Commit fdbac13fb7e922631da117ccb4e62777496edb03
Exists in
master
and in
2 other branches
Merge branch 'update/openssl-1.0.1i' into 'master'
Update OpenSSL to 1.0.1i See merge request !178
Showing
2 changed files
with
160 additions
and
0 deletions
Show diff stats
CHANGELOG
| @@ -8,6 +8,7 @@ omnibus-gitlab repository. | @@ -8,6 +8,7 @@ omnibus-gitlab repository. | ||
| 8 | - Add openssl_verify_mode to SMTP email configuration (Dionysius Marquis) | 8 | - Add openssl_verify_mode to SMTP email configuration (Dionysius Marquis) |
| 9 | - Enable the 'ssh_host' field in gitlab.yml (Florent Baldino) | 9 | - Enable the 'ssh_host' field in gitlab.yml (Florent Baldino) |
| 10 | - Create git's home directory if necessary | 10 | - Create git's home directory if necessary |
| 11 | +- Update openssl to 1.0.1i | ||
| 11 | 12 | ||
| 12 | 7.1.0 | 13 | 7.1.0 |
| 13 | - Build: explicitly use .forward for sending notifications | 14 | - Build: explicitly use .forward for sending notifications |
| @@ -0,0 +1,159 @@ | @@ -0,0 +1,159 @@ | ||
| 1 | +# | ||
| 2 | +# Copyright 2012-2014 Chef Software, Inc. | ||
| 3 | +# | ||
| 4 | +# Licensed under the Apache License, Version 2.0 (the "License"); | ||
| 5 | +# you may not use this file except in compliance with the License. | ||
| 6 | +# You may obtain a copy of the License at | ||
| 7 | +# | ||
| 8 | +# http://www.apache.org/licenses/LICENSE-2.0 | ||
| 9 | +# | ||
| 10 | +# Unless required by applicable law or agreed to in writing, software | ||
| 11 | +# distributed under the License is distributed on an "AS IS" BASIS, | ||
| 12 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| 13 | +# See the License for the specific language governing permissions and | ||
| 14 | +# limitations under the License. | ||
| 15 | +# | ||
| 16 | + | ||
| 17 | +name "openssl" | ||
| 18 | + | ||
| 19 | +dependency "zlib" | ||
| 20 | +dependency "cacerts" | ||
| 21 | +dependency "libgcc" | ||
| 22 | +dependency "makedepend" | ||
| 23 | + | ||
| 24 | + | ||
| 25 | +if Ohai["platform"] == "aix" | ||
| 26 | + # XXX: OpenSSL has an open bug on 1.0.1e where it fails to install on AIX | ||
| 27 | + # http://rt.openssl.org/Ticket/Display.html?id=2986&user=guest&pass=guest | ||
| 28 | + default_version "1.0.1c" | ||
| 29 | + source url: "http://www.openssl.org/source/openssl-1.0.1c.tar.gz", | ||
| 30 | + md5: "ae412727c8c15b67880aef7bd2999b2e" | ||
| 31 | +else | ||
| 32 | + default_version "1.0.1i" | ||
| 33 | + source url: "http://www.openssl.org/source/openssl-1.0.1i.tar.gz", | ||
| 34 | + md5: "c8dc151a671b9b92ff3e4c118b174972" | ||
| 35 | +end | ||
| 36 | + | ||
| 37 | +relative_path "openssl-#{version}" | ||
| 38 | + | ||
| 39 | +build do | ||
| 40 | + patch :source => "openssl-1.0.1f-do-not-build-docs.patch" | ||
| 41 | + | ||
| 42 | + env = case Ohai["platform"] | ||
| 43 | + when "mac_os_x" | ||
| 44 | + { | ||
| 45 | + "CFLAGS" => "-arch x86_64 -m64 -L#{install_dir}/embedded/lib -I#{install_dir}/embedded/include -I#{install_dir}/embedded/include/ncurses", | ||
| 46 | + "LDFLAGS" => "-arch x86_64 -R#{install_dir}/embedded/lib -L#{install_dir}/embedded/lib -I#{install_dir}/embedded/include -I#{install_dir}/embedded/include/ncurses" | ||
| 47 | + } | ||
| 48 | + when "aix" | ||
| 49 | + { | ||
| 50 | + "CC" => "xlc -q64", | ||
| 51 | + "CXX" => "xlC -q64", | ||
| 52 | + "LD" => "ld -b64", | ||
| 53 | + "CFLAGS" => "-q64 -I#{install_dir}/embedded/include -O", | ||
| 54 | + "CXXFLAGS" => "-q64 -I#{install_dir}/embedded/include -O", | ||
| 55 | + "LDFLAGS" => "-q64 -L#{install_dir}/embedded/lib -Wl,-blibpath:#{install_dir}/embedded/lib:/usr/lib:/lib", | ||
| 56 | + "OBJECT_MODE" => "64", | ||
| 57 | + "AR" => "/usr/bin/ar", | ||
| 58 | + "ARFLAGS" => "-X64 cru", | ||
| 59 | + "M4" => "/opt/freeware/bin/m4", | ||
| 60 | + } | ||
| 61 | + when "solaris2" | ||
| 62 | + { | ||
| 63 | + "CFLAGS" => "-L#{install_dir}/embedded/lib -I#{install_dir}/embedded/include", | ||
