openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84393 Commits
1 Branch
2 Tags
575 MiB
 
 
 
 
 
 
Tree: b1dc55e4ac
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b1dc55e4ac'
${ noResults }
openpkg-packages/cfssl/cfssl.spec

163 lines
6.2 KiB
Raw Blame History

##
## cfssl.spec -- OpenPKG RPM Package Specification
## Copyright (c) 2000-2020 OpenPKG Project <http://openpkg.org/>
##
## Permission to use, copy, modify, and distribute this software for
## any purpose with or without fee is hereby granted, provided that
## the above copyright notice and this permission notice appear in all
## copies.
##
## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
## SUCH DAMAGE.
##
# package version
%define V_opkg 1.4.1
%define V_dist 20191228
# package information
Name: cfssl
Summary: CloudFlare PKI Toolkit
URL: https://cfssl.org/
Vendor: CloudFlare
Packager: OpenPKG Project
Distribution: OpenPKG Community
Class: EVAL
Group: Networking
License: MIT
Version: %{V_opkg}.%{V_dist}
Release: 20191228
# list of sources
Source0: http://download.openpkg.org/components/versioned/cfssl/cfssl-%{V_dist}.tar.xz
Source1: rc.cfssl
Source2: ca.json
Source3: cfssl-initca.sh
Patch0: cfssl.patch
# build information
BuildPreReq: OpenPKG, openpkg >= 20160101, go
PreReq: OpenPKG, openpkg >= 20160101
BuildPreReq: libtool
PreReq: libtool
%description
CF-SSL is CloudFlare's SSL/TLS/X.509 swiss army knife. It is both a
command line tool and an HTTP API server for signing, verifying, and
bundling SSL/TLS X.509 certificates.
%track
prog cfssl:release = {
version = %{V_opkg}
url = https://github.com/cloudflare/cfssl/releases
regex = (\d+\.\d+\.\d+)\.tar\.gz
}
prog cfssl:snapshot = {
version = %{V_dist}
url = http://download.openpkg.org/components/versioned/cfssl/
regex = cfssl-(__VER__)\.tar\.xz
}
%prep
%setup -q -n cfssl
%patch -p0
%build
# patch paths
%{l_shtool} subst \
-e 's;/etc/cfssl/ca-bundle\.crt;%{l_prefix}/var/cfssl/dat/ca-bundle.crt;g' \
-e 's;/etc/cfssl/ca-bundle.crt.metadata;%{l_prefix}/var/cfssl/dat/ca-bundle.crt.metadata;g' \
-e 's;/etc/cfssl/int-bundle\.crt;%{l_prefix}/var/cfssl/dat/int-bundle.crt;g' \
-e 's;/etc/cfssl/intermediates;%{l_prefix}/var/cfssl/dat/int.d;g' \
src/github.com/cloudflare/cfssl/scan/broad.go \
src/github.com/cloudflare/cfssl/cli/config.go
# patch prefix
%{l_shtool} subst %{l_value -s -a} \
src/github.com/miekg/pkcs11/pkcs11.go
# prepare Go build environment
export GOPATH=`pwd`
# build program
go build -v -o cfssl src/github.com/cloudflare/cfssl/cmd/cfssl/cfssl.go
go build -v -o cfssl-mkbundle src/github.com/cloudflare/cfssl/cmd/mkbundle/mkbundle.go
go build -v -o cfssl-json src/github.com/cloudflare/cfssl/cmd/cfssljson/cfssljson.go
go build -v -o cfssl-newkey src/github.com/cloudflare/cfssl/cmd/cfssl-newkey/cfssl-newkey.go
go build -v -o cfssl-certinfo src/github.com/cloudflare/cfssl/cmd/cfssl-certinfo/cfssl-certinfo.go
go build -v -o cfssl-scan src/github.com/cloudflare/cfssl/cmd/cfssl-scan/cfssl-scan.go
go build -v -o cfssl-bundle src/github.com/cloudflare/cfssl/cmd/cfssl-bundle/cfssl-bundle.go
go build -v -o cfssl-multirootca src/github.com/cloudflare/cfssl/cmd/multirootca/*.go
%install
# create directory hierarchy
%{l_shtool} mkdir -f -p -m 755 \
$RPM_BUILD_ROOT%{l_prefix}/bin \
$RPM_BUILD_ROOT%{l_prefix}/etc/cfssl \
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/dat/int.d \
$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/run \
$RPM_BUILD_ROOT%{l_prefix}/var/cfssl/log
# install program
%{l_shtool} install -c -s -m 755 \
cfssl cfssl-mkbundle cfssl-json cfssl-newkey cfssl-certinfo cfssl-scan cfssl-bundle cfssl-multirootca \
$RPM_BUILD_ROOT%{l_prefix}/bin/
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE cfssl-initca.sh} $RPM_BUILD_ROOT%{l_prefix}/bin/cfssl-initca
# install default configuration
%{l_shtool} install -c -m 644 %{l_value -s -a} \
%{SOURCE ca.json} $RPM_BUILD_ROOT%{l_prefix}/etc/cfssl/
# install run-command script
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE rc.cfssl} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
# determine installation files
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
%{l_files_std} \
'%config %{l_prefix}/etc/cfssl/*' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/cfssl/*/*'
%files -f files
%clean
%post
# on initial installation, generate CA crt/key pair
if [ $1 -eq 1 ]; then
( echo "Generating initial CA RSA key and X.509 certificate files."
echo "You can change the CA parameters by editing the file..."
echo " $RPM_INSTALL_PREFIX/etc/cfssl/ca.json"
echo "...and then re-running the command:"
echo " su - %{l_rusr} -c \"$RPM_INSTALL_PREFIX/bin/cfssl-initca\""
) | %{l_rpmtool} msg -b -t notice
su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/bin/cfssl-initca"
fi
# after upgrade, restart service
[ $1 -eq 2 ] || exit 0
eval `%{l_rc} cfssl status 2>/dev/null`
[ ".$cfssl_active" = .yes ] && %{l_rc} cfssl restart
exit 0
%preun
# before erase, stop service and remove log files
[ $1 -eq 0 ] || exit 0
%{l_rc} cfssl stop 2>/dev/null
rm -rf $RPM_INSTALL_PREFIX/var/cfssl/log/* >/dev/null 2>&1 || true
rm -rf $RPM_INSTALL_PREFIX/var/cfssl/run/* >/dev/null 2>&1 || true
exit 0