From acc23d168ba4c554f1fca96aa20ba3ba818bbc99 Mon Sep 17 00:00:00 2001
From: B Stack <bgstack15@gmail.com>
Date: Wed, 18 Sep 2019 16:09:02 -0400
Subject: bump to openssl 1.1.1c-6.fc30

   * document the changes better
   * revert manual changes to patch files and do it in the spec
---
 openssl-freefilesync/stackrpms-openssl.spec.diff | 114 +++++++++++++++++++++++
 1 file changed, 114 insertions(+)
 create mode 100644 openssl-freefilesync/stackrpms-openssl.spec.diff

(limited to 'openssl-freefilesync/stackrpms-openssl.spec.diff')

diff --git a/openssl-freefilesync/stackrpms-openssl.spec.diff b/openssl-freefilesync/stackrpms-openssl.spec.diff
new file mode 100644
index 0000000..c4e5903
--- /dev/null
+++ b/openssl-freefilesync/stackrpms-openssl.spec.diff
@@ -0,0 +1,114 @@
+--- /usr/src/openssl/1.1.1c-6.fc30/openssl.spec	2019-09-06 11:21:33.000000000 -0400
++++ /home/bgstack15/dev/stackrpms/openssl-freefilesync/openssl.spec	2019-09-18 15:58:41.948260665 -0400
+@@ -13,6 +13,10 @@
+ #                        depends on build configuration options)
+ %define soversion 1.1
+ 
++# for openssl-freefilesync
++%define fullname openssl-freefilesync
++%define shortname openssl
++
+ # Arches on which we need to prevent arch conflicts on opensslconf.h, must
+ # also be handled in opensslconf-new.h.
+ %define multilib_arches %{ix86} ia64 %{mips} ppc ppc64 s390 s390x sparcv9 sparc64 x86_64
+@@ -20,9 +24,11 @@
+ %global _performance_build 1
+ 
+ Summary: Utilities from the general purpose cryptography library with TLS implementation
+-Name: openssl
++# for openssl-freefilesync
++Name: %{fullname}
+ Version: 1.1.1c
+-Release: 6%{?dist}
++# for openssl-freefilesync
++Release: 6.stack%{?dist}
+ Epoch: 1
+ # We have to remove certain patented algorithms from the openssl source
+ # tarball with the hobble-openssl script which is included below.
+@@ -91,8 +97,9 @@
+ %package libs
+ Summary: A general purpose cryptography library with TLS implementation
+ Requires: ca-certificates >= 2008-5
+-Requires: crypto-policies >= 20180730
+-Recommends: openssl-pkcs11%{?_isa}
++# for openssl-freefilesync
++#Requires: crypto-policies >= 20180730
++#Recommends: openssl-pkcs11%{?_isa}
+ Provides: openssl-fips = %{epoch}:%{version}-%{release}
+ 
+ %description libs
+@@ -131,7 +138,8 @@
+ from other formats to the formats used by the OpenSSL toolkit.
+ 
+ %prep
+-%setup -q -n %{name}-%{version}
++# for openssl-freefilesync
++%setup -q -n %{shortname}-%{version}
+ 
+ # The hobble_openssl is called here redundantly, just to be sure.
+ # The tarball has already the sources removed.
+@@ -162,6 +170,8 @@
+ %patch46 -p1 -b .seclevel
+ %patch47 -p1 -b .ts-sha256-default
+ %patch48 -p1 -b .fips-post-rand
++# for openssl-freefilesync
++sed -i -r -e '/sys\/random\.h/s@sys/random\.h@/usr/include/linux/random.h@;' crypto/rand/rand_unix.c
+ %patch49 -p1 -b .evp-kdf
+ %patch50 -p1 -b .ssh-kdf
+ %patch51 -p1 -b .upstream-sync
+@@ -234,7 +244,8 @@
+ # marked as not requiring an executable stack.
+ # Also add -DPURIFY to make using valgrind with openssl easier as we do not
+ # want to depend on the uninitialized memory as a source of entropy anyway.
+-RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DPURIFY $RPM_LD_FLAGS"
++# for openssl-freefilesync
++RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY $RPM_LD_FLAGS"
+ 
+ export HASHBANGPERL=/usr/bin/perl
+ 
+@@ -355,11 +366,12 @@
+ 
+ # Ensure the config file timestamps are identical across builds to avoid
+ # mulitlib conflicts and unnecessary renames on upgrade
+-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf
+-touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf
++# for openssl-freefilesync
++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf%{version}
++touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
+ 
+-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf.dist
+-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf.dist
++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf{,.dist}
++rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf{,.dist}
+ 
+ # Determine which arch opensslconf.h is going to try to #include.
+ basearch=%{_arch}
+@@ -417,8 +429,9 @@
+ %dir %{_sysconfdir}/pki/tls/certs
+ %dir %{_sysconfdir}/pki/tls/misc
+ %dir %{_sysconfdir}/pki/tls/private
+-%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
+-%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf
++# for openssl-freefilesync
++%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf%{version}
++%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf%{version}
+ %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version}
+ %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion}
+ %attr(0755,root,root) %{_libdir}/libssl.so.%{version}
+@@ -451,9 +464,15 @@
+ %dir %{_sysconfdir}/pki/CA/crl
+ %dir %{_sysconfdir}/pki/CA/newcerts
+ 
+-%ldconfig_scriptlets libs
++# for openssl-freefilesync
++%post libs -p /sbin/ldconfig
++
++%postun libs -p /sbin/ldconfig
+ 
+ %changelog
++* Wed Sep 18 2019 B Stack <bgstack15@gmail.com> 1.1.1c-6.stack
++- rebuild for el7 for freefilesync
++
+ * Fri Sep  6 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-6
+ - upstream fix for status request extension non-compliance (#1737471)
+ 
-- 
cgit 


