[arch-commits] Commit in openssl/repos (6 files)

Pierre Schmitz pierre at archlinux.org
Thu Nov 2 17:41:41 UTC 2017


    Date: Thursday, November 2, 2017 @ 17:41:41
  Author: pierre
Revision: 308865

archrelease: copy trunk to testing-i686, testing-x86_64

Added:
  openssl/repos/testing-i686/
  openssl/repos/testing-i686/PKGBUILD
    (from rev 308864, openssl/trunk/PKGBUILD)
  openssl/repos/testing-i686/ca-dir.patch
    (from rev 308864, openssl/trunk/ca-dir.patch)
  openssl/repos/testing-x86_64/
  openssl/repos/testing-x86_64/PKGBUILD
    (from rev 308864, openssl/trunk/PKGBUILD)
  openssl/repos/testing-x86_64/ca-dir.patch
    (from rev 308864, openssl/trunk/ca-dir.patch)

-----------------------------+
 testing-i686/PKGBUILD       |   66 ++++++++++++++++++++++++++++++++++++++++++
 testing-i686/ca-dir.patch   |   31 +++++++++++++++++++
 testing-x86_64/PKGBUILD     |   66 ++++++++++++++++++++++++++++++++++++++++++
 testing-x86_64/ca-dir.patch |   31 +++++++++++++++++++
 4 files changed, 194 insertions(+)

Copied: openssl/repos/testing-i686/PKGBUILD (from rev 308864, openssl/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD	                        (rev 0)
+++ testing-i686/PKGBUILD	2017-11-02 17:41:41 UTC (rev 308865)
@@ -0,0 +1,66 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.1.0g
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+        "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+        'ca-dir.patch')
+sha256sums=('de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af'
+            'SKIP'
+            '90c7411fed0157116f2df8f4be755aaf5a26e8484351b4e6a79492805d5f2790')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+	cd "$srcdir/$pkgname-$_ver"
+
+	# set ca dir to /etc/ssl by default
+	patch -p0 -i "$srcdir/ca-dir.patch"
+}
+
+build() {
+	cd "$srcdir/$pkgname-$_ver"
+
+	if [ "${CARCH}" == 'x86_64' ]; then
+		openssltarget='linux-x86_64'
+		optflags='enable-ec_nistp_64_gcc_128'
+	elif [ "${CARCH}" == 'i686' ]; then
+		openssltarget='linux-elf'
+		optflags=''
+	fi
+
+	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
+	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+		shared no-ssl3-method ${optflags} \
+		"${openssltarget}" \
+		"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+	make depend
+	make
+}
+
+check() {
+	cd "$srcdir/$pkgname-$_ver"
+	# the test fails due to missing write permissions in /etc/ssl
+	# revert this patch for make test
+	patch -p0 -R -i "$srcdir/ca-dir.patch"
+	make test
+	patch -p0 -i "$srcdir/ca-dir.patch"
+}
+
+package() {
+	cd "$srcdir/$pkgname-$_ver"
+	make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
+	install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}

Copied: openssl/repos/testing-i686/ca-dir.patch (from rev 308864, openssl/trunk/ca-dir.patch)
===================================================================
--- testing-i686/ca-dir.patch	                        (rev 0)
+++ testing-i686/ca-dir.patch	2017-11-02 17:41:41 UTC (rev 308865)
@@ -0,0 +1,31 @@
+--- apps/CA.pl.in	2016-09-26 11:46:04.000000000 +0200
++++ apps/CA.pl.in	2016-11-01 16:02:16.709616823 +0100
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
+ 
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf	2016-09-26 11:46:04.000000000 +0200
++++ apps/openssl.cnf	2016-11-01 16:02:48.378503427 +0100
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+ 
+-dir		= ./demoCA		# Where everything is kept
++dir		= /etc/ssl		# Where everything is kept
+ certs		= $dir/certs		# Where the issued certs are kept
+ crl_dir		= $dir/crl		# Where the issued crl are kept
+ database	= $dir/index.txt	# database index file.
+@@ -323,7 +323,7 @@
+ [ tsa_config1 ]
+ 
+ # These are used by the TSA reply generation only.
+-dir		= ./demoCA		# TSA root directory
++dir		= /etc/ssl		# TSA root directory
+ serial		= $dir/tsaserial	# The current serial number (mandatory)
+ crypto_device	= builtin		# OpenSSL engine to use for signing
+ signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate

Copied: openssl/repos/testing-x86_64/PKGBUILD (from rev 308864, openssl/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD	                        (rev 0)
+++ testing-x86_64/PKGBUILD	2017-11-02 17:41:41 UTC (rev 308865)
@@ -0,0 +1,66 @@
+# $Id$
+# Maintainer: Pierre Schmitz <pierre at archlinux.de>
+
+pkgname=openssl
+_ver=1.1.0g
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+#pkgver=$_ver
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
+arch=('i686' 'x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('perl')
+optdepends=('ca-certificates')
+backup=('etc/ssl/openssl.cnf')
+source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
+        "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
+        'ca-dir.patch')
+sha256sums=('de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af'
+            'SKIP'
+            '90c7411fed0157116f2df8f4be755aaf5a26e8484351b4e6a79492805d5f2790')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
+
+prepare() {
+	cd "$srcdir/$pkgname-$_ver"
+
+	# set ca dir to /etc/ssl by default
+	patch -p0 -i "$srcdir/ca-dir.patch"
+}
+
+build() {
+	cd "$srcdir/$pkgname-$_ver"
+
+	if [ "${CARCH}" == 'x86_64' ]; then
+		openssltarget='linux-x86_64'
+		optflags='enable-ec_nistp_64_gcc_128'
+	elif [ "${CARCH}" == 'i686' ]; then
+		openssltarget='linux-elf'
+		optflags=''
+	fi
+
+	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
+	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
+		shared no-ssl3-method ${optflags} \
+		"${openssltarget}" \
+		"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+	make depend
+	make
+}
+
+check() {
+	cd "$srcdir/$pkgname-$_ver"
+	# the test fails due to missing write permissions in /etc/ssl
+	# revert this patch for make test
+	patch -p0 -R -i "$srcdir/ca-dir.patch"
+	make test
+	patch -p0 -i "$srcdir/ca-dir.patch"
+}
+
+package() {
+	cd "$srcdir/$pkgname-$_ver"
+	make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
+	install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
+}

Copied: openssl/repos/testing-x86_64/ca-dir.patch (from rev 308864, openssl/trunk/ca-dir.patch)
===================================================================
--- testing-x86_64/ca-dir.patch	                        (rev 0)
+++ testing-x86_64/ca-dir.patch	2017-11-02 17:41:41 UTC (rev 308865)
@@ -0,0 +1,31 @@
+--- apps/CA.pl.in	2016-09-26 11:46:04.000000000 +0200
++++ apps/CA.pl.in	2016-11-01 16:02:16.709616823 +0100
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
+ 
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf	2016-09-26 11:46:04.000000000 +0200
++++ apps/openssl.cnf	2016-11-01 16:02:48.378503427 +0100
+@@ -39,7 +39,7 @@
+ ####################################################################
+ [ CA_default ]
+ 
+-dir		= ./demoCA		# Where everything is kept
++dir		= /etc/ssl		# Where everything is kept
+ certs		= $dir/certs		# Where the issued certs are kept
+ crl_dir		= $dir/crl		# Where the issued crl are kept
+ database	= $dir/index.txt	# database index file.
+@@ -323,7 +323,7 @@
+ [ tsa_config1 ]
+ 
+ # These are used by the TSA reply generation only.
+-dir		= ./demoCA		# TSA root directory
++dir		= /etc/ssl		# TSA root directory
+ serial		= $dir/tsaserial	# The current serial number (mandatory)
+ crypto_device	= builtin		# OpenSSL engine to use for signing
+ signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate


More information about the arch-commits mailing list