import fwupd-1.4.2-4.el8
This commit is contained in:
parent
1554303a7f
commit
0cc62e157a
@ -1 +1,2 @@
|
||||
9777016b6b861676e3e88153f7b310e4d985871a SOURCES/fwupd-1.1.4.tar.xz
|
||||
c152547682cb354b69e4e1a89b53369dd42f3e53 SOURCES/fwupd-1.4.2.tar.xz
|
||||
6991b6879b438a4672e97c534d10737bc54e6f39 SOURCES/libjcat-0.1.2.tar.xz
|
||||
|
3
.gitignore
vendored
3
.gitignore
vendored
@ -1 +1,2 @@
|
||||
SOURCES/fwupd-1.1.4.tar.xz
|
||||
SOURCES/fwupd-1.4.2.tar.xz
|
||||
SOURCES/libjcat-0.1.2.tar.xz
|
||||
|
@ -1,28 +0,0 @@
|
||||
From d4a65700c5ed9544b6445213bd5f8a0dbc2cd1e5 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Hughes <richard@hughsie.com>
|
||||
Date: Fri, 29 Nov 2019 14:00:39 +0000
|
||||
Subject: [PATCH] Disable wacomhid by default as probing the device stops the
|
||||
tablet working
|
||||
|
||||
This is fixed properly in fwupd >= 1.2.2 but add this workaround here for
|
||||
stable distros that cannot rebase to a newer branch.
|
||||
---
|
||||
data/daemon.conf | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/data/daemon.conf b/data/daemon.conf
|
||||
index 51ab19f4..03965d88 100644
|
||||
--- a/data/daemon.conf
|
||||
+++ b/data/daemon.conf
|
||||
@@ -6,7 +6,7 @@ BlacklistDevices=
|
||||
|
||||
# Allow blacklisting specific plugins
|
||||
# Uses semicolons as delimiter
|
||||
-BlacklistPlugins=test
|
||||
+BlacklistPlugins=test;wacomhid
|
||||
|
||||
# Maximum archive size that can be loaded in Mb, with 0 for the default
|
||||
ArchiveSizeMax=0
|
||||
--
|
||||
2.23.0
|
||||
|
26
SOURCES/0001-Do-not-use-the-LVFS.patch
Normal file
26
SOURCES/0001-Do-not-use-the-LVFS.patch
Normal file
@ -0,0 +1,26 @@
|
||||
diff --git a/data/remotes.d/lvfs.conf b/data/remotes.d/lvfs.conf
|
||||
index 1249ef74..f533bf52 100644
|
||||
--- a/data/remotes.d/lvfs.conf
|
||||
+++ b/data/remotes.d/lvfs.conf
|
||||
@@ -1,7 +1,7 @@
|
||||
[fwupd Remote]
|
||||
|
||||
# this remote provides metadata and firmware marked as 'stable' from the LVFS
|
||||
-Enabled=true
|
||||
+Enabled=false
|
||||
Title=Linux Vendor Firmware Service
|
||||
MetadataURI=https://cdn.fwupd.org/downloads/firmware.xml.gz
|
||||
ReportURI=https://fwupd.org/lvfs/firmware/report
|
||||
diff --git a/libfwupd/fwupd-self-test.c b/libfwupd/fwupd-self-test.c
|
||||
index 679360b0..59660360 100644
|
||||
--- a/libfwupd/fwupd-self-test.c
|
||||
+++ b/libfwupd/fwupd-self-test.c
|
||||
@@ -182,7 +182,7 @@ fwupd_remote_download_func (void)
|
||||
g_assert_cmpint (fwupd_remote_get_kind (remote), ==, FWUPD_REMOTE_KIND_DOWNLOAD);
|
||||
g_assert_cmpint (fwupd_remote_get_keyring_kind (remote), ==, FWUPD_KEYRING_KIND_JCAT);
|
||||
g_assert_cmpint (fwupd_remote_get_priority (remote), ==, 0);
|
||||
- g_assert (fwupd_remote_get_enabled (remote));
|
||||
+// g_assert (fwupd_remote_get_enabled (remote));
|
||||
g_assert (fwupd_remote_get_metadata_uri (remote) != NULL);
|
||||
g_assert (fwupd_remote_get_metadata_uri_sig (remote) != NULL);
|
||||
g_assert_cmpstr (fwupd_remote_get_title (remote), ==, "Linux Vendor Firmware Service");
|
@ -1,220 +0,0 @@
|
||||
commit 58f79c3d235290c4cecccc1d55cbcc2da8e988a6
|
||||
Author: Richard Hughes <richard@hughsie.com>
|
||||
Date: Thu Aug 1 09:45:25 2019 +0100
|
||||
|
||||
Relax the certificate time checks in the self tests for the legacy certificate
|
||||
|
||||
One test verifies a firmware with a signature from the old LVFS which was
|
||||
hosted on secure-lvfs.rhcloud.com and used the original PKCS-7 key. This key
|
||||
had a two year validity (expiring today, ohh the naivety...) rather than the
|
||||
newer fwupd.org key which expires in the year 2058.
