2022-08-26 11:55:49 +00:00
%define srpmhash() %{lua:
local files = rpm.expand(" %_specdir / g n u t l s . s p e c " )
for i, p in ipairs(patches) do
files = files.." " ..p
end
for i, p in ipairs(sources) do
files = files.." " ..p
end
local sha256sum = assert(io.popen(" c a t " ..files.." | s h a 2 5 6 s u m " ))
local hash = sha256sum:read(" * a " )
sha256sum:close()
print(string.sub(hash, 0, 16))
}
2024-11-05 11:36:40 +00:00
Version : 3.8.8
2022-06-03 00:57:19 +00:00
Release : %{?autorelease} %{!?autorelease:1%{?dist} }
2024-11-05 11:36:40 +00:00
# not upstreamed: can we drop this as configure is regenerated when bootstrapping?
2022-08-26 11:55:49 +00:00
Patch : gnutls-3.2.7-rpath.patch
2024-08-14 05:15:01 +00:00
# not upstreamed: modifies the generated code
Patch : gnutls-3.7.2-enable-intel-cet.patch
# not upstreamed: to ignore GNUTLS_NO_EXPLICIT_INIT, for long-term support purposes
Patch : gnutls-3.7.2-no-explicit-init.patch
# not upstreamed: to avoid any inconsistency between algorithms enabled through API vs the ones enabled through config file, for long-term support purposes
Patch : gnutls-3.7.3-disable-config-reload.patch
# not upstreamed: should be removed once --disable-dsa is ported
Patch : gnutls-3.7.3-fips-dsa-post.patch
# not upstreamed, reseed source DRBG for prediction resistance
Patch : gnutls-3.7.6-drbg-reseed.patch
# not upstreamed, hard blocking SHA-1 signature verification, for long-term support purposes
Patch : gnutls-3.7.6-fips-sha1-sigver.patch
# not upstreamed: see https://gitlab.com/gnutls/gnutls/-/issues/1443
2024-11-05 11:36:40 +00:00
Patch : gnutls-3.8.8-tests-ktls-skip-tls12-chachapoly.patch
2023-12-01 08:44:03 +00:00
2022-07-25 09:31:19 +00:00
%bcond_without bootstrap
2013-02-06 20:41:29 +00:00
%bcond_without dane
2018-06-13 07:42:39 +00:00
%bcond_without fips
2022-01-18 08:40:12 +00:00
%bcond_with tpm12
2022-08-26 11:55:49 +00:00
%bcond_without tpm2
2024-10-08 11:21:45 +00:00
%if 0%{?rhel} >= 9
%bcond_with gost
%else
2022-01-18 08:42:49 +00:00
%bcond_without gost
2024-10-08 11:21:45 +00:00
%endif
2024-06-17 11:24:29 +00:00
%bcond_without certificate_compression
2024-07-22 07:07:37 +00:00
%bcond_without liboqs
2022-08-26 11:55:49 +00:00
%bcond_without tests
2018-06-06 11:40:47 +00:00
2023-08-29 13:39:14 +00:00
%if 0%{?fedora} && 0%{?fedora} < 38
2023-04-11 10:37:40 +00:00
%bcond_without srp
%else
%bcond_with srp
%endif
%if 0%{?fedora}
%bcond_without mingw
%else
%bcond_with mingw
%endif
2024-05-10 00:59:00 +00:00
%if 0%{?rhel} >= 9 && %{with fips}
%bcond_without bundled_gmp
%else
%bcond_with bundled_gmp
%endif
2024-08-13 11:32:18 +00:00
%if 0%{?rhel} >= 10 && %{with fips}
%bcond_without bundled_nettle
%else
%bcond_with bundled_nettle
%endif
2023-04-11 10:37:40 +00:00
2022-07-19 00:10:22 +00:00
%define fips_requires() %{lua:
local f = assert(io.popen(" r p m - q - - q u e r y f o r m a t ' %{EVR} ' - - w h a t p r o v i d e s " ..rpm.expand(" ' % 1 %{?_isa} ' " )))
local v = f:read(" * a l l " )
f:close()
print(" R e q u i r e s : " ..rpm.expand(" % 1 %{?_isa} " ).." = " ..v.." \\ n " )
}
