Add a openssl-fips-provider package
This allows it to be replaced by fips-provider-next which is built as an alternative fips provider. Adds a Suggests to still prefer the openssl's own packge by default. Resolves: RHEL-102408 Signed-off-by: Simo Sorce <simo@redhat.com>
This commit is contained in:
Simo Sorce
parent
12e10e275a
commit
fd23d267e8
21
openssl.spec
21
openssl.spec
@ -125,8 +125,9 @@ protocols.
|
||||
Summary: A general purpose cryptography library with TLS implementation
|
||||
Requires: ca-certificates >= 2008-5
|
||||
Requires: crypto-policies >= 20180730
|
||||
%if ( %{defined rhel} && (! %{defined centos}) )
|
||||
%if %{defined rhel}
|
||||
Requires: openssl-fips-provider
|
||||
Suggests: openssl-fips-provider
|
||||
%endif
|
||||
|
||||
%description libs
|
||||
@ -154,6 +155,17 @@ OpenSSL is a toolkit for supporting cryptography. The openssl-perl
|
||||
package provides Perl scripts for converting certificates and keys
|
||||
from other formats to the formats used by the OpenSSL toolkit.
|
||||
|
||||
%if %{defined centos}
|
||||
%package fips-provider
|
||||
Summary: The FIPS Provider module
|
||||
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
|
||||
|
||||
%description fips-provider
|
||||
OpenSSL is a toolkit for supporting cryptography. The openssl-fips-provider
|
||||
package provides the fips.so provider, a cryptography provider that follows
|
||||
FIPS requirements and provides FIPS approved algorithms.
|
||||
%endif
|
||||
|
||||
%prep
|
||||
%autosetup -S git -n %{name}-%{version}
|
||||
|
||||
@ -404,7 +416,7 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
|
||||
%attr(0755,root,root) %{_libdir}/libssl.so.%{version}
|
||||
%{_libdir}/libssl.so.%{soversion}
|
||||
%attr(0755,root,root) %{_libdir}/engines-%{soversion}
|
||||
%attr(0755,root,root) %{_libdir}/ossl-modules
|
||||
%attr(0755,root,root) %{_libdir}/ossl-modules/legacy.so
|
||||
|
||||
%files devel
|
||||
%doc CHANGES.md doc/dir-locals.example.el doc/openssl-c-indent.el
|
||||
@ -427,6 +439,11 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
|
||||
%dir %{_sysconfdir}/pki/CA/crl
|
||||
%dir %{_sysconfdir}/pki/CA/newcerts
|
||||
|
||||
%if %{defined centos}
|
||||
%files fips-provider
|
||||
%attr(0755,root,root) %{_libdir}/ossl-modules/fips.so
|
||||
%endif
|
||||
|
||||
%ldconfig_scriptlets libs
|
||||
|
||||
%changelog
|
||||
|
||||
Loading…
Reference in New Issue
Block a user