commit 3c647849a78a0c5beccaf4939502deeee69527c1 Author: Jakub Bogusz <qbo...@pld-linux.org> Date: Mon Feb 2 20:52:30 2015 +0100
- initial pathfinder-c++.patch | 70 +++++++++++++++ pathfinder-libdir.patch | 20 +++++ pathfinder-link.patch | 18 ++++ pathfinder.spec | 235 ++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 343 insertions(+) --- diff --git a/pathfinder.spec b/pathfinder.spec new file mode 100644 index 0000000..73dcf5c --- /dev/null +++ b/pathfinder.spec @@ -0,0 +1,235 @@ +# +# Conditional build: +%bcond_without static_libs # don't build static libraries +# +Summary: PathFinder PKI Path Discovery and Validation Daemon +Summary(pl.UTF-8): PathFinder - demon do rozpoznawania i sprawdzania poprawności ścieżek PKI +Name: pathfinder +Version: 1.1.7 +Release: 1 +License: LGPL v2.1 or BSD (libraries), LGPL v2.1 (programs) +Group: Libraries +#Source0Download: http://code.google.com/p/pathfinder-pki/downloads/list +Source0: http://pathfinder-pki.googlecode.com/files/%{name}-%{version}-Source.tar.gz +# Source0-md5: 8307b2297c1efa6c526ce4b656a2e4aa +Patch0: %{name}-c++.patch +Patch1: %{name}-link.patch +Patch2: %{name}-libdir.patch +URL: http://code.google.com/p/pathfinder-pki/ +BuildRequires: cmake >= 2.4.7 +BuildRequires: dbus-devel >= 1 +BuildRequires: libstdc++-devel +BuildRequires: nss-devel +BuildRequires: openldap-devel +BuildRequires: openssl-devel +BuildRequires: pkgconfig +BuildRequires: wvstreams-devel +BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) + +%define specflags -fpermissive + +%description +PathFinder is designed to provide a mechanism for any program to +perform RFC-3280 compliant path validation of X.509 certificates, even +when some of the intermediate certificates are not present on the +local machine. By design, PathFinder automatically downloads any such +certificates from the Internet as needed using the AIA and CRL +distribution point extensions of the certificates it is processing. It +has the ability to do revocation status checking either using CRL or +OCSP, or both. And, given the recent vulnerabilities that have +rendered the MD5 algorithm highly suspect, it allows the administrator +to choose to not validate certificates using that algorithm anywhere +in the trust path. + +For the convenience of those using OpenSSL or NSS (Netscape Security +Services), two libraries containing a PathFinder callback suitable for +use with an SSL connection are provided. + +%description -l pl.UTF-8 +PathFinder powstał w celu dostarczenia dowolnym programom mechanizmu +wykonywania zgodnej z RFC-3280 kontroli poprawności ścieżek +certyfikatów X.509, nawet kiedy niektóre z certyfikatów pośrednich nie +są dostępne na maszynie lokalnej. Zgodnie z projektem, PathFinder +automatycznie ściąga takie certyfikaty z Internetu w miarę potrzeb +przy użyciu rozszerzeń punktów dystrybucji AIA i CRL przetwarzanych +certyfikatów. Potrafi sprawdzać stan odwołań certyfikatów przy użyciu +CRL lub OCSP, albo obu tych mechanizmów. A także, ze względu na +wykryte niedawno luki czyniące algorytm MD5 niewiarygodnym, pozwala +także administratorowi zdecydować, by nie uznawać certyfikatów, +wykorzystujących ten algorytm, za poprawne. + +Dla wygody wykorzystujących biblioteki OpenSSL oraz NSS (Netscape +Security Services), dostarczane są dwie biblioteki z odpowiednimi +wywołaniami wstecznymi PathFindera. + +%package devel +Summary: Common development files for PathFinder libraries +Summary(pl.UTF-8): Wspólne pliki programistyczne bibliotek PathFindera +Group: Development/Libraries + +%description devel +Common development files for PathFinder libraries. + +%description devel -l pl.UTF-8 +Wspólne pliki programistyczne bibliotek PathFindera. + +%package nss +Summary: NSS PathFinder plugin library +Summary(pl.UTF-8): Biblioteka wtyczki PathFinder dla NSS +Group: Libraries +Requires: dbus-libs >= 1.0 +Requires: nss >= 2.0.0 + +%description nss +Library that allows NSS (Netscape Security Services) to use PathFinder +for certificate validation. + +%description nss -l pl.UTF-8 +Biblioteka pozwalająca bibliotece NSS (Netscape Security Services) na +wykorzystywanie PathFindera do sprawdzania poprawności certyfikatów. + +%package nss-devel +Summary: Header file for NSS PathFinder plugin library +Summary(pl.UTF-8): Plik nagłówkowy biblioteki wtyczki PathFinder dla NSS +Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} +Requires: %{name}-nss = %{version}-%{release} +Requires: dbus-devel >= 1.0 +Requires: nss-devel >= 2.0.0 + +%description nss-devel +Header file for NSS PathFinder plugin library. + +%description nss-devel -l pl.UTF-8 +Plik nagłówkowy biblioteki wtyczki PathFinder dla NSS. + +%package nss-static +Summary: Static NSS PathFinder plugin library +Summary(pl.UTF-8): Statyczna biblioteka wtyczki PathFinder dla NSS +Group: Development/Libraries +Requires: %{name}-nss-devel = %{version}-%{release} + +%description nss-static +Static NSS PathFinder plugin library. + +%description nss-static -l pl.UTF-8 +Statyczna biblioteka wtyczki PathFinder dla NSS. + +%package openssl +Summary: OpenSSL PathFinder plugin library +Summary(pl.UTF-8): Biblioteka wtyczki PathFinder dla OpenSSL +Group: Libraries +Requires: dbus-libs >= 1.0 +Requires: openssl >= 0.9.8 + +%description openssl +Library that allows OpenSSL to use PathFinder for certificate +validation. + +%description openssl -l pl.UTF-8 +Biblioteka pozwalająca bibliotece OpenSSL na wykorzystywanie +PathFindera do sprawdzania poprawności certyfikatów. + +%package openssl-devel +Summary: Header file for OpenSSL PathFinder plugin library +Summary(pl.UTF-8): Plik nagłówkowy biblioteki wtyczki PathFinder dla OpenSSL +Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} +Requires: %{name}-openssl = %{version}-%{release} +Requires: dbus-devel >= 1.0 +Requires: openssl-devel >= 0.9.8 + +%description openssl-devel +Header file for OpenSSL PathFinder plugin library. + +%description openssl-devel -l pl.UTF-8 +Plik nagłówkowy biblioteki wtyczki PathFinder dla OpenSSL. + +%package openssl-static +Summary: Static OpenSSL PathFinder plugin library +Summary(pl.UTF-8): Statyczna biblioteka wtyczki PathFinder dla OpenSSL +Group: Development/Libraries +Requires: %{name}-openssl-devel = %{version}-%{release} + +%description openssl-static +Static OpenSSL PathFinder plugin library. + +%description openssl-static -l pl.UTF-8 +Statyczna biblioteka wtyczki PathFinder dla OpenSSL. + +%prep +%setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 + +%build +# out-of-tree build