2007-04-10 16:14:48 +00:00
Summary : A TLS protocol implementation
2004-09-09 05:45:39 +00:00
Name : gnutls
2013-11-25 16:19:57 +00:00
# The libraries are LGPLv2.1+, utilities are GPLv3+
2023-08-24 01:19:38 +00:00
License : GPL-3.0-or-later AND LGPL-2.1-or-later
2015-05-04 11:01:32 +00:00
BuildRequires : p11-kit-devel >= 0.21.3, gettext-devel
2022-08-26 11:55:49 +00:00
BuildRequires : readline-devel, libtasn1-devel >= 4.3
%if %{with certificate_compression}
BuildRequires : zlib-devel, brotli-devel, libzstd-devel
%endif
2024-07-22 07:07:37 +00:00
%if %{with liboqs}
BuildRequires : liboqs-devel
%endif
2021-03-02 08:20:21 +00:00
%if %{with bootstrap}
BuildRequires : automake, autoconf, gperf, libtool, texinfo
%endif
2024-08-13 11:32:18 +00:00
%if !%{with bundled_nettle}
2023-12-11 15:04:37 +00:00
BuildRequires : nettle-devel >= 3.9.1
2024-08-13 11:32:18 +00:00
%endif
2022-01-18 08:40:12 +00:00
%if %{with tpm12}
2013-11-25 16:19:57 +00:00
BuildRequires : trousers-devel >= 0.3.11.2
2022-01-18 08:40:12 +00:00
%endif
2022-08-26 11:55:49 +00:00
%if %{with tpm2}
BuildRequires : tpm2-tss-devel >= 3.0.3
%endif
2017-02-14 13:25:36 +00:00
BuildRequires : libidn2-devel
2016-12-08 07:49:16 +00:00
BuildRequires : libunistring-devel
2023-08-04 12:19:56 +00:00
BuildRequires : net-tools, softhsm, gcc, gcc-c++
2019-07-15 13:05:54 +00:00
BuildRequires : gnupg2
2022-08-26 11:55:49 +00:00
BuildRequires : git-core
2018-06-06 11:40:47 +00:00
2017-04-07 14:48:56 +00:00
# for a sanity check on cert loading
BuildRequires : p11-kit-trust, ca-certificates
2014-05-21 09:50:25 +00:00
Requires : crypto-policies
2017-05-11 16:25:46 +00:00
Requires : p11-kit-trust
2015-03-30 08:00:31 +00:00
Requires : libtasn1 >= 4.3
2024-08-13 11:32:18 +00:00
%if !%{with bundled_nettle}
2022-07-19 00:10:22 +00:00
# always bump when a nettle release is packaged
2023-12-11 15:04:37 +00:00
Requires : nettle >= 3.9.1
2024-08-13 11:32:18 +00:00
%endif
2022-01-18 08:40:12 +00:00
%if %{with tpm12}
2015-07-14 13:17:31 +00:00
Recommends: trousers >= 0.3.11.2
2022-01-18 08:40:12 +00:00
%endif
2014-05-21 09:50:25 +00:00
2013-02-06 20:41:29 +00:00
%if %{with dane}
2013-11-27 08:42:27 +00:00
BuildRequires : unbound-devel unbound-libs
2013-02-06 20:41:29 +00:00
%endif
2022-07-25 09:31:19 +00:00
BuildRequires : make gtk-doc
2022-10-19 08:23:40 +00:00
2023-04-13 11:09:49 +00:00
%if %{with mingw}
2022-09-06 20:59:39 +00:00
BuildRequires : mingw32-filesystem >= 95
BuildRequires : mingw32-gcc
BuildRequires : mingw32-gcc-c++
BuildRequires : mingw32-libtasn1 >= 4.3
BuildRequires : mingw32-readline
BuildRequires : mingw32-zlib
BuildRequires : mingw32-p11-kit >= 0.23.1
BuildRequires : mingw32-nettle >= 3.6
BuildRequires : mingw64-filesystem >= 95
BuildRequires : mingw64-gcc
BuildRequires : mingw64-gcc-c++
BuildRequires : mingw64-libtasn1 >= 4.3
BuildRequires : mingw64-readline
BuildRequires : mingw64-zlib
BuildRequires : mingw64-p11-kit >= 0.23.1
BuildRequires : mingw64-nettle >= 3.6
2022-10-19 08:23:40 +00:00
%endif
2004-09-09 05:45:39 +00:00
URL : http://www.gnutls.org/
2022-04-25 11:48:23 +00:00
