Sync from SUSE:SLFO:Main libtcnative-1-0 revision c9533358313dedcd3238668e4e4aa920

This commit is contained in:
Adrian Schröter 2024-05-03 15:57:09 +02:00
commit b6c4505ee9
6 changed files with 1626 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

215
libtcnative-1-0.changes Normal file
View File

@ -0,0 +1,215 @@
-------------------------------------------------------------------
Tue Feb 13 09:05:45 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to 1.2.39:
* Fix: 67061: If the insecure optionalNoCA certificate verification
mode is used, disable OCSP if enabled else client certificates
from unknown certificate authorities will be rejected.
* Update: Update the recommended minimum version of OpenSSL to
3.0.11.
* Change the hardcoded libopenssl-1_1-devel to libopenssl-devel
for distributions that have the right version
-------------------------------------------------------------------
Tue Nov 14 08:56:49 UTC 2023 - Michele Bussolotto <michele.bussolotto@suse.com>
- Version update to version 1.2.38:
* Align default pass phrase prompt with HTTPd.
* #66669: Fix memory leak in SNI processing.
* Update the recommended minimum version of OpenSSL to 1.1.1v.
* Update the recommended minimum version of APR to 1.7.4.
* Document the TLS rengotiation behaviour.
* Add HOWTO-RELEASE.txt that describes the release process.
* Refactor library initialization so it is compatible with Tomcat
10.1.x onwards where a number of Java classes have been removed.
* Map the OpenSSL 3.x FIPS behaviour to the OpenSSL 1.x API to
allow clients to determine if the FIPS provider is being used
when Tomcat Native is compiled against OpenSSL 3.x.
* #66035: Fix crash when attempting to read TLS session ID after
a handshake failure.
* Enable download_deps.sh to be called from any directory.
* Fix release script so it works with the current git layout.
* #65441: Correct previous fix that enabled building to continue
with OpenSSL 3.x.
* #65659: Remove remaining reference to pkg-config which is no
longer included in the Tomcat Native distribution.
* #65181: Additional changes required to provided support for
using OpenSSL Engines that use proprietary key formats.
* #65329: Correct handling of WINVER in make file to use correct
constant for Windows 7. Add constants for Windows 8, Windows 8.1
and Windows 10. Rename WINNT to WIN2k as it is used for Windows
2000 upwards, not Windows NT upwards.
* Add a patch for APR that fixes an issue where some Windows
systems in some configurations would only listen on IPv6
addresses on dual stack systems even though configured to listen
on both IPv6 and IPv4 addresses.
* Correct a regression in the fix for 65181 that prevented an
error message from being displayed if an invalid key file was
provided and no OpenSSL Engine was configured.
* #65181: Improve support for using OpenSSL Engines that use
proprietary key formats.
* Enable building to continue against OpenSSL 3.x and 1.1.1.
* Incomplete name mangling fix for C++ compilers in tcn_api.h.
* Improve OS-specific header include for native thread id.
* Disable keylog callback support for LibreSSL.
* Add support for SSLContext.addChainCertificateRaw() with
LibreSSL 2.9.1 and up.
* Add support for HP-UX's _lwp_self() in our ssl_thread_id(void).
* Remove default option passed for rpath to linker on HP-UX.
* Add an option to allow the OCSP responder check to be bypassed.
Note that if OCSP is enabled, a missing responder is now treated
as an error.
* #64429: Fix compilation with LibreSSL.
* #63671: libtcnative does not compile with OpenSSL < 1.1.0 and
APR w/o threading support.
* Correct configure message for OpenSSL libdir.
* #64260: Clean up install target.
* #64315: configure output for OpenSSL wrong/incomplete sometimes.
* Drop obsolete build time workarounds for HP-UX.
* Add support for FreeBSD's pthread_getthreadid_np() in our
ssl_thread_id(void).
* #64316: Introduce tcn_get_thread_id(void) to reduce code
duplication.
* Fix linking against OpenSSL in non-standard locations on FreeBSD.
- Removed patch:
* libtcnative-1-0-bsc1199170.patch
+ fix integrated
-------------------------------------------------------------------
Fri Jul 29 09:12:29 UTC 2022 - pgajdos@suse.com
- Fix for SG#63251, bsc#1199170 (thanks to ohollmann@suse.com)
- added patches
fix https://github.com/apache/tomcat-native/commit/5ac1175a0cf24aae2a285b3f3fb877ff83aef0c0
+ libtcnative-1-0-bsc1199170.patch
-------------------------------------------------------------------