|
||||
|
||||
For this specific test only, disable the certificate time checks to fix CI.
|
||||
|
||||
Fixes https://github.com/hughsie/fwupd/issues/1264
|
||||
|
||||
diff --git a/src/fu-engine.c b/src/fu-engine.c
|
||||
index ac102cfa..1a57b0af 100644
|
||||
--- a/src/fu-engine.c
|
||||
+++ b/src/fu-engine.c
|
||||
@@ -1908,7 +1908,8 @@ fu_engine_get_existing_keyring_result (FuEngine *self,
|
||||
blob_sig = fu_common_get_contents_bytes (fwupd_remote_get_filename_cache_sig (remote), error);
|
||||
if (blob_sig == NULL)
|
||||
return NULL;
|
||||
- return fu_keyring_verify_data (kr, blob, blob_sig, error);
|
||||
+ return fu_keyring_verify_data (kr, blob, blob_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE, error);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1991,7 +1992,9 @@ fu_engine_update_metadata (FuEngine *self, const gchar *remote_id,
|
||||
pki_dir = g_build_filename (sysconfdir, "pki", "fwupd-metadata", NULL);
|
||||
if (!fu_keyring_add_public_keys (kr, pki_dir, error))
|
||||
return FALSE;
|
||||
- kr_result = fu_keyring_verify_data (kr, bytes_raw, bytes_sig, error);
|
||||
+ kr_result = fu_keyring_verify_data (kr, bytes_raw, bytes_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE,
|
||||
+ error);
|
||||
if (kr_result == NULL)
|
||||
return FALSE;
|
||||
|
||||
diff --git a/src/fu-keyring-gpg.c b/src/fu-keyring-gpg.c
|
||||
index af0bfbe0..a51ab7a4 100644
|
||||
--- a/src/fu-keyring-gpg.c
|
||||
+++ b/src/fu-keyring-gpg.c
|
||||
@@ -231,6 +231,7 @@ static FuKeyringResult *
|
||||
fu_keyring_gpg_verify_data (FuKeyring *keyring,
|
||||
GBytes *blob,
|
||||
GBytes *blob_signature,
|
||||
+ FuKeyringVerifyFlags flags,
|
||||
GError **error)
|
||||
{
|
||||
FuKeyringGpg *self = FU_KEYRING_GPG (keyring);
|
||||
diff --git a/src/fu-keyring-pkcs7.c b/src/fu-keyring-pkcs7.c
|
||||
index d48dc5d0..dc310d37 100644
|
||||
--- a/src/fu-keyring-pkcs7.c
|
||||
+++ b/src/fu-keyring-pkcs7.c
|
||||
@@ -182,6 +182,7 @@ static FuKeyringResult *
|
||||
fu_keyring_pkcs7_verify_data (FuKeyring *keyring,
|
||||
GBytes *blob,
|
||||
GBytes *blob_signature,
|
||||
+ FuKeyringVerifyFlags flags,
|
||||
GError **error)
|
||||
{
|
||||
FuKeyringPkcs7 *self = FU_KEYRING_PKCS7 (keyring);
|
||||
@@ -231,6 +232,14 @@ fu_keyring_pkcs7_verify_data (FuKeyring *keyring,
|
||||
for (gint i = 0; i < count; i++) {
|
||||
gnutls_pkcs7_signature_info_st info;
|
||||
gint64 signing_time = 0;
|
||||
+ gnutls_certificate_verify_flags verify_flags = 0;
|
||||
+
|
||||
+ /* use with care */
|
||||
+ if (flags & FU_KEYRING_VERIFY_FLAG_DISABLE_TIME_CHECKS) {
|
||||
+ g_debug ("WARNING: disabling time checks");
|
||||
+ verify_flags |= GNUTLS_VERIFY_DISABLE_TIME_CHECKS;
|
||||
+ verify_flags |= GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS;
|
||||
+ }
|
||||
|
||||
/* verify the data against the detached signature */
|
||||
rc = gnutls_pkcs7_verify (pkcs7, self->tl,
|
||||
@@ -238,7 +247,7 @@ fu_keyring_pkcs7_verify_data (FuKeyring *keyring,
|
||||
0, /* vdata_size */
|
||||
i, /* index */
|
||||
&datum, /* data */
|
||||
- 0); /* flags */
|
||||
+ verify_flags);
|
||||
if (rc < 0) {
|
||||
g_set_error (error,
|
||||
FWUPD_ERROR,
|
||||
diff --git a/src/fu-keyring-utils.c b/src/fu-keyring-utils.c
|
||||
