diff options
| author | Felix Golatofski | 2020-01-06 19:35:29 +0100 |
|---|---|---|
| committer | Felix Golatofski | 2020-01-06 19:35:29 +0100 |
| commit | 7e117fb9c16f3aef6c437f80f0043dca2c5c1bee (patch) | |
| tree | 216ca51ed7c0b418a9f5b60a82221b20c8af1a1d | |
| parent | c0a7a66d6cee663a8b2d21dfb72c6409c0a5f9e3 (diff) | |
| download | aur-7e117fb9c16f3aef6c437f80f0043dca2c5c1bee.tar.gz | |
Updated to 1.1.1d
| -rw-r--r-- | .SRCINFO | 18 | ||||
| -rw-r--r-- | PKGBUILD | 42 | ||||
| -rw-r--r-- | ca-dir.patch | 46 | ||||
| -rw-r--r-- | no-rpath.patch | 11 | ||||
| -rw-r--r-- | ssl3-test-failure.patch | 26 |
5 files changed, 46 insertions, 97 deletions
@@ -1,6 +1,6 @@ pkgbase = openssl-purify pkgdesc = The Open Source toolkit for Secure Sockets Layer and Transport Layer Security compiled with PURIFY flag - pkgver = 1.0.2.k + pkgver = 1.1.1.d pkgrel = 1 url = https://www.openssl.org arch = i686 @@ -10,19 +10,15 @@ pkgbase = openssl-purify optdepends = ca-certificates provides = openssl conflicts = openssl - options = !makeflags backup = etc/ssl/openssl.cnf - source = https://www.openssl.org/source/openssl-1.0.2k.tar.gz - source = https://www.openssl.org/source/openssl-1.0.2k.tar.gz.asc - source = no-rpath.patch - source = ssl3-test-failure.patch + source = https://www.openssl.org/source/openssl-1.1.1d.tar.gz + source = https://www.openssl.org/source/openssl-1.1.1d.tar.gz.asc source = ca-dir.patch validpgpkeys = 8657ABB260F056B1E5190839D9C4D26D0E604491 - md5sums = 96322138f0b69e61b7212bc53d5e912b - md5sums = SKIP - md5sums = dc78d3d06baffc16217519242ce92478 - md5sums = 62fc492252edd3283871632bb77fadbe - md5sums = 3bf51be3a1bbd262be46dc619f92aa90 + validpgpkeys = 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C + sha256sums = 1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2 + sha256sums = SKIP + sha256sums = 0938c8d68110768db4f350a7ec641070686904f2fe7ba630ac94399d7dc8cc5e pkgname = openssl-purify @@ -1,7 +1,10 @@ +# Based on openssl 1.1.1d PKGBUILD # Maintainer: Karel Kočí <cynerd@email.cz> +# Maintainer: Felix Golatofski <contact@xdfr.de> +_basename=openssl pkgname=openssl-purify -_ver=1.0.2k +_ver=1.1.1d # use a pacman compatible version scheme pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} pkgrel=1 @@ -10,38 +13,27 @@ arch=('i686' 'x86_64') url='https://www.openssl.org' license=('custom:BSD') depends=('perl') -conflicts=('openssl') -provides=('openssl') optdepends=('ca-certificates') -options=('!makeflags') backup=('etc/ssl/openssl.cnf') -source=("https://www.openssl.org/source/openssl-${_ver}.tar.gz" - "https://www.openssl.org/source/openssl-${_ver}.tar.gz.asc" - 'no-rpath.patch' - 'ssl3-test-failure.patch' +source=("https://www.openssl.org/source/${_basename}-${_ver}.tar.gz"{,.asc} 'ca-dir.patch') -md5sums=('96322138f0b69e61b7212bc53d5e912b' - 'SKIP' - 'dc78d3d06baffc16217519242ce92478' - '62fc492252edd3283871632bb77fadbe' - '3bf51be3a1bbd262be46dc619f92aa90') -validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491') +sha256sums=('1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2' + 'SKIP' + '0938c8d68110768db4f350a7ec641070686904f2fe7ba630ac94399d7dc8cc5e') +validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491' + '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C') +provides=('openssl') +conflicts=('openssl') prepare() { - cd $srcdir/openssl-$_ver - - # remove rpath: http://bugs.archlinux.org/task/14367 - patch -p0 -i $srcdir/no-rpath.patch - - # disable a test that fails when ssl3 is disabled - patch -p1 -i $srcdir/ssl3-test-failure.patch + cd $srcdir/$_basename-$_ver # set ca dir to /etc/ssl by default patch -p0 -i $srcdir/ca-dir.patch } build() { - cd $srcdir/openssl-$_ver + cd $srcdir/$_basename-$_ver if [ "${CARCH}" == 'x86_64' ]; then