Thu Nov 7 11:04:12 UTC 2019 - Matei Albu <malbu@suse.com>
- Add GPG keyring.
-------------------------------------------------------------------
Mon Aug 12 16:21:42 UTC 2019 - Matei Albu <malbu@suse.com>
- Version update to version 1.2.23:
* See changelog.html for in-depth upstream changes
-------------------------------------------------------------------
Thu Jun 6 14:59:23 UTC 2019 - Matei <malbu@suse.com>
- Version update to version 1.2.21:
* See changelog.html for in-depth upstream changes
* Fix incompatibility with Tomcat (bsc#1130843)
-------------------------------------------------------------------
Mon Nov 27 07:36:36 UTC 2017 - fstrba@suse.com
- Version update to version 1.2.16:
* See changelog.html for in-depth upstream changes
* Fixes build breakage with newer version of openssl
-------------------------------------------------------------------
Wed Feb 3 10:51:58 UTC 2016 - tchvatal@suse.com
- Version update to version 1.2.4:
* See changelog.html for in-depth upstream changes
* This connector to properly work requires openssl 1.0.2 or newer
so do not backport to other codestreams.
-------------------------------------------------------------------
Wed Feb 25 20:18:55 UTC 2015 - tchvatal@suse.com
- Remove keyring file as there is new keyring and I didn't find it
on the web
-------------------------------------------------------------------
Thu Feb 19 18:20:29 UTC 2015 - p.drouand@gmail.com
- Update to version 1.1.32
* Fix: 53952: Add support for TLSv1.2 and TLSv1.1.
* Fix: 56844: Use OpenSSL 1.0.1j with Windows binaries.
* Update: Use APR 1.5.1 with Windows binaries
- Remove tomcat-native-nosslv2.patch; merged on upstream release
- Remove %gpg_verify tag and gpg-offline require; let OBS handles
gpg verification
-------------------------------------------------------------------
Sun Apr 27 15:45:46 UTC 2014 - crrodriguez@opensuse.org
- version 1.1.30
* Fixed double-free in ssl_ocsp_request. Patch provided by
Aristotelis.
* Other minor bugfixes.
- openSUSE: Fix build when openssl does not have SSLv2 support.
(tomcat-native-nosslv2.patch)
-------------------------------------------------------------------
Fri Sep 13 09:29:50 UTC 2013 - mvyskocil@suse.com
- Update to 1.1.27 (bugfix release)
* fix high CUP usage on client's IP address change
* add CPU information to OS info for Linux
* fix FIPS mode for listeners; resolves 'Low level API
call to digest MD5 forbidden in FIPS mode!' errors.
* update add clearOptions function to allow access to
OpenSSL's SSL_CTX_clear_options function.
* fix regression in pollset return value.
- add gpg verification
- add javapackages-tools
- drop config-guess-sub-update.patch
-------------------------------------------------------------------
Sun Mar 31 13:48:49 UTC 2013 - schwab@suse.de
- config-guess-sub-update.patch: update config.guess/sub for aarch64
-------------------------------------------------------------------
Thu Dec 6 13:48:00 UTC 2012 - kruber@zib.de
- update to 1.1.24
* add support for per-socket timeouts inside poller
-------------------------------------------------------------------
Thu Mar 15 10:43:21 UTC 2012 - mvyskocil@suse.cz
- update to 1.1.23 - latest upstream version
* autodetect java7
* better support for ipv6
* OCSP verification support
* explicit use in FIPS mode allowed
* and fixes many bugs, leaks and crashes
- split the spec from tomcat6 sources as it was never needed
-------------------------------------------------------------------
Thu Aug 5 15:30:21 UTC 2010 - mvyskocil@suse.cz
- fixes bnc#622430 - move .so file to main package
-------------------------------------------------------------------
Tue Mar 16 12:35:08 CET 2010 - ro@suse.de
- build from tomcat-native-1.1.20-src.tar.gz
- package needs work, does not have to live in tomcat src any more
-------------------------------------------------------------------
Wed Jun 3 11:10:45 CEST 2009 - mvyskocil@suse.cz
- Tomcat update to 6.0.20
- APR update to 1.3.3 - the bugfix release
-------------------------------------------------------------------
Fri Sep 12 09:33:38 CEST 2008 - mvyskocil@suse.cz
- Tomcat update to 6.0.18
-------------------------------------------------------------------
Thu Aug 7 15:59:03 CEST 2008 - mvyskocil@suse.cz
- move the .so file to -devel subpackage to prevent of an rpmlint error
-------------------------------------------------------------------
Wed Jul 9 15:52:08 CEST 2008 - mvyskocil@suse.cz
- The first release in SUSE (1.2.12)
- fix of enhancenment request [bnc#202339]

1243
libtcnative-1-0.keyring Normal file

File diff suppressed because it is too large Load Diff

125
libtcnative-1-0.spec Normal file
View File

@ -0,0 +1,125 @@
#
# spec file for package libtcnative-1-0
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%{!?make_build:%global make_build make %{?_smp_mflags}}
Name: libtcnative-1-0
Version: 1.2.39
Release: 0
Summary: Tomcat resources for performance, compatibility, etc
License: Apache-2.0
Group: Productivity/Networking/Web/Servers
URL: https://tomcat.apache.org/native-1.2-doc/index.html
Source0: https://www.apache.org/dist/tomcat/tomcat-connectors/native/%{version}/source/tomcat-native-%{version}-src.tar.gz
Source1: https://www.apache.org/dist/tomcat/tomcat-connectors/native/%{version}/source/tomcat-native-%{version}-src.tar.gz.asc
# https://www.apache.org/dist/tomcat/tomcat-connectors/KEYS
Source2: %{name}.keyring
BuildRequires: fdupes
BuildRequires: java-devel
BuildRequires: javapackages-tools
BuildRequires: libapr1-devel >= 1.4.3
BuildRequires: pkgconfig
# Upstream compatibility:
Provides: tcnative = %{version}
#Fedora compatibility
Provides: tomcat-native = %{version}
%if 0%{?suse_version} >= 1550
BuildRequires: libopenssl-devel >= 3.0.11
%else
BuildRequires: libopenssl-1_1-devel
%endif
%description
The Apache Tomcat Native Library is an optional component for use
with Apache Tomcat that allows Tomcat to use certain native
resources for performance, compatibility, etc.
Specifically, the Apache Tomcat Native Library gives Tomcat access
to the Apache Portable Runtime (APR) library's network connection
(socket) implementation and random-number generator. See the Apache
Tomcat documentation for more information on how to configure Tomcat
to use the APR connector.
Features of the APR connector:
* Non-blocking I/O for Keep-Alive requests (between requests)
* Uses OpenSSL for TLS/SSL capabilities (if supported by linked APR
library)
* FIPS 140-2 support for TLS/SSL (if supported by linked OpenSSL
library)
* Support for IPv4, IPv6 and Unix Domain Sockets
%package devel
Summary: Tomcat resources for performance, compatibility, etc
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}-%{release}
Requires: glibc-devel
Requires: libapr1-devel
Requires: libopenssl-devel
%description devel
The Apache Tomcat Native Library is an optional component for use
with Apache Tomcat that allows Tomcat to use certain native
resources for performance, compatibility, etc.
Specifically, the Apache Tomcat Native Library gives Tomcat access
to the Apache Portable Runtime (APR) library's network connection
(socket) implementation and random-number generator. See the Apache
Tomcat documentation for more information on how to configure Tomcat
to use the APR connector.
Features of the APR connector:
* Non-blocking I/O for Keep-Alive requests (between requests)
* Uses OpenSSL for TLS/SSL capabilities (if supported by linked APR
library)
* FIPS 140-2 support for TLS/SSL (if supported by linked OpenSSL
library)
* Support for IPv4, IPv6 and Unix Domain Sockets
%prep
%setup -q -n tomcat-native-%{version}-src
%build
cd native
%configure \
--with-apr=%{_bindir}/apr-1-config \
--with-java-home=%{java_home} \
--with-java-platform=2
%make_build
%install
make -C native install DESTDIR=%{buildroot}
install -d -m 755 %{buildroot}/%{_includedir}
install -m 644 native/include/* %{buildroot}/%{_includedir}
find %{buildroot} -type f -name "*.la" -delete -print
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%doc CHANGELOG.txt README.txt
%{_libdir}/libtcnative-1.so.*
#bnc#622430 - java expects so files installed
%{_libdir}/libtcnative-1.so
%files devel
%{_includedir}/*
%license LICENSE NOTICE
%changelog

BIN
tomcat-native-1.2.39-src.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIzBAABCgAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAmUVhLsACgkQEMAcWi9g
WecKeA/9Eb3ZkGAs0l3BRxLKxatVGdQj4dKgxMLJxp5zOhuVX7msHmNo80IPQdqh
ZK0OHVbs1sCUCGfET3f6bhPGFLPx5zKN2PVib4PHZRshhbpGyuXwhr9DszMzfF7n
vFdldYA68S61RtgpJyihcBA0bAhR8pq4Eg1WoIjJ/E8mlB1rY9B5Q81uXwHaOlcc
103ppJF5lTRhDno8Rnfvw38e1Dq2FpWa4HQrIEMhbcKmAhHkXHQA2/6oz6DI0Y9f
oRZV2bWS7tWbPGCBL639nKuaLXqUSwv01aLEeLqZD00ELElCrBImb8Hlb7ZwNS5n
cnusV5tgnD4snZFLhpJC9CTYMV/tRNY+bOXDJSQ511XVdsIu0gOaiEplTaATDe4z
JrfWpmu9IsJwQnPLqiqg9dnF5IYpMYwiwNu3bpFD7RX1ae4D8z8nC2Rv9hvgfURN
BkDrt/1utEelsRqH6N6lxoGeSiv/RYyT+OU9idRZRmK8paOIH04kAn/IKptlqSYt
Ue7aHrUxysQGMj7XklU6g4jHIB+6n7R2vtRlu+S237j9zF97Wct8cbLth/5UOwyb
nfLMcLqVIn/geDOWn+hKqMfjltrinH2L7kYNOR6ao7OWGjPLEn4wD43SAVLm7vXH
1MRAQG32O1oh6mVQROwLU2KD5UM1e4LQew4R39zb+TBYAMsAzxQ=
=VA+0
-----END PGP SIGNATURE-----