Hello community, here is the log from the commit of package aria2 for openSUSE:Factory checked in at 2012-07-09 07:52:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aria2 (Old) and /work/SRC/openSUSE:Factory/.aria2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aria2", Maintainer is "po...@novell.com" Changes: -------- --- /work/SRC/openSUSE:Factory/aria2/aria2.changes 2012-06-29 13:58:51.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.aria2.new/aria2.changes 2012-07-09 07:52:57.000000000 +0200 @@ -1,0 +2,19 @@ +Thu Jul 5 19:05:45 UTC 2012 - cfarr...@suse.com + +- license update: SUSE-GPL-2.0-with-openssl-exception + SPDX format for this license - which has an openssl exception + +------------------------------------------------------------------- +Fri Jun 29 12:24:33 UTC 2012 - reddw...@opensuse.org + +- Remove aria2-atoi.patch, aria2-cares-lib64.patch and + aria2-cares-static.patch +- Run spec-cleaner +- Use xml2 instead of expat as prefered by upstream +- Add GnuTLS support +- Merge bash-completion support into the main package +- Change license tag to GPL-2.0+ since it doesn't use OpenSSL +- Use pkgconfig() style BuildRequires +- Add aria2-1.15.1-system_certificates.patch + +------------------------------------------------------------------- Old: ---- aria2-atoi.patch aria2-cares-lib64.patch aria2-cares-static.patch New: ---- aria2-1.15.1-system_certificates.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aria2.spec ++++++ --- /var/tmp/diff_new_pack.aOJxjt/_old 2012-07-09 07:52:59.000000000 +0200 +++ /var/tmp/diff_new_pack.aOJxjt/_new 2012-07-09 07:52:59.000000000 +0200 @@ -16,82 +16,47 @@ # -%if 0%{?suse_version} > 0 && 0%{?suse_version} > 1140 - %define with_nettle 1 -%else - %if 0%{?_with_gnutls:1} - %define with_gnutls 1 - %undefine with_openssl - %else - %define with_openssl 1 - %undefine with_gnutls - %endif -%endif - -%if 0%{?sles_version} > 10 && 0%{?sles_version} < 12 -%define with_bashcomp 0 -%else -%define with_bashcomp 1 -%endif +# The checks seem to need network connection +%bcond_with make_check Name: aria2 Version: 1.15.1 Release: 0 Summary: Parallelizing Multi-Protocol Utility for Downloading Files -License: SUSE-GPL-2.0+-with-openssl-exception +License: SUSE-GPL-2.0-with-openssl-exception Group: Productivity/Networking/Other -Source: http://downloads.sourceforge.net/project/aria2/stable/aria2-%{version}/aria2-%{version}.tar.xz -Patch1: aria2-cares-static.patch -Patch2: aria2-cares-lib64.patch -Patch4: aria2-atoi.patch -Url: http://sourceforge.net/projects/aria2 -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%if 0%{?suse_version:1} -%if %{?with_nettle:1}0 -BuildRequires: gmp-devel -BuildRequires: libnettle-devel +Url: http://aria2.sourceforge.net/ +Source0: http://downloads.sourceforge.net/project/aria2/stable/aria2-%{version}/aria2-%{version}.tar.xz +# PATCH-FEATURE-UPSTREAM aria2-1.15.1-system_certificates.patch sf#3539535 reddw...@opensuse.org -- add support for system certificates +Patch0: aria2-1.15.1-system_certificates.patch +BuildRequires: gcc-c++ +BuildRequires: pkgconfig +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libcares) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(sqlite3) +BuildRequires: pkgconfig(zlib) +%if %{with make_check} +BuildRequires: pkgconfig(cppunit) %endif -%if %{?with_gnutls:1}0 -BuildRequires: libgcrypt-devel -BuildRequires: libgnutls-devel -%endif #with_gnutls -%if %{?with_openssl:1}0 -BuildRequires: libopenssl-devel -%endif #with_openssl -BuildRequires: libexpat-devel +# nettle wasn't available until openSUSE 12.1 +%if 0%{?suse_version} >= 1210 +BuildRequires: gmp-devel +BuildRequires: pkgconfig(nettle) %else -%if %{?with_gnutls:1}0 -BuildRequires: expat -%endif #with_gnutls -%if %{?with_openssl:1}0 -BuildRequires: openssl-devel -%endif #with_openssl -BuildRequires: expat-devel -%endif #0%{?suse_version:1} +BuildRequires: libgcrypt-devel +%endif +# In >= 12.2 try to avoid a rebuild when xz is modified +%if 0%{?suse_version} < 1220 +BuildRequires: xz +%endif +# Because of autoreconf BuildRequires: autoconf BuildRequires: automake -BuildRequires: bash -BuildRequires: bison -BuildRequires: cppunit-devel -BuildRequires: gcc-c++ -BuildRequires: gettext -BuildRequires: gettext-devel -BuildRequires: glibc-devel -BuildRequires: intltool -BuildRequires: libcares-devel -BuildRequires: libstdc++-devel BuildRequires: libtool -BuildRequires: make -BuildRequires: pkgconfig -BuildRequires: sqlite3-devel -BuildRequires: xz -BuildRequires: zlib-devel -Provides: aria2c = %{version}-%{release} -%if %with_bashcomp -# Not actually required for build, but makes the build fail if -# it is not available: -BuildRequires: bash-completion -%endif #with_bashcomp +# aria2-bash-completion was splitted for last time in openSUSE 12.2 +Provides: aria2-bash-completion = %{version} +Obsoletes: aria2-bash-completion < %{version} %description aria2 is a utility for downloading files. It has completely new design @@ -104,81 +69,40 @@ aria2 currently supports HTTP, FTP, and BitTorrent. -%if %with_bashcomp - -%package bash-completion -Summary: Bash Completion for %{name} -Group: Productivity/Networking/Other -Requires: %{name} = %{version} -Requires: bash-completion - -%description bash-completion -Provides bash command line completion support for aria2c, a parallelizing -multi-protocol utility for downloading files. -%endif #with_bashcomp - %prep -%setup -q -n "aria2-%{version}" -%if 0%{?with_cares} -%patch1 -%if "%{_lib}"=="lib64" -%patch2 -%endif #%_lib==lib64 -%endif #cares -%patch4 +%setup -q +%patch0 %build -export CFLAGS="%{optflags} -DPIC -fPIC" -export CXXFLAGS="${CFLAGS}" -%configure \ - --with%{?!with_gnutls:out}-gnutls \ - --with%{?!with_openssl:out}-openssl \ - --with%{?!with_cares:out}-libcares \ - --without-libxml2 \ - --with-sqlite3 \ - --enable-epoll \ - --enable-bittorrent \ - --with-openssl-prefix="%{_usr}" \ - --with-libgnutls-prefix="%{_usr}" \ - --with-libgcrypt-prefix="%{_usr}" \ - --with-libz-prefix="%{_usr}" \ - --with-xml-prefix="%{_usr}" \ - --with-sqlite3-prefix="%{_usr}" -# a buglet in the configure script causes this directive to cause the opposite, so comment it out -# poeml, Mon Aug 4 16:30:55 CEST 2008 - #--enable-metalink - -%__make %{?_smp_mflags} +# Because of aria2-1.15.1-system_certificates.patch +autoreconf -fi +# gnutls < 3.0.20 doesn't provide gnutls_certificate_set_x509_system_trust() +# so we use with-ca-bundle in < 12.2 +%configure --docdir=%{_defaultdocdir}/%{name}/ \ +%if 0%{?suse_version} < 1220 + --with-ca-bundle=%{_sysconfdir}/ssl/ca-bundle.pem \ +%endif + --with-bashcompletiondir=%{_sysconfdir}/bash_completion.d/ +make %{?_smp_mflags} %install -%makeinstall - -%if %with_bashcomp -%__install -D -m0644 doc/bash_completion/aria2c "%{buildroot}/etc/bash_completion.d/%{name}" -%endif #with_bashcomp - -%__rm -rf "%{buildroot}%{_datadir}/doc" -for l in "en@boldquot" "en@quot"; do - %__rm -rf "%{buildroot}%{_datadir}/locale/${l}" -done -%find_lang aria2 - -#check -#__make check +%make_install +# I guess this is the correct thing to do until bnc#737549 is fixed +rm -rf %{buildroot}%{_mandir}/ru/ +# Only installation instructions +rm -rf %{buildroot}%{_defaultdocdir}/%{name}/bash_completion +%find_lang aria2 --with-man + +%if %{with make_check} +%check +make check +%endif -%files -f "aria2.lang" +%files -f aria2.lang %defattr(-,root,root) -%doc AUTHORS ChangeLog COPYING NEWS README -%doc README.html +%doc AUTHORS ChangeLog COPYING NEWS %{_bindir}/aria2c -%doc %{_mandir}/man1/aria2c.1%{ext_man} -%doc %{_mandir}/*/man1/aria2c.1%{ext_man} - -%if %with_bashcomp - -%files bash-completion -%defattr(-,root,root) -%config /etc/bash_completion.d/%{name} -%endif #with_bashcomp +%config %{_sysconfdir}/bash_completion.d/aria2c +%{_mandir}/man1/aria2c.1%{ext_man} %changelog ++++++ aria2-1.15.1-system_certificates.patch ++++++ Index: configure.ac =================================================================== --- configure.ac.orig +++ configure.ac @@ -121,6 +121,7 @@ if test "x$with_gnutls" = "xyes"; then AC_DEFINE([HAVE_LIBGNUTLS], [1], [Define to 1 if you have libgnutls.]) LIBS="$LIBGNUTLS_LIBS $LIBS" CPPFLAGS="$LIBGNUTLS_CFLAGS $CPPFLAGS" + AC_CHECK_FUNCS([gnutls_certificate_set_x509_system_trust]) else AC_MSG_WARN([$LIBGNUTLS_PKG_ERRORS]) if test "x$with_gnutls_requested" = "xyes"; then Index: src/LibgnutlsTLSContext.cc =================================================================== --- src/LibgnutlsTLSContext.cc.orig +++ src/LibgnutlsTLSContext.cc @@ -99,6 +99,22 @@ bool TLSContext::addClientKeyFile(const } } +bool TLSContext::addSystemTrustedCACerts() { +#ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_SYSTEM_TRUST + int ret = gnutls_certificate_set_x509_system_trust(certCred_); + if(ret < 0) { + A2_LOG_ERROR(fmt(MSG_LOADING_SYSTEM_TRUSTED_CA_CERTS_FAILED, + gnutls_strerror(ret))); + return false; + } else { + A2_LOG_INFO(fmt("%d certificate(s) were imported.", ret)); + return true; + } +#else + return false; +#endif +} + bool TLSContext::addTrustedCACertFile(const std::string& certfile) { int ret = gnutls_certificate_set_x509_trust_file(certCred_, Index: src/LibgnutlsTLSContext.h =================================================================== --- src/LibgnutlsTLSContext.h.orig +++ src/LibgnutlsTLSContext.h @@ -61,6 +61,8 @@ public: bool addClientKeyFile(const std::string& certfile, const std::string& keyfile); + bool addSystemTrustedCACerts(); + // certfile can contain multiple certificates. bool addTrustedCACertFile(const std::string& certfile); Index: src/LibsslTLSContext.cc =================================================================== --- src/LibsslTLSContext.cc.orig +++ src/LibsslTLSContext.cc @@ -102,6 +102,18 @@ bool TLSContext::addClientKeyFile(const return true; } +bool TLSContext::addSystemTrustedCACerts() { +{ + if(SSL_CTX_set_default_verify_paths(sslCtx_) != 1) { + A2_LOG_ERROR(fmt(MSG_LOADING_SYSTEM_TRUSTED_CA_CERTS_FAILED, + ERR_error_string(ERR_get_error(), 0))); + return false; + } else { + A2_LOG_INFO("System trusted CA certificates were successfully added."); + return true; + } +} + bool TLSContext::addTrustedCACertFile(const std::string& certfile) { if(SSL_CTX_load_verify_locations(sslCtx_, certfile.c_str(), 0) != 1) { Index: src/LibsslTLSContext.h =================================================================== --- src/LibsslTLSContext.h.orig +++ src/LibsslTLSContext.h @@ -61,6 +61,8 @@ public: bool addClientKeyFile(const std::string& certfile, const std::string& keyfile); + bool addSystemTrustedCACerts(); + // certfile can contain multiple certificates. bool addTrustedCACertFile(const std::string& certfile); Index: src/MultiUrlRequestInfo.cc =================================================================== --- src/MultiUrlRequestInfo.cc.orig +++ src/MultiUrlRequestInfo.cc @@ -179,12 +179,15 @@ error_code::Value MultiUrlRequestInfo::e tlsContext->addClientKeyFile(option_->get(PREF_CERTIFICATE), option_->get(PREF_PRIVATE_KEY)); } + if(!option_->blank(PREF_CA_CERTIFICATE)) { if(!tlsContext->addTrustedCACertFile(option_->get(PREF_CA_CERTIFICATE))) { A2_LOG_INFO(MSG_WARN_NO_CA_CERT); } } else if(option_->getAsBool(PREF_CHECK_CERTIFICATE)) { - A2_LOG_INFO(MSG_WARN_NO_CA_CERT); + if(!tlsContext->addSystemTrustedCACerts()) { + A2_LOG_INFO(MSG_WARN_NO_CA_CERT); + } } if(option_->getAsBool(PREF_CHECK_CERTIFICATE)) { tlsContext->enablePeerVerification(); Index: src/message.h =================================================================== --- src/message.h.orig +++ src/message.h @@ -169,6 +169,8 @@ #define MSG_ESTABLISHING_CONNECTION_FAILED \ _("Failed to establish connection, cause: %s") #define MSG_NETWORK_PROBLEM _("Network problem has occurred. cause:%s") +#define MSG_LOADING_SYSTEM_TRUSTED_CA_CERTS_FAILED \ + _("Failed to load trusted CA certificates from system. Cause: %s") #define MSG_LOADING_TRUSTED_CA_CERT_FAILED \ _("Failed to load trusted CA certificates from %s. Cause: %s") #define MSG_CERT_VERIFICATION_FAILED \ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org