%define short_version %(echo %{version} | grep -m1 -o "[0-9]*\.[0-9]*" | head -1)
2024-11-05 11:36:40 +00:00
Source0 : https://www.gnupg.org/ftp/gcrypt/gnutls/v%{short_version} /%{name} -%{version} .tar.xz
Source1 : https://www.gnupg.org/ftp/gcrypt/gnutls/v%{short_version} /%{name} -%{version} .tar.xz.sig
2023-02-14 12:59:28 +00:00
Source2 : https://gnutls.org/gnutls-release-keyring.gpg
2007-06-06 20:23:58 +00:00
2024-05-10 00:59:00 +00:00
%if %{with bundled_gmp}
Source100 : gmp-6.2.1.tar.xz
# Taken from the main gmp package
Source101 : gmp-6.2.1-intel-cet.patch
%endif
2024-08-13 11:32:18 +00:00
%if %{with bundled_nettle}
Source200 : nettle-3.10-hobbled.tar.xz
# Taken from the main nettle package
Source201 : nettle-3.8-zeroize-stack.patch
%endif
2012-05-18 07:06:24 +00:00
# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
2013-05-13 13:19:29 +00:00
Provides : bundled(gnulib) = 20130424
2004-09-09 05:45:39 +00:00
2011-07-25 15:35:07 +00:00
%package c++
Summary : The C++ interface to GnuTLS
Requires : %{name} %{?_isa} = %{version} -%{release}
2004-09-09 05:45:39 +00:00
%package devel
2007-04-10 16:14:48 +00:00
Summary : Development files for the %{name} package
2011-07-25 15:35:07 +00:00
Requires : %{name} %{?_isa} = %{version} -%{release}
Requires : %{name} -c++%{?_isa} = %{version} -%{release}
2013-02-06 20:41:29 +00:00
%if %{with dane}
Requires : %{name} -dane%{?_isa} = %{version} -%{release}
%endif
2006-09-14 12:39:29 +00:00
Requires : pkgconfig
2005-01-04 13:56:10 +00:00
2005-07-04 22:10:55 +00:00
%package utils
2023-08-24 01:19:38 +00:00
License : GPL-3.0-or-later
2007-04-10 16:14:48 +00:00
Summary : Command line tools for TLS protocol
2011-07-25 15:35:07 +00:00
Requires : %{name} %{?_isa} = %{version} -%{release}
2013-02-06 20:41:29 +00:00
%if %{with dane}
Requires : %{name} -dane%{?_isa} = %{version} -%{release}
%endif
%if %{with dane}
%package dane
Summary : A DANE protocol implementation for GnuTLS
Requires : %{name} %{?_isa} = %{version} -%{release}
%endif
2004-09-09 05:45:39 +00:00
2022-07-19 00:10:22 +00:00
%if %{with fips}
%package fips
Summary : Virtual package to install packages required to use %{name} under FIPS mode
Requires : %{name} %{?_isa} = %{version} -%{release}
2024-08-13 11:32:18 +00:00
%if !%{with bundled_nettle}
2022-07-19 00:10:22 +00:00
%{fips_requires nettle}
2024-08-13 11:32:18 +00:00
%endif
2024-05-10 00:59:00 +00:00
%if !%{with bundled_gmp}
2022-07-19 00:10:22 +00:00
%{fips_requires gmp}
%endif
2024-05-10 00:59:00 +00:00
%endif
2022-07-19 00:10:22 +00:00
2004-09-09 05:45:39 +00:00
%description
2013-11-26 09:49:23 +00:00
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
2004-09-09 05:45:39 +00:00
2011-07-25 15:35:07 +00:00
%description c++
2013-11-26 09:49:23 +00:00
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
2011-07-25 15:35:07 +00:00
2004-09-09 05:45:39 +00:00
%description devel
2013-11-26 09:49:23 +00:00
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
2005-06-06 19:36:11 +00:00
This package contains files needed for developing applications with
the GnuTLS library.
2004-09-09 05:45:39 +00:00
2005-07-04 22:10:55 +00:00
%description utils
2013-11-26 09:49:23 +00:00
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
2005-07-04 22:10:55 +00:00
This package contains command line TLS client and server and certificate
manipulation tools.
2013-02-06 20:41:29 +00:00
%if %{with dane}
%description dane
2013-11-26 09:49:23 +00:00
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
2013-02-06 20:41:29 +00:00
This package contains library that implements the DANE protocol for verifying
TLS certificates through DNSSEC.
%endif
2022-07-19 00:10:22 +00:00
%if %{with fips}
%description fips
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
This package does not contain any file, but installs required packages
to use GnuTLS under FIPS mode.
%endif
2023-04-13 11:09:49 +00:00
%if %{with mingw}
2022-09-06 20:59:39 +00:00
%package -n mingw32-%{name}
Summary : MinGW GnuTLS TLS/SSL encryption library
Requires : pkgconfig
Requires : mingw32-libtasn1 >= 4.3
2022-10-27 15:52:20 +00:00
BuildArch : noarch
2022-09-06 20:59:39 +00:00
%description -n mingw32-gnutls
GnuTLS TLS/SSL encryption library. This library is cross-compiled
for MinGW.
%package -n mingw64-%{name}
Summary : MinGW GnuTLS TLS/SSL encryption library
Requires : pkgconfig
Requires : mingw64-libtasn1 >= 4.3
2022-10-27 15:52:20 +00:00
BuildArch : noarch
2022-09-06 20:59:39 +00:00
%description -n mingw64-gnutls
GnuTLS TLS/SSL encryption library. This library is cross-compiled
for MinGW.
%{?mingw_debug_package}
2022-10-19 08:23:40 +00:00
%endif
2022-09-06 20:59:39 +00:00
2004-09-09 05:45:39 +00:00
%prep
2022-10-07 08:46:56 +00:00
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
2022-08-26 11:55:49 +00:00
%autosetup -p1 -S git
2024-05-10 00:59:00 +00:00
%if %{with bundled_gmp}
mkdir -p bundled_gmp
pushd bundled_gmp
tar --strip-components=1 -xf %{SOURCE100}
patch -p1 < %{SOURCE101}
popd
%endif
2024-08-13 11:32:18 +00:00
%if %{with bundled_nettle}
mkdir -p bundled_nettle
pushd bundled_nettle
tar --strip-components=1 -xf %{SOURCE200}
patch -p1 < %{SOURCE201}
popd
%endif
2024-08-21 06:42:35 +00:00
%if %{with bundled_gmp}
sed -i 's/@GMP_LIBS@//' lib/gnutls.pc.in
%endif
2022-08-26 11:55:49 +00:00
%build
%define _lto_cflags %{nil}
2017-05-11 08:17:54 +00:00
2024-05-10 00:59:00 +00:00
%if %{with bundled_gmp}
pushd bundled_gmp
autoreconf -ifv
%configure --disable-cxx --disable-shared --enable-fat --with-pic
%make_build
popd
2024-08-13 11:32:18 +00:00
export GMP_DIR=" $ P W D / b u n d l e d _ g m p "
export GMP_CFLAGS=" - I $ G M P _ D I R "
export GMP_LIBS=" $ G M P _ D I R / . l i b s / l i b g m p . a "
%endif
%if %{with bundled_nettle}
pushd bundled_nettle
./.bootstrap
# Disable -ggdb3 which makes debugedit unhappy
sed s/ggdb3/g/ -i configure
sed 's/ecc-secp192r1.c//g' -i Makefile.in
sed 's/ecc-secp224r1.c//g' -i Makefile.in
autoreconf -ifv
# For annocheck
export ASM_FLAGS=" - W a , - - g e n e r a t e - m i s s i n g - b u i l d - n o t e s = y e s "
%configure --disable-shared --enable-fat --disable-documentation \
--with-include-path=" $ G M P _ D I R " \
--with-lib-path=" $ G M P _ D I R / . l i b s " \
%{nil}
%make_build
ln -s . nettle
popd
export NETTLE_DIR=" $ P W D / b u n d l e d _ n e t t l e "
export NETTLE_CFLAGS=" - I $ N E T T L E _ D I R "
export NETTLE_LIBS=" $ N E T T L E _ D I R / l i b n e t t l e . a "
export HOGWEED_CFLAGS=" - I $ N E T T L E _ D I R "
export HOGWEED_LIBS=" $ N E T T L E _ D I R / l i b h o g w e e d . a "
2024-05-10 00:59:00 +00:00
%endif
2021-03-02 08:20:21 +00:00
%if %{with bootstrap}
autoreconf -fi
%endif
2015-06-18 13:54:56 +00:00
2015-07-14 13:17:31 +00:00
sed -i -e 's|sys_lib_dlsearch_path_spec="/lib /usr/lib|sys_lib_dlsearch_path_spec="/lib /usr/lib %{_libdir}|g' configure
2014-09-05 12:07:32 +00:00
rm -f lib/minitasn1/*.c lib/minitasn1/*.h
2015-07-14 13:17:31 +00:00
2017-01-09 10:23:49 +00:00
echo " S Y S T E M = N O R M A L " >> tests/system.prio
2004-09-09 05:45:39 +00:00
2018-10-16 14:55:23 +00:00
CCASFLAGS=" $ C C A S F L A G S - W a , - - g e n e r a t e - m i s s i n g - b u i l d - n o t e s = y e s "
export CCASFLAGS
2019-07-16 12:15:18 +00:00
2022-08-26 11:55:49 +00:00
%if %{with fips}
eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
export FIPS_MODULE_NAME=" $ O S _ N A M E $ { O S _ V E R S I O N _ I D % % . * } % n a m e "
%endif
2022-09-06 20:59:39 +00:00
mkdir native_build
pushd native_build
%global _configure ../configure
2021-03-02 08:20:21 +00:00
%configure \
2018-06-06 11:40:47 +00:00
%if %{with fips}
--enable-fips140-mode \
2022-08-26 11:55:49 +00:00
--with-fips140-module-name=" $ F I P S _ M O D U L E _ N A M E " \
--with-fips140-module-version=%{version} -%{srpmhash} \
2022-01-18 08:42:49 +00:00
%endif
%if %{with gost}
--enable-gost \
%else
--disable-gost \
2023-02-15 08:04:29 +00:00
%endif
2023-04-11 10:37:40 +00:00
%if %{with srp}
2023-02-15 08:04:29 +00:00
--enable-srp-authentication \
2023-03-02 11:14:44 +00:00
%endif
%ifarch %{ix86}
--disable-year2038 \
2018-06-06 11:40:47 +00:00
%endif
2018-09-25 06:58:48 +00:00
--enable-sha1-support \
2010-01-18 08:55:59 +00:00
--disable-static \
2011-07-25 15:35:07 +00:00
--disable-openssl-compatibility \
2016-09-09 12:13:08 +00:00
--disable-non-suiteb-curves \
--with-system-priority-file=%{_sysconfdir} /crypto-policies/back-ends/gnutls.config \
2017-04-07 14:48:56 +00:00
--with-default-trust-store-pkcs11=" p k c s 1 1 : " \
2022-01-18 08:40:12 +00:00
%if %{with tpm12}
2016-09-09 12:13:08 +00:00
--with-trousers-lib=%{_libdir} /libtspi.so.1 \
2022-01-18 08:40:12 +00:00
%else
--without-tpm \
%endif
2022-08-26 11:55:49 +00:00
%if %{with tpm2}
--with-tpm2 \
%else
--without-tpm2 \
%endif
--enable-ktls \
2017-03-06 08:48:15 +00:00
--htmldir=%{_docdir} /manual \
2013-02-06 20:41:29 +00:00
%if %{with dane}
2016-09-09 12:13:08 +00:00
--with-unbound-root-key-file=/var/lib/unbound/root.key \
2021-03-02 08:20:21 +00:00
--enable-libdane \
2013-02-06 20:41:29 +00:00
%else
2021-03-02 08:20:21 +00:00
--disable-libdane \
2022-08-26 11:55:49 +00:00
%endif
%if %{with certificate_compression}
--with-zlib --with-brotli --with-zstd \
%else
--without-zlib --without-brotli --without-zstd \
2024-07-22 07:07:37 +00:00
%endif
%if %{with liboqs}
--with-liboqs \
%else
--without-liboqs \
2012-02-03 22:49:13 +00:00
%endif
2017-01-09 10:23:49 +00:00
--disable-rpath \
2022-08-26 11:55:49 +00:00
--with-default-priority-string=" @ S Y S T E M "
2017-02-14 13:25:36 +00:00
2022-10-18 14:46:19 +00:00
%make_build
2024-08-21 06:42:35 +00:00
%if %{with bundled_nettle}
sed -i '/^Requires.private:/s/\(nettle\|hogweed\)[ ,]*//g' lib/gnutls.pc
%endif
2022-09-06 20:59:39 +00:00
popd
2023-04-11 10:37:40 +00:00
%if %{with mingw}
2022-09-06 20:59:39 +00:00
# MinGW does not support CCASFLAGS
export CCASFLAGS=" "
%mingw_configure \
2023-04-11 10:37:40 +00:00
%if %{with srp}
2023-02-15 08:04:29 +00:00
--enable-srp-authentication \
%endif
2022-09-06 20:59:39 +00:00
--enable-sha1-support \
--disable-static \
--disable-openssl-compatibility \
--disable-non-suiteb-curves \
--disable-libdane \
--disable-rpath \
--disable-nls \
--disable-cxx \
--enable-local-libopts \
--enable-shared \
--without-tpm \
--with-included-unistring \
--disable-doc \
--with-default-priority-string=" @ S Y S T E M "
%mingw_make %{?_smp_mflags}
2022-10-19 08:23:40 +00:00
%endif
2004-09-09 05:45:39 +00:00
%install
2022-09-06 20:59:39 +00:00
%make_install -C native_build
pushd native_build
2017-03-06 08:48:15 +00:00
make -C doc install-html DESTDIR=$RPM_BUILD_ROOT
2005-12-09 14:41:58 +00:00
rm -f $RPM_BUILD_ROOT %{_infodir} /dir
rm -f $RPM_BUILD_ROOT %{_libdir} /*.la
2013-02-06 20:41:29 +00:00
%if %{without dane}
rm -f $RPM_BUILD_ROOT %{_libdir} /pkgconfig/gnutls-dane.pc
%endif
2022-05-18 16:59:09 +00:00
%if %{with fips}
# doing it twice should be a no-op the second time,
# and this way we avoid redefining it and missing a future change
Fix FIPS build with RPM 4.20
The FIPS build runs *_install_post commands early during %install so that
the binaries will not be modified after running fipshmac, since those
commands are supposed to be no-op if re-run. However, __debug_install_post
is only run if __debug_package is defined, which is triggered by the
automatic creation of the debuginfo subpackage where appropriate.
Previously, a hack in redhat-rpm-config caused this to be enabled by
%install, but with RPM 4.20 this is no longer needed, and the hack was
removed from redhat-rpm-config for F41. On Fedora builds,
%mingw_debug_package triggers this and therefore it still builds, but ELN
is build without mingw and therefore there now is nothing to trigger the
debuginfo generation during %install. As a result, the binaries would just
be stripped without any debuginfo generation during the first run, leaving
nothing to detect in the second run, and the build would fail for lack of
debug symbols/sources.
