Init deb packaging

- rpm: Simplify script and list wolfSSL as packager - add packaging github action
2023-08-09 00:39:55 +02:00 · 2023-08-09 00:39:55 +02:00 · 7a12202675
commit 7a12202675
parent 827287000c
15 changed files with 438 additions and 155 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -36,6 +36,8 @@ jobs:
        uses: ./.github/workflows/curl.yml
    krb5:
        uses: ./.github/workflows/krb5.yml
+    packaging:
+        uses: ./.github/workflows/packaging.yml
 # TODO: Currently this test fails. Enable it once it becomes passing.        
 #    haproxy:
 #        uses: ./.github/workflows/haproxy.yml
--- a/.github/workflows/packaging.yml
+++ b/.github/workflows/packaging.yml
@ -0,0 +1,38 @@
+name: Packaging Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Package wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+
+      - name: Configure wolfSSL
+        run: |
+          autoreconf -ivf
+          ./configure --enable-distro --disable-examples --disable-silent-rules
+
+      - name: Build wolfSSL .deb
+        run: make deb-docker
+
+      - name: Build wolfSSL .rpm
+        run: make rpm-docker
+
+      - name: Confirm packages built
+        run: |
+          DEB_COUNT=$(find -name 'libwolfssl*.deb' | wc -l)
+          if [ "$DEB_COUNT" != "2" ]; then
+            echo Did not find exactly two deb packages!!!
+            exit 1
+          fi
+          RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
+          if [ "$RPM_COUNT" != "4" ]; then
+            echo Did not find exactly four rpm packages!!!
+            exit 1
+          fi
--- a/.gitignore
+++ b/.gitignore
@ -424,3 +424,8 @@ user_settings_asm.h

 # MagicCrypto (ARIA Cipher)
 MagicCrypto
+
+# debian packaging
+debian/changelog
+debian/control
+*.deb
--- a/Docker/packaging/debian/Dockerfile
+++ b/Docker/packaging/debian/Dockerfile
@ -0,0 +1,6 @@
+FROM debian:latest
+
+RUN apt-get -y update
+RUN apt-get -y upgrade
+RUN apt-get install -y build-essential autoconf gawk debhelper lintian
+
--- a/Docker/packaging/fedora/Dockerfile
+++ b/Docker/packaging/fedora/Dockerfile
@ -0,0 +1,3 @@
+FROM fedora:latest
+
+RUN dnf install -y make automake gcc rpmdevtools
--- a/19
+++ b/19
@ -309,3 +309,22 @@ We also have vcpkg ports for wolftpm, wolfmqtt and curl.

    Run the benchmark against LMS/HSS with:
    $ ./wolfcrypt/benchmark/benchmark -lms_hss
+
+18. Building for Debian, Ubuntu, Linux Mint, and derivatives
+
+    To generate a .deb package, configure wolfSSL with the desired
+    configuration. Then run `make deb` to generate a Debian package
+    with the current configuration. To build the package inside a
+    Docker container, use `make deb-docker`. In both cases the
+    resulting packages are placed in the root directory of the
+    project.
+
+18. Building for RHEL, Fedora, CentOS, SUSE, and openSUSE
+
+    To generate a .rpm package, configure wolfSSL with the desired
+    configuration. Then run `make rpm` to generate a .rpm package
+    with the current configuration. To build the package inside a
+    Docker container, use `make rpm-docker`. In both cases the
+    resulting packages are placed in the root directory of the
+    project.
+
--- a/Makefile.am
+++ b/Makefile.am
@ -176,6 +176,7 @@ include examples/include.am
 include testsuite/include.am
 include tests/include.am
 include sslSniffer/sslSnifferTest/include.am
+include debian/include.am
 include rpm/include.am
 include linuxkm/include.am
 include zephyr/include.am
--- a/2
+++ b/2
@ -5,7 +5,7 @@ library written in ANSI C and targeted for embedded, RTOS, and
 resource-constrained environments - primarily because of its small size, speed,
 and feature set.  It is commonly used in standard operating environments as well
 because of its royalty-free pricing and excellent cross platform support.
-wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2
+wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers
 such as ChaCha20, Curve25519, and Blake2b. User benchmarking and feedback
 reports dramatically better performance when using wolfSSL over OpenSSL.
--- a/configure.ac
+++ b/configure.ac
@ -71,6 +71,9 @@ AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
       AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY"
       ])

