Hi!
I've adopted openssl as the security layer for my VPN solution, namely a
modified stunnel (http://mike.daewoo.com.pl/computer/stunnel/) that does
PPP over SSL. The RPM freak I am, I've created a fresh .spec file from
the old SSLeay RPM I had, and I've updated a couple of paths in openssl
to be consistent and practical ;-)
I hope I'm not late and someone else has done the same in the
meantime... anyway, it works.
Thanks for this great piece of software!
Dirk
--
/\ Dirk O. Siebnich /\
\/ mailto:[EMAIL PROTECTED] http://pages.vossnet.de/dok \/
Summary: Secure Sockets Layer communications libs & utils
Name: openssl
Version: 0.9.3a
Release: 2
Source: openssl-%{version}.tar.gz
Patch: openssl.path.patch
URL: http://www.openssl.org
Copyright: OpenSSL License
Packager: Dirk O. Siebnich <[EMAIL PROTECTED]>
Group: Libraries
Provides: SSL
BuildRoot: /var/tmp/%{name}-%{version}-root
%description
A C library that provides various cryptographic algorithms and protocols,
including DES, RC4, RSA, and SSL. Includes shared libraries and utils.
%package devel
Summary: Secure Sockets Layer communications static libs & headers & utils
Group: Development/Libraries
Requires: openssl
%description devel
A C library that provides various cryptographic algorithms and protocols,
including DES, RC4, RSA, and SSL. Includes Static libraries and headers for
development.
%prep
%setup
%patch -p1 -b .path
%build
# !!! import settings !!!
# 'no-idea' in USA, Europe, Japan, where Ascom Systec Ltd. holds patents
# 'rsaref' in USA
./Configure --prefix=/usr --openssldir=/var/openssl no-idea linux-elf
make linux-shared
make
LD_LIBRARY_PATH=`pwd` make test
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/usr/bin
mkdir -p $RPM_BUILD_ROOT/usr/include/openssl
mkdir -p $RPM_BUILD_ROOT/usr/lib
mkdir -p $RPM_BUILD_ROOT/var/openssl
make INSTALL_PREFIX=$RPM_BUILD_ROOT install
strip $RPM_BUILD_ROOT/usr/bin/openssl
cp -d libssl.so* libcrypto.so* $RPM_BUILD_ROOT/usr/lib
#RSAglue is for inside the US
install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib
sed -f 's/\(^dir[ ]*= \)\.\/\(localCA\) /\1\/var\/openssl\/\2/' \
$RPM_BUILD_ROOT/var/openssl/openssl.cnf \
> $RPM_BUILD_ROOT/var/openssl/openssl.cnf.new &&
mv $RPM_BUILD_ROOT/var/openssl/openssl.cnf.new \
$RPM_BUILD_ROOT/var/openssl/openssl.cnf
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%doc CHANGES CHANGES.SSLeay LICENSE INSTALL NEWS README doc
/usr/bin/*
/usr/lib/libssl.so.*
/usr/lib/libcrypto.so.*
%dir /var/openssl
%config /var/openssl/openssl.cnf
%dir /var/openssl/certs
%dir /var/openssl/misc
%attr(700,root,root) %dir /var/openssl/private
%dir /var/openssl/localCA
%dir /var/openssl/localCA/certs
%dir /var/openssl/localCA/crl
%dir /var/openssl/localCA/newcerts
%attr(700,root,root) %dir /var/openssl/localCA/private
%files devel
%defattr(-,root,root)
/usr/include/openssl
/usr/lib/libssl.so
/usr/lib/libcrypto.so
/usr/lib/libcrypto.a
/usr/lib/libssl.a
#RSAglue is for inside the US
/usr/lib/libRSAglue.a
%post
ldconfig
%postun
ldconfig
%changelog
* Sun Jun 06 1999 Dirk O. Siebnich <[EMAIL PROTECTED]>
- adapted from SSLeay RPM .spec file
--- openssl-0.9.3a/apps/CA.pl.orig Thu May 20 04:09:46 1999
+++ openssl-0.9.3a/apps/CA.pl Fri Jun 11 22:35:53 1999
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes
@@ -34,7 +34,7 @@
# [EMAIL PROTECTED]
# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
+# localCA ... where everything is stored
$DAYS="-days 365";
$REQ="openssl req $SSLEAY_CONFIG";
@@ -42,7 +42,7 @@
$VERIFY="openssl verify";
$X509="openssl x509";
-$CATOP="./demoCA";
+$CATOP="./localCA";
$CAKEY="cakey.pem";
$CACERT="cacert.pem";
--- openssl-0.9.3a/apps/CA.sh.orig Sat Jan 2 17:02:24 1999
+++ openssl-0.9.3a/apps/CA.sh Fri Jun 11 22:35:53 1999
@@ -28,7 +28,7 @@
#
# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
+# localCA ... where everything is stored
DAYS="-days 365"
REQ="openssl req $SSLEAY_CONFIG"
@@ -36,7 +36,7 @@
VERIFY="openssl verify"
X509="openssl x509"
-CATOP=./demoCA
+CATOP=./localCA
CAKEY=./cakey.pem
CACERT=./cacert.pem
--- openssl-0.9.3a/apps/openssl.cnf.orig Thu May 20 01:54:57 1999
+++ openssl-0.9.3a/apps/openssl.cnf Fri Jun 11 22:35:53 1999
@@ -29,7 +29,7 @@
####################################################################
[ CA_default ]
-dir = ./demoCA # Where everything is kept
+dir = ./localCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
--- openssl-0.9.3a/apps/tkca.orig Mon Dec 21 11:52:42 1998
+++ openssl-0.9.3a/apps/tkca Fri Jun 11 22:35:53 1999
@@ -27,7 +27,7 @@
my $l=$ff->Button(-text => "Generate CRL");
$l->pack(-fill => 'x', -ipady => 5);
-my($db)=&load_db("demoCA/index.txt");
+my($db)=&load_db("localCA/index.txt");
MainLoop;
--- openssl-0.9.3a/apps/openssl-vms.cnf.orig Sun May 23 14:36:10 1999
+++ openssl-0.9.3a/apps/openssl-vms.cnf Fri Jun 11 22:35:53 1999
@@ -29,7 +29,7 @@
####################################################################
[ CA_default ]
-dir = sys\$disk:[.demoCA # Where everything is kept
+dir = sys\$disk:[.localCA # Where everything is kept
certs = $dir.certs] # Where the issued certs are kept
crl_dir = $dir.crl] # Where the issued crl are kept
database = $dir]index.txt # database index file.
--- openssl-0.9.3a/apps/CA.com.orig Thu May 13 13:36:26 1999
+++ openssl-0.9.3a/apps/CA.com Fri Jun 11 22:35:53 1999
@@ -26,7 +26,7 @@
$!
$!
$! default ssleay.cnf file has setup as per the following
-$! demoCA ... where everything is stored
+$! localCA ... where everything is stored
$
$ IF F$TYPE(SSLEAY_CONFIG) .EQS. "" THEN SSLEAY_CONFIG := SSLLIB:SSLEAY.CNF
$
@@ -38,7 +38,7 @@
$ echo = "write sys$Output"
$!
