Accepting request 485219 from Base:System

- Remove O3 from optflags, no need to not rely on distro wide settings - Remove conditions for sle10 and sle11, we care only about sle12+ - USE SUSE instead of SuSE in readme - Pass over with spec-cleaner (forwarded request 485192 from scarabeus_iv) OBS-URL: https://build.opensuse.org/request/show/485219 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=137
2017-04-11 07:29:32 +00:00 · 2017-04-11 07:29:32 +00:00 · 491c541700
commit 491c541700
parent de4d1be4ab
3 changed files with 68 additions and 91 deletions
--- a/README.SUSE
+++ b/README.SUSE
@ -6,4 +6,4 @@ documentation or sample C programs.
 The C header files and static libraries have also been extracted, they
 can now be found in the openssl-devel package.

-Your SuSE Team.
+Your SUSE Team.
--- a/openssl.changes
+++ b/openssl.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Apr  4 11:41:40 UTC 2017 - tchvatal@suse.com
+
+- Remove O3 from optflags, no need to not rely on distro wide settings
+- Remove conditions for sle10 and sle11, we care only about sle12+
+- USE SUSE instead of SuSE in readme
+- Pass over with spec-cleaner
+
 -------------------------------------------------------------------
 Thu Feb  2 15:19:15 UTC 2017 - vcizek@suse.com

--- a/openssl.spec
+++ b/openssl.spec
@ -16,19 +16,10 @@
 #


-Name:           openssl
-BuildRequires:  bc
-BuildRequires:  ed
-BuildRequires:  pkg-config
-BuildRequires:  zlib-devel
 %define ssletcdir %{_sysconfdir}/ssl
 #%define num_version %(echo "%{version}" | sed -e "s+[a-zA-Z]++g; s+_.*++g")
 %define num_version 1.0.0
-Provides:       ssl
-# bug437293
-%ifarch ppc64
-Obsoletes:      openssl-64bit
-%endif
+Name:           openssl
 Version:        1.0.2k
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
@ -36,21 +27,19 @@ License:        OpenSSL
 Group:          Productivity/Networking/Security
 Url:            https://www.openssl.org/
 Source:         https://www.%{name}.org/source/%{name}-%{version}.tar.gz
-Source42:       https://www.%{name}.org/source/%{name}-%{version}.tar.gz.asc
-# https://www.openssl.org/about/
-# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/%name.keyring
-Source43:       %name.keyring
 # to get mtime of file:
 Source1:        openssl.changes
 Source2:        baselibs.conf
 Source10:       README.SUSE
 Source11:       README-FIPS.txt
+Source42:       https://www.%{name}.org/source/%{name}-%{version}.tar.gz.asc
+# https://www.openssl.org/about/
+# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/%name.keyring
+Source43:       %{name}.keyring
 Patch0:         merge_from_0.9.8k.patch
 Patch1:         openssl-1.0.0-c_rehash-compat.diff
 Patch2:         bug610223.patch
-%if 0%{?suse_version} >= 1120
 Patch3:         openssl-ocloexec.patch
-%endif
 Patch4:         openssl-1.0.2a-padlock64.patch
 # PATCH-FIX-UPSTREAM http://rt.openssl.org/Ticket/Attachment/WithHeaders/20049
 Patch5:         openssl-fix-pod-syntax.diff
@ -84,11 +73,14 @@ Patch56:        openssl-fips-selftests_in_nonfips_mode.patch
 Patch57:        openssl-fips-fix-odd-rsakeybits.patch
 Patch58:        openssl-fips-clearerror.patch
 Patch59:        openssl-fips-dont-fall-back-to-default-digest.patch
-
 Patch61:        openssl-fipslocking.patch
 Patch62:        openssl-print_notice-NULL_crash.patch
 Patch63:        openssl-randfile_fread_interrupt.patch
-
+BuildRequires:  bc
+BuildRequires:  ed
+BuildRequires:  pkgconfig
+BuildRequires:  pkgconfig(zlib)
+Provides:       ssl
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
@ -112,11 +104,6 @@ Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL
 Group:          Productivity/Networking/Security
 Recommends:     ca-certificates-mozilla
-# bug437293
-%ifarch ppc64
-Obsoletes:      openssl-64bit
-%endif
-#

