openpkg-packages/cfssl/cfssl.spec

##
##  cfssl.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2021 OpenPKG Project <http://openpkg.org/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package version
%define       V_opkg  1.6.1
%define       V_dist  20211107

#   package information
Name:         cfssl
Summary:      CloudFlare PKI Toolkit
URL:          https://cfssl.org/
Vendor:       CloudFlare
Packager:     OpenPKG Project
Distribution: OpenPKG Community
Class:        EVAL
Group:        Networking
License:      MIT
Version:      %{V_opkg}.%{V_dist}
Release:      20211107

#   list of sources
Source0:      http://download.openpkg.org/components/versioned/cfssl/cfssl-%{V_dist}.tar.xz
Source1:      rc.cfssl
Source2:      ca.json
Source3:      cfssl-initca.sh
Patch0:       cfssl.patch

#   build information
BuildPreReq:  OpenPKG, openpkg >= 20160101, go
PreReq:       OpenPKG, openpkg >= 20160101
BuildPreReq:  libtool
PreReq:       libtool

%description
    CF-SSL is CloudFlare's SSL/TLS/X.509 swiss army knife. It is both a
    command line tool and an HTTP API server for signing, verifying, and
    bundling SSL/TLS X.509 certificates.

%track
    prog cfssl:release = {
        version   = %{V_opkg}
        url       = https://github.com/cloudflare/cfssl/releases
        regex     = (\d+\.\d+\.\d+)\.tar\.gz
    }
    prog cfssl:snapshot = {
        version   = %{V_dist}
        url       = http://download.openpkg.org/components/versioned/cfssl/
        regex     = cfssl-(__VER__)\.tar\.xz
    }

%prep
    %setup -q -n cfssl
    %patch -p0

%build
    #   patch paths
    %{l_shtool} subst \
        -e 's;/etc/cfssl/ca-bundle\.crt;%{l_prefix}/var/cfssl/dat/ca-bundle.crt;g' \
        -e 's;/etc/cfssl/ca-bundle.crt.metadata;%{l_prefix}/var/cfssl/dat/ca-bundle.crt.metadata;g' \
        -e 's;/etc/cfssl/int-bundle\.crt;%{l_prefix}/var/cfssl/dat/int-bundle.crt;g' \
        -e 's;/etc/cfssl/intermediates;%{l_prefix}/var/cfssl/dat/int.d;g' \
        src/github.com/cloudflare/cfssl/scan/broad.go \
        src/github.com/cloudflare/cfssl/cli/config.go

    #   prepare Go build environment
    export GOPATH=`pwd`

    #   build program
    cd src/github.com/cloudflare/cfssl
    go build -v -o cfssl             cmd/cfssl/cfssl.go
    go build -v -o cfssl-mkbundle    cmd/mkbundle/mkbundle.go
    go build -v -o cfssl-json        cmd/cfssljson/cfssljson.go
    go build -v -o cfssl-newkey      cmd/cfssl-newkey/cfssl-newkey.go
    go build -v -o cfssl-certinfo    cmd/cfssl-certinfo/cfssl-certinfo.go
    go build -v -o cfssl-scan        cmd/cfssl-scan/cfssl-scan.go
    go build -v -o cfssl-bundle      cmd/cfssl-bundle/cfssl-bundle.go
    go build -v -o cfssl-multirootca cmd/multirootca/*.go

%install
    #   create directory hierarchy
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/bin \
        $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/dat/int.d \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/run \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/log

    #   install program
    %{l_shtool} install -c -s -m 755 \
        src/github.com/cloudflare/cfssl/cfssl \
        src/github.com/cloudflare/cfssl/cfssl-mkbundle \
        src/github.com/cloudflare/cfssl/cfssl-json \
        src/github.com/cloudflare/cfssl/cfssl-newkey \
        src/github.com/cloudflare/cfssl/cfssl-certinfo \
        src/github.com/cloudflare/cfssl/cfssl-scan \
        src/github.com/cloudflare/cfssl/cfssl-bundle \
        src/github.com/cloudflare/cfssl/cfssl-multirootca \
        $RPM_BUILD_ROOT%{l_prefix}/bin/
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE cfssl-initca.sh} $RPM_BUILD_ROOT%{l_prefix}/bin/cfssl-initca

    #   install default configuration
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE ca.json} $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl/

    #   install run-command script
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.cfssl} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/cfssl/*' \
        '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*' \
        '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*/*'

%files -f files

%clean

%post
    #   on initial installation, generate CA crt/key pair
    if [ $1 -eq 1 ]; then
        ( echo "Generating initial CA RSA key and X.509 certificate files."
          echo "You can change the CA parameters by editing the file..."
          echo "    $RPM_INSTALL_PREFIX/etc/cfssl/ca.json"
          echo "...and then re-running the command:"
          echo "    su - %{l_rusr} -c \"$RPM_INSTALL_PREFIX/bin/cfssl-initca\""
        ) | %{l_rpmtool} msg -b -t notice
        su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/bin/cfssl-initca"
    fi

