1 %define certsvc_feature_ocsp_crl 0
2 %define certsvc_test_build 0
5 Summary: Certification service
8 Group: Security/Libraries
10 Source0: %{name}-%{version}.tar.gz
11 Source1001: %{name}.manifest
12 Requires(post): findutils
14 BuildRequires: pkgconfig(dlog)
15 BuildRequires: pkgconfig(openssl)
16 BuildRequires: pkgconfig(libpcrecpp)
17 BuildRequires: pkgconfig(xmlsec1)
18 BuildRequires: pkgconfig(glib-2.0)
19 BuildRequires: pkgconfig(libxml-2.0)
20 BuildRequires: pkgconfig(libxslt)
21 BuildRequires: pkgconfig(icu-i18n)
22 BuildRequires: pkgconfig(libsoup-2.4)
23 BuildRequires: pkgconfig(db-util)
24 BuildRequires: pkgconfig(libsystemd-daemon)
25 BuildRequires: pkgconfig(key-manager)
26 BuildRequires: pkgconfig(secure-storage)
27 BuildRequires: pkgconfig(libtzplatform-config)
28 BuildRequires: pkgconfig(libsystemd-journal)
29 BuildRequires: boost-devel
30 %if 0%{?certsvc_feature_ocsp_crl}
31 BuildRequires: pkgconfig(vconf)
32 BuildRequires: pkgconfig(sqlite3)
34 Requires: pkgconfig(libtzplatform-config)
35 Requires: ca-certificates-tizen
36 Requires: ca-certificates-mozilla
37 Requires: ca-certificates
44 Summary: Certification service (development files)
45 Group: Development/Libraries
46 Requires: %{name} = %{version}-%{release}
49 Certification service (development files)
51 %if 0%{?certsvc_test_build}
53 Summary: Certification service (tests)
54 Group: Security/Testing
55 BuildRequires: pkgconfig(dpl-test-efl)
57 Requires: ca-certificates-tizen
58 Requires: %{name} = %{version}-%{release}
61 Certification service (tests)
69 export CFLAGS="$CFLAGS -DTIZEN_DEBUG_ENABLE"
70 export CXXFLAGS="$CXXFLAGS -DTIZEN_DEBUG_ENABLE"
71 export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE"
73 export CFLAGS="$CFLAGS -DTIZEN_ENGINEER_MODE"
74 export CXXFLAGS="$CXXFLAGS -DTIZEN_ENGINEER_MODE"
75 export FFLAGS="$FFLAGS -DTIZEN_ENGINEER_MODE"
78 export CFLAGS="$CFLAGS -DTIZEN_EMULATOR_MODE"
79 export CXXFLAGS="$CXXFLAGS -DTIZEN_EMULATOR_MODE"
80 export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE"
83 %{!?build_type:%define build_type "Release"}
84 cmake . -DPREFIX=%{_prefix} \
85 -DEXEC_PREFIX=%{_exec_prefix} \
88 -DINCLUDEDIR=%{_includedir} \
89 -DTZ_SYS_SHARE=%TZ_SYS_SHARE \
90 -DTZ_SYS_BIN=%TZ_SYS_BIN \
91 -DTZ_SYS_ETC=%TZ_SYS_ETC \
92 -DTZ_SYS_RO_WRT_ENGINE=%TZ_SYS_RO_WRT_ENGINE \
93 -DTZ_SYS_DB=%TZ_SYS_DB \
94 %if 0%{?certsvc_feature_ocsp_crl}
95 -DTIZEN_FEAT_CERTSVC_OCSP_CRL=1 \
97 %if 0%{?certsvc_test_build}
98 -DCERTSVC_TEST_BUILD=1 \
99 -DTZ_SYS_RO_APP=%TZ_SYS_RO_APP \
101 -DCMAKE_BUILD_TYPE=%{build_type} \
102 -DSYSTEMD_UNIT_DIR=%{_unitdir}
104 make %{?jobs:-j%jobs}
108 mkdir -p %{buildroot}%{TZ_SYS_SHARE}/license
109 cp LICENSE %{buildroot}%{TZ_SYS_SHARE}/license/%{name}
111 mkdir -p %{buildroot}%{TZ_SYS_SHARE}/cert-svc/certs/user
112 mkdir -p %{buildroot}%{TZ_SYS_SHARE}/cert-svc/certs/trusteduser
113 mkdir -p %{buildroot}%{TZ_SYS_SHARE}/cert-svc/pkcs12
114 mkdir -p %{buildroot}%{TZ_SYS_SHARE}/cert-svc/dbspace
117 mkdir -p %{buildroot}%{_unitdir}/multi-user.target.wants
118 mkdir -p %{buildroot}%{_unitdir}/sockets.target.wants
119 ln -s ../cert-server.service %{buildroot}%{_unitdir}/multi-user.target.wants/
120 ln -s ../cert-server.socket %{buildroot}%{_unitdir}/sockets.target.wants/
122 ln -sf %{TZ_SYS_ETC}/ssl/certs %{buildroot}%{TZ_SYS_SHARE}/cert-svc/certs/ssl
129 systemctl stop cert-server.service
134 systemctl daemon-reload
136 systemctl restart cert-server.service
139 echo "make ca-certificate.crt"
140 %{TZ_SYS_BIN}/make-ca-certificate.sh
141 rm %{TZ_SYS_BIN}/make-ca-certificate.sh
143 echo "create .cert_svc_vcore.db"
144 %if 0%{?certsvc_feature_ocsp_crl}
146 echo "This is new install of cert-svc"
147 %{TZ_SYS_BIN}/cert_svc_create_clean_db.sh
149 echo "Find out old and new version of databases"
150 VCORE_OLD_DB_VERSION=`sqlite3 %{TZ_SYS_DB}/.cert_svc_vcore.db ".tables" | grep "DB_VERSION_"`