From 74ca7b3b81e83d94a19caabb76c73fe3b4c635f3 Mon Sep 17 00:00:00 2001
From: B Stack <bgstack15@gmail.com>
Date: Thu, 19 Sep 2019 09:56:17 -0400
Subject: publish the diff

---
 openssl-freefilesync/stackrpms-openssl.spec.diff | 31 +++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

(limited to 'openssl-freefilesync/stackrpms-openssl.spec.diff')

diff --git a/openssl-freefilesync/stackrpms-openssl.spec.diff b/openssl-freefilesync/stackrpms-openssl.spec.diff
index c4e5903..8a7c9c2 100644
--- a/openssl-freefilesync/stackrpms-openssl.spec.diff
+++ b/openssl-freefilesync/stackrpms-openssl.spec.diff
@@ -1,5 +1,5 @@
 --- /usr/src/openssl/1.1.1c-6.fc30/openssl.spec	2019-09-06 11:21:33.000000000 -0400
-+++ /home/bgstack15/dev/stackrpms/openssl-freefilesync/openssl.spec	2019-09-18 15:58:41.948260665 -0400
++++ /usr/src/openssl/1.1.1c-6.stack/openssl.spec	2019-09-19 09:13:41.214594699 -0400
 @@ -13,6 +13,10 @@
  #                        depends on build configuration options)
  %define soversion 1.1
@@ -83,7 +83,32 @@
  
  # Determine which arch opensslconf.h is going to try to #include.
  basearch=%{_arch}
-@@ -417,8 +429,9 @@
+@@ -394,13 +406,23 @@
+ LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
+ export LD_LIBRARY_PATH
+ 
++# for openssl-freefilesync
++pushd ${RPM_BUILD_ROOT}%{_mandir}
++for word in $( find . ! -type d -print ) ;
++do
++   mv "${word}" "${word}-111c"
++done
++popd
++mv ${RPM_BUILD_ROOT}%{_bindir}/openssl{,-111c}
++
+ %files
+ %{!?_licensedir:%global license %%doc}
+ %license LICENSE
+ %doc FAQ NEWS README README.FIPS
+ %{_bindir}/make-dummy-cert
+ %{_bindir}/renew-dummy-cert
+-%{_bindir}/openssl
++# for openssl-freefilesync
++%{_bindir}/openssl-111c
+ %{_mandir}/man1*/*
+ %{_mandir}/man5*/*
+ %{_mandir}/man7*/*
+@@ -417,8 +439,9 @@
  %dir %{_sysconfdir}/pki/tls/certs
  %dir %{_sysconfdir}/pki/tls/misc
  %dir %{_sysconfdir}/pki/tls/private
@@ -95,7 +120,7 @@
  %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version}
  %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion}
  %attr(0755,root,root) %{_libdir}/libssl.so.%{version}
-@@ -451,9 +464,15 @@
+@@ -451,9 +474,15 @@
  %dir %{_sysconfdir}/pki/CA/crl
  %dir %{_sysconfdir}/pki/CA/newcerts
  
-- 
cgit