specs/g/gnutls/gnutls-vl.spec

%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}

Summary:	GNU TLS Library
Summary(ja):	GNU TLS ライブラリ
Name:		gnutls
Version:	3.2.20
Release:	3%{?_dist_release}
License:	GPLv3+ and LGPLv2+
# The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+
Group:		System Environment/Libraries
URL:		http://www.gnutls.org/
Source0:	%{name}-%{version}.tar.xz
Source1:	libgnutls-config

#patches from fedora development
Patch1: gnutls-3.2.7-rpath.patch
Patch3: gnutls-3.1.11-nosrp.patch

# Vine Patches
Patch100: gnutls-3.2.10_guile_build.patch

# Security
Patch1000: gnutls-3.2.20_SA-2015-3.patch

# Security fixes
# Nothing...

BuildRoot:	%{_tmppath}/%{name}-%{version}-root
BuildRequires:	libtasn1-devel >= 3.1
BuildRequires:	gmp-devel
BuildRequires:	gettext readline-devel libtool
BuildRequires:	guile-devel >= 1.8.6
BuildRequires:	p11-kit-devel >= 0.11
BuildRequires:	nettle-devel >= 2.7
BuildRequires:	texinfo, autogen
BuildRequires:	zlib-devel
Requires:      zlib

Requires(post):   ldconfig
Requires(postun): ldconfig

Vendor:		Project Vine
Distribution:	Vine Linux

%description
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
#'

%package devel
Summary:	Development files for the GnuTLS package.
Summary(ja):	GnuTLS の開発用ファイル
Group:		Development/Libraries
Requires:	%{name} = %{version}-%{release}
Requires:	libgcrypt-devel, zlib-devel, pkgconfig
Requires:	libtasn1-devel, nettle-devel
Requires(post,preun): /sbin/install-info

%description devel
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.

This package contains files needed for developing applications with the GnuTLS
library.
#'

%package utils
Summary:	Command line tools for TLS protocol.
Summary(ja):	GnuTLS のコマンドラインツール
Group:		Applications/System
Requires:	%{name} = %{version}-%{release}

%description utils
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.

This package contains command line TLS client and server and certificate
manipulation tools.
#'

%package guile
Summary: Guile bindings for the GNUTLS library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: guile

%description guile
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
This package contains Guile bindings for the library.
#'

%package c++
Summary: The C++ interface to GnuTLS
Group: System Environment/Libraries
Requires: %{name} = %{version}-%{release}

%description c++
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
This package contains the C++ interface for the GnuTLS library.
#'

%package -n compat32-%{name}
Summary:	GNU TLS Library
Summary(ja):	GNU TLS ライブラリ
Group:		System Environment/Libraries
Requires:	%{name} = %{version}-%{release}

%description -n compat32-%{name}
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
#'

%package -n compat32-%{name}-devel
Summary:	Development files for the GnuTLS package.
Summary(ja):	GnuTLS の開発用ファイル
Group:		Development/Libraries
Requires:	compat32-%{name} = %{version}-%{release}
Requires:	%{name}-devel = %{version}-%{release}
Requires:	compat32-libgcrypt-devel, compat32-zlib-devel
Requires(post,preun): /sbin/install-info

%description -n compat32-%{name}-devel
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.

This package contains files needed for developing applications with the GnuTLS
library.
#'

%package -n compat32-%{name}-guile
Summary: Guile bindings for the GNUTLS library
Group: Development/Libraries
Requires: compat32-%{name} = %{version}-%{release}
Requires: %{name}-guile = %{version}-%{release}

%description -n compat32-%{name}-guile
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
This package contains Guile bindings for the library.
#'

%prep
%setup -q

%patch1 -p1 -b .rpath
%patch3 -p1 -b .nosrp

# %patch100 -p1 
%patch1000 -p1 -b .SA-2015-3

%build
export LDFLAGS="-Wl,--no-add-needed"
# autoreconf -fi
%configure \
	--disable-openssl-compatibility \
	--disable-srp-authentication \
	--disable-static \
	--disable-srp-authentication \
	--disable-non-suiteb-curves \
	--disable-rpath \
        --enable-guile
#	--with-libgcrypt
#	--with-lzo \
#	--with-included-libcfg \
#       --with-libtasn1-prefix=%{_prefix} \
#	--with-included-libtasn1 \
#	--with-included-opencdk \
#	--with-included-lzo \
make %{?_smp_mflags}
# cp lib/COPYING COPYING.LIB

