Created
August 3, 2015 17:40
-
-
Save AliceWonderMiscreations/6280383bc35abbf485e2 to your computer and use it in GitHub Desktop.
CentOS (RHEL) RPM spec file for LibreSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Builds in mock in CentOS 7 | |
# dev package conflicts with openssl-dev - intentional | |
# A system should not have both dev packages installed together | |
# man3 pages in own sub-package | |
# dev package usually only installed by build system. Keeping | |
# man pages separate avoids possible name conflict with man | |
# pages from other dev packages, man pages not needed in build | |
# system | |
# openssl binary renamed to libressl | |
# allows parallel install with vendor openssl without weird | |
# paths or confusion. Man page also renamed. | |
# RPM spec file only tested in CentOS 7 x86_64 | |
%define ssldir %{_sysconfdir}/pki/tls | |
#keep libraries in own subdirectory | |
%define _libdir %{_prefix}/%{_lib}/libressl | |
Name: libressl | |
Version: 2.2.1 | |
Release: 0.1%{?dist} | |
Summary: OpenBSD fork of the OpenSSL Cryptography Suite | |
Group: System Environment/Utilities | |
License: OpenSSL | |
URL: http://www.libressl.org/ | |
Source0: http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-%{version}.tar.gz | |
#BuildRequires: | |
Requires: %{name}-libs = %{version}-%{release} | |
#From the README.md | |
%description | |
LibreSSL is a fork of OpenSSL 1.0.1g developed by the OpenBSD project. | |
Our goal is to modernize the codebase, improve security, and apply best | |
practice development processes from OpenBSD. | |
%package libs | |
Summary: Shared Libraries for LibreSSL | |
Group: System Environment/Libraries | |
#After first line is from the README.md | |
%description libs | |
This package provides the shared libraries for LibreSSL. | |
LibreSSL is API compatible with OpenSSL 1.0.1, but does not yet include all | |
new APIs from OpenSSL 1.0.2 and later. LibreSSL also includes APIs not yet | |
present in OpenSSL. The current common API subset is OpenSSL 1.0.1. | |
LibreSSL it is not ABI compatible with any release of OpenSSL, or necessarily | |
earlier releases of LibreSSL. You will need to relink your programs to | |
LibreSSL in order to use it, just as in moving between major versions of | |
OpenSSL. | |
LibreSSL's installed library version numbers are incremented to account for | |
ABI and API changes. | |
%package devel | |
Summary: Developer files for LibreSSL | |
Group: Development/Libraries | |
Requires: %{name}-libs = %{version}-%{release} | |
Conflicts: openssl-devel | |
%description devel | |
This package provides the development header files for LibreSSL. | |
%package devel-manpages | |
Summary: Developer manual pages | |
Group: Documentation | |
Requires: %{name}-devel = %{version}-%{release} | |
%description devel-manpages | |
This package provides the developer man3 pages. | |
%package static | |
Summary: Static libraries for LibreSSL | |
Group: Development/Libraries | |
Requires: %{name}-devel = %{version}-%{release} | |
%description static | |
This package provides the LibreSSL static libraries. | |
%prep | |
%setup -q | |
%build | |
%configure \ | |
--with-openssldir=%{ssldir} | |
# fails biotest \ | |
# --enable-extratests | |
##%% from RHEL/CentOS OpenSSL spec file ##%% | |
# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be | |
# marked as not requiring an executable stack. | |
# Also add -DPURIFY to make using valgrind with openssl easier as we do not | |
# want to depend on the uninitialized memory as a source of entropy anyway. | |
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY" | |
make %{?_smp_mflags} | |
%check | |
make check | |
%install | |
make install DESTDIR=%{buildroot} | |
rm -f %{buildroot}%{_libdir}/*.la | |
#rename openssl binary | |
mv %{buildroot}%{_bindir}/openssl %{buildroot}%{_bindir}/libressl | |
mv %{buildroot}%{_mandir}/man1/openssl.1 %{buildroot}%{_mandir}/man1/libressl.1 | |
cat <<EOF > README.rpm | |
The compiled binary openssl has been renamed to libressl to avoid conflicts | |
with the distribution supplied openssl binary. | |
The man1 page has also been renamed to libressl but refers to openssl in the | |
man page itself. | |
EOF | |
install -d %{buildroot}%{_prefix}/%{_lib}/pkgconfig | |
mv %{buildroot}%{_libdir}/pkgconfig/*.pc %{buildroot}%{_prefix}/%{_lib}/pkgconfig/ | |
#fix permissions | |
chmod 755 %{buildroot}%{_libdir}/lib*.0.0 | |
#ld.so.conf | |
install -d %{buildroot}%{_sysconfdir}/ld.so.conf.d | |
cat <<EOF > %{buildroot}%{_sysconfdir}/ld.so.conf.d/libressl-%{_arch}.conf | |
%{_libdir} | |
EOF | |
%clean | |
rm -rf %{buildroot} | |
%post libs -p /sbin/ldconfig | |
%postun libs -p /sbin/ldconfig | |
%files | |
%defattr(-,root,root,-) | |
%{_bindir}/libressl | |
%{_mandir}/man1/libressl.* | |
%doc COPYING VERSION README.rpm | |
%files libs | |
%defattr(-,root,root,-) | |
%dir %{_libdir} | |
%{_libdir}/lib*.so.* | |
%config(noreplace) %{_sysconfdir}/ld.so.conf.d/libressl-%{_arch}.conf | |
%doc COPYING VERSION | |
%files devel | |
%defattr(-,root,root,-) | |
%{_includedir}/tls.h | |
%{_includedir}/openssl/*.h | |
%{_libdir}/*.so | |
%{_prefix}/%{_lib}/pkgconfig/*.pc | |
%doc COPYING README.md ChangeLog VERSION | |
%files devel-manpages | |
%defattr(-,root,root,-) | |
%{_mandir}/man3/* | |
%doc COPYING VERSION | |
%files static | |
%defattr(-,root,root,-) | |
%{_libdir}/*.a | |
%doc COPYING VERSION | |
%changelog | |
* Mon Aug 03 2015 Alice Wonder <buildmaster@domblogger.net> 2.2.1-0.1 | |
- Initial spec file |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment