2 Summary: Certification service
5 Group: Security/Certificate Management
7 Source0: %{name}-%{version}.tar.gz
9 BuildRequires: coreutils
10 BuildRequires: findutils
11 BuildRequires: pkgconfig(dlog)
12 BuildRequires: pkgconfig(klay)
13 BuildRequires: openssl3
14 BuildRequires: pkgconfig(openssl3)
15 BuildRequires: pkgconfig(libpcrecpp)
16 BuildRequires: pkgconfig(xmlsec1)
17 BuildRequires: pkgconfig(libxml-2.0)
18 BuildRequires: pkgconfig(libxslt)
19 BuildRequires: pkgconfig(libsystemd)
20 BuildRequires: pkgconfig(key-manager)
21 BuildRequires: pkgconfig(libtzplatform-config)
22 BuildRequires: pkgconfig(sqlite3)
23 BuildRequires: ca-certificates
24 BuildRequires: ca-certificates-devel
25 BuildRequires: ca-certificates-tizen-devel
26 BuildRequires: boost-devel
27 Requires: ca-certificates
28 Requires: ca-certificates-tizen
29 Requires: security-config
30 # to prevent auto require lower version of libc including examples/resource/player/bin/player
31 # https://fedoraproject.org/wiki/Packaging:AutoProvidesAndRequiresFiltering?rd=PackagingDrafts/AutoProvidesAndRequiresFiltering
32 %global __requires_exclude_from examples/
35 %global user_name security_fw
36 %global group_name security_fw
37 %global server_stream /tmp/.cert-server.socket
38 %global smack_domain_name System
40 %global bin_dir %{?TZ_SYS_BIN:%TZ_SYS_BIN}%{!?TZ_SYS_BIN:%_bindir}
41 %global lib_dir %{?TZ_SYS_LIB:%TZ_SYS_LIB}%{!?TZ_SYS_LIB:%_libdir}
42 %global etc_dir %{?TZ_SYS_ETC:%TZ_SYS_ETC}%{!?TZ_SYS_ETC:/opt/etc}
43 %global rw_data_dir %{?TZ_SYS_SHARE:%TZ_SYS_SHARE}%{!?TZ_SYS_SHARE:/opt/share}
44 %global ro_data_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE}%{!?TZ_SYS_RO_SHARE:%_datadir}
45 %global rw_app_dir %{?TZ_SYS_RW_APP:%TZ_SYS_RW_APP}%{!?TZ_SYS_RW_APP:/opt/usr/apps}
47 %global cert_svc_path %rw_data_dir/cert-svc
48 %global cert_svc_ro_path %ro_data_dir/cert-svc
49 %global cert_svc_db_path %cert_svc_path/dbspace
50 %global cert_svc_pkcs12 %cert_svc_path/pkcs12
51 %global cert_svc_ca_bundle %cert_svc_path/ca-certificate.crt
52 %global cert_svc_examples %cert_svc_ro_path/examples
53 %global cert_svc_tests %rw_app_dir/cert-svc-tests
59 Summary: Certification service (development files)
60 Group: Development/Libraries
61 Requires: %{name} = %{version}-%{release}
64 Certification service (development files)
67 Summary: Certification service (tests)
68 Group: Security/Testing
69 Requires: ca-certificates-tizen
70 Requires: %{name} = %{version}-%{release}
71 Requires: %{name}-test-binaries = %{version}-%{release}
74 Certification service (tests)
76 %package test-binaries
77 Summary: Certification service (test binaries)
78 Group: Security/Testing
80 Requires: %{name}-test = %{version}-%{release}
82 %description test-binaries
83 Certification service (test binaries)
89 %if 0%{?tizen_build_devel_mode}
90 export CFLAGS="$CFLAGS -DTIZEN_ENGINEER_MODE"
91 export CXXFLAGS="$CXXFLAGS -DTIZEN_ENGINEER_MODE"
92 export FFLAGS="$FFLAGS -DTIZEN_ENGINEER_MODE"
96 export CFLAGS="$CFLAGS -DTIZEN_EMULATOR_MODE"
97 export CXXFLAGS="$CXXFLAGS -DTIZEN_EMULATOR_MODE"
98 export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE"
101 # gcc v9 and new Tizen toolchain adds Wall and this code pretty much always checks string & buffer lenghts
102 export CFLAGS="$CFLAGS -Wno-stringop-truncation -Wno-stringop-overflow"
103 export CXXFLAGS="$CXXFLAGS -Wno-stringop-truncation -Wno-stringop-overflow"
105 %{!?build_type:%define build_type "Release"}
106 %cmake . -DVERSION=%version \
107 -DINCLUDEDIR=%_includedir \
108 -DUSER_NAME=%user_name \
109 -DGROUP_NAME=%group_name \
110 -DSERVER_STREAM=%server_stream \
111 -DSMACK_DOMAIN_NAME=%smack_domain_name \
112 -DRO_DATA_DIR=%ro_data_dir \
115 -DTZ_SYS_CA_CERTS=%TZ_SYS_CA_CERTS \
116 -DTZ_SYS_CA_CERTS_ORIG=%TZ_SYS_CA_CERTS_ORIG \
117 -DTZ_SYS_CA_BUNDLE=%TZ_SYS_CA_BUNDLE \
118 -DTZ_SYS_RO_CA_CERTS=%TZ_SYS_RO_CA_CERTS \
119 -DTZ_SYS_RO_CA_BUNDLE=%TZ_SYS_RO_CA_BUNDLE \
120 -DCERT_SVC_CA_BUNDLE=%cert_svc_ca_bundle \
121 -DCERT_SVC_PATH=%cert_svc_path \
122 -DCERT_SVC_RO_PATH=%cert_svc_ro_path \
123 -DCERT_SVC_PKCS12=%cert_svc_pkcs12 \
124 -DCERT_SVC_DB_PATH=%cert_svc_db_path \
125 -DCERT_SVC_TESTS=%cert_svc_tests \
126 -DCERT_SVC_EXAMPLES=%cert_svc_examples \
127 -DCMAKE_BUILD_TYPE=%build_type \
128 -DSYSTEMD_UNIT_DIR=%_unitdir
134 %install_service sockets.target.wants cert-server.socket
136 mkdir -p %buildroot%cert_svc_pkcs12
138 touch %buildroot%cert_svc_db_path/certs-meta.db-journal
140 ln -sf %TZ_SYS_CA_BUNDLE %buildroot%cert_svc_ca_bundle
145 systemctl stop cert-server.service
150 systemctl daemon-reload
153 systemctl start cert-server.socket
157 systemctl restart cert-server.socket
160 %postun -p /sbin/ldconfig
163 %manifest %name.manifest
165 %_unitdir/cert-server.service
166 %_unitdir/cert-server.socket
167 %_unitdir/sockets.target.wants/cert-server.socket
168 %_libdir/libcert-svc-vcore.so.*
170 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path
171 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12
172 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path
173 %attr(-, %{user_name}, %{group_name}) %cert_svc_ca_bundle
174 %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db
175 %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db-journal
176 %attr(-, %{user_name}, %{group_name}) %cert_svc_ro_path
179 %manifest %name.manifest
182 %_libdir/libcert-svc-vcore.so
185 %manifest %name.manifest
186 %bin_dir/cert-svc-test*
189 %cert_svc_tests/certs
190 %_libdir/libcert-svc-validator-plugin.so
192 %bin_dir/cert-svc-example*
195 %bin_dir/cert-svc-unit-tests
198 %manifest %name.manifest