1
0
forked from pool/Botan
Botan/Botan.spec
Adam Majer 8b274fb891 Accepting request 531133 from home:dmolkentin:branches:devel:libraries:c_c++
- Update to 1.10.17
  - Address a side channel affecting modular exponentiation. An attacker
    capable of a local or cross-VM cache analysis attack may be able to recover
    bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround
    a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function.
    (GH #1192 #1148 #882, bsc#1060433)
  - Add SecureVector::data() function which returns the start of the buffer.
    This makes it slightly simpler to support both 1.10 and 2.x APIs in the
    same codebase.  When compiled by a C++11 (or later) compiler, a template
    typedef of SecureVector, secure_vector, is added. In 2.x this class is a
    std::vector with a custom allocator, so has a somewhat different interface
    than SecureVector in 1.10. But this makes it slightly simpler to support
    both 1.10 and 2.x APIs in the same codebase.
  - Fix a bug that prevented configure.py from running under Python3
  - Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will
    #error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against
    1.1 or later. (GH #753)
  - Import patches from Debian adding basic support for
    building on aarch64, ppc64le, or1k, and mipsn32 platforms.
  * obsoletes CVE-2017-14737.patch
  * refreshes aarch64-support.patch
  * drop ppc64le-support.patch for upstream version
    (disables altivec support as per concerns by upstream)

- Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA
  implementation allows local attacker to recover information about RSA secret
  keys.
  * add CVE-2017-14737.patch

OBS-URL: https://build.opensuse.org/request/show/531133
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=71
2017-10-04 12:14:40 +00:00

139 lines
4.2 KiB
RPMSpec

#
# spec file for package Botan
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define version_suffix 1_10-1
%define short_version 1.10
Name: Botan
Version: 1.10.17
Release: 0
Summary: A C++ Crypto Library
License: BSD-2-Clause
Group: Development/Libraries/C and C++
Url: http://botan.randombit.net
Source0: http://botan.randombit.net/releases/%{name}-%{version}.tgz
Source1: http://botan.randombit.net/releases/%{name}-%{version}.tgz.asc
Source2: %{name}.keyring
Source3: baselibs.conf
Patch0: Botan-inttypes.patch
Patch1: Botan-ull_constants.patch.bz2
Patch2: Botan-fix_install_paths.patch
Patch4: Botan-no-buildtime.patch
Patch6: Botan-fix_pkgconfig.patch
Patch7: dont-set-mach-value.diff
Patch8: aarch64-support.patch
Patch10: no-cpuid-header.patch
BuildRequires: bzip2 >= 1.0.2
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.1
BuildRequires: libbz2-devel
# Botan 1.x doesn't build with OpenSSL 1.1, so explicitly require OpenSSL 1.0.x
%if %{suse_version} < 1330
BuildRequires: openssl-devel
%else
BuildRequires: libopenssl-1_0_0-devel
%endif
BuildRequires: pkg-config
BuildRequires: python
BuildRequires: zlib-devel
Requires: bzip2 >= 1.0.2
Requires: gmp >= 4.1
Requires: zlib
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
%package -n libbotan-%{version_suffix}
Summary: A C++ Crypto Library
Group: Development/Libraries/C and C++
%description -n libbotan-%{version_suffix}
Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
%package -n libbotan-devel
%define botan_docdir %{_docdir}/%{name}-%{version}
Summary: Development files for Botan
Group: Development/Libraries/C and C++
Requires: gmp-devel >= 4.1
Requires: libbotan-%{version_suffix} = %{version}
Requires: libbz2-devel
Provides: Botan-devel = %{version}
Obsoletes: Botan-devel < %{version}
%description -n libbotan-devel
This package contains the header files and libraries needed to develop
programs that use the Botan library.
%prep
%setup -q
%patch0
%patch1
%patch2
%patch4
%patch6
%patch7 -p1
%patch8 -p1
%if 0%{?suse_version} == 1110
%patch10 -p1
%endif
%build
export RPM_OPT_FLAGS
./configure.py \
--prefix=%{_prefix} \
--libdir=%{_libdir} \
--docdir=%{_defaultdocdir} \
--includedir=%{_includedir} \
--with-bzip2 \
--with-zlib \
--with-gnump \
--with-openssl \
--with-tr1-implementation=system \
--cpu=%{_target_cpu}
make %{?_smp_mflags} WARN_FLAGS="%{optflags}"
%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}
rm -f %{buildroot}/%{_libdir}/libbotan*.a
%post -n libbotan-%{version_suffix} -p /sbin/ldconfig
%postun -n libbotan-%{version_suffix} -p /sbin/ldconfig
%files -n libbotan-%{version_suffix}
%defattr(-,root,root)
%docdir %{botan_docdir}
%{botan_docdir}
%{_libdir}/libbotan-%{short_version}.so.*
%files -n libbotan-devel
%defattr(-,root,root)
%{_libdir}/libbotan-%{short_version}.so
%{_libdir}/pkgconfig/botan-%{short_version}.pc
%{_includedir}/botan-%{short_version}
%{_bindir}/botan-config-%{short_version}
%changelog