62fa285feb
- Updated to 3.4.1 (released 2015-05-03) ** libgnutls: gnutls_certificate_get_ours: will return the certificate even if a callback was used to send it. ** libgnutls: Check for invalid length in the X.509 version field. Without the check certificates with invalid length would be detected as having an arbitrary version. Reported by Hanno Böck. ** libgnutls: Handle DNS name constraints with a leading dot. Patch by Fotis Loukos. ** libgnutls: Updated system-keys support for windows to compile in more versions of mingw. Patch by Tim Kosse. ** libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by Karthikeyan Bhargavan [GNUTLS-SA-2015-2]. bsc#929690 ** libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout by default. That caused issues with non-blocking programs. ** certtool: It can generate SHA256 key IDs. ** gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos. ** API and ABI modifications: gnutls_x509_crt_get_pk_ecc_raw: Added - gnutls-fix-double-mans.patch: fixed upstream OBS-URL: https://build.opensuse.org/request/show/305469 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=85
332 lines
9.7 KiB
RPMSpec
332 lines
9.7 KiB
RPMSpec
#
|
|
# spec file for package gnutls
|
|
#
|
|
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define gnutls_sover 30
|
|
%define gnutlsxx_sover 28
|
|
%bcond_without gnutls_openssl_compat
|
|
%if %{with gnutls_openssl_compat}
|
|
%define gnutls_ossl_sover 27
|
|
%endif
|
|
%bcond_with dane
|
|
%if %{with dane}
|
|
%define gnutls_dane_sover 0
|
|
%endif
|
|
%bcond_with tpm
|
|
|
|
Name: gnutls
|
|
Version: 3.4.1
|
|
Release: 0
|
|
Summary: The GNU Transport Layer Security Library
|
|
License: LGPL-2.1+ and GPL-3.0+
|
|
Group: Productivity/Networking/Security
|
|
Url: http://www.gnutls.org/
|
|
Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/%{name}-%{version}.tar.xz
|
|
# signature is checked by source services.
|
|
Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/%{name}-%{version}.tar.xz.sig
|
|
Source2: %name.keyring
|
|
Source3: baselibs.conf
|
|
|
|
BuildRequires: automake
|
|
BuildRequires: gcc-c++
|
|
BuildRequires: libidn-devel
|
|
BuildRequires: libnettle-devel >= 3.1
|
|
BuildRequires: libtasn1-devel >= 4.3
|
|
BuildRequires: libtool
|
|
%if %{with tpm}
|
|
BuildRequires: trousers-devel
|
|
%endif
|
|
%if %{with dane}
|
|
BuildRequires: unbound-devel
|
|
Requires: libgnutls-dane%{gnutls_dane_sover} = %{version}
|
|
%endif
|
|
# disabled ppc - valgrind crashes on email cert tests currently. Marcus 20150413
|
|
# disabled armv7l - valgrind appears to mishandle some insns
|
|
%ifnarch armv7hl
|
|
%ifarch %ix86 x86_64 ppc64 s390x ppc64le %arm aarch64
|
|
BuildRequires: valgrind
|
|
%endif
|
|
%endif
|
|
%if %suse_version >= 1230
|
|
BuildRequires: makeinfo
|
|
%endif
|
|
BuildRequires: p11-kit-devel >= 0.23.1
|
|
BuildRequires: pkg-config
|
|
BuildRequires: xz
|
|
BuildRequires: zlib-devel
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
|
|
%description
|
|
The GnuTLS project aims to develop a library that provides a secure
|
|
layer over a reliable transport layer. Currently the GnuTLS library
|
|
implements the proposed standards of the IETF's TLS working group.
|
|
|
|
%package -n libgnutls%{gnutls_sover}
|
|
Summary: The GNU Transport Layer Security Library
|
|
License: LGPL-2.1+
|
|
Group: Productivity/Networking/Security
|
|
|
|
%description -n libgnutls%{gnutls_sover}
|
|
The GnuTLS project aims to develop a library that provides a secure
|
|
layer over a reliable transport layer. Currently the GnuTLS library
|
|
implements the proposed standards of the IETF's TLS working group.
|
|
|
|
%if %{with dane}
|
|
%package -n libgnutls-dane%{gnutls_dane_sover}
|
|
Summary: The GNU Transport Layer Security Library
|
|
License: LGPL-2.1+
|
|
Group: Productivity/Networking/Security
|
|
|
|
%description -n libgnutls-dane%{gnutls_dane_sover}
|
|
The GnuTLS project aims to develop a library that provides a secure
|
|
layer over a reliable transport layer.
|
|
This package contains the "DANE" part of gnutls.