    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} cfssl status 2>/dev/null`
    [ ".$cfssl_active" = .yes ] && %{l_rc} cfssl restart
    exit 0

%preun
    #   before erase, stop service and remove log files
    [ $1 -eq 0 ] || exit 0
    %{l_rc} cfssl stop 2>/dev/null
    rm -rf $RPM_INSTALL_PREFIX/var/cfssl/log/* >/dev/null 2>&1 || true
    rm -rf $RPM_INSTALL_PREFIX/var/cfssl/run/* >/dev/null 2>&1 || true
    exit 0
new package 11 years ago			`##`
			`## cfssl.spec -- OpenPKG RPM Package Specification`
bump year in all copyright messages 5 years ago			`## Copyright (c) 2000-2021 OpenPKG Project <http://openpkg.org/>`
new package 11 years ago			`##`
			`## Permission to use, copy, modify, and distribute this software for`
			`## any purpose with or without fee is hereby granted, provided that`
			`## the above copyright notice and this permission notice appear in all`
			`## copies.`
			`##`
			## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
			`## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF`
			`## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.`
			`## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR`
			`## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,`
			`## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT`
			`## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF`
			`## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND`
			`## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,`
			`## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT`
			`## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`## SUCH DAMAGE.`
			`##`

			`# package version`
upgrading package: cfssl 1.6.0.20210829 -> 1.6.1.20210903 4 years ago			`%define V_opkg 1.6.1`
upgrading package: cfssl 1.6.1.20211009 -> 1.6.1.20211107 4 years ago			`%define V_dist 20211107`
new package 11 years ago
			`# package information`
			`Name: cfssl`
			`Summary: CloudFlare PKI Toolkit`
upgrading package: cfssl 20171018 -> 1.2.0.20171026 8 years ago			`URL: https://cfssl.org/`
new package 11 years ago			`Vendor: CloudFlare`
the OpenPKG Foundation e.V. is terminated and membership was officially assigned back to OpenPKG Project (represented by Ralf S. Engelschall) as of 2018-01-01 8 years ago			`Packager: OpenPKG Project`
new package 11 years ago			`Distribution: OpenPKG Community`
			`Class: EVAL`
fix Group header 9 years ago			`Group: Networking`
new package 11 years ago			`License: MIT`
upgrading package: cfssl 20171018 -> 1.2.0.20171026 8 years ago			`Version: %{V_opkg}.%{V_dist}`
upgrading package: cfssl 1.6.1.20211009 -> 1.6.1.20211107 4 years ago			`Release: 20211107`
new package 11 years ago
			`# list of sources`
upgrading package: cfssl 20141214 -> 20150114 11 years ago			`Source0: http://download.openpkg.org/components/versioned/cfssl/cfssl-%{V_dist}.tar.xz`
new package 11 years ago			`Source1: rc.cfssl`
			`Source2: ca.json`
			`Source3: cfssl-initca.sh`
			`Patch0: cfssl.patch`

			`# build information`
bump OpenPKG dependency to at least 20160101 for all packages now 10 years ago			`BuildPreReq: OpenPKG, openpkg >= 20160101, go`
			`PreReq: OpenPKG, openpkg >= 20160101`
upgrading package: cfssl 20150815 -> 20150821 10 years ago			`BuildPreReq: libtool`
			`PreReq: libtool`
new package 11 years ago
			`%description`
			`CF-SSL is CloudFlare's SSL/TLS/X.509 swiss army knife. It is both a`
			`command line tool and an HTTP API server for signing, verifying, and`
			`bundling SSL/TLS X.509 certificates.`

			`%track`
upgrading package: cfssl 20171018 -> 1.2.0.20171026 8 years ago			`prog cfssl:release = {`
			`version = %{V_opkg}`
			`url = https://github.com/cloudflare/cfssl/releases`
track release only 6 years ago			`regex = (\d+\.\d+\.\d+)\.tar\.gz`
upgrading package: cfssl 20171018 -> 1.2.0.20171026 8 years ago			`}`
			`prog cfssl:snapshot = {`
			`version = %{V_dist}`
new package 11 years ago			`url = http://download.openpkg.org/components/versioned/cfssl/`
update snapshot 11 years ago			`regex = cfssl-(__VER__)\.tar\.xz`
new package 11 years ago			`}`

