4ddcb4
################################################################################
4ddcb4
Name:           jss
4ddcb4
################################################################################
4ddcb4
ddb460
%global         major_version 4
ddb460
%global         minor_version 9
ddb460
%global         update_version 4
ddb460
4ddcb4
Summary:        Java Security Services (JSS)
4ddcb4
URL:            http://www.dogtagpki.org/wiki/JSS
4ddcb4
License:        MPLv1.1 or GPLv2+ or LGPLv2+
4ddcb4
1be440
# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
1be440
# For official (i.e. supported) releases, use x.y.z-r where r >=1.
ddb460
Version:        %{major_version}.%{minor_version}.%{update_version}
958284
Release:        1%{?_timestamp}%{?_commit_id}%{?dist}
958284
#global         _phase -alpha1
4ddcb4
4ddcb4
# To generate the source tarball:
4ddcb4
# $ git clone https://github.com/dogtagpki/jss.git
4ddcb4
# $ cd jss
4ddcb4
# $ git tag v4.5.<z>
4ddcb4
# $ git push origin v4.5.<z>
4ddcb4
# Then go to https://github.com/dogtagpki/jss/releases and download the source
4ddcb4
# tarball.
4ddcb4
Source:         https://github.com/dogtagpki/%{name}/archive/v%{version}%{?_phase}/%{name}-%{version}%{?_phase}.tar.gz
4ddcb4
4ddcb4
# To create a patch for all changes since a version tag:
4ddcb4
# $ git format-patch \
4ddcb4
#     --stdout \
4ddcb4
#     <version tag> \
4ddcb4
#     > jss-VERSION-RELEASE.patch
4ddcb4
# Patch: jss-VERSION-RELEASE.patch
1be440
1be440
################################################################################
1be440
# Java
1be440
################################################################################
1be440
1be440
%if 0%{?fedora} && 0%{?fedora} <= 32 || 0%{?rhel} && 0%{?rhel} <= 8
1be440
%define java_devel java-1.8.0-openjdk-devel
1be440
%define java_headless java-1.8.0-openjdk-headless
1be440
%define java_home /usr/lib/jvm/jre-1.8.0-openjdk
1be440
%else
1be440
%define java_devel java-11-openjdk-devel
1be440
%define java_headless java-11-openjdk-headless
1be440
%define java_home /usr/lib/jvm/jre-11-openjdk
1be440
%endif
1be440
1be440
################################################################################
1be440
# Build Options
1be440
################################################################################
1be440
1be440
# By default the build will execute unit tests unless --without test
1be440
# option is specified.
1be440
1be440
%bcond_without test
4ddcb4
4ddcb4
################################################################################
4ddcb4
# Build Dependencies
4ddcb4
################################################################################
4ddcb4
4ddcb4
BuildRequires:  make
dca01d
BuildRequires:  cmake >= 3.14
4ddcb4
BuildRequires:  zip
4ddcb4
BuildRequires:  unzip
4ddcb4
4ddcb4
BuildRequires:  gcc-c++
4ddcb4
BuildRequires:  nss-devel >= 3.44
4ddcb4
BuildRequires:  nss-tools >= 3.44
1be440
BuildRequires:  %{java_devel}
4ddcb4
BuildRequires:  jpackage-utils
4ddcb4
BuildRequires:  slf4j
4ddcb4
BuildRequires:  glassfish-jaxb-api
4ddcb4
BuildRequires:  slf4j-jdk14
b6a992
BuildRequires:  apache-commons-lang3
4ddcb4
4ddcb4
BuildRequires:  junit
4ddcb4
4ddcb4
Requires:       nss >= 3.44
1be440
Requires:       %{java_headless}
4ddcb4
Requires:       jpackage-utils
4ddcb4
Requires:       slf4j
4ddcb4
Requires:       glassfish-jaxb-api
4ddcb4
Requires:       slf4j-jdk14
b6a992
Requires:       apache-commons-lang3
4ddcb4
ddb460
Provides:       jss = %{major_version}.%{minor_version}
ddb460
4ddcb4
Conflicts:      ldapjdk < 4.20
4ddcb4
Conflicts:      idm-console-framework < 1.2
b6a992
Conflicts:      tomcatjss < 7.6.0
b6a992
Conflicts:      pki-base < 10.10.0
4ddcb4
4ddcb4
%description
4ddcb4
Java Security Services (JSS) is a java native interface which provides a bridge
4ddcb4
for java-based applications to use native Network Security Services (NSS).
