#
# spec file for package keyutils
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define lname	libkeyutils1
Name:           keyutils
Version:        1.6.3
Release:        1.6
Summary:        Linux Key Management Utilities
License:        GPL-2.0-or-later AND LGPL-2.1-or-later
Group:          System/Kernel
URL:            https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/
Source0:        https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/snapshot/keyutils-%{version}.tar.gz
Source1:        baselibs.conf
Source3:        %{name}.keyring
Patch1:         request-key-cifs.patch
Patch2:         request-key-nfs4.patch
Patch3:         keyutils-nodate.patch
Patch4:         keyutils-usr-move.patch
BuildRequires:  gcc-c++
BuildRequires:  pkgconfig
BuildRequires:  pkgconfig(krb5)

%description
Utilities to control the kernel key management facility and to provide
a mechanism by which the kernel can call back to user space to get a
key instantiated.

%package -n %{lname}
Summary:        Key utilities library
License:        LGPL-2.1-or-later
Group:          System/Kernel
Obsoletes:      keyutils-libs < %{version}-%{release}
Provides:       keyutils-libs = %{version}-%{release}

%description -n %{lname}
This package provides a wrapper library for the key management facility
system calls.

%package devel
Summary:        Development package for building linux key management utilities
License:        LGPL-2.1-or-later
Group:          System/Kernel
Requires:       %{lname} = %{version}
Requires:       glibc-devel

%description devel
This package provides headers and libraries for building key utilities.

%prep
%setup -q
%patch1
%patch2 -p1
%patch3 -p1
%patch4 -p1

%build
%make_build NO_ARLIB=1 CFLAGS="%{optflags}" CC="gcc"

%install
make install NO_ARLIB=1 DESTDIR=%{buildroot} BINDIR=/%{_bindir} SBINDIR=/%{_sbindir} LIBDIR=/%{_libdir} USRLIBDIR=%{_libdir}
%if !0%{?usrmerged}
mkdir -p %{buildroot}/bin %{buildroot}/sbin
ln -s /%{_bindir}/keyctl %{buildroot}/bin
ln -s /%{_sbindir}/key.dns_resolver %{buildroot}/sbin
ln -s /%{_sbindir}/request-key %{buildroot}/sbin
%endif

%post -n %{lname} -p /sbin/ldconfig
%postun -n %{lname} -p /sbin/ldconfig

%files
%license LICENCE.GPL
%doc README
%if !0%{?usrmerged}
/sbin/*
/bin/*
%endif
/%{_sbindir}/*
/%{_bindir}/*
%{_datadir}/keyutils
%{_mandir}/*/*
%config(noreplace) %{_sysconfdir}/request-key.conf
%dir %{_sysconfdir}/request-key.d/

%files -n %{lname}
%license LICENCE.LGPL
/%{_libdir}/libkeyutils.so.*

%files devel
%{_libdir}/libkeyutils.so
%{_includedir}/*
%attr(0644, root, root) %{_libdir}/pkgconfig/libkeyutils.pc