| 64 | + "LDFLAGS" => "-R#{install_dir}/embedded/lib -L#{install_dir}/embedded/lib -I#{install_dir}/embedded/include -static-libgcc", | ||
| 65 | + "LD_OPTIONS" => "-R#{install_dir}/embedded/lib" | ||
| 66 | + } | ||
| 67 | + else | ||
| 68 | + { | ||
| 69 | + "CFLAGS" => "-I#{install_dir}/embedded/include", | ||
| 70 | + "LDFLAGS" => "-Wl,-rpath,#{install_dir}/embedded/lib -L#{install_dir}/embedded/lib" | ||
| 71 | + } | ||
| 72 | + end | ||
| 73 | + | ||
| 74 | + common_args = [ | ||
| 75 | + "--prefix=#{install_dir}/embedded", | ||
| 76 | + "--with-zlib-lib=#{install_dir}/embedded/lib", | ||
| 77 | + "--with-zlib-include=#{install_dir}/embedded/include", | ||
| 78 | + "no-idea", | ||
| 79 | + "no-mdc2", | ||
| 80 | + "no-rc5", | ||
| 81 | + "zlib", | ||
| 82 | + "shared", | ||
| 83 | + ].join(" ") | ||
| 84 | + | ||
| 85 | + configure_command = case Ohai["platform"] | ||
| 86 | + when "aix" | ||
| 87 | + ["perl", "./Configure", | ||
| 88 | + "aix64-cc", | ||
| 89 | + common_args, | ||
| 90 | + "-L#{install_dir}/embedded/lib", | ||
| 91 | + "-I#{install_dir}/embedded/include", | ||
| 92 | + "-Wl,-blibpath:#{install_dir}/embedded/lib:/usr/lib:/lib"].join(" ") | ||
| 93 | + when "mac_os_x" | ||
| 94 | + ["./Configure", | ||
| 95 | + "darwin64-x86_64-cc", | ||
| 96 | + common_args, | ||
| 97 | + ].join(" ") | ||
| 98 | + when "smartos" | ||
| 99 | + ["/bin/bash ./Configure", | ||
| 100 | + "solaris64-x86_64-gcc", | ||
| 101 | + common_args, | ||
| 102 | + "-L#{install_dir}/embedded/lib", | ||
| 103 | + "-I#{install_dir}/embedded/include", | ||
| 104 | + "-R#{install_dir}/embedded/lib", | ||
| 105 | + "-static-libgcc"].join(" ") | ||
| 106 | + when "solaris2" | ||
| 107 | + if Config.solaris_compiler == "gcc" | ||
| 108 | + if Ohai["kernel"]["machine"] =~ /sun/ | ||
| 109 | + ["/bin/sh ./Configure", | ||
| 110 | + "solaris-sparcv9-gcc", | ||
| 111 | + common_args, | ||
| 112 | + "-L#{install_dir}/embedded/lib", | ||
| 113 | + "-I#{install_dir}/embedded/include", | ||
| 114 | + "-R#{install_dir}/embedded/lib", | ||
| 115 | + "-static-libgcc"].join(" ") | ||
| 116 | + else | ||
| 117 | + # This should not require a /bin/sh, but without it we get | ||
| 118 | + # Errno::ENOEXEC: Exec format error | ||
| 119 | + ["/bin/sh ./Configure", | ||
| 120 | + "solaris-x86-gcc", | ||
| 121 | + common_args, | ||
| 122 | + "-L#{install_dir}/embedded/lib", | ||
| 123 | + "-I#{install_dir}/embedded/include", | ||
| 124 | + "-R#{install_dir}/embedded/lib", | ||
| 125 | + "-static-libgcc"].join(" ") | ||
| 126 | + end | ||
| 127 | + else | ||
| 128 | + raise "sorry, we don't support building openssl on non-gcc solaris builds right now." | ||
| 129 | + end | ||
| 130 | + else | ||
| 131 | + ["./config", | ||
| 132 | + common_args, | ||
| 133 | + "disable-gost", # fixes build on linux, but breaks solaris | ||
| 134 | + "-L#{install_dir}/embedded/lib", | ||
| 135 | + "-I#{install_dir}/embedded/include", | ||
| 136 | + "-Wl,-rpath,#{install_dir}/embedded/lib"].join(" ") | ||
| 137 | + end | ||
| 138 | + | ||
| 139 | + # openssl build process uses a `makedepend` tool that we build inside the bundle. | ||
| 140 | + env["PATH"] = "#{install_dir}/embedded/bin" + File::PATH_SEPARATOR + ENV["PATH"] | ||
| 141 | + | ||
| 142 | + # @todo: move into omnibus | ||
| 143 | + has_gmake = env['PATH'].split(File::PATH_SEPARATOR).any? do |path| | ||
| 144 | + File.executable?(File.join(path, 'gmake')) | ||
| 145 | + end | ||
| 146 | + | ||
| 147 | + if has_gmake | ||
| 148 | + env.merge!("MAKE" => "gmake") | ||
| 149 | + make_binary = "gmake" | ||
| 150 | + else | ||
| 151 | + make_binary = "make" | ||
| 152 | + end | ||
| 153 | + | ||
| 154 | + command configure_command, env: env | ||
| 155 | + command "#{make_binary} depend", env: env | ||
| 156 | + # make -j N on openssl is not reliable | ||
| 157 | + command "#{make_binary}", env: env | ||
| 158 | + command "#{make_binary} install", env: env | ||
| 159 | +end |