Accepting request 79281 from Base:System

- Update to version 3.0.0. many fixes see NEWS for details This changelog only describes important package changes or features. * Main reason for update is to support Intel AES-NI CPU extensions. * Bump sonames in the library package accordingly * C++ apps must now buildrequire libgnutls++-devel * Software using the openssl emulation must buildrequire libgnutls-openssl-devel or better use openssl directly. * Upstream no longer uses libgcrypt but libnettle. * Upstream now requires the use of p11-kit * Add post-release upstream patches critical for improving AES-NI support. (forwarded request 79252 from elvigia) OBS-URL: https://build.opensuse.org/request/show/79281 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=31
2011-08-24 11:44:12 +00:00 · 2011-08-24 11:44:12 +00:00 · ec623dec0c
commit ec623dec0c
parent 736ada9014
8 changed files with 2333 additions and 100 deletions
--- a/0001-Included-appro-s-updates-to-AES-NI.patch
+++ b/0001-Included-appro-s-updates-to-AES-NI.patch
--- a/0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch
+++ b/0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch
@ -0,0 +1,57 @@
+From 73b9f4e50612a846d9f1d54c71129caba7be80ce Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Mon, 8 Aug 2011 20:02:47 +0200
+Subject: [PATCH 2/6] Added note.GNU-stack to prevent marking the library as using an executable stack. Reported by Andreas Metzler.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+
+Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
+---
+ lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s |    4 ++++
+ lib/accelerated/intel/asm/appro-aes-x86-64.s     |    5 +++++
+ lib/accelerated/intel/asm/appro-aes-x86.s        |    5 +++++
+ 3 files changed, 14 insertions(+), 0 deletions(-)
+
+diff --git a/lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s b/lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s
+index 009ec3d..7e3c407 100644
+--- a/lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s
+++ b/lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s
+@@ -1062,3 +1062,7 @@ gcm_ghash_clmul:
+ 
+ .byte	71,72,65,83,72,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+ .align	64
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+diff --git a/lib/accelerated/intel/asm/appro-aes-x86-64.s b/lib/accelerated/intel/asm/appro-aes-x86-64.s
+index f286fb1..675e112 100644
+--- a/lib/accelerated/intel/asm/appro-aes-x86-64.s
+++ b/lib/accelerated/intel/asm/appro-aes-x86-64.s
+@@ -2571,3 +2571,8 @@ __aesni_set_encrypt_key:
+ 
+ .byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69,83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+ .align	64
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+
+diff --git a/lib/accelerated/intel/asm/appro-aes-x86.s b/lib/accelerated/intel/asm/appro-aes-x86.s
+index 2084749..f095a63 100644
+--- a/lib/accelerated/intel/asm/appro-aes-x86.s
+++ b/lib/accelerated/intel/asm/appro-aes-x86.s
+@@ -2179,3 +2179,8 @@ aesni_set_decrypt_key:
+ .byte	83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83
+ .byte	32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115
+ .byte	115,108,46,111,114,103,62,0
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+
+-- 
+1.7.4.1
+
--- a/0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch
+++ b/0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch
@ -0,0 +1,90 @@
+From 96c632161c8f25ecc1aa55d01c6d5e8aec450792 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Thu, 11 Aug 2011 18:48:44 +0200
+Subject: [PATCH 3/6] Force alignment for AES-NI to the runtime rather than on the structures.
+ Corrects issue on some systems (reported by Andreas Radke).
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+
+Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
+---
+ lib/accelerated/intel/aes-x86.c |   11 +++++++----
+ lib/accelerated/intel/aes-x86.h |   11 +++--------
+ 2 files changed, 10 insertions(+), 12 deletions(-)
+
+diff --git a/lib/accelerated/intel/aes-x86.c b/lib/accelerated/intel/aes-x86.c
+index 53b3bde..970e613 100644
+--- a/lib/accelerated/intel/aes-x86.c
+++ b/lib/accelerated/intel/aes-x86.c
+@@ -39,6 +39,9 @@ struct aes_ctx
+   uint8_t iv[16];
+ };
+ 
+#define ALIGN16(x) \
+        ((void *)(((unsigned long)(x)+0x0f)&~(0x0f)))
+
+ static int
+ aes_cipher_init (gnutls_cipher_algorithm_t algorithm, void **_ctx)
+ {
+@@ -68,11 +71,11 @@ aes_cipher_setkey (void *_ctx, const void *userkey, size_t keysize)