$ s = F$PARSE(F$ENVIRONMENT("DEFAULT"),"[]") - "].;"
-$ CATOP := 's'.demoCA
+$ CATOP := 's'.localCA
$ CAKEY := ]cakey.pem
$ CACERT := ]cacert.pem
$
--- openssl-0.9.3a/doc/ssleay.txt.orig Wed Feb 10 09:26:05 1999
+++ openssl-0.9.3a/doc/ssleay.txt Fri Jun 11 22:35:53 1999
@@ -4534,7 +4534,7 @@
rm -f "$FILE".*
HOME=`pwd`; export HOME # as ssleay.cnf insists on having such an env var
-cd /usr/local/ssl #where demoCA (as named in ssleay.conf) is located
+cd /usr/local/ssl #where localCA (as named in ssleay.conf) is located
postit2 -s " " -i 0x0d > "$FILE".inp # process the FORM vars
@@ -4567,7 +4567,7 @@
}' > "$FILE".pem < "$FILE".inp
ssleay ca -batch -in "$FILE".pem -key passwd -out "$FILE".out
-ssleay crl2pkcs7 -certfile "$FILE".out -out "$FILE".pkcs7 -in demoCA/crl.pem
+ssleay crl2pkcs7 -certfile "$FILE".out -out "$FILE".pkcs7 -in localCA/crl.pem
sed s/template_for_sessId/$SESSION_ID/ <ms-enroll2a.html >"$FILE".cert
/usr/local/bin/gawk \
--- openssl-0.9.3a/rsaref/Makefile.ssl.orig Sun May 23 14:38:00 1999
+++ openssl-0.9.3a/rsaref/Makefile.ssl Fri Jun 11 22:35:53 1999
@@ -53,11 +53,11 @@
install:
-# @for i in $(EXHEADER) ; \
-# do \
-# (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-# chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-# done;
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
tags:
ctags $(SRC)
--- openssl-0.9.3a/test/test.cnf.orig Mon Dec 21 11:52:43 1998
+++ openssl-0.9.3a/test/test.cnf Fri Jun 11 22:35:53 1999
@@ -12,7 +12,7 @@
####################################################################
[ CA_default ]
-dir = ./demoCA # Where everything is kept
+dir = ./localCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
--- openssl-0.9.3a/test/testca.orig Sat Jan 2 20:01:40 1999
+++ openssl-0.9.3a/test/testca Fri Jun 11 22:35:53 1999
@@ -7,7 +7,7 @@
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
-/bin/rm -fr demoCA
+/bin/rm -fr localCA
$SH ../apps/CA.sh -newca <<EOF
EOF
@@ -39,6 +39,6 @@
exit 1;
fi
-/bin/rm -fr demoCA newcert.pem newreq.pem
+/bin/rm -fr localCA newcert.pem newreq.pem
#usage: CA -newcert|-newreq|-newca|-sign|-verify
--- openssl-0.9.3a/test/testca.com.orig Thu May 13 13:37:31 1999
+++ openssl-0.9.3a/test/testca.com Fri Jun 11 22:35:53 1999
@@ -9,11 +9,11 @@
$ SSLEAY_CONFIG="-config ""CAss.cnf"""
$
$ set noon
-$ if f$search("demoCA.dir") .nes. ""
+$ if f$search("localCA.dir") .nes. ""
$ then
-$ call deltree [.demoCA]*.*
-$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
-$ delete demoCA.dir;*
+$ call deltree [.localCA]*.*
+$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) localCA.dir;*
+$ delete localCA.dir;*
$ endif
$ set on
$ open/read sys$ca_input VMSca-response.1
@@ -38,9 +38,9 @@
$ if $severity .ne. 1 then exit 3
$
$ set noon
-$ call deltree [.demoCA]*.*
-$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
-$ delete demoCA.dir;*,newcert.pem;*,newreq.pem;*
+$ call deltree [.localCA]*.*
+$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) localCA.dir;*
+$ delete localCA.dir;*,newcert.pem;*,newreq.pem;*
$ set on
$! #usage: CA -newcert|-newreq|-newca|-sign|-verify
$
--- openssl-0.9.3a/Makefile.org.orig Sun May 23 14:36:09 1999
+++ openssl-0.9.3a/Makefile.org Fri Jun 11 22:35:53 1999
@@ -317,7 +317,11 @@
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/misc 2>/dev/null
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/certs 2>/dev/null
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/private 2>/dev/null
- @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/lib 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/certs 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/crl 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/newcerts 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/private 2>/dev/null
@for i in $(EXHEADER) ;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
--- openssl-0.9.3a/Makefile.ssl.orig Sat May 29 16:17:07 1999
+++ openssl-0.9.3a/Makefile.ssl Fri Jun 11 22:36:17 1999
@@ -317,7 +317,12 @@
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/misc 2>/dev/null
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/certs 2>/dev/null
@-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/private 2>/dev/null
- @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/lib 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/certs 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/crl 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/newcerts 2>/dev/null
+ @-mkdir -p $(INSTALL_PREFIX)$(OPENSSLDIR)/localCA/private 2>/dev/null
+
@for i in $(EXHEADER) ;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
S/MIME Cryptographic Signature
