current/SPECS/openssl.spec

%define maj 1.0.0
%define engines_name %mklibname openssl-engines %{maj}
%define libname %mklibname openssl %{maj}
%define develname %mklibname openssl -d
%define staticname %mklibname openssl -s -d

%define conflict1 %mklibname openssl 0.9.7
%define conflict2 %mklibname openssl 0.9.8

# Number of threads to spawn when testing some threading fixes.
#define thread_test_threads %{?threads:%{threads}}%{!?threads:1}

%define with_krb5 %{?_with_krb5:1}%{!?_with_krb5:0}

Summary:        Secure Sockets Layer communications libs & utils
Name:           openssl
Version:        %{maj}j
Release:        %mkrel 1
License:        BSD-like
Group:          System/Libraries
URL:            http://www.openssl.org/
Source0:        ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
Source1:        ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz.asc
Source2:        Makefile.certificate
Source3:        make-dummy-cert
Source4:        openssl-thread-test.c
Source5:        README.pkcs11
# (gb) 0.9.7b-4mdk: Handle RPM_OPT_FLAGS in Configure
Patch2:         openssl-optflags.diff
# (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
# http://www.iti.gov.br/resolucoes/RESOLU__O_13_DE_26_04_2002.PDF
Patch6:         openssl-0.9.8-beta6-icpbrasil.diff
Patch7:         openssl-1.0.0f-defaults.patch
Patch8:         openssl-0.9.8a-link-krb5.patch
Patch10:        openssl-0.9.7-beta6-ia64.patch
Patch12:        openssl-0.9.6-x509.patch
Patch13:        openssl-0.9.7-beta5-version-add-engines.patch
# http://qa.mandriva.com/show_bug.cgi?id=32621
Patch15:        openssl-0.9.8e-crt.patch
# http://blogs.sun.com/janp/
Patch16:        pkcs11_engine-1.0.0.diff
# MIPS and ARM support
Patch300:       openssl-1.0.0-mips.patch
Patch301:       openssl-1.0.0-arm.patch
Patch302:       openssl-1.0.0-enginesdir.patch
Requires:       %{libname} = %{version}-%{release}
Requires:       perl-base
Requires:       rootcerts
%{?_with_krb5:BuildRequires: krb5-devel}
BuildRequires:  multiarch-utils >= 1.0.3
BuildRequires:  chrpath
BuildRequires:  zlib-devel
# (tv) for test suite:
BuildRequires:  bc

%description
The openssl certificate management tool and the shared libraries that provide
various encryption and decription algorithms and protocols, including DES, RC4,
RSA and SSL.

%package -n     %{engines_name}
Summary:        Engines for openssl
Group:          System/Libraries
Obsoletes:      openssl-engines < 1.0.0a-5
Provides:       openssl-engines = %{version}-%{release}

%description -n %{engines_name}
This package provides engines for openssl.

%package -n     %{libname}
Summary:        Secure Sockets Layer communications libs
Group:          System/Libraries
Requires:       %{engines_name} >= %{version}-%{release}
Provides:       %{libname} = %{version}-%{release}

%description -n %{libname}
The libraries files are needed for various cryptographic algorithms
and protocols, including DES, RC4, RSA and SSL.

%package -n     %{develname}
Summary:        Secure Sockets Layer communications libs & headers & utils
Group:          Development/Other
Requires:       %{libname} = %{version}-%{release}
Provides:       libopenssl-devel
Provides:       openssl-devel = %{version}-%{release}
Obsoletes:      openssl-devel
# temporary opsolete, will be a conflict later. a compat package
# with openssl-0.9.7 devel libs will be provided soon
Obsoletes:      %{conflict1}-devel
Obsoletes:      %{conflict2}-devel
Obsoletes:      %{mklibname openssl 1.0.0}-devel
Provides:       %{name}-devel = %{version}-%{release}

%description -n %{develname}
The libraries and include files needed to compile apps with support
for various cryptographic algorithms and protocols, including DES, RC4, RSA
and SSL.

