commit 5a1f3e0dc8d86bfce60e83d88f78ecbaddec61fe477bcd77ca1c0635bb06f2cb Author: Fridrich Strba Date: Fri Jul 12 10:14:05 2024 +0000 Accepting request 1187012 from home:MSirringhaus:branches:LibreOffice:Factory Needed for nss 3.101 (which blocks Firefox 128) - Update to 1.2.40 The legacy XML Security Library 1.2.40 release includes the following changes: * (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default). * (xmlsec-nss) Increased keys size in all tests to support NSS 3.101. * (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default). * Several other small fixes (more details). - Update to 1.2.39 The legacy XML Security Library 1.2.39 release includes the following changes: * Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default. * Several other small fixes (more details). - Remove upstreamed xmlsec1-gcc14.patch OBS-URL: https://build.opensuse.org/request/show/1187012 OBS-URL: https://build.opensuse.org/package/show/LibreOffice:Factory/xmlsec1?expand=0&rev=64 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/xmlsec1-1.2.38.tar.gz b/xmlsec1-1.2.38.tar.gz new file mode 100644 index 0000000..4336e6d --- /dev/null +++ b/xmlsec1-1.2.38.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9de8cf8d7d2e288a9cef205cc6cb93c926a67dadfaf44aaff76ed63c28ce9902 +size 2036578 diff --git a/xmlsec1-1.2.38.tar.gz.sig b/xmlsec1-1.2.38.tar.gz.sig new file mode 100644 index 0000000..b98f6c0 Binary files /dev/null and b/xmlsec1-1.2.38.tar.gz.sig differ diff --git a/xmlsec1-1.2.40.tar.gz b/xmlsec1-1.2.40.tar.gz new file mode 100644 index 0000000..06937e6 --- /dev/null +++ b/xmlsec1-1.2.40.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0290c7ec52e80d60e209928da33a95436a2264755255b780d52c438e6105dd31 +size 2057329 diff --git a/xmlsec1-1.2.40.tar.gz.sig b/xmlsec1-1.2.40.tar.gz.sig new file mode 100644 index 0000000..f0c439e Binary files /dev/null and b/xmlsec1-1.2.40.tar.gz.sig differ diff --git a/xmlsec1-gcc14.patch b/xmlsec1-gcc14.patch new file mode 100644 index 0000000..412face --- /dev/null +++ b/xmlsec1-gcc14.patch @@ -0,0 +1,10 @@ +--- xmlsec1-1.2.38/apps/crypto.c 2024-05-24 19:08:57.856528758 +0200 ++++ xmlsec1-1.2.38/apps/crypto.c 2024-05-24 19:09:45.526855641 +0200 +@@ -12,6 +12,7 @@ + #endif + + #include ++#include + + #include + #include diff --git a/xmlsec1-rpmlintrc b/xmlsec1-rpmlintrc new file mode 100644 index 0000000..8c96d19 --- /dev/null +++ b/xmlsec1-rpmlintrc @@ -0,0 +1,7 @@ +# This is not devel, those so files are loaded as plugins and there is no +# actual versioning there +addFilter("devel-file-in-non-devel-package") +# Again the packages do not link yet as these are modules they are useless +# without the main library +addFilter("shlib-fixed-dependency") + diff --git a/xmlsec1-ui_null.patch b/xmlsec1-ui_null.patch new file mode 100644 index 0000000..b0acdf1 --- /dev/null +++ b/xmlsec1-ui_null.patch @@ -0,0 +1,20 @@ +--- xmlsec1-1.2.33/src/openssl/app.c 2022-01-28 07:47:11.922603482 +0100 ++++ xmlsec1-1.2.33/src/openssl/app.c 2022-01-28 08:18:12.786240295 +0100 +@@ -437,7 +437,7 @@ + } + } + +- if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)UI_null(), 0, 1) < 0) { ++ if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)0, 0, 1) < 0) { + xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(SET_USER_INTERFACE)", NULL); + goto done; + } +@@ -453,7 +453,7 @@ + + /* load private key */ + pKey = ENGINE_load_private_key(engine, engineKeyId, +- (UI_METHOD *)UI_null(), ++ (UI_METHOD *)0, + NULL); + if(pKey == NULL) { + xmlSecOpenSSLError("ENGINE_load_private_key", NULL); diff --git a/xmlsec1.changes b/xmlsec1.changes new file mode 100644 index 0000000..87f2977 --- /dev/null +++ b/xmlsec1.changes @@ -0,0 +1,275 @@ +------------------------------------------------------------------- +Fri Jul 12 06:09:16 UTC 2024 - Martin Sirringhaus + +- Update to 1.2.40 + The legacy XML Security Library 1.2.40 release includes the following changes: + * (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default). + * (xmlsec-nss) Increased keys size in all tests to support NSS 3.101. + * (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default). + * Several other small fixes (more details). + +- Update to 1.2.39 + The legacy XML Security Library 1.2.39 release includes the following changes: + * Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default. + * Several other small fixes (more details). + +- Remove upstreamed xmlsec1-gcc14.patch + +------------------------------------------------------------------- +Fri May 24 17:15:05 UTC 2024 - Fridrich Strba + +- Added patch: + * xmlsec1-gcc14.patch + + add missing include and fix gcc14 build + +------------------------------------------------------------------- +Mon Feb 26 12:24:45 UTC 2024 - Dominique Leuenberger + +- Use %patch -P N instead of deprecated %patchN. + +------------------------------------------------------------------- +Fri Dec 15 06:33:23 UTC 2023 - Fridrich Strba + +- Update to 1.2.38 + * Have a look at the changelog for the list of changes + +------------------------------------------------------------------- +Thu Nov 30 14:49:16 UTC 2023 - Guillaume GARDET + +- Make use of openSUSE build flags + +------------------------------------------------------------------- +Tue Aug 8 15:41:15 UTC 2023 - Fridrich Strba + +- Added patch: + * xmlsec1-ui_null.patch + + fix build with older versions of openssl that don't have + UI_null() method + +------------------------------------------------------------------- +Wed Feb 1 09:23:37 UTC 2023 - Dirk Müller + +- switch to pkgconfig(zlib) to allow alternative providers as well + +------------------------------------------------------------------- +Sat Dec 3 17:03:47 UTC 2022 - Dirk Müller + +- update to 1.2.37: + Fixed two regressions from 1.2.36 release + +------------------------------------------------------------------- +Fri Nov 4 15:33:42 UTC 2022 - Pedro Monreal + +- Update to 1.2.36: + * Retired the XMLSec mailing list "xmlsec@aleksey.com" and the + XMLSec Online Signature Verifier. + +- Update to 1.2.35: + * Migration to OpenSSL 3.0 API (based on PR by @snargit). Note + that OpenSSL engines are disabled by default when XMLSec + library is compiled against OpenSSL 3.0. To re-enable OpenSSL + engines, use "--enable-openssl3-engines" configure flag (there + will be a lot of deprecation warnings). + * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now + deprecated and will be removed in the future versions of + XMLSec Library. + * Refactored all the integer casts to ensure cast-safety. Fixed + all warnings and enabled "-Werror" and "-pedantic" flags on + CI builds. + * Added configure flag to use size_t for xmlSecSize (currently + disabled by default for backward compatibility). + * Moved all CI builds to GitHub actions. + +------------------------------------------------------------------- +Thu Sep 8 07:25:33 UTC 2022 - Bjørn Lie + +- Add export CFLAGS/CXXFLAGS="-Wno-error=deprecated-declarations" + inbefore configure. We pass --enable-werror to configure, and + that leads to warnings about deprecations failing build. As + deprecations is mainly a consern for upstream, stop failing on + those. + +------------------------------------------------------------------- +Mon May 23 09:49:35 UTC 2022 - Dirk Müller + +- update to 1.2.34: + * Support for OpenSSL compiled with OPENSSL_NO_ERR. + * Full support for LibreSSL 3.5.0 and above + * Several other small fixes + +------------------------------------------------------------------- +Sun Nov 28 18:53:47 UTC 2021 - Dirk Müller + +- update to 1.2.33: + * Fix decrypting session key for two recipients + * Added --privkey-openssl-engine option to enhance openssl engine support + +------------------------------------------------------------------- +Sun May 9 19:54:21 UTC 2021 - Andreas Stieger + +- update to 1.2.32: + + Remove MD5 for NSS 3.59 and above + + Fix PKCS12_parse return code handling + + Fix OpenSSL lookup + + xmlSecX509DataGetNodeContent(): don't return 0 for non-empty + elements - fix for LibreOffice +- add upstream signing key and validate source signature +- put license text into all subpackages +- treat all compiler warnings as errors + +------------------------------------------------------------------- +Wed Feb 17 12:17:06 UTC 2021 - Pedro Monreal + +- Relax the crypto policies for the test-suite. This allows the + tests using certificates with small key lengths to pass. + +------------------------------------------------------------------- +Thu Dec 17 09:16:49 UTC 2020 - Dominique Leuenberger + +- Update to version 1.2.31: + + Unload error strings in OpenSSL shutdown. + + Make userData available when executing preExecCallback + function. + + Add an option to use secure memset. +- Pass --disable-md5 to configure: The cryptographic strength of + the MD5 algorithm is sufficiently doubtful that its use is + discouraged at this time. It is not listed as an algorithm in + [XMLDSIG-CORE1] + https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1 + +------------------------------------------------------------------- +Thu Jun 18 12:10:34 UTC 2020 - Tomáš Chvátal + +- Update to 1.2.30: + * Enabled XML_PARSE_HUGE for all xml parsers. + * Various build and tests fixes and improvements. + * Move remaining private header files away from xmlsec/include/ folder. + +------------------------------------------------------------------- +Thu Apr 25 09:13:57 UTC 2019 - Tomáš Chvátal + +- Update to 1.2.28: + * Added BoringSSL support (chenbd). + * Added gnutls-3.6.x support (alonbl). + * Added DSA and ECDSA key size getter for MSCNG (vmiklos). + * Added --enable-mans configuration option (alonbl). + * Added coninuous build integration for MacOSX (vmiklos). + * Several other small fixes (more details). + +------------------------------------------------------------------- +Fri Dec 7 11:01:44 UTC 2018 - Tomáš Chvátal + +- Make sure to recommend at least one backend when you install + just xmlsec1 + +------------------------------------------------------------------- +Wed Oct 31 13:21:31 UTC 2018 - Tomáš Chvátal + +- Drop the gnutls backend as based on the tests it is quite borked: + * We still have nss and openssl backend for people to use + +------------------------------------------------------------------- +Wed Oct 31 12:00:28 UTC 2018 - Tomáš Chvátal + +- Version update to 1.2.27: + * Added AES-GCM support for OpenSSL and MSCNG (snargit). + * Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos). + * Added RSA-OAEP support for MSCNG (vmiklos). + * Continuous build integration in Travis and Appveyor. + * Several other small fixes (more details). + +------------------------------------------------------------------- +Thu Aug 16 10:22:09 UTC 2018 - tchvatal@suse.com + +- Add rplintrc to avoid bogus errors: + * xmlsec1-rpmlintrc + +------------------------------------------------------------------- +Tue Aug 14 18:51:27 UTC 2018 - kallan@suse.com + +- Fixed (bsc#1104876). Added: Requires: %{libname} = %{version} to each module + in the spec file. This will ensure that when one of the modules is installed + the corresponding version of libxmlsec1-1 will also be installed/upgraded. + +------------------------------------------------------------------- +Tue Jun 5 20:10:17 UTC 2018 - vmiklos@collabora.co.uk + +- Version update to 1.2.26: + * Added xmlsec-mscng module based on Microsoft Cryptography API: Next + Generation + * Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R + 34.10-2001 in xmlsec-mscrypto + * Added LibreSSL 2.7 support + * Upgraded documentation build process to support the latest gtk-doc + +------------------------------------------------------------------- +Thu Nov 30 09:53:35 UTC 2017 - tchvatal@suse.com + +- Version update to 1.2.25: + * Various small fixes + * Coverity cleanups + * Removed support for old openssl + +------------------------------------------------------------------- +Thu Apr 20 14:48:11 UTC 2017 - vmiklos@collabora.co.uk + +- Version update to 1.2.24: + * Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support + for xmlsec-nss. + + * Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS + handling. + + * Disabled external entities loading by xmlsec utility app by + default to prevent XXE attacks. + + * Improved OpenSSL version and features detection. + + * Cleaned up, simplified, and standardized internal error + reporting. + + * Fixed a few Coverity-discovered bugs. + + * Marked as deprecated all the functions in xmlsec/soap.h file + and a couple other functions no longer required by xmlsec. + These functions will be removed in the future releases. + + * Several other small fixes (see commit log for more details). + +------------------------------------------------------------------- +Thu Mar 23 12:19:26 UTC 2017 - pmonrealgonzalez@suse.com + +- Fixed dependencies with libraries (bsc#1012246): + * libxmlsec1-openssl.so + * libxmlsec1-gcrypt.so + * libxmlsec1-gnutls.so + * libxmlsec1-nss.so + +------------------------------------------------------------------- +Mon Nov 28 09:29:03 UTC 2016 - tchvatal@suse.com + +- Version update to 1.2.23: + * Full support for OpenSSL 1.1.0 + * Several other small fixes + +------------------------------------------------------------------- +Wed May 25 10:49:08 UTC 2016 - tchvatal@suse.com + +- Version update to 1.2.22 (fate#320861): + * see the ChangeLog for most detailed output + * openssl 1.1 support + * Few features from libreoffice for integrated + * Run the testsuite + +------------------------------------------------------------------- +Thu Sep 3 12:39:49 UTC 2015 - astieger@suse.com + +- update to 1.2.20: + * fix a number of miscellaneous bugs + * update expired or soon-to-be-expired certificates in test suite + +------------------------------------------------------------------- +Tue Jan 7 13:10:28 UTC 2014 - mvyskocil@suse.com + +- Initial packaging of xmlsec1 for SUSE + diff --git a/xmlsec1.keyring b/xmlsec1.keyring new file mode 100644 index 0000000..bdae976 --- /dev/null +++ b/xmlsec1.keyring @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFMEGxgBEACqZVhbddfj2gWIIrsd+NpSy6ptqGkpLYoJcWu1Xgwwg6o2C4mt +17lmxeSjQ7bfkqwhijvyf9Qx6oJw3uU2fol4LgC6JUxL60ne8aJ2tmXa9xg6p5Ea +TzwuSFt83Ylnui6bG7zqUSR/PpN+5s/dV/KufREiWnV1wx08MU5Byw5CxVnUeuRq +59Lvydd5xThKzMskJGyzbd/uGJFYLkaOnuvgvQXoWzkfvwY2jBvax7GZmQKKn1/z +mq6HnHsxIOV55txrYSTnCfYcWEeqA6Wy6D4IdcWaEpdxMdey/ydJ5iDnZvqYKiZt +GZtmdyYoJAOzM/pH5ulwOlHsJfI004aHc2v1yLllmhen5QVNYOgqgTdUHUzdyMc7 +WH8yYhoeDN9ClSOLlYGWzIPS4za00KjrZZAvZvd/TpyHOExQ7gPN7QcFJPPqpluj +7gnIEjAn5ZUyXJWEga5nb+O/erV+JTnEqPVbak1TMxNDSrzMC4kH7gsVrMg+vjYJ +cVc/zV6FO19BCI1JjXc6xsceZNWYU/fYAYYj1EU/Nz5nEuMtfTWdolZDqGfNmNy8 +fXN/8OZmdNkrJjJA4Lhi6QWeWt/U9dB3eBYucC5XXYOCEgeL6xBgJT38N//VNG7W +STaKEsL3bHGeoji3FnTolecVsIF/pk0qMsZi+Tzmz5qi35kJCUz3MvyCGQARAQAB +tCNBbGVrc2V5IFNhbmluIDxhbGVrc2V5QGFsZWtzZXkuY29tPokCPQQTAQoAJwUC +UwQbGAIbAwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDmPs3vnh2C +ngPKEACjYw/H5sWhO+MsCQ2Rl/hbtTk6Jn8sshhR9HIyD+gjvuWAKu5QVezlSpp5 +jY9qtMD161XjOAYRMJtxb3jbbDk6gfTPWO85S0jlBE6AdQR9DiPQQH0xlcAvveMD +FxuCj2Br081ZRVCdQQQhMxMmiRJMAUivsNgI1vXPnKOozePUN6THeAJ+ht1WBe72 +7Z9W7AlH+Q4nZ7dz36tU6nWr6qgEsLD+B++ZbqCYj5Ctq/z1+Kaacsco/alqsa2o +e74ntEc3+hNFtpoUbAcPQrPU9uRDxyd2D2VASB3YzmWPlZjCKutZtiNmWGH/bwDz +3CTNrWXNO4joqL9gr/B6zyzNtTZExRw38Ayn5Jv8urTZv9raxZvU1ZJjZ3uKJzLb +sHeRctG4AWGzMGayac3LgAvH/wUzD7Q5p+Rwc/9o/Qg6gklHUr6XPBQmtbK980DI ++si0fuh2RfBIQ1NmYl1AanmVgBZgNqyrsU4Xz5oZTS4YNJUsAN7YHC36utAsDq8q +2xFkgQSf21aUhop/eLWW+c3w0LOSdwKPxeakwB5dOOjYoDVzbKV8pDulq6iKljir +K9y87QxcvBtc+jt0Qgl3P0wcQ5cf+gQvMAFLX5/df4+JPjQmzIDh8Ky2IKl3dbCe +lxFtaIKnN7bn0qxZ8KAQ9vLNyuwV6PLVKgL+RFqjPlwFtkBKqQ== +=CTc5 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/xmlsec1.spec b/xmlsec1.spec new file mode 100644 index 0000000..2ba5e7e --- /dev/null +++ b/xmlsec1.spec @@ -0,0 +1,248 @@ +# +# spec file for package xmlsec1 +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{!?make_build:%global make_build make %{?_smp_mflags}} +%global libname libxmlsec1-1 +%global libopenssl libxmlsec1-openssl1 +%global libgcrypt libxmlsec1-gcrypt1 +%global libgnutls libxmlsec1-gnutls1 +%global libnss libxmlsec1-nss1 +Name: xmlsec1 +Version: 1.2.40 +Release: 0 +Summary: Library providing support for "XML Signature" and "XML Encryption" standards +License: MIT +URL: https://www.aleksey.com/xmlsec/ +Source0: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz +Source1: https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.sig#/xmlsec1-%{version}.tar.gz.sig +Source2: %{name}.keyring +Source99: xmlsec1-rpmlintrc +Patch0: xmlsec1-ui_null.patch +BuildRequires: libgcrypt-devel +BuildRequires: libtool +# Needed certutil for tests +BuildRequires: mozilla-nss-tools +BuildRequires: pkgconfig +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(libxslt) +BuildRequires: pkgconfig(nspr) +BuildRequires: pkgconfig(nss) +BuildRequires: pkgconfig(openssl) +Recommends: %{libopenssl} + +%description +XML Security Library is a C library based on LibXML2 and OpenSSL. +The library was created with a goal to support major XML security +standards "XML Digital Signature" and "XML Encryption". + +%package -n %{libname} +Summary: Library providing support for "XML Signature" and "XML Encryption" standards + +%description -n %{libname} +XML Security Library is a C library based on LibXML2 and OpenSSL. +The library was created with a goal to support major XML security +standards "XML Digital Signature" and "XML Encryption". + +%package -n %{libgcrypt} +Summary: GCrypt crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libgcrypt} +GCrypt plugin for XML Security Library provides GCrypt based crypto services +for the xmlsec library. + +%package -n %{libgnutls} +Summary: GNUTls crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libgnutls} +GNUTls plugin for XML Security Library provides GNUTls based crypto services +for the xmlsec library. + +%package -n %{libnss} +Summary: NSS crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libnss} +NSS plugin for XML Security Library provides NSS based crypto services +for the xmlsec library. + +%package -n %{libopenssl} +Summary: OpenSSL crypto plugin for XML Security Library +Requires: %{libname} = %{version} + +%description -n %{libopenssl} +OpenSSL plugin for XML Security Library provides OpenSSL based crypto services +for the xmlsec library. + +%package devel +Summary: Libraries, includes for XML Signatures/Encryption +Requires: %{libname} = %{version} +Requires: libxml2-devel >= 2.6.0 +Requires: libxslt-devel >= 1.1.0 +Requires: openssl-devel >= 0.9.6 +Requires: pkgconfig(zlib) + +%description devel +Libraries, includes, etc. you can use to develop applications with XML Digital +Signatures and XML Encryption support. + +%package openssl-devel +Summary: OpenSSL crypto plugin for XML Security Library +Requires: %{libopenssl} = %{version} +Requires: %{name}-devel = %{version} + +%description openssl-devel +Libraries, includes, etc. for developing XML Security applications with OpenSSL + +%package gcrypt-devel +Summary: GCrypt crypto plugin for XML Security Library +Requires: %{libgcrypt} = %{version} +Requires: %{name}-devel = %{version} + +%description gcrypt-devel +Libraries, includes, etc. for developing XML Security applications with GCrypt. + +%package gnutls-devel +Summary: GNUTls crypto plugin for XML Security Library +Requires: %{libgnutls} = %{version} +Requires: %{name}-devel = %{version} +Requires: %{name}-openssl-devel = %{version} +Requires: gnutls-devel >= 1.0.20 +Requires: libgcrypt-devel >= 1.2.0 + +%description gnutls-devel +Libraries, includes, etc. for developing XML Security applications with GNUTls. + +%package nss-devel +Summary: NSS crypto plugin for XML Security Library +Requires: %{libnss} = %{version} +Requires: %{name}-devel = %{version} +Requires: mozilla-nspr-devel +Requires: mozilla-nss-devel >= 3.2 + +%description nss-devel +Libraries, includes, etc. for developing XML Security applications with NSS. + +%prep +%setup -q +%if 0%{?suse_version} < 1500 +%patch -P 0 -p1 +%endif + +%build +# Allow for deprecations +export CFLAGS="%{optflags} -Wno-error=deprecated-declarations -std=c99" +export CXXFLAGS="%{optflags} -Wno-error=deprecated-declarations" +%configure \ + --disable-static \ + --disable-silent-rules \ + --disable-md5 +%make_build + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print + +# move installed docs to include them in -devel package via %%doc magic +rm -rf __tmp_doc ; mkdir __tmp_doc +mv %{buildroot}%{_datadir}/doc/xmlsec1/* __tmp_doc +rmdir %{buildroot}%{_datadir}/doc/xmlsec1 + +%check +# Relax the crypto policies for the test-suite +export GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null +%make_build -j1 check check-keys check-dsig check-enc + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig +%post -n %{libgcrypt} -p /sbin/ldconfig +%postun -n %{libgcrypt} -p /sbin/ldconfig +%post -n %{libgnutls} -p /sbin/ldconfig +%postun -n %{libgnutls} -p /sbin/ldconfig +%post -n %{libnss} -p /sbin/ldconfig +%postun -n %{libnss} -p /sbin/ldconfig +%post -n %{libopenssl} -p /sbin/ldconfig +%postun -n %{libopenssl} -p /sbin/ldconfig + +%files +%license COPYING +%doc README.md ChangeLog +%{_mandir}/man1/xmlsec1.1%{?ext_man} +%{_bindir}/xmlsec1 + +%files -n %{libname} +%license COPYING +%{_libdir}/libxmlsec1.so.* + +%files -n %{libgcrypt} +%license COPYING +%{_libdir}/libxmlsec1-gcrypt.so.* +%{_libdir}/libxmlsec1-gcrypt.so + +%files -n %{libgnutls} +%license COPYING +%{_libdir}/libxmlsec1-gnutls.so.* +%{_libdir}/libxmlsec1-gnutls.so + +%files -n %{libnss} +%license COPYING +%{_libdir}/libxmlsec1-nss.so.* +%{_libdir}/libxmlsec1-nss.so + +%files -n %{libopenssl} +%license COPYING +%{_libdir}/libxmlsec1-openssl.so.* +%{_libdir}/libxmlsec1-openssl.so + +%files devel +%license COPYING +%doc AUTHORS ChangeLog NEWS +%doc HACKING __tmp_doc/* +%{_bindir}/xmlsec1-config +%dir %{_includedir}/xmlsec1 +%dir %{_includedir}/xmlsec1/xmlsec +%{_includedir}/xmlsec1/xmlsec/*.h +%{_libdir}/libxmlsec1.so +%{_libdir}/pkgconfig/xmlsec1.pc +%{_libdir}/xmlsec1Conf.sh +%{_datadir}/aclocal/xmlsec1.m4 +%{_mandir}/man1/xmlsec1-config.1%{?ext_man} + +%files openssl-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/openssl/ +%{_libdir}/pkgconfig/xmlsec1-openssl.pc + +%files gcrypt-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/gcrypt/ +%{_libdir}/pkgconfig/xmlsec1-gcrypt.pc + +%files gnutls-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/gnutls/ +%{_libdir}/pkgconfig/xmlsec1-gnutls.pc + +%files nss-devel +%license COPYING +%{_includedir}/xmlsec1/xmlsec/nss/ +%{_libdir}/pkgconfig/xmlsec1-nss.pc + +%changelog