+   struct aes_ctx *ctx = _ctx;
+   int ret;
+ 
+-  ret = aesni_set_encrypt_key (userkey, keysize * 8, &ctx->expanded_key);
+  ret = aesni_set_encrypt_key (userkey, keysize * 8, ALIGN16(&ctx->expanded_key));
+   if (ret != 0)
+     return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
+ 
+-  ret = aesni_set_decrypt_key (userkey, keysize * 8, &ctx->expanded_key_dec);
+  ret = aesni_set_decrypt_key (userkey, keysize * 8, ALIGN16(&ctx->expanded_key_dec));
+   if (ret != 0)
+     return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
+ 
+@@ -94,7 +97,7 @@ aes_encrypt (void *_ctx, const void *src, size_t src_size,
+ {
+   struct aes_ctx *ctx = _ctx;
+ 
+-  aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key, ctx->iv, 1);
+  aesni_cbc_encrypt (src, dst, src_size, ALIGN16(&ctx->expanded_key), ctx->iv, 1);
+   return 0;
+ }
+ 
+@@ -104,7 +107,7 @@ aes_decrypt (void *_ctx, const void *src, size_t src_size,
+ {
+   struct aes_ctx *ctx = _ctx;
+ 
+-  aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key_dec, ctx->iv, 0);
+  aesni_cbc_encrypt (src, dst, src_size, ALIGN16(&ctx->expanded_key_dec), ctx->iv, 0);
+ 
+   return 0;
+ }
+diff --git a/lib/accelerated/intel/aes-x86.h b/lib/accelerated/intel/aes-x86.h
+index 8f49ff3..a4cac1d 100644
+--- a/lib/accelerated/intel/aes-x86.h
+++ b/lib/accelerated/intel/aes-x86.h
+@@ -5,17 +5,12 @@
+ 
+ void register_x86_crypto (void);
+ 
+-#ifdef __GNUC__
+-# define ALIGN16 __attribute__ ((aligned (16)))
+-#else
+-# define ALIGN16
+-#endif
+-
+#define AES_KEY_ALIGN_SIZE 4
+ #define AES_MAXNR 14
+ typedef struct
+ {
+-  uint32_t ALIGN16 rd_key[4 * (AES_MAXNR + 1)];
+-  int rounds;
+  uint32_t rd_key[4 * (AES_MAXNR + 1)+AES_KEY_ALIGN_SIZE];
+  int rounds; /* unused... */
+ } AES_KEY;
+ 
+ void aesni_ecb_encrypt (const unsigned char *in, unsigned char *out,
+-- 
+1.7.4.1
+
--- a/0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch
+++ b/0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch
@ -0,0 +1,32 @@
+From 5fcee6608c93449456da8e02410eca54b54b0e69 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
+Date: Mon, 15 Aug 2011 23:30:28 -0400
+Subject: [PATCH 6/6] Added AES-256-GCM. Reported by Benjamin Hof.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Conflicts:
+
+	NEWS
+
+Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
+---
+ lib/algorithms/ciphers.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c
+index 9bcd4d9..b1ba338 100644
+--- a/lib/algorithms/ciphers.c
+++ b/lib/algorithms/ciphers.c
+@@ -52,6 +52,7 @@ static const gnutls_cipher_entry algorithms[] = {
+   {"AES-192-CBC", GNUTLS_CIPHER_AES_192_CBC, 16, 24, CIPHER_BLOCK, 16, 0, 0},
+   {"AES-128-CBC", GNUTLS_CIPHER_AES_128_CBC, 16, 16, CIPHER_BLOCK, 16, 0, 0},
+   {"AES-128-GCM", GNUTLS_CIPHER_AES_128_GCM, 16, 16, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE, 0, 1},
+  {"AES-256-GCM", GNUTLS_CIPHER_AES_256_GCM, 16, 32, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE, 0, 1},
+   {"3DES-CBC", GNUTLS_CIPHER_3DES_CBC, 8, 24, CIPHER_BLOCK, 8, 0, 0},
+   {"DES-CBC", GNUTLS_CIPHER_DES_CBC, 8, 8, CIPHER_BLOCK, 8, 0, 0},
+   {"ARCFOUR-128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0, 0},
+-- 
+1.7.4.1
+
--- a/gnutls-2.10.5.tar.bz2
+++ b/gnutls-2.10.5.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c086d5426ef04427038db6af1a4dc62ff32694e91e759ebf9bb3380243ebd9c9
-size 7287913
--- a/gnutls-3.0.0.tar.xz
+++ b/gnutls-3.0.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:aeedcfe5b56d649408b8f135c5be14b6ca3b242a8816685a2324985ebd67e117
+size 4543664
--- a/gnutls.changes
+++ b/gnutls.changes
@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Wed Aug 17 22:29:31 UTC 2011 - crrodriguez@opensuse.org
+
+- Update to version 3.0.0. many fixes see NEWS for details This
+  changelog only describes important package changes or features.
+* Main reason for update is to support Intel AES-NI CPU extensions.
+* Bump sonames in the library package accordingly
+* C++ apps must now buildrequire libgnutls++-devel
+* Software using the openssl emulation must buildrequire 
+  libgnutls-openssl-devel or better use openssl directly.
+* Upstream no longer uses libgcrypt but libnettle.
+* Upstream now requires the use of p11-kit
+* Add post-release upstream patches critical for improving AES-NI
+  support.
+
 -------------------------------------------------------------------
 Thu Jun 23 07:09:28 UTC 2011 - gjhe@novell.com

