openpkg
/
openpkg-packages


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149
							##
##  cfssl.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2014 OpenPKG Foundation e.V. <http://openpkg.net/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package version
%define       V_opkg  20140929
%define       V_dist  20140929

#   package information
Name:         cfssl
Summary:      CloudFlare PKI Toolkit
URL:          https://github.com/cloudflare/cfssl
Vendor:       CloudFlare
Packager:     OpenPKG Foundation e.V.
Distribution: OpenPKG Community
Class:        EVAL
Group:        Network
License:      MIT
Version:      %{V_opkg}
Release:      20140929

#   list of sources
Source0:      http://download.openpkg.org/components/versioned/cfssl/cfssl-%{V_dist}.tar.gz
Source1:      rc.cfssl
Source2:      ca.json
Source3:      cfssl-initca.sh
Patch0:       cfssl.patch

#   build information
BuildPreReq:  OpenPKG, openpkg >= 20120101, go
PreReq:       OpenPKG, openpkg >= 20120101

%description
    CF-SSL is CloudFlare's SSL/TLS/X.509 swiss army knife. It is both a
    command line tool and an HTTP API server for signing, verifying, and
    bundling SSL/TLS X.509 certificates.

%track
    prog cfssl = {
        version   = %{version}
        url       = http://download.openpkg.org/components/versioned/cfssl/
        regex     = cfssl-(__VER__)\.tar\.gz
    }

%prep
    %setup -q -n cfssl
    %patch -p0

%build
    #   patch paths
    %{l_shtool} subst \
        -e 's;/etc/cfssl/ca-bundle\.crt;%{l_prefix}/var/cfssl/dat/ca-bundle.crt;g' \
        -e 's;/etc/cfssl/ca-bundle.crt.metadata;%{l_prefix}/var/cfssl/dat/ca-bundle.crt.metadata;g' \
        -e 's;/etc/cfssl/int-bundle\.crt;%{l_prefix}/var/cfssl/dat/int-bundle.crt;g' \
        -e 's;/etc/cfssl/intermediates;%{l_prefix}/var/cfssl/dat/int.d;g' \
        cfssl.go

    #   prepare Go build environment
    rm -rf gopath
    mkdir -p gopath/src/github.com/cloudflare
    ln -s ../../../.. gopath/src/github.com/cloudflare/cfssl
    export GOPATH=`pwd`/gopath

    #   build program
    go build -x
    go build -x -o cfssl-mkbundle mkbundle/mkbundle.go
    go build -x -o cfssl-json cfssljson/cfssljson.go

%install
    #   create directory hierarchy
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/bin \
        $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/dat/int.d \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/run \
        $RPM_BUILD_ROOT%{l_prefix}/var/cfssl/log

    #   install program
    %{l_shtool} install -c -s -m 755 \
        cfssl cfssl-mkbundle cfssl-json $RPM_BUILD_ROOT%{l_prefix}/bin/
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE cfssl-initca.sh} $RPM_BUILD_ROOT%{l_prefix}/bin/cfssl-initca

    #   install default configuration
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE ca.json} $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl/

    #   install run-command script
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.cfssl} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/cfssl/*' \
        '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*' \
        '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*/*'

%files -f files

%clean

%post
    #   on initial installation, generate CA crt/key pair
    if [ $1 -eq 1 ]; then
        ( echo "Generating initial CA RSA key and X.509 certificate files."
          echo "You can change the CA parameters by editing the file..."
          echo "    $RPM_INSTALL_PREFIX/etc/cfssl/ca.json"
          echo "...and then re-running the command:"
          echo "    su - %{l_rusr} -c \"$RPM_INSTALL_PREFIX/bin/cfssl-initca\""
        ) | %{l_rpmtool} msg -b -t notice
        su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/bin/cfssl-initca"
    fi

    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} cfssl status 2>/dev/null`
    [ ".$cfssl_active" = .yes ] && %{l_rc} cfssl restart
    exit 0

%preun
    #   before erase, stop service and remove log files
    [ $1 -eq 0 ] || exit 0
    %{l_rc} cfssl stop 2>/dev/null
    rm -rf $RPM_INSTALL_PREFIX/var/cfssl/log/* >/dev/null 2>&1 || true
    rm -rf $RPM_INSTALL_PREFIX/var/cfssl/run/* >/dev/null 2>&1 || true
    exit 0