[arch-commits] Commit in openssl/repos (8 files)
Pierre Schmitz
pierre at nymeria.archlinux.org
Sat Feb 16 20:34:18 UTC 2013
Date: Saturday, February 16, 2013 @ 21:34:18
Author: pierre
Revision: 178118
archrelease: copy trunk to testing-i686, testing-x86_64
Added:
openssl/repos/testing-i686/
openssl/repos/testing-i686/PKGBUILD
(from rev 178117, openssl/trunk/PKGBUILD)
openssl/repos/testing-i686/ca-dir.patch
(from rev 178117, openssl/trunk/ca-dir.patch)
openssl/repos/testing-i686/no-rpath.patch
(from rev 178117, openssl/trunk/no-rpath.patch)
openssl/repos/testing-x86_64/
openssl/repos/testing-x86_64/PKGBUILD
(from rev 178117, openssl/trunk/PKGBUILD)
openssl/repos/testing-x86_64/ca-dir.patch
(from rev 178117, openssl/trunk/ca-dir.patch)
openssl/repos/testing-x86_64/no-rpath.patch
(from rev 178117, openssl/trunk/no-rpath.patch)
-------------------------------+
testing-i686/PKGBUILD | 72 ++++++++++++++++++++++++++++++++++++++++
testing-i686/ca-dir.patch | 33 ++++++++++++++++++
testing-i686/no-rpath.patch | 11 ++++++
testing-x86_64/PKGBUILD | 72 ++++++++++++++++++++++++++++++++++++++++
testing-x86_64/ca-dir.patch | 33 ++++++++++++++++++
testing-x86_64/no-rpath.patch | 11 ++++++
6 files changed, 232 insertions(+)
Copied: openssl/repos/testing-i686/PKGBUILD (from rev 178117, openssl/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD (rev 0)
+++ testing-i686/PKGBUILD 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,72 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.0.1e
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=2
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+options=('!makeflags')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+ "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+ 'no-rpath.patch'
+ 'ca-dir.patch')
+md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
+ 'e18847df48d39416f4ca5064887a2e28'
+ 'dc78d3d06baffc16217519242ce92478'
+ '3bf51be3a1bbd262be46dc619f92aa90')
+
+build() {
+ cd $srcdir/$pkgname-$_ver
+
+ if [ "${CARCH}" == 'x86_64' ]; then
+ openssltarget='linux-x86_64'
+ optflags='enable-ec_nistp_64_gcc_128'
+ elif [ "${CARCH}" == 'i686' ]; then
+ openssltarget='linux-elf'
+ optflags=''
+ fi
+
+ # remove rpath: http://bugs.archlinux.org/task/14367
+ patch -p0 -i $srcdir/no-rpath.patch
+ # set ca dir to /etc/ssl by default
+ patch -p0 -i $srcdir/ca-dir.patch
+
+ # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+ # workaround for https://rt.openssl.org/Ticket/Display.html?id=2771
+ # See Changes file "Changes between 1.0.1 and 1.0.1a [19 Apr 2012]"
+ ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+ shared zlib enable-md2 ${optflags} \
+ "${openssltarget}" \
+ -Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}" \
+ -DOPENSSL_NO_TLS1_2_CLIENT \
+ -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50
+
+ make depend
+ make
+}
+
+check() {
+ cd $srcdir/$pkgname-$_ver
+ # the test fails due to missing write permissions in /etc/ssl
+ # revert this patch for make test
+ patch -p0 -R -i $srcdir/ca-dir.patch
+ # Do not test TLS1.2 as we disabled it above using OPENSSL_NO_TLS1_2_CLIENT
+ sed 's/TLSv1.2 //g' -i test/testssl
+ make test
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+ cd $srcdir/$pkgname-$_ver
+ make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
+ install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}
Copied: openssl/repos/testing-i686/ca-dir.patch (from rev 178117, openssl/trunk/ca-dir.patch)
===================================================================
--- testing-i686/ca-dir.patch (rev 0)
+++ testing-i686/ca-dir.patch 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,33 @@
+--- apps/CA.pl.in 2006-04-28 02:30:49.000000000 +0200
++++ apps/CA.pl.in 2010-04-01 00:35:02.600553509 +0200
+@@ -53,7 +53,7 @@
+ $X509="$openssl x509";
+ $PKCS12="$openssl pkcs12";
+
+-$CATOP="./demoCA";
++$CATOP="/etc/ssl";
+ $CAKEY="cakey.pem";
+ $CAREQ="careq.pem";
+ $CACERT="cacert.pem";
+--- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200
++++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200
+@@ -68,7 +68,7 @@
+ X509="$OPENSSL x509"
+ PKCS12="openssl pkcs12"
+
+-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
++if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi
+ CAKEY=./cakey.pem
+ CAREQ=./careq.pem
+ CACERT=./cacert.pem
+--- apps/openssl.cnf 2009-04-04 20:09:43.000000000 +0200
++++ apps/openssl.cnf 2010-04-01 00:35:02.607220681 +0200
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+
+-dir = ./demoCA # Where everything is kept
++dir = /etc/ssl # Where everything is kept
+ certs = $dir/certs # Where the issued certs are kept
+ crl_dir = $dir/crl # Where the issued crl are kept
+ database = $dir/index.txt # database index file.
