Accepting request 1187012 from home:MSirringhaus:branches:LibreOffice:Factory

Needed for nss 3.101 (which blocks Firefox 128)
- Update to 1.2.40 
  The legacy XML Security Library 1.2.40 release includes the following changes:
  * (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default).
  * (xmlsec-nss) Increased keys size in all tests to support NSS 3.101.
  * (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default).
  * Several other small fixes (more details).
- Update to 1.2.39
  The legacy XML Security Library 1.2.39 release includes the following changes:
  * Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default.
  * Several other small fixes (more details).
- Remove upstreamed xmlsec1-gcc14.patch

OBS-URL: https://build.opensuse.org/request/show/1187012
OBS-URL: https://build.opensuse.org/package/show/LibreOffice:Factory/xmlsec1?expand=0&rev=64

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

xmlsec1-1.2.38.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9de8cf8d7d2e288a9cef205cc6cb93c926a67dadfaf44aaff76ed63c28ce9902
+size 2036578

xmlsec1-gcc14.patch

@@ -0,0 +1,10 @@
+--- xmlsec1-1.2.38/apps/crypto.c	2024-05-24 19:08:57.856528758 +0200
++++ xmlsec1-1.2.38/apps/crypto.c	2024-05-24 19:09:45.526855641 +0200
+@@ -12,6 +12,7 @@
+ #endif
+ 
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #include <xmlsec/xmlsec.h>
+ #include <xmlsec/keys.h>

xmlsec1-rpmlintrc

@@ -0,0 +1,7 @@
+# This is not devel, those so files are loaded as plugins and there is no
+# actual versioning there
+addFilter("devel-file-in-non-devel-package")
+# Again the packages do not link yet as these are modules they are useless
+# without the main library
+addFilter("shlib-fixed-dependency")
+

xmlsec1-ui_null.patch

@@ -0,0 +1,20 @@
+--- xmlsec1-1.2.33/src/openssl/app.c	2022-01-28 07:47:11.922603482 +0100
++++ xmlsec1-1.2.33/src/openssl/app.c	2022-01-28 08:18:12.786240295 +0100
+@@ -437,7 +437,7 @@
+         }
+     }
+ 
+-    if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)UI_null(), 0, 1) < 0) {
++    if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)0, 0, 1) < 0) {
+         xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(SET_USER_INTERFACE)", NULL);
+         goto done;
+     }
+@@ -453,7 +453,7 @@
+ 
+     /* load private key */
+     pKey = ENGINE_load_private_key(engine, engineKeyId,
+-                                   (UI_METHOD *)UI_null(),
++                                   (UI_METHOD *)0,
+                                    NULL);
+     if(pKey == NULL) {
+         xmlSecOpenSSLError("ENGINE_load_private_key", NULL);

