current/SPECS/openssl.spec

%define maj 1.0.0
%define engines_name %mklibname openssl-engines %{maj}
%define libname %mklibname openssl %{maj}
%define develname %mklibname openssl -d
%define staticname %mklibname openssl -s -d

%define conflict1 %mklibname openssl 0.9.7
%define conflict2 %mklibname openssl 0.9.8

# Number of threads to spawn when testing some threading fixes.
#define thread_test_threads %{?threads:%{threads}}%{!?threads:1}

%define with_krb5 0

Summary:        Secure Sockets Layer communications libs & utils
Name:           openssl
Version:        1.0.2j
Release:        %mkrel 1
License:        BSD-like
Group:          System/Libraries
URL:            http://www.openssl.org/
Source0:        http://www.openssl.org/source/%{name}-%{version}.tar.gz
Source1:        http://www.openssl.org/source/%{name}-%{version}.tar.gz.asc
Source2:        Makefile.certificate
Source3:        make-dummy-cert
Source4:        openssl-thread-test.c
# (gb) 0.9.7b-4mdk: Handle RPM_OPT_FLAGS in Configure
Patch2:         openssl-1.0.2e-optflags.patch
# (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
# http://www.iti.gov.br/resolucoes/RESOLU__O_13_DE_26_04_2002.PDF
Patch6:         openssl-1.0.2-icpbrasil.diff
# http://qa.mandriva.com/show_bug.cgi?id=32621
# patch15 removed: https://bugs.mageia.org/show_bug.cgi?id=15027
#Patch15:       openssl-0.9.8e-crt.patch

# fedora patches
Patch7:         openssl-1.0.2-defaults.patch
Patch12:        openssl-1.0.2-x509.patch
Patch13:        openssl-1.0.2-version-add-engines.patch
Patch16:        openssl-1.0.2-enginesdir.patch
Patch17:        openssl-1.0.2-pkgconfig-krb5.patch
Patch18:        openssl-1.0.2g-manfix.patch
Patch19:        openssl-1.0.2g-disable-sslv2v3.patch

# MIPS and ARM support
Patch300:       openssl-1.0.2a-mips.patch
Patch301:       openssl-1.0.2a-arm.patch
Requires:       %{libname} = %{version}-%{release}
Requires:       rootcerts
%if %with_krb5
BuildRequires: krb5-devel
%endif
BuildRequires:  multiarch-utils >= 1.0.3
BuildRequires:  chrpath
BuildRequires:  zlib-devel
# (tv) for test suite:
BuildRequires:  bc

%description
The openssl certificate management tool and the shared libraries that provide
various encryption and decription algorithms and protocols, including DES, RC4,
RSA and SSL.

%package -n     %{engines_name}
Summary:        Engines for openssl
Group:          System/Libraries
Obsoletes:      openssl-engines < 1.0.0a-5
Provides:       openssl-engines = %{version}-%{release}

%description -n %{engines_name}
This package provides engines for openssl.

%package -n     %{libname}
Summary:        Secure Sockets Layer communications libs
Group:          System/Libraries
Requires:       %{engines_name} >= %{version}-%{release}
Provides:       %{libname} = %{version}-%{release}

%description -n %{libname}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.

%package -n     %{develname}
Summary:        Secure Sockets Layer communications libs & headers & utils
Group:          Development/Other
Requires:       %{libname} = %{version}-%{release}
Provides:       libopenssl-devel
Provides:       openssl-devel = %{version}-%{release}
# temporary opsolete, will be a conflict later. a compat package
# with openssl-0.9.7 devel libs will be provided soon
Obsoletes:      %{conflict1}-devel
Obsoletes:      %{conflict2}-devel
Obsoletes:      %{mklibname openssl 1.0.0}-devel
Provides:       %{name}-devel = %{version}-%{release}

%description -n %{develname}
The libraries and include files needed to compile apps with support
for various cryptographic algorithms and protocols, including DES, RC4, RSA
and SSL.

