PKGBUILD


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

# Maintainer: Jorge Pizarro-Callejas <jpizarrocallejas@gmail.com>

pkgname=lib32-openssl-1.0
_ver=1.0.2u
# use a pacman compatible version scheme
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
#pkgver=$_ver
pkgrel=3
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
arch=('x86_64')
url='https://www.openssl.org'
license=('custom:BSD')
depends=('lib32-glibc' 'openssl-1.0')
makedepends=('diffutils'
             'gcc'
             'make'
             'patch'
             'perl')
optdepends=('ca-certificates')
options=('!makeflags')
source=("https://www.openssl.org/source/openssl-${_ver}.tar.gz"
        "https://www.openssl.org/source/openssl-${_ver}.tar.gz.asc"
        'no-rpath.patch'
        'ssl3-test-failure.patch'
        'openssl-1.0-versioned-symbols.patch'
        'nist-explicit-inline.patch'
        'updated-test-certs.patch')
sha256sums=('ecd0c6ffb493dd06707d38b14bb4d8c2288bb7033735606569d8f90f89669d16'
            'SKIP'
            '754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c'
            'c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13'
            '353a84e4c92e36c379ebd9216b8f8fb9c271396583561eb84ac8c825979acaa6'
            'fe5e678556ce723dbc480ddf851b795eca645003b28ae947b446f311e65b2294'
            '45d79d419a9f2380c91b04f1eb6ffe6ab42bf1f9b46a26a1446a15ac84907cf9')
validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
              '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C')

prepare() {
	cd "$srcdir/openssl-$_ver"

	# remove rpath: http://bugs.archlinux.org/task/14367
	patch -p0 -i "$srcdir/no-rpath.patch"

	# disable a test that fails when ssl3 is disabled
	patch -p1 -i "$srcdir/ssl3-test-failure.patch"

	# add symbol versioning to prevent conflicts with openssl 1.1 symbols (Debian)
	patch -p1 -i "$srcdir"/openssl-1.0-versioned-symbols.patch

	# fix NIST curve errors when building with newer clang versions
	patch -p1 -i "$srcdir/nist-explicit-inline.patch"

	# fix tests failing because of expired certificates
	patch -p1 -i "$srcdir/updated-test-certs.patch"
}

build() {
	cd "$srcdir/openssl-$_ver"

    export CC="gcc -m32"
    export CXX="g++ -m32"
    export PKG_CONFIG_PATH="/usr/lib32/pkgconfig"

	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib32/openssl-1.0 \
		shared no-ssl3-method linux-elf \
		"-Wa,--noexecstack -Wno-unused-command-line-argument ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"

	make MAKEDEPPROG="${CC}" depend
	make
}

package() {
	cd "$srcdir/openssl-$_ver"

	make INSTALL_PREFIX="$pkgdir" install_sw
    rm -rf "$pkgdir"/{etc,usr/{include,bin}}

	# Move some files around
	mv "$pkgdir/usr/lib32/openssl-1.0/libcrypto.so.1.0.0" "$pkgdir/usr/lib32/"
	mv "$pkgdir/usr/lib32/openssl-1.0/libssl.so.1.0.0" "$pkgdir/usr/lib32/"
	ln -sf ../libssl.so.1.0.0 "$pkgdir/usr/lib32/openssl-1.0/libssl.so"
        ln -sf ../libcrypto.so.1.0.0 "$pkgdir/usr/lib32/openssl-1.0/libcrypto.so"

	# Update includedir in .pc files
	sed -e 's|/include$|/include/openssl-1.0|' -i "$pkgdir"/usr/lib32/openssl-1.0/pkgconfig/*.pc

	rm -rf "$pkgdir"/{etc,usr/bin/c_rehash}

	install -D -m644 LICENSE "$pkgdir/usr/share/licenses/${pkgname}/LICENSE"
}