%package -n     %{staticname}
Summary:        Secure Sockets Layer communications static libs
Group:          Development/Other
Requires:       %{develname} = %{version}-%{release}
Provides:       libopenssl-static-devel
Provides:       openssl-static-devel = %{version}-%{release}
# temporary opsolete, will be a conflict later. a compat package
# with openssl-0.9.7 static-devel libs will be provided soon
Obsoletes:      %{conflict1}-static-devel
Obsoletes:      %{conflict2}-static-devel
Obsoletes:      %{mklibname openssl 1.0.0}-static-devel
Provides:       %{name}-static-devel = %{version}-%{release}

%description -n %{staticname}
The static libraries needed to compile apps with support for various
cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.

%prep

%setup -q -n %{name}-%{version}
%patch2 -p1 -b .optflags
%patch6 -p0 -b .icpbrasil
%patch7 -p1 -b .defaults
%{?_with_krb5:%patch8 -p1 -b .krb5}
%patch10 -p0 -b .ia64
%patch12 -p1 -b .x509
%patch13 -p1 -b .version-add-engines
%patch15 -p1 -b .crt
%patch16 -p1 -b .pkcs11_engine

%patch300 -p1 -b .mips
%patch301 -p1 -b .arm
%patch302 -p1 -b .engines

perl -pi -e "s,^(OPENSSL_LIBNAME=).+$,\1%{_lib}," Makefile.org engines/Makefile

# fix perl path
perl util/perlpath.pl %{_bindir}/perl

cp %{SOURCE2} Makefile.certificate
cp %{SOURCE3} make-dummy-cert
cp %{SOURCE4} openssl-thread-test.c
cp %{SOURCE5} README.pkcs11

%build 
%serverbuild

# Figure out which flags we want to use.
# default
sslarch=%{_os}-%{_arch}
%ifarch %ix86
sslarch=linux-elf
if ! echo %{_target} | grep -q i[56]86 ; then
    sslflags="no-asm"
fi
%endif
%ifarch sparcv9
sslarch=linux-sparcv9
%endif
%ifarch alpha
sslarch=linux-alpha-gcc
%endif
%ifarch s390
sslarch="linux-generic32 -DB_ENDIAN -DNO_ASM"
%endif
%ifarch s390x
sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
%endif

# ia64, x86_64, ppc, ppc64 are OK by default
# Configure the build tree.  Override OpenSSL defaults with known-good defaults
# usable on all platforms.  The Configure script already knows to use -fPIC and
# RPM_OPT_FLAGS, so we can skip specifiying them here.
./Configure \
    --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
    --enginesdir=%{_libdir}/openssl-%{version}/engines \
    --prefix=%{_prefix} --libdir=%{_lib}/ %{?_with_krb5:--with-krb5-flavor=MIT -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib}} \
     zlib no-idea no-rc5 enable-camellia shared enable-tlsext ${sslarch} --pk11-libname=%{_libdir}/pkcs11/PKCS11_API.so

#    zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared ${sslarch}

# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
# marked as not requiring an executable stack.
RPM_OPT_FLAGS="%{optflags} -Wa,--noexecstack"
make depend
make all build-shared

# Generate hashes for the included certs.
make rehash build-shared

%check
# Verify that what was compiled actually works.
export LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}

make -C test apps tests

gcc -o openssl-thread-test \
    %{?_with_krb5:`krb5-config --cflags`} \
    -I./include \
    %{optflags} \
    openssl-thread-test.c \
    -L. -lssl -lcrypto \
    %{?_with_krb5:`krb5-config --libs`} \
    -lpthread -lz -ldl

./openssl-thread-test --threads %{thread_test_threads}

%install
rm -fr %{buildroot}

%makeinstall \
    INSTALL_PREFIX=%{buildroot} \
    MANDIR=%{_mandir} \
    build-shared

