[Madlug] Updating openssl from rpm

Matthew Callaway matt at kindjal.net
Tue Sep 25 20:30:23 CDT 2001


Included is an explanation of the problem with openssl, and following
that is my specfile for the openssl-0.9.6b RPM.  Get the source files
listed in the specfile, and build with "rpm -ba openssl.spec".

Problem: ldconfig doesn't make the proper symlinks in /usr/lib for
openssl

Solution:  Apps are compiled with an "soname" and a "real" name.
The so name is *.so.N, where N is incremented whenever the interface
changes.  The real name is the name of the real file with the code
in it.  In some cases, applications will depend upon an soname
that does not accurately reflect when the interface changes.  an
example of this is libssl (openssl).  libssl's interface changed
between 0.9.5 and 0.9.6, which are minor releases.  This means that the
soname is libssl.so.0.9.6, but many applications depend upon the
major release libssl.so.0, because you aren't supposed to change
interfaces between minor releases.  Thus, libssl tells ldconfig
that its soname is libssl.so.0.9.6, so no symlinks are made.  Thus, you
have to make them by hand.  To find out when this happens, run "strings"
on the libraries and grep for the soname to see what ldconfig is expecting.


# -------- cut --------------
%define libmaj 0
%define libmin 9
%define librel 6
%define librev b
Release: 1

%define openssldir /var/ssl

Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
Version: %{libmaj}.%{libmin}.%{librel}%{librev}
# this is the source package you need
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
Copyright: Freely distributable
Group: System Environment/Libraries
Provides: SSL
# Note that these libraries violate the standard naming scheme
# ldconfig will not correctly handle link creation.
Provides: libcrypto.so.0
Provides: libssl.so.0
URL: http://www.openssl.org/
BuildRoot:   /var/tmp/%{name}-%{version}-root

%description
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols as well as a full-strength general purpose cryptography library.
The project is managed by a worldwide community of volunteers that use the
Internet to communicate, plan, and develop the OpenSSL tookit and its related
documentation.

OpenSSL is based on the excellent SSLeay library developed from Eric A.
Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
Apache-style licence, which basically means that you are free to get and
use it for commercial and non-commercial purposes.

This package contains the base OpenSSL cryptography and SSL/TLS
libraries and tools.

%package devel
Summary: Secure Sockets Layer and cryptography static libraries and headers
Group: Development/Libraries
Requires: openssl
%description devel
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols as well as a full-strength general purpose cryptography library.
The project is managed by a worldwide community of volunteers that use the
Internet to communicate, plan, and develop the OpenSSL tookit and its related
documentation.

OpenSSL is based on the excellent SSLeay library developed from Eric A.
Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
Apache-style licence, which basically means that you are free to get and
use it for commercial and non-commercial purposes.

This package contains the the OpenSSL cryptography and SSL/TLS
static libraries and header files required when developing applications.

%package doc
Summary: OpenSSL miscellaneous files
Group: Documentation
Requires: openssl
%description doc
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols as well as a full-strength general purpose cryptography library.
The project is managed by a worldwide community of volunteers that use the
Internet to communicate, plan, and develop the OpenSSL tookit and its related
documentation.

OpenSSL is based on the excellent SSLeay library developed from Eric A.
Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
Apache-style licence, which basically means that you are free to get and
use it for commercial and non-commercial purposes.

This package contains the the OpenSSL cryptography and SSL/TLS extra
documentation and POD files from which the man pages were produced.

%prep

%setup -q

%build

%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr

perl util/perlpath.pl /usr/bin/perl

%ifarch i386 i486 i586 i686
./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-elf shared
%endif
%ifarch ppc
./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-ppc shared
%endif
%ifarch alpha
./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha shared
%endif
LD_LIBRARY_PATH=`pwd` make
LD_LIBRARY_PATH=`pwd` make rehash
LD_LIBRARY_PATH=`pwd` make test

%install
rm -rf $RPM_BUILD_ROOT
make MANDIR=/usr/man INSTALL_PREFIX="$RPM_BUILD_ROOT" install

# Rename manpages
for x in $RPM_BUILD_ROOT/usr/man/man*/*
	do mv ${x} ${x}ssl
done

# Install RSAref stuff
install -m644 rsaref/rsaref.h $RPM_BUILD_ROOT/usr/include/openssl
install -m644 libRSAglue.a $RPM_BUILD_ROOT/usr/lib

# Make backwards-compatibility symlink to ssleay
ln -s /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(0644,root,root,0755)
%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
%config %attr(0644,root,root) %{openssldir}/openssl.cnf

