rpms/ktls-utils
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c10s
ktls-utils/ktls-utils.spec
Scott Mayhew c943e3e1a9 tlshd: Send fatal alert to client when there are server config issues 
Resolves: RHEL-128086
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
2026-02-19 12:53:33 -05:00

83 lines
2.4 KiB
RPMSpec
Raw Permalink Blame History

%global forgeurl https://github.com/oracle/ktls-utils
%global baseversion 1.2.1
Name: ktls-utils
Version: %{baseversion}
# Using a base release of 3 to continue the sequence from the SRPM taken
# from Fedora ELN.
Release: %{autorelease}
Summary: TLS handshake agent for kernel sockets
%forgemeta
License: GPL-2.0-only AND (GPL-2.0-only OR BSD-3-Clause)
URL: %{forgeurl}
# FIXME: is this a bug in the tagging scheme or forgesource macro?
Source0: %{forgeurl}/releases/download/%{name}-%{baseversion}/%{name}-%{baseversion}.tar.gz
#
# RHEL10.2
#
Patch0: ktls-utils-1.2.1-tlshd-deduplicate-client-and-server-config-functions.patch
Patch1: ktls-utils-1.2.1-tlshd-Fix-priority-string-to-allow-PQC.patch
Patch2: ktls-utils-1.2.1-tlshd-Server-side-dual-certificate-support.patch
Patch3: ktls-utils-1.2.1-tlshd-Client-side-dual-certificate-support.patch
Patch4: ktls-utils-1.2.1-tlshd-Clean-up-logic-in-tlshd_start_tls_handshake.patch
Patch5: ktls-utils-1.2.1-tlshd-Fix-session-leak-on-error-paths-in-x509-server.patch
Patch6: ktls-utils-1.2.1-tlshd-Send-fatal-alert-to-client-when-there-are-serv.patch
BuildRequires: bash systemd-rpm-macros
BuildRequires: gcc make coreutils
BuildRequires: pkgconfig(gnutls) >= 3.3.0
BuildRequires: autoconf >= 2.69
BuildRequires: automake
BuildRequires: pkgconfig(libkeyutils)
BuildRequires: pkgconfig(glib-2.0) >= 2.6
BuildRequires: pkgconfig(libnl-3.0) >= 3.1
%description
In-kernel TLS consumers need a mechanism to perform TLS handshakes
on a connected socket to negotiate TLS session parameters that can
then be programmed into the kernel's TLS record protocol engine.
This package of software provides a TLS handshake user agent that
listens for kernel requests and then materializes a user space
socket endpoint on which to perform these handshakes. The resulting
negotiated session parameters are passed back to the kernel via
standard kTLS socket options.
%prep
%setup -q -n %{name}-%{baseversion}
%autopatch -p1
%build
./autogen.sh
%configure --with-systemd
%make_build
%install
%make_install
%files
%config(noreplace) %{_sysconfdir}/tlshd.conf
%{_sbindir}/tlshd
%{_mandir}/man5/tlshd.conf.5.gz
%{_mandir}/man8/tlshd.8.gz
%{_unitdir}/tlshd.service
%license COPYING
%doc README.md
%doc SECURITY.md
%post
%systemd_post tlshd.service
%preun
%systemd_preun tlshd.service
%postun
%systemd_postun_with_restart tlshd.service
%changelog
%autochangelog
Reference in New Issue View Git Blame Copy Permalink