# the makefiles is too borked...
install -d %{buildroot}%{_libdir}/openssl-%{version}
mv %{buildroot}%{_libdir}/engines %{buildroot}%{_libdir}/openssl-%{version}/engines

# make the rootcerts dir
install -d %{buildroot}%{_sysconfdir}/pki/tls/rootcerts

# Install a makefile for generating keys and self-signed certs, and a script
# for generating them on the fly.
install -d %{buildroot}%{_sysconfdir}/pki/tls/certs
install -m0644 Makefile.certificate %{buildroot}%{_sysconfdir}/pki/tls/certs/Makefile
install -m0755 make-dummy-cert %{buildroot}%{_sysconfdir}/pki/tls/certs/make-dummy-cert

# Pick a CA script.
mv %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.sh %{buildroot}%{_sysconfdir}/pki/tls/misc/CA

install -d %{buildroot}%{_sysconfdir}/pki/CA
install -d %{buildroot}%{_sysconfdir}/pki/CA/private

# openssl was named ssleay in "ancient" times.
ln -snf openssl %{buildroot}%{_bindir}/ssleay

# The man pages rand.3 and passwd.1 conflict with other packages
# Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
ln -sf ssl-passwd.1.bz2 %{buildroot}%{_mandir}/man1/openssl-passwd.1.bz2

for i in rand err; do
    mv %{buildroot}%{_mandir}/man3/$i.3 %{buildroot}%{_mandir}/man3/ssl-$i.3
    ln -snf ssl-$i.3.bz2 %{buildroot}%{_mandir}/man3/openssl-$i.3.bz2
done

rm -rf {main,devel}-doc-info
mkdir -p {main,devel}-doc-info
cat > main-doc-info/README.mga <<EOF
Warning:
The man page of passwd, passwd.1, has been renamed to ssl-passwd.1
to avoid a conflict with passwd.1 man page from the package passwd.
EOF

cat > devel-doc-info/README.mga <<EOF
Warning:
The man page of rand, rand.3, has been renamed to ssl-rand.3
to avoid a conflict with rand.3 from the package man-pages
The man page of err, err.3, has been renamed to ssl-err.3
to avoid a conflict with err.3 from the package man-pages
EOF

chmod 755 %{buildroot}%{_libdir}/pkgconfig

%multiarch_includes %{buildroot}%{_includedir}/openssl/opensslconf.h

# strip cannot touch these unless 755
chmod 755 %{buildroot}%{_libdir}/openssl-%{version}/engines/*.so*
chmod 755 %{buildroot}%{_libdir}/*.so*
chmod 755 %{buildroot}%{_bindir}/*

# nuke a mistake
rm -f %{buildroot}%{_mandir}/man3/.3

# nuke rpath
chrpath -d %{buildroot}%{_bindir}/openssl

# Fix libdir.
pushd %{buildroot}%{_libdir}/pkgconfig
    for i in *.pc ; do
        sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_lib},g' \
            $i >$i.tmp && \
            cat $i.tmp >$i && \
            rm -f $i.tmp
    done
popd

# adjust ssldir
perl -pi -e "s|^CATOP=.*|CATOP=%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
perl -pi -e "s|\./demoCA|%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf

%files 
%doc FAQ INSTALL LICENSE NEWS PROBLEMS main-doc-info/README*
%doc README README.ASN1 README.ENGINE README.pkcs11
%dir %{_sysconfdir}/pki
%dir %{_sysconfdir}/pki/CA
%dir %{_sysconfdir}/pki/CA/private
%dir %{_sysconfdir}/pki/tls
%dir %{_sysconfdir}/pki/tls/certs
%dir %{_sysconfdir}/pki/tls/misc
%dir %{_sysconfdir}/pki/tls/private
%dir %{_sysconfdir}/pki/tls/rootcerts
%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
%{_sysconfdir}/pki/tls/certs/make-dummy-cert
%{_sysconfdir}/pki/tls/certs/Makefile
%{_sysconfdir}/pki/tls/misc/*
%{_bindir}/*
%{_mandir}/man[157]/*

