# # spec file for package libgsasl # # Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: libgsasl Version: 1.10.0 Release: 1.6 Summary: Implementation of the SASL framework and a few common SASL mechanisms License: LGPL-2.1-or-later AND GPL-3.0-or-later Group: Development/Libraries/C and C++ URL: https://www.gnu.org/software/gsasl/ Source0: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz Source1: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz.sig Source2: https://josefsson.org/54265e8c.txt#/%{name}.keyring BuildRequires: gcc-c++ BuildRequires: gettext-devel >= 0.19.8 BuildRequires: pkgconfig BuildRequires: pkgconfig(krb5-gssapi) BuildRequires: pkgconfig(libgcrypt) >= 1.4.4 BuildRequires: pkgconfig(libidn) BuildRequires: pkgconfig(libntlm) >= 0.3.5 %description GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers. %package -n libgsasl7 Summary: Implementation of the SASL framework and a few common SASL mechanisms # Needed to make lang package installable Group: Development/Libraries/C and C++ Provides: %{name} = %{version} %description -n libgsasl7 GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers. %package devel Summary: Implementation of the SASL framework and a few common SASL mechanisms Group: Development/Libraries/C and C++ Requires: libgsasl7 = %{version} Requires: pkgconfig(krb5-gssapi) Requires: pkgconfig(libgcrypt) Requires: pkgconfig(libidn) Requires: pkgconfig(libntlm) %description devel GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers. %lang_package %prep %setup -q %build %configure \ --disable-static \ --with-pic \ --with-gssapi-impl=mit \ --enable-gcc-warnings \ # %make_build %install %make_install %find_lang %{name} find %{buildroot} -type f -name "*.la" -delete -print %check %make_build check %post -n libgsasl7 -p /sbin/ldconfig %postun -n libgsasl7 -p /sbin/ldconfig %files -n libgsasl7 %license COPYING* %doc AUTHORS NEWS README THANKS %{_libdir}/*.so.* %files devel %license COPYING* %{_includedir}/gsas*.h %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %files lang -f %{name}.lang %license COPYING* %changelog * Sat Jan 2 2021 Andreas Stieger - update to 1.10.0: * SCRAM-SHA-256 and SCRAM-SHA-256-PLUS (RFC 7677) * New SCRAM crypto helper APIs * SCRAM server: Support for password-less usage * SCRAM: Sets SCRAM_ITER/SCRAM_SALT/SCRAM_SALTED_PASSWORD * SCRAM, GS2, and GSSAPI no longer retrieve the TLS channel binding data (property GSASL_CB_TLS_UNIQUE) during gsasl_client_start() or gsasl_server_start() * A number of legacy and less secure interfaces deprecated * New APIs for hex encoding/decoding - add upstream signing key and validate source signature - refresh spec file - build with all warnings and treat them as errors * Fri Mar 13 2020 David Mulder - Re-enable GSSAPI by explicitly choosing mit kerberos. * Tue Feb 4 2020 Bjørn Lie - Update to version 1.8.1: * gsasl: IMAP client code now permits empty SASL tokens prefixed with '+'. Normally servers should send '+ '. Buggy servers include Microsoft Exchange. * GSSAPI client: - Now retrieves GSASL_AUTHZID for authorization identity. - Can now transmit an empty/missing authorization identity. - See lib/NEWS for more information. * Build fixes: Update of gnulib, including how it is bootstrapped. * Updated translations. - Run spec-cleaner, modernize spec. - No longer recommend -lang: supplements are in use. * Mon Apr 4 2016 kukuk@suse.de - Remove unused buildrequires for libgssglue-devel * Tue Oct 27 2015 meissner@suse.com - run "make check" * Sun Feb 8 2015 p.drouand@gmail.com - Update to version 1.8.0 * SAML20 support following RFC 6595. * OPENID20 support following RFC 6616. * Various cleanups, portability and other bug fixes. See the NEWS entries during the 1.7.x branch for details - Use %%lang_package macro instead of manually defined -lang package - Remove libgsasl-stdio.h.patch; fixed - Remove fix-arm.patch; fixed - Use download Url as source * Thu May 2 2013 jengelh@inai.de - "Recommends" is not understood by RHEL6ish * Thu Mar 21 2013 dmueller@suse.com - fix build on aarch64 by applying fix-arm.patch * Mon Feb 11 2013 aj@suse.com - Change lang package Requires to Recommends since it is not mandatory at runtime. * Thu Aug 16 2012 agraf@suse.com - fix-arm.patch: Add hack to fix compiling on ARM * Mon Aug 13 2012 cfarrell@suse.com - license update: LGPL-2.1+ and GPL-3.0+ contains numerous GPL-3.0+ licensed test files * Sat Aug 11 2012 jengelh@inai.de - Have package compile on RHEL6ish. * Fri Jul 27 2012 aj@suse.de - Fix build with missing gets declaration (glibc 2.16) * Sun Mar 25 2012 jengelh@medozas.de - Enable building against libntlm (now that it exists in factory) * Sun Mar 25 2012 jengelh@medozas.de - Parallel build with %%_smp_mflags; strip redundant spec sections * Thu Jul 7 2011 vuntz@opensuse.org - Stop using source service to download the tarball, as Factory will move away from this. * Fri May 27 2011 vuntz@opensuse.org - Update to version 1.6.1: + Add a Libs.private to libgsasl.pc. + Updated translations. * Fri Apr 29 2011 dimstar@opensuse.org - Update to version 1.6.0: + SCRAM: General fixes and support for SCRAM-SHA-1-PLUS with channel bindings. + GS2-KRB5: New mechanism GS2 with support for Kerberos V5. + GSSAPI/GS2-KRB5: Support for MIT Kerberos for Windows GSS-API library. + DIGEST-MD5: The server code now returns GSASL_OK after the final token. + Added property for tls-unique channel binding. + No longer require the same or newer libgcrypt it was built with. + Several doc improvements. + Update gnulib files. - Use source services: download_url, recompress and set_Version. * Thu Mar 25 2010 vuntz@opensuse.org - Update to version 1.4.4: + SCRAM: Fix build error on platforms without strnlen. - Changes from version 1.4.3: + SCRAM: Don't read out of bounds when parsing tokens. * Tue Mar 16 2010 dimstar@opensuse.org - Update to version 1.4.2: + SCRAM: Encode and decode username/authzid properly. Before any username/authzid that contained '=' or ',' would not work. + Fix typo in error message for GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR. + Updated translations. * Wed Feb 17 2010 dimstar@opensuse.org - Update to version 1.4.1: + gsasl: Improve application data throughput + Improve MinGW builds + Updated translations. * Wed Dec 2 2009 vuntz@opensuse.org - Update to version 1.4.0: + Fix Visual Studio project files to work with SCRAM. + Properly increment libtool version to reflect newly added ABIs. This was accidentally forgotten in the last release. + Export gsasl_sha1 and gsasl_hmac_sha1 in linker version script. This was accidentally forgotten in the last release. + Fix crash in SCRAM-SHA-1 client when the application provides a value for GSASL_SCRAM_SALTED_PASSWORD. + Fix detection of libgcrypt during builds. + Updated translations. + Add libgcrypt-devel BuildRequires. * Fri Nov 13 2009 vuntz@opensuse.org - Update to version 1.3: + libgsasl: Implement SCRAM-SHA-1. New properties are GSASL_SCRAM_ITER, GSASL_SCRAM_SALT, andGSASL_SCRAM_SALTED_PASSWORD. + libgsasl: Add helper APIs for SHA-1 and HMAC-SHA-1. New functions are gsasl_sha1 and gsasl_hmac_sha1. * Sun Jun 14 2009 vuntz@novell.com - Update to version 1.2: + The library needs at most around 250 bytes of stack frame size. This is useful for embedded platforms with limited amount of RAM. + Obsolete gsasl_md5pwd_get_password rewritten to use modern API. + Include a copy of the GPLv3 license in the archive. Some parts, such as the gnulib self-tests, are licensed under the GPLv3. The library remains licensed under LGPLv2.1+ though. - Package COPYING.LIB instead of COPYING: there's no GPLv3 file in the built package (the GPLv3 files are only in the tarball). * Wed Jun 10 2009 dmueller@suse.de - Add Requires for lang package to libgsasl7. * Thu May 7 2009 vuntz@novell.com - Review package. - Update to version 1.1: + DIGEST-MD5 client: Add support for client integrity layer. + DIGEST-MD5: Decoding of integrity protected sessions now works better. + libgsasl: Add new property GSASL_QOPS. + libgsasl: Add new property GSASL_QOP. + DIGEST-MD5 client: Now queries application for QOP value + DIGEST-MD5 server: Now queries application for QOP values. + DIGEST-MD5 server: No longer advertises support for integrity by default. + libgsasl: Added C pre-processor expressions for version handling. + libgsasl: Use a LD version script on platforms where it is supported. + libgsasl: Compiled with -fvisibility=hidden by default if supported. - Remove unneeded libxml2-devel BuildRequires. - Add a note about libntlm that doesn't exist in openSUSE. - Do not make libgsasl7 Provide/Obsolete libgsasl. * Mon Mar 16 2009 novell@mirell.de - initial SUSE package