%define install_prefix /opt/openssl3 %define soversion 3 Name: openssl3 Epoch: 1 Version: 3.0.9 Release: 1 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay URL: https://www.openssl.org/ Source0: https://www.openssl.org/source/openssl-%{version}.tar.gz Source1: Makefile.certificate Patch1: openssl-3.0-build.patch Patch2: Backport-aarch64-support-BTI-and-pointer-authentication-in-as.patch Patch3: Backport-SM3-acceleration-with-SM3-hardware-instruction-on-aa.patch Patch4: Backport-Fix-sm3ss1-translation-issue-in-sm3-armv8.pl.patch Patch5: Backport-providers-Add-SM4-GCM-implementation.patch Patch6: Backport-SM4-optimization-for-ARM-by-HW-instruction.patch Patch7: Backport-Further-acceleration-for-SM4-GCM-on-ARM.patch Patch8: Backport-SM4-optimization-for-ARM-by-ASIMD.patch Patch9: Backport-providers-Add-SM4-XTS-implementation.patch Patch10: Backport-Fix-SM4-CBC-regression-on-Armv8.patch Patch11: Backport-Fix-SM4-test-failures-on-big-endian-ARM-processors.patch Patch12: Backport-Apply-SM4-optimization-patch-to-Kunpeng-920.patch Patch13: Backport-SM4-AESE-optimization-for-ARMv8.patch Patch14: Backport-Fix-SM4-XTS-build-failure-on-Mac-mini-M1.patch Patch15: backport-Add-testcases-for-empty-associated-data-entries-with.patch Patch16: backport-Do-not-ignore-empty-associated-data-with-AES-SIV-mod.patch Patch17: backport-Add-a-test-for-CVE-2023-3446.patch Patch18: backport-Fix-DH_check-excessive-time-with-over-sized-modulus.patch Patch19: backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch Patch20: backport-DH_check-Do-not-try-checking-q-properties-if-it-is-o.patch Patch21: backport-dhtest.c-Add-test-of-DH_check-with-q-p-1.patch Patch22: Backport-support-decode-SM2-parameters.patch Patch23: Feature-support-SM2-CMS-signature.patch Patch24: Feature-use-default-id-if-SM2-id-is-not-set.patch Patch25: backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch BuildRequires: gcc gcc-c++ perl make lksctp-tools-devel coreutils util-linux zlib-devel Requires: coreutils %description OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. %prep %autosetup -n openssl-%{version} -p1 %build sslarch=%{_os}-%{_target_cpu} %ifarch i686 sslarch=linux-elf %endif %ifarch riscv64 sslarch=%{_os}64-%{_target_cpu} %endif %ifarch x86_64 aarch64 sslflags=enable-ec_nistp_64_gcc_128 %endif RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DPURIFY $RPM_LD_FLAGS" ./Configure \ --prefix=%{install_prefix} -Wl,-rpath,%{install_prefix}/lib ${sslflags} \ zlib enable-camellia enable-seed enable-rfc3779 \ enable-cms enable-md2 enable-rc5 ${ktlsopt} enable-fips\ no-mdc2 no-ec2m enable-sm2 enable-sm4 enable-buildtest-c++\ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""' \ -Wl,--allow-multiple-definition %make_build all %install # Install OpenSSL. #install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir},%{_libdir}/openssl,%{_pkgdocdir}} %make_install rm -f %{buildroot}%{install_prefix}{/bin/c_rehash,/ssl/misc/tsget*,/ssl/misc/*.pl} export QA_RPATHS=$(( 0x0002 )) %check %make_build test %files %license LICENSE.txt %{install_prefix} %changelog * Mon Oct 02 2023 Funda Wang - 3.0.9-1 - Try install into /opt