gnutls/gnutls.spec

#
# spec file for package gnutls
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


%define gnutls_sover 30
%define gnutlsxx_sover 28
%bcond_without gnutls_openssl_compat
%bcond_without dane
%bcond_with tpm
%bcond_without guile
%if %{with gnutls_openssl_compat}
%define gnutls_ossl_sover 27
%endif
%if %{with dane}
%define gnutls_dane_sover 0
%endif
Name:           gnutls
Version:        3.5.11
Release:        0
Summary:        The GNU Transport Layer Security Library
License:        LGPL-2.1+ and GPL-3.0+
Group:          Productivity/Networking/Security
Url:            http://www.gnutls.org/
Source0:        ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/%{name}-%{version}.tar.xz
# signature is checked by source services.
Source1:        ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/%{name}-%{version}.tar.xz.sig
Source2:        %{name}.keyring
Source3:        baselibs.conf
Patch0:         gnutls-broken-openpgp-tests.patch
BuildRequires:  autogen
BuildRequires:  automake
BuildRequires:  ca-certificates-mozilla
BuildRequires:  datefudge
BuildRequires:  fdupes
BuildRequires:  gcc-c++
BuildRequires:  libidn2-devel
BuildRequires:  libnettle-devel >= 3.1
BuildRequires:  libtasn1-devel >= 4.9
BuildRequires:  libtool
BuildRequires:  libunistring-devel
BuildRequires:  p11-kit-devel >= 0.23.1
BuildRequires:  pkgconfig
BuildRequires:  xz
BuildRequires:  zlib-devel
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} <= 1320
BuildRequires:  net-tools
%else
BuildRequires:  net-tools-deprecated
%endif
%if %{with tpm}
BuildRequires:  trousers-devel
%endif
%if %{with dane}
Requires:       libgnutls-dane%{gnutls_dane_sover} = %{version}
%if 0%{?suse_version} <= 1320
BuildRequires:  unbound-devel
%else
BuildRequires:  libunbound-devel
%endif
%endif
%if %{with guile}
BuildRequires:  guile-devel
%endif
# disabled ppc - valgrind crashes on email cert tests currently. Marcus 20150413
# disabled armv7l - valgrind appears to mishandle some insns
# disabled aarch64 - valgrind mishandles exclusive load/store causing deadlocks
%ifarch %{ix86} x86_64 ppc64 s390x ppc64le
# disabled all, valgrind breaks tests in 3.4.4
#BuildRequires:  valgrind
%endif
%if 0%{?suse_version} >= 1230
BuildRequires:  makeinfo
%endif

%description
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.

%package -n libgnutls%{gnutls_sover}
Summary:        The GNU Transport Layer Security Library
License:        LGPL-2.1+
Group:          Productivity/Networking/Security

%description -n libgnutls%{gnutls_sover}
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.

%if %{with dane}
%package -n libgnutls-dane%{gnutls_dane_sover}
Summary:        The GNU Transport Layer Security Library
License:        LGPL-2.1+
Group:          Productivity/Networking/Security

%description -n libgnutls-dane%{gnutls_dane_sover}
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer.
This package contains the "DANE" part of gnutls.
%endif

%package -n libgnutlsxx%{gnutlsxx_sover}
Summary:        The GNU Transport Layer Security Library
License:        LGPL-2.1+
Group:          Productivity/Networking/Security

%description -n libgnutlsxx%{gnutlsxx_sover}
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.

%if %{with gnutls_openssl_compat}
%package -n libgnutls-openssl%{gnutls_ossl_sover}
Summary:        The GNU Transport Layer Security Library
License:        GPL-3.0+
Group:          Productivity/Networking/Security

%description -n libgnutls-openssl%{gnutls_ossl_sover}
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.

%endif

%package -n libgnutls-devel
Summary:        Development package for gnutls
License:        LGPL-2.1+
Group:          Development/Libraries/C and C++
Requires:       glibc-devel
Requires:       libgnutls%{gnutls_sover} = %{version}
# FIXME: use proper Requires(pre/post/preun/...)
PreReq:         %{install_info_prereq}
Provides:       gnutls-devel = %{version}-%{release}

%description -n libgnutls-devel
Files needed for software development using gnutls.

