]>
Commit | Line | Data |
---|---|---|
bfdd18c0 ER |
1 | # Conditional build: |
2 | %bcond_with builddb # build nss database. requires interactive input | |
3 | # | |
18337b87 | 4 | %define mod_name nss |
785a760e JB |
5 | %define apxs /usr/sbin/apxs |
6 | Summary: mod_nss - strong cryptography support for Apache using SSL/TLS library NSS | |
a66472ce | 7 | Summary(pl.UTF-8): mod_nss - silna kryptografia dla Apache'a przy użyciu biblioteki SSL/TLS NSS |
785a760e | 8 | Name: apache-mod_nss |
b0142def | 9 | Version: 1.0.8 |
e79e4d0b | 10 | Release: 0.6 |
3e0cf6bd | 11 | License: Apache v2.0 |
785a760e | 12 | Group: Networking/Daemons |
fb59b3a9 | 13 | Source0: http://directory.fedoraproject.org/sources/mod_nss-%{version}.tar.gz |
b0142def | 14 | # Source0-md5: 32458d91ce909260a6081cce58004e2f |
25bd5816 ER |
15 | Source1: apache-server.crt |
16 | Source2: apache-server.key | |
bfdd18c0 ER |
17 | Source3: nss.tar.bz2 |
18 | # Source3-md5: d5bfafc09ad23f4bdd917d450680cec7 | |
18337b87 | 19 | Patch0: %{name}-config.patch |
fb59b3a9 | 20 | URL: http://directory.fedoraproject.org/wiki/Mod_nss |
686ceb58 | 21 | BuildRequires: %{apxs} |
785a760e | 22 | BuildRequires: apache-devel >= 2.0 |
5b464216 JB |
23 | BuildRequires: apr-devel >= 1:1.0 |
24 | BuildRequires: apr-util-devel >= 1:1.0 | |
798ae4d4 | 25 | BuildRequires: libstdc++-devel |
785a760e JB |
26 | BuildRequires: nspr-devel >= 1:4.6.2 |
27 | BuildRequires: nss-devel >= 1:3.11.3 | |
bfdd18c0 ER |
28 | %if %{with builddb} |
29 | BuildRequires: nss-tools | |
30 | BuildRequires: openssl-tools | |
31 | %endif | |
dad6b5c7 | 32 | Requires: apache(modules-api) = %{apache_modules_api} |
785a760e JB |
33 | Requires: nspr >= 1:4.6.2 |
34 | Requires: nss >= 1:3.11.3 | |
35 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
36 | ||
37 | %define _pkglibdir %(%{apxs} -q LIBEXECDIR 2>/dev/null) | |
25bd5816 | 38 | %define _sysconfdir %(%{apxs} -q SYSCONFDIR 2>/dev/null) |
785a760e JB |
39 | |
40 | %description | |
4b91b249 | 41 | An Apache 2.x module for implementing crypto using the Mozilla NSS |
785a760e JB |
42 | crypto libraries. This supports SSL v3/TLS v1 including support for |
43 | client certificate authentication. NSS provides web applications with | |
44 | a FIPS 140 certified crypto provider and support for a full range of | |
45 | PKCS#11 devices. | |
46 | ||
47 | mod_nss is based directly on the mod_ssl package from Apache 2.0.54. | |
48 | It is a conversion from using OpenSSL calls to using NSS calls | |
49 | instead. | |
50 | ||
a87a65b1 | 51 | %description -l pl.UTF-8 |
4b91b249 | 52 | Moduł Apache'a 2.x implementujący kryptografię przy użyciu bibliotek |
a87a65b1 JR |
53 | kryptograficznych Mozilla NSS. Obsługuje SSL v3/TLS v1 wraz z |
54 | uwierzytelnianiem z użyciem certyfikatu klienta. NSS zapewnia | |
55 | aplikacjom WWW dostarczanie kryptografii z certyfikacją FIPS 140 i | |
56 | obsługę pełnego zakresu urządzeń PKCS#11. | |
785a760e | 57 | |
a87a65b1 JR |
58 | mod_nss jest oparty bezpośrednio na pakiecie mod_ssl z Apache'a |
59 | 2.0.54, jedynie został zmodyfikowany tak, aby używał wywołań NSS | |
785a760e JB |
60 | zamiast OpenSSL. |
61 | ||
62 | %prep | |
bfdd18c0 | 63 | %setup -q -n mod_nss-%{version} -a3 |
18337b87 | 64 | %patch0 -p1 |
25bd5816 ER |
65 | cp %{SOURCE1} server.crt |
66 | cp %{SOURCE2} server.key | |
785a760e JB |
67 | |
68 | %build | |
69 | # apr-util is missing in configure check | |
798ae4d4 | 70 | CPPFLAGS=$(apu-1-config --includes) |
785a760e | 71 | %configure \ |
798ae4d4 ER |
72 | CPP="%{__cpp}" \ |
73 | CXXCPP="%{__cxx} -E" \ | |
785a760e JB |
74 | --with-apxs=%{apxs} \ |
75 | --with-apr-config \ | |
76 | --with-nspr-inc=/usr/include/nspr \ | |
77 | --with-nspr-lib=%{_libdir} \ | |
78 | --with-nss-inc=/usr/include/nss \ | |
79 | --with-nss-lib=%{_libdir} | |
80 | ||
81 | %{__make} | |
82 | ||
bfdd18c0 ER |
83 | %if %{with builddb} |
84 | # XXX: this is interactive, cannot be done in builders process | |
85 | rm -rf nss | |
25bd5816 | 86 | install -d nss |
bfdd18c0 ER |
87 | certutil -N -d nss |
88 | openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name "Server-Cert" -passout pass: | |
89 | pk12util -i server.p12 -d nss -W '' | |
90 | %endif | |
25bd5816 | 91 | |
785a760e JB |
92 | %install |
93 | rm -rf $RPM_BUILD_ROOT | |
25bd5816 | 94 | install -d $RPM_BUILD_ROOT{%{_sbindir},%{_pkglibdir},%{_sysconfdir}/{conf.d,nss}} |
785a760e JB |
95 | install .libs/libmodnss.so $RPM_BUILD_ROOT%{_pkglibdir} |
96 | install nss_pcache $RPM_BUILD_ROOT%{_sbindir} | |
97 | ||
25bd5816 | 98 | cp -a nss.conf $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/40_mod_%{mod_name}.conf |
bfdd18c0 | 99 | cp -a nss/* $RPM_BUILD_ROOT%{_sysconfdir}/nss |
785a760e JB |
100 | |
101 | %clean | |
102 | rm -rf $RPM_BUILD_ROOT | |
103 | ||
e7a3ca90 ER |
104 | %post |
105 | %service -q httpd restart | |
106 | ||
107 | %postun | |
108 | if [ "$1" = "0" ]; then | |
109 | %service -q httpd restart | |
110 | fi | |
111 | ||
785a760e JB |
112 | %files |
113 | %defattr(644,root,root,755) | |
25bd5816 | 114 | %doc NOTICE README TODO docs/mod_nss.html migrate.pl |
e79e4d0b ER |
115 | %attr(750,root,http) %dir %{_sysconfdir}/nss |
116 | %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/cert8.db | |
117 | %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/key3.db | |
118 | %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/secmod.db | |
25bd5816 | 119 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*_mod_%{mod_name}.conf |
785a760e JB |
120 | %attr(755,root,root) %{_pkglibdir}/libmodnss.so |
121 | %attr(755,root,root) %{_sbindir}/nss_pcache |