%install
%__rm -rf %{buildroot}
# makeinstall macro causes build error, why?
make install DESTDIR=%{buildroot}

rm -f $RPM_BUILD_ROOT%{_bindir}/srptool
rm -f $RPM_BUILD_ROOT%{_bindir}/danetool
rm -f $RPM_BUILD_ROOT%{_bindir}/gnutls-srpcrypt
# replace libgnutls*-config
%__install -d %{buildroot}%{_bindir}
%__install -p -m755 %{SOURCE1} %{buildroot}%{_bindir}/libgnutls-config
# %__install -p -m755 %{SOURCE1} %{buildroot}%{_bindir}/libgnutls-extra-config

rm -f $RPM_BUILD_ROOT%{_mandir}/man1/srptool.1
rm -f $RPM_BUILD_ROOT%{_mandir}/man3/*srp*
rm -f $RPM_BUILD_ROOT%{_infodir}/dir
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/libguile*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc

# remove unneeded files
%__rm -f %{buildroot}%{_libdir}/*.la
%__rm -f %{buildroot}%{_libdir}/guile/2.0/*.la

%find_lang gnutls

%check
make check

%clean
rm -rf %{buildroot}

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

%post devel
if [ -f %{_infodir}/gnutls.info.gz ]; then
    /sbin/install-info %{_infodir}/gnutls.info.gz %{_infodir}/dir || :
fi

%preun devel
if [ $1 = 0 -a -f %{_infodir}/gnutls.info.gz ]; then
   /sbin/install-info --delete %{_infodir}/gnutls.info.gz %{_infodir}/dir || :
fi

%post guile -p /sbin/ldconfig

%postun guile -p /sbin/ldconfig

%post -n compat32-%{name} -p /sbin/ldconfig

%postun -n compat32-%{name} -p /sbin/ldconfig

%post -n compat32-%{name}-guile -p /sbin/ldconfig

%postun -n compat32-%{name}-guile -p /sbin/ldconfig

%files -f gnutls.lang
%defattr(-,root,root,-)
%{_libdir}/libgnutls.so.28*
%{_libdir}/libgnutls-xssl.so.0*
%doc README AUTHORS NEWS THANKS

%files devel
%defattr(-,root,root,-)
%{_bindir}/libgnutls*-config
%{_includedir}/*
%{_libdir}/libgnutls*.so
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man3/*
%{_infodir}/gnutls*
%{_infodir}/pkcs11-vision.png.gz

%files utils
%defattr(-,root,root,-)
%{_bindir}/certtool
%{_bindir}/psktool
%{_bindir}/p11tool
%{_bindir}/ocsptool
%{_bindir}/gnutls*
%{_mandir}/man1/*
%doc doc/certtool.cfg

%files guile
%defattr(-,root,root,-)
%{_libdir}/guile/2.0/guile*.so*
%{_datadir}/guile/site/gnutls
%{_datadir}/guile/site/gnutls.scm

%files c++
%{_libdir}/libgnutlsxx.so.*

%if %{build_compat32}
%files -n compat32-%{name}
%defattr(-,root,root,-)
%{_libdir}/libgnutls.so.28*
%{_libdir}/libgnutls-xssl.so.0*

%files -n compat32-%{name}-devel
%defattr(-,root,root,-)
#%{_libdir}/libgnutls*.a
%{_libdir}/libgnutls*.so
%{_libdir}/pkgconfig/*.pc

%files -n compat32-%{name}-guile
%defattr(-,root,root,-)
%{_libdir}/guile/2.0/guile*.so*
%endif

%changelog
* Mon Aug 17 2015 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.20-3
- add patch1000 for fix SA-2015-3

* Sun Jan 25 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 3.2.20-2
- rebuilt with guile 2.0.11

* Tue Nov 18 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.20-1
- new upstream release with security fix   

* Thu Jun  5 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.15-1
- new upstream release with security fix  

* Tue Mar 11 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.12.1-1
- new upstream release with security fix 

* Wed Feb 19 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.11-1
- new upstream release with security fix

* Sun Feb  9 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-3
- fix R: in compat32

* Wed Feb  5 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-2
- fix BR:, R: (drop unneeded dependency)

* Mon Feb  3 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-1
- new upstream release 3.2.10
- update patches / drop old patches
- add BR: nettle

* Fri Jun 07 2013 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.23-2
- added Patch100 from upstream to fix CVE-2013-2116

* Fri Feb 08 2013 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.23-1
- new upstream release
- fixed a day of the week in %%changelog

* Sat Jan 26 2013 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.22-1
- new upstream release

* Sun Nov 11 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.21-1
- new upstream release

* Sun Jun 10 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.20-1
- new upstream release

* Tue May 08 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.19-1
- new upstream release

* Sun Mar 18 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.18-1
- new upstream release
- changed BuildRequires: p11-kit-devel >= 0.11

* Fri Mar 16 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.17-1
- new upstream release

* Sat Jan 14 2012 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.16-1
- new upstream release

* Mon Dec 05 2011 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.14-3
- added BuildRequires: p11-kit-devel

* Sun Dec 04 2011 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.14-2
- deleted BuildRequires: nettle-devel
  - mistake.. fixed.

