From a7a275083684ae956e9e4465b88757ee3fb1f13f Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 1 Jan 1970 00:00:00 +0000 Subject: [PATCH] OpenSSL package now builds. --- openssl/Makefile.certificate | 74 ++++++++++++++++++++++++++++++++ openssl/mingw32-openssl-0.9.8g-sfx.patch | 14 ++++++ openssl/mingw32-openssl.spec | 57 ++++++++++++++++++++---- 3 files changed, 137 insertions(+), 8 deletions(-) create mode 100644 openssl/Makefile.certificate create mode 100644 openssl/mingw32-openssl-0.9.8g-sfx.patch diff --git a/openssl/Makefile.certificate b/openssl/Makefile.certificate new file mode 100644 index 0000000..bf3dc21 --- /dev/null +++ b/openssl/Makefile.certificate @@ -0,0 +1,74 @@ +UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8) +SERIAL=0 + +.PHONY: usage +.SUFFIXES: .key .csr .crt .pem +.PRECIOUS: %.key %.csr %.crt %.pem + +usage: + @echo "This makefile allows you to create:" + @echo " o public/private key pairs" + @echo " o SSL certificate signing requests (CSRs)" + @echo " o self-signed SSL test certificates" + @echo + @echo "To create a key pair, run \"make SOMETHING.key\"." + @echo "To create a CSR, run \"make SOMETHING.csr\"." + @echo "To create a test certificate, run \"make SOMETHING.crt\"." + @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"." + @echo + @echo "To create a key for use with Apache, run \"make genkey\"." + @echo "To create a CSR for use with Apache, run \"make certreq\"." + @echo "To create a test certificate for use with Apache, run \"make testcert\"." + @echo + @echo "To create a test certificate with serial number other than zero, add SERIAL=num" + @echo + @echo Examples: + @echo " make server.key" + @echo " make server.csr" + @echo " make server.crt" + @echo " make stunnel.pem" + @echo " make genkey" + @echo " make certreq" + @echo " make testcert" + @echo " make server.crt SERIAL=1" + @echo " make stunnel.pem SERIAL=2" + @echo " make testcert SERIAL=3" + +%.pem: + umask 77 ; \ + PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ + PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ + /usr/bin/openssl req $(UTF8) -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \ + cat $$PEM1 > $@ ; \ + echo "" >> $@ ; \ + cat $$PEM2 >> $@ ; \ + $(RM) $$PEM1 $$PEM2 + +%.key: + umask 77 ; \ + /usr/bin/openssl genrsa -des3 1024 > $@ + +%.csr: %.key + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $^ -out $@ + +%.crt: %.key + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL) + +TLSROOT=/etc/pki/tls +KEY=$(TLSROOT)/private/localhost.key +CSR=$(TLSROOT)/certs/localhost.csr +CRT=$(TLSROOT)/certs/localhost.crt + +genkey: $(KEY) +certreq: $(CSR) +testcert: $(CRT) + +$(CSR): $(KEY) + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR) + +$(CRT): $(KEY) + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL) diff --git a/openssl/mingw32-openssl-0.9.8g-sfx.patch b/openssl/mingw32-openssl-0.9.8g-sfx.patch new file mode 100644 index 0000000..332a926 --- /dev/null +++ b/openssl/mingw32-openssl-0.9.8g-sfx.patch @@ -0,0 +1,14 @@ +--- openssl-0.9.8g.orig/engines/Makefile 2006-02-04 01:49:34.000000000 +0000 ++++ openssl-0.9.8g.mingw/engines/Makefile 2008-09-30 20:05:30.000000000 +0100 +@@ -91,7 +91,10 @@ + set -e; \ + for l in $(LIBNAMES); do \ + ( echo installing $$l; \ +- if [ "$(PLATFORM)" != "Cygwin" ]; then \ ++ if [ "$(PLATFORM)" = "mingw" ]; then \ ++ sfx=dll; \ ++ cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ ++ elif [ "$(PLATFORM)" != "Cygwin" ]; then \ + case "$(CFLAGS)" in \ + *DSO_DLFCN*) sfx="so";; \ + *DSO_DL*) sfx="sl";; \ diff --git a/openssl/mingw32-openssl.spec b/openssl/mingw32-openssl.spec index a293c47..e5a1d8a 100644 --- a/openssl/mingw32-openssl.spec +++ b/openssl/mingw32-openssl.spec @@ -4,6 +4,12 @@ %define __find_requires %{_mingw32_findrequires} %define __find_provides %{_mingw32_findprovides} +# Enable the tests. +# These only work some of the time, but fail randomly at other times +# (although I have had them complete a few times, so I don't think +# there is any actual problem with the binaries). +%define with_tests 0 + Name: mingw32-openssl Version: 0.9.8g Release: 1%{?dist} @@ -53,6 +59,7 @@ Patch100: mingw32-openssl-0.9.8g-header-files.patch Patch101: mingw32-openssl-0.9.8g-configure.patch Patch102: mingw32-openssl-0.9.8g-shared.patch Patch103: mingw32-openssl-0.9.8g-global.patch +Patch104: mingw32-openssl-0.9.8g-sfx.