+WOLFSSL_BUILD_DATE=$(date -R)
+AC_SUBST([WOLFSSL_BUILD_DATE])
+

 # Moved these size of and type checks before the library checks.
 # The library checks add the library to subsequent test compiles
@ -9020,6 +9023,8 @@ AC_CONFIG_FILES([Makefile
        wolfssl/version.h
        wolfssl/options.h
        support/wolfssl.pc
+        debian/control
+        debian/changelog
        rpm/spec
        wolfcrypt/test/test_paths.h
        ])
--- a/debian/changelog.in
+++ b/debian/changelog.in
@ -0,0 +1,7 @@
+wolfssl (@VERSION@) stable; urgency=medium
+
+  * For a full changelog see 
+    https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md
+
+ -- wolfSSL <support@wolfssl.com>  @WOLFSSL_BUILD_DATE@
+
--- a/debian/control.in
+++ b/debian/control.in
@ -0,0 +1,44 @@
+Source: wolfssl
+Maintainer: wolfSSL <support@wolfssl.com>
+Section: libs
+Priority: optional
+Standards-Version: 4.6.2
+Build-Depends: debhelper-compat (= 13)
+Vcs-Git: https://github.com/wolfSSL/wolfssl.git
+Vcs-browser: https://github.com/wolfSSL/wolfssl
+Homepage: https://www.wolfssl.com/
+
+Package: libwolfssl
+Architecture: any
+Section: libs
+Priority: optional
+Pre-Depends:
+Depends: 
+ ${shlibs:Depends},
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
+Package: libwolfssl-dev
+Architecture: any
+Section: libdevel
+Priority: optional
+Pre-Depends:
+Depends:
+ libwolfssl (= ${binary:Version}),
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
--- a/debian/copyright
+++ b/debian/copyright
@ -0,0 +1,217 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: wolfssl
+Upstream-Contact: David Garske <david@wolfssl.com>
+Source: https://github.com/wolfssl/wolfssl/releases
+
+Files:
+ *
+Copyright:
+ 2006-2023 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ zephyr/Kconfig
+Copyright:
+ 2016 Intel Corporation
+License: Apache-2.0
+
+Files:
+ zephyr/Kconfig.tls-generic
+Copyright:
+ 2018 Intel Corporation
+ 2018 Nordic Semiconductor ASA
+License: Apache-2.0
+
+Files:
+ wolfcrypt/src/camellia.c
+ wolfssl/wolfcrypt/camellia.h
+Copyright:
+ 2006-2007 NTT (Nippon Telegraph and Telephone Corporation)
+ 2006-2016 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ m4/ax_append_link_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_pthread.m4
+Copyright:
+ 2008 Steven G. Johnson <stevenj@alum.mit.edu>
+ 2011 Daniel Richard G. <skunk@iSKUNK.ORG>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_check_library.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_flag.m4
+ m4/ax_check_compile_flag.m4
+ m4/ax_check_link_flag.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_compile_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_tls.m4
+Copyright:
+ 2008 Alan Woodland <ajw05@aber.ac.uk>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_create_generic_config.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_compiler_version.m4
+ m4/ax_debug.m4
+ m4/ax_harden_compiler_flags.m4
+ m4/ax_vcs_checkout.m4
+Copyright:
+ 2012 Brian Aker
+License: BSD-3-clause
+
+Files:
+ m4/ax_append_to_file.m4
+ m4/ax_file_escapes.m4
+ m4/ax_print_to_file.m4
+Copyright:
+ 2008 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_add_am_macro.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_am_jobserver.m4
+Copyright:
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+License: FSFAP
+
+Files:
+ m4/ax_am_macros.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_count_cpus.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+ 2008 Christophe Tournayre <turn3r@users.sourceforge.net>
+License: FSFAP
+
+Files:
+ debian/*
+Copyright:
+ 2014-2022 Felix Lechner <felix.lechner@lease-up.com>
+License: GPL-2+
+
+
+License: FSFAP
+ Copying and distribution of this file, with or without modification, are
+ permitted in any medium without royalty provided the copyright notice
+ and this notice are preserved. This file is offered as-is, without any
+ warranty.
+
+
+License: GPL-2+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+
+License: GPL-3+-with-autoconf
+ This program is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by the
+ Free Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+ Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program. If not, see <http://www.gnu.org/licenses/>.
+ .
+ As a special exception, the respective Autoconf Macro's copyright owner
+ gives unlimited permission to copy, distribute and modify the configure
+ scripts that are the output of Autoconf when processing the Macro. You
+ need not follow the terms of the GNU General Public License when using
+ or distributing such scripts, even though portions of the text of the
+ Macro appear in them. The GNU General Public License (GPL) does govern
+ all other use of the material that constitutes the Autoconf Macro.
+ .
+ This special exception to the GPL applies to versions of the Autoconf
+ Macro released by the Autoconf Archive. When you make and distribute a
+ modified version of the Autoconf Macro, you may extend this special
+ exception to the GPL to apply to your modified version as well.
+
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+     * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+     * Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following disclaimer
+ in the documentation and/or other materials provided with the
+ distribution.
+ .
+     * The names of its contributors may not be used to endorse or
+ promote products derived from this software without specific prior
+ written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+License: Apache-2.0
+ On modern Debian systens, the text of this license can be found
+ at:  /usr/share/common-licenses/Apache-2.0
+
--- a/debian/include.am
+++ b/debian/include.am
@ -0,0 +1,77 @@
+# vim:ft=automake
+
+DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
+
+deb:
+# Setup meta folders
+	mkdir -p debian/libwolfssl/DEBIAN debian/libwolfssl-dev/DEBIAN
+# "Install" wolfSSL
+	make install exec_prefix=$(CURDIR)/debian/libwolfssl/usr \
+		prefix=$(CURDIR)/debian/libwolfssl-dev/usr
+# deb shared lib stuff
+	fakeroot dh_makeshlibs
+	dh_shlibdeps
+	dh_installdeb
+# Generate the lib and src descriptions
+	fakeroot dh_gencontrol
+# Make adjustments to the package structure and to satisfy lintian checks
+# Correct doc dir name
+	@rm -rf debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+	@mv debian/libwolfssl-dev/usr/share/doc/wolfssl \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Clear lib folder
+	@rm -rf debian/libwolfssl-dev/usr/lib
+	@mkdir -p debian/libwolfssl-dev/usr/lib
+# Move the top level .so into the dev pkg
+	@mv debian/libwolfssl/usr/lib/libwolfssl.so debian/libwolfssl-dev/usr/lib
+# Create correct pkg doc dir
+	@rm -rf debian/libwolfssl/usr/share/doc/libwolfssl
+	@mkdir -p debian/libwolfssl/usr/share/doc/libwolfssl
+# Place changelog
+	@gzip -n -9 -c debian/changelog | \
+		tee debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz > \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz
+# Place copyright
+	@cp debian/copyright debian/libwolfssl/usr/share/doc/libwolfssl
+	@cp debian/copyright debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Remove .la file https://wiki.debian.org/ReleaseGoals/LAFileRemoval
+	@rm debian/libwolfssl/usr/lib/libwolfssl.la
+# Strip unwanted symbols
+# https://www.debian.org/doc/debian-policy/ch-files.html#binaries
+	@strip --strip-unneeded debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+# Place pkgconfig so that it is available for cross-compilation
+# https://lintian.debian.org/tags/pkg-config-unavailable-for-cross-compilation
+	@rm -rf debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+	@mkdir -p debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+	@mv debian/libwolfssl/usr/lib/pkgconfig \
+		debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+# Set the expected access rules
+	@chmod 644 debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+	@chmod 644 debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz \
+		debian/libwolfssl/usr/share/doc/libwolfssl/copyright \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/copyright
+# Do this as the last step to mark all directories with the correct access bits
+	@find debian/libwolfssl*/usr -type d | xargs chmod 755
+# Generate debs
+	dpkg-deb --root-owner-group -b debian/libwolfssl .
+	dpkg-deb --root-owner-group -b debian/libwolfssl-dev .
+# Check that everything is correct with lintian
+# - we don't provide a manual page for wolfssl-config
+# - we don't care about matching the soname for our debs
+	lintian *.deb --fail-on error,warning --tag-display-limit 0 \
+		--suppress-tags no-manual-page,package-name-doesnt-match-sonames
+# Clean up the working dirs
+	make deb-clean
+
+deb-docker:
+	docker build -t "debian-builder:Dockerfile" Docker/packaging/debian
+	docker run --rm -v $(CURDIR):/opt/wolfssl debian-builder:Dockerfile \
+		bash -c 'cd /opt/wolfssl && ./config.status --recheck && make deb && \
+				make clean deb-clean &> /dev/null'
+# To allow the user to keep using the configuration on the host
+	@./config.status --recheck &> /dev/null
+
+deb-clean:
+	rm -rf debian/libwolfssl debian/libwolfssl-dev debian/files \
+		debian/*.substvars debian/.debhelper
--- a/rpm/include.am
+++ b/rpm/include.am
@ -22,6 +22,13 @@ clean-rpm:

