Overview

File libsoup.spec of Package libsoup.38576

#
# spec file for package libsoup
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define api_version 3.0
Name:           libsoup
Version:        3.4.4
Release:        0
Summary:        HTTP client/server library for GNOME
License:        LGPL-2.1-or-later
Group:          Development/Libraries/GNOME
URL:            https://wiki.gnome.org/Projects/libsoup
Source0:        https://download.gnome.org/sources/libsoup/3.4/%{name}-%{version}.tar.xz
Source99:       baselibs.conf
# PATCH-FIX-UPSTREAM 04df03bc.patch boo#1233285 mgorse@suse.com -- strictly don't allow NUL bytes in headers.
Patch0:         https://gitlab.gnome.org/GNOME/libsoup/-/commit/04df03bc.patch
# PATCH-FIX-UPSTREAM 6adc0e3e.patch boo#1233287 mgorse@suse.com -- process the frame as soon as we read data.
Patch1:         https://gitlab.gnome.org/GNOME/libsoup/-/commit/6adc0e3e.patch
# PATCH-FIX-UPSTREAM 29b96fab.patch boo#1233287 mgorse@suse.com -- websocket-test: disconnect error copy after the test ends.
Patch2:         https://gitlab.gnome.org/GNOME/libsoup/-/commit/29b96fab.patch
# PATCH-FIX-UPSTREAM a35222dd.patch boo#1233292 mgorse@suse.com -- be more robust against invalid input when parsing params.
Patch3:         https://gitlab.gnome.org/GNOME/libsoup/-/commit/a35222dd.patch
# PATCH-FIX-UPSTREAM 4c9e75c6.patch boo#1233287 mgorse@suse.com -- fix an intermittent test failure.
Patch4:         https://gitlab.gnome.org/GNOME/libsoup/-/commit/4c9e75c6.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32050.patch boo#1240752 mgorse@suse.com -- fix using int instead of size_t for strcspn return.
Patch5:         libsoup-CVE-2025-32050.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32051.patch boo#1240754 mgorse@suse.com -- fix possible NULL deref in soup_uri_decode_data_uri().
Patch6:         libsoup-CVE-2025-32051.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32052.patch boo#1240756 mgorse@suse.com -- fix heap buffer overflow in soup_content_sniffer_sniff.
Patch7:         libsoup-CVE-2025-32052.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32053.patch boo#1240757 mgorse@suse.com -- fix heap buffer overflow in soup_content_sniffer.c:sniff_feed_or_html
Patch8:         libsoup-CVE-2025-32053.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-46420.patch boo#1241686 mgorse@suse.com -- fix leak in soup_header_parse_quality_list.
Patch9:         libsoup-CVE-2025-46420.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32913.patch boo#1241162 mgorse@suse.com -- fix NULL deref in soup_message_headers_get_content_disposition.
Patch10:        libsoup-CVE-2025-32913.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32910.patch boo#1241252 mgorse@suse.com -- fix NULL deref with missing realm in authenticate header.
Patch11:        libsoup-CVE-2025-32910.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32909.patch boo#1241226 mgorse@suse.com -- handle sniffing resource shorter than 4 bytes.
Patch12:        libsoup-CVE-2025-32909.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-2784.patch boo#1240750 mgorse@suse.com -- sniffer: fix potential overflow.
Patch13:        libsoup-CVE-2025-2784.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-46421.patch boo#1241688 mgorse@suse.com -- strip authorization credentials on cross-origin redirect.
Patch14:        libsoup-CVE-2025-46421.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32912.patch boo#1241214 mgorse@suse.com -- fix NULL pointer deref in SoupAuthDigest.
Patch15:        libsoup-CVE-2025-32912.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32906.patch boo#1241263 mgorse@suse.com -- fix an out-of-bounds read parsing headers.
Patch16:        libsoup-CVE-2025-32906.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32914.patch boo#1241164 mgorse@suse.com -- fix read out of buffer bounds under soup_multipart_new_from_message.
Patch17:        libsoup-CVE-2025-32914.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32908.patch boo#1241223 mgorse@suse.com -- soup-server-http2: Check validity of the constructed connection URI.
Patch18:        libsoup-CVE-2025-32908.patch
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-32907.patch boo#1241222 mgorse@suse.com -- correct merge of ranges.
Patch19:        libsoup-CVE-2025-32907.patch

BuildRequires:  glib-networking
BuildRequires:  meson >= 0.53
BuildRequires:  pkgconfig
BuildRequires:  pkgconfig(gi-docgen)
BuildRequires:  pkgconfig(gio-2.0) >= 2.69.1
BuildRequires:  pkgconfig(glib-2.0) >= 2.69.1
BuildRequires:  pkgconfig(gnutls) >= 3.6.0
BuildRequires:  pkgconfig(gobject-2.0) >= 2.69.1
BuildRequires:  pkgconfig(gobject-introspection-1.0) >= 0.9.5
BuildRequires:  pkgconfig(krb5)
BuildRequires:  pkgconfig(libbrotlidec)
BuildRequires:  pkgconfig(libnghttp2)
BuildRequires:  pkgconfig(libpsl) >= 0.20
BuildRequires:  pkgconfig(sqlite3)
BuildRequires:  pkgconfig(vapigen)
# We do not need these dependencies needed only for tests.
#BuildRequires:  apache2-mod_php5 php5-xmlrpc

%description
Libsoup is an HTTP client/server library for GNOME. It uses GObjects
and the glib main loop, to integrate well with GNOME applications.

