Updated jss.spec to prepare for JSS 4.4.0
This commit is contained in:
Matthew Harmsen
parent
032e03cc44
commit
4404ece120
193
jss.spec
193
jss.spec
@ -1,15 +1,28 @@
|
||||
%global majorrel `uname -r | cut -f1 -d.`
|
||||
%global minorrel `uname -r | cut -f2 -d.`
|
||||
|
||||
Name: jss
|
||||
Version: 4.2.6
|
||||
Release: 44%{?dist}
|
||||
Version: 4.4.0
|
||||
Release: 1%{?dist}
|
||||
Summary: Java Security Services (JSS)
|
||||
|
||||
Group: System Environment/Libraries
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
URL: http://www.mozilla.org/projects/security/pki/jss/
|
||||
# The source for this package was pulled from upstream's cvs. Use the
|
||||
# The source for this package was pulled from upstream's hg. Use the
|
||||
# following commands to generate the tarball:
|
||||
# cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot export -r JSS_4_2_6_RTM -d jss-4.2.6 -N mozilla/security/coreconf mozilla/security/jss
|
||||
# tar -czvf jss-4.2.6.tar.gz jss-4.2.6
|
||||
# hg clone --rev JSS_4_4_0_RTM https://hg.mozilla.org/projects/jss jss-4.4.0/jss
|
||||
# rm -rf jss-4.4.0/jss/.hg
|
||||
# if the tarball is Beta, set this define in 'org/mozilla/jss/util/jssver.h':
|
||||
# #define JSS_BETA PR_TRUE
|
||||
# else if tarball is non-Beta:
|
||||
# #define JSS_BETA PR_FALSE
|
||||
# tar -czvf jss-4.4.0.tar.gz jss-4.4.0
|
||||
#
|
||||
# For now util the JSS_4_4_0_RTM tag is created I actually used:
|
||||
# hg clone --rev b1c6660e7e71 https://hg.mozilla.org/projects/jss jss-4.4.0/jss
|
||||
# This is from upstream tip
|
||||
#
|
||||
Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}-%{release}/%{name}-%{version}.tar.gz
|
||||
Source1: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}-%{release}/MPL-1.1.txt
|
||||
Source2: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}-%{release}/gpl.txt
|
||||
@ -25,42 +38,6 @@ BuildRequires: perl
|
||||
Requires: java-headless
|
||||
Requires: nss >= 3.21.0
|
||||
|
||||
Patch1: jss-key_pair_usage_with_op_flags.patch
|
||||
Patch2: jss-javadocs-param.patch
|
||||
Patch3: jss-ipv6.patch
|
||||
Patch4: jss-ECC-pop.patch
|
||||
Patch5: jss-loadlibrary.patch
|
||||
Patch6: jss-ocspSettings.patch
|
||||
Patch7: jss-ECC_keygen_byCurveName.patch
|
||||
Patch8: jss-VerifyCertificate.patch
|
||||
Patch9: jss-bad-error-string-pointer.patch
|
||||
Patch10: jss-VerifyCertificateReturnCU.patch
|
||||
#Patch11: jss-slots-not-freed.patch
|
||||
Patch12: jss-ECC-HSM-FIPS.patch
|
||||
Patch13: jss-eliminate-native-compiler-warnings.patch
|
||||
Patch14: jss-eliminate-java-compiler-warnings.patch
|
||||
Patch15: jss-PKCS12-FIPS.patch
|
||||
Patch16: jss-eliminate-native-coverity-defects.patch
|
||||
Patch17: jss-PBE-PKCS5-V2-secure-P12.patch
|
||||
Patch18: jss-wrapInToken.patch
|
||||
Patch19: jss-HSM-manufacturerID.patch
|
||||
Patch20: jss-ECC-Phase2KeyArchivalRecovery.patch
|
||||
Patch21: jss-undo-JCA-deprecations.patch
|
||||
Patch22: jss-undo-BadPaddingException-deprecation.patch
|
||||
Patch23: jss-fixed-build-issue-on-F17-or-newer.patch
|
||||
Patch24: jss-SHA-OID-fix.patch
|
||||
Patch25: jss-RC4-strengh-verify.patch
|
||||
Patch26: jss-support-TLS1_1-TLS1_2.patch
|
||||
Patch27: jss-WindowsCompileFix.patch
|
||||
Patch28: jss-WindowsLoadLibrary.patch
|
||||
Patch29: jss-Fixed-build-failures.patch
|
||||
Patch30: jss-VerifyCertificate-enhancement.patch
|
||||
Patch31: jss-lunasaUnwrap.patch
|
||||
Patch32: jss-symkey-enhancements.patch
|
||||
Patch33: jss-crmf-envelopedData.patch
|
||||
Patch34: jss-unwrap-AES-sym-keys-on-token.patch
|
||||
|
||||
|
||||
%description
|
||||
Java Security Services (JSS) is a java native interface which provides a bridge
|
||||
for java-based applications to use native Network Security Services (NSS).