4ddcb4
This only works with gcj. Other JREs require that JCE providers be signed.
4ddcb4
4ddcb4
################################################################################
4ddcb4
%package javadoc
4ddcb4
################################################################################
4ddcb4
4ddcb4
Summary:        Java Security Services (JSS) Javadocs
ddb460
ddb460
Provides:       javadoc = %{major_version}.%{minor_version}
4ddcb4
4ddcb4
%description javadoc
4ddcb4
This package contains the API documentation for JSS.
4ddcb4
4ddcb4
################################################################################
4ddcb4
%prep
4ddcb4
1be440
%autosetup -n %{name}-%{version}%{?_phase} -p 1
4ddcb4
4ddcb4
################################################################################
4ddcb4
%build
4ddcb4
4ddcb4
%set_build_flags
4ddcb4
4ddcb4
# Enable compiler optimizations
4ddcb4
export BUILD_OPT=1
4ddcb4
4ddcb4
# Generate symbolic info for debuggers
4ddcb4
CFLAGS="-g $RPM_OPT_FLAGS"
4ddcb4
export CFLAGS
4ddcb4
4ddcb4
# Check if we're in FIPS mode
4ddcb4
modutil -dbdir /etc/pki/nssdb -chkfips true | grep -q enabled && export FIPS_ENABLED=1
4ddcb4
4ddcb4
# The Makefile is not thread-safe
4ddcb4
%cmake \
1be440
    -DVERSION=%{version} \
4ddcb4
    -DJAVA_HOME=%{java_home} \
4ddcb4
    -DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
1be440
    -DJSS_LIB_INSTALL_DIR=%{_libdir}/jss \
1928f4
    -B %{_vpath_builddir}
1928f4
1928f4
cd %{_vpath_builddir}
1be440
1be440
%{__make} \
1be440
    VERBOSE=%{?_verbose} \
1be440
    CMAKE_NO_VERBOSE=1 \
1be440
    --no-print-directory \
1be440
    all
1be440
1be440
%{__make} \
1be440
    VERBOSE=%{?_verbose} \
1be440
    CMAKE_NO_VERBOSE=1 \
1be440
    --no-print-directory \
1be440
    javadoc
1be440
1be440
%if %{with test}
4ddcb4
ctest --output-on-failure
1be440
%endif
4ddcb4
4ddcb4
################################################################################
4ddcb4
%install
4ddcb4
1be440
cd %{_vpath_builddir}
4ddcb4
1be440
%{__make} \
1be440
    VERBOSE=%{?_verbose} \
1be440
    CMAKE_NO_VERBOSE=1 \
1be440
    DESTDIR=%{buildroot} \
1be440
    INSTALL="install -p" \
1be440
    --no-print-directory \
1be440
    install
4ddcb4
4ddcb4
################################################################################
4ddcb4
%files
4ddcb4
4ddcb4
%defattr(-,root,root,-)
4ddcb4
%doc jss.html
4ddcb4
%license MPL-1.1.txt gpl.txt lgpl.txt
4ddcb4
%{_libdir}/*
4ddcb4
%{_jnidir}/*
4ddcb4
4ddcb4
################################################################################
4ddcb4
%files javadoc
4ddcb4
4ddcb4
%defattr(-,root,root,-)
4ddcb4
%{_javadocdir}/%{name}-%{version}/
4ddcb4
4ddcb4
################################################################################
4ddcb4
%changelog
ddb460
* Wed Jun 01 2022 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.4-1
ddb460
- Rebase to JSS 4.9.4
ddb460
- Bug 2013674 - JSS cannot be properly initialized after using another NSS-backed security provider
ddb460
4ee4cb
* Tue Feb 15 2022 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.3-1
4ee4cb
- Rebase to JSS 4.9.3
4ee4cb
- Bug 2046022 - CVE-2021-4213 pki-core:10.6/jss: memory leak in TLS connection leads to OOM [rhel-8]
4ee4cb
8f2bc4
* Mon Nov 15 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.2-1
8f2bc4
- Rebase to JSS 4.9.2
8f2bc4
fbdb6f
* Tue Sep 21 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.1-1
fbdb6f
- Rebase to JSS 4.9.1
fbdb6f
958284
* Mon Jul 26 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-1
958284
- Rebase to JSS 4.9.0
958284
1be440
* Fri Jun 11 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-0.2
1be440
- Rebase to JSS 4.9.0-alpha2
1be440
1be440
* Wed Jun 02 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.9.0-0.1
1be440
- Rebase to JSS 4.9.0-alpha1
bd9a92
dca01d
* Thu Jan 14 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.1-1
dca01d
- Rebase to upstream JSS v4.8.1
dca01d