			`%prep`
			`%setup -q -n cfssl`
			`%patch -p0`

			`%build`
			`# patch paths`
			`%{l_shtool} subst \`
			`-e 's;/etc/cfssl/ca-bundle\.crt;%{l_prefix}/var/cfssl/dat/ca-bundle.crt;g' \`
			`-e 's;/etc/cfssl/ca-bundle.crt.metadata;%{l_prefix}/var/cfssl/dat/ca-bundle.crt.metadata;g' \`
			`-e 's;/etc/cfssl/int-bundle\.crt;%{l_prefix}/var/cfssl/dat/int-bundle.crt;g' \`
			`-e 's;/etc/cfssl/intermediates;%{l_prefix}/var/cfssl/dat/int.d;g' \`
upgrading package: cfssl 20150718 -> 20150729 10 years ago			`src/github.com/cloudflare/cfssl/scan/broad.go \`
			`src/github.com/cloudflare/cfssl/cli/config.go`
new package 11 years ago
			`# prepare Go build environment`
upgrading package: cfssl 20141214 -> 20150114 11 years ago			export GOPATH=`pwd`
new package 11 years ago
			`# build program`
fix package 5 years ago			`cd src/github.com/cloudflare/cfssl`
			`go build -v -o cfssl cmd/cfssl/cfssl.go`
			`go build -v -o cfssl-mkbundle cmd/mkbundle/mkbundle.go`
			`go build -v -o cfssl-json cmd/cfssljson/cfssljson.go`
			`go build -v -o cfssl-newkey cmd/cfssl-newkey/cfssl-newkey.go`
			`go build -v -o cfssl-certinfo cmd/cfssl-certinfo/cfssl-certinfo.go`
			`go build -v -o cfssl-scan cmd/cfssl-scan/cfssl-scan.go`
			`go build -v -o cfssl-bundle cmd/cfssl-bundle/cfssl-bundle.go`
			`go build -v -o cfssl-multirootca cmd/multirootca/*.go`
new package 11 years ago
			`%install`
			`# create directory hierarchy`
			`%{l_shtool} mkdir -f -p -m 755 \`
			`$RPM_BUILD_ROOT%{l_prefix}/bin \`
			`$RPM_BUILD_ROOT%{l_prefix}/etc/cfssl \`
			`$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \`
			`$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/dat/int.d \`
			`$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/run \`
			`$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/log`

			`# install program`
			`%{l_shtool} install -c -s -m 755 \`
fix package 5 years ago			`src/github.com/cloudflare/cfssl/cfssl \`
			`src/github.com/cloudflare/cfssl/cfssl-mkbundle \`
			`src/github.com/cloudflare/cfssl/cfssl-json \`
			`src/github.com/cloudflare/cfssl/cfssl-newkey \`
			`src/github.com/cloudflare/cfssl/cfssl-certinfo \`
			`src/github.com/cloudflare/cfssl/cfssl-scan \`
			`src/github.com/cloudflare/cfssl/cfssl-bundle \`
			`src/github.com/cloudflare/cfssl/cfssl-multirootca \`
upgrading package: cfssl 20141214 -> 20150114 11 years ago			`$RPM_BUILD_ROOT%{l_prefix}/bin/`
new package 11 years ago			`%{l_shtool} install -c -m 755 %{l_value -s -a} \`
			`%{SOURCE cfssl-initca.sh} $RPM_BUILD_ROOT%{l_prefix}/bin/cfssl-initca`

			`# install default configuration`
			`%{l_shtool} install -c -m 644 %{l_value -s -a} \`
			`%{SOURCE ca.json} $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl/`

			`# install run-command script`
			`%{l_shtool} install -c -m 755 %{l_value -s -a} \`
			`%{SOURCE rc.cfssl} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/`

			`# determine installation files`
			`%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \`
			`%{l_files_std} \`
			`'%config %{l_prefix}/etc/cfssl/*' \`
			`'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*' \`
			`'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl//'`

			`%files -f files`

			`%clean`

			`%post`
			`# on initial installation, generate CA crt/key pair`
			`if [ $1 -eq 1 ]; then`
			`( echo "Generating initial CA RSA key and X.509 certificate files."`
			`echo "You can change the CA parameters by editing the file..."`
			`echo " $RPM_INSTALL_PREFIX/etc/cfssl/ca.json"`
			`echo "...and then re-running the command:"`
			`echo " su - %{l_rusr} -c \"$RPM_INSTALL_PREFIX/bin/cfssl-initca\""`
			`) \| %{l_rpmtool} msg -b -t notice`
			`su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/bin/cfssl-initca"`
			`fi`

			`# after upgrade, restart service`
			`[ $1 -eq 2 ] \|\| exit 0`
			eval `%{l_rc} cfssl status 2>/dev/null`
			`[ ".$cfssl_active" = .yes ] && %{l_rc} cfssl restart`
			`exit 0`

			`%preun`
			`# before erase, stop service and remove log files`
			`[ $1 -eq 0 ] \|\| exit 0`
			`%{l_rc} cfssl stop 2>/dev/null`
			`rm -rf $RPM_INSTALL_PREFIX/var/cfssl/log/* >/dev/null 2>&1 \|\| true`
			`rm -rf $RPM_INSTALL_PREFIX/var/cfssl/run/* >/dev/null 2>&1 \|\| true`
			`exit 0`