%global srcname gnutls

Summary:        A TLS protocol implementation
Name:           gnutls30
Version:        3.5.3
Release:        1%{?dist}
# The libraries are LGPLv2.1+ (packaged), utilities are GPLv3+ (unpackaged)
License:        LGPv2
URL:            https://www.gnutls.org/
# The sources have been modified with "hobble-gnutls -e" script to remove patented SRP code
#Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/%{srcname}-%{version}.tar.xz
#Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/%{srcname}-%{version}.tar.xz.sig
Source0:        %{srcname}-%{version}-hobbled.tar.xz

Patch0001:      0001-minitasn1-include-path-for-libdane.patch
Patch0002:      0002-no-getrandom-support.patch

BuildRequires:  zlib-devel, libidn-devel, gmp-devel, nettle-devel
BuildRequires:  unbound-devel

%description
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

%package dane
Summary:        A DANE protocol implementation for GnuTLS
Requires:       %{name}%{?_isa} = %{version}-%{release}

%description dane
This package contains library that implements the DANE protocol for verifying
TLS certificates through DNSSEC.

%package devel
Summary:        Development files for the gnutls30 package
Conflicts:      gnutls-devel
Requires:       %{name}%{?_isa} = %{version}-%{release}
Requires:       %{name}-dane%{?_isa} = %{version}-%{release}

%description devel
This package contains files needed for developing applications with
the GnuTLS library.

%prep
%setup -q -n %{srcname}-%{version}
%patch0001 -p1
%patch0002 -p1

%build

# libtasn1 >= 4.3 is required, using bundled version
# autogen-libopts-devel >= 5.18 is required, using bundled libopts

# NLS is disabled to avoid locales conflict with the gnutls package.

%configure \
  --disable-static \
  --disable-rpath \
  \
  --disable-doc \
  --disable-manpages \
  --disable-tools \
  --disable-guile \
  \
  --disable-nls \
  --without-tpm \
  --without-p11-kit \
  \
  --disable-non-suiteb-curves \
  --disable-srp-authentication \
  \
  --enable-cxx \
  --enable-libdane --with-unbound-root-key-file=/var/lib/unbound/root.key \
  --disable-openssl-compatiblity \
  \
  --with-included-libtasn1 \
  --enable-local-libopts

make %{?_smp_mflags}

%install
%make_install

# wipe libool archives
rm -f %{buildroot}%{_libdir}/*.la

%check
make check

%files
%{_libdir}/libgnutls.so.*
%{_libdir}/libgnutlsxx.so.*

%files dane
%{_libdir}/libgnutls-dane.so.*

%files devel
%{_includedir}/gnutls
%{_libdir}/pkgconfig/*.pc
%{_libdir}/*.so

%changelog
* Fri Aug 12 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 3.5.3-1
- initial library only package for EPEL 6