diff --git a/mbedtls-2.4-config-enable-pkcs11.patch b/mbedtls-2.4-config-enable-pkcs11.patch deleted file mode 100644 index fd31bbc..0000000 --- a/mbedtls-2.4-config-enable-pkcs11.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- include/mbedtls/config.h.orig 2017-03-29 12:55:55.677132417 +0200 -+++ include/mbedtls/config.h 2017-03-29 12:56:09.476057072 +0200 -@@ -2109,7 +2109,7 @@ - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ --//#define MBEDTLS_PKCS11_C -+#define MBEDTLS_PKCS11_C - - /** - * \def MBEDTLS_PKCS12_C diff --git a/mbedtls-2.7-config-enable-threading-pthread.patch b/mbedtls-2.7-config-enable-threading-pthread.patch deleted file mode 100644 index f9c02af..0000000 --- a/mbedtls-2.7-config-enable-threading-pthread.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- include/mbedtls/config.h.orig 2018-02-05 12:36:59.000000000 +0100 -+++ include/mbedtls/config.h 2018-02-06 14:37:48.911218309 +0100 -@@ -1431,7 +1431,7 @@ - * - * Uncomment this to enable pthread mutexes. - */ --//#define MBEDTLS_THREADING_PTHREAD -+#define MBEDTLS_THREADING_PTHREAD - - /** - * \def MBEDTLS_VERSION_FEATURES -@@ -2508,7 +2508,7 @@ - * - * Enable this layer to allow use of mutexes within mbed TLS - */ --//#define MBEDTLS_THREADING_C -+#define MBEDTLS_THREADING_C - - /** - * \def MBEDTLS_TIMING_C diff --git a/mbedtls.spec b/mbedtls.spec index 3f69e58..ffa89d5 100644 --- a/mbedtls.spec +++ b/mbedtls.spec @@ -4,29 +4,23 @@ Name: mbedtls Version: 2.14.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Light-weight cryptographic and SSL/TLS library Group: System Environment/Libraries License: ASL 2.0 URL: https://tls.mbed.org/ Source0: https://tls.mbed.org/download/%{name}-%{version}-apache.tgz -# mbed TLS way of enabling features -Patch0: mbedtls-2.4-config-enable-pkcs11.patch -Patch1: mbedtls-2.7-config-enable-threading-pthread.patch - BuildRequires: gcc-c++ BuildRequires: cmake BuildRequires: perl-interpreter BuildRequires: doxygen BuildRequires: graphviz BuildRequires: pkcs11-helper-devel +BuildRequires: zlib-devel Requires: pkcs11-helper -%if 0%{?rhel} == 5 -%endif - # replace polarssl with mbedtls Obsoletes: polarssl < 1.3.10 @@ -72,33 +66,35 @@ developing applications that use %{name}. %package doc Summary: Documentation files for %{name} Group: Documentation -%if 0%{?fedora} || 0%{?rhel} >= 6 BuildArch: noarch -%endif %description doc The %{name}-doc package contains documentation. %prep -%setup -q -%patch0 -%patch1 +%autosetup -%build -%cmake -D CMAKE_BUILD_TYPE:String="Release" -D USE_SHARED_MBEDTLS_LIBRARY:BOOL=1 -D USE_PKCS11_HELPER_LIBRARY:BOOL=1 . +sed -i 's|//\(#define MBEDTLS_PKCS11_C\)|\1|' include/mbedtls/config.h +sed -i 's|//\(#define MBEDTLS_HAVEGE_C\)|\1|' include/mbedtls/config.h +sed -i 's|//\(#define MBEDTLS_THREADING_C\)|\1|' include/mbedtls/config.h +sed -i 's|//\(#define MBEDTLS_THREADING_PTHREAD\)|\1|' include/mbedtls/config.h +sed -i 's|//\(#define MBEDTLS_ZLIB_SUPPORT\)|\1|' include/mbedtls/config.h -%if 0%{?rhel} == 5 -sed -e 's/libmbedtls.so$/libmbedtls.so.%{version}/' -i tests/CMakeFiles/test_suite_*.dir/build.make -%endif +%build +%cmake \ + -DCMAKE_BUILD_TYPE=Release \ + -DLINK_WITH_PTHREAD=ON \ + -DUSE_PKCS11_HELPER_LIBRARY=ON \ + -DENABLE_ZLIB_SUPPORT=ON \ + -DINSTALL_MBEDTLS_HEADERS=ON \ + -DUSE_SHARED_MBEDTLS_LIBRARY=ON \ + -DUSE_STATIC_MBEDTLS_LIBRARY=ON make %{?_smp_mflags} all apidoc %install -%if 0%{?fedora} || 0%{?rhel} >= 6 %make_install -%else -make DESTDIR=$RPM_BUILD_ROOT install -%endif + mkdir -p $RPM_BUILD_ROOT%{_libexecdir} mv $RPM_BUILD_ROOT%{_bindir} $RPM_BUILD_ROOT%{_libexecdir}/mbedtls @@ -129,6 +125,10 @@ LD_LIBRARY_PATH=$PWD/library ctest --output-on-failure -V %doc apidoc/* %changelog +* Thu Dec 20 2018 Morten Stevens - 2.14.1-2 +- Spec file improvements +- Enabled zlib support + * Fri Dec 07 2018 Morten Stevens - 2.14.1-1 - Update to 2.14.1 - CVE-2018-19608 (#1656784)