File libpki.spec of Package libpki-0.8.9
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: libpki
Version: 0.8.9
Release: p1.0.3
%define short_version 89
%define lib_name %{name}%{short_version}
#
License: Apache-2.0
Group: System Environment/Libraries
#
Url: http://openca.org/projects/ocspd/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: libxml2-devel
BuildRequires: mysql-devel
BuildRequires: openldap2-devel
BuildRequires: openssl-devel
BuildRequires: pkg-config
#BuildRequires: postgresql-devel
#
Source: %{name}-%{version}.tar.bz2
Patch0: %{name}-%{version}.patch
#
Summary: Easy to use PKI library
%description
OpenCA Labs' Easy to use PKI library.
################################################################################
%package -n %{lib_name}
Group: Development/Libraries
Summary: Shared library from libpki
%description -n %{lib_name}
OpenCA Labs' Easy to use PKI library.
This package contains the shared library from libpki.
################################################################################
%package devel
Group: Development/Libraries
Requires: %{lib_name} = %{version}
Requires: libxml2-devel
Requires: mysql-devel
Requires: libmysqlclient-devel
Requires: openldap2-devel
Requires: openssl-devel
Requires: pkg-config
#BuildRequires: postgresql-devel
Summary: Development files for libpki
%description devel
OpenCA Labs' Easy to use PKI library.
This package contains the development files to build against libpki.
################################################################################
%prep
%setup -q
%patch0 -p1
%build
#aclocal
#autoheader
#automake --add-missing --copy
#autoconf
#export LD_FLAGS="-Wl, -Bstatic -lresolv"
export LD_FLAGS="-Wl, -lresolv"
%configure --disable-static --enable-ecdsa --disable-pg
#cat -n Makefile
make
%install
%makeinstall
mv %{buildroot}%{_prefix}/etc %{buildroot}
rm -rf %{buildroot}%{_datadir}/libpki/
strip %{buildroot}/%{_bindir}/pki-cert
strip %{buildroot}/%{_bindir}/pki-crl
strip %{buildroot}/%{_bindir}/pki-derenc
strip %{buildroot}/%{_bindir}/pki-query
strip %{buildroot}/%{_bindir}/pki-lirt
strip %{buildroot}/%{_bindir}/pki-request
strip %{buildroot}/%{_bindir}/pki-siginfo
strip %{buildroot}/%{_bindir}/pki-tool
strip %{buildroot}/%{_bindir}/pki-xpair
strip %{buildroot}/%{_bindir}/url-tool
strip %{buildroot}/usr/lib64/libpki.so.%{short_version}.%{short_version}.*
%clean
rm -rf %{buildroot}
%post -n %{lib_name} -p /sbin/ldconfig
%postun -n %{lib_name} -p /sbin/ldconfig
%files -n %{lib_name}
%defattr(-,root,root,-)
%config %{_sysconfdir}/pki.conf
%config %{_sysconfdir}/libpki/
%{_bindir}/pki-cert
%{_bindir}/pki-crl
%{_bindir}/pki-derenc
%{_bindir}/pki-lirt
%{_bindir}/pki-query
%{_bindir}/pki-request
%{_bindir}/pki-siginfo
%{_bindir}/pki-tool
%{_bindir}/pki-xpair
%{_bindir}/url-tool
%_usr/lib64/libpki.so.%{short_version}
%_usr/lib64/libpki.so.%{short_version}.%{short_version}.*
################################################################################
%files devel
%defattr(-,root,root,-)
%_usr/lib64/libpki.so
%{_bindir}/libpki-config
%{_includedir}/libpki/
%exclude %{_includedir}/libpki/errors-new.h
%{_usr}/lib64/libpki.la
%{_usr}/lib64/pkgconfig/libpki.pc
%doc docs/README.data_structures
%doc docs/README.functions
#doc docs/doxygen-man.conf
#doc docs/doxygen-pdf.conf
#doc docs/doxygen.conf
%doc docs/pkginfo
################################################################################
%changelog
* Mon Mar 25 2015 Massimiliano Pala <madwolf@openca.org> 0.8.9
- Added responderId type parameter in OCSP response signing
* Sun Jan 4 2015 Massimiliano Pala <madwolf@openca.org> 0.8.8
- Fixed PKI_TOKEN_load_cert() when setting the token's algor
- Fixed I/O return type for PKI_X509_get()
* Thu Aug 14 2014 Massimiliano Pala <madwolf@openca.org> 0.8.7
- Fixed two bugs in PKI_RWLOCK_write_lock() that caoused deadlock if no RWLOCK support for pthread is available.