https://github.com/rpm-software-management/rpm/issues/2204
https://src.fedoraproject.org/rpms/redhat-rpm-config/c/7a1571ee808ba13b129eab7a7ed3869e77740c3e
Related: RHEL-50011
2024-07-19 19:55:26 +00:00
%global __debug_package 1
2022-05-18 16:59:09 +00:00
%{__spec_install_post}
2023-02-15 08:04:29 +00:00
fname=`basename $RPM_BUILD_ROOT %{_libdir} /libgnutls.so.30.*.*`
./lib/fipshmac " $RPM_BUILD_ROOT %{_libdir} / l i b g n u t l s . s o . 3 0 " > " $RPM_BUILD_ROOT %{_libdir} / . $ f n a m e . h m a c "
sed -i " s ^ $RPM_BUILD_ROOT / u s r ^ ^ " " $RPM_BUILD_ROOT %{_libdir} / . $ f n a m e . h m a c "
ln -s " . $ f n a m e . h m a c " " $RPM_BUILD_ROOT %{_libdir} / . l i b g n u t l s . s o . 3 0 . h m a c "
2022-05-18 16:59:09 +00:00
%endif
%if %{with fips}
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post} } \
%{__arch_install_post} \
%{__os_install_post} \
%{nil}
%endif
2013-02-06 20:41:29 +00:00
%find_lang gnutls
2022-09-06 20:59:39 +00:00
popd
2023-04-11 10:37:40 +00:00
%if %{with mingw}
2022-09-06 20:59:39 +00:00
%mingw_make_install
# Remove .la files
rm -f $RPM_BUILD_ROOT %{mingw32_libdir} /*.la
rm -f $RPM_BUILD_ROOT %{mingw64_libdir} /*.la
# The .def files aren't interesting for other binaries
rm -f $RPM_BUILD_ROOT %{mingw32_bindir} /*.def
rm -f $RPM_BUILD_ROOT %{mingw64_bindir} /*.def
# Remove info and man pages which duplicate stuff in Fedora already.
rm -rf $RPM_BUILD_ROOT %{mingw32_infodir}
rm -rf $RPM_BUILD_ROOT %{mingw32_mandir}
rm -rf $RPM_BUILD_ROOT %{mingw32_docdir} /gnutls
rm -rf $RPM_BUILD_ROOT %{mingw64_infodir}
rm -rf $RPM_BUILD_ROOT %{mingw64_mandir}
rm -rf $RPM_BUILD_ROOT %{mingw64_docdir} /gnutls
# Remove test libraries
rm -f $RPM_BUILD_ROOT %{mingw32_libdir} /crypt32.dll*
rm -f $RPM_BUILD_ROOT %{mingw32_libdir} /ncrypt.dll*
rm -f $RPM_BUILD_ROOT %{mingw64_libdir} /crypt32.dll*
rm -f $RPM_BUILD_ROOT %{mingw64_libdir} /ncrypt.dll*
%mingw_debug_install_post
2022-10-19 08:23:40 +00:00
%endif
2004-09-09 05:45:39 +00:00
2004-09-09 05:45:53 +00:00
%check
2022-08-26 11:55:49 +00:00
%if %{with tests}
2022-09-06 20:59:39 +00:00
pushd native_build
2023-11-09 20:36:50 +00:00
2023-11-22 05:41:15 +00:00
# KeyUpdate is not yet supported in the kernel.
xfail_tests=ktls_keyupdate.sh
2023-11-09 20:36:50 +00:00
# The ktls.sh test currently only supports kernel 5.11+. This needs to
# be checked at run time, as the koji builder might be using a different
# version of kernel on the host than the one indicated by the
# kernel-devel package.
case " $ ( u n a m e - r ) " in
4.* | 5.[0-9].* | 5.10.* )
xfail_tests=" $ x f a i l _ t e s t s k t l s . s h "
;;
esac
make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null XFAIL_TESTS=" $ x f a i l _ t e s t s "
2022-09-06 20:59:39 +00:00
popd
2022-08-26 11:55:49 +00:00
%endif
2004-09-09 05:45:39 +00:00
2022-09-06 20:59:39 +00:00
%files -f native_build/gnutls.lang
2015-05-04 11:15:01 +00:00
%{_libdir} /libgnutls.so.30*
2018-06-06 11:40:47 +00:00
%if %{with fips}
2023-02-15 08:04:29 +00:00