 %description -n libopenssl1_0_0
 The OpenSSL Project is a collaborative effort to develop a robust,
@ -138,16 +125,11 @@ and to use it for commercial and noncommercial purposes.
 Summary:        Include Files and Libraries mandatory for Development
 License:        OpenSSL
 Group:          Development/Libraries/C and C++
-Obsoletes:      openssl-devel < %{version}
-Requires:       %name = %version
+Requires:       %{name} = %{version}
 Requires:       libopenssl1_0_0 = %{version}
-Requires:       zlib-devel
+Requires:       pkgconfig(zlib)
+Obsoletes:      openssl-devel < %{version}
 Provides:       openssl-devel = %{version}
-# bug437293
-%ifarch ppc64
-Obsoletes:      openssl-devel-64bit
-%endif
-#

 %description -n libopenssl-devel
 This package contains all necessary include files and libraries needed
@ -167,16 +149,14 @@ possible without the HMAC hashes contained in this package!
 Summary:        Additional Package Documentation
 License:        OpenSSL
 Group:          Productivity/Networking/Security
-%if 0%{?suse_version} >= 1140
 BuildArch:      noarch
-%endif

 %description doc
 This package contains optional documentation provided in addition to
 this package's base documentation.

 %prep
-%setup -q 
+%setup -q
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
@ -211,23 +191,21 @@ this package's base documentation.
 %patch61 -p1
 %patch62 -p1
 %patch63 -p1
-%if 0%{?suse_version} >= 1120
 %patch3
-%endif
 %patch8 -p1
 %patch14 -p1
-cp -p %{S:10} .
-cp -p %{S:11} .
+cp -p %{SOURCE10} .
+cp -p %{SOURCE11} .
 echo "adding/overwriting some entries in the 'table' hash in Configure"
 # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags
 export DSO_SCHEME='dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::'
-cat <<EOF_ED | ed -s Configure 
+cat <<EOF_ED | ed -s Configure
 /^);
 -
 i
 #
 # local configuration added from specfile
-# ... MOST of those are now correct in openssl's Configure already, 
+# ... MOST of those are now correct in openssl's Configure already,
 # so only add them for new ports!
 #
 #config-string,  $cc:$cflags:$unistd:$thread_cflag:$sys_id:$lflags:$bn_ops:$cpuid_obj:$bn_obj:$des_obj:$aes_obj:$bf_obj:$md5_obj:$sha1_obj:$cast_obj:$rc4_obj:$rmd160_obj:$rc5_obj:$wp_obj:$cmll_obj:$dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags:$multilib
@ -247,11 +225,11 @@ i
 wq
 EOF_ED
 # fix ENGINESDIR path
-sed -i 's,/lib/engines,/%_lib/engines,' Configure
+sed -i 's,/lib/engines,/%{_lib}/engines,' Configure

 %build

-%if 0%{suse_version} >= 1230
+%if 0%{?suse_version} >= 1230
 find -type f -name "*.c" -exec sed -i -e "s@getenv@secure_getenv@g" {} +
 %endif

@ -265,23 +243,19 @@ export MACHINE=armv6l
 #
 config_flags="threads shared no-rc5 no-idea \
 fips \
-%if 0%{suse_version} > 1310
 no-ssl2 \
 no-ssl3 \
 enable-rfc3779 \
-%endif
 %ifarch x86_64 aarch64 ppc64le
-%if 0%{?suse_version} < 1010 || 0%{?suse_version} > 1020
 enable-ec_nistp_64_gcc_128 \
 %endif
-%endif
 enable-camellia \
 zlib \
 no-ec2m \
 --prefix=%{_prefix} \
 --libdir=%{_lib} \
 --openssldir=%{ssletcdir} \
-$RPM_OPT_FLAGS -O3 -std=gnu99 \
+%{optflags} -std=gnu99 \
 -Wa,--noexecstack \
 -Wl,-z,relro,-z,now \
 -fno-common \
@ -321,7 +295,7 @@ $(getconf LFS_CFLAGS) \