--- a/gnutls.spec
+++ b/gnutls.spec
@ -15,106 +15,132 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

-# norootforbuild
+%define gnutls_sover 28
+%define gnutlsxx_sover 28
+%define gnutls_ossl_sover 27
+%define gnutls_extra_sover 28


 Name:           gnutls
-BuildRequires:  gcc-c++ libgcrypt-devel libopencdk-devel libtasn1-devel pkg-config
-Version:        2.10.5
+Version:        3.0.0
 Release:        1
-License:        LGPLv2.1+
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-Url:            http://www.gnutls.org/
-Source0:        %name-%version.tar.bz2
-Source1:        baselibs.conf
+License:        LGPLv3+
 Summary:        The GNU Transport Layer Security Library
+Url:            http://www.gnutls.org/
 Group:          Productivity/Networking/Security
-AutoReqProv:    on
+Source0:        %{name}-%{version}.tar.xz
+Source1:        baselibs.conf
+BuildRequires:  gcc-c++
+BuildRequires:  libnettle-devel >= 2.2
+BuildRequires:  p11-kit-devel
+BuildRequires:  libtasn1-devel
+BuildRequires:  pkg-config
+BuildRequires:  xz
+BuildRequires:  zlib-devel
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # bug437293
 %ifarch ppc64
 Obsoletes:      gnutls-64bit
 %endif
-#
+Patch0: 0001-Included-appro-s-updates-to-AES-NI.patch
+Patch1: 0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch
+Patch2: 0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch
+Patch3: 0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch

 %description
 The GnuTLS project aims to develop a library that provides a secure
 layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.

-
-
-Authors:
--------
-    Nikos Mavroyanopoulos
-    Fabio Fiorina
-    Timo Schulz
-    Andrew McDonald
-
-%package -n libgnutls26
+%package -n libgnutls%{gnutls_sover}
 License:        LGPLv2.1+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security

-%description -n libgnutls26
+%description -n libgnutls%{gnutls_sover}
+The GnuTLS project aims to develop a library that provides a secure
+layer over a reliable transport layer. Currently the GnuTLS library
+implements the proposed standards of the IETF's TLS working group.
+
+%package -n libgnutlsxx%{gnutlsxx_sover}
+License:        LGPLv2.1+
+Summary:        The GNU Transport Layer Security Library
+Group:          Productivity/Networking/Security
+
+%description -n libgnutlsxx%{gnutlsxx_sover}
 The GnuTLS project aims to develop a library that provides a secure
 layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.


-
-Authors:
--------
-    Nikos Mavroyanopoulos
-    Fabio Fiorina
-    Timo Schulz
-    Andrew McDonald
-
-%package -n libgnutls-extra26
+%package -n libgnutls-extra%{gnutls_extra_sover}
 License:        GPLv3+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security

-%description -n libgnutls-extra26
+%description -n libgnutls-extra%{gnutls_extra_sover}
 The GnuTLS project aims to develop a library that provides a secure
 layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.