xmlsec1.changes

@@ -0,0 +1,275 @@
+-------------------------------------------------------------------
+Fri Jul 12 06:09:16 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Update to 1.2.40 
+  The legacy XML Security Library 1.2.40 release includes the following changes:
+  * (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default).
+  * (xmlsec-nss) Increased keys size in all tests to support NSS 3.101.
+  * (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default).
+  * Several other small fixes (more details).
+
+- Update to 1.2.39
+  The legacy XML Security Library 1.2.39 release includes the following changes:
+  * Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default.
+  * Several other small fixes (more details).
+
+- Remove upstreamed xmlsec1-gcc14.patch
+
+-------------------------------------------------------------------
+Fri May 24 17:15:05 UTC 2024 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * xmlsec1-gcc14.patch
+    + add missing include and fix gcc14 build
+
+-------------------------------------------------------------------
+Mon Feb 26 12:24:45 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Use %patch -P N instead of deprecated %patchN.
+
+-------------------------------------------------------------------
+Fri Dec 15 06:33:23 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Update to 1.2.38
+  * Have a look at the changelog for the list of changes
+
+-------------------------------------------------------------------
+Thu Nov 30 14:49:16 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Make use of openSUSE build flags
+
+-------------------------------------------------------------------
+Tue Aug  8 15:41:15 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * xmlsec1-ui_null.patch
+    + fix build with older versions of openssl that don't have
+      UI_null() method
+
+-------------------------------------------------------------------
+Wed Feb  1 09:23:37 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- switch to pkgconfig(zlib) to allow alternative providers as well
+
+-------------------------------------------------------------------
+Sat Dec  3 17:03:47 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.2.37:
+  Fixed two regressions from 1.2.36 release 
+
+-------------------------------------------------------------------
+Fri Nov  4 15:33:42 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
+
+- Update to 1.2.36:
+  * Retired the XMLSec mailing list "xmlsec@aleksey.com" and the
+    XMLSec Online Signature Verifier.
+
+- Update to 1.2.35:
+  * Migration to OpenSSL 3.0 API (based on PR by @snargit). Note
+    that OpenSSL engines are disabled by default when XMLSec
+    library is compiled against OpenSSL 3.0. To re-enable OpenSSL
+    engines, use "--enable-openssl3-engines" configure flag (there
+    will be a lot of deprecation warnings).
+  * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now
+    deprecated and will be removed in the future versions of
+    XMLSec Library.
+  * Refactored all the integer casts to ensure cast-safety. Fixed
+    all warnings and enabled "-Werror" and "-pedantic" flags on
+    CI builds.
+  * Added configure flag to use size_t for xmlSecSize (currently
+    disabled by default for backward compatibility).
+  * Moved all CI builds to GitHub actions.
+
+-------------------------------------------------------------------
+Thu Sep  8 07:25:33 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Add export CFLAGS/CXXFLAGS="-Wno-error=deprecated-declarations"
+  inbefore configure. We pass --enable-werror to configure, and
+  that leads to warnings about deprecations failing build. As
+  deprecations is mainly a consern for upstream, stop failing on
+  those.
+
+-------------------------------------------------------------------
+Mon May 23 09:49:35 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.2.34:
+  * Support for OpenSSL compiled with OPENSSL_NO_ERR.
+  * Full support for LibreSSL 3.5.0 and above
+  * Several other small fixes
+
+-------------------------------------------------------------------
+Sun Nov 28 18:53:47 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.2.33:
+  * Fix decrypting session key for two recipients 
+  * Added --privkey-openssl-engine option to enhance openssl engine support
+
+-------------------------------------------------------------------
+Sun May  9 19:54:21 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 1.2.32:
+  + Remove MD5 for NSS 3.59 and above
+  + Fix PKCS12_parse return code handling
+  + Fix OpenSSL lookup
+  + xmlSecX509DataGetNodeContent(): don't return 0 for non-empty
+    elements - fix for LibreOffice
+- add upstream signing key and validate source signature
+- put license text into all subpackages
+- treat all compiler warnings as errors
+
+-------------------------------------------------------------------
+Wed Feb 17 12:17:06 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
+
+- Relax the crypto policies for the test-suite. This allows the
+  tests using certificates with small key lengths to pass.
+
+-------------------------------------------------------------------
+Thu Dec 17 09:16:49 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 1.2.31:
+  + Unload error strings in OpenSSL shutdown.
+  + Make userData available when executing preExecCallback
+    function.
+  + Add an option to use secure memset.
+- Pass --disable-md5 to configure: The cryptographic strength of
+  the MD5 algorithm is sufficiently doubtful that its use is
+  discouraged at this time. It is not listed as an algorithm in
+  [XMLDSIG-CORE1]
+  https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1
+
+-------------------------------------------------------------------
+Thu Jun 18 12:10:34 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 1.2.30:
+  * Enabled XML_PARSE_HUGE for all xml parsers.
+  * Various build and tests fixes and improvements.
+  * Move remaining private header files away from xmlsec/include/ folder.
+
+-------------------------------------------------------------------
+Thu Apr 25 09:13:57 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 1.2.28:
+  * Added BoringSSL support (chenbd).
+  * Added gnutls-3.6.x support (alonbl).
+  * Added DSA and ECDSA key size getter for MSCNG (vmiklos).
+  * Added --enable-mans configuration option (alonbl).
+  * Added coninuous build integration for MacOSX (vmiklos).
+  * Several other small fixes (more details).
+
+-------------------------------------------------------------------
+Fri Dec  7 11:01:44 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Make sure to recommend at least one backend when you install
+  just xmlsec1
+
+-------------------------------------------------------------------
+Wed Oct 31 13:21:31 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Drop the gnutls backend as based on the tests it is quite borked:
+  * We still have nss and openssl backend for people to use
+
+-------------------------------------------------------------------
+Wed Oct 31 12:00:28 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Version update to 1.2.27:
+  * Added AES-GCM support for OpenSSL and MSCNG (snargit).
+  * Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos).
+  * Added RSA-OAEP support for MSCNG (vmiklos).
+  * Continuous build integration in Travis and Appveyor.
+  * Several other small fixes (more details).
+
+-------------------------------------------------------------------
+Thu Aug 16 10:22:09 UTC 2018 - tchvatal@suse.com
+
+- Add rplintrc to avoid bogus errors:
+  * xmlsec1-rpmlintrc
+
+-------------------------------------------------------------------
+Tue Aug 14 18:51:27 UTC 2018 - kallan@suse.com
+
+- Fixed (bsc#1104876).  Added: Requires: %{libname} = %{version} to each module
+  in the spec file. This will ensure that when one of the modules is installed
+  the corresponding version of libxmlsec1-1 will also be installed/upgraded.
+
+-------------------------------------------------------------------
+Tue Jun  5 20:10:17 UTC 2018 - vmiklos@collabora.co.uk
+
+- Version update to 1.2.26:
+  * Added xmlsec-mscng module based on Microsoft Cryptography API: Next
+    Generation
+  * Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R
+    34.10-2001 in xmlsec-mscrypto
+  * Added LibreSSL 2.7 support
+  * Upgraded documentation build process to support the latest gtk-doc
+
+-------------------------------------------------------------------
+Thu Nov 30 09:53:35 UTC 2017 - tchvatal@suse.com
+
+- Version update to 1.2.25:
+  * Various small fixes
+  * Coverity cleanups
+  * Removed support for old openssl
+
+-------------------------------------------------------------------
+Thu Apr 20 14:48:11 UTC 2017 - vmiklos@collabora.co.uk
+
+- Version update to 1.2.24:
+  * Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support
+  for xmlsec-nss.
+
+  * Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS
+  handling.
+
+  * Disabled external entities loading by xmlsec utility app by
+  default to prevent XXE attacks.
+
+  * Improved OpenSSL version and features detection.
+
+  * Cleaned up, simplified, and standardized internal error
+  reporting.
+
+  * Fixed a few Coverity-discovered bugs.
+
+  * Marked as deprecated all the functions in xmlsec/soap.h file
+  and a couple other functions no longer required by xmlsec.
+  These functions will be removed in the future releases.
+
+  * Several other small fixes (see commit log for more details).
+
+-------------------------------------------------------------------
+Thu Mar 23 12:19:26 UTC 2017 - pmonrealgonzalez@suse.com
+
+- Fixed dependencies with libraries (bsc#1012246):
+  * libxmlsec1-openssl.so
+  * libxmlsec1-gcrypt.so
+  * libxmlsec1-gnutls.so
+  * libxmlsec1-nss.so
+
+-------------------------------------------------------------------
+Mon Nov 28 09:29:03 UTC 2016 - tchvatal@suse.com
+
+- Version update to 1.2.23:
+  * Full support for OpenSSL 1.1.0
+  * Several other small fixes
+
+-------------------------------------------------------------------
+Wed May 25 10:49:08 UTC 2016 - tchvatal@suse.com
+
+- Version update to 1.2.22 (fate#320861):
+  * see the ChangeLog for most detailed output
+  * openssl 1.1 support
+  * Few features from libreoffice for integrated
+  * Run the testsuite
+
+-------------------------------------------------------------------
+Thu Sep  3 12:39:49 UTC 2015 - astieger@suse.com
+
+- update to 1.2.20:
+  * fix a number of miscellaneous bugs 
+  * update expired or soon-to-be-expired certificates in test suite
+
+-------------------------------------------------------------------
+Tue Jan  7 13:10:28 UTC 2014 - mvyskocil@suse.com
+
+- Initial packaging of xmlsec1 for SUSE 
+