 	# Record mtime of changes file instead of build time to make build-compare work
 	make PERL=perl -C crypto buildinf.h
-	CHANGES=`stat --format="%y" %SOURCE1`
+	CHANGES=`stat --format="%{y}" %{SOURCE1}`
 	cat crypto/buildinf.h
 	sed -i -e "s|#define DATE .*|#define DATE \"built on: $CHANGES\"|" crypto/buildinf.h
 	cat crypto/buildinf.h
@ -337,35 +311,34 @@ crypto/fips/fips_standalone_hmac libssl.so.1.0.0 > .libssl.so.1.0.0.hmac
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 LD_LIBRARY_PATH=`pwd` make test FIPSCANLIB=""
-	%ifnarch armv4l
-	LD_LIBRARY_PATH=`pwd` make test
-	%endif
+%ifnarch armv4l
+LD_LIBRARY_PATH=`pwd` make test
+%endif
 #%endif
 # show settings
-make TABLE
-echo $RPM_OPT_FLAGS
+make %{?_smp_mflags} TABLE
+echo %{optflags}
 eval $(egrep PLATFORM='[[:alnum:]]' Makefile)
-grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE 
+grep -B1 -A22 "^\*\*\* $PLATFORM$" TABLE

 %install
-rm -rf $RPM_BUILD_ROOT
-make MANDIR=%{_mandir} INSTALL_PREFIX=$RPM_BUILD_ROOT install
-cp -a crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT/usr/bin/fips_standalone_hmac
-ln -sf ./%{name} $RPM_BUILD_ROOT/%{_includedir}/ssl
-mkdir $RPM_BUILD_ROOT/%{_datadir}/ssl
-mv $RPM_BUILD_ROOT/%{ssletcdir}/misc $RPM_BUILD_ROOT/%{_datadir}/ssl/
+make MANDIR=%{_mandir} INSTALL_PREFIX=%{buildroot} install
+cp -a crypto/fips/fips_standalone_hmac %{buildroot}%{_bindir}/fips_standalone_hmac
+ln -sf ./%{name} %{buildroot}/%{_includedir}/ssl
+mkdir %{buildroot}/%{_datadir}/ssl
+mv %{buildroot}/%{ssletcdir}/misc %{buildroot}/%{_datadir}/ssl/
 # ln -s %{ssletcdir}/private 	$RPM_BUILD_ROOT/%{_datadir}/ssl/private
 # ln -s %{ssletcdir}/openssl.cnf 	$RPM_BUILD_ROOT/%{_datadir}/ssl/openssl.cnf
 #

 # avoid file conflicts with man pages from other packages
 #
-pushd $RPM_BUILD_ROOT/%{_mandir}
+pushd %{buildroot}/%{_mandir}
 # some man pages now contain spaces. This makes several scripts go havoc, among them /usr/sbin/Check.
 # replace spaces by underscores
 #for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done
 which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) }
-for i in man?/*; do 
+for i in man?/*; do
 	if test -L $i ; then
 	    LDEST=`readlink $i`
 	    rm -f $i ${i}ssl
@ -377,7 +350,7 @@ for i in man?/*; do
 	    *.1)
 		# these are the pages mentioned in openssl(1). They go into the main package.
 		echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist;;
-	    *)	
+	    *)
 		# the rest goes into the openssl-doc package.
 		echo %doc %{_mandir}/${i}ssl.gz >> $OLDPWD/filelist.doc;;
 	esac
@ -386,11 +359,11 @@ popd
 #
 # check wether some shared library has been installed
 #
-ls -l $RPM_BUILD_ROOT%{_libdir}
-test -f $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version}
-test -f $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version}
-test -L $RPM_BUILD_ROOT%{_libdir}/libssl.so
-test -L $RPM_BUILD_ROOT%{_libdir}/libcrypto.so
+ls -l %{buildroot}%{_libdir}
+test -f %{buildroot}%{_libdir}/libssl.so.%{num_version}
+test -f %{buildroot}%{_libdir}/libcrypto.so.%{num_version}
+test -L %{buildroot}%{_libdir}/libssl.so
+test -L %{buildroot}%{_libdir}/libcrypto.so
 #
 # see what we've got
 #
@ -414,14 +387,14 @@ SSL_METHOD *meth;
    sc = (meth->get_cipher)(i);
    if (!sc) break;
    k = SSL_CIPHER_get_bits(sc, &j);
-    printf("%s\n", sc->name);
+    printf("%{s}\n", sc->name);
  }
  return 0;
 };
 EOF
-gcc $RPM_OPT_FLAGS -I${RPM_BUILD_ROOT}%{_includedir} -c showciphers.c
-gcc -o showciphers showciphers.o -L${RPM_BUILD_ROOT}%{_libdir} -lssl -lcrypto
-LD_LIBRARY_PATH=${RPM_BUILD_ROOT}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true
+gcc %{optflags} -I%{buildroot}%{_includedir} -c showciphers.c
+gcc -o showciphers showciphers.o -L%{buildroot}%{_libdir} -lssl -lcrypto
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers > AVAILABLE_CIPHERS || true
 cat AVAILABLE_CIPHERS
 # Do not install demo scripts executable under /usr/share/doc
 find demos -type f -perm /111 -exec chmod 644 {} \;
@ -439,22 +412,22 @@ find demos -type f -perm /111 -exec chmod 644 {} \;
 #   openssl dgst -sha256 -hmac 'ppaksykemnsecgtsttplmamstKMEs'
 %{expand:%%global __os_install_post {%__os_install_post