is broken (missing -I$builddir) +%cmake . + +%{__make} + +%install +rm -rf $RPM_BUILD_ROOT + +%{__make} install \ + DESTDIR=$RPM_BUILD_ROOT + +%clean +rm -rf $RPM_BUILD_ROOT + +%post nss -p /sbin/ldconfig +%postun nss -p /sbin/ldconfig + +%post openssl -p /sbin/ldconfig +%postun openssl -p /sbin/ldconfig + +%files +%defattr(644,root,root,755) +%doc AUTHORS LICENSE README pathfinderd.ini.sample +%attr(755,root,root) %{_bindir}/pathclient +%attr(755,root,root) %{_bindir}/pathverify +%attr(755,root,root) %{_sbindir}/pathfinderd +/etc/dbus-1/system.d/pathfinderd.conf +%{_mandir}/man8/pathfinderd.8* + +%files devel +%defattr(644,root,root,755) +%dir %{_includedir}/pathfinder-1 +%{_includedir}/pathfinder-1/libpathfinder.h +%{_mandir}/man3/pathclient.3* +%{_mandir}/man3/pathverify.3* + +%files nss +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpathfinder-nss-1.so.*.*.* +%attr(755,root,root) %ghost %{_libdir}/libpathfinder-nss-1.so.1 + +%files nss-devel +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpathfinder-nss-1.so +%{_includedir}/pathfinder-1/libpathfinder-nss.h +%{_pkgconfigdir}/pathfinder-nss.pc + +%if %{with static_libs} +%files nss-static +%defattr(644,root,root,755) +%{_libdir}/libpathfinder-nss-1.a +%endif + +%files openssl +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpathfinder-openssl-1.so.*.*.* +%attr(755,root,root) %ghost %{_libdir}/libpathfinder-openssl-1.so.1 + +%files openssl-devel +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpathfinder-openssl-1.so +%{_includedir}/pathfinder-1/libpathfinder-openssl.h +%{_pkgconfigdir}/pathfinder-openssl.pc + +%if %{with static_libs} +%files openssl-static +%defattr(644,root,root,755) +%{_libdir}/libpathfinder-openssl-1.a +%endif diff --git a/pathfinder-c++.patch b/pathfinder-c++.patch new file mode 100644 index 0000000..3dfb078 --- /dev/null +++ b/pathfinder-c++.patch @@ -0,0 +1,70 @@ +--- pathfinder-1.1.7/downloader.cc.orig 2012-01-03 19:04:40.000000000 +0100 ++++ pathfinder-1.1.7/downloader.cc 2014-12-31 22:03:36.811727721 +0100 +@@ -37,9 +37,9 @@ Downloader::Downloader(WvStringParm _url + log("Kicking off download of %s.\n", url); + stream = pool->addurl(url, _method, _headers, _content_source); + stream->setcallback(wv::bind(&Downloader::download_cb, this, +- wv::ref(*stream))); ++ stream)); + stream->setclosecallback(wv::bind(&Downloader::download_closed_cb, this, +- wv::ref(*stream))); ++ stream)); + WvIStreamList::globallist.append(stream, true, WvString("download url %s", + url)); + } +@@ -69,14 +69,14 @@ Downloader::~Downloader() + } + + +-void Downloader::download_cb(WvStream &s) ++void Downloader::download_cb(xplc_ptr<WvBufUrlStream> s) + { + char buf[1024]; + size_t numread = 0; + size_t totalread = 0; +- while (s.isreadable() && totalread < 32768) ++ while (s->isreadable() && totalread < 32768) + { +- numread = s.read(buf, 1024); ++ numread = s->read(buf, 1024); + if (numread) + downloadbuf.put(buf, numread); + totalread += numread; +@@ -84,20 +84,20 @@ void Downloader::download_cb(WvStream &s + } + + +-void Downloader::download_closed_cb(WvStream &s) ++void Downloader::download_closed_cb(xplc_ptr<WvBufUrlStream> s) + { + WvError err; + WvString mimetype = WvString::null; + // as of this writing, errors are not properly set on a urlstream + // when there's a problem, so we have to resort to hacks to validate stuff + #if WVHTTPPOOLFIXED +- if (!s.isok() && s.geterr()) ++ if (!s->isok() && s->geterr()) + #else + if (0) + #endif + { +- log("Didn't download %s successfully (%s).