Author: jfrederic.clere(a)jboss.com Date: 2008-02-05 12:06:21 -0500 (Tue, 05 Feb 2008) New Revision: 1367 Added: trunk/build/unix/util/confssl.sh Modified: trunk/build/unix/build.sh trunk/build/unix/buildbin.rhel-httpd.sh trunk/build/unix/buildtest.rhel-httpd.sh trunk/build/unix/package.list Log: Add openssl rhel logic (and test ssl). Modified: trunk/build/unix/build.sh =================================================================== --- trunk/build/unix/build.sh 2008-02-05 17:05:08 UTC (rev 1366) +++ trunk/build/unix/build.sh 2008-02-05 17:06:21 UTC (rev 1367) @@ -538,7 +538,7 @@ if [ -f ${ssl_common_dir}/include/openssl/opensslv.h ]; then echo "Using cached openssl in ${ssl_common_dir}" - return + return 0 fi SSLNUM=`basename ${ssl_srcdir} | awk -F - '{ print $2}' | sed 's:[a-z]::'` echo "Configuring OpenSSL ${ssl_version} for ${BUILD_TAG} ..." @@ -549,22 +549,26 @@ ssl_build_flags="shared" fi ssl_target="--prefix=${ssl_common_dir} --openssldir=${ssl_common_dir}/ssl" + if [ ! -d ${ssl_srcdir} ]; then + ssl_srcdir=srclib/`ls srclib | grep openssl-` + fi + echo "ssl_srcdir: $ssl_srcdir in: `pwd`" (cd ${ssl_srcdir} case ${BUILD_TAG} in solaris-sparcv9) - ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} solaris-sparcv9-cc + ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} solaris-sparcv9-cc || exit 1 ;; solaris-i686) - ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} solaris-x86-cc + ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} solaris-x86-cc || exit 1 ;; hpux-parisc2) - ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} hpux-parisc2-cc + ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} hpux-parisc2-cc || exit 1 ;; hpux-ia64) - ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} hpux-ia64-cc + ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} hpux-ia64-cc || exit 1 ;; linux2-ppc64) - ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} linux-ppc64 + ./Configure ${ssl_target} ${ssl_common_flags} ${ssl_build_flags} linux-ppc64 || exit 1 ;; windows-i686) ./Configure ${ssl_target} VC-NT @@ -579,20 +583,20 @@ ms/do_win64i.bat ;; *) - ./config ${ssl_target} -fPIC ${ssl_common_flags} ${ssl_build_flags} + ./config ${ssl_target} -fPIC ${ssl_common_flags} ${ssl_build_flags} || exit 1 ;; esac echo "Building OpenSSL ${ssl_version} for ${BUILD_TAG} ..." if $BUILD_WIN ; then if $ssl_static ; then - nmake -f ms/nt.mak install + nmake -f ms/nt.mak install || exit 1 else - nmake -f ms/ntdll.mak install + nmake -f ms/ntdll.mak install || exit 1 fi else - make depend - make - make install_sw + make depend || exit 1 + make || exit 1 + make install_sw || exit 1 if [ ! $ssl_static ] ; then (cd ${ssl_common_dir}/lib ln -s libcrypto.${so_extension}.${SSLNUM} libcrypto.${so_extension}.0 @@ -600,7 +604,7 @@ ) fi fi - ) + ) || return 1 } # @@ -938,10 +942,23 @@ mkdir -p ${package_src_dir}/srclib if $has_zlib; then - ckeckdownload zlib-${zlib_version} $ZLIBURL "" + ckeckdownload zlib-${zlib_version} $ZLIBURL "NONE" fi +# Note: type of the download (r: rhel, v: internet, t: tag in svn). if $has_openssl; then - ckeckdownload openssl-${ssl_version} $SSLURL "" + if [ "${ssl_type}" == "v" ]; then + ckeckdownload openssl-${ssl_version} $SSLURL "NONE" + elif [ "${ssl_type}" == "r" ]; then + if [ "x${ssl_version}" = "x" ]; then + tag=trunk + else + tag=${ssl_version} + fi + util/buildrhelsrc.sh http://cvs.devel.redhat.com/repo/dist/openssl openssl/RHEL-5 ${tag} ${package_src_dir} openssl rhel-httpd ${build_version} + else + echo "${ssl_type} not support for openssl" + exit 1 + fi fi if $has_apr; then ckeckdownload apr-${apr_version} $APRURL $APRURLBACK @@ -953,10 +970,10 @@ ckeckdownload apr-iconv-${api_version} $APIURL $APIURLBACK fi if $has_iconv; then - ckeckdownload libiconv-${iconv_version} $ICONVURL "" + ckeckdownload libiconv-${iconv_version} $ICONVURL "NONE" fi if $has_expat; then - ckeckdownload expat-${expat_version} $EXPATURL "" + ckeckdownload expat-${expat_version} $EXPATURL "NONE" fi # @@ -1016,12 +1033,12 @@ # generate a list of dependencies override ${build_top}/util/builddep $build_output_dir ${PACKAGE}.${build_version}.${BUILD_SYS}.${BUILD_CPU}.depends ${package_output_dir} -# create a chrootable environment for testing: -if [ ! -d ${TMPROOTBASE}/${package_output_dir} ]; then - override ${build_top}/util/buildroot ${TMPROOTBASE}/${package_output_dir} -fi +if $run_test; then + # create a chrootable environment for testing: + if [ ! -d ${TMPROOTBASE}/${package_output_dir} ]; then + override ${build_top}/util/buildroot ${TMPROOTBASE}/${package_output_dir} + fi -# run a test -if $run_test; then - override ${build_top}/buildtest.${PACKAGE}.sh ${TMPROOTBASE} ${package_output_dir} ${build_cache_dir} ${IPLOCAL} + # run a test + override ${build_top}/buildtest.${PACKAGE}.sh ${TMPROOTBASE} ${package_output_dir} ${build_cache_dir} ${IPLOCAL} ${has_ssl} fi Modified: trunk/build/unix/buildbin.rhel-httpd.sh =================================================================== --- trunk/build/unix/buildbin.rhel-httpd.sh 2008-02-05 17:05:08 UTC (rev 1366) +++ trunk/build/unix/buildbin.rhel-httpd.sh 2008-02-05 17:06:21 UTC (rev 1367) @@ -105,7 +105,7 @@ _localstatedir=${PREFIX}/logs if $has_openssl_loc ; then - add_conf="--with-ssl=${common_loc} --enable-ssl --with-ssl --enable-distcache" + add_conf="--with-ssl=${common_loc} --enable-ssl --with-ssl" else add_conf="" fi @@ -179,5 +179,22 @@ # Install it #install -m 755 worker/httpd ${RPM_BUILD_ROOT}/${_sbindir}/httpd.worker install -m 755 httpd ${RPM_BUILD_ROOT}/${_sbindir}/httpd.worker + +# Add the needed openssl stuff. +current_loc=`pwd` +install_loc=${output_loc}/${PREFIX} +if $has_openssl_loc; then + echo "Adding OpenSSL libraries ..." + (cd ${common_loc}/lib + tar -cf ${current_loc}/x.tar engines *.${so_extension}* + ) + (cd ${install_loc}/lib + tar -xf ${current_loc}/x.tar + ) + rm -f ${current_loc}/x.tar + + cp ${common_loc}/bin/openssl ${install_loc}/bin +fi + echo "Done" exit 0 Modified: trunk/build/unix/buildtest.rhel-httpd.sh =================================================================== --- trunk/build/unix/buildtest.rhel-httpd.sh 2008-02-05 17:05:08 UTC (rev 1366) +++ trunk/build/unix/buildtest.rhel-httpd.sh 2008-02-05 17:06:21 UTC (rev 1367) @@ -27,11 +27,13 @@ # $2 : Directory where the package was built. # $3 : Directory where downloaded packages are stored. # $4 : Name or IP to use for the tests. +# $5 : Do the SSL stuff. base=$1 root=$2 build_cache_dir=$3 IPLOCAL=$4 +loc_has_ssl=$5 # Install jboss (as) util/installjboss.sh $base $root $build_cache_dir @@ -46,6 +48,11 @@ # Add a minimal mod_jk conf to httpd.conf util/confjk.sh $base $root $build_cache_dir ${IPLOCAL} +# Run SSL if needed +if $loc_has_ssl; then + util/confssl.sh $base $root $build_cache_dir ${IPLOCAL} +fi + # Test it. sudo /usr/sbin/chroot $base/$root /opt/jboss/httpd/sbin/apachectl start sleep 65 @@ -65,6 +72,15 @@ exit 1 fi +# The -k is for the test self signed certificate. +curl -k -v https://${IPLOCAL} | grep "It works\!" +if [ $? -ne 0 ]; then + sudo /usr/sbin/chroot $base/$root /opt/jboss/httpd/sbin/apachectl stop + ${base}/${root}/jbossas/${JBOSSDIR}/bin/shutdown.sh -S -s ${IPLOCAL} + echo "Test FAILED cant use SSL?" + exit 1 +fi + # Stop it. sudo /usr/sbin/chroot $base/$root /opt/jboss/httpd/sbin/apachectl stop ${base}/${root}/jbossas/${JBOSSDIR}/bin/shutdown.sh -S -s ${IPLOCAL} Modified: trunk/build/unix/package.list =================================================================== --- trunk/build/unix/package.list 2008-02-05 17:05:08 UTC (rev 1366) +++ trunk/build/unix/package.list 2008-02-05 17:06:21 UTC (rev 1367) @@ -10,4 +10,4 @@ jboss-sight|1.0.2|trunk|apr:v:1.2.8|apu:v:1.2.8|api:v:1.2.1 # httpd jboss-httpd|0.0.1|2.2.6 -rhel-httpd|0.0.1|httpd-2_2_3-11_el5_1_3|apr:r:apr-1_2_7-11|apu:r:apr-util-1_2_7-7_el5|api:v:1.2.1|ssl:v:0.9.8e|zlib:v:1.2.3|jk:v:1.2.26|iconv:v:1.11|expat:v:1.95.8 +rhel-httpd|0.0.1|httpd-2_2_3-11_el5_1_3|apr:r:apr-1_2_7-11|apu:r:apr-util-1_2_7-7_el5|api:v:1.2.1|ssl:r:openssl-0_9_8b-8_3_el5_0_2|zlib:v:1.2.3|jk:v:1.2.26|iconv:v:1.11|expat:v:1.95.8 Added: trunk/build/unix/util/confssl.sh =================================================================== --- trunk/build/unix/util/confssl.sh (rev 0) +++ trunk/build/unix/util/confssl.sh 2008-02-05 17:06:21 UTC (rev 1367) @@ -0,0 +1,53 @@ +#!/bin/sh +# Copyright(c) 2008 Red Hat Middleware, LLC, +# and individual contributors as indicated by the @authors tag. +# See the copyright.txt in the distribution for a +# full listing of individual contributors. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library in the file COPYING.LIB; +# if not, write to the Free Software Foundation, Inc., +# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA +# +# @author Jean-Frederic Clere +# + +# Install jboss(as) in the chrootable environment for testing. +# +# $1 : Base directory for the test. +# $2 : Directory where the package was built. +# $3 : Directory where downloaded packages are stored. +# $4 : Name or IP to use for the tests. + +base=$1 +root=$2 +build_cache_dir=$3 +IPLOCAL=$4 + +echo "$0 : in ${base}/${root}" + +# Add to httpd.conf +cat <<EOF >> ${base}/${root}/opt/jboss/httpd/httpd/conf/httpd.conf +LoadModule jk_module /opt/jboss/httpd/lib/httpd/modules/mod_ssl.so +Listen ${IPLOCAL}:443 +<VirtualHost _default_:443> +SSLEngine on +SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL +SSLCertificateFile /opt/jboss/httpd/httpd/conf/server.crt +SSLCertificateKeyFile /opt/jboss/httpd/httpd/conf/server.key +</VirtualHost> +EOF + +# Copy the certificate and key files. +cp $build_top/util/server.crt ${base}/${root}/opt/jboss/httpd/httpd/conf +cp $build_top/util/server.key ${base}/${root}/opt/jboss/httpd/httpd/conf Property changes on: trunk/build/unix/util/confssl.sh ___________________________________________________________________ Name: svn:executable + *