%if %{with dane}
%package -n libgnutls-dane-devel
Summary:        Development package for gnutls dane
License:        LGPL-2.1+
Group:          Development/Libraries/C and C++
Requires:       libgnutls-dane%{gnutls_dane_sover} = %{version}

%description -n libgnutls-dane-devel
Files needed for software development using gnutls.
%endif

%package -n libgnutlsxx-devel
Summary:        Development package for gnutls
License:        LGPL-2.1+
Group:          Development/Libraries/C and C++
Requires:       libgnutls-devel = %{version}
Requires:       libgnutlsxx%{gnutlsxx_sover} = %{version}
Requires:       libstdc++-devel
# FIXME: use proper Requires(pre/post/preun/...)
PreReq:         %{install_info_prereq}

%description -n libgnutlsxx-devel
Files needed for software development using gnutls.

%package -n libgnutls-openssl-devel
Summary:        Development package for gnutls
License:        GPL-3.0+
Group:          Development/Libraries/C and C++
Requires:       libgnutls-devel = %{version}
%if %{with gnutls_openssl_compat}
Requires:       libgnutls-openssl%{gnutls_ossl_sover} = %{version}
%endif

%description -n libgnutls-openssl-devel
Files needed for software development using gnutls.

%if %{with guile}
%package guile
Summary:        Guile wrappers for gnutls
License:        LGPL-2.1+
Group:          Development/Libraries/Other
Requires:       guile

%description guile
GnuTLS Wrappers for GNU Guile - dialect of scheme.
%endif

%prep
%setup -q
%patch0 -p1

%build
export LDFLAGS="-pie"
export CFLAGS="%{optflags} -fPIE"
export CXXFLAGS="%{optflags} -fPIE"
autoreconf -if
%configure \
        gl_cv_func_printf_directive_n=yes \
        gl_cv_func_printf_infinite_long_double=yes \
        --disable-static \
        --with-pic \
        --disable-rpath \
        --disable-silent-rules \
	--with-default-trust-store-dir=%{_localstatedir}/lib/ca-certificates/pem \
        --with-sysroot=/%{?_sysroot} \
        --with-guile-site-dir=no \
        --disable-openpgp-authentication \
%if %{without tpm}
        --without-tpm \
%endif
%if %{with dane}
        --with-unbound-root-key-file=%{_localstatedir}/lib/unbound/root.key \
%else
        --disable-libdane \
%endif
%if %{with gnutls_openssl_compat}
	--enable-openssl-compatibility \
%endif
	%{nil}
make %{?_smp_mflags}

%install
%make_install
rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot
# Do not package static libs and libtool files
find %{buildroot} -type f -name "*.la" -delete -print

# install docs
mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/
cp doc/gnutls.html doc/*.png doc/gnutls.pdf %{buildroot}%{_docdir}/libgnutls-devel/
mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/reference
cp doc/reference/html/* %{buildroot}%{_docdir}/libgnutls-devel/reference/
mkdir -p %{buildroot}%{_docdir}/libgnutls-devel/examples
cp doc/examples/*.{c,h} %{buildroot}%{_docdir}/libgnutls-devel/examples/

# PNG files are replaced with the compressed files and that breaks
# deduplication, this is workaround
find %{buildroot}%{_datadir} -name '*.png' -exec gzip -n -9 {} +
rm -rf %{buildroot}/usr/share/doc/gnutls
%fdupes -s %{buildroot}%{_datadir}

%find_lang libgnutls --all-name

%check
%if ! 0%{?qemu_user_space_build}
make %{?_smp_mflags} check || {
    find -name test-suite.log -print -exec cat {} \;
    exit 1
}
%endif

%post -n libgnutls%{gnutls_sover} -p /sbin/ldconfig
%postun -n libgnutls%{gnutls_sover} -p /sbin/ldconfig

%if %{with dane}
%post -n libgnutls-dane%{gnutls_dane_sover} -p /sbin/ldconfig
%postun -n libgnutls-dane%{gnutls_dane_sover} -p /sbin/ldconfig
%endif

%post -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
%postun -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig

%if %{with gnutls_openssl_compat}
%post -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig
%postun -n libgnutls-openssl%{gnutls_ossl_sover} -p /sbin/ldconfig
%endif

%post -n libgnutls-devel
%install_info --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz

%preun -n libgnutls-devel
%install_info_delete --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz

%files -f libgnutls.lang
%defattr(-, root, root)
%doc THANKS README.md NEWS ChangeLog LICENSE AUTHORS doc/TODO
%{_bindir}/certtool
%{_bindir}/gnutls-cli
%{_bindir}/gnutls-cli-debug
%{_bindir}/gnutls-serv
%{_bindir}/ocsptool
%{_bindir}/psktool
%{_bindir}/p11tool
%{_bindir}/srptool
%if %{with dane}
%{_bindir}/danetool
%endif
%if %{with tpm}
%{_bindir}/tpmtool
%endif
%{_mandir}/man1/*

%files -n libgnutls%{gnutls_sover}
%defattr(-,root,root)
%{_libdir}/libgnutls.so.%{gnutls_sover}*

%if %{with dane}
%files -n libgnutls-dane%{gnutls_dane_sover}
%defattr(-,root,root)
%{_libdir}/libgnutls-dane.so.%{gnutls_dane_sover}*
%endif

%if %{with gnutls_openssl_compat}
%files -n libgnutls-openssl%{gnutls_ossl_sover}
%defattr(-,root,root)
%{_libdir}/libgnutls-openssl.so.%{gnutls_ossl_sover}*
%endif

%files -n libgnutlsxx%{gnutlsxx_sover}
%defattr(-,root,root)
%{_libdir}/libgnutlsxx.so.%{gnutlsxx_sover}*

%files -n libgnutls-devel
%defattr(-, root, root)
%dir %{_includedir}/%{name}
%{_includedir}/%{name}/abstract.h
%{_includedir}/%{name}/crypto.h
%{_includedir}/%{name}/compat.h
%{_includedir}/%{name}/dtls.h
%{_includedir}/%{name}/gnutls.h
%{_includedir}/%{name}/openpgp.h
%{_includedir}/%{name}/ocsp.h
%{_includedir}/%{name}/pkcs7.h
%{_includedir}/%{name}/pkcs11.h
%{_includedir}/%{name}/pkcs12.h
%{_includedir}/%{name}/self-test.h
%{_includedir}/%{name}/socket.h
%{_includedir}/%{name}/x509.h
%{_includedir}/%{name}/x509-ext.h
%{_includedir}/%{name}/tpm.h
%{_includedir}/%{name}/system-keys.h
%{_includedir}/%{name}/urls.h
%{_libdir}/libgnutls.so
%{_libdir}/pkgconfig/gnutls.pc
%{_mandir}/man3/*
%{_infodir}/*%{ext_info}
%doc %{_docdir}/libgnutls-devel

%if %{with dane}
%files -n libgnutls-dane-devel
%defattr(-, root, root)
%dir %{_includedir}/%{name}
%{_includedir}/%{name}/dane.h
%{_libdir}/pkgconfig/gnutls-dane.pc
%{_libdir}/libgnutls-dane.so
%endif

%files -n libgnutlsxx-devel
%defattr(-, root, root)
%{_libdir}/libgnutlsxx.so
%dir %{_includedir}/%{name}
%{_includedir}/%{name}/gnutlsxx.h

%files -n libgnutls-openssl-devel
%defattr(-, root, root)
%{_libdir}/libgnutls-openssl.so
%dir %{_includedir}/%{name}
%{_includedir}/%{name}/openssl.h

%if %{with guile}
%files guile
%defattr(-, root, root)
%{_libdir}/guile/*
%{_datadir}/guile/site/gnutls*
%endif

%changelog