* Sat Aug 9 2014 Massimiliano Pala <madwolf@openca.org>
- Optimized OCSP req and resp internal handling functions
- Added PKI_X509_CERT_check_key() to verify that the same pubkey is in cert and key
* Wed Aug 6 2014 Massimiliano Pala <madwolf@openca.org>
- Added additional checks for OCSP response signing
- Added PKI_X509_OCSP_REQ_has_nonce() to easily detect NONCEs in OCSP requests
- Moved to use calloc() to provide better cross-processes memory protection
- Removed old commented code
* Fri Aug 1 2014 Massimiliano Pala <madwolf@openca.org>
- Fixed inconsistency in PKI_MEM_url_decode / PKI_MEM_url_encode functions
- Added PKI_MEM_url_get_encoded and PKI_MEM_url_get_decoded functions
- Fixed buffer size utilization in PKI_MSG_REQ and TOKEN to avoid possible buffer overflow
- Fixed make 'distclean' target
* Sat May 10 2014 Massimiliano Pala <madwolf@openca.org> 0.8.5
- Fixed building library on AIX operating systems
- Fixed building library on Solaris (pre open-solaris) with old pthread
- Fixed signature generation error when setting the signing algorithm
- Fixed issues with X509_get_parsed() function and signature algorithm retrieval
* Fri Mar 09 2014 Massimiliano Pala <madwolf@openca.org>
- Added possibility to remove DNS URLs support (buggy in old Solaris)
- Added checks for availability of pthreads' RWLOCK
- Added mutex-based implementation if RWLOCK is not supported
* Sun Oct 20 2013 Massimiliano Pala <madwolf@openca.org> 0.8.2
- Fixed support for GCC pragma diagnostics 'pop' to accomodate older gcc versions
- Fixed support for 32 bits builds
- Fixed setting the right protocol when 'pki-tool genreq' is used without a config token
* Sat Oct 19 2013 Massimiliano Pala <madwolf@openca.org>
- Fixed options parsing for pki-tool and pki-crl command-line tools
* Fri Oct 18 2013 Massimiliano Pala <madwolf@openca.org>
- Added PKI_HMAC_* interface to handle HMACs more easily
* Fri Oct 04 2013 Massimiliano Pala <madwolf@openca.org>
- Added example for generating PKCS#12 files
- Fixed generation of HTTP_MSG from POST messages with no body
- Fixed parsing file-based (with no protocol) URIs
- Fixed several bugs and memory leaks throughout the code base
- Enhanced --enable-extra-checks configure option by adding -Wall
- Fixed URL building for HTTP messages
- Added FIPS mode set/check (requires the underlying crypto provider to support FIPS mode)
- Added fips-mode example in the examples/ directory
- Added README.FIPS_140-2
* Fri Aug 09 2013 Massimiliano Pala <madwolf@penca.org>
- Fixed a memory error in PKI_DIGEST_ functions
* Wed Aug 07 2013 Massimiliano Pala <madwolf@openca.org> 0.8.0
- Fixed some errors introduced by previous patches (OCSP response signing)
* Sat Aug 03 2013 Massimiliano Pala <madwolf@openca.org>
- Fixed various memory leaks in BIO handling
- Fixed a memory leak in signing OCSP responses
* Thu Jun 13 2013 Massimiliano Pala <madwolf@openca.org>
- Added new errors for better logging Token issues
* Fri Sep 13 2012 Massimiliano Pala <madwolf@openca.org> 0.7.0
- Fixed PKI_TOKEN error when generating new keys (SCHEME vs ALGOR_ID)
* Mon Aug 06 2012 Massimiliano Pala <madwolf@openca.org>
- Added SOCK_DGRAM possibilities
- Fixed OCSP interface for response building
* Fri Feb 17 2012 Massimiliano Pala <madwolf@openca.org> 0.6.7
-Fixed generation of OCSP responses (uninitialized field was causing OCSP responses to be invalid
-Added support for DNS queries via the URL interface (dns://<domain>?<record_type>
-Added initial support for sperimental Lightweight Internet Revokation Tokens (LIRTs)