%files -n %{libname}
%doc FAQ INSTALL LICENSE NEWS PROBLEMS README*
%{_libdir}/lib*.so.*

%files -n %{engines_name}
%dir %{_libdir}/openssl-%{version}/engines
%{_libdir}/openssl-%{version}/engines/*.so

%files -n %{develname}
%doc CHANGES doc/* devel-doc-info/README*
%dir %{_includedir}/openssl
%multiarch %{multiarch_includedir}/openssl/opensslconf.h
%{_includedir}/openssl/*
%{_libdir}/lib*.so
%{_mandir}/man3/*
%{_libdir}/pkgconfig/*

%files -n %{staticname}
%{_libdir}/lib*.a
1	blino	733	%define maj 1.0.0
2			%define engines_name %mklibname openssl-engines %{maj}
3			%define libname %mklibname openssl %{maj}
4			%define develname %mklibname openssl -d
5			%define staticname %mklibname openssl -s -d
6
7			%define conflict1 %mklibname openssl 0.9.7
8			%define conflict2 %mklibname openssl 0.9.8
9
10			# Number of threads to spawn when testing some threading fixes.
11			#define thread_test_threads %{?threads:%{threads}}%{!?threads:1}
12
13			%define with_krb5 %{?_with_krb5:1}%{!?_with_krb5:0}
14
15			Summary: Secure Sockets Layer communications libs & utils
16			Name: openssl
17	luigiwalser	235323	Version: %{maj}j
18	guillomovitch	191618	Release: %mkrel 1
19	blino	733	License: BSD-like
20			Group: System/Libraries
21			URL: http://www.openssl.org/
22			Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
23			Source1: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz.asc
24			Source2: Makefile.certificate
25			Source3: make-dummy-cert
26			Source4: openssl-thread-test.c
27			Source5: README.pkcs11
28			# (gb) 0.9.7b-4mdk: Handle RPM_OPT_FLAGS in Configure
29			Patch2: openssl-optflags.diff
30			# (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
31			# http://www.iti.gov.br/resolucoes/RESOLU__O_13_DE_26_04_2002.PDF
32			Patch6: openssl-0.9.8-beta6-icpbrasil.diff
33	guillomovitch	191618	Patch7: openssl-1.0.0f-defaults.patch
34	blino	733	Patch8: openssl-0.9.8a-link-krb5.patch
35			Patch10: openssl-0.9.7-beta6-ia64.patch
36			Patch12: openssl-0.9.6-x509.patch
37			Patch13: openssl-0.9.7-beta5-version-add-engines.patch
38			# http://qa.mandriva.com/show_bug.cgi?id=32621
39			Patch15: openssl-0.9.8e-crt.patch
40			# http://blogs.sun.com/janp/
41			Patch16: pkcs11_engine-1.0.0.diff
42			# MIPS and ARM support
43			Patch300: openssl-1.0.0-mips.patch
44			Patch301: openssl-1.0.0-arm.patch
45			Patch302: openssl-1.0.0-enginesdir.patch
46			Requires: %{libname} = %{version}-%{release}
47			Requires: perl-base
48			Requires: rootcerts
49			%{?_with_krb5:BuildRequires: krb5-devel}
50			BuildRequires: multiarch-utils >= 1.0.3
51			BuildRequires: chrpath
52			BuildRequires: zlib-devel
53			# (tv) for test suite:
54			BuildRequires: bc
55
56			%description
57			The openssl certificate management tool and the shared libraries that provide
58			various encryption and decription algorithms and protocols, including DES, RC4,
59			RSA and SSL.
60
61			%package -n %{engines_name}
62			Summary: Engines for openssl
63			Group: System/Libraries
64			Obsoletes: openssl-engines < 1.0.0a-5
65			Provides: openssl-engines = %{version}-%{release}
66
67			%description -n %{engines_name}
68			This package provides engines for openssl.
69
70			%package -n %{libname}
71			Summary: Secure Sockets Layer communications libs