Features:
  * Both asynchronous (GMainLoop and callback-based) and synchronous APIs
  * Automatically caches connections
  * SSL Support using GnuTLS
  * Proxy support, including authentication and SSL tunneling
  * Client support for Digest, NTLM, and Basic authentication
  * Server support for Digest and Basic authentication
  * XML-RPC support

%package 3_0-0
Summary:        HTTP client/server library for GNOME
Group:          Development/Libraries/GNOME
Requires:       glib-networking >= 2.27.90
# For NTLM single sign on
Suggests:       samba-winbind
# Needed for smooth upgrades and to make the lang package installable
Provides:       %{name} = %{version}
Obsoletes:      %{name} < %{version}

%description 3_0-0
Libsoup is an HTTP client/server library for GNOME. It uses GObjects
and the glib main loop, to integrate well with GNOME applications.

Features:
  * Both asynchronous (GMainLoop and callback-based) and synchronous APIs
  * Automatically caches connections
  * SSL Support using GnuTLS
  * Proxy support, including authentication and SSL tunneling
  * Client support for Digest, NTLM, and Basic authentication
  * Server support for Digest and Basic authentication
  * XML-RPC support

%package -n typelib-1_0-Soup-3_0
Summary:        HTTP client/server library for GNOME -- Introspection bindings
Group:          System/Libraries

%description -n typelib-1_0-Soup-3_0
Libsoup is an HTTP client/server library for GNOME. It uses GObjects
and the glib main loop, to integrate well with GNOME applications.

This package provides the GObject Introspection bindings for libsoup.

%package devel
Summary:        HTTP client/server library for GNOME - Development Files
Group:          Development/Libraries/GNOME
Requires:       %{name}-3_0-0 = %{version}
Requires:       typelib-1_0-Soup-3_0 = %{version}
Provides:       %{name}-doc = %{version}
Obsoletes:      %{name}-doc < %{version}

%description devel
Libsoup is an HTTP client/server library for GNOME. It uses GObjects
and the glib main loop, to integrate well with GNOME applications.

Features:
  * Both asynchronous (GMainLoop and callback-based) and synchronous APIs
  * Automatically caches connections
  * SSL Support using GnuTLS
  * Proxy support, including authentication and SSL tunneling
  * Client support for Digest, NTLM, and Basic authentication
  * Server support for Digest and Basic authentication
  * XML-RPC support

%lang_package

%prep
%autosetup -p1

%build
%meson \
	-D gssapi=enabled \
	-D krb5_config="$(which krb5-config)" \
	-D vapi=enabled \
	-D docs=enabled \
	-D ntlm=disabled \
	-D sysprof=disabled \
	-D autobahn=disabled \
	%{nil}
%meson_build

%install
%meson_install
%find_lang %{name}-3.0 %{?no_lang_C}
# Make default docdir ref openSUSE standard
mkdir -p %{buildroot}%{_docdir}/%{name}-%{api_version}
# Move docs from upstream docdir to openSUSE docdir standard
mv %{buildroot}%{_datadir}/doc/%{name}-%{api_version} %{buildroot}%{_docdir}

%check
# Run the regression tests using GnuTLS NORMAL priority
export G_TLS_GNUTLS_PRIORITY=NORMAL
%ifarch s390x
%meson_test -t 5
%else
%meson_test
%endif

%ldconfig_scriptlets 3_0-0

%files 3_0-0
%license COPYING
%doc NEWS
%{_libdir}/*.so.*

%files -n typelib-1_0-Soup-3_0
%{_libdir}/girepository-1.0/Soup-%{api_version}.typelib

%files devel
%doc AUTHORS README
%doc %{_docdir}/%{name}-%{api_version}
%{_includedir}/libsoup-%{api_version}
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_datadir}/gir-1.0/Soup-%{api_version}.gir
%dir %{_datadir}/vala/vapi/
%{_datadir}/vala/vapi/libsoup-%{api_version}.vapi
%{_datadir}/vala/vapi/libsoup-%{api_version}.deps

%files lang -f %{name}-3.0.lang

%changelog
openSUSE Build Service is sponsored by
Places