|
@@ -3,37 +3,39 @@
|
|
|
Summary: GNU TLS Library
|
|
|
Summary(ja): GNU TLS ライブラリ
|
|
|
Name: gnutls
|
|
|
-Version: 2.12.23
|
|
|
-Release: 2%{?_dist_release}
|
|
|
+Version: 3.2.11
|
|
|
+Release: 1%{?_dist_release}
|
|
|
License: GPLv3+ and LGPLv2+
|
|
|
# The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+
|
|
|
Group: System Environment/Libraries
|
|
|
URL: http://www.gnutls.org/
|
|
|
-#Source0: ftp://ftp.gnutls.org/pub/gnutls/devel/%{name}-%{version}.tar.gz
|
|
|
-#Source1: ftp://ftp.gnutls.org/pub/gnutls/devel/%{name}-%{version}.tar.gz.sig
|
|
|
-# XXX patent tainted SRP code removed.
|
|
|
-Source0: %{name}-%{version}.tar.bz2
|
|
|
+Source0: %{name}-%{version}.tar.xz
|
|
|
Source1: libgnutls-config
|
|
|
|
|
|
#patches from fedora development
|
|
|
-Patch1: gnutls-2.12.11-rpath.patch
|
|
|
-Patch2: gnutls-2.8.6-link-libgcrypt.patch
|
|
|
-# Remove nonexisting references from texinfo file
|
|
|
-Patch3: gnutls-2.12.2-nosrp.patch
|
|
|
-# Skip tests that are expected to fail on libgcrypt build
|
|
|
-Patch4: gnutls-2.12.7-dsa-skiptests.patch
|
|
|
+Patch1: gnutls-3.2.7-rpath.patch
|
|
|
+Patch3: gnutls-3.1.11-nosrp.patch
|
|
|
|
|
|
-Patch100: fix_denial_of_service.patch
|
|
|
+# Vine Patches
|
|
|
+Patch100: gnutls-3.2.10_guile_build.patch
|
|
|
+
|
|
|
+# Security fixes
|
|
|
+# Nothing...
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
|
|
|
-BuildRequires: libgcrypt-devel >= 1.2.2, zlib-devel libtasn1-devel gmp-devel
|
|
|
+# BuildRequires: libgcrypt-devel >= 1.2.2
|
|
|
+BuildRequires: libtasn1-devel >= 3.1
|
|
|
+BuildRequires: gmp-devel, zlib-devel
|
|
|
BuildRequires: gettext readline-devel libtool
|
|
|
BuildRequires: guile-devel >= 1.8.6
|
|
|
-BuildRequires: lzo-devel
|
|
|
+# BuildRequires: lzo-devel
|
|
|
BuildRequires: p11-kit-devel >= 0.11
|
|
|
-Requires: libgcrypt >= 1.2.2, zlib
|
|
|
-Requires: lzo
|
|
|
+BuildRequires: nettle-devel >= 2.7
|
|
|
+BuildRequires: texinfo, autogen
|
|
|
+# Requires: libgcrypt >= 1.2.2, zlib
|
|
|
+Requires: zlib
|
|
|
+# Requires: lzo
|
|
|
|
|
|
Requires(post): ldconfig
|
|
|
Requires(postun): ldconfig
|
|
@@ -53,7 +55,7 @@ Summary(ja): GnuTLS の開発用ファイル
|
|
|
Group: Development/Libraries
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
Requires: libgcrypt-devel, zlib-devel, pkgconfig
|
|
|
-Requires: libtasn1-devel
|
|
|
+Requires: libtasn1-devel, nettle-devel
|
|
|
Requires(post,preun): /sbin/install-info
|
|
|
|
|
|
%description devel
|
|
@@ -96,7 +98,7 @@ This package contains Guile bindings for the library.
|
|
|
%package c++
|
|
|
Summary: The C++ interface to GnuTLS
|
|
|
Group: System Environment/Libraries
|
|
|
-Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
+Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
%description c++
|
|
|
GnuTLS is a project that aims to develop a library which provides a secure
|
|
@@ -109,7 +111,7 @@ This package contains the C++ interface for the GnuTLS library.
|
|
|
Summary: GNU TLS Library
|
|
|
Summary(ja): GNU TLS ライブラリ
|
|
|
Group: System Environment/Libraries
|
|
|
-Requires: compat32-%{name} = %{version}-%{release}
|
|
|
+Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
%description -n compat32-%{name}
|
|
|
GnuTLS is a project that aims to develop a library which provides a secure
|
|
@@ -151,53 +153,56 @@ This package contains Guile bindings for the library.
|
|
|
%prep
|
|
|
%setup -q
|
|
|
%patch1 -p1 -b .rpath
|
|
|
-%patch2 -p1 -b .link
|
|
|
%patch3 -p1 -b .nosrp
|
|
|
-%patch4 -p1 -b .skiptests
|
|
|
-
|
|
|
-%patch100 -p1 -b .denial
|
|
|
|
|
|
-for i in auth_srp_rsa.c auth_srp_sb64.c auth_srp_passwd.c auth_srp.c gnutls_srp.c ext_srp.c; do
|
|
|
- touch lib/$i
|
|
|
-done
|
|
|
+# %patch100 -p1
|
|
|
|
|
|
%build
|
|
|
-#autoreconf
|
|
|
-%configure --with-libtasn1-prefix=%{_prefix} \
|
|
|
- --with-lzo \
|
|
|
- --with-included-libcfg \
|
|
|
+export LDFLAGS="-Wl,--no-add-needed"
|
|
|
+# autoreconf -fi
|
|
|
+%configure \
|
|
|
--disable-openssl-compatibility \
|
|
|
--disable-srp-authentication \
|
|
|
--disable-static \
|
|
|
--disable-srp-authentication \
|
|
|
+ --disable-non-suiteb-curves \
|
|
|
--disable-rpath \
|
|
|
- --with-libgcrypt
|
|
|
+ --enable-guile
|
|
|
+# --with-libgcrypt
|
|
|
+# --with-lzo \
|
|
|
+# --with-included-libcfg \
|
|
|
+# --with-libtasn1-prefix=%{_prefix} \
|
|
|
# --with-included-libtasn1 \
|
|
|
# --with-included-opencdk \
|
|
|
# --with-included-lzo \
|
|
|
-make
|
|
|
-cp lib/COPYING COPYING.LIB
|
|
|
+make %{?_smp_mflags}
|
|
|
+# cp lib/COPYING COPYING.LIB
|
|
|
|
|
|
%install
|
|
|
%__rm -rf %{buildroot}
|
|
|
-%makeinstall
|
|
|
+# makeinstall macro causes build error, why?