xmlsec1.keyring

@@ -0,0 +1,28 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFMEGxgBEACqZVhbddfj2gWIIrsd+NpSy6ptqGkpLYoJcWu1Xgwwg6o2C4mt
+17lmxeSjQ7bfkqwhijvyf9Qx6oJw3uU2fol4LgC6JUxL60ne8aJ2tmXa9xg6p5Ea
+TzwuSFt83Ylnui6bG7zqUSR/PpN+5s/dV/KufREiWnV1wx08MU5Byw5CxVnUeuRq
+59Lvydd5xThKzMskJGyzbd/uGJFYLkaOnuvgvQXoWzkfvwY2jBvax7GZmQKKn1/z
+mq6HnHsxIOV55txrYSTnCfYcWEeqA6Wy6D4IdcWaEpdxMdey/ydJ5iDnZvqYKiZt
+GZtmdyYoJAOzM/pH5ulwOlHsJfI004aHc2v1yLllmhen5QVNYOgqgTdUHUzdyMc7
+WH8yYhoeDN9ClSOLlYGWzIPS4za00KjrZZAvZvd/TpyHOExQ7gPN7QcFJPPqpluj
+7gnIEjAn5ZUyXJWEga5nb+O/erV+JTnEqPVbak1TMxNDSrzMC4kH7gsVrMg+vjYJ
+cVc/zV6FO19BCI1JjXc6xsceZNWYU/fYAYYj1EU/Nz5nEuMtfTWdolZDqGfNmNy8
+fXN/8OZmdNkrJjJA4Lhi6QWeWt/U9dB3eBYucC5XXYOCEgeL6xBgJT38N//VNG7W
+STaKEsL3bHGeoji3FnTolecVsIF/pk0qMsZi+Tzmz5qi35kJCUz3MvyCGQARAQAB
+tCNBbGVrc2V5IFNhbmluIDxhbGVrc2V5QGFsZWtzZXkuY29tPokCPQQTAQoAJwUC
+UwQbGAIbAwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDmPs3vnh2C
+ngPKEACjYw/H5sWhO+MsCQ2Rl/hbtTk6Jn8sshhR9HIyD+gjvuWAKu5QVezlSpp5
+jY9qtMD161XjOAYRMJtxb3jbbDk6gfTPWO85S0jlBE6AdQR9DiPQQH0xlcAvveMD
+FxuCj2Br081ZRVCdQQQhMxMmiRJMAUivsNgI1vXPnKOozePUN6THeAJ+ht1WBe72
+7Z9W7AlH+Q4nZ7dz36tU6nWr6qgEsLD+B++ZbqCYj5Ctq/z1+Kaacsco/alqsa2o
+e74ntEc3+hNFtpoUbAcPQrPU9uRDxyd2D2VASB3YzmWPlZjCKutZtiNmWGH/bwDz
+3CTNrWXNO4joqL9gr/B6zyzNtTZExRw38Ayn5Jv8urTZv9raxZvU1ZJjZ3uKJzLb
+sHeRctG4AWGzMGayac3LgAvH/wUzD7Q5p+Rwc/9o/Qg6gklHUr6XPBQmtbK980DI
++si0fuh2RfBIQ1NmYl1AanmVgBZgNqyrsU4Xz5oZTS4YNJUsAN7YHC36utAsDq8q
+2xFkgQSf21aUhop/eLWW+c3w0LOSdwKPxeakwB5dOOjYoDVzbKV8pDulq6iKljir
+K9y87QxcvBtc+jt0Qgl3P0wcQ5cf+gQvMAFLX5/df4+JPjQmzIDh8Ky2IKl3dbCe
+lxFtaIKnN7bn0qxZ8KAQ9vLNyuwV6PLVKgL+RFqjPlwFtkBKqQ==
+=CTc5
+-----END PGP PUBLIC KEY BLOCK-----

