Hello community, here is the log from the commit of package openssl for openSUSE:Factory checked in at 2017-05-18 20:46:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssl (Old) and /work/SRC/openSUSE:Factory/.openssl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl" Thu May 18 20:46:33 2017 rev:138 rq:492985 version:1.0.2k Changes: -------- --- /work/SRC/openSUSE:Factory/openssl/openssl.changes 2017-04-11 09:29:35.117110729 +0200 +++ /work/SRC/openSUSE:Factory/.openssl.new/openssl.changes 2017-05-18 20:46:41.389065383 +0200 @@ -1,0 +2,75 @@ +Fri May 5 09:21:04 UTC 2017 - [email protected] + +- Provide pkgconfig(openssl) + +------------------------------------------------------------------- +Tue May 2 10:34:51 UTC 2017 - [email protected] + +- Provide basic baselibs.conf for 32bit subpackages +- Specify this package as noarch (as we just provide README files) + +------------------------------------------------------------------- +Wed Apr 26 12:51:45 UTC 2017 - [email protected] + +- Fix typo in openssl requires +- Add dependency on the branched devel package +- Provide all pkgconfig symbols to hide them in versioned subpkgs +- This allows us to propagate only the preffered version of openssl + while allowing us to add extra openssl only as additional dependency + +------------------------------------------------------------------- +Wed Apr 12 12:25:26 UTC 2017 - [email protected] + +- Remove the ssl provides as it is applicable for only those that + really provide it + +------------------------------------------------------------------- +Wed Apr 12 11:51:36 UTC 2017 - [email protected] + +- Prepare to split to various subpackages converting main one to + dummy package +- Reduce to only provide main pkg and devel and depend on proper + soversioned package +- Version in this package needs to be synced with the one provided + by the split package +- Remove all the patches, now in the proper versioned namespace: + * merge_from_0.9.8k.patch + * openssl-1.0.0-c_rehash-compat.diff + * bug610223.patch + * openssl-ocloexec.patch + * openssl-1.0.2a-padlock64.patch + * openssl-fix-pod-syntax.diff + * openssl-truststore.patch + * compression_methods_switch.patch + * 0005-libssl-Hide-library-private-symbols.patch + * openssl-1.0.2a-default-paths.patch + * openssl-pkgconfig.patch + * openssl-1.0.2a-ipv6-apps.patch + * 0001-libcrypto-Hide-library-private-symbols.patch + * openssl-1.0.2i-fips.patch + * openssl-1.0.2a-fips-ec.patch + * openssl-1.0.2a-fips-ctor.patch + * openssl-1.0.2i-new-fips-reqs.patch + * openssl-gcc-attributes.patch + * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch + * openssl-no-egd.patch + * openssl-fips-hidden.patch + * openssl-1.0.1e-add-suse-default-cipher.patch + * openssl-1.0.1e-add-test-suse-default-cipher-suite.patch + * openssl-missing_FIPS_ec_group_new_by_curve_name.patch + * openssl-fips-dont_run_FIPS_module_installed.patch + * openssl-fips_disallow_x931_rand_method.patch + * openssl-fips_disallow_ENGINE_loading.patch + * openssl-rsakeygen-minimum-distance.patch + * openssl-urandom-reseeding.patch + * openssl-fips-rsagen-d-bits.patch + * openssl-fips-selftests_in_nonfips_mode.patch + * openssl-fips-fix-odd-rsakeybits.patch + * openssl-fips-clearerror.patch + * openssl-fips-dont-fall-back-to-default-digest.patch + * openssl-fipslocking.patch + * openssl-print_notice-NULL_crash.patch + * openssl-randfile_fread_interrupt.patch + + +------------------------------------------------------------------- Old: ---- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch 0001-libcrypto-Hide-library-private-symbols.patch 0005-libssl-Hide-library-private-symbols.patch README-FIPS.txt bug610223.patch compression_methods_switch.patch merge_from_0.9.8k.patch openssl-1.0.0-c_rehash-compat.diff openssl-1.0.1e-add-suse-default-cipher.patch openssl-1.0.1e-add-test-suse-default-cipher-suite.patch openssl-1.0.2a-default-paths.patch openssl-1.0.2a-fips-ctor.patch openssl-1.0.2a-fips-ec.patch openssl-1.0.2a-ipv6-apps.patch openssl-1.0.2a-padlock64.patch openssl-1.0.2i-fips.patch openssl-1.0.2i-new-fips-reqs.patch openssl-1.0.2k.tar.gz openssl-1.0.2k.tar.gz.asc openssl-fips-clearerror.patch openssl-fips-dont-fall-back-to-default-digest.patch openssl-fips-dont_run_FIPS_module_installed.patch openssl-fips-fix-odd-rsakeybits.patch openssl-fips-hidden.patch openssl-fips-rsagen-d-bits.patch openssl-fips-selftests_in_nonfips_mode.patch openssl-fips_disallow_ENGINE_loading.patch openssl-fips_disallow_x931_rand_method.patch openssl-fipslocking.patch openssl-fix-pod-syntax.diff openssl-gcc-attributes.patch openssl-missing_FIPS_ec_group_new_by_curve_name.patch openssl-no-egd.patch openssl-ocloexec.patch openssl-pkgconfig.patch openssl-print_notice-NULL_crash.patch openssl-randfile_fread_interrupt.patch openssl-rsakeygen-minimum-distance.patch openssl-truststore.patch openssl-urandom-reseeding.patch openssl.keyring openssl.test ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.LZjphd/_old 2017-05-18 20:46:43.276798975 +0200 +++ /var/tmp/diff_new_pack.LZjphd/_new 2017-05-18 20:46:43.276798975 +0200 @@ -16,72 +16,20 @@ # -%define ssletcdir %{_sysconfdir}/ssl -#%define num_version %(echo "%{version}" | sed -e "s+[a-zA-Z]++g; s+_.*++g") -%define num_version 1.0.0 +%define _sonum 1_0_0 Name: openssl Version: 1.0.2k Release: 0 Summary: Secure Sockets and Transport Layer Security +# Yes there is no license but to not confuse people keep it aligned to the pkg License: OpenSSL Group: Productivity/Networking/Security Url: https://www.openssl.org/ -Source: https://www.%{name}.org/source/%{name}-%{version}.tar.gz -# to get mtime of file: -Source1: openssl.changes -Source2: baselibs.conf -Source10: README.SUSE -Source11: README-FIPS.txt -Source42: https://www.%{name}.org/source/%{name}-%{version}.tar.gz.asc -# https://www.openssl.org/about/ -# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/%name.keyring -Source43: %{name}.keyring -Patch0: merge_from_0.9.8k.patch -Patch1: openssl-1.0.0-c_rehash-compat.diff -Patch2: bug610223.patch -Patch3: openssl-ocloexec.patch -Patch4: openssl-1.0.2a-padlock64.patch -# PATCH-FIX-UPSTREAM http://rt.openssl.org/Ticket/Attachment/WithHeaders/20049 -Patch5: openssl-fix-pod-syntax.diff -Patch6: openssl-truststore.patch -Patch7: compression_methods_switch.patch -Patch8: 0005-libssl-Hide-library-private-symbols.patch -Patch9: openssl-1.0.2a-default-paths.patch -Patch10: openssl-pkgconfig.patch -Patch13: openssl-1.0.2a-ipv6-apps.patch -Patch14: 0001-libcrypto-Hide-library-private-symbols.patch -# FIPS patches: -Patch15: openssl-1.0.2i-fips.patch -Patch16: openssl-1.0.2a-fips-ec.patch -Patch17: openssl-1.0.2a-fips-ctor.patch -Patch18: openssl-1.0.2i-new-fips-reqs.patch -Patch19: openssl-gcc-attributes.patch -Patch26: 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch -Patch33: openssl-no-egd.patch -Patch34: openssl-fips-hidden.patch -Patch35: openssl-1.0.1e-add-suse-default-cipher.patch -Patch37: openssl-1.0.1e-add-test-suse-default-cipher-suite.patch -Patch38: openssl-missing_FIPS_ec_group_new_by_curve_name.patch -# FIPS patches from SLE-12 -Patch41: openssl-fips-dont_run_FIPS_module_installed.patch -Patch50: openssl-fips_disallow_x931_rand_method.patch -Patch51: openssl-fips_disallow_ENGINE_loading.patch -Patch53: openssl-rsakeygen-minimum-distance.patch -Patch54: openssl-urandom-reseeding.patch -Patch55: openssl-fips-rsagen-d-bits.patch -Patch56: openssl-fips-selftests_in_nonfips_mode.patch -Patch57: openssl-fips-fix-odd-rsakeybits.patch -Patch58: openssl-fips-clearerror.patch -Patch59: openssl-fips-dont-fall-back-to-default-digest.patch -Patch61: openssl-fipslocking.patch -Patch62: openssl-print_notice-NULL_crash.patch -Patch63: openssl-randfile_fread_interrupt.patch -BuildRequires: bc -BuildRequires: ed -BuildRequires: pkgconfig -BuildRequires: pkgconfig(zlib) -Provides: ssl -BuildRoot: %{_tmppath}/%{name}-%{version}-build +Source0: README.SUSE +Source99: baselibs.conf +BuildRequires: libopenssl%{_sonum} = %{version} +Requires: openssl-%{_sonum} = %{version} +BuildArch: noarch %description The OpenSSL Project is a collaborative effort to develop a robust, @@ -92,395 +40,43 @@ communicate, plan, and develop the OpenSSL toolkit and its related documentation. -Derivation and License - -OpenSSL is based on the excellent SSLeay library developed by Eric A. -Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an -Apache-style license, which basically means that you are free to get it -and to use it for commercial and noncommercial purposes. - -%package -n libopenssl1_0_0 -Summary: Secure Sockets and Transport Layer Security -License: OpenSSL -Group: Productivity/Networking/Security -Recommends: ca-certificates-mozilla - -%description -n libopenssl1_0_0 -The OpenSSL Project is a collaborative effort to develop a robust, -commercial-grade, full-featured, and open source toolkit implementing -the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS -v1) protocols with full-strength cryptography. The project is managed -by a worldwide community of volunteers that use the Internet to -communicate, plan, and develop the OpenSSL toolkit and its related -documentation. - -Derivation and License - -OpenSSL is based on the excellent SSLeay library developed by Eric A. -Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an -Apache-style license, which basically means that you are free to get it -and to use it for commercial and noncommercial purposes. - %package -n libopenssl-devel Summary: Include Files and Libraries mandatory for Development -License: OpenSSL Group: Development/Libraries/C and C++ Requires: %{name} = %{version} -Requires: libopenssl1_0_0 = %{version} -Requires: pkgconfig(zlib) +Requires: libopenssl%{_sonum} = %{version} +Requires: libopenssl-%{_sonum}-devel = %{version} +Requires: pkgconfig Obsoletes: openssl-devel < %{version} Provides: openssl-devel = %{version} +Provides: pkgconfig(libssl) = %{version} +Obsoletes: pkgconfig(libssl) < %{version} +Provides: pkgconfig(libopenssl) = %{version} +Obsoletes: pkgconfig(libopenssl) < %{version} +Provides: pkgconfig(libcrypto) = %{version} +Obsoletes: pkgconfig(libcrypto) < %{version} +Provides: pkgconfig(openssl) = %{version} +Obsoletes: pkgconfig(openssl) < %{version} %description -n libopenssl-devel This package contains all necessary include files and libraries needed to develop applications that require these. -%package -n libopenssl1_0_0-hmac -Summary: HMAC files for FIPS-140-2 integrity checking of the openssl shared libraries -License: BSD-3-Clause -Group: Productivity/Networking/Security -Requires: libopenssl1_0_0 = %{version}-%{release} - -%description -n libopenssl1_0_0-hmac -The FIPS compliant operation of the openssl shared libraries is NOT -possible without the HMAC hashes contained in this package! - -%package doc -Summary: Additional Package Documentation -License: OpenSSL -Group: Productivity/Networking/Security -BuildArch: noarch - -%description doc -This package contains optional documentation provided in addition to -this package's base documentation. - %prep -%setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch9 -p1 -%patch10 -p1 -%patch13 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 -%patch26 -p1 -%patch33 -p1 -%patch34 -p1 -%patch35 -p1 -%patch37 -p1 -%patch38 -p1 -%patch41 -p1 -%patch50 -p1 -%patch51 -p1 -%patch53 -p1 -%patch54 -p1 -%patch55 -p1 -%patch56 -p1 -%patch57 -p1 -%patch58 -p1 -%patch59 -p1 -%patch61 -p1 -%patch62 -p1 -%patch63 -p1 -%patch3 -%patch8 -p1 -%patch14 -p1 -cp -p %{SOURCE10} . -cp -p %{SOURCE11} . -echo "adding/overwriting some entries in the 'table' hash in Configure" -# $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags -export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::' -cat <<EOF_ED | ed -s Configure -/^); -- -i -# -# local configuration added from specfile -# ... MOST of those are now correct in openssl's Configure already, -# so only add them for new ports! -# -#config-string, $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib -#"linux-elf", "gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG \${x86_gcc_des} \${x86_gcc_opts}:\${x86_elf_asm}:$DSO_SCHEME:", -#"linux-ia64", "gcc:-DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:\${ia64_asm}: $DSO_SCHEME:", -#"linux-ppc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:", -#"linux-ppc64", "gcc:-DB_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-ldl:RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", -"linux-elf-arm","gcc:-DL_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:", -"linux-mips", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:\${no_asm}: $DSO_SCHEME:", -"linux-sparcv7","gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:\${no_asm}: $DSO_SCHEME:", -#"linux-sparcv8","gcc:-DB_ENDIAN -DBN_DIV2W -mv8 ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::asm/sparcv8.o::::::::::::: $DSO_SCHEME:", -#"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", -#"linux-s390", "gcc:-DB_ENDIAN ::(unknown): :-ldl:BN_LLONG:\${no_asm}: $DSO_SCHEME:", -#"linux-s390x", "gcc:-DB_ENDIAN -DNO_ASM -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG:\${no_asm}: $DSO_SCHEME:64", -"linux-parisc", "gcc:-DB_ENDIAN ::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL DES_RISC1:\${no_asm}: $DSO_SCHEME:", -. -wq -EOF_ED -# fix ENGINESDIR path -sed -i 's,/lib/engines,/%{_lib}/engines,' Configure +cp %{SOURCE0} . %build - -%if 0%{?suse_version} >= 1230 -find -type f -name "*.c" -exec sed -i -e "s@getenv@secure_getenv@g" {} + -%endif - -%ifarch armv5el armv5tel -export MACHINE=armv5el -%endif -%ifarch armv6l armv6hl -export MACHINE=armv6l -%endif -./config --test-sanity -# -config_flags="threads shared no-rc5 no-idea \ -fips \ -no-ssl2 \ -no-ssl3 \ -enable-rfc3779 \ -%ifarch x86_64 aarch64 ppc64le -enable-ec_nistp_64_gcc_128 \ -%endif -enable-camellia \ -zlib \ -no-ec2m \ ---prefix=%{_prefix} \ ---libdir=%{_lib} \ ---openssldir=%{ssletcdir} \ -%{optflags} -std=gnu99 \ --Wa,--noexecstack \ --Wl,-z,relro,-z,now \ --fno-common \ --DTERMIO \ --DPURIFY \ --D_GNU_SOURCE \ --DOPENSSL_NO_BUF_FREELISTS \ -$(getconf LFS_CFLAGS) \ --Wall " - -# -#%{!?do_profiling:%define do_profiling 0} -#%if %do_profiling -# # generate feedback -# ./config $config_flags -# make depend CC="gcc %cflags_profile_generate" -# make CC="gcc %cflags_profile_generate" -# LD_LIBRARY_PATH=`pwd` make rehash CC="gcc %cflags_profile_generate" -# LD_LIBRARY_PATH=`pwd` make test CC="gcc %cflags_profile_generate" -# LD_LIBRARY_PATH=`pwd` apps/openssl speed -# make clean -# # compile with feedback -# # but not if it makes a cipher slower: -# #find crypto/aes -name '*.da' | xargs -r rm -# ./config $config_flags %cflags_profile_feedback -# make depend -# make -# LD_LIBRARY_PATH=`pwd` make rehash -# LD_LIBRARY_PATH=`pwd` make test -#%else -# OpenSSL relies on uname -m (not good). Thus that little sparc line. - ./config \ -%ifarch sparc64 - linux64-sparcv9 \ -%endif - $config_flags - - # Record mtime of changes file instead of build time to make build-compare work - make PERL=perl -C crypto buildinf.h - CHANGES=`stat --format="%{y}" %{SOURCE1}` - cat crypto/buildinf.h - sed -i -e "s|#define DATE .