%package -n     %{staticname}
Summary:        Secure Sockets Layer communications static libs
Group:          Development/Other
Requires:       %{develname} = %{version}-%{release}
Provides:       libopenssl-static-devel
Provides:       openssl-static-devel = %{version}-%{release}
# temporary opsolete, will be a conflict later. a compat package
# with openssl-0.9.7 static-devel libs will be provided soon
Obsoletes:      %{conflict1}-static-devel
Obsoletes:      %{conflict2}-static-devel
Obsoletes:      %{mklibname openssl 1.0.0}-static-devel
Provides:       %{name}-static-devel = %{version}-%{release}

%description -n %{staticname}
The static libraries needed to compile apps with support for various
cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.

%package perl
Summary: Perl scripts provided with OpenSSL
Group:   System/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
Conflicts: %name <= 1.0.2h-1.mga6

%description perl
OpenSSL is a toolkit for supporting cryptography. The openssl-perl
package provides Perl scripts for converting certificates and keys
from other formats to the formats used by the OpenSSL toolkit.

%prep

%setup -q
%patch2 -p1 -b .optflags
%patch6 -p0 -b .icpbrasil
%patch7 -p1 -b .defaults
%patch12 -p1 -b .x509
%patch13 -p1 -b .version-add-engines
#patch15 -p1 -b .crt
%patch16 -p1 -b .engines
%patch17 -p1 -b .krb5
%patch18 -p1 -b .manfix
%patch19 -p1 -b .v2v3

%patch300 -p1 -b .mips
%patch301 -p1 -b .arm

perl -pi -e "s,^(OPENSSL_LIBNAME=).+$,\1%{_lib}," Makefile.org engines/Makefile

cp %{SOURCE2} Makefile.certificate
cp %{SOURCE3} make-dummy-cert
cp %{SOURCE4} openssl-thread-test.c

%build 
%serverbuild

# Figure out which flags we want to use.
# default
sslarch=%{_os}-%{_arch}
%ifarch %ix86
sslarch=linux-elf
if ! echo %{_target} | grep -q i[56]86 ; then
    sslflags="no-asm"
fi
%endif
%ifarch sparcv9
sslarch=linux-sparcv9
%endif
%ifarch alpha
sslarch=linux-alpha-gcc
%endif
%ifarch s390
sslarch="linux-generic32 -DB_ENDIAN -DNO_ASM"
%endif
%ifarch s390x
sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
%endif

# ia64, x86_64, ppc, ppc64 are OK by default
# Configure the build tree.  Override OpenSSL defaults with known-good defaults
# usable on all platforms.  The Configure script already knows to use -fPIC and
# RPM_OPT_FLAGS, so we can skip specifiying them here.
./Configure \
    --prefix=%{_prefix} \
    --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
    --libdir=%{_lib}/ \
%if %with_krb5
    --with-krb5-flavor=MIT --with-krb5-dir=%{_prefix} \
%endif
    --enginesdir=%{_libdir}/openssl/%{version}/engines \
     zlib no-idea no-rc5 enable-camellia shared enable-tlsext ${sslarch} \
%ifarch x86_64
     enable-ec_nistp_64_gcc_128
%endif

# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
# marked as not requiring an executable stack.
RPM_OPT_FLAGS="%{optflags} -Wa,--noexecstack"
make depend
make all build-shared

# Generate hashes for the included certs.
make rehash build-shared

%check
# Verify that what was compiled actually works.
export LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}

make -C test apps tests

gcc -o openssl-thread-test \
    %{?_with_krb5:`krb5-config --cflags`} \
    -I./include \
    %{optflags} \
    openssl-thread-test.c \
    -L. -lssl -lcrypto \
    %{?_with_krb5:`krb5-config --libs`} \
    -lpthread -lz -ldl

./openssl-thread-test --threads %{thread_test_threads}

%install
%makeinstall \
    INSTALL_PREFIX=%{buildroot} \
    MANDIR=%{_mandir} \
    build-shared

install -d -m 755 %{buildroot}%{_libdir}/openssl/%{version}
mv %{buildroot}%{_libdir}/engines %{buildroot}%{_libdir}/openssl/%{version}

