Commit in openssl-1.1/repos (4 files)

Pierre Schmitz Tue, 07 Feb 2023 08:43:01 -0800

    Date: Tuesday, February 7, 2023 @ 16:42:41
  Author: pierre
Revision: 468333


archrelease: copy trunk to testing-x86_64

Added:
  openssl-1.1/repos/testing-x86_64/
  openssl-1.1/repos/testing-x86_64/PKGBUILD
    (from rev 468332, openssl-1.1/trunk/PKGBUILD)
  openssl-1.1/repos/testing-x86_64/ca-dir.patch
    (from rev 468332, openssl-1.1/trunk/ca-dir.patch)
  openssl-1.1/repos/testing-x86_64/keys/

--------------+
 PKGBUILD     |   78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ca-dir.patch |   31 ++++++++++++++++++++++
 2 files changed, 109 insertions(+)

Copied: openssl-1.1/repos/testing-x86_64/PKGBUILD (from rev 468332, 
openssl-1.1/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD                             (rev 0)
+++ testing-x86_64/PKGBUILD     2023-02-07 16:42:41 UTC (rev 468333)
@@ -0,0 +1,78 @@
+# Maintainer: Pierre Schmitz <[email protected]>
+
+pkgname=openssl-1.1
+_pkgname=openssl
+_ver=1.1.1t
+# use a pacman compatible version scheme
+pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+pkgrel=1
+pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer 
Security'
+arch=('x86_64')
+url='https://www.openssl.org'
+license=('custom:BSD')
+depends=('glibc')
+provides=('libcrypto.so' 'libssl.so')
+makedepends=('perl')
+source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"{,.asc}
+        'ca-dir.patch')
+sha256sums=('8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b'
+            'SKIP'
+            '75aa8c2c638c8a3ebfd9fa146fc61c7ff878fc997dc6aa10d39e4b2415d669b2')
+validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
+              '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+
+prepare() {
+       cd "$srcdir/$_pkgname-$_ver"
+
+       # set ca dir to /etc/ssl by default
+       patch -p0 -i "$srcdir/ca-dir.patch"
+}
+
+build() {
+       cd "$srcdir/$_pkgname-$_ver"
+
+       # mark stack as non-executable: http://bugs.archlinux.org/task/12434
+       ./Configure --prefix=/usr --openssldir=/etc/ssl 
--libdir=lib/openssl-1.1 \
+               shared no-ssl3-method enable-ec_nistp_64_gcc_128 linux-x86_64 \
+               "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
+
+       make depend
+       make
+}
+
+check() {
+       cd "$srcdir/$_pkgname-$_ver"
+
+       # the test fails due to missing write permissions in /etc/ssl
+       # revert this patch for make test
+       patch -p0 -R -i "$srcdir/ca-dir.patch"
+
+       make test
+
+       patch -p0 -i "$srcdir/ca-dir.patch"
+       # re-run make to re-generate CA.pl from th patched .in file.
+       make apps/CA.pl
+}
+
+package() {
+       cd "$srcdir/$_pkgname-$_ver"
+
+       make DESTDIR="$pkgdir" install_sw
+
+       # Move some files around
+       install -m755 -d "$pkgdir/usr/include/openssl-1.1"
+       mv "$pkgdir/usr/include/openssl" "$pkgdir/usr/include/openssl-1.1/"
+       mv "$pkgdir/usr/lib/openssl-1.1/libcrypto.so.1.1" "$pkgdir/usr/lib/"
+       mv "$pkgdir/usr/lib/openssl-1.1/libssl.so.1.1" "$pkgdir/usr/lib/"
+       ln -sf ../libssl.so.1.1 "$pkgdir/usr/lib/openssl-1.1/libssl.so"
+    ln -sf ../libcrypto.so.1.1 "$pkgdir/usr/lib/openssl-1.1/libcrypto.so"
+       mv "$pkgdir/usr/bin/openssl" "$pkgdir/usr/bin/openssl-1.1"
+
+       # Update includedir in .pc files
+       sed -e 's|/include$|/include/openssl-1.1|' -i 
"$pkgdir"/usr/lib/openssl-1.1/pkgconfig/*.pc
+
+       rm -rf "$pkgdir"/{etc,usr/bin/c_rehash}
+
+       install -D -m644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+}

Copied: openssl-1.1/repos/testing-x86_64/ca-dir.patch (from rev 468332, 
openssl-1.1/trunk/ca-dir.patch)
===================================================================
--- testing-x86_64/ca-dir.patch                         (rev 0)
+++ testing-x86_64/ca-dir.patch 2023-02-07 16:42:41 UTC (rev 468333)
@@ -0,0 +1,31 @@
+--- apps/CA.pl.in      2019-09-10 15:13:07.000000000 +0200
++++ apps/CA.pl.in      2019-10-06 09:34:23.960864556 +0200
+@@ -33,7 +33,7 @@
+ my $PKCS12 = "$openssl pkcs12";
+ 
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/ssl";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+--- apps/openssl.cnf   2019-09-10 15:13:07.000000000 +0200
++++ apps/openssl.cnf   2019-10-06 09:34:23.960864556 +0200
+@@ -42,7 +42,7 @@
+ ####################################################################
+ [ CA_default ]
+ 
+-dir           = ./demoCA              # Where everything is kept
++dir           = /etc/ssl              # Where everything is kept
+ certs         = $dir/certs            # Where the issued certs are kept
+ crl_dir               = $dir/crl              # Where the issued crl are kept
+ database      = $dir/index.txt        # database index file.
+@@ -325,7 +325,7 @@
+ [ tsa_config1 ]
+ 
+ # These are used by the TSA reply generation only.
+-dir           = ./demoCA              # TSA root directory
++dir           = /etc/ssl              # TSA root directory
+ serial                = $dir/tsaserial        # The current serial number 
(mandatory)
+ crypto_device = builtin               # OpenSSL engine to use for signing
+ signer_cert   = $dir/tsacert.pem      # The TSA signing certificate

Commit in openssl-1.1/repos (4 files)

Reply via email to