* update openssl to 3.0.7-2
This commit is contained in:
parent
e960655408
commit
5d43e2308b
@ -2,61 +2,62 @@
|
||||
# Maintainer: Pierre Schmitz <pierre@archlinux.de>
|
||||
|
||||
pkgname=openssl
|
||||
_ver=1.1.1q
|
||||
# use a pacman compatible version scheme
|
||||
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
|
||||
pkgrel=1
|
||||
pkgver=3.0.7
|
||||
pkgrel=2
|
||||
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
|
||||
arch=(x86_64 powerpc64le powerpc riscv64)
|
||||
url='https://www.openssl.org'
|
||||
license=('custom:BSD')
|
||||
license=('Apache')
|
||||
depends=('glibc')
|
||||
makedepends=('perl')
|
||||
optdepends=('ca-certificates' 'perl')
|
||||
replaces=('openssl-perl' 'openssl-doc')
|
||||
provides=('libcrypto.so' 'libssl.so')
|
||||
backup=('etc/ssl/openssl.cnf')
|
||||
source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"{,.asc}
|
||||
'ca-dir.patch')
|
||||
sha256sums=('d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca'
|
||||
source=("https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz"{,.asc}
|
||||
'ca-dir.patch')
|
||||
sha256sums=('83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e'
|
||||
'SKIP'
|
||||
'75aa8c2c638c8a3ebfd9fa146fc61c7ff878fc997dc6aa10d39e4b2415d669b2')
|
||||
'0a32d9ca68e8d985ce0bfef6a4c20b46675e06178cc2d0bf6d91bd6865d648b7')
|
||||
validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
|
||||
'7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C')
|
||||
|
||||
# bring pod2man into path
|
||||
export PATH=$PATH:/usr/bin/core_perl
|
||||
|
||||
case "${CARCH}" in
|
||||
powerpc)
|
||||
BUILD_TYPE="linux-ppc"
|
||||
BUILD_OPTIONS="no-asm"
|
||||
;;
|
||||
powerpc64le)
|
||||
BUILD_TYPE="linux-ppc64le"
|
||||
BUILD_OPTIONS="enable-ec_nistp_64_gcc_128"
|
||||
;;
|
||||
riscv64)
|
||||
BUILD_TYPE="linux64-riscv64"
|
||||
BUILD_OPTIONS=""
|
||||
;;
|
||||
x86_64)
|
||||
BUILD_TYPE="linux-x86_64"
|
||||
;;
|
||||
esac
|
||||
'7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
|
||||
'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
|
||||
|
||||
prepare() {
|
||||
cd "$srcdir/$pkgname-$_ver"
|
||||
cd "$srcdir/$pkgname-$pkgver"
|
||||
|
||||
# set ca dir to /etc/ssl by default
|
||||
patch -p0 -i "$srcdir/ca-dir.patch"
|
||||
patch -Np1 -i "$srcdir/ca-dir.patch"
|
||||
}
|
||||
|
||||
build() {
|
||||
cd "$srcdir/$pkgname-$_ver"
|
||||
cd "$srcdir/$pkgname-$pkgver"
|
||||
|
||||
# bring pod2man into path
|
||||
export PATH=$PATH:/usr/bin/core_perl
|
||||
|
||||
case "${CARCH}" in
|
||||
powerpc)
|
||||
BUILD_TYPE="linux-ppc"
|
||||
BUILD_OPTIONS="no-asm"
|
||||
;;
|
||||
powerpc64le)
|
||||
BUILD_TYPE="linux-ppc64le"
|
||||
BUILD_OPTIONS="enable-ec_nistp_64_gcc_128"
|
||||
;;
|
||||
riscv64)
|
||||
BUILD_TYPE="linux64-riscv64"
|
||||
BUILD_OPTIONS=""
|
||||
;;
|
||||
x86_64)
|
||||
BUILD_TYPE="linux-x86_64"
|
||||
BUILD_OPTIONS="enable-ec_nistp_64_gcc_128"
|
||||
;;
|
||||
esac
|
||||
|
||||
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
|
||||
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
|
||||
shared no-ssl3-method ${BUILD_OPTIONS} ${BUILD_TYPE} \
|
||||
shared enable-ktls ${BUILD_OPTIONS} ${BUILD_TYPE} \
|
||||
"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
|
||||
|
||||
make depend
|
||||
@ -64,23 +65,23 @@ build() {
|
||||
}
|
||||
|
||||
check() {
|
||||
cd "$srcdir/$pkgbase-$_ver"
|
||||
cd "$srcdir/$pkgbase-$pkgver"
|
||||
|
||||
# the test fails due to missing write permissions in /etc/ssl
|
||||
# revert this patch for make test
|
||||
patch -p0 -R -i "$srcdir/ca-dir.patch"
|
||||
patch -Rp1 -i "$srcdir/ca-dir.patch"
|
||||
|
||||
make test
|
||||
make HARNESS_JOBS=$(nproc) test
|
||||
|
||||
patch -p0 -i "$srcdir/ca-dir.patch"
|
||||
# re-run make to re-generate CA.pl from th patched .in file.
|
||||
patch -Np1 -i "$srcdir/ca-dir.patch"
|
||||
# re-run make to re-generate CA.pl from the patched .in file.
|
||||
make apps/CA.pl
|
||||
}
|
||||
|
||||
package() {
|
||||
cd "$srcdir/$pkgname-$_ver"
|
||||
cd "$srcdir/$pkgname-$pkgver"
|
||||
|
||||
make DESTDIR="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
|
||||
|
||||
install -D -m644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
|
||||
install -D -m644 LICENSE.txt "$pkgdir/usr/share/licenses/$pkgname/LICENSE.txt"
|
||||
}
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
--- apps/CA.pl.in 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ apps/CA.pl.in 2019-10-06 09:34:23.960864556 +0200
|
||||
@@ -33,7 +33,7 @@
|
||||
--- a/apps/CA.pl.in
|
||||
+++ b/apps/CA.pl.in
|
||||
@@ -29,7 +29,7 @@
|
||||
my $PKCS12 = "$openssl pkcs12";
|
||||
|
||||
# default openssl.cnf file has setup as per the following
|
||||
# Default values for various configuration settings.
|
||||
-my $CATOP = "./demoCA";
|
||||
+my $CATOP = "/etc/ssl";
|
||||
my $CAKEY = "cakey.pem";
|
||||
my $CAREQ = "careq.pem";
|
||||
my $CACERT = "cacert.pem";
|
||||
--- apps/openssl.cnf 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ apps/openssl.cnf 2019-10-06 09:34:23.960864556 +0200
|
||||
@@ -42,7 +42,7 @@
|
||||
--- a/apps/openssl.cnf
|
||||
+++ b/apps/openssl.cnf
|
||||
@@ -79,7 +79,7 @@
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
@ -20,7 +20,7 @@
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
@@ -325,7 +325,7 @@
|
||||
@@ -309,7 +309,7 @@
|
||||
[ tsa_config1 ]
|
||||
|
||||
# These are used by the TSA reply generation only.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user