Date: Tuesday, August 14, 2018 @ 16:02:31 Author: pierre Revision: 331512
archrelease: copy trunk to testing-x86_64 Added: openssl/repos/testing-x86_64/ openssl/repos/testing-x86_64/PKGBUILD (from rev 331511, openssl/trunk/PKGBUILD) openssl/repos/testing-x86_64/ca-dir.patch (from rev 331511, openssl/trunk/ca-dir.patch) --------------+ PKGBUILD | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ca-dir.patch | 31 ++++++++++++++++++++++++++ 2 files changed, 97 insertions(+) Copied: openssl/repos/testing-x86_64/PKGBUILD (from rev 331511, openssl/trunk/PKGBUILD) =================================================================== --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2018-08-14 16:02:31 UTC (rev 331512) @@ -0,0 +1,66 @@ +# $Id$ +# Maintainer: Pierre Schmitz <pie...@archlinux.de> + +pkgname=openssl +_ver=1.1.0i +# use a pacman compatible version scheme +pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} +#pkgver=$_ver +pkgrel=1 +pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security' +arch=('x86_64') +url='https://www.openssl.org' +license=('custom:BSD') +depends=('perl') +optdepends=('ca-certificates') +backup=('etc/ssl/openssl.cnf') +source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz" + "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc" + 'ca-dir.patch') +sha256sums=('ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99' + 'SKIP' + '90c7411fed0157116f2df8f4be755aaf5a26e8484351b4e6a79492805d5f2790') +validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491') + +prepare() { + cd "$srcdir/$pkgname-$_ver" + + # set ca dir to /etc/ssl by default + patch -p0 -i "$srcdir/ca-dir.patch" +} + +build() { + cd "$srcdir/$pkgname-$_ver" + + if [ "${CARCH}" == 'x86_64' ]; then + openssltarget='linux-x86_64' + optflags='enable-ec_nistp_64_gcc_128' + elif [ "${CARCH}" == 'i686' ]; then + openssltarget='linux-elf' + optflags='' + fi + + # mark stack as non-executable: http://bugs.archlinux.org/task/12434 + ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ + shared no-ssl3-method ${optflags} \ + "${openssltarget}" \ + "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}" + + make depend + make +} + +check() { + cd "$srcdir/$pkgname-$_ver" + # the test fails due to missing write permissions in /etc/ssl + # revert this patch for make test + patch -p0 -R -i "$srcdir/ca-dir.patch" + make test + patch -p0 -i "$srcdir/ca-dir.patch" +} + +package() { + cd "$srcdir/$pkgname-$_ver" + make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs + install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE +} Copied: openssl/repos/testing-x86_64/ca-dir.patch (from rev 331511, openssl/trunk/ca-dir.patch) =================================================================== --- testing-x86_64/ca-dir.patch (rev 0) +++ testing-x86_64/ca-dir.patch 2018-08-14 16:02:31 UTC (rev 331512) @@ -0,0 +1,31 @@ +--- apps/CA.pl.in 2016-09-26 11:46:04.000000000 +0200 ++++ apps/CA.pl.in 2016-11-01 16:02:16.709616823 +0100 +@@ -33,7 +33,7 @@ + my $PKCS12 = "$openssl pkcs12"; + + # default openssl.cnf file has setup as per the following +-my $CATOP = "./demoCA"; ++my $CATOP = "/etc/ssl"; + my $CAKEY = "cakey.pem"; + my $CAREQ = "careq.pem"; + my $CACERT = "cacert.pem"; +--- apps/openssl.cnf 2016-09-26 11:46:04.000000000 +0200 ++++ apps/openssl.cnf 2016-11-01 16:02:48.378503427 +0100 +@@ -39,7 +39,7 @@ + #################################################################### + [ CA_default ] + +-dir = ./demoCA # Where everything is kept ++dir = /etc/ssl # Where everything is kept + certs = $dir/certs # Where the issued certs are kept + crl_dir = $dir/crl # Where the issued crl are kept + database = $dir/index.txt # database index file. +@@ -323,7 +323,7 @@ + [ tsa_config1 ] + + # These are used by the TSA reply generation only. +-dir = ./demoCA # TSA root directory ++dir = /etc/ssl # TSA root directory + serial = $dir/tsaserial # The current serial number (mandatory) + crypto_device = builtin # OpenSSL engine to use for signing + signer_cert = $dir/tsacert.pem # The TSA signing certificate