72			Group: System/Libraries
73			Requires: %{engines_name} >= %{version}-%{release}
74			Provides: %{libname} = %{version}-%{release}
75
76			%description -n %{libname}
77			The libraries files are needed for various cryptographic algorithms
78			and protocols, including DES, RC4, RSA and SSL.
79
80			%package -n %{develname}
81			Summary: Secure Sockets Layer communications libs & headers & utils
82			Group: Development/Other
83			Requires: %{libname} = %{version}-%{release}
84			Provides: libopenssl-devel
85			Provides: openssl-devel = %{version}-%{release}
86			Obsoletes: openssl-devel
87			# temporary opsolete, will be a conflict later. a compat package
88			# with openssl-0.9.7 devel libs will be provided soon
89			Obsoletes: %{conflict1}-devel
90			Obsoletes: %{conflict2}-devel
91			Obsoletes: %{mklibname openssl 1.0.0}-devel
92			Provides: %{name}-devel = %{version}-%{release}
93
94			%description -n %{develname}
95			The libraries and include files needed to compile apps with support
96			for various cryptographic algorithms and protocols, including DES, RC4, RSA
97			and SSL.
98
99			%package -n %{staticname}
100			Summary: Secure Sockets Layer communications static libs
101			Group: Development/Other
102			Requires: %{develname} = %{version}-%{release}
103			Provides: libopenssl-static-devel
104			Provides: openssl-static-devel = %{version}-%{release}
105			# temporary opsolete, will be a conflict later. a compat package
106			# with openssl-0.9.7 static-devel libs will be provided soon
107			Obsoletes: %{conflict1}-static-devel
108			Obsoletes: %{conflict2}-static-devel
109			Obsoletes: %{mklibname openssl 1.0.0}-static-devel
110			Provides: %{name}-static-devel = %{version}-%{release}
111
112			%description -n %{staticname}
113			The static libraries needed to compile apps with support for various
114			cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
115
116			%prep
117
118			%setup -q -n %{name}-%{version}
119			%patch2 -p1 -b .optflags
120			%patch6 -p0 -b .icpbrasil
121			%patch7 -p1 -b .defaults
122			%{?_with_krb5:%patch8 -p1 -b .krb5}
123			%patch10 -p0 -b .ia64
124			%patch12 -p1 -b .x509
125			%patch13 -p1 -b .version-add-engines
126			%patch15 -p1 -b .crt
127			%patch16 -p1 -b .pkcs11_engine
128
129			%patch300 -p1 -b .mips
130			%patch301 -p1 -b .arm
131			%patch302 -p1 -b .engines
132
133			perl -pi -e "s,^(OPENSSL_LIBNAME=).+$,\1%{_lib}," Makefile.org engines/Makefile
134
135			# fix perl path
136			perl util/perlpath.pl %{_bindir}/perl
137
138			cp %{SOURCE2} Makefile.certificate
139			cp %{SOURCE3} make-dummy-cert
140			cp %{SOURCE4} openssl-thread-test.c
141			cp %{SOURCE5} README.pkcs11
142
143			%build
144			%serverbuild
145
146			# Figure out which flags we want to use.
147			# default
148			sslarch=%{_os}-%{_arch}
149			%ifarch %ix86
150			sslarch=linux-elf
151			if ! echo %{_target} \| grep -q i[56]86 ; then
152			sslflags="no-asm"
153			fi
154			%endif
155			%ifarch sparcv9
156			sslarch=linux-sparcv9
157			%endif
158			%ifarch alpha
159			sslarch=linux-alpha-gcc
160			%endif
161			%ifarch s390
162			sslarch="linux-generic32 -DB_ENDIAN -DNO_ASM"
163			%endif
164			%ifarch s390x
165			sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
166			%endif