xmlsec1.spec

@@ -0,0 +1,248 @@
+#
+# spec file for package xmlsec1
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%{!?make_build:%global make_build make %{?_smp_mflags}}
+%global libname    libxmlsec1-1
+%global libopenssl libxmlsec1-openssl1
+%global libgcrypt  libxmlsec1-gcrypt1
+%global libgnutls  libxmlsec1-gnutls1
+%global libnss     libxmlsec1-nss1
+Name:           xmlsec1
+Version:        1.2.40
+Release:        0
+Summary:        Library providing support for "XML Signature" and "XML Encryption" standards
+License:        MIT
+URL:            https://www.aleksey.com/xmlsec/
+Source0:        https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz
+Source1:        https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.sig#/xmlsec1-%{version}.tar.gz.sig
+Source2:        %{name}.keyring
+Source99:       xmlsec1-rpmlintrc
+Patch0:         xmlsec1-ui_null.patch
+BuildRequires:  libgcrypt-devel
+BuildRequires:  libtool
+# Needed certutil for tests
+BuildRequires:  mozilla-nss-tools
+BuildRequires:  pkgconfig
+BuildRequires:  pkgconfig(gnutls)
+BuildRequires:  pkgconfig(libxml-2.0)
+BuildRequires:  pkgconfig(libxslt)
+BuildRequires:  pkgconfig(nspr)
+BuildRequires:  pkgconfig(nss)
+BuildRequires:  pkgconfig(openssl)
+Recommends:     %{libopenssl}
+
+%description
+XML Security Library is a C library based on LibXML2  and OpenSSL.
+The library was created with a goal to support major XML security
+standards "XML Digital Signature" and "XML Encryption".
+
+%package -n %{libname}
+Summary:        Library providing support for "XML Signature" and "XML Encryption" standards
+
+%description -n %{libname}
+XML Security Library is a C library based on LibXML2  and OpenSSL.
+The library was created with a goal to support major XML security
+standards "XML Digital Signature" and "XML Encryption".
+
+%package -n %{libgcrypt}
+Summary:        GCrypt crypto plugin for XML Security Library
+Requires:       %{libname} = %{version}
+
+%description -n %{libgcrypt}
+GCrypt plugin for XML Security Library provides GCrypt based crypto services
+for the xmlsec library.
+
+%package -n %{libgnutls}
+Summary:        GNUTls crypto plugin for XML Security Library
+Requires:       %{libname} = %{version}
+
+%description -n %{libgnutls}
+GNUTls plugin for XML Security Library provides GNUTls based crypto services
+for the xmlsec library.
+
+%package -n %{libnss}
+Summary:        NSS crypto plugin for XML Security Library
+Requires:       %{libname} = %{version}
+
+%description -n %{libnss}
+NSS plugin for XML Security Library provides NSS based crypto services
+for the xmlsec library.
+
+%package -n %{libopenssl}
+Summary:        OpenSSL crypto plugin for XML Security Library
+Requires:       %{libname} = %{version}
+
+%description -n %{libopenssl}
+OpenSSL plugin for XML Security Library provides OpenSSL based crypto services
+for the xmlsec library.
+
+%package devel
+Summary:        Libraries, includes for XML Signatures/Encryption
+Requires:       %{libname} = %{version}
+Requires:       libxml2-devel >= 2.6.0
+Requires:       libxslt-devel >= 1.1.0
+Requires:       openssl-devel >= 0.9.6
+Requires:       pkgconfig(zlib)
+
+%description devel
+Libraries, includes, etc. you can use to develop applications with XML Digital
+Signatures and XML Encryption support.
+
+%package openssl-devel
+Summary:        OpenSSL crypto plugin for XML Security Library
+Requires:       %{libopenssl} = %{version}
+Requires:       %{name}-devel = %{version}
+
+%description openssl-devel
+Libraries, includes, etc. for developing XML Security applications with OpenSSL
+
+%package gcrypt-devel
+Summary:        GCrypt crypto plugin for XML Security Library
+Requires:       %{libgcrypt} = %{version}
+Requires:       %{name}-devel = %{version}
+
+%description gcrypt-devel
+Libraries, includes, etc. for developing XML Security applications with GCrypt.
+
+%package gnutls-devel
+Summary:        GNUTls crypto plugin for XML Security Library
+Requires:       %{libgnutls} = %{version}
+Requires:       %{name}-devel = %{version}
+Requires:       %{name}-openssl-devel = %{version}
+Requires:       gnutls-devel >= 1.0.20
+Requires:       libgcrypt-devel >= 1.2.0
+
+%description gnutls-devel
+Libraries, includes, etc. for developing XML Security applications with GNUTls.
+
+%package nss-devel
+Summary:        NSS crypto plugin for XML Security Library
+Requires:       %{libnss} = %{version}
+Requires:       %{name}-devel = %{version}
+Requires:       mozilla-nspr-devel
+Requires:       mozilla-nss-devel >= 3.2
+
+%description nss-devel
+Libraries, includes, etc. for developing XML Security applications with NSS.
+
+%prep
+%setup -q
+%if 0%{?suse_version} < 1500
+%patch -P 0 -p1
+%endif
+
+%build
+# Allow for deprecations
+export CFLAGS="%{optflags} -Wno-error=deprecated-declarations -std=c99"
+export CXXFLAGS="%{optflags} -Wno-error=deprecated-declarations"
+%configure \
+    --disable-static \
+    --disable-silent-rules \
+    --disable-md5
+%make_build
+
+%install
+%make_install
+find %{buildroot} -type f -name "*.la" -delete -print
+
+# move installed docs to include them in -devel package via %%doc magic
+rm -rf __tmp_doc ; mkdir __tmp_doc
+mv %{buildroot}%{_datadir}/doc/xmlsec1/* __tmp_doc
+rmdir %{buildroot}%{_datadir}/doc/xmlsec1
+
+%check
+# Relax the crypto policies for the test-suite
+export GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
+%make_build -j1 check check-keys check-dsig check-enc
+
+%post -n %{libname} -p /sbin/ldconfig
+%postun -n %{libname} -p /sbin/ldconfig
+%post -n %{libgcrypt} -p /sbin/ldconfig
+%postun -n %{libgcrypt} -p /sbin/ldconfig
+%post -n %{libgnutls} -p /sbin/ldconfig
+%postun -n %{libgnutls} -p /sbin/ldconfig
+%post -n %{libnss} -p /sbin/ldconfig
+%postun -n %{libnss} -p /sbin/ldconfig
+%post -n %{libopenssl} -p /sbin/ldconfig
+%postun -n %{libopenssl} -p /sbin/ldconfig
+
+%files
+%license COPYING
+%doc README.md ChangeLog
+%{_mandir}/man1/xmlsec1.1%{?ext_man}
+%{_bindir}/xmlsec1
+
+%files -n %{libname}
+%license COPYING
+%{_libdir}/libxmlsec1.so.*
+
+%files -n %{libgcrypt}
+%license COPYING
+%{_libdir}/libxmlsec1-gcrypt.so.*
+%{_libdir}/libxmlsec1-gcrypt.so
+
+%files -n %{libgnutls}
+%license COPYING
+%{_libdir}/libxmlsec1-gnutls.so.*
+%{_libdir}/libxmlsec1-gnutls.so
+
+%files -n %{libnss}
+%license COPYING
+%{_libdir}/libxmlsec1-nss.so.*
+%{_libdir}/libxmlsec1-nss.so
+
+%files -n %{libopenssl}
+%license COPYING
+%{_libdir}/libxmlsec1-openssl.so.*
+%{_libdir}/libxmlsec1-openssl.so
+
+%files devel
+%license COPYING
+%doc AUTHORS ChangeLog NEWS
+%doc HACKING __tmp_doc/*
+%{_bindir}/xmlsec1-config
+%dir %{_includedir}/xmlsec1
+%dir %{_includedir}/xmlsec1/xmlsec
+%{_includedir}/xmlsec1/xmlsec/*.h
+%{_libdir}/libxmlsec1.so
+%{_libdir}/pkgconfig/xmlsec1.pc
+%{_libdir}/xmlsec1Conf.sh
+%{_datadir}/aclocal/xmlsec1.m4
+%{_mandir}/man1/xmlsec1-config.1%{?ext_man}
+
+%files openssl-devel
+%license COPYING
+%{_includedir}/xmlsec1/xmlsec/openssl/
+%{_libdir}/pkgconfig/xmlsec1-openssl.pc
+
+%files gcrypt-devel
+%license COPYING
+%{_includedir}/xmlsec1/xmlsec/gcrypt/
+%{_libdir}/pkgconfig/xmlsec1-gcrypt.pc
+
+%files gnutls-devel
+%license COPYING
+%{_includedir}/xmlsec1/xmlsec/gnutls/
+%{_libdir}/pkgconfig/xmlsec1-gnutls.pc
+
+%files nss-devel
+%license COPYING
+%{_includedir}/xmlsec1/xmlsec/nss/
+%{_libdir}/pkgconfig/xmlsec1-nss.pc
+
+%changelog