|
|
|
+make install DESTDIR=%{buildroot}
|
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_bindir}/srptool
|
|
|
+rm -f $RPM_BUILD_ROOT%{_bindir}/danetool
|
|
|
rm -f $RPM_BUILD_ROOT%{_bindir}/gnutls-srpcrypt
|
|
|
# replace libgnutls*-config
|
|
|
+%__install -d %{buildroot}%{_bindir}
|
|
|
%__install -p -m755 %{SOURCE1} %{buildroot}%{_bindir}/libgnutls-config
|
|
|
-%__install -p -m755 %{SOURCE1} %{buildroot}%{_bindir}/libgnutls-extra-config
|
|
|
+# %__install -p -m755 %{SOURCE1} %{buildroot}%{_bindir}/libgnutls-extra-config
|
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/srptool.1
|
|
|
rm -f $RPM_BUILD_ROOT%{_mandir}/man3/*srp*
|
|
|
rm -f $RPM_BUILD_ROOT%{_infodir}/dir
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/libguile*.a
|
|
|
+rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc
|
|
|
|
|
|
# remove unneeded files
|
|
|
%__rm -f %{buildroot}%{_libdir}/*.la
|
|
|
+%__rm -f %{buildroot}%{_libdir}/guile/1.8/*.la
|
|
|
|
|
|
-%find_lang libgnutls
|
|
|
+%find_lang gnutls
|
|
|
|
|
|
%check
|
|
|
make check
|
|
@@ -231,11 +236,11 @@ fi
|
|
|
|
|
|
%postun -n compat32-%{name}-guile -p /sbin/ldconfig
|
|
|
|
|
|
-%files -f libgnutls.lang
|
|
|
+%files -f gnutls.lang
|
|
|
%defattr(-,root,root,-)
|
|
|
-%{_libdir}/libgnutls.so.*
|
|
|
-%{_libdir}/libgnutls-extra.so.*
|
|
|
-%doc COPYING COPYING.LIB README AUTHORS
|
|
|
+%{_libdir}/libgnutls.so.28*
|
|
|
+%{_libdir}/libgnutls-xssl.so.0*
|
|
|
+%doc README AUTHORS NEWS THANKS
|
|
|
|
|
|
%files devel
|
|
|
%defattr(-,root,root,-)
|
|
@@ -252,13 +257,14 @@ fi
|
|
|
%{_bindir}/certtool
|
|
|
%{_bindir}/psktool
|
|
|
%{_bindir}/p11tool
|
|
|
+%{_bindir}/ocsptool
|
|
|
%{_bindir}/gnutls*
|
|
|
%{_mandir}/man1/*
|
|
|
%doc doc/certtool.cfg
|
|
|
|
|
|
%files guile
|
|
|
%defattr(-,root,root,-)
|
|
|
-%{_libdir}/libguile*.so*
|
|
|
+%{_libdir}/guile/1.8/guile*.so*
|
|
|
%{_datadir}/guile/site/gnutls
|
|
|
%{_datadir}/guile/site/gnutls.scm
|
|
|
|
|
@@ -268,7 +274,8 @@ fi
|
|
|
%if %{build_compat32}
|
|
|
%files -n compat32-%{name}
|
|
|
%defattr(-,root,root,-)
|
|
|
-%{_libdir}/libgnutls*.so.*
|
|
|
+%{_libdir}/libgnutls.so.28*
|
|
|
+%{_libdir}/libgnutls-xssl.so.0*
|
|
|
|
|
|
%files -n compat32-%{name}-devel
|
|
|
%defattr(-,root,root,-)
|
|
@@ -278,10 +285,24 @@ fi
|
|
|
|
|
|
%files -n compat32-%{name}-guile
|
|
|
%defattr(-,root,root,-)
|
|
|
-%{_libdir}/libguile*.so*
|
|
|
+%{_libdir}/guile/1.8/guile*.so*
|
|
|
%endif
|
|
|
|
|
|
%changelog
|
|
|
+* Wed Feb 19 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.11-1
|
|
|
+- new upstream release with security fix
|
|
|
+
|
|
|
+* Sun Feb 9 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-3
|
|
|
+- fix R: in compat32
|
|
|
+
|
|
|
+* Wed Feb 5 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-2
|
|
|
+- fix BR:, R: (drop unneeded dependency)
|
|
|
+
|
|
|
+* Mon Feb 3 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.2.10-1
|
|
|
+- new upstream release 3.2.10
|
|
|
+- update patches / drop old patches
|
|
|
+- add BR: nettle
|
|
|
+
|
|
|
* Fri Jun 07 2013 Toshiharu Kudoh <toshi.kd2@gmail.com> 2.12.23-2
|
|
|
- added Patch100 from upstream to fix CVE-2013-2116
|
|
|
|