2 %bcond_with builddb # build nss database. requires interactive input
5 %define apxs /usr/sbin/apxs
6 Summary: mod_nss - strong cryptography support for Apache using SSL/TLS library NSS
7 Summary(pl.UTF-8): mod_nss - silna kryptografia dla Apache'a przy użyciu biblioteki SSL/TLS NSS
12 Group: Networking/Daemons/HTTP
13 Source0: http://directory.fedoraproject.org/sources/mod_nss-%{version}.tar.gz
14 # Source0-md5: 32458d91ce909260a6081cce58004e2f
15 Source1: apache-server.crt
16 Source2: apache-server.key
18 # Source3-md5: d5bfafc09ad23f4bdd917d450680cec7
19 Patch0: %{name}-config.patch
20 URL: http://directory.fedoraproject.org/wiki/Mod_nss
21 BuildRequires: %{apxs}
22 BuildRequires: apache-devel >= 2.0
23 BuildRequires: apr-devel >= 1:1.0
24 BuildRequires: apr-util-devel >= 1:1.0
25 BuildRequires: libstdc++-devel
26 BuildRequires: nspr-devel >= 1:4.6.2
27 BuildRequires: nss-devel >= 1:3.11.3
29 BuildRequires: nss-tools
30 BuildRequires: openssl-tools
32 Requires: apache(modules-api) = %{apache_modules_api}
33 Requires: nspr >= 1:4.6.2
34 Requires: nss >= 1:3.11.3
35 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
37 %define _pkglibdir %(%{apxs} -q LIBEXECDIR 2>/dev/null)
38 %define _sysconfdir %(%{apxs} -q SYSCONFDIR 2>/dev/null)
41 An Apache 2.x module for implementing crypto using the Mozilla NSS
42 crypto libraries. This supports SSL v3/TLS v1 including support for
43 client certificate authentication. NSS provides web applications with
44 a FIPS 140 certified crypto provider and support for a full range of
47 mod_nss is based directly on the mod_ssl package from Apache 2.0.54.
48 It is a conversion from using OpenSSL calls to using NSS calls
51 %description -l pl.UTF-8
52 Moduł Apache'a 2.x implementujący kryptografię przy użyciu bibliotek
53 kryptograficznych Mozilla NSS. Obsługuje SSL v3/TLS v1 wraz z
54 uwierzytelnianiem z użyciem certyfikatu klienta. NSS zapewnia
55 aplikacjom WWW dostarczanie kryptografii z certyfikacją FIPS 140 i
56 obsługę pełnego zakresu urządzeń PKCS#11.
58 mod_nss jest oparty bezpośrednio na pakiecie mod_ssl z Apache'a
59 2.0.54, jedynie został zmodyfikowany tak, aby używał wywołań NSS
63 %setup -q -n mod_nss-%{version} -a3
65 cp %{SOURCE1} server.crt
66 cp %{SOURCE2} server.key
69 # apr-util is missing in configure check
70 CPPFLAGS=$(apu-1-config --includes)
73 CXXCPP="%{__cxx} -E" \
76 --with-nspr-inc=/usr/include/nspr \
77 --with-nspr-lib=%{_libdir} \
78 --with-nss-inc=/usr/include/nss \
79 --with-nss-lib=%{_libdir}
84 # XXX: this is interactive, cannot be done in builders process
88 openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name "Server-Cert" -passout pass:
89 pk12util -i server.p12 -d nss -W ''
93 rm -rf $RPM_BUILD_ROOT
94 install -d $RPM_BUILD_ROOT{%{_sbindir},%{_pkglibdir},%{_sysconfdir}/{conf.d,nss}}
95 install .libs/libmodnss.so $RPM_BUILD_ROOT%{_pkglibdir}
96 install nss_pcache $RPM_BUILD_ROOT%{_sbindir}
98 cp -a nss.conf $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/40_mod_%{mod_name}.conf
99 cp -a nss/* $RPM_BUILD_ROOT%{_sysconfdir}/nss
102 rm -rf $RPM_BUILD_ROOT
105 %service -q httpd restart
108 if [ "$1" = "0" ]; then
109 %service -q httpd restart
113 %defattr(644,root,root,755)
114 %doc NOTICE README TODO docs/mod_nss.html migrate.pl
115 %attr(750,root,http) %dir %{_sysconfdir}/nss
116 %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/cert8.db
117 %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/key3.db
118 %attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nss/secmod.db
119 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*_mod_%{mod_name}.conf
120 %attr(755,root,root) %{_pkglibdir}/libmodnss.so
121 %attr(755,root,root) %{_sbindir}/nss_pcache