[arch-commits] Commit in openssl/repos (6 files)
Pierre Schmitz
pierre at archlinux.org
Sat Feb 11 09:02:40 UTC 2017
Date: Saturday, February 11, 2017 @ 09:02:39
Author: pierre
Revision: 288567
archrelease: copy trunk to staging-i686, staging-x86_64
Added:
openssl/repos/staging-i686/
openssl/repos/staging-i686/PKGBUILD
(from rev 288566, openssl/trunk/PKGBUILD)
openssl/repos/staging-i686/ca-dir.patch
(from rev 288566, openssl/trunk/ca-dir.patch)
openssl/repos/staging-x86_64/
openssl/repos/staging-x86_64/PKGBUILD
(from rev 288566, openssl/trunk/PKGBUILD)
openssl/repos/staging-x86_64/ca-dir.patch
(from rev 288566, openssl/trunk/ca-dir.patch)
-----------------------------+
staging-i686/PKGBUILD | 73 ++++++++++++++++++++++++++++++++++++++++++
staging-i686/ca-dir.patch | 31 +++++++++++++++++
staging-x86_64/PKGBUILD | 73 ++++++++++++++++++++++++++++++++++++++++++
staging-x86_64/ca-dir.patch | 31 +++++++++++++++++
4 files changed, 208 insertions(+)
Copied: openssl/repos/staging-i686/PKGBUILD (from rev 288566, openssl/trunk/PKGBUILD)
===================================================================
--- staging-i686/PKGBUILD (rev 0)
+++ staging-i686/PKGBUILD 2017-02-11 09:02:39 UTC (rev 288567)
@@ -0,0 +1,73 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.1.0d
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+ "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+ 'ca-dir.patch')
+md5sums=('711ce3cd5f53a99c0e12a7d5804f0f63'
+ 'SKIP'
+ '02b53865fb70faef763e262b4971aa4b')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+ cd $srcdir/$pkgname-$_ver
+
+ # set ca dir to /etc/ssl by default
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+build() {
+ cd $srcdir/$pkgname-$_ver
+
+ if [ "${CARCH}" == 'x86_64' ]; then
+ openssltarget='linux-x86_64'
+ optflags='enable-ec_nistp_64_gcc_128'
+ elif [ "${CARCH}" == 'i686' ]; then
+ openssltarget='linux-elf'
+ optflags=''
+ fi
+
+ # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+ ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+ shared no-ssl3-method ${optflags} \
+ "${openssltarget}" \
+ "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+ make depend
+ make
+}
+
+check() {
+ cd $srcdir/$pkgname-$_ver
+ # the test fails due to missing write permissions in /etc/ssl
+ # revert this patch for make test
+ patch -p0 -R -i $srcdir/ca-dir.patch
+ make test
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+ cd $srcdir/$pkgname-$_ver
+ make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
+ install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+
+ # bootstrap hack
+ pushd $pkgdir/usr/lib
+ for lib in crypto ssl; do
+ ln -s lib${lib}.so.1.1 lib${lib}.so.1.0.0
+ done
+ popd
+}
Copied: openssl/repos/staging-i686/ca-dir.patch (from rev 288566, openssl/trunk/ca-dir.patch)
===================================================================
--- staging-i686/ca-dir.patch (rev 0)
+++ staging-i686/ca-dir.patch 2017-02-11 09:02:39 UTC (rev 288567)
@@ -0,0 +1,31 @@
+--- apps/CA.pl.in 2016-09-26 11:46:04.000000000 +0200
++++ apps/CA.pl.in 2016-11-01 16:02:16.709616823 +0100
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
+
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf 2016-09-26 11:46:04.000000000 +0200
++++ apps/openssl.cnf 2016-11-01 16:02:48.378503427 +0100
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+
+-dir = ./demoCA # Where everything is kept
++dir = /etc/ssl # Where everything is kept
+ certs = $dir/certs # Where the issued certs are kept
+ crl_dir = $dir/crl # Where the issued crl are kept
+ database = $dir/index.txt # database index file.
+@@ -323,7 +323,7 @@
+ [ tsa_config1 ]
+
+ # These are used by the TSA reply generation only.
+-dir = ./demoCA # TSA root directory
++dir = /etc/ssl # TSA root directory
+ serial = $dir/tsaserial # The current serial number (mandatory)
+ crypto_device = builtin # OpenSSL engine to use for signing
+ signer_cert = $dir/tsacert.pem # The TSA signing certificate
Copied: openssl/repos/staging-x86_64/PKGBUILD (from rev 288566, openssl/trunk/PKGBUILD)
===================================================================
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2017-02-11 09:02:39 UTC (rev 288567)
@@ -0,0 +1,73 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.1.0d
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+ "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+ 'ca-dir.patch')
+md5sums=('711ce3cd5f53a99c0e12a7d5804f0f63'
+ 'SKIP'
+ '02b53865fb70faef763e262b4971aa4b')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+ cd $srcdir/$pkgname-$_ver
+
+ # set ca dir to /etc/ssl by default
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+build() {
+ cd $srcdir/$pkgname-$_ver
+
+ if [ "${CARCH}" == 'x86_64' ]; then
+ openssltarget='linux-x86_64'
+ optflags='enable-ec_nistp_64_gcc_128'
+ elif [ "${CARCH}" == 'i686' ]; then
+ openssltarget='linux-elf'
+ optflags=''
+ fi
+
+ # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+ ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+ shared no-ssl3-method ${optflags} \
+ "${openssltarget}" \
+ "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+ make depend
+ make
+}
+
+check() {
+ cd $srcdir/$pkgname-$_ver
+ # the test fails due to missing write permissions in /etc/ssl
+ # revert this patch for make test
+ patch -p0 -R -i $srcdir/ca-dir.patch
+ make test
+ patch -p0 -i $srcdir/ca-dir.patch
+}
+
+package() {
+ cd $srcdir/$pkgname-$_ver
+ make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
+ install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+
+ # bootstrap hack
+ pushd $pkgdir/usr/lib
+ for lib in crypto ssl; do
+ ln -s lib${lib}.so.1.1 lib${lib}.so.1.0.0
+ done
+ popd
+}
Copied: openssl/repos/staging-x86_64/ca-dir.patch (from rev 288566, openssl/trunk/ca-dir.patch)
===================================================================
--- staging-x86_64/ca-dir.patch (rev 0)
+++ staging-x86_64/ca-dir.patch 2017-02-11 09:02:39 UTC (rev 288567)
@@ -0,0 +1,31 @@
+--- apps/CA.pl.in 2016-09-26 11:46:04.000000000 +0200
++++ apps/CA.pl.in 2016-11-01 16:02:16.709616823 +0100
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
+
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf 2016-09-26 11:46:04.000000000 +0200
++++ apps/openssl.cnf 2016-11-01 16:02:48.378503427 +0100
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+
+-dir = ./demoCA # Where everything is kept
++dir = /etc/ssl # Where everything is kept
+ certs = $dir/certs # Where the issued certs are kept
+ crl_dir = $dir/crl # Where the issued crl are kept
+ database = $dir/index.txt # database index file.
+@@ -323,7 +323,7 @@
+ [ tsa_config1 ]
+
+ # These are used by the TSA reply generation only.
+-dir = ./demoCA # TSA root directory
++dir = /etc/ssl # TSA root directory
+ serial = $dir/tsaserial # The current serial number (mandatory)
+ crypto_device = builtin # OpenSSL engine to use for signing
+ signer_cert = $dir/tsacert.pem # The TSA signing certificate
More information about the arch-commits
mailing list