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -71,9 +78,13 @@ BuildRequires: sed BuildRequires: /usr/bin/cmp BuildRequires: /usr/bin/rename -# Required to run the tests. +# Required both to build, and to run the tests. BuildRequires: wine + +%if %{with_tests} +# Required to run the tests. BuildRequires: xorg-x11-server-Xvfb +%endif #Requires: ca-certificates >= 2008-5 Requires: pkgconfig @@ -122,6 +133,7 @@ This package contains Windows (MinGW) libraries and development tools. %patch101 -p1 -b .mingw-configure %patch102 -p1 -b .mingw-shared %patch103 -p1 -b .mingw-global +%patch104 -p1 -b .mingw-sfx # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -142,6 +154,7 @@ export PATH=.:$PATH # NB: 'no-hw' is vital. MinGW cannot build the hardware drivers # and if you don't have this you'll get an obscure link error. ./Configure \ + --prefix=%{_mingw32_prefix} \ --openssldir=%{_mingw32_sysconfdir}/pki/tls \ zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \ no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa no-hw shared \ @@ -153,6 +166,7 @@ make depend make all build-shared make rehash build-shared +%if %{with_tests} #---------------------------------------------------------------------- # Run some tests. I don't know why this isn't in a %-check section # but this is how it is in the native RPM. @@ -199,6 +213,9 @@ make LDCMD=%{_mingw32_cc} -C test apps tests # #./openssl-thread-test --threads %{thread_test_threads} +#---------------------------------------------------------------------- +%endif + # Patch33 must be patched after tests otherwise they will fail patch -p1 -b -z .ca-dir < %{PATCH33} @@ -210,11 +227,28 @@ fi %install rm -rf $RPM_BUILD_ROOT -exit 1 -make DESTDIR=$RPM_BUILD_ROOT install +mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir} +mkdir -p $RPM_BUILD_ROOT%{_mingw32_libdir}/openssl +mkdir -p $RPM_BUILD_ROOT%{_mingw32_bindir} +mkdir -p $RPM_BUILD_ROOT%{_mingw32_includedir} +mkdir -p $RPM_BUILD_ROOT%{_mingw32_mandir} +make INSTALL_PREFIX=$RPM_BUILD_ROOT install build-shared + +# Install the actual DLLs. +install libcrypto-7.dll $RPM_BUILD_ROOT%{_mingw32_bindir} +install libssl-7.dll $RPM_BUILD_ROOT%{_mingw32_bindir} # Remove static libraries but DON'T remove *.dll.a files. -rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libfoo.a +rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.a +rm $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.a + +# I have no idea why it installs the manpages in /etc, but +# we remove them anyway. +rm -r $RPM_BUILD_ROOT%{_mingw32_sysconfdir}/pki/tls/man + +# Set permissions on lib*.dll.a so that strip works. +chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libcrypto.dll.a +chmod 0755 $RPM_BUILD_ROOT%{_mingw32_libdir}/libssl.dll.a %clean @@ -223,11 +257,18 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) -%{_mingw32_bindir}/foo.dll -%{_mingw32_libdir}/foo.dll.a -# etc. +%{_mingw32_bindir}/openssl.exe +%{_mingw32_bindir}/c_rehash +%{_mingw32_bindir}/libcrypto-7.dll +%{_mingw32_bindir}/libssl-7.dll +%{_mingw32_libdir}/libcrypto.dll.a +%{_mingw32_libdir}/libssl.dll.a +%{_mingw32_libdir}/engines +%{_mingw32_libdir}/pkgconfig/*.pc +%{_mingw32_includedir}/openssl +%config(noreplace) %{_mingw32_sysconfdir}/pki %changelog -* Wed Sep 24 2008 Your Name - 1.2.3-1 +* Tue Sep 30 2008 Richard W.M. Jones - 0.9.8g-1 - Initial RPM release. -- 1.8.3.1