Repacking the OpenSSL Debian package for Ubuntu 10.04 of SafeSync for Enterprise

To repack the OpenSSL Debian package for Ubuntu 10.04:

1. Install SafeSync for Enterprise 2.1 Service Pack 1 (Build 2.1.0.1496).
2. Download the following OpenSSL source packages:
   • openssl-1.0.1u.tar.gz
   • openssl_1.0.1-4ubuntu5.38.debian.tar.gz
3. Find the configuration option for ./configure while building OpenSSL manually.
   1. Run the following command:

      tar zxvf openssl-1.0.1u.tar.gz
      tar zxvf openssl_1.0.1-4ubuntu5.38.debian.tar.gz -C openssl-1.0.1u
      cd openssl-1.0.1u

   2. Find the option at line 38 in debian/rules:

      vim debian/rules

      CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2 $(ARCH_CONFARGS)

   3. Retrieve the option value after changing the variable.

      CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2 enable-ec_nistp_64_gcc_128

   4. Refer to ./INSTALL file and add the Shared option to create shared libraries on platforms.

      CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2 enable-ec_nistp_64_gcc_128 shared

4. Build OpenSSL using the commands below:

   ./config --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib no-idea no-mdc2 no-rc5 zlib enable-tlsext no-ssl2 enable-ec_nistp_64_gcc_128a shared
   make depend
   make
   make install

5. Verify the new settings.
   1. Check the version using the command "openssl version". The expected result should be:

      OpenSSL 1.0.1u 22 Sep 2016 

   2. Check the shared libraries using the command "ldd /usr/bin/openssl". The expected result should be:

      linux-vdso.so.1 =>  (0x00007fff289f9000)
      libssl.so.1.0.0 => /usr/lib/libssl.so.1.0.0 (0x00007f7264c61000)
      libcrypto.so.1.0.0 => /usr/lib/libcrypto.so.1.0.0 (0x00007f7264885000)
      libdl.so.2 => /lib/libdl.so.2 (0x00007f7264677000)
      libz.so.1 => /lib/libz.so.1 (0x00007f7264460000)
      libc.so.6 => /lib/libc.so.6 (0x00007f72640dd000)
      /lib64/ld-linux-x86-64.so.2 (0x00007f7264ec8000)

6. Install the dpkg-repack file.

   cd /home/safesync
   wget http://mirrors.kernel.org/ubuntu/pool/main/d/dpkg-repack/dpkg-repack_1.37_all.deb
   dpkg -i dpkg-repack_1.37_all.deb

7. Repack the OpenSSL Debian package.
   1. Update the version of OpenSSL:

      sed -i 's/Version: 1.0.1h-1/Version: 1.0.1u/' /var/lib/dpkg/status

   2. Modify the file list by appending "/usr/lib/ssl" and "/usr/lib/ssl/openssl.cnf".

      sed -i '/\/usr\/lib\/libcrypto.so/a \/usr\/lib\/ssl\n\/usr\/lib\/ssl\/openssl.cnf' /var/lib/dpkg/info/openssl.list

      The result should be similar to the following:

      /usr/lib/libcrypto.so
      /usr/lib/ssl
      /usr/lib/ssl/openssl.cnf
      /etc/ssl/openssl.cnf

   3. Run the dpkg-repack file using the command "dpkg-repack openssl". The expected result should be:

      dpkg-repack: Skipping obsolete conffile /etc/ssl/openssl.cnf
      dpkg-deb: building package `openssl' in `./openssl_1.0.1u_amd64.deb'

8. Verify the repacked Debian package.
   1. Install the repacked Debian package on a newly installed SSFE 2.1 SP1.

      dpkg -i openssl_1.0.1u_amd64.deb
      (Reading database ... 86633 files and directories currently installed.)
      Preparing to replace openssl 1.0.1h-1 (using openssl_1.0.1u_amd64.deb) ...
      Unpacking replacement openssl ...
      Setting up openssl (1.0.1u) ...

   2. Check the version of the OpenSSL Debian package.

      dpkg -l | grep openssl

      It should show "ii openssl 1.0.1u Package created with checkinstall 1.6.1."