forked from pool/libgcrypt
Accepting request 184297 from devel:libraries:c_c++
- port SLE enhancenments to Factory (bnc#831028) * add libgcrypt-unresolved-dladdr.patch (bnc#701267) * add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841) * add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff - install .hmac256.hmac (bnc#704068) - enable varuous new options in configure (m-guard, hmac binary check and random device linux) - build with all ciphers, pubkeys and digest by default as whitelist simply allowed them all - Library must be built with large file support in OBS-URL: https://build.opensuse.org/request/show/184297 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgcrypt?expand=0&rev=35
This commit is contained in:
commit
e73673942c
27
libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
Normal file
27
libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
From: draht@suse.com
|
||||||
|
Subject: LIBGCRYPT_FORCE_FIPS_MODE env
|
||||||
|
|
||||||
|
environ LIBGCRYPT_FORCE_FIPS_MODE forces FIPS mode of libgcrypt
|
||||||
|
|
||||||
|
Index: libgcrypt-1.5.2/src/fips.c
|
||||||
|
===================================================================
|
||||||
|
--- libgcrypt-1.5.2.orig/src/fips.c
|
||||||
|
+++ libgcrypt-1.5.2/src/fips.c
|
||||||
|
@@ -123,6 +123,17 @@ _gcry_initialize_fips_mode (int force)
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* for convenience, so that a process can run fips-enabled, but
|
||||||
|
+ not necessarily all of them, enable FIPS mode via environment
|
||||||
|
+ variable LIBGCRYPT_FORCE_FIPS_MODE. */
|
||||||
|
+
|
||||||
|
+ if (getenv("LIBGCRYPT_FORCE_FIPS_MODE") != NULL)
|
||||||
|
+ {
|
||||||
|
+ gcry_assert (!no_fips_mode_required);
|
||||||
|
+ goto leave;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/* For testing the system it is useful to override the system
|
||||||
|
provided detection of the FIPS mode and force FIPS mode using a
|
||||||
|
file. The filename is hardwired so that there won't be any
|
161
libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
Normal file
161
libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
Normal file
@ -0,0 +1,161 @@
|
|||||||
|
From: draht@suse.com
|
||||||
|
Subject: /etc/gcrypt/rngseed symlink
|
||||||
|
|
||||||
|
logic error in evaluation of routine to open /dev/{u,}random or
|
||||||
|
/etc/gcrypt/rngseed (open_device()) causes abort() in cases where
|
||||||
|
do_randomize(nbytes, level) is called with level == 1
|
||||||
|
(GCRY_STRONG_RANDOM).
|
||||||
|
|
||||||
|
References: bnc#724841
|
||||||
|
https://bugzilla.novell.com/show_bug.cgi?id=724841
|
||||||
|
|
||||||
|
---
|
||||||
|
random/random-csprng.c | 2 +-
|
||||||
|
random/random-fips.c | 10 +++++-----
|
||||||
|
random/rndlinux.c | 48 ++++++++++++++++++++++++++++++++++++++++++------
|
||||||
|
3 files changed, 48 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
Index: libgcrypt-1.5.2/random/random-csprng.c
|
||||||
|
===================================================================
|
||||||
|
--- libgcrypt-1.5.2.orig/random/random-csprng.c