167
168			# ia64, x86_64, ppc, ppc64 are OK by default
169			# Configure the build tree. Override OpenSSL defaults with known-good defaults
170			# usable on all platforms. The Configure script already knows to use -fPIC and
171			# RPM_OPT_FLAGS, so we can skip specifiying them here.
172			./Configure \
173			--openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
174			--enginesdir=%{_libdir}/openssl-%{version}/engines \
175			--prefix=%{_prefix} --libdir=%{_lib}/ %{?_with_krb5:--with-krb5-flavor=MIT -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib}} \
176	fwang	184360	zlib no-idea no-rc5 enable-camellia shared enable-tlsext ${sslarch} --pk11-libname=%{_libdir}/pkcs11/PKCS11_API.so
177	blino	733
178			# zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared ${sslarch}
179
180			# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
181			# marked as not requiring an executable stack.
182			RPM_OPT_FLAGS="%{optflags} -Wa,--noexecstack"
183			make depend
184			make all build-shared
185
186			# Generate hashes for the included certs.
187			make rehash build-shared
188
189			%check
190			# Verify that what was compiled actually works.
191			export LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
192
193			make -C test apps tests
194
195			gcc -o openssl-thread-test \
196			%{?_with_krb5:`krb5-config --cflags`} \
197			-I./include \
198			%{optflags} \
199			openssl-thread-test.c \
200			-L. -lssl -lcrypto \
201			%{?_with_krb5:`krb5-config --libs`} \
202			-lpthread -lz -ldl
203
204			./openssl-thread-test --threads %{thread_test_threads}
205
206			%install
207			rm -fr %{buildroot}
208
209			%makeinstall \
210			INSTALL_PREFIX=%{buildroot} \
211			MANDIR=%{_mandir} \
212			build-shared
213
214			# the makefiles is too borked...
215			install -d %{buildroot}%{_libdir}/openssl-%{version}
216			mv %{buildroot}%{_libdir}/engines %{buildroot}%{_libdir}/openssl-%{version}/engines
217
218			# make the rootcerts dir
219			install -d %{buildroot}%{_sysconfdir}/pki/tls/rootcerts
220
221			# Install a makefile for generating keys and self-signed certs, and a script
222			# for generating them on the fly.
223			install -d %{buildroot}%{_sysconfdir}/pki/tls/certs
224			install -m0644 Makefile.certificate %{buildroot}%{_sysconfdir}/pki/tls/certs/Makefile
225			install -m0755 make-dummy-cert %{buildroot}%{_sysconfdir}/pki/tls/certs/make-dummy-cert
226
227			# Pick a CA script.
228			mv %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.sh %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
229
230			install -d %{buildroot}%{_sysconfdir}/pki/CA
231			install -d %{buildroot}%{_sysconfdir}/pki/CA/private
232
233			# openssl was named ssleay in "ancient" times.
234			ln -snf openssl %{buildroot}%{_bindir}/ssleay
235
236			# The man pages rand.3 and passwd.1 conflict with other packages
237			# Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
238			mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
239			ln -sf ssl-passwd.1.bz2 %{buildroot}%{_mandir}/man1/openssl-passwd.1.bz2
240
241			for i in rand err; do
242			mv %{buildroot}%{_mandir}/man3/$i.3 %{buildroot}%{_mandir}/man3/ssl-$i.3
243			ln -snf ssl-$i.3.bz2 %{buildroot}%{_mandir}/man3/openssl-$i.3.bz2
244			done
245