|
|
%endif
|
|
|
|
%package -n libgnutlsxx%{gnutlsxx_sover}
|
|
Summary: The GNU Transport Layer Security Library
|
|
License: LGPL-2.1+
|
|
Group: Productivity/Networking/Security
|
|
|
|
%description -n libgnutlsxx%{gnutlsxx_sover}
|
|
The GnuTLS project aims to develop a library that provides a secure
|
|
layer over a reliable transport layer. Currently the GnuTLS library
|
|
implements the proposed standards of the IETF's TLS working group.
|
|
|
|
%if %{with gnutls_openssl_compat}
|
|
|
|
%package -n libgnutls-openssl%{gnutls_ossl_sover}
|
|
Summary: The GNU Transport Layer Security Library
|
|
License: GPL-3.0+
|
|
Group: Productivity/Networking/Security
|
|
|
|
%description -n libgnutls-openssl%{gnutls_ossl_sover}
|
|
The GnuTLS project aims to develop a library that provides a secure
|
|
layer over a reliable transport layer. Currently the GnuTLS library
|
|
implements the proposed standards of the IETF's TLS working group.
|
|
|
|
%endif
|
|
|
|
%package -n libgnutls-devel
|
|
Summary: Development package for gnutls
|
|
License: LGPL-2.1+
|
|
Group: Development/Libraries/C and C++
|
|
PreReq: %install_info_prereq
|
|
Requires: glibc-devel
|
|
Requires: libgnutls%{gnutls_sover} = %{version}
|
|
%if %{with dane}
|
|
Requires: libgnutls-dane%{gnutls_dane_sover} = %{version}
|
|
%endif
|
|
Provides: gnutls-devel = %{version}-%{release}
|
|
|
|
%description -n libgnutls-devel
|
|
Files needed for software development using gnutls.
|
|
|
|
%package -n libgnutlsxx-devel
|
|
Summary: Development package for gnutls
|
|
License: LGPL-2.1+
|
|
Group: Development/Libraries/C and C++
|
|
PreReq: %install_info_prereq
|
|
Requires: libgnutls-devel = %{version}
|
|
Requires: libgnutlsxx%{gnutlsxx_sover} = %{version}
|
|
Requires: libstdc++-devel
|
|
|
|
%description -n libgnutlsxx-devel
|
|
Files needed for software development using gnutls.
|
|
|
|
|
|
%package -n libgnutls-openssl-devel
|
|
Summary: Development package for gnutls
|
|
License: GPL-3.0+
|
|
Group: Development/Libraries/C and C++
|
|
Requires: libgnutls-devel = %{version}
|
|
%if %{with gnutls_openssl_compat}
|
|
Requires: libgnutls-openssl%{gnutls_ossl_sover} = %{version}
|
|
%endif
|
|
|
|
%description -n libgnutls-openssl-devel
|
|
Files needed for software development using gnutls.
|
|
|
|
|
|
%prep
|
|
%setup -q
|
|
|
|
%build
|
|
export LDFLAGS="-pie"
|
|
export CFLAGS="$RPM_OPT_FLAGS -fPIE"
|
|
export CXXFLAGS="$RPM_OPT_FLAGS -fPIE"
|
|
autoreconf -if
|
|
%configure \
|
|
gl_cv_func_printf_directive_n=yes \
|
|
gl_cv_func_printf_infinite_long_double=yes \
|
|
--disable-static \
|
|
--with-pic \
|
|
--disable-rpath \
|
|
--disable-srp \
|
|
--disable-silent-rules \
|
|
--with-default-trust-store-dir=/var/lib/ca-certificates/pem \
|
|
--with-sysroot=/%{?_sysroot} \
|
|
%if %{without tpm}
|
|
--without-tpm \
|
|
%endif
|
|
%if %{with dane}
|
|
--with-unbound-root-key-file=/var/lib/unbound/root.key \
|
|
%else
|
|
--disable-libdane \
|
|
%endif
|
|
%if %{with gnutls_openssl_compat}
|
|
--enable-openssl-compatibility \
|
|
%endif
|
|
%{nil}
|
|
%__make
|
|
|
|
%install
|
|
%make_install
|
|
rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot
|
|
# Do not package static libs and libtool files
|
|
rm -f %{buildroot}%{_libdir}/*.la
|
|
|
|
# install docs
|
|
%__mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/
|
|
%__cp doc/gnutls.html doc/*.png doc/gnutls.pdf %{buildroot}%{_docdir}/libgnutls-devel/
|
|
%__mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/reference
|
|
%__cp doc/reference/html/* %{buildroot}%{_docdir}/libgnutls-devel/reference/
|
|
%__mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/examples
|
|
%__cp doc/examples/*.{c,h} %{buildroot}%{_docdir}/libgnutls-devel/examples/
|
|
|
|
%find_lang libgnutls --all-name
|
|
|
|
%check
|
|
%if ! 0%{?qemu_user_space_build}
|
|
%__make check || {
|
|
find -name test-suite.log -print -exec cat {} \;
|
|
exit 1
|
|
}
|
|
%endif
|
|
|
|
%post -n libgnutls%{gnutls_sover} -p /sbin/ldconfig
|
|
|
|
%postun -n libgnutls%{gnutls_sover} -p /sbin/ldconfig
|
|
|
|
%if %{with dane}
|
|
%post -n libgnutls-dane%{gnutls_dane_sover} -p /sbin/ldconfig
|
|
%postun -n libgnutls-dane%{gnutls_dane_sover} -p /sbin/ldconfig
|
|
%endif
|
|
|
|
%post -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
|
|
|
|
%postun -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
|
|
|
|
%if %{with gnutls_openssl_compat}
|
|
%post -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig
|
|
|
|
%postun -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig
|
|
%endif
|
|
|
|
%post -n libgnutls-devel
|
|
%install_info --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
|
|
|
|
%preun -n libgnutls-devel
|
|
%install_info_delete --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
|
|
|
|
%files -f libgnutls.lang
|
|
%defattr(-, root, root)
|
|
%doc THANKS README NEWS ChangeLog COPYING COPYING.LESSER AUTHORS doc/TODO
|
|
%{_bindir}/certtool
|
|
%{_bindir}/crywrap
|
|
%{_bindir}/gnutls-cli
|
|
%{_bindir}/gnutls-cli-debug
|
|
%{_bindir}/gnutls-serv
|
|
%{_bindir}/ocsptool
|
|
%{_bindir}/psktool
|
|
%{_bindir}/p11tool
|
|
%{_bindir}/srptool
|
|
%if %{with dane}
|
|
%{_bindir}/danetool
|
|
%endif
|
|
%if %{with tpm}
|
|
%{_bindir}/tpmtool
|
|
%endif
|
|
%{_mandir}/man1/*
|
|
|
|
%files -n libgnutls%{gnutls_sover}
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libgnutls.so.%{gnutls_sover}*
|
|
|
|
%if %{with dane}
|
|
%files -n libgnutls-dane%{gnutls_dane_sover}
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libgnutls-dane.so.%{gnutls_dane_sover}*
|
|
%endif
|
|
|
|
%if %{with gnutls_openssl_compat}
|
|
%files -n libgnutls-openssl%{gnutls_ossl_sover}
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libgnutls-openssl.so.%{gnutls_ossl_sover}*
|
|
%endif
|
|
|
|
%files -n libgnutlsxx%{gnutlsxx_sover}
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libgnutlsxx.so.%{gnutlsxx_sover}*
|
|
|
|
%files -n libgnutls-devel
|
|
%defattr(-, root, root)
|
|
%dir %{_includedir}/%{name}
|
|
%{_includedir}/%{name}/abstract.h
|
|
%{_includedir}/%{name}/crypto.h
|
|
%{_includedir}/%{name}/compat.h
|
|
%if %{with dane}
|
|
%{_includedir}/%{name}/dane.h
|
|
%endif
|
|
%{_includedir}/%{name}/dtls.h
|
|
%{_includedir}/%{name}/gnutls.h
|
|
%{_includedir}/%{name}/openpgp.h
|
|
%{_includedir}/%{name}/ocsp.h
|
|
%{_includedir}/%{name}/pkcs11.h
|
|
%{_includedir}/%{name}/pkcs12.h
|
|
%{_includedir}/%{name}/self-test.h
|
|
%{_includedir}/%{name}/x509.h
|
|
%{_includedir}/%{name}/x509-ext.h
|
|
%{_includedir}/%{name}/tpm.h
|
|
%{_includedir}/%{name}/system-keys.h
|
|
%{_includedir}/%{name}/urls.h
|
|
%{_libdir}/libgnutls.so
|
|
%if %{with dane}
|
|
%{_libdir}/libgnutls-dane.so
|
|
%endif
|
|
%{_libdir}/pkgconfig/gnutls.pc
|
|
%if %{with dane}
|
|
%{_libdir}/pkgconfig/gnutls-dane.pc
|
|
%endif
|
|
%{_mandir}/man3/*
|
|
%{_infodir}/*.*
|
|
%doc %{_docdir}/libgnutls-devel
|
|
|
|
%files -n libgnutlsxx-devel
|
|
%defattr(-, root, root)
|
|
%{_libdir}/libgnutlsxx.so
|
|
%dir %{_includedir}/%{name}
|
|
%{_includedir}/%{name}/gnutlsxx.h
|
|
|
|
%files -n libgnutls-openssl-devel
|
|
%defattr(-, root, root)
|
|
%{_libdir}/libgnutls-openssl.so
|
|
%dir %{_includedir}/%{name}
|
|
%{_includedir}/%{name}/openssl.h
|
|
|
|
%changelog
|