\n", url, s.errstr()); +- err.seterr_both(s.geterr(), s.errstr()); ++ log("Didn't download %s successfully (%s).\n", url, s->errstr()); ++ err.seterr_both(s->geterr(), s->errstr()); + if (finished_cb) + finished_cb(url, mimetype, downloadbuf, err); + return; +--- pathfinder-1.1.7/downloader.h.orig 2012-01-03 19:04:40.000000000 +0100 ++++ pathfinder-1.1.7/downloader.h 2014-12-31 22:00:18.518402719 +0100 +@@ -33,8 +33,8 @@ public: + + private: + WvDynBuf downloadbuf; +- void download_cb(WvStream &s); +- void download_closed_cb(WvStream &s); ++ void download_cb(xplc_ptr<WvBufUrlStream> s); ++ void download_closed_cb(xplc_ptr<WvBufUrlStream> s); + void download_ldap(); + + WvString url; diff --git a/pathfinder-libdir.patch b/pathfinder-libdir.patch new file mode 100644 index 0000000..71e31d9 --- /dev/null +++ b/pathfinder-libdir.patch @@ -0,0 +1,20 @@ +--- pathfinder-1.1.7/pathfinder-nss.pc.in.orig 2007-12-24 22:50:12.000000000 +0100 ++++ pathfinder-1.1.7/pathfinder-nss.pc.in 2015-02-02 20:11:36.785671902 +0100 +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=${prefix} +-libdir=${exec_prefix}/lib ++libdir=${exec_prefix}/lib@LIB_SUFFIX@ + includedir=${prefix}/include + + Name: NSS Pathfinder Plugin Library +--- pathfinder-1.1.7/pathfinder-openssl.pc.in.orig 2007-07-27 21:52:00.000000000 +0200 ++++ pathfinder-1.1.7/pathfinder-openssl.pc.in 2015-02-02 20:11:46.849004812 +0100 +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=${prefix} +-libdir=${exec_prefix}/lib ++libdir=${exec_prefix}/lib@LIB_SUFFIX@ + includedir=${prefix}/include + + Name: OpenSSL Pathfinder Plugin Library diff --git a/pathfinder-link.patch b/pathfinder-link.patch new file mode 100644 index 0000000..f9e3424 --- /dev/null +++ b/pathfinder-link.patch @@ -0,0 +1,18 @@ +--- pathfinder-1.1.7/x509path/CMakeLists.txt.orig 2009-01-05 04:27:35.000000000 +0100 ++++ pathfinder-1.1.7/x509path/CMakeLists.txt 2014-12-31 22:52:15.114938579 +0100 +@@ -3,3 +3,4 @@ + SET_TARGET_PROPERTIES(x509path + PROPERTIES COMPILE_FLAGS "${EXTRA_CFLAGS} ${OPENSSL_CFLAGS}" + LINK_FLAGS "${OPENSSL_LINKFLAGS}") ++TARGET_LINK_LIBRARIES(x509path "${OPENSSL_LIBRARIES}") +--- pathfinder-1.1.7/libpathfinder/CMakeLists.txt.orig 2011-09-21 20:02:42.000000000 +0200 ++++ pathfinder-1.1.7/libpathfinder/CMakeLists.txt 2015-01-01 00:12:06.448070841 +0100 +@@ -8,7 +8,7 @@ + + IF (NSS_CFLAGS) + SET(LIBPATHFINDER_NSS_CFLAGS "${DBUS_CFLAGS} ${NSS_CFLAGS}") +-TARGET_LINK_LIBRARIES(pathfinder-nss-1 ${DBUS_LIBRARIES}) ++TARGET_LINK_LIBRARIES(pathfinder-nss-1 ${DBUS_LIBRARIES} ${NSS_LIBRARIES}) + SET_TARGET_PROPERTIES(pathfinder-nss-1 PROPERTIES COMPILE_FLAGS "${LIBPATHFINDER_NSS_CFLAGS}") + SET_TARGET_PROPERTIES(pathfinder-nss-1 PROPERTIES VERSION 1.0.0 SOVERSION 1 ) + SET_TARGET_PROPERTIES(pathfinder-nss-1 PROPERTIES CLEAN_DIRECT_OUTPUT 1) ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/pathfinder.git/commitdiff/3c647849a78a0c5beccaf4939502deeee69527c1 _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit