Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Patch for backporting OpenSSL 1.0.0e from Oneiric to Lucid.
diff -Naur openssl-1.0.0e/debian/changelog openssl-1.0.0e.new/debian/changelog
--- openssl-1.0.0e/debian/changelog 2011-09-27 18:16:34.000000000 +0200
+++ openssl-1.0.0e.new/debian/changelog 2011-09-30 16:25:48.000000000 +0200
@@ -1,3 +1,9 @@
+openssl (1.0.0e-2ubuntu2~bpohebex1) lucid; urgency=low
+
+ * Backport to Lucid: drop multi-arch support.
+
+ -- Vincent Bernat <bernat@debian.org> Fri, 30 Sep 2011 16:24:40 +0200
+
openssl (1.0.0e-2ubuntu2) oneiric; urgency=low
* Unapply patch c_rehash-multi and comment it out in the series as it breaks
diff -Naur openssl-1.0.0e/debian/control openssl-1.0.0e.new/debian/control
--- openssl-1.0.0e/debian/control 2011-09-15 21:05:04.000000000 +0200
+++ openssl-1.0.0e.new/debian/control 2011-09-30 16:24:47.000000000 +0200
@@ -1,5 +1,5 @@
Source: openssl
-Build-Depends: debhelper (>= 8.1.3), zlib1g-dev, m4, bc
+Build-Depends: debhelper (>= 7.4.15), zlib1g-dev, m4, bc
Section: utils
Priority: optional
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
diff -Naur openssl-1.0.0e/debian/libssl1.0.0.files openssl-1.0.0e.new/debian/libssl1.0.0.files
--- openssl-1.0.0e/debian/libssl1.0.0.files 2011-09-15 21:05:04.000000000 +0200
+++ openssl-1.0.0e.new/debian/libssl1.0.0.files 2011-10-03 14:17:25.000000000 +0200
@@ -1,5 +1,5 @@
+lib/*.so.*.*.*
lib/*/*.so.*.*.*
-lib/*/*/*.so.*.*.*
-lib/*/i686/cmov/*.so.*.*.*
-usr/lib/*/*.so.*.*.*
-usr/lib/*/openssl-1.0.0/engines
+lib/i686/cmov/*.so.*.*.*
+usr/lib/*.so.*.*.*
+usr/lib/openssl-1.0.0/engines
diff -Naur openssl-1.0.0e/debian/libssl-dev.files openssl-1.0.0e.new/debian/libssl-dev.files
--- openssl-1.0.0e/debian/libssl-dev.files 2011-09-15 21:05:04.000000000 +0200
+++ openssl-1.0.0e.new/debian/libssl-dev.files 2011-10-03 14:18:06.000000000 +0200
@@ -1,6 +1,6 @@
-usr/lib/*/libssl.so
-usr/lib/*/libcrypto.so
-usr/lib/*/libssl.a
-usr/lib/*/libcrypto.a
-usr/lib/*/pkgconfig
+usr/lib/libssl.so
+usr/lib/libcrypto.so
+usr/lib/libssl.a
+usr/lib/libcrypto.a
+usr/lib/pkgconfig
usr/include
diff -Naur openssl-1.0.0e/debian/rules openssl-1.0.0e.new/debian/rules
--- openssl-1.0.0e/debian/rules 2011-09-15 21:05:04.000000000 +0200
+++ openssl-1.0.0e.new/debian/rules 2011-09-30 16:57:53.000000000 +0200
@@ -19,8 +19,6 @@
DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
DEB_HOST_ARCH_OS = $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
-DEB_HOST_MULTIARCH=$(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
-
DEB_HOST_GNU_TYPE=$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
DEB_BUILD_GNU_TYPE=$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
@@ -31,7 +29,7 @@
MAKE_TEST=make test
endif
-CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2
+CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2
OPT_alpha = ev4 ev5
ARCHOPTS = OPT_$(DEB_HOST_ARCH)
OPTS = $($(ARCHOPTS))
@@ -124,23 +122,23 @@
# pic static libraries, nobody should need them
# mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a
# mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a
- cp -pf libcrypto.static debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.a
- cp -pf libssl.static debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.a
+ cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a
+ cp -pf libssl.static debian/tmp/usr/lib/libssl.a