|
||||
@ -75,48 +52,18 @@ Requires: jss = %{version}-%{release}
|
||||
This package contains the API documentation for JSS.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
#%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch22 -p1
|
||||
%patch23 -p1
|
||||
%patch24 -p1
|
||||
%patch25 -p1
|
||||
%patch26 -p1
|
||||
%patch27 -p1
|
||||
%patch28 -p1
|
||||
%patch29 -p1
|
||||
%patch30 -p1
|
||||
%patch31 -p1
|
||||
%patch32 -p1
|
||||
%patch33 -p1
|
||||
%patch34 -p2
|
||||
%setup -q -n %{name}-%{version}
|
||||
|
||||
%build
|
||||
[ -z "$JAVA_HOME" ] && export JAVA_HOME=%{_jvmdir}/java
|
||||
[ -z "$USE_INSTALLED_NSPR" ] && export USE_INSTALLED_NSPR=1
|
||||
[ -z "$USE_INSTALLED_NSS" ] && export USE_INSTALLED_NSS=1
|
||||
|
||||
# Enable compiler optimizations and disable debugging code
|
||||
BUILD_OPT=1
|
||||
export BUILD_OPT
|
||||
# NOTE: If you ever need to create a debug build with optimizations disabled
|
||||
# just comment out this line and change in the %%install section below the
|
||||
# line that copies jars xpclass.jar to be xpclass_dbg.jar
|
||||
export BUILD_OPT=1
|
||||
|
||||
# Generate symbolic info for debuggers
|
||||
XCFLAGS="-g $RPM_OPT_FLAGS"
|
||||
@ -144,26 +91,21 @@ USE_64=1
|
||||
export USE_64
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 16
|
||||
cp -p mozilla/security/coreconf/Linux2.6.mk mozilla/security/coreconf/Linux3.1.mk
|
||||
sed -i -e 's;LINUX2_1;LINUX3_1;' mozilla/security/coreconf/Linux3.1.mk
|
||||
|
||||
cp -p mozilla/security/coreconf/Linux3.1.mk mozilla/security/coreconf/Linux3.2.mk
|
||||
sed -i -e 's;LINUX3_1;LINUX3_2;' mozilla/security/coreconf/Linux3.2.mk
|
||||
|
||||
cp -p mozilla/security/coreconf/Linux3.2.mk mozilla/security/coreconf/Linux3.6.mk
|
||||
sed -i -e 's;LINUX3_1;LINUX3_6;' mozilla/security/coreconf/Linux3.6.mk
|
||||
%endif
|
||||
cp -p jss/coreconf/Linux.mk jss/coreconf/Linux%{majorrel}.%{minorrel}.mk
|
||||
sed -i -e 's;LINUX2_1;LINUX%{majorrel}_%{minorrel};' jss/coreconf/Linux%{majorrel}.%{minorrel}.mk
|
||||
|
||||
# The Makefile is not thread-safe
|
||||
make -C mozilla/security/coreconf
|
||||
make -C mozilla/security/jss
|
||||
make -C mozilla/security/jss javadoc
|
||||
make -C jss/coreconf
|
||||
make -C jss
|
||||
make -C jss javadoc
|
||||
|
||||
%check
|
||||
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT docdir
|
||||
|
||||
# Copy the license files here so we can include them in %doc
|
||||
# Copy the license files here so we can include them in %%doc
|
||||
cp -p %{SOURCE1} .
|
||||
cp -p %{SOURCE2} .
|
||||
cp -p %{SOURCE3} .
|
||||
@ -171,31 +113,23 @@ cp -p %{SOURCE3} .
|
||||
# There is no install target so we'll do it by hand
|
||||
|
||||
# jars
|
||||
%if 0%{?fedora} >= 16
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir}
|
||||
install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_jnidir}/jss4.jar
|
||||
%else
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_libdir}/jss
|
||||
install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_libdir}/jss/jss4-%{version}.jar