- Red Hat Bugilla #1908541 - jss broke SCEP - missing PasswordChallenge class
dca01d
- Red Hat Bugilla #1489256 - [RFE] jss should support RSA with OAEP padding
dca01d
b6a992
* Wed Nov 18 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-2
b6a992
- Only check PKCS11Constants on beta builds
b6a992
- Bump tomcatjss, pki-core conflicts due to lang3
b6a992
b6a992
* Wed Oct 28 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-1
b6a992
- Rebase to upstream JSS v4.8.0
b6a992
b6a992
* Tue Oct 20 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.8.0-0.1
b6a992
- Rebase to upstream JSS v4.8.0-b1
b6a992
1928f4
* Fri Sep 11 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.3-1
1928f4
- Rebase to upstream stable release JSS v4.7.3
1928f4
- Red Hat Bugzilla #1873235 - Fix SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT in pki ca-user-cert-add
1928f4
e57ac0
* Thu Aug 06 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.2-1
e57ac0
- Rebase to upstream stable release JSS v4.7.2
e57ac0
- Red Hat Bugzilla #1822246 - Fix SSLSocket NULL pointer deference after close
e57ac0
e57ac0
* Fri Jul 31 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.1-1
e57ac0
- Rebase to upstream stable release JSS v4.7.1
e57ac0
e57ac0
* Thu Jul 09 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-1
e57ac0
- Rebase to upstream stable release JSS v4.7.0
e57ac0
- Fixed TestSSLEngine
e57ac0
d94c04
* Thu Jun 25 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.4
d94c04
- Rebased to JSS 4.7.0-b4
d94c04
d94c04
* Mon Jun 22 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.3
d94c04
- Rebased to JSS 4.7.0-b3
d94c04
4ddcb4
* Tue May 26 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.7.0-0.1
4ddcb4
- Rebased to JSS 4.7.0-b1
4ddcb4
4ddcb4
* Mon Mar 23 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-4
4ddcb4
- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
4ddcb4
4ddcb4
* Mon Mar 02 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-3
4ddcb4
- Red Hat Bugzilla #1807371 - KRA-HSM: Async and sync key recovery using kra agent web is failing
4ddcb4
4ddcb4
* Tue Oct 29 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-2
4ddcb4
- Red Hat Bugzilla #1730767 - JSS: Wrap NSS CMAC + KDF implementations
4ddcb4
- Rebased to JSS 4.6.2
4ddcb4
4ddcb4
* Wed Sep 11 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-5
4ddcb4
- Red Hat Bugzilla #1747987 - CVE 2019-14823 jss: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
4ddcb4
4ddcb4
* Wed Aug 14 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-4
4ddcb4
- Red Hat Bugzilla #1698059 - pki-core implements crypto
4ddcb4
4ddcb4
* Tue Jul 16 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-3
4ddcb4
- Red Hat Bugzilla #1721135 - JSS - LD_FLAGS support
4ddcb4
4ddcb4
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-2
4ddcb4
- Minor updates to release
4ddcb4
4ddcb4
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-1
4ddcb4
- Rebased to JSS 4.6.0
4ddcb4
4ddcb4
* Thu Apr 25 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.3-1
4ddcb4
- Rebased to JSS 4.5.3
4ddcb4
4ddcb4
* Fri Aug 10 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-1
4ddcb4
- Rebased to JSS 4.5.0
4ddcb4
4ddcb4
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.6
4ddcb4
- Rebased to JSS 4.5.0-b1
4ddcb4
4ddcb4
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.5
4ddcb4
- Red Hat Bugzilla #1612063 - Do not override system crypto policy (support TLS 1.3)
4ddcb4
4ddcb4
* Fri Jul 20 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.4
4ddcb4
- Rebased to JSS 4.5.0-a4
4ddcb4
- Red Hat Bugzilla #1604462 - jss: FTBFS in Fedora rawhide
4ddcb4
4ddcb4
* Thu Jul 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.3
4ddcb4
- Rebased to JSS 4.5.0-a3
4ddcb4
4ddcb4
* Fri Jun 22 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.2
4ddcb4
- Rebased to JSS 4.5.0-a2
4ddcb4
4ddcb4
* Fri Jun 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.1
4ddcb4
- Rebased to JSS 4.5.0-a1