|
||||||
|
+++ libgcrypt-1.5.2/random/random-csprng.c
|
||||||
|
@@ -827,7 +827,7 @@ read_seed_file (void)
|
||||||
|
* entropy drivers, however the rndlinux driver will use
|
||||||
|
* /dev/urandom and return some stuff - Do not read too much as we
|
||||||
|
* want to be friendly to the scare system entropy resource. */
|
||||||
|
- read_random_source ( RANDOM_ORIGIN_INIT, 16, GCRY_WEAK_RANDOM );
|
||||||
|
+ read_random_source ( RANDOM_ORIGIN_INIT, 16, -1 );
|
||||||
|
|
||||||
|
allow_seed_file_update = 1;
|
||||||
|
return 1;
|
||||||
|
Index: libgcrypt-1.5.2/random/random-fips.c
|
||||||
|
===================================================================
|
||||||
|
--- libgcrypt-1.5.2.orig/random/random-fips.c
|
||||||
|
+++ libgcrypt-1.5.2/random/random-fips.c
|
||||||
|
@@ -27,10 +27,10 @@
|
||||||
|
There are 3 random context which map to the different levels of
|
||||||
|
random quality:
|
||||||
|
|
||||||
|
- Generator Seed and Key Kernel entropy (init/reseed)
|
||||||
|
- ------------------------------------------------------------
|
||||||
|
- GCRY_VERY_STRONG_RANDOM /dev/random 256/128 bits
|
||||||
|
- GCRY_STRONG_RANDOM /dev/random 256/128 bits
|
||||||
|
+ Generator Seed and Key Kernel entropy (init/reseed)
|
||||||
|
+ ---------------------------------------------------------------------------------------
|
||||||
|
+ GCRY_VERY_STRONG_RANDOM /etc/gcrypt/rngseed+/dev/urandom 256/128 bits
|
||||||
|
+ GCRY_STRONG_RANDOM /etc/gcrypt/rngseed+/dev/urandom 256/128 bits
|
||||||
|
gcry_create_nonce GCRY_STRONG_RANDOM n/a
|
||||||
|
|
||||||
|
All random generators return their data in 128 bit blocks. If the
|
||||||
|
@@ -562,7 +562,7 @@ get_entropy (size_t nbytes)
|
||||||
|
#if USE_RNDLINUX
|
||||||
|
rc = _gcry_rndlinux_gather_random (entropy_collect_cb, 0,
|
||||||
|
X931_AES_KEYLEN,
|
||||||
|
- GCRY_VERY_STRONG_RANDOM);
|
||||||
|
+ -1);
|
||||||
|
#elif USE_RNDW32
|
||||||
|
do
|
||||||
|
{
|
||||||
|
Index: libgcrypt-1.5.2/random/rndlinux.c
|
||||||
|
===================================================================
|
||||||
|
--- libgcrypt-1.5.2.orig/random/rndlinux.c
|
||||||
|
+++ libgcrypt-1.5.2/random/rndlinux.c
|
||||||
|
@@ -36,7 +36,8 @@
|
||||||
|
#include "g10lib.h"
|
||||||
|
#include "rand-internal.h"
|
||||||
|
|
||||||
|
-static int open_device ( const char *name );
|
||||||
|
+static int open_device ( const char *name, int fatal );
|
||||||
|
+#define NAME_OF_CFG_RNGSEED "/etc/gcrypt/rngseed"
|
||||||
|
|
||||||
|
|
||||||
|
static int
|
||||||
|
@@ -57,13 +58,17 @@ set_cloexec_flag (int fd)
|
||||||
|
* Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists)).
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
-open_device ( const char *name )
|
||||||
|
+open_device ( const char *name, int fatal)
|
||||||
|
{
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
fd = open ( name, O_RDONLY );
|
||||||
|
if ( fd == -1 )
|
||||||
|
- log_fatal ("can't open %s: %s\n", name, strerror(errno) );
|
||||||
|
+ {
|
||||||
|
+ if (fatal)
|
||||||
|