Copied: openssl/repos/testing-i686/no-rpath.patch (from rev 178117, openssl/trunk/no-rpath.patch)
===================================================================
--- testing-i686/no-rpath.patch (rev 0)
+++ testing-i686/no-rpath.patch 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,11 @@
+--- Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200
++++ Makefile.shared 2005-11-16 22:35:37.000000000 +0100
+@@ -153,7 +153,7 @@
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+
+ #This is rather special. It's a special target with which one can link
+ #applications without bothering with any features that have anything to
Copied: openssl/repos/testing-x86_64/PKGBUILD (from rev 178117, openssl/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,72 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.0.1e
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=2
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+options=('!makeflags')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+ "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+ 'no-rpath.patch'
+ 'ca-dir.patch')
+md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
+ 'e18847df48d39416f4ca5064887a2e28'
+ 'dc78d3d06baffc16217519242ce92478'
+ '3bf51be3a1bbd262be46dc619f92aa90')
+
+build() {
+ cd $srcdir/$pkgname-$_ver
+
+ if [ "${CARCH}" == 'x86_64' ]; then
+ openssltarget='linux-x86_64'
+ optflags='enable-ec_nistp_64_gcc_128'
+ elif [ "${CARCH}" == 'i686' ]; then
+ openssltarget='linux-elf'
+ optflags=''
+ fi
+
+ # remove rpath: http://bugs.archlinux.org/task/14367
+ patch -p0 -i $srcdir/no-rpath.patch
+ # set ca dir to /etc/ssl by default
+ patch -p0 -i $srcdir/ca-dir.patch
+
+ # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+ # workaround for https://rt.openssl.org/Ticket/Display.html?id=2771
+ # See Changes file "Changes between 1.0.1 and 1.0.1a [19 Apr 2012]"
+ ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+ shared zlib enable-md2 ${optflags} \
+ "${openssltarget}" \
+ -Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}" \
+ -DOPENSSL_NO_TLS1_2_CLIENT \
+ -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50
+
+ make depend
+ make
+}
+
+check() {
+ cd $srcdir/$pkgname-$_ver
+ # the test fails due to missing write permissions in /etc/ssl
+ # revert this patch for make test
+ patch -p0 -R -i $srcdir/ca-dir.patch
+ # Do not test TLS1.2 as we disabled it above using OPENSSL_NO_TLS1_2_CLIENT
+ sed 's/TLSv1.2 //g' -i test/testssl
+ make test
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+ cd $srcdir/$pkgname-$_ver
+ make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
+ install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}
Copied: openssl/repos/testing-x86_64/ca-dir.patch (from rev 178117, openssl/trunk/ca-dir.patch)
===================================================================
--- testing-x86_64/ca-dir.patch (rev 0)
+++ testing-x86_64/ca-dir.patch 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,33 @@
+--- apps/CA.pl.in 2006-04-28 02:30:49.000000000 +0200
++++ apps/CA.pl.in 2010-04-01 00:35:02.600553509 +0200
+@@ -53,7 +53,7 @@
+ $X509="$openssl x509";
+ $PKCS12="$openssl pkcs12";
+
+-$CATOP="./demoCA";
++$CATOP="/etc/ssl";
+ $CAKEY="cakey.pem";
+ $CAREQ="careq.pem";
+ $CACERT="cacert.pem";
+--- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200
++++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200
+@@ -68,7 +68,7 @@
+ X509="$OPENSSL x509"
+ PKCS12="openssl pkcs12"
+
+-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
++if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi
+ CAKEY=./cakey.pem
+ CAREQ=./careq.pem
+ CACERT=./cacert.pem
+--- apps/openssl.cnf 2009-04-04 20:09:43.000000000 +0200
++++ apps/openssl.cnf 2010-04-01 00:35:02.607220681 +0200
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+
+-dir = ./demoCA # Where everything is kept
++dir = /etc/ssl # Where everything is kept
+ certs = $dir/certs # Where the issued certs are kept
+ crl_dir = $dir/crl # Where the issued crl are kept
+ database = $dir/index.txt # database index file.
Copied: openssl/repos/testing-x86_64/no-rpath.patch (from rev 178117, openssl/trunk/no-rpath.patch)
===================================================================
--- testing-x86_64/no-rpath.patch (rev 0)
+++ testing-x86_64/no-rpath.patch 2013-02-16 20:34:18 UTC (rev 178118)
@@ -0,0 +1,11 @@
+--- Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200
++++ Makefile.shared 2005-11-16 22:35:37.000000000 +0100
+@@ -153,7 +153,7 @@
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
++DO_GNU_APP=LDFLAGS="$(CFLAGS)"
+
+ #This is rather special. It's a special target with which one can link
+ #applications without bothering with any features that have anything to
More information about the arch-commits
mailing list