packaging/cert-svc.spec

   1 %{!?build_type:%global build_type RELEASE}
   2
   3 Name:    cert-svc
   4 Summary: Certification service
   5 Version: 2.2.2
   6 Release: 0
   7 Group:   Security/Certificate Management
   8 License: Apache-2.0
   9 Source0: %{name}-%{version}.tar.gz
  10 BuildRequires: cmake
  11 BuildRequires: coreutils
  12 BuildRequires: findutils
  13 BuildRequires: pkgconfig(dlog)
  14 BuildRequires: pkgconfig(klay)
  15 BuildRequires: openssl3
  16 BuildRequires: pkgconfig(openssl3)
  17 BuildRequires: pkgconfig(libpcrecpp)
  18 BuildRequires: pkgconfig(xmlsec1)
  19 BuildRequires: pkgconfig(libxml-2.0)
  20 BuildRequires: pkgconfig(libxslt)
  21 BuildRequires: pkgconfig(libsystemd)
  22 BuildRequires: pkgconfig(key-manager)
  23 BuildRequires: pkgconfig(libtzplatform-config)
  24 BuildRequires: pkgconfig(sqlite3)
  25 BuildRequires: ca-certificates
  26 BuildRequires: ca-certificates-devel
  27 BuildRequires: ca-certificates-tizen-devel
  28 BuildRequires: boost-devel
  29
  30 %if "%{build_type}" == "COVERAGE"
  31 BuildRequires: lcov
  32 %endif
  33
  34 Requires: ca-certificates
  35 Requires: ca-certificates-tizen
  36 Requires: security-config
  37 # to prevent auto require lower version of libc including examples/resource/player/bin/player
  38 # https://fedoraproject.org/wiki/Packaging:AutoProvidesAndRequiresFiltering?rd=PackagingDrafts/AutoProvidesAndRequiresFiltering
  39 %global __requires_exclude_from examples/
  40
  41
  42 %global user_name security_fw
  43 %global group_name security_fw
  44 %global server_stream /tmp/.cert-server.socket
  45 %global smack_domain_name System
  46 %global coverage_dir    %{_datadir}/cert-svc-coverage
  47
  48 %global bin_dir                 %{?TZ_SYS_BIN:%TZ_SYS_BIN}%{!?TZ_SYS_BIN:%_bindir}
  49 %global lib_dir                 %{?TZ_SYS_LIB:%TZ_SYS_LIB}%{!?TZ_SYS_LIB:%_libdir}
  50 %global etc_dir                 %{?TZ_SYS_ETC:%TZ_SYS_ETC}%{!?TZ_SYS_ETC:/opt/etc}
  51 %global rw_data_dir             %{?TZ_SYS_SHARE:%TZ_SYS_SHARE}%{!?TZ_SYS_SHARE:/opt/share}
  52 %global ro_data_dir             %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE}%{!?TZ_SYS_RO_SHARE:%_datadir}
  53 %global rw_app_dir              %{?TZ_SYS_RW_APP:%TZ_SYS_RW_APP}%{!?TZ_SYS_RW_APP:/opt/usr/apps}
  54
  55 %global cert_svc_path           %rw_data_dir/cert-svc
  56 %global cert_svc_ro_path        %ro_data_dir/cert-svc
  57 %global cert_svc_db_path        %cert_svc_path/dbspace
  58 %global cert_svc_pkcs12         %cert_svc_path/pkcs12
  59 %global cert_svc_ca_bundle      %cert_svc_path/ca-certificate.crt
  60 %global cert_svc_examples       %cert_svc_ro_path/examples
  61 %global cert_svc_tests          %rw_app_dir/cert-svc-tests
  62
  63 %description
  64 Certification service
  65
  66 %package devel
  67 Summary:    Certification service (development files)
  68 Group:      Development/Libraries
  69 Requires:   %{name} = %{version}-%{release}
  70
  71 %description devel
  72 Certification service (development files)
  73
  74 %package test
  75 Summary:  Certification service (tests)
  76 Group:    Security/Testing
  77 Requires: ca-certificates-tizen
  78 Requires: %{name} = %{version}-%{release}
  79 Requires: %{name}-test-binaries = %{version}-%{release}
  80
  81 %description test
  82 Certification service (tests)
  83
  84 %package test-binaries
  85 Summary:  Certification service (test binaries)
  86 Group:    Security/Testing
  87 AutoReq:  no
  88 Requires: %{name}-test = %{version}-%{release}
  89
  90 %description test-binaries
  91 Certification service (test binaries)
  92
  93 %if "%{build_type}" == "COVERAGE"
  94 %package coverage
  95 Summary:    Certification service code coverage data
  96 Group:      Security/Testing
  97 Requires:   cert-svc-test = %{version}-%{release}
  98 Requires:   cert-svc-debugsource = %{version}-%{release}
  99 Requires:   lcov
 100 Requires:   gcc
 101
 102 %description coverage
 103 Certification service code coverage data
 104 %endif
 105
 106 %prep
 107 %setup -q
 108
 109 %build
 110 %if 0%{?tizen_build_devel_mode}
 111 export CFLAGS="$CFLAGS -DTIZEN_ENGINEER_MODE"
 112 export CXXFLAGS="$CXXFLAGS -DTIZEN_ENGINEER_MODE"
 113 export FFLAGS="$FFLAGS -DTIZEN_ENGINEER_MODE"
 114 %endif
 115
 116 %ifarch %{ix86}
 117 export CFLAGS="$CFLAGS -DTIZEN_EMULATOR_MODE"
 118 export CXXFLAGS="$CXXFLAGS -DTIZEN_EMULATOR_MODE"
 119 export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE"
 120 %endif
 121
 122 # gcc v9 and new Tizen toolchain adds Wall and this code pretty much always checks string & buffer lenghts
 123 export CFLAGS="$CFLAGS -Wno-stringop-truncation -Wno-stringop-overflow"
 124 export CXXFLAGS="$CXXFLAGS -Wno-stringop-truncation -Wno-stringop-overflow"
 125
 126 %cmake . -DVERSION=%version \
 127          -DINCLUDEDIR=%_includedir \
 128          -DUSER_NAME=%user_name \
 129          -DGROUP_NAME=%group_name \
 130          -DSERVER_STREAM=%server_stream \
 131          -DSMACK_DOMAIN_NAME=%smack_domain_name \
 132          -DRO_DATA_DIR=%ro_data_dir \
 133          -DBIN_DIR=%bin_dir \
 134          -DLIB_DIR=%lib_dir \
 135          -DTZ_SYS_CA_CERTS=%TZ_SYS_CA_CERTS \
 136          -DTZ_SYS_CA_CERTS_ORIG=%TZ_SYS_CA_CERTS_ORIG \
 137          -DTZ_SYS_CA_BUNDLE=%TZ_SYS_CA_BUNDLE \
 138          -DTZ_SYS_RO_CA_CERTS=%TZ_SYS_RO_CA_CERTS \
 139          -DTZ_SYS_RO_CA_BUNDLE=%TZ_SYS_RO_CA_BUNDLE \
 140          -DCERT_SVC_CA_BUNDLE=%cert_svc_ca_bundle \
 141          -DCERT_SVC_PATH=%cert_svc_path \
 142          -DCERT_SVC_RO_PATH=%cert_svc_ro_path \
 143          -DCERT_SVC_PKCS12=%cert_svc_pkcs12 \
 144          -DCERT_SVC_DB_PATH=%cert_svc_db_path \
 145          -DCERT_SVC_TESTS=%cert_svc_tests \
 146          -DCERT_SVC_EXAMPLES=%cert_svc_examples \
 147          -DCOVERAGE_DIR=%{coverage_dir} \
 148          -DCMAKE_BUILD_TYPE=%build_type \
 149          -DSYSTEMD_UNIT_DIR=%_unitdir
 150
 151 make %{?_smp_mflags}
 152
 153 %install
 154 %make_install
 155 %install_service sockets.target.wants cert-server.socket
 156
 157 mkdir -p %buildroot%cert_svc_pkcs12
 158
 159 touch %buildroot%cert_svc_db_path/certs-meta.db-journal
 160
 161 ln -sf %TZ_SYS_CA_BUNDLE %buildroot%cert_svc_ca_bundle
 162
 163 %preun
 164 # erase
 165 if [ $1 = 0 ]; then
 166     systemctl stop cert-server.service
 167 fi
 168
 169 %post
 170 /sbin/ldconfig
 171 systemctl daemon-reload
 172 # install
 173 if [ $1 = 1 ]; then
 174     systemctl start cert-server.socket
 175 fi
 176 # reinstall
 177 if [ $1 = 2 ]; then
 178     systemctl restart cert-server.socket
 179 fi
 180
 181 %postun -p /sbin/ldconfig
 182
 183 %files
 184 %manifest %name.manifest
 185 %license LICENSE
 186 %_unitdir/cert-server.service
 187 %_unitdir/cert-server.socket
 188 %_unitdir/sockets.target.wants/cert-server.socket
 189 %_libdir/libcert-svc-vcore.so.*
 190 %bin_dir/cert-server
 191 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path
 192 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12
 193 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path
 194 %attr(-, %{user_name}, %{group_name}) %cert_svc_ca_bundle
 195 %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db
 196 %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db-journal
 197 %attr(-, %{user_name}, %{group_name}) %cert_svc_ro_path
 198
 199 %files devel
 200 %manifest %name.manifest
 201 %_includedir/*
 202 %_libdir/pkgconfig/*
 203 %_libdir/libcert-svc-vcore.so
 204
 205 %files test
 206 %manifest %name.manifest
 207 %bin_dir/cert-svc-test*
 208 %dir %cert_svc_tests
 209 %cert_svc_tests/p12
 210 %cert_svc_tests/certs
 211 %_libdir/libcert-svc-validator-plugin.so
 212
 213 %bin_dir/cert-svc-example*
 214 %cert_svc_examples
 215
 216 %bin_dir/cert-svc-unit-tests
 217
 218 %files test-binaries
 219 %manifest %name.manifest
 220 %cert_svc_tests/apps
 221
 222 %if "%{build_type}" == "COVERAGE"
 223 %files coverage
 224 %manifest %{name}.manifest
 225 %license LICENSE
 226 %{bin_dir}/cert-svc-coverage.sh
 227 %coverage_dir
 228 %endif