import jss-4.8.0-2.module+el8.4.0+9165+77c6d399

.gitignore

@@ -0,0 +1 @@
+SOURCES/jss-4.8.0.tar.gz

.jss.metadata

@@ -0,0 +1 @@
+699bb5ba93dada5e513212dedbf456371448eca8 SOURCES/jss-4.8.0.tar.gz

SOURCES/0001-Only-check-PKCS11Constants-on-beta-builds.patch

@@ -0,0 +1,30 @@
+From eb6086840f5c79ba2ff5b1ccac3fe78ad2482e06 Mon Sep 17 00:00:00 2001
+From: Alexander Scheel <ascheel@redhat.com>
+Date: Thu, 5 Nov 2020 11:07:13 -0500
+Subject: [PATCH] Only check PKCS11Constants on beta builds
+
+Recent errors with PKCS11Constants have shown that we shouldn't be
+running these tests on release builds for backports: only for
+pre-release content. Only run them when the beta bit is set.
+
+Signed-off-by: Alexander Scheel <ascheel@redhat.com>
+---
+ cmake/JSSTests.cmake | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/cmake/JSSTests.cmake b/cmake/JSSTests.cmake
+index a0fe36e2..7384bdc0 100644
+--- a/cmake/JSSTests.cmake
++++ b/cmake/JSSTests.cmake
+@@ -112,7 +112,7 @@ macro(jss_tests)
+         COMMAND "org.mozilla.jss.tests.TestGlobalReference"
+         MODE "NONE"
+     )
+-    if ((${Java_VERSION_MAJOR} EQUAL 1) AND (${Java_VERSION_MINOR} LESS 9))
++    if ((${Java_VERSION_MAJOR} EQUAL 1) AND (${Java_VERSION_MINOR} LESS 9) AND (${JSS_VERSION_BETA} EQUAL 1))
+         jss_test_java(
+             NAME "Test_PKCS11Constants.java_for_Sun_compatibility"
+             COMMAND "org.mozilla.jss.tests.TestPKCS11Constants"
+-- 
+2.25.4
+