# move runtime libraries to /lib
- install -d debian/tmp/lib/$(DEB_HOST_MULTIARCH)
- mv debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/lib*.so.* debian/tmp/lib/$(DEB_HOST_MULTIARCH)
- ln -sf /lib/$(DEB_HOST_MULTIARCH)/$$(readlink debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so) debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so
- ln -sf /lib/$(DEB_HOST_MULTIARCH)/$$(readlink debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so) debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libssl.so
+ install -d debian/tmp/lib
+ mv debian/tmp/usr/lib/lib*.so.* debian/tmp/lib
+ ln -sf /lib/$$(readlink debian/tmp/usr/lib/libcrypto.so) debian/tmp/usr/lib/libcrypto.so
+ ln -sf /lib/$$(readlink debian/tmp/usr/lib/libssl.so) debian/tmp/usr/lib/libssl.so
ifneq ($(DEB_HOST_ARCH_OS),hurd)
# leave symlinks behind due to rpath in old versions
- for x in debian/tmp/lib/$(DEB_HOST_MULTIARCH)/lib*.so.*; do ln -s /lib/$(DEB_HOST_MULTIARCH)/$$(basename $$x) debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/$$(basename $$x); done
+ for x in debian/tmp/lib/lib*.so.*; do ln -s /lib/$$(basename $$x) debian/tmp/usr/lib/$$(basename $$x); done
endif
mkdir -p debian/tmp/etc/ssl
mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/
ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/
- cp -pf debian/tmp/lib/$(DEB_HOST_MULTIARCH)/libcrypto.so.* debian/libcrypto1.0.0-udeb/lib/
- cp -pf debian/tmp/lib/$(DEB_HOST_MULTIARCH)/libssl.so.* debian/libssl1.0.0-udeb/lib/
- for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/lib/$(DEB_HOST_MULTIARCH)/$$opt; cp -auv $$opt/lib*.so* debian/tmp/lib/$(DEB_HOST_MULTIARCH)/$$opt/; done
+ cp -pf debian/tmp/lib/libcrypto.so.* debian/libcrypto1.0.0-udeb/lib/
+ cp -pf debian/tmp/lib/libssl.so.* debian/libssl1.0.0-udeb/lib/
+ for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/lib/$$opt/; done
install debian/copyright debian/libssl1.0.0/usr/share/doc/libssl1.0.0/
install debian/changelog debian/libssl1.0.0/usr/share/doc/libssl1.0.0/changelog.Debian
install debian/copyright debian/libssl-dev/usr/share/doc/libssl-dev/
@@ -166,7 +164,7 @@
dpkg-gensymbols -Pdebian/libssl1.0.0/ -plibssl1.0.0 -c4
dh_makeshlibs -a -V "libssl1.0.0 (>= 1.0.0)" --add-udeb="libcrypto1.0.0-udeb"
sed -i '/^udeb: libssl/s/libcrypto1.0.0-udeb/libssl1.0.0-udeb/' debian/libssl1.0.0/DEBIAN/shlibs
- dh_shlibdeps -a -L libssl1.0.0 -l debian/libssl1.0.0/lib/$(DEB_HOST_MULTIARCH)
+ dh_shlibdeps -a -L libssl1.0.0 -l debian/libssl1.0.0/lib
dh_gencontrol -a
dh_installdeb -a
dh_md5sums -a

theflow commented Feb 2, 2012

Hi Vincent,

thanks a lot for this patch! However, the libssl built with this patch seems to be missing any engines:

lb1-staging:~/ssl# openssl engine -v -t
(dynamic) Dynamic engine loading support
[ unavailable ]
SO_PATH, NO_VCHECK, ID, LIST_ADD, DIR_LOAD, DIR_ADD, LOAD

whereas the lucid supplied version has aesni available.

Any idea how to enable that?

Owner

vincentbernat commented Feb 2, 2012

Hi !

Did you also apply this patch on top of 1.0.0e-2ubuntu2 or did you use some other version?

theflow commented Feb 8, 2012

I followed the steps you outlined here: http://www.mail-archive.com/haproxy@formilux.org/msg06137.html

I got it working now by running configure/make install instead of building a deb and then statically linking stud with that version. Weird.

Owner

vincentbernat commented Feb 8, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment