source: projects/specs/branches/6/c/curl/curl-vl.spec @ 9671

%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}

Summary: A utility for getting files from remote servers (FTP, HTTP, and others).
Summary(ja): リモートサーバ(FTP,HTTPなど)からファイルを取得するためのユーティリティ
Name: curl 
Version: 7.32.0
Release: 9%{?_dist_release}

License: MIT
Group: Applications/Internet
URL: http://curl.haxx.se/

Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma

# make sure that NSS is initialized prior to calling PK11_GenerateRandom()
Patch1: 0001-curl-7.32.0-204126a5.patch
# avoid delay if FTP is aborted in CURLOPT_HEADERFUNCTION callback (#1005686)
Patch2: 0002-curl-7.32.0-c639d725.patch
# auth failure on duplicated 'WWW-Authenticate: Negotiate' header (#1093348)
Patch10: 0010-curl-7.32.0-ec5fde24.patch
# fix endless loop with GSSAPI proxy auth (patches by David Woodhouse, 
# #1118751)
Patch12: 0012-curl-7.32.0-gssapi.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
# prevent configure script from discarding -g in CFLAGS (#496778)
Patch102: 0102-curl-7.32.0-debug.patch
# make the curl tool link SSL libraries also used by src/tool_metalink.c
Patch103: 0103-curl-7.32.0-metalink.patch
# use localhost6 instead of ip6-localhost in the curl test-suite
Patch104: 0104-curl-7.19.7-localhost6.patch
# disable valgrind for certain test-cases (libssh2 problem)
Patch106: 0106-curl-7.21.0-libssh2-valgrind.patch
# work around valgrind bug (#678518)
Patch107: 0107-curl-7.21.4-libidn-valgrind.patch
# Fix character encoding of docs, which are of mixed encoding originally so
# a simple iconv can't fix them
Patch108: 0108-curl-7.32.0-utf8.patch

# Security fixes
Patch200: curl-7.32.0_CVE-2013-4545.patch
Patch210: http://curl.haxx.se/cve-2013-6422.patch
Patch220: curl-7.32.0_CVE-2014-0015-2.patch
Patch230: curl-7.32.0_CVE-2014-0138-2.patch
Patch240: http://curl.haxx.se/libcurl-reject-cert-ip-wildcards.patch
Patch250: curl-7.32.0_CVE-2014-3613.patch
Patch260: curl-7.32.0_CVE-2014-3620.patch
Patch270: curl-7.32.0_CVE-2014-3707.patch
Patch280: curl-7.32.0_CVE-2014-8150.patch
Patch290: curl-7.32.0-CVE-2015-3143.patch
Patch300: curl-7.32.0-CVE-2015-3145.patch
Patch310: curl-7.32.0-CVE-2015-3148.patch

BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: openssl-devel libidn-devel zlib-devel
BuildRequires: openldap-devel gnutls-devel
BuildRequires: openssh-server
BuildRequires: openssh-clients
BuildRequires: pkgconfig
%if "%{?_dist_release}" != "vl6"
BuildRequires: libssh2-devel
%endif
Requires: ca-certificates

Vendor: Project Vine
Distribution: Vine Linux
Packager: daisuke

%description
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.

%package devel
Summary: Files needed for building applications with libcurl.
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: openssl-devel libidn-devel zlib-devel

%description devel
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. The curl-devel
package includes files needed for developing applications which can
use cURL's capabilities internally.
#'


## to build compat32 for x86_64 architecture support
%package -n compat32-%{name}
Summary: A utility for getting files from remote servers (FTP, HTTP, and others).
Summary(ja): リモートサーバ(FTP,HTTPなど)からファイルを取得するためのユーティリティ
Group: System Environment/Libraries

%description -n compat32-%{name}
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. cURL is designed
to work without user interaction or any kind of interactivity. cURL
offers many useful capabilities, like proxy support, user
authentication, FTP upload, HTTP post, and file transfer resume.

%package -n compat32-%{name}-devel
Summary: Files needed for building applications with libcurl.
Group: Development/Libraries

%description -n compat32-%{name}-devel
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and
Dict servers, using any of the supported protocols. The curl-devel
package includes files needed for developing applications which can
use cURL's capabilities internally.
#'

%prep
%setup -q 

# upstream patches
%patch1 -p1
%patch2 -p1
%patch10 -p1
%patch12 -p1

# Fedora patches
%patch101 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%patch106 -p1
%patch107 -p1
%patch108 -p1

# Security fixes
%patch200 -p1 -b .CVE-2013-4545
%patch210 -p1 -b .CVE-2013-6422
%patch220 -p1 -b .CVE-2014-0015
%patch230 -p1 -b .CVE-2014-0138
%patch240 -p1 -b .CVE-2014-0139
%patch250 -p1 -b .CVE-2014-3613
%patch260 -p1 -b .CVE-2014-3620
%patch270 -p1 -b .CVE-2014-3707
%patch280 -p1 -b .CVE-2014-8150
%patch290 -p1 -b .CVE-2015-3143
%patch300 -p1 -b .CVE-2015-3145
%patch310 -p1 -b .CVE-2015-3148

%build
%configure \
  --with-ssl=%{_prefix} \
  --with-gnutls \
  --with-libidn \
  --enable-ipv6 \
  --enable-threaded-resolver \
  --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt \
%if "%{?_dist_release}" != "vl6"
  --with-libssh2 \
%endif
  --enable-ldaps \
  --disable-static

make %{?_smp_mflags}

%install
rm -rf $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT install

rm -rf $RPM_BUILD_ROOT%{_libdir}/lib*.{a,la}

%clean
rm -rf $RPM_BUILD_ROOT

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

%files
%defattr(-,root,root)
%doc CHANGES COPYING README
%doc docs/BUGS docs/CONTRIBUTE docs/examples docs/FAQ docs/FEATURES
%doc docs/INSTALL docs/INTERNALS docs/MANUAL docs/RESOURCES
%doc docs/TheArtOfHttpScripting docs/TODO
%{_bindir}/curl
#{_datadir}/curl/*
%{_libdir}/*.so.*
%{_mandir}/man1/*.1*

%files devel
%defattr(-,root,root)
%{_bindir}/curl-config
%{_includedir}/curl
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man1/curl-config.1*
%{_mandir}/man3/*


## to build compat32 for x86_64 architecture support
%if %{build_compat32}
%files -n compat32-%{name}
%defattr(-,root,root)
%{_libdir}/*.so.*

%files -n compat32-%{name}-devel
%defattr(-,root,root)
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%endif

%changelog
* Mon Jul 20 2015 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-9
- add patch10,12 from fc20
- update patch220,230 from fc20
- add Patch290 for fix CVE-2015-3143
- add Patch300 for fix CVE-2015-3145
- add Patch310 for fix CVE-2015-3148

* Sun Jan 11 2015 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-8
- add patch280 for fix CVE-2014-8150
- fix changelog typo...

* Sat Nov  8 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-7
- add patch270 for fix CVE-2014-3707
  (This pacth is from fc20, thanks)

* Sun Sep 14 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-6
- add patch250 for fix CVE-2014-3613
- add patch260 for fix CVE-2014-3620

* Tue Apr 15 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-5
- add patch230 for fix CVE-2014-0138 (wrong re-use of connections)
  this patch is from fc20, thanks.
- add patch240 for fix CVE-2014-0139 (IP address wildcard)

* Sat Feb  1 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-4
- add patch212 for fix CVE-2014-0015 (NTLM auth)

* Fri Dec 20 2013 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-3
- add patch210 for fix CVE-2013-6422 (certificate CN or SAN name field)

* Tue Dec  3 2013 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.32.0-2
- add patch200 for fix CVE-2013-4545 (cert name check ignore)

* Wed Sep 25 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 7.32.0-1
- new upstream release
- import upstream/fedora patches
- disable libssh2 on Vine Linux 6

* Thu Nov 29 2012 Daisuke SUZUKI <daisuke@linux.or.jp> 7.28.1-1
- new upstream reelase

* Sun Oct 28 2012 Daisuke SUZUKI <daisuke@linux.or.jp> 7.28.0-1
- update to 7.28.0
- add configure options
  - --enable-ssh2, --enable-threaded-resolver, --enable-ldaps
- add BR: libssh2-devel, openssh-clients, openssh-server, pkgconfig
  
- use ca-certificates package
  - --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt
  - R: ca-certificates

* Tue Feb 21 2012 NAKAMURA Kenta <kenta@vinelinux.org> 7.24.0-1
- new upstream release

* Sun Jul  3 2011 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.20.1-4
- add patch100 for fix CVE-2011-2192 (gssapi)
- add Vendor/Distri tags

* Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> 7.20.1-3
- rebuild with openssl-1.0.0c

* Sun Sep 26 2010 Shu KONNO <owa@bg.wakwak.com> 7.20.1-2
- rebuilt with rpm-4.8.1 for pkg-config

* Sun Apr 25 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.20.1-1
- new upstream release

* Thu Aug 13 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 7.19.6-1
- new upstream release with security fix

* Sat Jul 04 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 7.19.5-2
- added compat32 subpackages

* Tue May 19 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.19.5-1
- new upstream release
- use "_smp_mflags" flag

* Sat Apr 04 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 7.19.4-2
- rebuild with openldap-2.4.11
- add BR: openldap-devel
- remove static library

* Sat Mar 07 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 7.19.4-1
- new upstream release with security fix (CVE-2009-0037)

* Sun Jul  6 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.18.2-1
- new upstream release

* Tue Apr 15 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.18.1-1vl5
- new upstream release

* Wed Mar 26 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.18.0-1vl5
- new upstream release

* Thu Dec 13 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.17.1-0vl1
- new upstream release

* Wed Jul 11 2007 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.16.4-0vl1
- new upstream release

* Sat May 19 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.16.2-0vl2
- rebuilt with openssl-0.9.8e

* Sun May 13 2007 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.16.2-0vl1
- new upstream release

* Wed Mar 22 2006 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.15.3-0vl1
- new upstream release

* Tue Feb 28 2006 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.15.2-0vl1
- new upstream release
- add pkgconfig file to devel package

* Wed Dec  7 2005 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.15.1-0vl1
- new upstream release

* Tue Oct 18 2005 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.15.0-0vl1
- new upstream release

* Fri Sep  2 2005 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.14.1-0vl1
- new upstream release

* Mon Feb 14 2005 Satoshi MACHINO <machino@vinelinux.org> 7.13.0-0vl3
- added libidn, zlib in Requires
- added libidn-devel, zlib-devel in BuildPrereq
- added zlib-devel in curl-devel's Requires

* Sun Feb 13 2005 Satoshi MACHINO <machino@vinelinux.org> 7.13.0-0vl2
- added openssl-devel, libidn-devel in curl-devel's Requires

* Sun Feb 13 2005 Satoshi MACHINO <machino@vinelinux.org> 7.13.0-0vl1
- new upstream release

* Tue Mar 30 2004 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.11.1-0vl1
- new upstream release
- rebuild with openssl-0.9.7d

* Sun Sep 14 2003 HOTTA Michihide <hotta@net-newbie.com> 7.10.7-0vl1
- upstream release

* Sat Feb 15 2003 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.10.3-0vl2
- add %%{_datadir}/curl/* to %%files section

* Sun Jan 19 2003 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.10.3-0vl1
- source upgrade

* Wed Jul 24 2002 AKIYAMA Kazuhito <akiyama@yb3.so-net.ne.jp> 7.9.8-0vl1
- source upgrade
- add PreReq: ldconfig
- add %%{_libdir}/*.la to %%files devel section

* Sat Jan 12 2002 AKIYAMA Kazuhito <akiyama@karen.servepics.com> 7.9.2-2vl1
- build for VineSeed
- add Requires: openssl

* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Wed Jan  9 2002 Trond Eivind Glomsr.A綬d <teg@redhat.com> 7.9.2-1
- 7.9.2

* Fri Aug 17 2001 Nalin Dahyabhai <nalin@redhat.com>
- include curl-config in curl-devel
- update to 7.8 to fix memory leak and strlcat() symbol pollution from libcurl

* Wed Jul 18 2001 Crutcher Dunnavant <crutcher@redhat.com>
- added openssl-devel build req

* Mon May 21 2001 Tim Powers <timp@redhat.com>
- built for the distro

* Tue Apr 24 2001 Jeff Johnson <jbj@redhat.com>
- upgrade to curl-7.7.2.
- enable IPv6.

* Fri Mar  2 2001 Tim Powers <timp@redhat.com>
- rebuilt against openssl-0.9.6-1

* Thu Jan  4 2001 Tim Powers <timp@redhat.com>
- fixed mising ldconfigs
- updated to 7.5.2, bug fixes

* Mon Dec 11 2000 Tim Powers <timp@redhat.com>
- updated to 7.5.1

* Mon Nov  6 2000 Tim Powers <timp@redhat.com>
- update to 7.4.1 to fix bug #20337, problems with curl -c
- not using patch anymore, it's included in the new source. Keeping
  for reference

* Fri Oct 20 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix bogus req in -devel package

* Fri Oct 20 2000 Tim Powers <timp@redhat.com> 
- devel package needed defattr so that root owns the files

* Mon Oct 16 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 7.3
- apply vsprintf/vsnprintf patch from Colin Phipps via Debian

* Mon Aug 21 2000 Nalin Dahyabhai <nalin@redhat.com>
- enable SSL support
- fix packager tag
- move buildroot to %%{_tmppath}

* Tue Aug 1 2000 Tim Powers <timp@redhat.com>
- fixed vendor tag for bug #15028

* Mon Jul 24 2000 Prospector <prospector@redhat.com>
- rebuilt

* Tue Jul 11 2000 Tim Powers <timp@redhat.com>
- workaround alpha build problems with optimizations

* Mon Jul 10 2000 Tim Powers <timp@redhat.com>
- rebuilt

* Mon Jun 5 2000 Tim Powers <timp@redhat.com>
- put man pages in correct place
- use %%makeinstall

* Mon Apr 24 2000 Tim Powers <timp@redhat.com>
- updated to 6.5.2

* Wed Nov 3 1999 Tim Powers <timp@redhat.com>
- updated sources to 6.2
- gzip man page

* Mon Aug 30 1999 Tim Powers <timp@redhat.com>
- changed group

* Thu Aug 26 1999 Tim Powers <timp@redhat.com>
- changelog started
- general cleanups, changed prefix to /usr, added manpage to files section
- including in Powertools