PKGBUILDs/core/openssl/PKGBUILD

# Maintainer: Pierre Schmitz <pierre@archlinux.de>

# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
#  - set ARM architecture targets

pkgname=openssl
pkgver=3.3.2
pkgrel=1
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
arch=('x86_64')
url='https://www.openssl.org'
license=('Apache-2.0')
depends=('glibc')
makedepends=('perl')
optdepends=('ca-certificates' 'perl')
replaces=('openssl-perl' 'openssl-doc')
provides=('libcrypto.so' 'libssl.so')
backup=('etc/ssl/openssl.cnf')
source=("https://github.com/${pkgname}/${pkgname}/releases/download/${pkgname}-${pkgver}/${pkgname}-${pkgver}.tar.gz"{,.asc}
        'ca-dir.patch')
sha256sums=('2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281'
            'SKIP'
            '0a32d9ca68e8d985ce0bfef6a4c20b46675e06178cc2d0bf6d91bd6865d648b7')
validpgpkeys=('EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5'
              'BA5473A2B0587B07FB27CF2D216094DFD0CB81EF')

prepare() {
	cd "$srcdir/$pkgname-$pkgver"

	# set ca dir to /etc/ssl by default
	patch -Np1 -i "$srcdir/ca-dir.patch"
}

build() {
	cd "$srcdir/$pkgname-$pkgver"

	if [ "${CARCH}" == 'armv7h' ]; then
		openssltarget='linux-armv4'
		optflags=''
	elif [ "${CARCH}" == 'aarch64' ]; then
		openssltarget='linux-aarch64'
		optflags='no-afalgeng'
	fi

	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
		shared enable-ktls ${optflags} "${openssltarget}"

	make depend
	make
}

check() {
	cd "$srcdir/$pkgbase-$pkgver"

	# the test fails due to missing write permissions in /etc/ssl
	# revert this patch for make test
	patch -Rp1 -i "$srcdir/ca-dir.patch"

	make HARNESS_JOBS=$(nproc) test

	patch -Np1 -i "$srcdir/ca-dir.patch"
	# re-run make to re-generate CA.pl from the patched .in file.
	make apps/CA.pl
}

package() {
	cd "$srcdir/$pkgname-$pkgver"

	make DESTDIR="$pkgdir" MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs

	install -D -m644 LICENSE.txt "$pkgdir/usr/share/licenses/$pkgname/LICENSE.txt"
}