Updating OpenSSL 1.0.1i for Centmin Mod [discussion]

Actually you do a lot more on Centminmod. You sir are a scripting hero.
But we both have the same scope, having latest software available primarily for our use and share it with Open Source community. In case you wonder:

Code:

Patch1:            %{name}-1.0.1-beta2-rpmbuild.patch
Patch2:            %{name}-1.0.0f-defaults.patch
Patch4:            %{name}-1.0.0-beta5-enginesdir.patch
Patch5:            %{name}-0.9.8a-no-rpath.patch
Patch6:            %{name}-0.9.8b-test-use-localhost.patch
Patch7:            %{name}-1.0.0-timezone.patch
Patch8:            %{name}-1.0.1c-perlfind.patch
Patch9:            %{name}-1.0.1c-aliasing.patch
Patch23:        %{name}-1.0.1c-default-paths.patch
Patch24:        %{name}-1.0.1e-issuer-hash.patch
Patch33:        %{name}-1.0.0-beta4-ca-dir.patch
Patch34:        %{name}-0.9.6-x509.patch
Patch35:        %{name}-0.9.8j-version-add-engines.patch
Patch36:        %{name}-1.0.1i-doc-noeof.patch
Patch38:        %{name}-1.0.1-beta2-ssl-op-all.patch
Patch39:        %{name}-1.0.1h-ipv6-apps.patch
Patch45:        %{name}-1.0.1e-env-zlib.patch
Patch47:        %{name}-1.0.0-beta5-readme-warning.patch
Patch49:        %{name}-1.0.1i-algo-doc.patch
Patch50:        %{name}-1.0.1-beta2-dtls1-abi.patch
Patch51:        %{name}-1.0.1e-version.patch
Patch60:        %{name}-1.0.0d-apps-dgst.patch
Patch63:        %{name}-1.0.0d-xmpp-starttls.patch
Patch65:        %{name}-1.0.0e-chil-fixes.patch
Patch66:        %{name}-1.0.1-pkgconfig-krb5.patch
Patch68:        %{name}-1.0.1e-secure-getenv.patch
Patch69:        %{name}-1.0.1c-dh-1024.patch
Patch77:        %{name}-1.0.1e-weak-ciphers.patch
Patch80:        %{name}-1.0.1e-enc-fail.patch
Patch81:        %{name}-1.0.1-beta2-padlock64.patch
Patch84:         %{name}-1.0.1i-trusted-first.patch
Patch85:         %{name}-1.0.1e-arm-use-elf-auxv-caps.patch
Patch89:        %{name}-1.0.1e-ephemeral-key-size.patch

---

 

@eva2000, building RPMs is all about scripting also, hehe. And patching, which is probably the most important part, compared to compiling from source. Patching is beneficial because there are many fixes not available into originally released source code.

 

@eva2000, I released OpenSSL 1.0.1i for RHEL7. I'm starting to build all packages slowly.

Code:

# yum --disablerepo=* --enablerepo=axivo list | egrep 'axivo|Packages'
Installed Packages
GeoIP.x86_64                           1.6.2-1.el7                     @axivo  
GeoIP-devel.x86_64                     1.6.2-1.el7                     @axivo  
axivo-release.noarch                   7-1                             installed
openssl.x86_64                         1:1.0.1i-1.el7                  @axivo  
openssl-libs.x86_64                    1:1.0.1i-1.el7                  @axivo  
Available Packages
GeoIP-update.noarch                    1.6.2-1.el7                     axivo    
openssl-devel.x86_64                   1:1.0.1i-1.el7                  axivo    
openssl-perl.x86_64                    1:1.0.1i-1.el7                  axivo    
openssl-static.x86_64                  1:1.0.1i-1.el7                  axivo

It is a start, heh... Also, update works for me:

Code:

# yum -q list openssl
Installed Packages
openssl.x86_64              1:1.0.1e-34.el7_0.3               @updates

# yum --enablerepo=axivo update openssl
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: centos.mirrors.atwab.net
* extras: centos.mirrors.atwab.net
* updates: centos.mirrors.atwab.net
Resolving Dependencies
--> Running transaction check
---> Package openssl.x86_64 1:1.0.1e-34.el7_0.3 will be updated
---> Package openssl.x86_64 1:1.0.1i-1.el7 will be an update
--> Processing Dependency: openssl-libs = 1:1.0.1i-1.el7 for package: 1:openssl-1.0.1i-1.el7.x86_64
--> Running transaction check
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.3 will be updated
---> Package openssl-libs.x86_64 1:1.0.1i-1.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

==================================================================
Package          Arch       Version              Repository
                                                             Size
==================================================================
Updating:
openssl          x86_64     1:1.0.1i-1.el7       axivo     580 k
Updating for dependencies:
openssl-libs     x86_64     1:1.0.1i-1.el7       axivo     1.0 M

Transaction Summary
==================================================================
Upgrade  1 Package (+1 Dependent package)

Total download size: 1.5 M
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for axivo
(1/2): openssl-1.0.1i-1.el7.x86_64.rpm       | 580 kB   00:02  
(2/2): openssl-libs-1.0.1i-1.el7.x86_64.rpm  | 1.0 MB   00:02  
------------------------------------------------------------------
Total                                554 kB/s | 1.5 MB  00:02  
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : 1:openssl-libs-1.0.1i-1.el7.x86_64             1/4
  Updating   : 1:openssl-1.0.1i-1.el7.x86_64                  2/4
  Cleanup    : 1:openssl-1.0.1e-34.el7_0.3.x86_64             3/4
  Cleanup    : 1:openssl-libs-1.0.1e-34.el7_0.3.x86_64        4/4
  Verifying  : 1:openssl-libs-1.0.1i-1.el7.x86_64             1/4
  Verifying  : 1:openssl-1.0.1i-1.el7.x86_64                  2/4
  Verifying  : 1:openssl-libs-1.0.1e-34.el7_0.3.x86_64        3/4
  Verifying  : 1:openssl-1.0.1e-34.el7_0.3.x86_64             4/4

Updated:
  openssl.x86_64 1:1.0.1i-1.el7                                

Dependency Updated:
  openssl-libs.x86_64 1:1.0.1i-1.el7                            

Complete!

 

@eva2000, should take me few weeks, just in time for MariaDB 10.0.13.
Also, I updated the previous post, check how update works wonderful, heh.