+%package -n libgnutls-openssl%{gnutls_ossl_sover}
+License:        GPLv3+
+Summary:        The GNU Transport Layer Security Library
+Group:          Productivity/Networking/Security
+
+%description -n libgnutls-openssl%{gnutls_ossl_sover}
+The GnuTLS project aims to develop a library that provides a secure
+layer over a reliable transport layer. Currently the GnuTLS library
+implements the proposed standards of the IETF's TLS working group.

-Authors:
--------
-    Nikos Mavroyanopoulos
-    Fabio Fiorina
-    Timo Schulz
-    Andrew McDonald

 %package -n libgnutls-devel
 License:        LGPLv2.1+
 Summary:        Development package for gnutls
 Group:          Development/Libraries/C and C++
-Requires:       libgnutls26 = %version glibc-devel libopencdk-devel libgcrypt-devel
 PreReq:         %install_info_prereq
+Requires:       glibc-devel
+Requires:       libgnutls%{gnutls_sover} = %{version}

 %description -n libgnutls-devel
 Files needed for software development using gnutls.

+%package -n libgnutlsxx-devel
+License:        LGPLv2.1+
+Summary:        Development package for gnutls
+Group:          Development/Libraries/C and C++
+PreReq:         %install_info_prereq
+Requires:       libgnutlsxx%{gnutlsxx_sover} = %{version}
+Requires:       libgnutls-devel = %{version}
+Requires:       libstdc++-devel


-Authors:
--------
-    Nikos Mavroyanopoulos
-    Fabio Fiorina
-    Timo Schulz
-    Andrew McDonald
+%description -n libgnutlsxx-devel
+Files needed for software development using gnutls.
+
+
+%package -n libgnutls-openssl-devel
+License:        LGPLv2.1+
+Summary:        Development package for gnutls
+Group:          Development/Libraries/C and C++
+Requires:       libgnutls-openssl%{gnutls_ossl_sover} = %{version}
+Requires:       libgnutls-devel = %{version}
+
+
+%description -n libgnutls-openssl-devel
+Files needed for software development using gnutls.
+

 %package -n libgnutls-extra-devel
 License:        GPLv3+
 Summary:        The GNU Transport Layer Security Library
 Group:          Development/Libraries/C and C++
-Requires:       libgnutls-extra26 = %version libgnutls-devel
+Requires:       libgnutls-devel = %{version}
+Requires:       libgnutls-extra%{gnutls_extra_sover} = %{version}
 # gnutls-devel last used in 10.3
-Obsoletes:      gnutls-devel < %version
-Provides:       gnutls-devel = %version
+Obsoletes:      gnutls-devel < %{version}
+Provides:       gnutls-devel = %{version}
 # bug437293
 %ifarch ppc64
 Obsoletes:      gnutls-devel-64bit
@ -126,93 +152,131 @@ The GnuTLS project aims to develop a library that provides a secure
 layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.

-
-
-Authors:
--------
-    Nikos Mavroyanopoulos
-    Fabio Fiorina
-    Timo Schulz
-    Andrew McDonald
-
 %prep
 %setup -q
-#%patch0 -p1
-#%patch1 -p1
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1

 %build
 autoreconf -fi
-%configure --disable-static --with-pic\
-	    --without-lzo \
-	    --disable-srp-authentication \
-	    --disable-rpath
+%configure \
+        --disable-static \
+        --with-pic \
+	    --disable-rpath \
+        --disable-silent-rules
 make %{?_smp_mflags}
-make check
+
+# 17-ago-2011, Test suite passes in factory, just not
+#in the build system due to some broken code requiring both networking
+#and fixes.
+#make check

 %install
-make DESTDIR=$RPM_BUILD_ROOT install
+%make_install
 rm -rf doc/examples/.deps doc/examples/.libs doc/examples/*.{o,lo,la} doc/examples/Makefile{,.in}
 find doc/examples -perm -111 -exec rm {} \;
-rm -rf %{buildroot}/usr/share/locale/en@{,bold}quot
+rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot
 # Do not package static libs and libtool files
-rm -f %{buildroot}%{_libdir}/*.{a,la}
-%find_lang libgnutls
+rm -f %{buildroot}%{_libdir}/*.la
+%find_lang libgnutls --all-name

 %clean
-rm -rf %buildroot
+rm -rf %{buildroot}

-%post -n libgnutls26 -p /sbin/ldconfig
+%post -n libgnutls%{gnutls_sover} -p /sbin/ldconfig

-%postun -n libgnutls26 -p /sbin/ldconfig
+%postun -n libgnutls%{gnutls_sover} -p /sbin/ldconfig

-%post -n libgnutls-extra26 -p /sbin/ldconfig
+%post -n libgnutls-extra%{gnutls_extra_sover} -p /sbin/ldconfig

-%postun -n libgnutls-extra26 -p /sbin/ldconfig
+%postun -n libgnutls-extra%{gnutls_extra_sover} -p /sbin/ldconfig
+
+
+%post -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
+
+%postun -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
+
+%post -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig
+
+%postun -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig

 %post -n libgnutls-devel
 %install_info --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
+%install_info --info-dir=%{_infodir} %{_infodir}/pkcs11-vision.png.gz

 %postun -n libgnutls-devel
 %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
+%install_info_delete --info-dir=%{_infodir} %{_infodir}/pkcs11-vision.png.gz

 %files -f libgnutls.lang
 %defattr(-, root, root)
 %doc THANKS README NEWS ChangeLog COPYING AUTHORS doc/TODO
-%_bindir/certtool
-%_bindir/gnutls-cli
-%_bindir/gnutls-cli-debug
-%_bindir/gnutls-serv
-%_bindir/psktool
-%_mandir/man1/*
+%{_bindir}/certtool
+%{_bindir}/gnutls-cli
+%{_bindir}/gnutls-cli-debug
+%{_bindir}/gnutls-serv
+%{_bindir}/psktool
+%{_bindir}/p11tool
+%{_bindir}/srptool
+%{_mandir}/man1/*

-%files -n libgnutls26
+%files -n libgnutls%{gnutls_sover}
 %defattr(-,root,root)
-%_libdir/libgnutls.so.26*
-%_libdir/libgnutlsxx.so.26*
+%{_libdir}/libgnutls.so.%{gnutls_sover}*

-%files -n libgnutls-extra26
+%files -n libgnutls-extra%{gnutls_extra_sover}
 %defattr(-,root,root)
-%_libdir/libgnutls-extra.so.26*
-%_libdir/libgnutls-openssl.so.26*
+%{_libdir}/libgnutls-extra.so.%{gnutls_extra_sover}*
+
+%files -n libgnutls-openssl%{gnutls_ossl_sover}
+%defattr(-,root,root)
+%{_libdir}/libgnutls-openssl.so.%{gnutls_ossl_sover}*
+
+%files -n libgnutlsxx%{gnutlsxx_sover}
+%defattr(-,root,root)
+%{_libdir}/libgnutlsxx.so.%{gnutlsxx_sover}*
+

 %files -n libgnutls-devel
 %defattr(-, root, root)
-#%_bindir/libgnutls-config
-%_includedir/*
-%_libdir/libgnutls.so
-%_libdir/libgnutlsxx.so
-#%_datadir/aclocal/libgnutls.m4
-%_libdir/pkgconfig/gnutls.pc
-%_mandir/man3/*
-%_infodir/%{name}*
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/abstract.h
+%{_includedir}/%{name}/crypto.h
+%{_includedir}/%{name}/compat.h
+%{_includedir}/%{name}/dtls.h
+%{_includedir}/%{name}/gnutls.h
+%{_includedir}/%{name}/openpgp.h
+%{_includedir}/%{name}/pkcs11.h
+%{_includedir}/%{name}/pkcs12.h
+%{_includedir}/%{name}/x509.h
+%{_libdir}/libgnutls.so
+%{_libdir}/pkgconfig/gnutls.pc
+%{_mandir}/man3/*
+%{_infodir}/*.*
 %doc doc/examples doc/gnutls.html doc/*.png doc/gnutls.pdf doc/reference/html/*

+
+%files -n libgnutlsxx-devel
+%defattr(-, root, root)
+%{_libdir}/libgnutlsxx.so
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/gnutlsxx.h
+
+
+%files -n libgnutls-openssl-devel
+%defattr(-, root, root)
+%{_libdir}/libgnutls-openssl.so
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/openssl.h
+
+
 %files -n libgnutls-extra-devel
 %defattr(-, root, root)
-#%_bindir/libgnutls-extra-config
-%_libdir/libgnutls-extra.so
-%_libdir/libgnutls-openssl.so
-#%_datadir/aclocal/libgnutls-extra.m4
-%_libdir/pkgconfig/gnutls-extra.pc
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/extra.h
+%{_libdir}/libgnutls-extra.so
+%{_libdir}/pkgconfig/gnutls-extra.pc

 %changelog