246			rm -rf {main,devel}-doc-info
247			mkdir -p {main,devel}-doc-info
248	guillomovitch	191621	cat > main-doc-info/README.mga <<EOF
249	blino	733	Warning:
250			The man page of passwd, passwd.1, has been renamed to ssl-passwd.1
251			to avoid a conflict with passwd.1 man page from the package passwd.
252			EOF
253
254	guillomovitch	191621	cat > devel-doc-info/README.mga <<EOF
255	blino	733	Warning:
256			The man page of rand, rand.3, has been renamed to ssl-rand.3
257			to avoid a conflict with rand.3 from the package man-pages
258			The man page of err, err.3, has been renamed to ssl-err.3
259			to avoid a conflict with err.3 from the package man-pages
260			EOF
261
262			chmod 755 %{buildroot}%{_libdir}/pkgconfig
263
264			%multiarch_includes %{buildroot}%{_includedir}/openssl/opensslconf.h
265
266			# strip cannot touch these unless 755
267			chmod 755 %{buildroot}%{_libdir}/openssl-%{version}/engines/.so
268			chmod 755 %{buildroot}%{_libdir}/.so
269			chmod 755 %{buildroot}%{_bindir}/*
270
271			# nuke a mistake
272			rm -f %{buildroot}%{_mandir}/man3/.3
273
274			# nuke rpath
275			chrpath -d %{buildroot}%{_bindir}/openssl
276
277			# Fix libdir.
278			pushd %{buildroot}%{_libdir}/pkgconfig
279			for i in *.pc ; do
280			sed 's,^libdir=${exec_prefix}/lib$,libdir=${exec_prefix}/%{_lib},g' \
281			$i >$i.tmp && \
282			cat $i.tmp >$i && \
283			rm -f $i.tmp
284			done
285			popd
286
287			# adjust ssldir
288			perl -pi -e "s\|^CATOP=.*\|CATOP=%{_sysconfdir}/pki/tls\|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA
289			perl -pi -e "s\|^\\\$CATOP\=\".*\|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";\|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
290			perl -pi -e "s\|\./demoCA\|%{_sysconfdir}/pki/tls\|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf
291
292			%files
293			%doc FAQ INSTALL LICENSE NEWS PROBLEMS main-doc-info/README*
294			%doc README README.ASN1 README.ENGINE README.pkcs11
295			%dir %{_sysconfdir}/pki
296			%dir %{_sysconfdir}/pki/CA
297			%dir %{_sysconfdir}/pki/CA/private
298			%dir %{_sysconfdir}/pki/tls
299			%dir %{_sysconfdir}/pki/tls/certs
300			%dir %{_sysconfdir}/pki/tls/misc
301			%dir %{_sysconfdir}/pki/tls/private
302			%dir %{_sysconfdir}/pki/tls/rootcerts
303	guillomovitch	191620	%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
304			%{_sysconfdir}/pki/tls/certs/make-dummy-cert
305			%{_sysconfdir}/pki/tls/certs/Makefile
306			%{_sysconfdir}/pki/tls/misc/*
307			%{_bindir}/*
308			%{_mandir}/man[157]/*
309	blino	733
310			%files -n %{libname}
311			%doc FAQ INSTALL LICENSE NEWS PROBLEMS README*
312	guillomovitch	191620	%{_libdir}/lib.so.
313	blino	733
314			%files -n %{engines_name}
315	guillomovitch	191620	%dir %{_libdir}/openssl-%{version}/engines
316			%{_libdir}/openssl-%{version}/engines/*.so
317	blino	733
318			%files -n %{develname}
319			%doc CHANGES doc/* devel-doc-info/README*
320	guillomovitch	191620	%dir %{_includedir}/openssl
321	blino	733	%multiarch %{multiarch_includedir}/openssl/opensslconf.h
322	guillomovitch	191620	%{_includedir}/openssl/*
323			%{_libdir}/lib*.so
324			%{_mandir}/man3/*
325			%{_libdir}/pkgconfig/*
326	blino	733
327			%files -n %{staticname}
328	guillomovitch	191620	%{_libdir}/lib*.a