SPECS/jss.spec

@@ -0,0 +1,247 @@
+################################################################################
+Name:           jss
+################################################################################
+
+Summary:        Java Security Services (JSS)
+URL:            http://www.dogtagpki.org/wiki/JSS
+License:        MPLv1.1 or GPLv2+ or LGPLv2+
+
+Version:        4.8.0
+Release:        2%{?_timestamp}%{?_commit_id}%{?dist}
+#global         _phase -a1
+
+# To generate the source tarball:
+# $ git clone https://github.com/dogtagpki/jss.git
+# $ cd jss
+# $ git tag v4.5.<z>
+# $ git push origin v4.5.<z>
+# Then go to https://github.com/dogtagpki/jss/releases and download the source
+# tarball.
+Source:         https://github.com/dogtagpki/%{name}/archive/v%{version}%{?_phase}/%{name}-%{version}%{?_phase}.tar.gz
+
+# To create a patch for all changes since a version tag:
+# $ git format-patch \
+#     --stdout \
+#     <version tag> \
+#     > jss-VERSION-RELEASE.patch
+# Patch: jss-VERSION-RELEASE.patch
+
+Patch: 0001-Only-check-PKCS11Constants-on-beta-builds.patch
+
+################################################################################
+# Build Dependencies
+################################################################################
+
+# autosetup
+BuildRequires:  git
+BuildRequires:  make
+BuildRequires:  cmake
+BuildRequires:  zip
+BuildRequires:  unzip
+
+BuildRequires:  gcc-c++
+BuildRequires:  nspr-devel >= 4.13.1
+BuildRequires:  nss-devel >= 3.44
+BuildRequires:  nss-tools >= 3.44
+BuildRequires:  java-devel
+BuildRequires:  jpackage-utils
+BuildRequires:  slf4j
+BuildRequires:  glassfish-jaxb-api
+%if 0%{?rhel} && 0%{?rhel} <= 7
+# no slf4j-jdk14
+%else
+BuildRequires:  slf4j-jdk14
+%endif
+BuildRequires:  apache-commons-lang3
+
+BuildRequires:  junit
+
+Requires:       nss >= 3.44
+Requires:       java-headless
+Requires:       jpackage-utils
+Requires:       slf4j
+Requires:       glassfish-jaxb-api
+%if 0%{?rhel} && 0%{?rhel} <= 7
+# no slf4j-jdk14
+%else
+Requires:       slf4j-jdk14
+%endif
+Requires:       apache-commons-lang3
+
+Conflicts:      ldapjdk < 4.20
+Conflicts:      idm-console-framework < 1.2
+Conflicts:      tomcatjss < 7.6.0
+Conflicts:      pki-base < 10.10.0
+
+%description
+Java Security Services (JSS) is a java native interface which provides a bridge
+for java-based applications to use native Network Security Services (NSS).
+This only works with gcj. Other JREs require that JCE providers be signed.
+
+################################################################################
+%package javadoc
+################################################################################
+
+Summary:        Java Security Services (JSS) Javadocs
+Requires:       jss = %{version}-%{release}
+
+%description javadoc
+This package contains the API documentation for JSS.
+
+################################################################################
+%prep
+
+%autosetup -n %{name}-%{version}%{?_phase} -p 1 -S git
+
+################################################################################
+%build
+
+%set_build_flags
+
+[ -z "$JAVA_HOME" ] && export JAVA_HOME=%{_jvmdir}/java
+
+# Enable compiler optimizations
+export BUILD_OPT=1
+
+# Generate symbolic info for debuggers
+CFLAGS="-g $RPM_OPT_FLAGS"
+export CFLAGS
+
+# Check if we're in FIPS mode
+modutil -dbdir /etc/pki/nssdb -chkfips true | grep -q enabled && export FIPS_ENABLED=1
+
+# The Makefile is not thread-safe
+%cmake \
+    -DJAVA_HOME=%{java_home} \
+    -DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
+    -B %{_vpath_builddir}
+
+cd %{_vpath_builddir}
+%{__make} all
+%{__make} javadoc
+ctest --output-on-failure
+
+################################################################################
+%install
+
+# There is no install target so we'll do it by hand
+
+# jars
+install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir}
+install -m 644 %{_vpath_builddir}/jss4.jar ${RPM_BUILD_ROOT}%{_jnidir}/jss4.jar
+
+# We have to use the name libjss4.so because this is dynamically
+# loaded by the jar file.
+install -d -m 0755 $RPM_BUILD_ROOT%{_libdir}/jss
+install -m 0755 %{_vpath_builddir}/libjss4.so ${RPM_BUILD_ROOT}%{_libdir}/jss/
+pushd  ${RPM_BUILD_ROOT}%{_libdir}/jss
+    ln -fs %{_jnidir}/jss4.jar jss4.jar
+popd
+
+# javadoc
+install -d -m 0755 $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+cp -rp %{_vpath_builddir}/docs/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+cp -p jss.html $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+cp -p *.txt $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+
+# No ldconfig is required since this library is loaded by Java itself.
+################################################################################
+%files
+
+%defattr(-,root,root,-)
+%doc jss.html
+%license MPL-1.1.txt gpl.txt lgpl.txt
+%{_libdir}/*
+%{_jnidir}/*
+
+################################################################################
+%files javadoc
+
+%defattr(-,root,root,-)
+%{_javadocdir}/%{name}-%{version}/
+
+################################################################################
+%changelog
+* Wed Nov 18 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-2
+- Only check PKCS11Constants on beta builds
+- Bump tomcatjss, pki-core conflicts due to lang3
+
+* Wed Oct 28 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-1
+- Rebase to upstream JSS v4.8.0
+
+* Tue Oct 20 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-0.1
+- Rebase to upstream JSS v4.8.0-b1
+
+* Fri Sep 11 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.3-1
+- Rebase to upstream stable release JSS v4.7.3
+- Red Hat Bugzilla #1873235 - Fix SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT in pki ca-user-cert-add
+
+* Thu Aug 06 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.2-1
+- Rebase to upstream stable release JSS v4.7.2
+- Red Hat Bugzilla #1822246 - Fix SSLSocket NULL pointer deference after close
+
+* Fri Jul 31 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.1-1
+- Rebase to upstream stable release JSS v4.7.1
+
+* Thu Jul 09 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-1
+- Rebase to upstream stable release JSS v4.7.0
+- Fixed TestSSLEngine
+
+* Thu Jun 25 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.4
+- Rebased to JSS 4.7.0-b4
+
+* Mon Jun 22 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.3
+- Rebased to JSS 4.7.0-b3
+
+* Tue May 26 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.1
+- Rebased to JSS 4.7.0-b1
+
+* Mon Mar 23 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-4
+- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
+
+* Mon Mar 02 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-3
+- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
+
+* Tue Oct 29 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-2
+- Red Hat Bugzilla #1730767 - JSS: Wrap NSS CMAC + KDF implementations
+- Rebased to JSS 4.6.2
+
+* Wed Sep 11 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-5
+- Red Hat Bugzilla #1747987 - CVE 2019-14823 jss: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
+
+* Wed Aug 14 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-4
+- Red Hat Bugzilla #1698059 - pki-core implements crypto
+
+* Tue Jul 16 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-3
+- Red Hat Bugzilla #1721135 - JSS - LD_FLAGS support
+
+* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-2
+- Minor updates to release
+
+* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-1
+- Rebased to JSS 4.6.0
+
+* Thu Apr 25 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.3-1
+- Rebased to JSS 4.5.3
+
+* Fri Aug 10 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-1
+- Rebased to JSS 4.5.0
+
+* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.6
+- Rebased to JSS 4.5.0-b1
+
+* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.5
+- Red Hat Bugzilla #1612063 - Do not override system crypto policy (support TLS 1.3)
+
+* Fri Jul 20 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.4
+- Rebased to JSS 4.5.0-a4
+- Red Hat Bugzilla #1604462 - jss: FTBFS in Fedora rawhide
+
+* Thu Jul 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.3
+- Rebased to JSS 4.5.0-a3
+
+* Fri Jun 22 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.2
+- Rebased to JSS 4.5.0-a2
+
+* Fri Jun 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.1
+- Rebased to JSS 4.5.0-a1