diff options
Diffstat (limited to 'source/n/openssl')
-rw-r--r-- | source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff | 13 | ||||
-rwxr-xr-x | source/n/openssl/openssl.SlackBuild | 95 | ||||
-rw-r--r-- | source/n/openssl/slack-desc.openssl | 10 | ||||
-rw-r--r-- | source/n/openssl/slack-desc.openssl-solibs | 10 |
4 files changed, 92 insertions, 36 deletions
diff --git a/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff b/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff new file mode 100644 index 000000000..6a9cce8ff --- /dev/null +++ b/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff @@ -0,0 +1,13 @@ +--- ./tools/c_rehash.in.orig 2018-03-27 08:50:41.000000000 -0500 ++++ ./tools/c_rehash.in 2018-05-14 13:47:20.553710437 -0500 +@@ -11,8 +11,8 @@ + # Perl c_rehash script, scan all files in a directory + # and add symbolic links to their hash values. + +-my $dir = {- quotify1($config{openssldir}) -}; +-my $prefix = {- quotify1($config{prefix}) -}; ++my $dir = "{- quotify1($config{openssldir}) -}"; ++my $prefix = "{- quotify1($config{prefix}) -}"; + + my $errorcount = 0; + my $openssl = $ENV{OPENSSL} || "openssl"; diff --git a/source/n/openssl/openssl.SlackBuild b/source/n/openssl/openssl.SlackBuild index 00b80226f..c5ecb8292 100755 --- a/source/n/openssl/openssl.SlackBuild +++ b/source/n/openssl/openssl.SlackBuild @@ -1,8 +1,8 @@ -#!/bin/sh +#!/bin/bash # Copyright 2000 BSDi, Inc. Concord, CA, USA # Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2018 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,13 +22,13 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - # Set initial variables: -CWD=$(pwd) +cd $(dirname $0) ; CWD=$(pwd) TMP=${TMP:-/tmp} +PKGNAM=openssl VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -45,6 +45,15 @@ PKG2=$TMP/package-ossllibs NAME1=openssl-$VERSION-$ARCH-$BUILD NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "${NAME1}.txz" + echo "${NAME2}.txz" + exit 0 +fi + # Parallel build doesn't link properly. #NUMJOBS=${NUMJOBS:--j6} @@ -60,8 +69,9 @@ cd openssl-$VERSION # Fix pod syntax errors which are fatal wih a newer perl: find . -name "*.pod" -exec sed -i "s/^\=item \([0-9]\)\(\ \|$\)/\=item C<\1>/g" {} \; -# Use .so.1, not .so.1.0.0: -sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared +## For openssl-1.1.x, don't try to change the soname. +## Use .so.1, not .so.1.0.0: +#sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared if [ "$ARCH" = "i586" ]; then # Build with -march=i586 -mtune=i686: @@ -75,19 +85,23 @@ elif [ "$ARCH" = "x86_64" ]; then LIBDIRSUFFIX="64" fi +# Fix a lack of quotes in two c_rehash lines: +zcat $CWD/openssl-1.1.0h.fix_c_rehash_quoting.diff.gz | patch -p1 --verbose || exit 1 + # OpenSSL has a (nasty?) habit of bumping the internal version number with # every release. This wouldn't be so bad, but some applications are so # paranoid that they won't run against a different OpenSSL version than # what they were compiled against, whether or not the ABI has changed. # -# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.2e unless ABI +# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.1.0h unless ABI # breakage forces it to change. Yes, we're finally using this old trick. :) -sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1000205fL (1.0.2e) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000205fL/g" crypto/opensslv.h || exit 1 +sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1010008fL (1.1.0h) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000205fL/g" include/openssl/opensslv.h || exit 1 chown -R root:root . mkdir -p $PKG1/usr/doc/openssl-$VERSION -cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ - LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION +cp -a ACKNOWLEDGEMENTS AUTHORS CHANGES* CONTRIBUTING FAQ INSTALL* \ + LICENSE* NEWS NOTES* README* doc \ + $PKG1/usr/doc/openssl-$VERSION find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; @@ -103,7 +117,6 @@ fi # name # expires # MDC-2: 4,908,861 2007-03-13, not included. # IDEA: 5,214,703 2010-05-25, not included. -# RC5: 5,724,428 2015-03-03, not included. # # Although all of the above are expired, it's still probably # not a good idea to include them as there are better @@ -112,19 +125,33 @@ fi ./config \ --prefix=/usr \ --openssldir=/etc/ssl \ + zlib \ + enable-camellia \ + enable-seed \ + enable-rfc3779 \ + enable-cms \ + enable-md2 \ + enable-rc5 \ + enable-ssl3 \ + enable-ssl3-method \ + no-weak-ssl-ciphers \ no-mdc2 \ + no-ec2m \ no-idea \ - no-rc5 \ no-sse2 \ - no-ssl2 \ - no-weak-ssl-ciphers \ shared make $NUMJOBS depend || make depend || exit 1 make $NUMJOBS || make || exit 1 -make install INSTALL_PREFIX=$PKG1 || exit 1 +make install DESTDIR=$PKG1 || exit 1 + +# No thanks on the static libraries: +rm -f $PKG1/usr/lib${LIBDIRSUFFIX}/*.a + +# No thanks on manpages duplicated as html: +rm -rf $PKG1/usr/share/doc # Make the .so.? library symlinks: ( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) @@ -146,17 +173,33 @@ mkdir -p $PKG1/etc/cron.daily zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new chmod 755 $PKG1/etc/cron.daily/certwatch.new +# Make config file non-clobber: mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new +# Remove duplicate config file: +rm -f $PKG1/etc/ssl/openssl.cnf.dist + ( cd $PKG1 find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null ) -mv $PKG1/etc/ssl/man $PKG1/usr -( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) -( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) -( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) +# Relocate the manpages: +mv $PKG1/usr/share/man $PKG1/usr +rmdir $PKG1/usr/share + +# Fix manpage name collisions, and relink anything that linked to the old name: +( cd $PKG1/usr/man/man1 + mv passwd.1 ssl_passwd.1 + for file in *.1 ; do + if [ -L $file ]; then + if [ "$(readlink $file)" = "passwd.1" ]; then + rm -f $file + ln -sf ssl_passwd.1 $file + fi + fi + done ) + # Compress and symlink the man pages: if [ -d $PKG1/usr/man ]; then ( cd $PKG1/usr/man @@ -172,18 +215,18 @@ if [ -d $PKG1/usr/man ]; then ) fi -# If there's an openssl0 directory, then build openssl-0 shared libraries for +# If there's an openssl1 directory, then build openssl-1.0 shared libraries for # compatibility with programs linked to those: -if [ -d $CWD/openssl0 ]; then - ( cd $CWD/openssl0 - ./openssl0.build || exit 1 +if [ -d $CWD/openssl1 ]; then + ( cd $CWD/openssl1 + ./openssl1.build || exit 1 ) || exit 1 # Don't put these in the openssl package... openssl-solibs is enough. #mkdir -p $PKG1/lib${LIBDIRSUFFIX} - #cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX} + #cp -a $TMP/package-openssl1/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX} #( cd $PKG1/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? ) mkdir -p $PKG2/lib${LIBDIRSUFFIX} - cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX} + cp -a $TMP/package-openssl1/usr/lib${LIBDIRSUFFIX}/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX} ( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? ) fi diff --git a/source/n/openssl/slack-desc.openssl b/source/n/openssl/slack-desc.openssl index 57227c043..685abd95b 100644 --- a/source/n/openssl/slack-desc.openssl +++ b/source/n/openssl/slack-desc.openssl @@ -1,8 +1,8 @@ # HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line +# The "handy ruler" below makes it easier to edit a package description. Line # up the first '|' above the ':' following the base package name, and the '|' on -# the right side marks the last column you can put a character in. You must make -# exactly 11 lines for the formatting to be correct. It's also customary to +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to # leave one space after the ':'. |-----handy-ruler------------------------------------------------------| @@ -12,8 +12,8 @@ openssl: The OpenSSL certificate management tool and the shared libraries that openssl: provide various encryption and decryption algorithms and protocols. openssl: openssl: This product includes software developed by the OpenSSL Project for -openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product openssl: includes cryptographic software written by Eric Young -openssl: (eay@cryptsoft.com). This product includes software written by Tim +openssl: (eay@cryptsoft.com). This product includes software written by Tim openssl: Hudson (tjh@cryptsoft.com). openssl: diff --git a/source/n/openssl/slack-desc.openssl-solibs b/source/n/openssl/slack-desc.openssl-solibs index 58609e68b..8b424e066 100644 --- a/source/n/openssl/slack-desc.openssl-solibs +++ b/source/n/openssl/slack-desc.openssl-solibs @@ -1,8 +1,8 @@ # HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line +# The "handy ruler" below makes it easier to edit a package description. Line # up the first '|' above the ':' following the base package name, and the '|' on -# the right side marks the last column you can put a character in. You must make -# exactly 11 lines for the formatting to be correct. It's also customary to +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to # leave one space after the ':'. |-----handy-ruler------------------------------------------------------| @@ -12,8 +12,8 @@ openssl-solibs: These shared libraries provide encryption routines required by openssl-solibs: programs such as openssh, bind, sendmail, and many others. openssl-solibs: openssl-solibs: This product includes software developed by the OpenSSL Project for -openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product openssl-solibs: includes cryptographic software written by Eric Young -openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim +openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim openssl-solibs: Hudson (tjh@cryptsoft.com). openssl-solibs: |