|
||||
ln -fs jss4-%{version}.jar $RPM_BUILD_ROOT%{_libdir}/jss/jss4.jar
|
||||
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir}
|
||||
ln -fs %{_libdir}/jss/jss4.jar $RPM_BUILD_ROOT%{_jnidir}/jss4.jar
|
||||
%endif
|
||||
# NOTE: if doing a debug no opt build change xpclass.jar to xpclass_debug.jar
|
||||
install -m 644 dist/xpclass.jar ${RPM_BUILD_ROOT}%{_jnidir}/jss4.jar
|
||||
|
||||
# We have to use the name libjss4.so because this is dynamically
|
||||
# loaded by the jar file.
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_libdir}/jss
|
||||
install -m 0755 mozilla/dist/Linux*.OBJ/lib/libjss4.so ${RPM_BUILD_ROOT}%{_libdir}/jss/
|
||||
%if 0%{?fedora} >= 16
|
||||
install -m 0755 dist/Linux*.OBJ/lib/libjss4.so ${RPM_BUILD_ROOT}%{_libdir}/jss/
|
||||
pushd ${RPM_BUILD_ROOT}%{_libdir}/jss
|
||||
ln -fs %{_jnidir}/jss4.jar jss4.jar
|
||||
popd
|
||||
%endif
|
||||
|
||||
# javadoc
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
||||
cp -rp mozilla/dist/jssdoc/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
||||
cp -rp dist/jssdoc/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
||||
cp -p jss/jss.html $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
||||
cp -p *.txt $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
@ -203,9 +137,10 @@ rm -rf $RPM_BUILD_ROOT
|
||||
# No ldconfig is required since this library is loaded by Java itself.
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%doc mozilla/security/jss/jss.html MPL-1.1.txt gpl.txt lgpl.txt
|
||||
%doc jss/jss.html MPL-1.1.txt gpl.txt lgpl.txt
|
||||
%{_libdir}/jss/*
|
||||
%{_jnidir}/*
|
||||
%{_libdir}/jss/lib*.so
|
||||
|
||||
%files javadoc
|
||||
%defattr(-,root,root,-)
|
||||
@ -214,6 +149,50 @@ rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
%changelog
|
||||
* Sat Mar 11 2017 Elio Maldonado <emaldona@redhat.com> - 4.4.0-0.1
|
||||
- Experimental build to rebase to jss-4.4.0
|
||||
- ## JSS 4.4.0 includes the following patches ported from downstream:
|
||||
- Mozilla Bugzilla #507536 - Add IPv6 functionality to JSS
|
||||
- Mozilla Bugzilla #1307872 - Expose NSS calls for OCSP settings
|
||||
- Mozilla Bugzilla #1307882 - RFE ecc - add ecc curve name support in JSS and
|
||||
CS interface
|
||||
- Mozilla Bugzilla #1307993 - Expose updated certificate verification function
|
||||
in JSS
|
||||
- Mozilla Bugzilla #1308000 - Incorrect socket accept error message due to bad
|
||||
pointer arithmetic
|
||||
- Mozilla Bugzilla #1308001 - Verification should fail when a revoked
|
||||
certificate is added
|
||||
- Mozilla Bugzilla #1308004 - Warnings should be cleaned up in JSS build
|
||||
- Mozilla Bugzilla #1308006 - DRM failed to recovery keys when in FIPS mode
|
||||
(HSM + NSS)
|
||||
- Mozilla Bugzilla #1308008 - Defects revealed by Coverity scan
|
||||
- Mozilla Bugzilla #1308009 - Add support for PKCS5v2; support for secure PKCS12
|
||||
- Mozilla Bugzilla #1308012 - DRM: during archiving and recovering, wrapping
|
||||
unwrapping keys should be done in the token
|
||||
- Mozilla Bugzilla #1308013 - JSS - HSM token name was mistaken for
|
||||
manufacturer identifier
|
||||
- Mozilla Bugzilla #1308017 - Un-deprecate previously deprecated methods in
|
||||
JSS 4.2.6
|
||||
- Mozilla Bugzilla #1308019 - Provide Tomcat support for TLS v1.1 and
|
||||
TLS v1.2 via NSS through JSS
|
||||
- Mozilla Bugzilla #1308026 - JSS certificate validation does not pass up exact
|
||||
error from NSS
|
||||
- Mozilla Bugzilla #1308027 - Merge pki-symkey into jss
|
||||
- Mozilla Bugzilla #1308029 - Resolve Javadoc build issues
|
||||
- Mozilla Bugzilla #1308047 - support ECC encryption key archival and recovery
|
||||
- Mozilla Bugzilla #1313122 - Remove bypass tests as latest NSS has removed
|
||||
PKCS#11 bypass support
|
||||
- Mozilla Bugzilla #1328675 - Simple problem unwrapping AES sym keys on token
|
||||
- Mozilla Bugzilla #1345174 - Cannot create system certs when using LunaSA HSM
|
||||
in FIPS Mode and ECC algorithms
|
||||
- Mozilla Bugzilla #1345613 - expose AES KeyWrap and add some useful OID
|
||||
functions
|
||||
- Mozilla Bugzilla #1346410 - Load JSS libraries appropriately
|
||||
- ## JSS 4.4.0 includes the following changes for building and testing:
|
||||
- Mozilla Bugzilla #1331765 - Simplify JSS Makefile build and test
|
||||
- Mozilla Bugzilla #1346420 - Document steps required to use the proper
|
||||
libjss4.so when running certain HMAC Algorithms tests
|
||||
|
||||
* Wed Feb 22 2017 Jack Magne <jmagne@redhat.com> - 4.2.6-44
|
||||
- Bugzilla Bug #1425971 - Simple problem unwrapping AES sym keys on token
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user