%global with_java 0 %global with_php 0 %global with_perl 1 %global with_python 0 %global with_wsf 0 %if %{with_php} %if "%{php_version}" < "5.6" %global ini_name lasso.ini %else %global ini_name 40-lasso.ini %endif %endif Summary: Liberty Alliance Single Sign On Name: lasso-epel Version: 2.5.1 Release: 8%{?dist} License: GPLv2+ Group: System Environment/Libraries Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz %if %{with_wsf} BuildRequires: cyrus-sasl-devel %endif BuildRequires: gtk-doc, libtool-ltdl-devel BuildRequires: glib2-devel >= 2.42, swig Requires: glib2 >= 2.42 BuildRequires: libxml2-devel, xmlsec1-devel, openssl-devel, xmlsec1-openssl-devel BuildRequires: zlib-devel, check-devel BuildRequires: libtool autoconf automake BuildRequires: python-six Url: http://lasso.entrouvert.org/ patch1: cflags.patch patch2: validate_idp_list_test.patch patch3: 0003-Choose-the-Reference-transform-based-on-the-chosen-S.patch patch4: 0004-Fix-ECP-signature-not-found-error-when-only-assertio.patch patch5: 0005-PAOS-Do-not-populate-Destination-attribute.patch patch6: 0006-tests-use-self-generated-certificate-to-sign-federat.patch patch7: 0007-Fix-signature-checking-on-unsigned-response-with-mul.patch patch8: 0008-lasso_saml20_login_process_response_status_and_asser.patch %description Lasso is a library that implements the Liberty Alliance Single Sign On standards, including the SAML and SAML2 specifications. It allows to handle the whole life-cycle of SAML based Federations, and provides bindings for multiple languages. %if %{with_perl} %package -n perl-lasso Summary: Liberty Alliance Single Sign On (lasso) Perl bindings Group: Development/Libraries BuildRequires: perl-generators BuildRequires: perl(Error) BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: perl(Test::More) Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) Requires: lasso%{?_isa} = %{version} %description -n perl-lasso Perl language bindings for the lasso (Liberty Alliance Single Sign On) library. %endif %if %{with_java} %package java Summary: Liberty Alliance Single Sign On (lasso) Java bindings Group: Development/Libraries BuildRequires: java-devel BuildRequires: jpackage-utils Requires: java-headless Requires: jpackage-utils Requires: lasso%{?_isa} = %{version} %description java Java language bindings for the lasso (Liberty Alliance Single Sign On) library. %endif %if %{with_php} %package php Summary: Liberty Alliance Single Sign On (lasso) PHP bindings Group: Development/Libraries BuildRequires: php-devel, expat-devel BuildRequires: python2 Requires: lasso%{?_isa} = %{version} Requires: php(zend-abi) = %{php_zend_api} Requires: php(api) = %{php_core_api} Provides: php-lasso = %{version}-%{release} Provides: php-lasso%{?_isa} = %{version}-%{release} %description php PHP language bindings for the lasso (Liberty Alliance Single Sign On) library. %endif %if %{with_python} %package python Summary: Liberty Alliance Single Sign On (lasso) Python bindings Group: Development/Libraries BuildRequires: python2-devel BuildRequires: python-lxml Requires: python Requires: lasso%{?_isa} = %{version} %description python Python language bindings for the lasso (Liberty Alliance Single Sign On) library. %endif %prep %setup -q -n lasso-%{version} %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %build autoreconf -vif %configure --prefix=%{_prefix} \ %if !%{with_java} --disable-java \ %endif %if !%{with_python} --disable-python \ %endif %if !%{with_perl} --disable-perl \ %endif %if %{with_php} --enable-php5=yes \ --with-php5-config-dir=%{php_inidir} \ %else --enable-php5=no \ %endif %if %{with_wsf} --enable-wsf \ --with-sasl2=%{_prefix}/sasl2 \ %endif # --with-html-dir=%{_datadir}/gtk-doc/html make %{?_smp_mflags} CFLAGS="%{optflags}" %check LD_LIBRARY_PATH=../../lasso/.libs \ make check %install #install -m 755 -d %{buildroot}%{_datadir}/gtk-doc/html make install exec_prefix=%{_prefix} DESTDIR=%{buildroot} find %{buildroot} -type f -name '*.la' -exec rm -f {} \; find %{buildroot} -type f -name '*.a' -exec rm -f {} \; # Perl subpackage %if %{with_perl} find %{buildroot} \( -name perllocal.pod -o -name .packlist \) -exec rm -v {} \; find %{buildroot}/usr/lib*/perl5 -type f -print | sed "s@^%{buildroot}@@g" > %{name}-perl-filelist if [ "$(cat %{name}-perl-filelist)X" = "X" ] ; then echo "ERROR: EMPTY FILE LIST" exit -1 fi %endif # PHP subpackage %if %{with_php} install -m 755 -d %{buildroot}%{_datadir}/php/lasso mv %{buildroot}%{_datadir}/php/lasso.php %{buildroot}%{_datadir}/php/lasso # rename the PHP config file when needed (PHP 5.6+) if [ "lasso.ini" != "%{ini_name}" ]; then mv %{buildroot}%{php_inidir}/lasso.ini \ %{buildroot}%{php_inidir}/%{ini_name} fi %endif # Remove bogus doc files rm -fr %{buildroot}%{_defaultdocdir}/lasso # Remove files