# sitelib for noarch packages, sitearch for others (remove the unneeded one) %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Name: python-nss Version: 0.9 Release: 8%{?dist} Summary: Python bindings for Network Security Services (NSS) Group: Development/Languages License: MPLv1.1 or GPLv2+ or LGPLv2+ URL: :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot/mozilla/security/python/nss Source0: %{name}-%{version}.tar.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %global docdir %{_docdir}/%{name}-%{version} BuildRequires: python-devel BuildRequires: python-setuptools-devel BuildRequires: epydoc BuildRequires: python-docutils BuildRequires: nspr-devel BuildRequires: nss-devel %description This package provides Python bindings for Network Security Services (NSS) and the Netscape Portable Runtime (NSPR). NSS is a set of libraries supporting security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. Specific NSS implementations have been FIPS-140 certified. %prep %setup -q %build CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build %{__python} setup.py build_doc %install rm -rf $RPM_BUILD_ROOT %{__python} setup.py install -O1 --install-platlib %{python_sitearch} --skip-build --root $RPM_BUILD_ROOT %{__python} setup.py install_doc --docdir %{docdir} --skip-build --root $RPM_BUILD_ROOT # Remove execution permission from any example scripts find $RPM_BUILD_ROOT/%{docdir}/examples -type f | xargs chmod a-x # Set correct permissions on .so files chmod 0755 $RPM_BUILD_ROOT/%{python_sitearch}/nss/*.so %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) %doc %{docdir} %{python_sitearch}/* %changelog * Thu Jul 15 2010 John Dennis <jdennis@redhat.com> - 0.9-8 - Correct definciencies in auth_certificate_callback found in several of the example files and documentation. If you've copied that code you should merge those changes in. - Unicode objects now accepted as well as str objects for interfaces expecting a string. - Sockets were enhanced thusly: - Threads will now yield during blocking IO. - Socket.makefile() reimplemented file object methods that had been missing (readlines(), sendall(), and iteration) were implemented, makefile now just returns the same Socket object but increments an "open" ref count. Thus a Socket object behaves like a file object and must be closed once for each makefile() call before it's actually closed. - Sockets now support the iter protocol - Add Socket.readlines(), Socket.sendall() - The following classes were added: AuthKeyID BasicConstraints CRLDistributionPoint CRLDistributionPts CertificateExtension GeneralName SignedCRL DN RDN AVA CertificateRequest - The following module functions were added: nss.nss.nss_is_initialized() nss.nss.cert_crl_reason_from_name() nss.nss.cert_crl_reason_name() nss.nss.cert_general_name_type_from_name() nss.nss.cert_general_name_type_name() nss.nss.cert_usage_flags() nss.nss.decode_der_crl() nss.nss.der_universal_secitem_fmt_lines() nss.nss.import_crl() nss.nss.make_line_pairs() nss.nss.oid_dotted_decimal() nss.nss.oid_str() nss.nss.oid_tag() nss.nss.oid_tag_name() nss.nss.read_der_from_file() nss.nss.x509_alt_name() nss.nss.x509_ext_key_usage() nss.nss.x509_key_usage() - The following class methods and properties were added: Note: it's a method if the name is suffixed with (), a propety otherwise Socket.next() Socket.readlines() Socket.sendall() SSLSocket.next() SSLSocket.readlines() SSLSocket.sendall() AuthKeyID.key_id AuthKeyID.serial_number AuthKeyID.get_general_names() CRLDistributionPoint.issuer CRLDistributionPoint.get_general_names() CRLDistributionPoint.get_reasons() CertDB.find_crl_by_cert() CertDB.find_crl_by_name() Certificate.extensions CertificateExtension.critical CertificateExtension.name CertificateExtension.oid CertificateExtension.oid_tag CertificateExtension.value GeneralName.type_enum GeneralName.type_name GeneralName.type_string SecItem.der_to_hex() SecItem.get_oid_sequence() SecItem.to_hex() SignedCRL.delete_permanently() AVA.oid AVA.oid_tag AVA.value AVA.value_str DN.cert_uid DN.common_name DN.country_name DN.dc_name DN.email_address DN.locality_name DN.org_name DN.org_unit_name DN.state_name DN.add_rdn() DN.has_key() RDN.has_key() - The following module functions were removed: Note: use nss.nss.oid_tag() instead nss.nss.sec_oid_tag_from_name() nss.nss.sec_oid_tag_name() nss.nss.sec_oid_tag_str() - The following files were added: doc/examples/cert_dump.py test/test_cert_components.py - Apply patches from Miloslav TrmaÄ <mitr@redhat.com> for ref counting and threading support. Thanks Miloslav! - Review all ref counting, numerous ref counting fixes - Implement cyclic garbage collection support by adding object traversal and clear methods - Identify static variables, move to thread local storage - Remove python-nss specific httplib.py, no longer needed python-nss now compatible with standard library - Rewrite httplib_example.py to use standard library and illustrate ssl, non-ssl, connection class, http class usage * Wed Mar 24 2010 John Dennis <jdennis@redhat.com> - 0.8-2 - change %%define to %%global * Mon Sep 21 2009 John Dennis <jdennis@redhat.com> - 0.8-1 - The following methods, properties and functions were added: SecItem.type SecItem.len, SecItem.data PK11SymKey.key_data, PK11SymKey.key_length, PK11SymKey.slot create_context_by_sym_key param_from_iv generate_new_param get_iv_length get_block_size get_pad_mechanism - SecItem's now support indexing and slicing on their data - Clean up parsing and parameter validation of variable arg functions * Fri Sep 18 2009 John Dennis <jdennis@redhat.com> - 0.7-1 - add support for symmetric encryption/decryption more support for digests (hashes) The following classes were added: PK11SymKey PK11Context The following methods and functions were added: get_best_wrap_mechanism get_best_key_length key_gen derive get_key_length digest_key clone_context digest_begin digest_op cipher_op finalize digest_final read_hex hash_buf sec_oid_tag_str sec_oid_tag_name sec_oid_tag_from_name key_mechanism_type_name key_mechanism_type_from_name pk11_attribute_type_name pk11_attribute_type_from_name get_best_slot get_internal_key_slot create_context_by_sym_key import_sym_key create_digest_context param_from_iv param_from_algid generate_new_param algtag_to_mechanism mechanism_to_algtag The following files were added: cipher_test.py digest_test.py * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Thu Jul 9 2009 John Dennis <jdennis@redhat.com> - 0.6-2 - restore nss.nssinit(), make deprecated * Wed Jul 8 2009 John Dennis <jdennis@redhat.com> - 0.6-1 - fix bug #510343 client_auth_data_callback seg faults if False is returned from callback * Wed Jul 1 2009 John Dennis <jdennis@redhat.com> - 0.5-1 - restore ssl.nss_init and ssl.nss_shutdown but make them deprecated add __version__ string to nss module * Tue Jun 30 2009 John Dennis <jdennis@redhat.com> - 0.4-1 - add binding for NSS_NoDB_Init(), bug #509002 move nss_init and nss_shutdown from ssl module to nss module * Thu Jun 4 2009 John Dennis <jdennis@redhat.com> - 0.3-1 - installed source code in Mozilla CVS repository update URL tag to point to CVS repositoy (not yet a valid URL, still have to coordinate with Mozilla) minor tweak to src directory layout * Mon Jun 1 2009 John Dennis <jdennis@redhat.com> - 0.2-1 - Convert licensing to MPL tri-license - apply patch from bug #472805, (Miloslav TrmaÄ) Don't allow closing a socket twice, that causes crashes. New function nss.io.Socket.new_socket_pair() New function nss.io.Socket.poll() New function nss.io.Socket.import_tcp_socket() New method nss.nss.Certificate.get_subject_common_name() New function nss.nss.generate_random() Fix return value creation in SSLSocket.get_security_status New function nss.ssl.SSLSocket.import_tcp_socket() * Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.1-2 - Rebuild for Python 2.6 * Tue Sep 9 2008 John Dennis <jdennis@redhat.com> - 0.1-1 - clean up ssl_example.py, fix arg list in get_cert_nicknames, make certdir cmd line arg consistent with other NSS tools - update httplib.py to support client auth, add httplib_example.py which illustrates it's use - fix some documentation - fix some type usage which were unsafe on 64-bit * Wed Jul 9 2008 John Dennis <jdennis@redhat.com> - 0.0-2 - add docutils to build requires so restructured text works * Fri Jun 27 2008 John Dennis <jdennis@redhat.com> - 0.0-1 - initial release