aboutsummaryrefslogtreecommitdiff
path: root/patches/mod_ssl/mod_ssl.SlackBuild
blob: ec74e0915b330262c0d74dc0e33749c223c07021 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
#!/bin/bash
#
# Build and package mod_ssl on Slackware.
# by:  David Cantrell <david@slackware.com>
# Currently maintained by:  PJV <volkerdi@slackware.com>
#
# Small changes by rhatto
# 

CWD="`pwd`"

if [ -f "/etc/slackbuildrc" ]; then
  source /etc/slackbuildrc
fi

if [ -f "~/.slackbuildrc" ]; then
  source ~/.slackbuildrc
fi

PACKAGE="mod_ssl"
MODSSL_VER=${MODSSL_VER:=2.8.28}
APACHE_VER=${APACHE_VER:=1.3.37}
ARCH=${ARCH:=i486}
BUILD=${BUILD:=1rha}
REPOS=${REPOS:=$TMP}

SRC_DIR=${SRC:=$CWD}
TMP=${TMP:=/tmp}

cat << EOCAT

Pleasy check if the apache version installed system-wide is $APACHE_VER,
otherwise upgrade your apache.

Press ENTER to continue.
EOCAT

read garbage

RTOOL="wget"
MODSSL="mod_ssl-$MODSSL_VER-$APACHE_VER.tar.gz"
MODSSL_URL="http://www.modssl.org/source/$MODSSL"
APACHE="apache_$APACHE_VER.tar.gz"
APACHE_URL="http://ftp.unicamp.br/pub/apache/httpd/$APACHE"

SRC_DIR="$SRC_DIR/$PACKAGE"
mkdir -p $SRC_DIR

if [ "$RTOOL" == "wget" ]; then

  if [ ! -f "$SRC_DIR/$MODSSL" ]; then
    wget "$MODSSL_URL" -O "$SRC_DIR/$MODSSL"
  fi

  if [ ! -f "$SRC_DIR/$APACHE" ]; then
    wget "$APACHE_URL" -O "$SRC_DIR/$APACHE"
  fi

fi

TMP="$TMP/$PACKAGE"
rm -rf $TMP
mkdir -p $TMP
cd $TMP

PKG=$TMP/package-$PACKAGE
mkdir -p $PKG
( cd $PKG ; explodepkg $CWD/_mod_ssl.tar.gz )
# Install sample config file:
cat $CWD/mod_ssl.conf.example > $PKG/etc/apache/mod_ssl.conf.new

cd $TMP
rm -rf mod_ssl-$MODSSL_VER-$APACHE_VER
rm -rf apache_$APACHE_VER
tar xvzf $SRC_DIR/apache_$APACHE_VER.tar.gz
tar xvzf $SRC_DIR/mod_ssl-$MODSSL_VER-$APACHE_VER.tar.gz

# build mod_ssl
cd $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER
chown -R root.root .

if [ "$ARCH" == "x86_64" ]; then
  ( cd pkg.sslmod ; zcat $CWD/libssl.module.diff.gz | patch -p0 --verbose )
fi

./configure --with-apxs=/usr/sbin/apxs \
            --with-crt=/etc/apache/mod_ssl/server.crt \
            --with-key=/etc/apache/mod_ssl/server.key \
            --with-patch=/usr/bin/patch

# Enjoy this kludge!  :-)
if [ "$ARCH" == "x86_64" ]; then
  echo "SSL_CFLAGS= -DSSL_ENGINE -DSSL_USE_SDBM -L/usr/lib64" >> pkg.sslmod/Makefile
else
  echo "SSL_CFLAGS= -DSSL_ENGINE -DSSL_USE_SDBM" >> pkg.sslmod/Makefile
fi

make -j3

# go back to the Apache tree and generate the additional package components
cd $TMP/apache_$APACHE_VER
cat $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER/pkg.sslcfg/sslcfg.patch | patch -p0
cat $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER/pkg.ssldoc/ssldoc.patch | patch -p0
cat $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER/pkg.sslsup/sslsup.patch | patch -p0
zcat $CWD/../apache/apache.dbm.diff.gz | patch -p1
( cd $TMP/apache_$APACHE_VER/src/support
  cat apachectl | sed -e "s|PIDFILE=/usr/local/apache/logs/httpd.pid|PIDFILE=/var/run/httpd.pid|g" | sed -e "s|HTTPD='/usr/local/apache/src/httpd'|HTTPD=/usr/sbin/httpd|g" > apachectl.new
  mv apachectl.new apachectl )

# install mod_ssl
cd $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER
make -j3
make install
mkdir -p $PKG/usr/doc/mod_ssl-$MODSSL_VER-$APACHE_VER
cp -a ANNOUNCE CREDITS INSTALL LICENSE NEWS README* \
   $PKG/usr/doc/mod_ssl-$MODSSL_VER-$APACHE_VER

# install the other components for this package
cd $TMP/mod_ssl-$MODSSL_VER-$APACHE_VER
( cd pkg.sslcfg
  cp -a README.CRT Makefile.crt ca-bundle.crt snakeoil-ca-rsa.crt \
     snakeoil-ca-dsa.crt snakeoil-rsa.crt snakeoil-dsa.crt \
     server.crt $PKG/etc/apache/ssl.crt )
( cd pkg.sslcfg
  cp -a README.CSR server.csr $PKG/etc/apache/ssl.csr )
( cd pkg.sslcfg
  cp -a README.PRM snakeoil-ca-dsa.prm snakeoil-dsa.prm \
     $PKG/etc/apache/ssl.prm )
( cd pkg.sslcfg
  cp -a Makefile.crl README.CRL $PKG/etc/apache/ssl.crl )
( cd pkg.sslcfg
  cp -a README.KEY snakeoil-ca-rsa.key snakeoil-ca-dsa.key snakeoil-rsa.key \
     snakeoil-dsa.key server.key $PKG/etc/apache/ssl.key )

( cd pkg.ssldoc
  cp -a index.html ssl_* $PKG/var/www/htdocs/manual/mod/mod_ssl )
( cd pkg.ssldoc
  cp -a apache_pb.gif feather.jpg mod_ssl_sb.gif openssl_ics.gif \
     $PKG/var/www/htdocs/manual/images )

cd $TMP/apache_$APACHE_VER
( cd htdocs
  cp -a index.html.en $PKG/var/www/htdocs )
( cd htdocs/manual/mod
  cp -a index.html.en index-bytype.html.en directives.html.en \
     $PKG/var/www/htdocs/manual/mod )
( cd src/support
  cp -a apachectl $PKG/usr/sbin )
# This is a point of overlap with the apache package, so we'll make it
# a symlink so that it's less of a trap for the unsuspecting admin:
( cd $PKG/usr/sbin
  mv apachectl apachectl-mod_ssl
  ln -sf apachectl-mod_ssl apachectl
)

# Make key files that we wouldn't want overwritten use .new:
for file in \
$PKG/etc/apache/ssl.crt/server.crt \
$PKG/etc/apache/ssl.csr/server.csr \
$PKG/etc/apache/ssl.key/server.key ; do
  mv $file ${file}.new
done

# get the module in the package
mkdir -p $PKG/usr/libexec/apache
cp -a /usr/libexec/apache/libssl.so $PKG/usr/libexec/apache

# attributes
chmod 700 $PKG/etc/apache/ssl.key

# strip:
( cd $PKG
  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
)

# some housekeeping
chown -R root.bin $PKG/usr/sbin
chmod 755 $PKG/usr/sbin/*

# Install slack-desc:
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc

# make the package
cd $PKG
makepkg -l y -c n $REPOS/mod_ssl-${MODSSL_VER}_${APACHE_VER}-$ARCH-$BUILD.tgz

# clean up
if [ "$CLEANUP" == "yes" ]; then
  rm -rf $TMP
fi