 rpm: rpm-build

+rpm-docker:
+	docker build -t "fedora-builder:Dockerfile" Docker/packaging/fedora
+	docker run --rm -v $(CURDIR):/opt/wolfssl fedora-builder:Dockerfile \
+		bash -c 'make -C /opt/wolfssl rpm'
+# To allow the user to keep using the configuration on the host
+	@./config.status --recheck &> /dev/null
+
 release: rpm-sign

 auto-rpmbuild:
--- a/rpm/spec.in
+++ b/rpm/spec.in
@ -15,7 +15,7 @@ BuildRequires: sed
 BuildRequires: tar
 URL: http://www.wolfssl.com/

-Packager: Brian Aker <brian@tangent.org>
+Packager: wolfSSL <support@wolfssl.com>

 Source: http://wolfssl.com/%{name}-%{version}.tar.gz
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
@ -51,6 +51,7 @@ fi
 %{__make} install  DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS=""
 mkdir -p $RPM_BUILD_ROOT/
 %{__rm} -f %{buildroot}/%{_libdir}/libwolfssl@LIBSUFFIX@.la
+%{__rm} -f %{buildroot}/%{_libdir}/libwolfssl.a

 %check

@ -78,165 +79,16 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_docdir}/wolfssl/README.txt
 %{_docdir}/wolfssl/QUIC.md

-%{_libdir}/libwolfssl@LIBSUFFIX@.so
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@.@WOLFSSL_LIBRARY_VERSION_SECOND@.@WOLFSSL_LIBRARY_VERSION_THIRD@
+%{_libdir}/libwolfssl@LIBSUFFIX@.so*