# make the rootcerts dir
install -d %{buildroot}%{_sysconfdir}/pki/tls/rootcerts

# Install a makefile for generating keys and self-signed certs, and a script
# for generating them on the fly.
install -d %{buildroot}%{_sysconfdir}/pki/tls/certs
install -m0644 Makefile.certificate %{buildroot}%{_sysconfdir}/pki/tls/certs/Makefile
install -m0755 make-dummy-cert %{buildroot}%{_sysconfdir}/pki/tls/certs/make-dummy-cert

# Pick a CA script.
mv %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.sh %{buildroot}%{_sysconfdir}/pki/tls/misc/CA

install -d %{buildroot}%{_sysconfdir}/pki/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA/private

# openssl was named ssleay in "ancient" times.
ln -snf openssl %{buildroot}%{_bindir}/ssleay

# The man pages rand.3 and passwd.1 conflict with other packages
# Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
ln -sf ssl-passwd.1%{_extension} %{buildroot}%{_mandir}/man1/openssl-passwd.1%{_extension}

for i in rand err; do
    mv %{buildroot}%{_mandir}/man3/$i.3 %{buildroot}%{_mandir}/man3/ssl-$i.3
    ln -snf ssl-$i.3%{_extension} %{buildroot}%{_mandir}/man3/openssl-$i.3%{_extension}
done

rm -rf {main,devel}-doc-info
mkdir -p {main,devel}-doc-info
cat > main-doc-info/README.mga <<EOF
Warning:
The man page of passwd, passwd.1, has been renamed to ssl-passwd.1
to avoid a conflict with passwd.1 man page from the package passwd.
EOF

cat > devel-doc-info/README.mga <<EOF
Warning:
The man page of rand, rand.3, has been renamed to ssl-rand.3
to avoid a conflict with rand.3 from the package man-pages
The man page of err, err.3, has been renamed to ssl-err.3
to avoid a conflict with err.3 from the package man-pages
EOF

chmod 755 %{buildroot}%{_libdir}/pkgconfig

%multiarch_includes %{buildroot}%{_includedir}/openssl/opensslconf.h

# strip cannot touch these unless 755
chmod 755 %{buildroot}%{_libdir}/openssl/%{version}/engines/*.so*
chmod 755 %{buildroot}%{_libdir}/*.so*
chmod 755 %{buildroot}%{_bindir}/*

# nuke a mistake
rm -f %{buildroot}%{_mandir}/man3/.3

# nuke rpath
chrpath -d %{buildroot}%{_bindir}/openssl

# Fix libdir.
pushd %{buildroot}%{_libdir}/pkgconfig
    for i in *.pc ; do
        sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_lib},g' \
            $i >$i.tmp && \
            cat $i.tmp >$i && \
            rm -f $i.tmp
    done
popd

# adjust ssldir
perl -pi -e "s|^CATOP=.*|CATOP=%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
perl -pi -e "s|\./demoCA|%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf

%files 
%doc FAQ INSTALL LICENSE NEWS PROBLEMS main-doc-info/README*
%doc README README.ASN1 README.ENGINE
%dir %{_sysconfdir}/pki
%dir %{_sysconfdir}/pki/CA
%dir %{_sysconfdir}/pki/CA/private
%dir %{_sysconfdir}/pki/tls
%dir %{_sysconfdir}/pki/tls/certs
%dir %{_sysconfdir}/pki/tls/misc
%dir %{_sysconfdir}/pki/tls/private
%dir %{_sysconfdir}/pki/tls/rootcerts
%{_sysconfdir}/pki/tls/misc/CA
%{_sysconfdir}/pki/tls/misc/c_*
%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
%{_sysconfdir}/pki/tls/certs/make-dummy-cert
%{_sysconfdir}/pki/tls/certs/Makefile
%{_bindir}/*
%exclude %{_bindir}/c_rehash
%{_mandir}/man[157]/*

%files -n %{libname}
%doc FAQ INSTALL LICENSE NEWS PROBLEMS README*
%{_libdir}/lib*.so.%{maj}

%files -n %{engines_name}
%{_libdir}/openssl

%files -n %{develname}
%doc CHANGES doc/* devel-doc-info/README*
%dir %{_includedir}/openssl
%multiarch %{multiarch_includedir}/openssl/opensslconf.h
%{_includedir}/openssl/*
%{_libdir}/lib*.so
%{_mandir}/man3/*
%{_libdir}/pkgconfig/*