* Sun Dec 04 2011 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.14-1
- new upstream release
- synced Fedora development package
- add new sub-package: c++

* Sun Apr 10 2011 IWAI, Masaharu <iwai@alib.jp> 2.10.5-2
- add Requires: libtasn1-devel for devel subpackage

* Sun Apr  3 2011 IWAI, Masaharu <iwai@alib.jp> 2.10.5-1
- new upstream release

* Sun Dec 12 2010 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.10.4-1
- new upstream release

* Tue Nov 23 2010 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.10.3-1
- new upstream release
- dropt patch1

* Sat Oct 9 2010 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.10.2-1
- new upstream release
- added patch1,2,3,4 from Fedora development
- added BuildRequires: gettext readline-devel libtool
- added configure option
  --disable-static,--disable-srp-authentication
  - dropt *.a files from -devel package again

* Tue Sep 21 2010 IWAI, Masaharu <iwai@alib.jp> 2.8.6-2
- build with rpm-4.8.1-1 for pkg-config file

* Mon Mar 22 2010 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.8.6-1
- new upstream release
- applied new naming policy to spec

* Thu Nov 19 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.8.5-1
- new upstream release

* Sat Sep 19 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.8.4-1
- new upstream release

* Wed Aug 19 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.8.3-1
- new upstream release

* Thu Aug 13 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.8.2-1
- new upstream release with security fix (handling X.509 CN or SAN fields)

* Sat Jun 27 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.8.1-2vl5
- added compat32 package for x86_64 arch support

* Thu Jun 11 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.8.1-1vl5
- new upstream release
- added autoreconf
- deleted libguile*.a
- dropt Patch3
- added %post guile, %postun guile

* Sun May 03 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.6.6-2
- drop *.a files from -devel package
- build with system lzo

* Sun May 03 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.6.6-1
- new upstream release with security fixes (CVE-2009-1415,1416,1417)

* Wed Apr 15 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.6.5-1vl5
- update to 2.6.5

* Wed Mar 25 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.6.4-2
- spec in UTF-8

* Sun Feb 8 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.6.4-1vl5
- update to 2.6.4
- modifeid Source0

* Mon Jan 19 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.6.3-2vl5
- add BuildRequires: guile-devel >= 1.8.6

* Tue Jan 13 2009 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.6.3-1vl5
- update to 2.6.3
- import from fedora developing's 2.6.3
  - License tag fixed
- dropped patch0, patch1, patch2
- added patch3
- added BuildRequires: gmp-devel
- add new sub-package: guile
  - added %package guile, %description guile, %files guile

* Sat Mar 22 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 1.6.3-2vl5
- used %%{?_dist_release} macro

* Mon Mar 17 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 1.6.3-2vl1
- update to 1.6.3 (use no-SRP source)
- import from fedora core's 1.6.3-2
  - nosrc.tar.bz2 (source0)
  - license tag fix
- build with system libtasn1

* Fri Mar 09 2007 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.4.5-0vl1
- update to 1.4.5 (use no-SRP source)
- import from fedora core's 1.4.5-1
  - nosrc.tar.bz2 (source0)
- drop obsolete cve-2006-4790.patch (patch3)

* Tue Oct 24 2006 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.4.1-2vl1
- [SECURITY] update to 1.4.1 (use no-SRP source)
- import from fedora core's 1.4.1-2
  - nosrp.tar.bz2 (source0)
  - libgnutls-config (source1)
  - nosrc.patch (patch0)
  - enable-psk.patch (patch1)
  - cve-2006-4790.patch (patch3)
- update required version of libgcrypt (>= 1.2.2)
- add Requires: pkgconfig to -devel package
- add %%check section
- update %%files
- add new sub-package: utils

* Sat May 14 2005 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.0.25-0vl1
- [SECURITY FIX] upstream release
  - record packet parsing denial of service (CAN-2005-1431)

* Mon Mar 28 2005 KAZUKI SHIMURA <kazuki@ma.ccnw.ne.jp> 1.0.24-0vl1
- initial build for Vine Linux
- upstream release

* Wed Mar  2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
- gcc4 rebuild

* Tue Jan  4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
- add gnutls Requires zlib-devel (#144069)

* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
- Make gnutls-devel Require libgcrypt-devel

* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
- rebuild with release++, otherwise unchanged.

* Tue Sep  7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
- patent tainted SRP code removed.

* Sun Sep  5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
- update to 1.0.20.
- add --with-included-opencdk --with-included-libtasn1
- add --with-included-libcfg --with-included-lzo
- add --disable-srp-authentication.
- do "make check" after build.

* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
- upgrade to 0.9.2

* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
- update to 0.4.4.

* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
- update to 0.4.3.

* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
- update to 0.4.2.
- change license to LGPL.
- include splint annotations patch.

* Tue Apr  2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
- update to 0.4.0

* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
- update to 0.3.2

* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
- add a URL

* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
- initial package