 %files devel
 %defattr(-,root,root,-)
 %doc AUTHORS ChangeLog.md COPYING README README.md
 %{_bindir}/wolfssl-config
-%{_includedir}/wolfssl/callbacks.h
-%{_includedir}/wolfssl/certs_test.h
-%{_includedir}/wolfssl/crl.h
-%{_includedir}/wolfssl/error-ssl.h
-%{_includedir}/wolfssl/ocsp.h
-%{_includedir}/wolfssl/openssl/aes.h
-%{_includedir}/wolfssl/openssl/asn1.h
-%{_includedir}/wolfssl/openssl/asn1t.h
-%{_includedir}/wolfssl/openssl/bio.h
-%{_includedir}/wolfssl/openssl/bn.h
-%{_includedir}/wolfssl/openssl/cms.h
-%{_includedir}/wolfssl/openssl/buffer.h
-%{_includedir}/wolfssl/openssl/camellia.h
-%{_includedir}/wolfssl/openssl/cmac.h
-%{_includedir}/wolfssl/openssl/compat_types.h
-%{_includedir}/wolfssl/openssl/conf.h
-%{_includedir}/wolfssl/openssl/crypto.h
-%{_includedir}/wolfssl/openssl/des.h
-%{_includedir}/wolfssl/openssl/dh.h
-%{_includedir}/wolfssl/openssl/dsa.h
-%{_includedir}/wolfssl/openssl/ec.h
-%{_includedir}/wolfssl/openssl/ec25519.h
-%{_includedir}/wolfssl/openssl/ec448.h
-%{_includedir}/wolfssl/openssl/ecdh.h
-%{_includedir}/wolfssl/openssl/ecdsa.h
-%{_includedir}/wolfssl/openssl/ed25519.h
-%{_includedir}/wolfssl/openssl/ed448.h
-%{_includedir}/wolfssl/openssl/engine.h
-%{_includedir}/wolfssl/openssl/err.h
-%{_includedir}/wolfssl/openssl/evp.h
-%{_includedir}/wolfssl/openssl/fips_rand.h
-%{_includedir}/wolfssl/openssl/hmac.h
-%{_includedir}/wolfssl/openssl/kdf.h
-%{_includedir}/wolfssl/openssl/lhash.h
-%{_includedir}/wolfssl/openssl/md4.h
-%{_includedir}/wolfssl/openssl/md5.h
-%{_includedir}/wolfssl/openssl/modes.h
-%{_includedir}/wolfssl/openssl/obj_mac.h
-%{_includedir}/wolfssl/openssl/objects.h
-%{_includedir}/wolfssl/openssl/ocsp.h
-%{_includedir}/wolfssl/openssl/opensslconf.h
-%{_includedir}/wolfssl/openssl/opensslv.h
-%{_includedir}/wolfssl/openssl/ossl_typ.h
-%{_includedir}/wolfssl/openssl/pem.h
-%{_includedir}/wolfssl/openssl/pkcs12.h
-%{_includedir}/wolfssl/openssl/pkcs7.h
-%{_includedir}/wolfssl/openssl/rand.h
-%{_includedir}/wolfssl/openssl/rc4.h
-%{_includedir}/wolfssl/openssl/ripemd.h
-%{_includedir}/wolfssl/openssl/rsa.h
-%{_includedir}/wolfssl/openssl/sha.h
-%{_includedir}/wolfssl/openssl/srp.h
-%{_includedir}/wolfssl/openssl/sha3.h
-%{_includedir}/wolfssl/openssl/ssl.h
-%{_includedir}/wolfssl/openssl/ssl23.h
-%{_includedir}/wolfssl/openssl/stack.h
-%{_includedir}/wolfssl/openssl/txt_db.h
-%{_includedir}/wolfssl/openssl/tls1.h
-%{_includedir}/wolfssl/openssl/ui.h
-%{_includedir}/wolfssl/openssl/x509.h
-%{_includedir}/wolfssl/openssl/x509_vfy.h
-%{_includedir}/wolfssl/openssl/x509v3.h
-%{_includedir}/wolfssl/options.h
-%{_includedir}/wolfssl/quic.h
-%{_includedir}/wolfssl/sniffer.h
-%{_includedir}/wolfssl/sniffer_error.h
-%{_includedir}/wolfssl/ssl.h
-%{_includedir}/wolfssl/test.h
-%{_includedir}/wolfssl/version.h
-%{_includedir}/wolfssl/wolfcrypt/aes.h
-%{_includedir}/wolfssl/wolfcrypt/arc4.h
-%{_includedir}/wolfssl/wolfcrypt/asn.h
-%{_includedir}/wolfssl/wolfcrypt/asn_public.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-impl.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-int.h
-%{_includedir}/wolfssl/wolfcrypt/blake2.h
-%{_includedir}/wolfssl/wolfcrypt/camellia.h
-%{_includedir}/wolfssl/wolfcrypt/chacha.h
-%{_includedir}/wolfssl/wolfcrypt/chacha20_poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/cmac.h