%files -n %{staticname}
%{_libdir}/lib*.a

%files perl
%defattr(-,root,root)
%attr(0755,root,root) %{_bindir}/c_rehash
%attr(0644,root,root) %{_mandir}/man1*/*.pl*
%{_sysconfdir}/pki/tls/misc/*.pl
%{_sysconfdir}/pki/tls/misc/tsget
1	guillomovitch	257018	%define maj 1.0.0
2	blino	733	%define engines_name %mklibname openssl-engines %{maj}
3			%define libname %mklibname openssl %{maj}
4			%define develname %mklibname openssl -d
5			%define staticname %mklibname openssl -s -d
6
7			%define conflict1 %mklibname openssl 0.9.7
8			%define conflict2 %mklibname openssl 0.9.8
9
10			# Number of threads to spawn when testing some threading fixes.
11			#define thread_test_threads %{?threads:%{threads}}%{!?threads:1}
12
13	guillomovitch	494272	%define with_krb5 0
14	blino	733
15			Summary: Secure Sockets Layer communications libs & utils
16			Name: openssl
17	luigiwalser	1057012	Version: 1.0.2j
18	luigiwalser	1055424	Release: %mkrel 1
19	blino	733	License: BSD-like
20			Group: System/Libraries
21			URL: http://www.openssl.org/
22	fwang	394893	Source0: http://www.openssl.org/source/%{name}-%{version}.tar.gz
23			Source1: http://www.openssl.org/source/%{name}-%{version}.tar.gz.asc
24	blino	733	Source2: Makefile.certificate
25			Source3: make-dummy-cert
26			Source4: openssl-thread-test.c
27			# (gb) 0.9.7b-4mdk: Handle RPM_OPT_FLAGS in Configure
28	luigiwalser	908064	Patch2: openssl-1.0.2e-optflags.patch
29	blino	733	# (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
30			# http://www.iti.gov.br/resolucoes/RESOLU__O_13_DE_26_04_2002.PDF
31	luigiwalser	816018	Patch6: openssl-1.0.2-icpbrasil.diff
32	guillomovitch	256937	# http://qa.mandriva.com/show_bug.cgi?id=32621
33	luigiwalser	816018	# patch15 removed: https://bugs.mageia.org/show_bug.cgi?id=15027
34			#Patch15: openssl-0.9.8e-crt.patch
35	guillomovitch	256937
36			# fedora patches
37	luigiwalser	816018	Patch7: openssl-1.0.2-defaults.patch
38			Patch12: openssl-1.0.2-x509.patch
39			Patch13: openssl-1.0.2-version-add-engines.patch
40			Patch16: openssl-1.0.2-enginesdir.patch
41			Patch17: openssl-1.0.2-pkgconfig-krb5.patch
42	tmb	981608	Patch18: openssl-1.0.2g-manfix.patch
43			Patch19: openssl-1.0.2g-disable-sslv2v3.patch
44	guillomovitch	256937
45	blino	733	# MIPS and ARM support
46	luigiwalser	818950	Patch300: openssl-1.0.2a-mips.patch
47			Patch301: openssl-1.0.2a-arm.patch
48	blino	733	Requires: %{libname} = %{version}-%{release}
49			Requires: rootcerts
50	guillomovitch	337573	%if %with_krb5
51	guillomovitch	256938	BuildRequires: krb5-devel
52	guillomovitch	337573	%endif
53	blino	733	BuildRequires: multiarch-utils >= 1.0.3
54			BuildRequires: chrpath
55			BuildRequires: zlib-devel
56			# (tv) for test suite:
57			BuildRequires: bc
58
59			%description
60			The openssl certificate management tool and the shared libraries that provide
61			various encryption and decription algorithms and protocols, including DES, RC4,
62			RSA and SSL.
63
64			%package -n %{engines_name}
65			Summary: Engines for openssl
66			Group: System/Libraries
67			Obsoletes: openssl-engines < 1.0.0a-5
68			Provides: openssl-engines = %{version}-%{release}
69
70			%description -n %{engines_name}
71			This package provides engines for openssl.
72
73			%package -n %{libname}
74			Summary: Secure Sockets Layer communications libs
75			Group: System/Libraries
76			Requires: %{engines_name} >= %{version}-%{release}
77			Provides: %{libname} = %{version}-%{release}
78
79			%description -n %{libname}