+ log_fatal ("can't open %s: %s\n", name, strerror(errno) );
|
||||||
|
+ return fd;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (set_cloexec_flag (fd))
|
||||||
|
log_error ("error setting FD_CLOEXEC on fd %d: %s\n",
|
||||||
|
@@ -92,10 +97,12 @@ _gcry_rndlinux_gather_random (void (*add
|
||||||
|
{
|
||||||
|
static int fd_urandom = -1;
|
||||||
|
static int fd_random = -1;
|
||||||
|
+ static int fd_configured = -1;
|
||||||
|
int fd;
|
||||||
|
int n;
|
||||||
|
byte buffer[768];
|
||||||
|
size_t n_hw;
|
||||||
|
+ size_t orig_length = length;
|
||||||
|
size_t want = length;
|
||||||
|
size_t last_so_far = 0;
|
||||||
|
int any_need_entropy = 0;
|
||||||
|
@@ -110,16 +117,42 @@ _gcry_rndlinux_gather_random (void (*add
|
||||||
|
length -= n_hw;
|
||||||
|
|
||||||
|
/* Open the requested device. */
|
||||||
|
+
|
||||||
|
+ /* Clarification: path how "level == -1" comes about:
|
||||||
|
+ gcry_random_bytes( ... , GCRY_STRONG_RANDOM) (public) ->
|
||||||
|
+ do_randomize(buffer, nbytes, level) ->
|
||||||
|
+ _gcry_rngcsprng_randomize(buffer, length, level) ->
|
||||||
|
+ read_pool (p, n, level) ->
|
||||||
|
+ read_seed_file(),
|
||||||
|
+ random_poll() ->
|
||||||
|
+ read_random_source(..., ..., GCRY_STRONG_RANDOM),
|
||||||
|
+ read_random_source(... , ..., , -1 ) (note: -1) ->
|
||||||
|
+ slow_gather_fnc(..., ..., ..., level)
|
||||||
|
+ function pointer set by getfnc_gather_random() to
|
||||||
|
+ _gcry_rndlinux_gather_random() , which is here.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ if (level == -1)
|
||||||
|
+ {
|
||||||
|
+ if (fd_configured == -1)
|
||||||
|
+ fd_configured = open_device ( NAME_OF_CFG_RNGSEED, 0 );
|
||||||
|
+ fd = fd_configured;
|
||||||
|
+ if (fd == -1)
|
||||||
|
+ level = 1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+
|
||||||
|
if (level >= 2)
|
||||||
|
{
|
||||||
|
if( fd_random == -1 )
|
||||||
|
- fd_random = open_device ( NAME_OF_DEV_RANDOM );
|
||||||
|
+ fd_random = open_device ( NAME_OF_DEV_RANDOM, 1 );
|
||||||
|
fd = fd_random;
|
||||||
|
}
|
||||||
|
- else
|
||||||
|
+ else if (level != -1)
|
||||||
|
{
|
||||||
|
if( fd_urandom == -1 )
|
||||||
|
- fd_urandom = open_device ( NAME_OF_DEV_URANDOM );
|
||||||
|
+ fd_urandom = open_device ( NAME_OF_DEV_URANDOM, 1 );
|
||||||
|
fd = fd_urandom;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -187,6 +220,9 @@ _gcry_rndlinux_gather_random (void (*add
|
||||||
|
}
|
||||||
|
memset(buffer, 0, sizeof(buffer) );
|
||||||
|
|
||||||
|
+ if (level == -1)
|
||||||
|
+ _gcry_rndlinux_gather_random(add, origin, orig_length, 1);
|
||||||
|
+
|
||||||
|
if (any_need_entropy)
|
||||||
|
_gcry_random_progress ("need_entropy", 'X', (int)want, (int)want);
|
||||||
|
|
23
libgcrypt-unresolved-dladdr.patch
Normal file
23
libgcrypt-unresolved-dladdr.patch
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
From: mvyskocil@suse.cz
|
||||||
|
Subject: unresolved dladdr symbol
|
||||||
|
|
||||||
|
When linking with --as-needed, some symbols are ommited. Add a DL_LIBS for
|
||||||
|
dladdr symbol to fix the issue.