*|#define DATE \"built on: $CHANGES\"|" crypto/buildinf.h - cat crypto/buildinf.h - - make depend - make - LD_LIBRARY_PATH=`pwd` make rehash -# for FIPS mode testing; the same hashes are being created later just before -# the wrap-up of the files into the package. -# These files are just there for the make test below... -crypto/fips/fips_standalone_hmac libcrypto.so.1.0.0 > .libcrypto.so.1.0.0.hmac -crypto/fips/fips_standalone_hmac libssl.so.1.0.0 > .libssl.so.1.0.0.hmac -export MALLOC_CHECK_=3 -export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) -LD_LIBRARY_PATH=`pwd` make test FIPSCANLIB="" -%ifnarch armv4l -LD_LIBRARY_PATH=`pwd` make test -%endif -#%endif -# show settings -make %{?_smp_mflags} TABLE -echo %{optflags} -eval $(egrep PLATFORM='[[:alnum:]]' Makefile) -grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE +: %install -make MANDIR=%{_mandir} INSTALL_PREFIX=%{buildroot} install -cp -a crypto/fips/fips_standalone_hmac %{buildroot}%{_bindir}/fips_standalone_hmac -ln -sf ./%{name} %{buildroot}/%{_includedir}/ssl -mkdir %{buildroot}/%{_datadir}/ssl -mv %{buildroot}/%{ssletcdir}/misc %{buildroot}/%{_datadir}/ssl/ -# ln -s %{ssletcdir}/private $RPM_BUILD_ROOT/%{_datadir}/ssl/private -# ln -s %{ssletcdir}/openssl.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf -# - -# avoid file conflicts with man pages from other packages -# -pushd %{buildroot}/%{_mandir} -# some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check. -# replace spaces by underscores -#for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done -which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) } -for i in man?/*; do - if test -L $i ; then - LDEST=`readlink $i` - rm -f $i ${i}ssl - ln -sf ${LDEST}ssl ${i}ssl - else - mv $i ${i}ssl - fi - case "$i" in - *.1) - # these are the pages mentioned in openssl(1). They go into the main package. - echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist;; - *) - # the rest goes into the openssl-doc package. - echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;; - esac -done -popd -# -# check wether some shared library has been installed -# -ls -l %{buildroot}%{_libdir} -test -f %{buildroot}%{_libdir}/libssl.so.%{num_version} -test -f %{buildroot}%{_libdir}/libcrypto.so.%{num_version} -test -L %{buildroot}%{_libdir}/libssl.so -test -L %{buildroot}%{_libdir}/libcrypto.so -# -# see what we've got -# -cat > showciphers.c <<EOF -#include <openssl/err.h> -#include <openssl/ssl.h> -int main(){ -unsigned int i; -SSL_CTX *ctx; -SSL *ssl; -SSL_METHOD *meth; - meth = SSLv23_client_method(); - SSLeay_add_ssl_algorithms(); - ctx = SSL_CTX_new(meth); - if (ctx == NULL) return 0; - ssl = SSL_new(ctx); - if (!ssl) return 0; - for (i=0; ; i++) { - int j, k; - SSL_CIPHER *sc; - sc = (meth->get_cipher)(i); - if (!sc) break; - k = SSL_CIPHER_get_bits(sc, &j); - printf("%{s}\n", sc->name); - } - return 0; -}; -EOF -gcc %{optflags} -I%{buildroot}%{_includedir} -c showciphers.c -gcc -o showciphers showciphers.o -L%{buildroot}%{_libdir} -lssl -lcrypto -LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true -cat AVAILABLE_CIPHERS -# Do not install demo scripts executable under /usr/share/doc -find demos -type f -perm /111 -exec chmod 644 {} \; - -# the hmac hashes: -# -# this is a hack that re-defines the __os_install_post macro -# for a simple reason: the macro strips the binaries and thereby -# invalidates a HMAC that may have been created earlier. -# solution: create the hashes _after_ the macro runs. -# -# this shows up earlier because otherwise the %expand of -# the macro is too late. -# remark: This is the same as running -# openssl dgst -sha256 -hmac 'ppaksykemnsecgtsttplmamstKMEs' -%{expand:%%global __os_install_post {%__os_install_post - -%{buildroot}%{_bindir}/fips_standalone_hmac \ - %{buildroot}/%{_lib}/libssl.so.