--- /dev/null
+UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
+SERIAL=0
+
+.PHONY: usage
+.SUFFIXES: .key .csr .crt .pem
+.PRECIOUS: %.key %.csr %.crt %.pem
+
+usage:
+ @echo "This makefile allows you to create:"
+ @echo " o public/private key pairs"
+ @echo " o SSL certificate signing requests (CSRs)"
+ @echo " o self-signed SSL test certificates"
+ @echo
+ @echo "To create a key pair, run \"make SOMETHING.key\"."
+ @echo "To create a CSR, run \"make SOMETHING.csr\"."
+ @echo "To create a test certificate, run \"make SOMETHING.crt\"."
+ @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"."
+ @echo
+ @echo "To create a key for use with Apache, run \"make genkey\"."
+ @echo "To create a CSR for use with Apache, run \"make certreq\"."
+ @echo "To create a test certificate for use with Apache, run \"make testcert\"."
+ @echo
+ @echo "To create a test certificate with serial number other than zero, add SERIAL=num"
+ @echo
+ @echo Examples:
+ @echo " make server.key"
+ @echo " make server.csr"
+ @echo " make server.crt"
+ @echo " make stunnel.pem"
+ @echo " make genkey"
+ @echo " make certreq"
+ @echo " make testcert"
+ @echo " make server.crt SERIAL=1"
+ @echo " make stunnel.pem SERIAL=2"
+ @echo " make testcert SERIAL=3"
+
+%.pem:
+ umask 77 ; \
+ PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
+ PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
+ /usr/bin/openssl req $(UTF8) -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
+ cat $$PEM1 > $@ ; \
+ echo "" >> $@ ; \
+ cat $$PEM2 >> $@ ; \
+ $(RM) $$PEM1 $$PEM2
+
+%.key:
+ umask 77 ; \
+ /usr/bin/openssl genrsa -des3 1024 > $@
+
+%.csr: %.key
+ umask 77 ; \
+ /usr/bin/openssl req $(UTF8) -new -key $^ -out $@
+
+%.crt: %.key
+ umask 77 ; \
+ /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
+
+TLSROOT=/etc/pki/tls
+KEY=$(TLSROOT)/private/localhost.key
+CSR=$(TLSROOT)/certs/localhost.csr
+CRT=$(TLSROOT)/certs/localhost.crt
+
+genkey: $(KEY)
+certreq: $(CSR)
+testcert: $(CRT)
+
+$(CSR): $(KEY)
+ umask 77 ; \
+ /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR)
+
+$(CRT): $(KEY)
+ umask 77 ; \
+ /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)
%define __find_requires %{_mingw32_findrequires}
%define __find_provides %{_mingw32_findprovides}
+# Enable the tests.
+# These only work some of the time, but fail randomly at other times
+# (although I have had them complete a few times, so I don't think
+# there is any actual problem with the binaries).
+%define with_tests 0
+
Name: mingw32-openssl
Version: 0.9.8g
Release: 1%{?dist}
Patch101: mingw32-openssl-0.9.8g-configure.patch
Patch102: mingw32-openssl-0.9.8g-shared.patch
Patch103: mingw32-openssl-0.9.8g-global.patch
+Patch104: mingw32-openssl-0.9.8g-sfx.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: /usr/bin/cmp
BuildRequires: /usr/bin/rename
-# Required to run the tests.
+# Required both to build, and to run the tests.
BuildRequires: wine
+
+%if %{with_tests}
+# Required to run the tests.
BuildRequires: xorg-x11-server-Xvfb
+%endif
#Requires: ca-certificates >= 2008-5
Requires: pkgconfig
%patch101 -p1 -b .mingw-configure
%patch102 -p1 -b .mingw-shared
%patch103 -p1 -b .mingw-global
+%patch104 -p1 -b .mingw-sfx
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
# NB: 'no-hw' is vital. MinGW cannot build the hardware drivers
# and if you don't have this you'll get an obscure link error.
./Configure \
+ --prefix=%{_mingw32_prefix} \
--openssldir=%{_mingw32_sysconfdir}/pki/tls \
zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa no-hw shared \
make all build-shared
make rehash build-shared
+%if %{with_tests}
#----------------------------------------------------------------------
# Run some tests. I don't know why this isn't in a %-check section
# but this is how it is in the native RPM.
#
#./openssl-thread-test --threads %{thread_test_threads}
+#----------------------------------------------------------------------
+%endif
+
# Patch33 must be patched after tests otherwise they will fail
patch -p1 -b -z .ca-dir < %{PATCH33}
%install
rm -rf $RPM_BUILD_ROOT
-exit 1
-make DESTDIR=$RPM_BUILD_ROOT install
+mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}
+mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}/openssl
+mkdir -p $RPM_BUILD_ROOT%{_mingw32_bindir}
+mkdir -p $RPM_BUILD_ROOT%{_mingw32_includedir}
+mkdir -p $RPM_BUILD_ROOT%{_mingw32_mandir}
+make INSTALL_PREFIX=$RPM_BUILD_ROOT install build-shared
+
+# Install the actual DLLs.
+install libcrypto-7.dll $RPM_BUILD_ROOT%{_mingw32_bindir}
+install libssl-7.dll $RPM_BUILD_ROOT%{_mingw32_bindir}
# Remove static libraries but DON'T remove *.dll.a files.
-rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libfoo.a
+rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.a
+rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.a
+
+# I have no idea why it installs the manpages in /etc, but
+# we remove them anyway.
+rm -r $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/man
+
+# Set permissions on lib*.dll.a so that strip works.
+chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.dll.a
+chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.dll.a
%clean
%files
%defattr(-,root,root)
-%{_mingw32_bindir}/foo.dll
-%{_mingw32_libdir}/foo.dll.a
-# etc.
+%{_mingw32_bindir}/openssl.exe
+%{_mingw32_bindir}/c_rehash
+%{_mingw32_bindir}/libcrypto-7.dll
+%{_mingw32_bindir}/libssl-7.dll
+%{_mingw32_libdir}/libcrypto.dll.a
+%{_mingw32_libdir}/libssl.dll.a
+%{_mingw32_libdir}/engines
+%{_mingw32_libdir}/pkgconfig/*.pc
+%{_mingw32_includedir}/openssl
+%config(noreplace) %{_mingw32_sysconfdir}/pki
%changelog
-* Wed Sep 24 2008 Your Name <you@example.com> - 1.2.3-1
+* Tue Sep 30 2008 Richard W.M. Jones <rjones@redhat.com> - 0.9.8g-1
- Initial RPM release.
git.annexia.org / fedora-mingw.git / commitdiff