|
||||||
|
|
||||||
|
References: bnc#701267
|
||||||
|
https://bugzilla.novell.com/show_bug.cgi?id=701267
|
||||||
|
Original-name: libgcrypt-1.5.0-as-needed.patch
|
||||||
|
|
||||||
|
Index: libgcrypt-1.5.2/src/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- libgcrypt-1.5.2.orig/src/Makefile.am
|
||||||
|
+++ libgcrypt-1.5.2/src/Makefile.am
|
||||||
|
@@ -110,7 +110,7 @@ libgcrypt_la_LIBADD = $(gcrypt_res) \
|
||||||
|
../cipher/libcipher.la \
|
||||||
|
../random/librandom.la \
|
||||||
|
../mpi/libmpi.la \
|
||||||
|
- ../compat/libcompat.la $(GPG_ERROR_LIBS)
|
||||||
|
+ ../compat/libcompat.la $(GPG_ERROR_LIBS) $(DL_LIBS)
|
||||||
|
|
||||||
|
|
||||||
|
dumpsexp_SOURCES = dumpsexp.c
|
@ -1,3 +1,16 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jul 25 09:15:43 UTC 2013 - mvyskocil@suse.com
|
||||||
|
|
||||||
|
- port SLE enhancenments to Factory (bnc#831028)
|
||||||
|
* add libgcrypt-unresolved-dladdr.patch (bnc#701267)
|
||||||
|
* add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841)
|
||||||
|
* add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
|
||||||
|
- install .hmac256.hmac (bnc#704068)
|
||||||
|
- enable varuous new options in configure (m-guard, hmac binary check and
|
||||||
|
random device linux)
|
||||||
|
- build with all ciphers, pubkeys and digest by default as whitelist
|
||||||
|
simply allowed them all
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jun 17 13:22:33 UTC 2013 - coolo@suse.com
|
Mon Jun 17 13:22:33 UTC 2013 - coolo@suse.com
|
||||||
|
|
||||||
@ -6,7 +19,7 @@ Mon Jun 17 13:22:33 UTC 2013 - coolo@suse.com
|
|||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Jun 16 22:56:56 UTC 2013 - crrodriguez@opensuse.org
|
Sun Jun 16 22:56:56 UTC 2013 - crrodriguez@opensuse.org
|
||||||
|
|
||||||
- Library must by built with large file support in
|
- Library must be built with large file support in
|
||||||
32 bit archs.
|
32 bit archs.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
|
@ -16,8 +16,13 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
Name: libgcrypt
|
%define build_hmac256 1
|
||||||
|
%define separate_hmac256_binary 0
|
||||||
|
|
||||||
%define libsoname %{name}11
|
%define libsoname %{name}11
|
||||||
|
%define sosuffix 11.8.1
|
||||||
|
|
||||||
|
Name: libgcrypt
|
||||||
Url: http://directory.fsf.org/wiki/Libgcrypt
|
Url: http://directory.fsf.org/wiki/Libgcrypt
|
||||||
Version: 1.5.2
|
Version: 1.5.2
|
||||||
Release: 0
|
Release: 0
|
||||||
@ -33,10 +38,18 @@ Patch0: %{name}-ppc64.patch
|
|||||||
Patch1: %{name}-strict-aliasing.patch
|
Patch1: %{name}-strict-aliasing.patch
|
||||||
Patch3: %{name}-1.4.1-rijndael_no_strict_aliasing.patch
|
Patch3: %{name}-1.4.1-rijndael_no_strict_aliasing.patch
|
||||||
Patch4: %{name}-sparcv9.diff
|
Patch4: %{name}-sparcv9.diff
|
||||||
|
#PATCH-FIX-UPSTREAM: bnc#701267, explicitly link with $(DL_LIBS)
|
||||||
|
#was: libgcrypt-1.5.0-as-needed.patch
|
||||||
|
Patch5: libgcrypt-unresolved-dladdr.patch
|
||||||
|
#PATCH-FIX-SUSE: bnc#724841, fix a random device opening routine
|
||||||
|
Patch6: libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
|
||||||
|
#PATCH-FIX-SUSE: N/A
|
||||||
|
Patch7: libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
BuildRequires: automake >= 1.11
|
BuildRequires: automake >= 1.11
|
||||||
BuildRequires: libgpg-error-devel >= 1.8
|
BuildRequires: libgpg-error-devel >= 1.8
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
|
# not for base packages to avoid huge cycles
|
||||||
#BuildRequires: gpg-offline
|
#BuildRequires: gpg-offline
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -49,14 +62,6 @@ understanding of applied cryptography is required to use Libgcrypt.