151 VCORE_NEW_DB_VERSION=`cat %{TZ_SYS_SHARE}/cert-svc/cert_svc_vcore_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
152 echo "OLD vcore database version ${VCORE_OLD_DB_VERSION}"
153 echo "NEW vcore database version ${VCORE_NEW_DB_VERSION}"
155 if [ ${VCORE_OLD_DB_VERSION} -a ${VCORE_NEW_DB_VERSION} ]; then
156 if [ ${VCORE_OLD_DB_VERSION} = ${VCORE_NEW_DB_VERSION} ]; then
157 echo "Equal database detected so db installation ignored"
159 echo "Calling /usr/bin/cert_svc_create_clean_db.sh"
160 %{TZ_SYS_BIN}/cert_svc_create_clean_db.sh
163 echo "Calling /usr/bin/cert_svc_create_clean_db.sh"
164 %{TZ_SYS_BIN}/cert_svc_create_clean_db.sh
167 rm %{TZ_SYS_SHARE}/cert-svc/cert_svc_vcore_db.sql
168 rm %{TZ_SYS_BIN}/cert_svc_create_clean_db.sh
171 echo "create certs-meta.db"
172 rm -rf %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db
173 %{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
174 %{TZ_SYS_BIN}/initialize_store_db.sh
175 if [[ -e %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db ]]; then
176 cat %{TZ_SYS_SHARE}/cert-svc/root-cert.sql | sqlite3 %{TZ_SYS_SHARE}/cert-svc/dbspace/certs-meta.db
178 rm %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
179 rm %{TZ_SYS_SHARE}/cert-svc/root-cert.sql
180 rm %{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh
181 rm %{TZ_SYS_BIN}/initialize_store_db.sh
187 %defattr(644,system,system,755)
188 %manifest %{name}.manifest
189 # Read only files install as root
190 %attr(755,root,root) %{TZ_SYS_BIN}/cert-server
191 %attr(644,root,root) %{_unitdir}/cert-server.service
192 %attr(644,root,root) %{_unitdir}/cert-server.socket
193 %attr(777,root,root) %{_unitdir}/multi-user.target.wants/cert-server.service
194 %attr(777,root,root) %{_unitdir}/sockets.target.wants/cert-server.socket
195 %attr(755,root,root) %{_libdir}/libcert-svc.so.*
196 %attr(755,root,root) %{_libdir}/libcert-svc-vcore.so.*
197 %attr(644,root,root) %{TZ_SYS_SHARE}/license/%{name}
198 %attr(644,root,root) %{TZ_SYS_RO_WRT_ENGINE}/schema.xsd
199 %attr(644,root,root) %{TZ_SYS_SHARE}/cert-svc/cert_svc_store_db.sql
200 %attr(755,root,root) %{TZ_SYS_BIN}/cert_svc_create_clean_store_db.sh
201 %attr(755,root,root) %{TZ_SYS_BIN}/make-ca-certificate.sh
202 %attr(755,root,root) %{TZ_SYS_BIN}/initialize_store_db.sh
204 %if 0%{?certsvc_feature_ocsp_crl}
205 %attr(644,root,root) %{TZ_SYS_SHARE}/cert-svc/cert_svc_vcore_db.sql
206 %attr(755,root,root) %{TZ_SYS_BIN}/cert_svc_create_clean_db.sh
209 # Resource files install as system
210 %{TZ_SYS_SHARE}/cert-svc/certs/user
211 %{TZ_SYS_SHARE}/cert-svc/certs/trusteduser
212 %{TZ_SYS_SHARE}/cert-svc/pkcs12
213 %{TZ_SYS_SHARE}/cert-svc/dbspace
214 %{TZ_SYS_SHARE}/cert-svc/certs/ssl
218 %defattr(-,root,root,-)
220 %{_libdir}/pkgconfig/*
221 %{_libdir}/libcert-svc.so
222 %{_libdir}/libcert-svc-vcore.so
224 %if 0%{?certsvc_test_build}
226 %defattr(644,system,system,755)
227 %attr(755,root,root) %{TZ_SYS_BIN}/cert-svc-test*
228 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed/*
229 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed_negative_hash/*
230 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed_negative_signature/*
231 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed_negative_certificate/*
232 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed_partner/*
233 %{TZ_SYS_RO_APP}/widget/tests/vcore_widget_uncompressed_partner_operator/*
234 %{TZ_SYS_RO_APP}/widget/tests/vcore_keys/*
235 %{TZ_SYS_RO_APP}/widget/tests/vcore_certs/*
236 %{TZ_SYS_RO_APP}/widget/tests/vcore_config/*
237 %{TZ_SYS_RO_APP}/widget/tests/pkcs12/*
238 %{TZ_SYS_RO_APP}/widget/tests/reference/*
239 %{TZ_SYS_ETC}/ssl/certs/8956b9bc.0
240 %{TZ_SYS_SHARE}/ca-certificates/wac/root_cacert0.pem
241 %{TZ_SYS_SHARE}/cert-svc/pkcs12/*
242 %{TZ_SYS_SHARE}/cert-svc/cert-type/*
243 %{TZ_SYS_SHARE}/cert-svc/tests/orig_c/data/caflag/*
244 %{TZ_SYS_SHARE}/cert-svc/certs/root_ca*.der
245 %{TZ_SYS_SHARE}/cert-svc/certs/second_ca*.der
246 %{TZ_SYS_SHARE}/cert-svc/tests/*