%attr(0755,root,root) /usr/bin/*
%attr(0755,root,root) /usr/lib/*.so*
%doc %attr(0644,root,root) /usr/man/man[157]/*

%dir %attr(0755,root,root) %{openssldir}/certs
%dir %attr(0755,root,root) %{openssldir}/lib
%dir %attr(0750,root,root) %{openssldir}/private
%attr(0755,root,root) %{openssldir}/misc/*
%dir %attr(0755,root,root) %{openssldir}/misc

%files devel
%defattr(0644,root,root,0755)
%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
%attr(0644,root,root) /usr/lib/*.a
%attr(0644,root,root) /usr/include/openssl/*
%attr(0644,root,root) /usr/man/man[3]/*

%files doc
%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
%doc doc

%post
# Symlinks will not be created correctly here
ldconfig

%postun
# Symlinks will not be created correctly here
ldconfig

%changelog
* Tue Jul 10 2001 Matthew Callaway <matt at kindjal.net>
  [ 0.9.6b-1 ]
- Newest version fixes several bugs.

* Tue Jun 12 2001 Matthew Callaway <matt at kindjal.net>
  [ 0.9.6a-4 ]
- marked manpages as %doc

* Tue May 22 2001 Matthew Callaway <matt at kindjal.net>
- Changed provides to be the libcrypto.so.0 name, not path

* Tue May 22 2001 Matthew Callaway <matt at kindjal.net>
- Added explicit Provides for symlinks created by ldconfig.
  This is a stupid hack to avoid a real problem.

* Thu Mar 22 2001 Richard Levitte <richard at levitte.org>
- Removed redundant subsection that re-installed libcrypto.a and libssl.a
  as well.
* Thu Mar 15 2001 Jeremiah Johnson <jjohnson at penguincomputing.com>
- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
  libssl.so.0.9.6.  As well as the subsection that created symlinks for
  these.  make install handles all this.
* Sat Oct 21 2000 Horms <horms at vergenet.net>
- Make sure symlinks are created by using -f flag to ln.
  Otherwise some .so libraries are copied rather than
  linked in the resulting binary RPM. This causes the package
  to be larger than neccessary and makes ldconfig complain.
* Fri Oct 13 2000 Horms <horms at vergenet.net>
- Make defattr is set for files in all packages so packages built as
  non-root will still be installed with files owned by root.
* Thu Sep 14 2000 Richard Levitte <richard at levitte.org>
- Changed to adapt to the new (supported) way of making shared libraries
- Installs all static libraries, not just libRSAglue.a
- Extra documents now end up in a separate document package
* Sun Feb 27 2000 Damien Miller <djm at mindrot.org>
- Merged patches to spec
- Updated to 0.9.5beta2 (now with manpages)
* Sat Feb  5 2000 Michal Jaegermann <michal at harddata.com>
- added 'linux-alpha' to configuration
- fixed nasty absolute links
* Tue Jan 25 2000 Bennett Todd <bet at rahul.net>
- Added -DSSL_ALLOW_ADH, bumped Release to 4
* Thu Oct 14 1999 Damien Miller <djm at mindrot.org>
- Set default permissions
- Removed documentation from devel sub-package
* Thu Sep 30 1999 Damien Miller <djm at mindrot.org>
- Added "make test" stage
- GPG signed
* Tue Sep 10 1999 Damien Miller <damien at ibs.com.au>
- Updated to version 0.9.4
* Tue May 25 1999 Damien Miller <damien at ibs.com.au>
- Updated to version 0.9.3
- Added attributes for all files
- Paramatised openssl directory
* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas at jmconsultores.com.pe>
- Added "official" bnrec patch and taking other out
- making a link from ssleay to openssl binary
- putting all changelog together on SPEC file
* Fri Mar  5 1999 Henri Gomez <gomez at slib.fr>
- Added bnrec patch
* Tue Dec 29 1998 Jonathan Ruano <kobalt at james.encomix.es>
- minimum spec and patches changes for openssl
- modified for openssl sources
* Sat Aug  8 1998 Khimenko Victor <khim at sch57.msk.ru>
- shared library creating process honours $RPM_OPT_FLAGS
- shared libarry supports threads (as well as static library)
* Wed Jul 22 1998 Khimenko Victor <khim at sch57.msk.ru>
- building of shared library completely reworked
* Tue Jul 21 1998 Khimenko Victor <khim at sch57.msk.ru>
- RPM is BuildRoot'ed
* Tue Feb 10 1998 Khimenko Victor <khim at sch57.msk.ru>
- all stuff is moved out of /usr/local




More information about the Madlug mailing list