|
|||||||
Summary: The GNU Crypto Library
|
Summary: The GNU Crypto Library
|
||||||
License: GPL-2.0+ and LGPL-2.1+
|
License: GPL-2.0+ and LGPL-2.1+
|
||||||
Group: Development/Libraries/C and C++
|
Group: Development/Libraries/C and C++
|
||||||
# bug437293
|
|
||||||
%ifarch ppc64
|
|
||||||
Obsoletes: %{name}-64bit
|
|
||||||
%endif
|
|
||||||
#
|
|
||||||
# libgcrypt last used in 10.3
|
|
||||||
Obsoletes: %{name} < %{version}
|
|
||||||
Provides: %{name} = %{version}
|
|
||||||
|
|
||||||
%description -n %{libsoname}
|
%description -n %{libsoname}
|
||||||
Libgcrypt is a general purpose crypto library based on the code used in
|
Libgcrypt is a general purpose crypto library based on the code used in
|
||||||
@ -69,11 +74,6 @@ Group: Development/Libraries/C and C++
|
|||||||
Requires: %{libsoname} = %{version}
|
Requires: %{libsoname} = %{version}
|
||||||
Requires: glibc-devel
|
Requires: glibc-devel
|
||||||
Requires: libgpg-error-devel >= 1.8
|
Requires: libgpg-error-devel >= 1.8
|
||||||
# bug437293
|
|
||||||
%ifarch ppc64
|
|
||||||
Obsoletes: %{name}-devel-64bit
|
|
||||||
%endif
|
|
||||||
#
|
|
||||||
PreReq: %install_info_prereq
|
PreReq: %install_info_prereq
|
||||||
|
|
||||||
%description devel
|
%description devel
|
||||||
@ -85,41 +85,76 @@ understanding of applied cryptography is required to use Libgcrypt.
|
|||||||
This package contains needed files to compile and link against the
|
This package contains needed files to compile and link against the
|
||||||
library.
|
library.
|
||||||
|
|
||||||
|
%if 0%{?separate_hmac256_binary}
|
||||||
|
|
||||||
|
%package hmac256
|
||||||
|
Summary: The GNU Crypto Library
|
||||||
|
License: GPL-2.0+ and LGPL-2.1+
|
||||||
|
Group: Development/Libraries/C and C++
|
||||||
|
Requires: libgcrypt11 = %version
|
||||||
|
Requires: libgpg-error-devel
|
||||||
|
PreReq: %install_info_prereq
|
||||||
|
|
||||||
|
%description hmac256
|
||||||
|
Libgcrypt is a general purpose library of cryptographic building
|
||||||
|
blocks. It is originally based on code used by GnuPG. It does not
|
||||||
|
provide any implementation of OpenPGP or other protocols. Thorough
|
||||||
|
understanding of applied cryptography is required to use Libgcrypt.
|
||||||
|
|
||||||
|
%endif # #if separate_hmac256_binary
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n %{name}-%{version}
|
%setup -q -n %{name}-%{version}
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
%patch1
|
%patch1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
%patch6 -p1
|
||||||
|
%patch7 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# define ciphers to build
|
echo building with build_hmac256 set to %{build_hmac256}
|
||||||
ENABLE_CIPHER="arcfour blowfish cast5 des aes twofish serpent rfc2268 seed camellia idea"
|
|
||||||
ENABLE_PUBKEY="dsa elgamal rsa ecc"
|
|
||||||
ENABLE_DIGEST="crc md4 md5 rmd160 sha1 sha256 sha512 tiger whirlpool"
|
|
||||||
#
|
|
||||||
%{?suse_update_config}
|
%{?suse_update_config}
|
||||||
autoreconf -fi
|
autoreconf -fi
|
||||||
export CFLAGS="%optflags $(getconf LFS_CFLAGS)"
|
export CFLAGS="%optflags $(getconf LFS_CFLAGS)"
|
||||||
%configure --with-pic \
|
%configure --with-pic \
|
||||||
--enable-noexecstack \
|
--enable-noexecstack \
|
||||||
--disable-static \
|
--disable-static \
|
||||||
|
--enable-m-guard \
|
||||||
%ifarch %sparc
|
%ifarch %sparc
|
||||||
--disable-asm \
|
--disable-asm \
|
||||||
%endif
|
%endif
|
||||||
--enable-ciphers="$ENABLE_CIPHER" \
|
--enable-hmac-binary-check \
|
||||||
--enable-pubkey-ciphers="$ENABLE_PUBKEY" \
|
--enable-random=linux
|
||||||
--enable-digests="$ENABLE_DIGEST"