%{_libdir} /.libgnutls.so.30*.hmac
2018-06-06 11:40:47 +00:00
%endif
2016-06-15 07:52:19 +00:00
%doc README.md AUTHORS NEWS THANKS
%license LICENSE doc/COPYING doc/COPYING.LESSER
2004-09-09 05:45:39 +00:00
2011-07-25 15:35:07 +00:00
%files c++
%{_libdir} /libgnutlsxx.so.*
2004-09-09 05:45:39 +00:00
%files devel
%{_includedir} /*
2008-09-25 09:13:22 +00:00
%{_libdir} /libgnutls*.so
2018-06-06 11:40:47 +00:00
2005-04-22 13:12:08 +00:00
%{_libdir} /pkgconfig/*.pc
2005-08-07 19:12:26 +00:00
%{_mandir} /man3/*
%{_infodir} /gnutls*
2011-04-19 10:19:54 +00:00
%{_infodir} /pkcs11-vision*
2017-03-06 08:48:15 +00:00
%{_docdir} /manual/*
2004-09-09 05:45:39 +00:00
2005-07-04 22:10:55 +00:00
%files utils
%{_bindir} /certtool
2022-01-18 08:40:12 +00:00
%if %{with tpm12}
2013-11-25 16:19:57 +00:00
%{_bindir} /tpmtool
2022-01-18 08:40:12 +00:00
%endif
2013-02-06 20:41:29 +00:00
%{_bindir} /ocsptool
2006-06-14 12:43:43 +00:00
%{_bindir} /psktool
2011-04-19 10:19:54 +00:00
%{_bindir} /p11tool
2023-04-11 10:37:40 +00:00
%if %{with srp}
2017-05-11 08:17:54 +00:00
%{_bindir} /srptool
2023-02-15 08:04:29 +00:00
%endif
2013-02-06 20:41:29 +00:00
%if %{with dane}
%{_bindir} /danetool
%endif
2005-07-04 22:10:55 +00:00
%{_bindir} /gnutls*
%{_mandir} /man1/*
2008-12-15 14:23:08 +00:00
%doc doc/certtool.cfg
2005-07-04 22:10:55 +00:00
2013-02-06 20:41:29 +00:00
%if %{with dane}
%files dane
%{_libdir} /libgnutls-dane.so.*
%endif
2022-07-19 00:10:22 +00:00
%if %{with fips}
%files fips
%endif
2023-04-11 10:37:40 +00:00
%if %{with mingw}
2022-09-06 20:59:39 +00:00
%files -n mingw32-%{name}
%license LICENSE doc/COPYING doc/COPYING.LESSER
%{mingw32_bindir} /certtool.exe
%{mingw32_bindir} /gnutls-cli-debug.exe
%{mingw32_bindir} /gnutls-cli.exe
%{mingw32_bindir} /gnutls-serv.exe
%{mingw32_bindir} /libgnutls-30.dll
%{mingw32_bindir} /ocsptool.exe
%{mingw32_bindir} /p11tool.exe
%{mingw32_bindir} /psktool.exe
2023-04-11 10:37:40 +00:00
%if %{with srp}
2022-09-06 20:59:39 +00:00
%{mingw32_bindir} /srptool.exe
2023-02-15 08:04:29 +00:00
%endif
2022-09-06 20:59:39 +00:00
%{mingw32_libdir} /libgnutls.dll.a
%{mingw32_libdir} /libgnutls-30.def
%{mingw32_libdir} /pkgconfig/gnutls.pc
%{mingw32_includedir} /gnutls/
%files -n mingw64-%{name}
%license LICENSE doc/COPYING doc/COPYING.LESSER
%{mingw64_bindir} /certtool.exe
%{mingw64_bindir} /gnutls-cli-debug.exe
%{mingw64_bindir} /gnutls-cli.exe
%{mingw64_bindir} /gnutls-serv.exe
%{mingw64_bindir} /libgnutls-30.dll
%{mingw64_bindir} /ocsptool.exe
%{mingw64_bindir} /p11tool.exe
%{mingw64_bindir} /psktool.exe
2023-04-11 10:37:40 +00:00
%if %{with srp}
2022-09-06 20:59:39 +00:00
%{mingw64_bindir} /srptool.exe
2023-02-15 08:04:29 +00:00
%endif
2022-09-06 20:59:39 +00:00
%{mingw64_libdir} /libgnutls.dll.a
%{mingw64_libdir} /libgnutls-30.def
%{mingw64_libdir} /pkgconfig/gnutls.pc
%{mingw64_includedir} /gnutls/
2022-10-19 08:23:40 +00:00
%endif
2022-09-06 20:59:39 +00:00
2014-04-28 08:29:12 +00:00
%changelog
2022-04-19 11:47:15 +00:00
%autochangelog