

			`* Tue Sep 30 2008 Richard W.M. Jones <rjones@redhat.com> - 0.9.8g-1`
			`- Initial RPM release.`