|
|
||||||
%{__make} %{?_smp_mflags}
|
%{__make} %{?_smp_mflags}
|
||||||
|
|
||||||
|
%if 0%{?build_hmac256}
|
||||||
|
# this is a hack that re-defines the __os_install_post macro
|
||||||
|
# for a simple reason: the macro strips the binaries and thereby
|
||||||
|
# invalidates a HMAC that may have been created earlier.
|
||||||
|
# solution: create the hashes _after_ the macro runs.
|
||||||
|
#
|
||||||
|
# this shows up earlier because otherwise the %expand of
|
||||||
|
# the macro is too late.
|
||||||
|
%{expand:%%global __os_install_post {%__os_install_post
|
||||||
|
|
||||||
|
%{buildroot}/%{_bindir}/hmac256 "What am I, a doctor or a moonshuttle conductor?" \
|
||||||
|
< %{buildroot}/%{_bindir}/hmac256 > %{buildroot}/%{_bindir}/.hmac256.hmac
|
||||||
|
%{buildroot}/%{_bindir}/hmac256 "What am I, a doctor or a moonshuttle conductor?" \
|
||||||
|
< %{buildroot}/%{_libdir}/libgcrypt.so.%{sosuffix} > %{buildroot}/%{_libdir}/.libgcrypt.so.11.hmac
|
||||||
|
}}
|
||||||
|
%endif
|
||||||
|
|
||||||
%check
|
%check
|
||||||
# Nice idea. however this uses /dev/random, which hangs
|
# Nice idea. however this uses /dev/random, which hangs
|
||||||
# on hardware without random feeds.
|
# on hardware without random feeds.
|
||||||
|
# so lets not run it inside OBS
|
||||||
# make check
|
# make check
|
||||||
|
|
||||||
%install
|
%install
|
||||||
make DESTDIR=$RPM_BUILD_ROOT install
|
make DESTDIR=$RPM_BUILD_ROOT install
|
||||||
#
|
|
||||||
rm %{buildroot}%{_libdir}/%{name}.la
|
rm %{buildroot}%{_libdir}/%{name}.la
|
||||||
|
|
||||||
%post -n %{libsoname} -p /sbin/ldconfig
|
%post -n %{libsoname} -p /sbin/ldconfig
|
||||||
@ -140,6 +175,9 @@ rm %{buildroot}%{_libdir}/%{name}.la
|
|||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%doc AUTHORS COPYING COPYING.LIB ChangeLog NEWS README THANKS TODO
|
%doc AUTHORS COPYING COPYING.LIB ChangeLog NEWS README THANKS TODO
|
||||||
%{_libdir}/%{name}.so.11*
|
%{_libdir}/%{name}.so.11*
|
||||||
|
%if 0%{?build_hmac256}
|
||||||
|
%{_libdir}/.libgcrypt.so.11.hmac
|
||||||
|
%endif # %if 0%{?build_hmac256}
|
||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
@ -147,10 +185,16 @@ rm %{buildroot}%{_libdir}/%{name}.la
|
|||||||
%_infodir/gcrypt.info-1.gz
|
%_infodir/gcrypt.info-1.gz
|
||||||
%_infodir/gcrypt.info-2.gz
|
%_infodir/gcrypt.info-2.gz
|
||||||
%_bindir/dumpsexp
|
%_bindir/dumpsexp
|
||||||
%_bindir/hmac256
|
|
||||||
%_bindir/%{name}-config
|
%_bindir/%{name}-config
|
||||||
%_libdir/%{name}.so
|
%_libdir/%{name}.so
|
||||||
%_includedir/gcrypt*.h
|
%_includedir/gcrypt*.h
|
||||||
%_datadir/aclocal/%{name}.m4
|
%_datadir/aclocal/%{name}.m4
|
||||||
|
%if 0%{?separate_hmac256_binary}
|
||||||
|
|
||||||
|
%files hmac256
|
||||||
|
%defattr(-,root,root)
|
||||||
|
%endif # %if 0%{?separate_hmac256_binary}
|
||||||
|
%{_bindir}/hmac256
|
||||||
|
%{_bindir}/.hmac256.hmac
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
Loading…
Reference in New Issue
Block a user