openssltarget='linux-x86_64' @@ -71,7 +63,7 @@ check() { } package() { - cd $srcdir/openssl-$_ver - make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install - install -D -m644 LICENSE $pkgdir/usr/share/licenses/openssl/LICENSE + cd $srcdir/$_basename-$_ver + make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs + install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE } diff --git a/ca-dir.patch b/ca-dir.patch index 41d1386d3d06..a1402435d711 100644 --- a/ca-dir.patch +++ b/ca-dir.patch @@ -1,28 +1,17 @@ ---- apps/CA.pl.in 2006-04-28 02:30:49.000000000 +0200 -+++ apps/CA.pl.in 2010-04-01 00:35:02.600553509 +0200 -@@ -53,7 +53,7 @@ - $X509="$openssl x509"; - $PKCS12="$openssl pkcs12"; +--- apps/CA.pl.in 2018-09-11 14:48:19.000000000 +0200 ++++ apps/CA.pl.in 2018-09-11 16:16:32.125629435 +0200 +@@ -33,7 +33,7 @@ + my $PKCS12 = "$openssl pkcs12"; --$CATOP="./demoCA"; -+$CATOP="/etc/ssl"; - $CAKEY="cakey.pem"; - $CAREQ="careq.pem"; - $CACERT="cacert.pem"; ---- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200 -+++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200 -@@ -68,7 +68,7 @@ - X509="$OPENSSL x509" - PKCS12="openssl pkcs12" - --if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi -+if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi - CAKEY=./cakey.pem - CAREQ=./careq.pem - CACERT=./cacert.pem ---- apps/openssl.cnf 2009-04-04 20:09:43.000000000 +0200 -+++ apps/openssl.cnf 2010-04-01 00:35:02.607220681 +0200 -@@ -39,7 +39,7 @@ + # default openssl.cnf file has setup as per the following +-my $CATOP = "./demoCA"; ++my $CATOP = "/etc/ssl"; + my $CAKEY = "cakey.pem"; + my $CAREQ = "careq.pem"; + my $CACERT = "cacert.pem"; +--- apps/openssl.cnf 2018-09-11 14:48:20.000000000 +0200 ++++ apps/openssl.cnf 2018-09-11 16:16:32.125629435 +0200 +@@ -43,7 +43,7 @@ #################################################################### [ CA_default ] @@ -31,3 +20,12 @@ certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. +@@ -327,7 +327,7 @@ + [ tsa_config1 ] + + # These are used by the TSA reply generation only. +-dir = ./demoCA # TSA root directory ++dir = /etc/ssl # TSA root directory + serial = $dir/tsaserial # The current serial number (mandatory) + crypto_device = builtin # OpenSSL engine to use for signing + signer_cert = $dir/tsacert.pem # The TSA signing certificate diff --git a/no-rpath.patch b/no-rpath.patch deleted file mode 100644 index ebd95e23d397..000000000000 --- a/no-rpath.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200 -+++ Makefile.shared 2005-11-16 22:35:37.000000000 +0100 -@@ -153,7 +153,7 @@ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" -+DO_GNU_APP=LDFLAGS="$(CFLAGS)" - - #This is rather special. It's a special target with which one can link - #applications without bothering with any features that have anything to diff --git a/ssl3-test-failure.patch b/ssl3-test-failure.patch deleted file mode 100644 index d161c3d4a593..000000000000 --- a/ssl3-test-failure.patch +++ /dev/null @@ -1,26 +0,0 @@ -From: Kurt Roeckx <kurt@roeckx.be> -Date: Sun, 6 Sep 2015 16:04:11 +0200 -Subject: Disable SSLv3 test in test suite - -When testing SSLv3 the test program returns 0 for skip. The test for weak DH -expects a failure, but gets success. - -It should probably be changed to return something other than 0 for a skipped -test. ---- - test/testssl | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/test/testssl b/test/testssl -index 747e4ba..1e4370b 100644 ---- a/test/testssl -+++ b/test/testssl -@@ -160,7 +160,7 @@ test_cipher() { - } - - echo "Testing ciphersuites" --for protocol in TLSv1.2 SSLv3; do -+for protocol in TLSv1.2; do - echo "Testing ciphersuites for $protocol" - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do - test_cipher $cipher $protocol |