%changelog
* Wed Jan  6 2021 Marcus Meissner <meissner@suse.com>
- the license of the library and -devel package is LGPL only, the
  tools are GPL.
* Mon Jan  4 2021 Dirk Müller <dmueller@suse.com>
- update to 1.6.3:
  * Revert the change notifications that were using /dev/watch_queue.
  * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
  * Allow "keyctl supports" to retrieve raw capability data.
  * Allow "keyctl id" to turn a symbolic key ID into a numeric ID.
  * Allow "keyctl new_session" to name the keyring.
  * Allow "keyctl add/padd/etc." to take hex-encoded data.
  * Add "keyctl watch*" to expose kernel change notifications on keys.
  * Add caps for namespacing and notifications.
  * Set a default TTL on keys that upcall for name resolution.
  * Explicitly clear memory after it's held sensitive information.
  * Various manual page fixes.
  * Fix C++-related errors.
  * Add support for keyctl_move().
  * Add support for keyctl_capabilities().
  * Make key=val list optional for various public-key ops.
  * Fix system call signature for KEYCTL_PKEY_QUERY.
  * Fix 'keyctl pkey_query' argument passing.
  * Use keyctl_read_alloc() in dump_key_tree_aux().
  * Various manual page fixes.
- spec-cleaner run (fixup failing homepage url)
* Fri Oct 16 2020 Ludwig Nussel <lnussel@suse.de>
- prepare usrmerge (boo#1029961)
* Mon Jul  1 2019 Wolfgang Frisch <wolfgang.frisch@suse.com>
- updated to 1.6
  - Apply various specfile cleanups from Fedora.
  - request-key: Provide a command line option to suppress helper execution.
  - request-key: Find least-wildcard match rather than first match.
  - Remove the dependency on MIT Kerberos.
  - Fix some error messages
  - keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
  - Fix doc and comment typos.
  - Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
  - Add pkg-config support for finding libkeyutils.
- upstream isn't offering PGP signatures for the source tarballs anymore
* Mon Mar  4 2019 Dominique Leuenberger <dimstar@opensuse.org>
- Replace krb5-devel BuildRequires with pkgconfig(krb5): Allow OBS
  to shortcut the ring0 bootstrap cycle by also using krb5-mini.
* Mon Oct 29 2018 astieger@suse.com
- add upstream signing key and verify source signature
* Mon Oct 29 2018 meissner@suse.com
- updated to 1.5.11 (bsc#1113013)
  - Add keyring restriction support.
  - Add KDF support to the Diffie-Helman function.
  - DNS: Add support for AFS config files and SRV records
* Thu Feb 22 2018 fvogt@suse.com
- Use %%license (boo#1082318)
* Mon Nov  6 2017 meissner@suse.com
- add keyutils-devel for baselibs, to allow biarch LTP builds.
  (bsc#1061591)
* Fri May  5 2017 meissner@suse.com
- updated to 1.5.10
  - added "dh_compute" callback
  - manpage improvements
* Tue Mar 21 2017 meissner@suse.com
- move binaries from /bin to /usr/bin (bsc#1029969)
- keyutils-usr-move.patch: also adjust the request-key.conf file
* Wed Feb  4 2015 meissner@suse.com
- keyutils-nodate.patch: avoid including the timestamp. bsc#916180
* Thu Jun  5 2014 meissner@suse.com
- correct the obsoletes and provides in baselibs.conf to be correct.
  bnc#881533
* Wed May 14 2014 nfbrown@suse.com
- New upstream release 1.5.9.
  Particularly adds keyctl_invalidate, needed for latest nfs-utils.
  A few minor bugfixes and usability improvements.
* Mon Jul 29 2013 tchvatal@suse.com
- Use macros bit more and fix noreplace on folder, which is not
  good.
* Sun Jun 16 2013 lmuelle@suse.com
- Remove deprecated -c arg while calling cifs.upcall from request-key.conf.
* Fri Feb  1 2013 coolo@suse.com
- update license to new format
* Wed Jun 20 2012 meissner@suse.com
- various small improvements
- added a /etc/request-key.d/ snippet drop directory
* Mon Jun  4 2012 jeffm@suse.com
- Update nfs4 idmap support, nfs-client 1.2.6 changed parameters.
* Wed Apr 11 2012 jeffm@suse.com
- Add nfs4 idmap support
* Wed Oct  5 2011 uli@suse.com
- cross-build fix: use %%__cc macro
* Thu Sep 22 2011 meissner@suse.de
- Updated to 1.5.3
  - Fix unread variables.
  - Licence file update.
- Updated to 1.5
  - Disable RPATH setting in Makefile.
  - Add -I. to build to get this keyutils.h.
  - Make CFLAGS override on make command line work right.
  - Make specfile UTF-8.
  - Support KEYCTL_REJECT.
  - Support KEYCTL_INSTANTIATE_IOV.
  - Add AFSDB DNS lookup program from Wang Lei.
  - Generalise DNS lookup program.
  - Add recursive scan utility function.
  - Add bad key reap command to keyctl.
  - Add multi-unlink variant to keyctl unlink command.
  - Add multi key purger command to keyctl.
  - Handle multi-line commands in keyctl command table.
  - Move the package to version to 1.5.
- Update to 1.4-4
  - Make build guess at default libdirs and word size.
  - Make program build depend on library in Makefile.
  - Don't include $(DESTDIR) in MAN* macros.
  - Remove NO_GLIBC_KEYSYS as it is obsolete.
  - Have Makefile extract version info from specfile and version script.
  - Provide RPM build rule in Makefile.
  - Provide distclean rule in Makefile.
  - Fix local linking and RPATH.
  - Fix prototypes in manual pages (some char* should be void*).
  - Rename the keyctl_security.3 manpage to keyctl_get_security.3.
* Thu Sep 22 2011 jengelh@medozas.de
- Implement shlib package (libkeyutils1)
- Cleanup per Specfile Guidelines
* Tue Apr 19 2011 meissner@suse.de
- Upgraded to 1.4
  - Fix the library naming wrt the version.
  - Move the package to version to 1.4.
  - Fix spelling mistakes in manpages.
  - Add an index manpage for all the keyctl functions.
  - Fix rpmlint warnings.
- fixed parallel make
- do not include empty rpaths
* Thu Mar 18 2010 meissner@suse.de
- Upgraded to 1.3
  - Expose the kernel function to get a key's security context.
  - Expose the kernel function to set a processes keyring onto its parent.
  - Move libkeyutils library version to 1.3.
* Mon Dec 14 2009 jengelh@medozas.de
- add baselibs.conf as a source
- enable parallel building
* Mon Nov 24 2008 meissner@suse.de
- added 2 cifs helpers to request-key.conf (for CIFS DFS support)
  bnc#432494, FATE#303758
* Wed Nov 12 2008 crrodriguez@suse.de
- build request-key.c with -fno-strict-aliasing to avoid
  possible breakages
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
  for multilib support
* Thu Dec 14 2006 meissner@suse.de
- Upgraded to 1.2.
  - call ldconfig
  - removed manpages (now in global man-pages)
* Wed Jul 19 2006 meissner@suse.de
- Upgraded to 1.1.
  - cleanups, new manpage.
- no static lib anymore (like upstream).
* Fri Apr 21 2006 meissner@suse.de
- initial import of version 1.0.