LibreSSL does not work properly for me, trying good old OpenSSL

This commit is contained in:
Mark Vainomaa 2018-11-10 22:47:53 +02:00
parent d2638141ff
commit 7b787b5acb
Signed by: mikroskeem
GPG Key ID: 1B3F9523B542D315
4 changed files with 73 additions and 30 deletions

View File

@ -42,7 +42,7 @@ b mksh
# Networking # Networking
b zlib b zlib
b libressl b openssl
b curl b curl
# Init # Init

View File

@ -1,29 +0,0 @@
#!/bin/bash
pkgname="libressl"
pkgver="2.8.2"
src="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${pkgver}.tar.gz"
prepare () {
[ -f "${pkgname}-src.tar.gz" ] || curl -o "${pkgname}-src.tar.gz" "${src}"
tar -C "${srcdir}" -xvf "${pkgname}-src.tar.gz"
}
build () {
cd "${srcdir}/libressl-${pkgver}"
mkdir build && cd build
../configure \
--prefix=/usr \
--with-openssldir=/etc/ssl
make
}
package () {
cd "${srcdir}/libressl-${pkgver}/build"
make DESTDIR="${pkgdir}" install
}
. ../common.sh

41
pkgs/openssl/build.sh Executable file
View File

@ -0,0 +1,41 @@
#!/bin/bash
pkgname="openssl"
pkgver="1.1.1"
src="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz"
prepare () {
[ -f "${pkgname}-src.tar.gz" ] || curl -o "${pkgname}-src.tar.gz" "${src}"
tar -C "${srcdir}" -xvf "${pkgname}-src.tar.gz"
}
build () {
cd "${srcdir}/openssl-${pkgver}"
for p in "${wd}"/patches/*.patch; do
patch -u -p0 < "${p}"
done
./Configure \
--prefix=/usr \
--openssldir=/etc/ssl \
--libdir=lib \
shared no-ssl3-method enable-ec_nistp_64_gcc_128 linux-x86_64 \
no-async \
"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
make depend
make
}
package () {
cd "${srcdir}/openssl-${pkgver}"
make \
DESTDIR="${pkgdir}" \
MANDIR=/usr/share/man \
MANSUFFIX=ssl \
install_sw install_ssldirs install_man_docs
}
. ../common.sh

View File

@ -0,0 +1,31 @@
--- apps/CA.pl.in 2018-09-11 14:48:19.000000000 +0200
+++ apps/CA.pl.in 2018-09-11 16:16:32.125629435 +0200
@@ -33,7 +33,7 @@
my $PKCS12 = "$openssl pkcs12";
# default openssl.cnf file has setup as per the following
-my $CATOP = "./demoCA";
+my $CATOP = "/etc/ssl";
my $CAKEY = "cakey.pem";
my $CAREQ = "careq.pem";
my $CACERT = "cacert.pem";
--- apps/openssl.cnf 2018-09-11 14:48:20.000000000 +0200
+++ apps/openssl.cnf 2018-09-11 16:16:32.125629435 +0200
@@ -43,7 +43,7 @@
####################################################################
[ CA_default ]
-dir = ./demoCA # Where everything is kept
+dir = /etc/ssl # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
@@ -327,7 +327,7 @@
[ tsa_config1 ]
# These are used by the TSA reply generation only.
-dir = ./demoCA # TSA root directory
+dir = /etc/ssl # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate