diff --git a/.cvsignore b/.cvsignore index e69de29..52e47d4 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +opencryptoki-2.2.8.tar.bz2 diff --git a/import.log b/import.log new file mode 100644 index 0000000..7b03c1f --- /dev/null +++ b/import.log @@ -0,0 +1 @@ +opencryptoki-2_2_8-5_fc11:HEAD:opencryptoki-2.2.8-5.fc11.src.rpm:1248776955 diff --git a/opencryptoki-2.2.8-do-not-create-group-in-pkcs11_startup.patch b/opencryptoki-2.2.8-do-not-create-group-in-pkcs11_startup.patch new file mode 100644 index 0000000..3e758d3 --- /dev/null +++ b/opencryptoki-2.2.8-do-not-create-group-in-pkcs11_startup.patch @@ -0,0 +1,59 @@ +The pkcs11 group is created by the RPM scriptlet. + +Index: opencryptoki-2.2.8/usr/sbin/pkcs11_startup/pkcs11_startup.in +=================================================================== +--- opencryptoki-2.2.8.orig/usr/sbin/pkcs11_startup/pkcs11_startup.in ++++ opencryptoki-2.2.8/usr/sbin/pkcs11_startup/pkcs11_startup.in +@@ -309,29 +309,29 @@ rm -f @CONFIG_PATH@/@CONFIG_FILE@ >/dev/ + # it from scratch + + +-# Create the pkcs11 group if it does not exist... +-cat /etc/group|grep pkcs11 >/dev/null 2>&1 +-rc=$? +-if [ $rc = 1 ] +-then +- if [ -x @GROUPADD@ ] +- then +- @GROUPADD@ pkcs11 >/dev/null 2>&1 +- +- else +- echo "Couldn't execute @GROUPADD@. Please add the group 'pkcs11' manually." +- fi +-fi +- +- +-if [ -x @USERMOD@ -a -x @ID@ ] +-then +- # add the pkcs group +- # replace spaces by commas +- @USERMOD@ -G $( @ID@ --groups --name root | /bin/sed -e 'y/ /,/'),pkcs11 root +-else +- echo "Couldn't execute @USERMOD@. Please add root to the group 'pkcs11' manually." +-fi ++## Create the pkcs11 group if it does not exist... ++#cat /etc/group|grep pkcs11 >/dev/null 2>&1 ++#rc=$? ++#if [ $rc = 1 ] ++#then ++# if [ -x @GROUPADD@ ] ++# then ++# @GROUPADD@ pkcs11 >/dev/null 2>&1 ++# ++# else ++# echo "Couldn't execute @GROUPADD@. Please add the group 'pkcs11' manually." ++# fi ++#fi ++# ++# ++#if [ -x @USERMOD@ -a -x @ID@ ] ++#then ++# # add the pkcs group ++# # replace spaces by commas ++# @USERMOD@ -G $( @ID@ --groups --name root | /bin/sed -e 'y/ /,/'),pkcs11 root ++#else ++# echo "Couldn't execute @USERMOD@. Please add root to the group 'pkcs11' manually." ++#fi + + + # For each card run the status command and if successful diff --git a/opencryptoki.spec b/opencryptoki.spec new file mode 100644 index 0000000..1f38302 --- /dev/null +++ b/opencryptoki.spec @@ -0,0 +1,148 @@ +Name: opencryptoki +Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11 +Version: 2.2.8 +Release: 5%{?dist} +License: CPL +Group: System Environment/Base +URL: http://sourceforge.net/projects/opencryptoki +Source: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2 +Patch0: %{name}-2.2.8-do-not-create-group-in-pkcs11_startup.patch +BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) +Requires(pre): shadow-utils coreutils sed +Requires(post): chkconfig +Requires(preun): chkconfig +# This is for /sbin/service +Requires(preun): initscripts +Requires(postun): initscripts +BuildRequires: openssl-devel trousers-devel +BuildRequires: autoconf automake libtool +%ifarch s390 s390x +BuildRequires: libica-devel >= 1.3.7 +%endif +Requires: %{name}-libs%{?_isa} = %{version}-%{release} + +%description +openCryptoki implements the PKCS#11 specification v2.11. It includes support +for cryptographic hardware such as the IBM 4758 Cryptographic CoProcessor, +the IBM eServer Cryptographic Accelerator (FC 4960 on pSeries) or the Trusted +Platform Module (TPM) as well as a software token for testing. + +%package libs +Group: System Environment/Libraries +Summary: The runtime libraries for opencryptoki package + +%description libs +The runtime libraries for use with openCryptoki based applications. + +%package devel +Group: Development/Libraries +Summary: Development files for openCryptoki +Requires: %{name}-libs = %{version}-%{release} + +%description devel +This package contains the development header files for building openCryptoki +based applications. + +%prep +%setup -q +%patch0 -p1 + +%build +# Upstream tarball has unnecessary executable perms set on the sources +find . -name '*.[ch]' -print0 | xargs -0 chmod -x + +./bootstrap.sh +%configure --enable-tpmtok +make %{?_smp_mflags} + +%install +rm -rf $RPM_BUILD_ROOT + +make install DESTDIR=$RPM_BUILD_ROOT + +mkdir -p $RPM_BUILD_ROOT/usr/include/opencryptoki +cp -a usr/include/pkcs11/{apiclient.h,pkcs11.h,pkcs11types.h} $RPM_BUILD_ROOT/usr/include/opencryptoki + +# Move the initscript to its proper place +mkdir -p $RPM_BUILD_ROOT%{_initddir} +mv $RPM_BUILD_ROOT%{_sysconfdir}/init.d/pkcsslotd $RPM_BUILD_ROOT%{_initddir}/pkcsslotd + +mkdir -p $RPM_BUILD_ROOT/%{_sharedstatedir}/%{name} + +# Remove unwanted cruft +rm -rf doc/CVS +rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/*.la +rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/stdll/*.la + +%clean +rm -rf $RPM_BUILD_ROOT + +%postun libs -p /sbin/ldconfig + +%post libs -p /sbin/ldconfig + +%postun +if [ "$1" -ge "1" ] ; then + /sbin/service pkcsslotd condrestart >/dev/null 2>&1 +fi +exit 0 + +%post +/sbin/chkconfig --add pkcsslotd +exit 0 + +%preun +if [ "$1" = "0" ] ; then + /sbin/service pkcsslotd stop >/dev/null 2>&1 + /sbin/chkconfig --del pkcsslotd +fi +exit 0 + +%pre +getent group pkcs11 >/dev/null || groupadd -r pkcs11 +# Add root to the pkcs11 group +/usr/sbin/usermod -G $(/usr/bin/id --groups --name root | /bin/sed -e ' +# add the pkcs group if it is missing +/(^| )pkcs11( |$)/!s/$/ pkcs11/ +# replace spaces by commas +y/ /,/ +'),pkcs11 root +exit 0 + +%files +%defattr(-,root,root,-) +%doc FAQ README LICENSE doc/* +%{_initddir}/pkcsslotd +%{_sbindir}/* +%{_mandir}/man*/* +%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name} +%ifarch s390 s390x +%doc usr/lib/pkcs11/cca_stdll/README-IBM_CCA_users +%endif + +%files libs +%defattr(-,root,root,-) +%{_sysconfdir}/ld.so.conf.d/* +# Unversioned .so symlinks usually belong to -devel packages, but opencryptoki +# needs them in the main package, because: +# pkcs11_startup looks for opencryptoki/stdll/*.so, and +# documentation suggests that programs should dlopen "PKCS11_API.so". +%{_libdir}/opencryptoki +%{_libdir}/pkcs11 + +%files devel +%defattr(-,root,root,-) +%{_includedir}/* + + +%changelog +* Tue Jul 21 2009 Michal Schmidt - 2.2.8-5 +- Require arch-specific dependency on -libs. + +* Tue Jul 21 2009 Michal Schmidt - 2.2.8-4 +- Return support for crypto hw on s390. +- Renamed to opencryptoki. +- Simplified multilib by putting libs in subpackage as suggested by Dan HorĂ¡k. + +* Tue Jul 21 2009 Michal Schmidt - 2.2.8-2 +- Fedora package based on RHEL-5 package. diff --git a/sources b/sources index e69de29..8550f25 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +f6081d6adadc32c753582467670067d5 opencryptoki-2.2.8.tar.bz2