shipped in RHEL rm -r %{buildroot}%{_libdir}/liblasso.so* rm -r %{buildroot}%{_libdir}/pkgconfig/lasso.pc rm -r %{buildroot}%{_includedir}/lasso %if %{with_perl} %files -n perl-lasso -f %{name}-perl-filelist %defattr(-,root,root) %endif %if %{with_java} %files java %defattr(-,root,root) %{_libdir}/java/libjnilasso.so %{_javadir}/lasso.jar %endif %if %{with_php} %files php %defattr(-,root,root) %attr(755,root,root) %{php_extdir}/lasso.so %config(noreplace) %attr(644,root,root) %{php_inidir}/%{ini_name} %attr(755,root,root) %dir %{_datadir}/php/lasso %attr(644,root,root) %{_datadir}/php/lasso/lasso.php %endif %if %{with_python} %files python %defattr(-,root,root) %{python_sitearch}/lasso.py* %{python_sitearch}/_lasso.so %endif %changelog * Fri Dec 22 2023 Xavier Bachelot - 2.5.1-8 - Convert to lasso-epel package to ship missing perl-lasso subpackage rhbz#2251952 * Wed Jun 2 2021 Jakub Hrozek - 2.5.1-8 - Fix Coverity warning introduced by the previous patch - Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses * Wed Jun 2 2021 Jakub Hrozek - 2.5.1-7 - Fix Coverity warning introduced by the previous patch - Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses * Wed Jun 2 2021 Jakub Hrozek - 2.5.1-6 - Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses * Tue Aug 6 2019 Jakub Hrozek - 2.5.1-5 - Resolves: #1719014 - Expired certificate prevents tests from running - Actually apply the patch file for the previous build - Related: #1730009 - lasso includes "Destination" attribute in SAML AuthnRequest populated with SP AssertionConsumerServiceURL when ECP workflow is used which leads to IdP-side errors * Tue Jul 23 2019 Jakub Hrozek - 2.5.1-4 - Resolves: #1730009 - lasso includes "Destination" attribute in SAML AuthnRequest populated with SP AssertionConsumerServiceURL when ECP workflow is used which leads to IdP-side errors * Sun Feb 10 2019 Jakub Hrozek - 2.5.1-3 - Resolves: #1634267 - ECP signature check fails with LASSO_DS_ERROR_SIGNATURE_NOT_FOUND when assertion signed instead of response * Fri Jun 17 2016 John Dennis - 2.5.1-2 - Rebase to upstream 2.5.1 Resolves: #1310860 - add validate_idp_list_test patch * Thu Jun 9 2016 John Dennis - 2.5.1-1 - Rebase to upstream 2.5.1 Resolves: #1310860 * Thu Sep 3 2015 John Dennis - 2.5.0-1 - Rebase to upstream, now includes our ECP patches, no need to patch any more Resolves: #1205342 * Tue Sep 1 2015 John Dennis - 2.4.1-8 - Add explicit minimum dependency on glib2 2.42, for some reason RPM is not automatically detecting the dependency Resolves: #1254989 * Wed Aug 19 2015 John Dennis - 2.4.1-7 - Add ECP support, brings Lasso up to current upstream tip + revised ECP patches Resolves: #1205342 * Mon Jun 22 2015 John Dennis - 2.4.1-6 - Add ECP support, brings Lasso up to current upstream tip + ECP patches Resolves: #1205342 * Fri Dec 5 2014 Simo Sorce - 2.4.1-5 - Add support for ADFS interoperability - Resolves: #1160803 * Thu Sep 11 2014 Simo Sorce - 2.4.1-4 - Add missing covscan related patches previously sent upstream - Related: #1120360 * Thu Sep 11 2014 Simo Sorce - 2.4.1-3 - ppc4le fails to build without autoreconf being run first - Resolves: #1140419 * Fri Sep 5 2014 Simo Sorce - 2.4.1-2 - Import packge in RHEL7 - Resolves: #1120360 * Thu Aug 28 2014 Simo Sorce - 2.4.1-1 - New upstream relase 2.4.1 - Drop patches as they have all been integrated upstream * Sun Aug 17 2014 Fedora Release Engineering - 2.4.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Jun 20 2014 Remi Collet - 2.4.0-4 - rebuild for https://fedoraproject.org/wiki/Changes/Php56 - add numerical prefix to extension configuration file - drop unneeded dependency on pecl - add provides php-lasso * Sat Jun 07 2014 Fedora Release Engineering - 2.4.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri Apr 25 2014 Simo Sorce - 2.4.0-2 - Fixes for arches where pointers and integers do not have the same size (ppc64, s390, etc..) * Mon Apr 14 2014 Stanislav Ochotnicky - 2.4.0-1 - Use OpenJDK instead of GCJ for java bindings * Sat Jan 11 2014 Simo Sorce 2.4.0-0 - Update to final 2.4.0 version - Drop all patches, they are now included in 2.4.0 - Change Source URI * Mon Dec 9 2013 Simo Sorce 2.3.6-0.20131125.5 - Add patches to fix rpmlint license issues - Add upstream patches to fix some build issues * Thu Dec 5 2013 Simo Sorce 2.3.6-0.20131125.4 - Add patch to support automake-1.14 for rawhide * Mon Nov 25 2013 Simo Sorce 2.3.6-0.20131125.3 - Initial packaging - Based on the spec file by Jean-Marc Liger - Code is updated to latest master via a jumbo patch while waiting for official upstream release. - Jumbo patch includes also additional patches sent to upstream list) to build on Fedora 20 - Perl bindings are disabled as they fail to build - Disable doc building as it doesn't ork correctly for now