80			The libraries files are needed for various cryptographic algorithms
81			and protocols, including DES, RC4, RSA and SSL.
82
83			%package -n %{develname}
84			Summary: Secure Sockets Layer communications libs & headers & utils
85			Group: Development/Other
86			Requires: %{libname} = %{version}-%{release}
87			Provides: libopenssl-devel
88			Provides: openssl-devel = %{version}-%{release}
89			# temporary opsolete, will be a conflict later. a compat package
90			# with openssl-0.9.7 devel libs will be provided soon
91			Obsoletes: %{conflict1}-devel
92			Obsoletes: %{conflict2}-devel
93			Obsoletes: %{mklibname openssl 1.0.0}-devel
94			Provides: %{name}-devel = %{version}-%{release}
95
96			%description -n %{develname}
97			The libraries and include files needed to compile apps with support
98			for various cryptographic algorithms and protocols, including DES, RC4, RSA
99			and SSL.
100
101			%package -n %{staticname}
102			Summary: Secure Sockets Layer communications static libs
103			Group: Development/Other
104			Requires: %{develname} = %{version}-%{release}
105			Provides: libopenssl-static-devel
106			Provides: openssl-static-devel = %{version}-%{release}
107			# temporary opsolete, will be a conflict later. a compat package
108			# with openssl-0.9.7 static-devel libs will be provided soon
109			Obsoletes: %{conflict1}-static-devel
110			Obsoletes: %{conflict2}-static-devel
111			Obsoletes: %{mklibname openssl 1.0.0}-static-devel
112			Provides: %{name}-static-devel = %{version}-%{release}
113
114			%description -n %{staticname}
115			The static libraries needed to compile apps with support for various
116			cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
117
118	tv	1020393	%package perl
119			Summary: Perl scripts provided with OpenSSL
120			Group: System/Libraries
121			Requires: %{name}%{?_isa} = %{version}-%{release}
122			Conflicts: %name <= 1.0.2h-1.mga6
123
124			%description perl
125			OpenSSL is a toolkit for supporting cryptography. The openssl-perl
126			package provides Perl scripts for converting certificates and keys
127			from other formats to the formats used by the OpenSSL toolkit.
128
129	blino	733	%prep
130
131	ovitters	877880	%setup -q
132	blino	733	%patch2 -p1 -b .optflags
133			%patch6 -p0 -b .icpbrasil
134			%patch7 -p1 -b .defaults
135			%patch12 -p1 -b .x509
136			%patch13 -p1 -b .version-add-engines
137	luigiwalser	816018	#patch15 -p1 -b .crt
138	guillomovitch	256937	%patch16 -p1 -b .engines
139	guillomovitch	256938	%patch17 -p1 -b .krb5
140	sander85	432014	%patch18 -p1 -b .manfix
141	luigiwalser	792707	%patch19 -p1 -b .v2v3
142	blino	733
143			%patch300 -p1 -b .mips
144			%patch301 -p1 -b .arm
145
146			perl -pi -e "s,^(OPENSSL_LIBNAME=).+$,\1%{_lib}," Makefile.org engines/Makefile
147
148			cp %{SOURCE2} Makefile.certificate
149			cp %{SOURCE3} make-dummy-cert
150			cp %{SOURCE4} openssl-thread-test.c
151
152			%build
153			%serverbuild
154
155			# Figure out which flags we want to use.
156			# default
157			sslarch=%{_os}-%{_arch}
158			%ifarch %ix86
159			sslarch=linux-elf
160			if ! echo %{_target} \| grep -q i[56]86 ; then
161			sslflags="no-asm"
162			fi
163			%endif
164			%ifarch sparcv9
165			sslarch=linux-sparcv9
166			%endif
167			%ifarch alpha
168			sslarch=linux-alpha-gcc
169			%endif
170			%ifarch s390
171			sslarch="linux-generic32 -DB_ENDIAN -DNO_ASM"
172			%endif
173			%ifarch s390x
174			sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
175			%endif
176
177			# ia64, x86_64, ppc, ppc64 are OK by default
178			# Configure the build tree. Override OpenSSL defaults with known-good defaults
179			# usable on all platforms. The Configure script already knows to use -fPIC and
180			# RPM_OPT_FLAGS, so we can skip specifiying them here.
181			./Configure \
182	guillomovitch	256937	--prefix=%{_prefix} \
183	blino	733	--openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
184	guillomovitch	256937	--libdir=%{_lib}/ \
185	guillomovitch	337573	%if %with_krb5
186	guillomovitch	256938	--with-krb5-flavor=MIT --with-krb5-dir=%{_prefix} \
187	guillomovitch	337573	%endif
188	guillomovitch	327008	--enginesdir=%{_libdir}/openssl/%{version}/engines \
189	luigiwalser	983119	zlib no-idea no-rc5 enable-camellia shared enable-tlsext ${sslarch} \
190	guillomovitch	639996	%ifarch x86_64
191			enable-ec_nistp_64_gcc_128
192			%endif
193	blino	733
194			# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
195			# marked as not requiring an executable stack.
196			RPM_OPT_FLAGS="%{optflags} -Wa,--noexecstack"
197			make depend
198			make all build-shared
199
200			# Generate hashes for the included certs.
201			make rehash build-shared
202
203			%check
204			# Verify that what was compiled actually works.
205			export LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
206
207			make -C test apps tests
208
209			gcc -o openssl-thread-test \
210			%{?_with_krb5:`krb5-config --cflags`} \
211			-I./include \
212			%{optflags} \
213			openssl-thread-test.c \
214			-L. -lssl -lcrypto \
215			%{?_with_krb5:`krb5-config --libs`} \
216			-lpthread -lz -ldl
217
218			./openssl-thread-test --threads %{thread_test_threads}
219
220			%install
221			%makeinstall \
222			INSTALL_PREFIX=%{buildroot} \
223			MANDIR=%{_mandir} \
224			build-shared
225
226	guillomovitch	327008	install -d -m 755 %{buildroot}%{_libdir}/openssl/%{version}
227			mv %{buildroot}%{_libdir}/engines %{buildroot}%{_libdir}/openssl/%{version}
228	blino	733
229			# make the rootcerts dir
230			install -d %{buildroot}%{_sysconfdir}/pki/tls/rootcerts
231
232			# Install a makefile for generating keys and self-signed certs, and a script
233			# for generating them on the fly.
234			install -d %{buildroot}%{_sysconfdir}/pki/tls/certs
235			install -m0644 Makefile.certificate %{buildroot}%{_sysconfdir}/pki/tls/certs/Makefile
236			install -m0755 make-dummy-cert %{buildroot}%{_sysconfdir}/pki/tls/certs/make-dummy-cert
237
238			# Pick a CA script.
239			mv %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.sh %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
240
241			install -d %{buildroot}%{_sysconfdir}/pki/CA
242			install -d %{buildroot}%{_sysconfdir}/pki/CA/private
243
244			# openssl was named ssleay in "ancient" times.
245			ln -snf openssl %{buildroot}%{_bindir}/ssleay
246
247			# The man pages rand.3 and passwd.1 conflict with other packages
248			# Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
249			mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
250	oden	330865	ln -sf ssl-passwd.1%{_extension} %{buildroot}%{_mandir}/man1/openssl-passwd.1%{_extension}
251	blino	733
252			for i in rand err; do
253			mv %{buildroot}%{_mandir}/man3/$i.3 %{buildroot}%{_mandir}/man3/ssl-$i.3
254	oden	330865	ln -snf ssl-$i.3%{_extension} %{buildroot}%{_mandir}/man3/openssl-$i.3%{_extension}
255	blino	733	done
256
257			rm -rf {main,devel}-doc-info
258			mkdir -p {main,devel}-doc-info
259	guillomovitch	191621	cat > main-doc-info/README.mga <<EOF
260	blino	733	Warning:
261			The man page of passwd, passwd.1, has been renamed to ssl-passwd.1
262			to avoid a conflict with passwd.1 man page from the package passwd.
263			EOF
264
265	guillomovitch	191621	cat > devel-doc-info/README.mga <<EOF
266	blino	733	Warning:
267			The man page of rand, rand.3, has been renamed to ssl-rand.3
268			to avoid a conflict with rand.3 from the package man-pages
269			The man page of err, err.3, has been renamed to ssl-err.3
270			to avoid a conflict with err.3 from the package man-pages
271			EOF
272
273			chmod 755 %{buildroot}%{_libdir}/pkgconfig
274
275			%multiarch_includes %{buildroot}%{_includedir}/openssl/opensslconf.h
276
277			# strip cannot touch these unless 755
278	guillomovitch	327008	chmod 755 %{buildroot}%{_libdir}/openssl/%{version}/engines/.so
279	blino	733	chmod 755 %{buildroot}%{_libdir}/.so
280			chmod 755 %{buildroot}%{_bindir}/*
281
282			# nuke a mistake
283			rm -f %{buildroot}%{_mandir}/man3/.3
284
285			# nuke rpath
286			chrpath -d %{buildroot}%{_bindir}/openssl
287
288			# Fix libdir.
289			pushd %{buildroot}%{_libdir}/pkgconfig
290			for i in *.pc ; do
291			sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_lib},g' \
292			$i >$i.tmp && \
293			cat $i.tmp >$i && \
294			rm -f $i.tmp
295			done
296			popd
297
298			# adjust ssldir
299			perl -pi -e "s\|^CATOP=.*\|CATOP=%{_sysconfdir}/pki/tls\|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
300			perl -pi -e "s\|^\\\$CATOP\=\".*\|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";\|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
301			perl -pi -e "s\|\./demoCA\|%{_sysconfdir}/pki/tls\|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf
302
303			%files
304			%doc FAQ INSTALL LICENSE NEWS PROBLEMS main-doc-info/README*
305	guillomovitch	256937	%doc README README.ASN1 README.ENGINE
306	blino	733	%dir %{_sysconfdir}/pki
307			%dir %{_sysconfdir}/pki/CA
308			%dir %{_sysconfdir}/pki/CA/private
309			%dir %{_sysconfdir}/pki/tls
310			%dir %{_sysconfdir}/pki/tls/certs
311			%dir %{_sysconfdir}/pki/tls/misc
312			%dir %{_sysconfdir}/pki/tls/private
313			%dir %{_sysconfdir}/pki/tls/rootcerts
314	tv	1020393	%{_sysconfdir}/pki/tls/misc/CA
315			%{_sysconfdir}/pki/tls/misc/c_*
316	guillomovitch	191620	%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
317			%{_sysconfdir}/pki/tls/certs/make-dummy-cert
318			%{_sysconfdir}/pki/tls/certs/Makefile
319			%{_bindir}/*
320	tv	1020393	%exclude %{_bindir}/c_rehash
321	guillomovitch	191620	%{_mandir}/man[157]/*
322	blino	733
323			%files -n %{libname}
324			%doc FAQ INSTALL LICENSE NEWS PROBLEMS README*
325	fwang	257304	%{_libdir}/lib*.so.%{maj}
326	blino	733
327			%files -n %{engines_name}
328	guillomovitch	311668	%{_libdir}/openssl
329	blino	733
330			%files -n %{develname}
331			%doc CHANGES doc/* devel-doc-info/README*
332	guillomovitch	191620	%dir %{_includedir}/openssl
333	blino	733	%multiarch %{multiarch_includedir}/openssl/opensslconf.h
334	guillomovitch	191620	%{_includedir}/openssl/*
335			%{_libdir}/lib*.so
336			%{_mandir}/man3/*
337			%{_libdir}/pkgconfig/*
338	blino	733
339			%files -n %{staticname}
340	fwang	395433	%{_libdir}/lib*.a
341	tv	1020393
342			%files perl
343			%defattr(-,root,root)
344			%attr(0755,root,root) %{_bindir}/c_rehash
345			%attr(0644,root,root) %{_mandir}/man1/.pl*
346			%{_sysconfdir}/pki/tls/misc/*.pl
347			%{_sysconfdir}/pki/tls/misc/tsget