blob: b5a2f6e9cdeef8ec95eeb6a4bc0520c84289a23c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
# $Id: PKGBUILD 199034 2013-11-07 14:18:31Z pierre $
# Maintainer: Pierre Schmitz <pierre@archlinux.de>
pkgname=openssl
_ver=1.0.1e
# use a pacman compatible version scheme
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
#pkgver=$_ver
pkgrel=5
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
arch=('i686' 'x86_64' 'mips64el')
url='https://www.openssl.org'
license=('custom:BSD')
depends=('perl')
optdepends=('ca-certificates')
options=('!makeflags')
backup=('etc/ssl/openssl.cnf')
source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
"https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
'no-rpath.patch'
'ca-dir.patch'
'openssl-1.0.1e-fix_pod_syntax-1.patch'
'openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch'
'openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch')
md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
'SKIP'
'dc78d3d06baffc16217519242ce92478'
'3bf51be3a1bbd262be46dc619f92aa90'
'88d3bef4bbdc640b0412315d8d347bdf'
'ae7848bb152b8834ceff30c8c480d422'
'c5cc62a47cef72f4e5ad119a88e97ae4')
prepare() {
cd $srcdir/$pkgname-$_ver
# remove rpath: http://bugs.archlinux.org/task/14367
patch -p0 -i $srcdir/no-rpath.patch
# set ca dir to /etc/ssl by default
patch -p0 -i $srcdir/ca-dir.patch
patch -p1 -i $srcdir/openssl-1.0.1e-fix_pod_syntax-1.patch
# OpenSSL 1.0.0k, 1.0.1.d, 1.0.1e fail handshake with DTLS1_BAD_VER
# http://rt.openssl.org/Ticket/Display.html?id=2984
patch -p1 -i $srcdir/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
# Communication problems with 1.0.1e
# http://rt.openssl.org/Ticket/Display.html?id=3002
patch -p1 -i $srcdir/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
}
build() {
cd $srcdir/$pkgname-$_ver
case "${CARCH}" in
'x86_64')
openssltarget='linux-x86_64'
optflags='enable-ec_nistp_64_gcc_128' ;;
'i686')
openssltarget='linux-elf' ;;
'mips64el')
openssltarget='linux-generic32' ;;
esac
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
shared zlib ${optflags} \
"${openssltarget}" \
-Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}"
make depend
make
}
check() {
cd $srcdir/$pkgname-$_ver
# the test fails due to missing write permissions in /etc/ssl
# revert this patch for make test
patch -p0 -R -i $srcdir/ca-dir.patch
make test
patch -p0 -i $srcdir/ca-dir.patch
}
package() {
cd $srcdir/$pkgname-$_ver
make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
}
|