%{num_version} > \ - %{buildroot}/%{_lib}/.libssl.so.%{num_version}.hmac - -%{buildroot}%{_bindir}/fips_standalone_hmac \ - %{buildroot}/%{_lib}/libcrypto.so.%{num_version} > \ - %{buildroot}/%{_lib}/.libcrypto.so.%{num_version}.hmac - -}} - -#process openssllib -mkdir %{buildroot}/%{_lib} -mv %{buildroot}%{_libdir}/libssl.so.%{num_version} %{buildroot}/%{_lib}/ -mv %{buildroot}%{_libdir}/libcrypto.so.%{num_version} %{buildroot}/%{_lib}/ -mv %{buildroot}%{_libdir}/engines %{buildroot}/%{_lib}/ -cd %{buildroot}%{_libdir}/ -ln -sf /%{_lib}/libssl.so.%{num_version} ./libssl.so -ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so - -for engine in 4758cca atalla nuron sureware ubsec cswift chil aep gmp capi; do -rm %{buildroot}/%{_lib}/engines/lib$engine.so -done - -%ifnarch %{ix86} x86_64 -rm %{buildroot}/%{_lib}/engines/libpadlock.so -%endif - -%post -n libopenssl1_0_0 -p /sbin/ldconfig -%postun -n libopenssl1_0_0 -p /sbin/ldconfig +: -%files -n libopenssl1_0_0 +%files %defattr(-, root, root) -/%{_lib}/libssl.so.%{num_version} -/%{_lib}/libcrypto.so.%{num_version} -/%{_lib}/engines - -%files -n libopenssl1_0_0-hmac -%defattr(-, root, root) -/%{_lib}/.libssl.so.%{num_version}.hmac -/%{_lib}/.libcrypto.so.%{num_version}.hmac +%doc README.SUSE %files -n libopenssl-devel %defattr(-, root, root) -%{_includedir}/%{name}/ -%{_includedir}/ssl -%exclude %{_libdir}/libcrypto.a -%exclude %{_libdir}/libssl.a -%{_libdir}/libssl.so -%{_libdir}/libcrypto.so -%{_libdir}/pkgconfig/libcrypto.pc -%{_libdir}/pkgconfig/libssl.pc -%{_libdir}/pkgconfig/openssl.pc - -%files doc -f filelist.doc -%defattr(-, root, root) -%doc doc/* demos -%doc showciphers.c - -%files -f filelist -%defattr(-, root, root) -%doc CHANGE* INSTAL* AVAILABLE_CIPHERS -%doc LICENSE NEWS README README.SUSE README-FIPS.txt -%dir %{ssletcdir} -%config (noreplace) %{ssletcdir}/openssl.cnf -%attr(700,root,root) %{ssletcdir}/private -%dir %{_datadir}/ssl -%{_datadir}/ssl/misc -%{_bindir}/c_rehash -%{_bindir}/fips_standalone_hmac -%{_bindir}/%{name} +%doc README.SUSE %changelog ++++++ README.SUSE ++++++ --- /var/tmp/diff_new_pack.LZjphd/_old 2017-05-18 20:46:43.308794460 +0200 +++ /var/tmp/diff_new_pack.LZjphd/_new 2017-05-18 20:46:43.308794460 +0200 @@ -1,9 +1,9 @@ -Please note that the man pages for the openssl libraries and tools -have been placed in a package on its own right: openssl-doc Please -install the openssl-doc package if you need the man pages, HTML -documentation or sample C programs. +======== +OVERVIEW -The C header files and static libraries have also been extracted, they -can now be found in the openssl-devel package. +This package is a dummy package that always depends on the +version of corresponding openssl packages that openSUSE +currently supports. -Your SUSE Team. +There can be multiple openssl versions (newer or older) present +for compatibility reasons. ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.LZjphd/_old 2017-05-18 20:46:43.336790509 +0200 +++ /var/tmp/diff_new_pack.LZjphd/_new 2017-05-18 20:46:43.340789944 +0200 @@ -1,8 +1,6 @@ -libopenssl1_0_0 - obsoletes "openssl-<targettype> <= <version>" +openssl + requires "openssl-1_0_0-<targettype> = <version>" libopenssl-devel - requires -libopenssl-<targettype> + requires "openssl-<targettype> = <version>" requires "libopenssl1_0_0-<targettype> = <version>" -libopenssl1_0_0-hmac - requires -libopenssl1_0_0 = <version> - requires "libopenssl1_0_0-<targettype> = <version>-%release" + requires "libopenssl-1_0_0-devel-<targettype> = <version>"
