[arch-commits] Commit in lib32-openssl/trunk (4 files)

Evangelos Foutras foutrelis at archlinux.org
Mon Mar 13 03:38:36 UTC 2017 

    Date: Monday, March 13, 2017 @ 03:38:36
  Author: foutrelis
Revision: 215996

upgpkg: lib32-openssl 1:1.1.0.e-1

New upstream release.

Modified:
  lib32-openssl/trunk/PKGBUILD
  lib32-openssl/trunk/ca-dir.patch
Deleted:
  lib32-openssl/trunk/no-rpath.patch
  lib32-openssl/trunk/ssl3-test-failure.patch

-------------------------+
 PKGBUILD                |   19 ++++---------------
 ca-dir.patch            |   44 +++++++++++++++++++++-----------------------
 no-rpath.patch          |   11 -----------
 ssl3-test-failure.patch |   26 --------------------------
 4 files changed, 25 insertions(+), 75 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-03-13 03:25:15 UTC (rev 215995)
+++ PKGBUILD	2017-03-13 03:38:36 UTC (rev 215996)
@@ -3,7 +3,7 @@
 
 _pkgbasename=openssl
 pkgname=lib32-$_pkgbasename
-_ver=1.0.2k
+_ver=1.1.0e
 # use a pacman compatible version scheme
 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
 #pkgver=$_ver
@@ -16,28 +16,17 @@
 depends=('lib32-glibc' "${_pkgbasename}")
 optdepends=('ca-certificates')
 makedepends=('gcc-multilib')
-options=('!makeflags')
 source=("https://www.openssl.org/source/${_pkgbasename}-${_ver}.tar.gz"
         "https://www.openssl.org/source/${_pkgbasename}-${_ver}.tar.gz.asc"
-        'no-rpath.patch'
-        'ssl3-test-failure.patch'
         'ca-dir.patch')
 validpgpkeys=(8657ABB260F056B1E5190839D9C4D26D0E604491)
-md5sums=('f965fc0bf01bf882b31314b61391ae65'
+md5sums=('51c42d152122e474754aea96f66928c6'
          'SKIP'
-         'dc78d3d06baffc16217519242ce92478'
-         '62fc492252edd3283871632bb77fadbe'
-         '3bf51be3a1bbd262be46dc619f92aa90')
+         '02b53865fb70faef763e262b4971aa4b')
 
 prepare() {
 	cd $srcdir/$_pkgbasename-$_ver
 
-	# remove rpath: http://bugs.archlinux.org/task/14367
-	patch -p0 -i $srcdir/no-rpath.patch
-
-	# disable a test that fails when ssl3 is disabled
-	patch -p1 -i $srcdir/ssl3-test-failure.patch
-
 	# set ca dir to /etc/ssl by default
 	patch -p0 -i $srcdir/ca-dir.patch
 }
@@ -70,7 +59,7 @@
 
 package() {
 	cd $srcdir/$_pkgbasename-$_ver
-	make INSTALL_PREFIX=$pkgdir install_sw
+	make DESTDIR=$pkgdir install_sw
 
 	rm -rf ${pkgdir}/{usr/{include,bin},etc}
 	mkdir -p $pkgdir/usr/share/licenses

Modified: ca-dir.patch
===================================================================
--- ca-dir.patch	2017-03-13 03:25:15 UTC (rev 215995)
+++ ca-dir.patch	2017-03-13 03:38:36 UTC (rev 215996)
@@ -1,27 +1,16 @@
---- apps/CA.pl.in	2006-04-28 02:30:49.000000000 +0200
-+++ apps/CA.pl.in	2010-04-01 00:35:02.600553509 +0200
-@@ -53,7 +53,7 @@
- $X509="$openssl x509";
- $PKCS12="$openssl pkcs12";
+--- apps/CA.pl.in	2016-09-26 11:46:04.000000000 +0200
++++ apps/CA.pl.in	2016-11-01 16:02:16.709616823 +0100
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
  
--$CATOP="./demoCA";
-+$CATOP="/etc/ssl";
- $CAKEY="cakey.pem";
- $CAREQ="careq.pem";
- $CACERT="cacert.pem";
---- apps/CA.sh	2009-10-15 19:27:47.000000000 +0200
-+++ apps/CA.sh	2010-04-01 00:35:02.600553509 +0200
-@@ -68,7 +68,7 @@
- X509="$OPENSSL x509"
- PKCS12="openssl pkcs12"
- 
--if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
-+if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi
- CAKEY=./cakey.pem
- CAREQ=./careq.pem
- CACERT=./cacert.pem
---- apps/openssl.cnf	2009-04-04 20:09:43.000000000 +0200
-+++ apps/openssl.cnf	2010-04-01 00:35:02.607220681 +0200
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf	2016-09-26 11:46:04.000000000 +0200
++++ apps/openssl.cnf	2016-11-01 16:02:48.378503427 +0100
 @@ -39,7 +39,7 @@
  ####################################################################
  [ CA_default ]
@@ -31,3 +20,12 @@
  certs		= $dir/certs		# Where the issued certs are kept
  crl_dir		= $dir/crl		# Where the issued crl are kept
  database	= $dir/index.txt	# database index file.
+@@ -323,7 +323,7 @@
+ [ tsa_config1 ]
+ 
+ # These are used by the TSA reply generation only.
+-dir		= ./demoCA		# TSA root directory
++dir		= /etc/ssl		# TSA root directory
+ serial		= $dir/tsaserial	# The current serial number (mandatory)
+ crypto_device	= builtin		# OpenSSL engine to use for signing
+ signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate

Deleted: no-rpath.patch
===================================================================
--- no-rpath.patch	2017-03-13 03:25:15 UTC (rev 215995)
+++ no-rpath.patch	2017-03-13 03:38:36 UTC (rev 215996)
@@ -1,11 +0,0 @@
---- Makefile.shared.no-rpath	2005-06-23 22:47:54.000000000 +0200
-+++ Makefile.shared	2005-11-16 22:35:37.000000000 +0100
-@@ -153,7 +153,7 @@
- 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
- 
--DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
-+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
- 
- #This is rather special.  It's a special target with which one can link
- #applications without bothering with any features that have anything to

Deleted: ssl3-test-failure.patch
===================================================================
--- ssl3-test-failure.patch	2017-03-13 03:25:15 UTC (rev 215995)
+++ ssl3-test-failure.patch	2017-03-13 03:38:36 UTC (rev 215996)
@@ -1,26 +0,0 @@
-From: Kurt Roeckx <kurt at roeckx.be>
-Date: Sun, 6 Sep 2015 16:04:11 +0200
-Subject: Disable SSLv3 test in test suite
-
-When testing SSLv3 the test program returns 0 for skip.  The test for weak DH
-expects a failure, but gets success.
-
-It should probably be changed to return something other than 0 for a skipped
-test.
----
- test/testssl | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/test/testssl b/test/testssl
-index 747e4ba..1e4370b 100644
---- a/test/testssl
-+++ b/test/testssl
-@@ -160,7 +160,7 @@ test_cipher() {
- }
- 
- echo "Testing ciphersuites"
--for protocol in TLSv1.2 SSLv3; do
-+for protocol in TLSv1.2; do
-   echo "Testing ciphersuites for $protocol"
-   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
-     test_cipher $cipher $protocol

More information about the arch-commits mailing list