-%{_includedir}/wolfssl/wolfcrypt/coding.h
-%{_includedir}/wolfssl/wolfcrypt/compress.h
-%{_includedir}/wolfssl/wolfcrypt/cpuid.h
-%{_includedir}/wolfssl/wolfcrypt/cryptocb.h
-%{_includedir}/wolfssl/wolfcrypt/curve25519.h
-%{_includedir}/wolfssl/wolfcrypt/curve448.h
-%{_includedir}/wolfssl/wolfcrypt/des3.h
-%{_includedir}/wolfssl/wolfcrypt/dh.h
-%{_includedir}/wolfssl/wolfcrypt/dsa.h
-%{_includedir}/wolfssl/wolfcrypt/ecc.h
-%{_includedir}/wolfssl/wolfcrypt/eccsi.h
-%{_includedir}/wolfssl/wolfcrypt/ed25519.h
-%{_includedir}/wolfssl/wolfcrypt/ed448.h
-%{_includedir}/wolfssl/wolfcrypt/error-crypt.h
-%{_includedir}/wolfssl/wolfcrypt/ext_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/falcon.h
-%{_includedir}/wolfssl/wolfcrypt/dilithium.h
-%{_includedir}/wolfssl/wolfcrypt/sphincs.h
-%{_includedir}/wolfssl/wolfcrypt/fe_448.h
-%{_includedir}/wolfssl/wolfcrypt/fe_operations.h
-%{_includedir}/wolfssl/wolfcrypt/fips_test.h
-%{_includedir}/wolfssl/wolfcrypt/ge_448.h
-%{_includedir}/wolfssl/wolfcrypt/ge_operations.h
-%{_includedir}/wolfssl/wolfcrypt/hash.h
-%{_includedir}/wolfssl/wolfcrypt/hmac.h
-%{_includedir}/wolfssl/wolfcrypt/hpke.h
-%{_includedir}/wolfssl/wolfcrypt/integer.h
-%{_includedir}/wolfssl/wolfcrypt/kdf.h
-%{_includedir}/wolfssl/wolfcrypt/kyber.h
-%{_includedir}/wolfssl/wolfcrypt/logging.h
-%{_includedir}/wolfssl/wolfcrypt/md2.h
-%{_includedir}/wolfssl/wolfcrypt/md4.h
-%{_includedir}/wolfssl/wolfcrypt/md5.h
-%{_includedir}/wolfssl/wolfcrypt/mem_track.h
-%{_includedir}/wolfssl/wolfcrypt/memory.h
-%{_includedir}/wolfssl/wolfcrypt/misc.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_class.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_superclass.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs12.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs7.h
-%{_includedir}/wolfssl/wolfcrypt/poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/pwdbased.h
-%{_includedir}/wolfssl/wolfcrypt/random.h
-%{_includedir}/wolfssl/wolfcrypt/ripemd.h
-%{_includedir}/wolfssl/wolfcrypt/rc2.h
-%{_includedir}/wolfssl/wolfcrypt/rsa.h
-%{_includedir}/wolfssl/wolfcrypt/sakke.h
-%{_includedir}/wolfssl/wolfcrypt/settings.h
-%{_includedir}/wolfssl/wolfcrypt/sha.h
-%{_includedir}/wolfssl/wolfcrypt/sha256.h
-%{_includedir}/wolfssl/wolfcrypt/sha3.h
-%{_includedir}/wolfssl/wolfcrypt/sha512.h
-%{_includedir}/wolfssl/wolfcrypt/siphash.h
-%{_includedir}/wolfssl/wolfcrypt/signature.h
-%if "@INCLUDE_SP_INT@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/sp_int.h
-%endif
-%{_includedir}/wolfssl/wolfcrypt/srp.h
-%{_includedir}/wolfssl/wolfcrypt/tfm.h
-%{_includedir}/wolfssl/wolfcrypt/types.h
-%{_includedir}/wolfssl/wolfcrypt/visibility.h
-%{_includedir}/wolfssl/wolfcrypt/wc_encrypt.h
-%{_includedir}/wolfssl/wolfcrypt/wc_port.h
-%{_includedir}/wolfssl/wolfcrypt/wc_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/wolfevent.h
-%{_includedir}/wolfssl/wolfcrypt/wolfmath.h
-%{_includedir}/wolfssl/wolfio.h
+%{_includedir}/wolfssl/*.h
+%{_includedir}/wolfssl/wolfcrypt/*.h
+%{_includedir}/wolfssl/openssl/*.h
 %{_libdir}/pkgconfig/wolfssl.pc
-%if "@ENABLED_FIPS@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/fips.h
-%endif

 %changelog
 * Mon Oct 17 2022 Juliusz Sosinowicz <juliusz@wolfssl.com>