-$RPM_BUILD_ROOT/usr/bin/fips_standalone_hmac \
-  $RPM_BUILD_ROOT/%{_lib}/libssl.so.%{num_version} > \
-    $RPM_BUILD_ROOT/%{_lib}/.libssl.so.%{num_version}.hmac
+%{buildroot}%{_bindir}/fips_standalone_hmac \
+  %{buildroot}/%{_lib}/libssl.so.%{num_version} > \
+    %{buildroot}/%{_lib}/.libssl.so.%{num_version}.hmac

-$RPM_BUILD_ROOT/usr/bin/fips_standalone_hmac \
-  $RPM_BUILD_ROOT/%{_lib}/libcrypto.so.%{num_version} > \
-    $RPM_BUILD_ROOT/%{_lib}/.libcrypto.so.%{num_version}.hmac
+%{buildroot}%{_bindir}/fips_standalone_hmac \
+  %{buildroot}/%{_lib}/libcrypto.so.%{num_version} > \
+    %{buildroot}/%{_lib}/.libcrypto.so.%{num_version}.hmac

 }}

 #process openssllib
-mkdir $RPM_BUILD_ROOT/%{_lib}
-mv $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
-mv $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{num_version} $RPM_BUILD_ROOT/%{_lib}/
-mv $RPM_BUILD_ROOT%{_libdir}/engines $RPM_BUILD_ROOT/%{_lib}/
-cd $RPM_BUILD_ROOT%{_libdir}/
+mkdir %{buildroot}/%{_lib}
+mv %{buildroot}%{_libdir}/libssl.so.%{num_version} %{buildroot}/%{_lib}/
+mv %{buildroot}%{_libdir}/libcrypto.so.%{num_version} %{buildroot}/%{_lib}/
+mv %{buildroot}%{_libdir}/engines %{buildroot}/%{_lib}/
+cd %{buildroot}%{_libdir}/
 ln -sf /%{_lib}/libssl.so.%{num_version} ./libssl.so
 ln -sf /%{_lib}/libcrypto.so.%{num_version} ./libcrypto.so

@ -466,11 +439,7 @@ done
 rm %{buildroot}/%{_lib}/engines/libpadlock.so
 %endif

-%clean
-if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi
-
 %post -n libopenssl1_0_0 -p /sbin/ldconfig
-
 %postun -n libopenssl1_0_0 -p /sbin/ldconfig

 %files -n libopenssl1_0_0
@ -492,9 +461,9 @@ if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi
 %exclude %{_libdir}/libssl.a
 %{_libdir}/libssl.so
 %{_libdir}/libcrypto.so
-%_libdir/pkgconfig/libcrypto.pc
-%_libdir/pkgconfig/libssl.pc
-%_libdir/pkgconfig/openssl.pc
+%{_libdir}/pkgconfig/libcrypto.pc
+%{_libdir}/pkgconfig/libssl.pc
+%{_libdir}/pkgconfig/openssl.pc

 %files doc -f filelist.doc
 %defattr(-, root, root)