index 0c5a7f04..465b4a02 100644
|
||||
--- a/src/fu-keyring-utils.c
|
||||
+++ b/src/fu-keyring-utils.c
|
||||
@@ -167,7 +167,9 @@ fu_keyring_get_release_trust_flags (AsRelease *release,
|
||||
fu_keyring_get_name (kr));
|
||||
return FALSE;
|
||||
}
|
||||
- kr_result = fu_keyring_verify_data (kr, blob_payload, blob_signature, &error_local);
|
||||
+ kr_result = fu_keyring_verify_data (kr, blob_payload, blob_signature,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE,
|
||||
+ &error_local);
|
||||
if (kr_result == NULL) {
|
||||
g_warning ("untrusted as failed to verify from %s keyring: %s",
|
||||
fu_keyring_get_name (kr),
|
||||
diff --git a/src/fu-keyring.c b/src/fu-keyring.c
|
||||
index d8a88e8c..9b582563 100644
|
||||
--- a/src/fu-keyring.c
|
||||
+++ b/src/fu-keyring.c
|
||||
@@ -40,13 +40,14 @@ FuKeyringResult *
|
||||
fu_keyring_verify_data (FuKeyring *keyring,
|
||||
GBytes *blob,
|
||||
GBytes *blob_signature,
|
||||
+ FuKeyringVerifyFlags flags,
|
||||
GError **error)
|
||||
{
|
||||
FuKeyringClass *klass = FU_KEYRING_GET_CLASS (keyring);
|
||||
g_return_val_if_fail (FU_IS_KEYRING (keyring), NULL);
|
||||
g_return_val_if_fail (blob != NULL, NULL);
|
||||
g_return_val_if_fail (blob_signature != NULL, NULL);
|
||||
- return klass->verify_data (keyring, blob, blob_signature, error);
|
||||
+ return klass->verify_data (keyring, blob, blob_signature, flags, error);
|
||||
}
|
||||
|
||||
const gchar *
|
||||
diff --git a/src/fu-keyring.h b/src/fu-keyring.h
|
||||
index 6e03694c..f097305d 100644
|
||||
--- a/src/fu-keyring.h
|
||||
+++ b/src/fu-keyring.h
|
||||
@@ -17,6 +17,20 @@ G_BEGIN_DECLS
|
||||
#define FU_TYPE_KEYRING (fu_keyring_get_type ())
|
||||
G_DECLARE_DERIVABLE_TYPE (FuKeyring, fu_keyring, FU, KEYRING, GObject)
|
||||
|
||||
+/**
|
||||
+ * FuKeyringVerifyFlags:
|
||||
+ * @FU_KEYRING_VERIFY_FLAG_NONE: No flags set
|
||||
+ * @FU_KEYRING_VERIFY_FLAG_DISABLE_TIME_CHECKS: Disable checking of validity periods
|
||||
+ *
|
||||
+ * The flags to use when interacting with a keyring
|
||||
+ **/
|
||||
+typedef enum {
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE = 0,
|
||||
+ FU_KEYRING_VERIFY_FLAG_DISABLE_TIME_CHECKS = 1 << 2,
|
||||
+ /*< private >*/
|
||||
+ FU_KEYRING_VERIFY_FLAG_LAST
|
||||
+} FuKeyringVerifyFlags;
|
||||
+
|
||||
struct _FuKeyringClass
|
||||
{
|
||||
GObjectClass parent_class;
|
||||
@@ -28,6 +42,7 @@ struct _FuKeyringClass
|
||||
FuKeyringResult *(*verify_data) (FuKeyring *keyring,
|
||||
GBytes *payload,
|
||||
GBytes *payload_signature,
|
||||
+ FuKeyringVerifyFlags flags,
|
||||
GError **error);
|
||||
};
|
||||
|
||||
@@ -39,6 +54,7 @@ gboolean fu_keyring_add_public_keys (FuKeyring *keyring,
|
||||
FuKeyringResult *fu_keyring_verify_data (FuKeyring *keyring,
|
||||
GBytes *blob,
|
||||
GBytes *blob_signature,
|
||||
+ FuKeyringVerifyFlags flags,
|
||||
GError **error);
|
||||
const gchar *fu_keyring_get_name (FuKeyring *self);
|
||||
void fu_keyring_set_name (FuKeyring *self,
|
||||
diff --git a/src/fu-self-test.c b/src/fu-self-test.c
|
||||
index 4f359614..98fac714 100644
|
||||
--- a/src/fu-self-test.c
|
||||
+++ b/src/fu-self-test.c
|
||||
@@ -1947,7 +1947,9 @@ fu_keyring_gpg_func (void)
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (blob_pass);
|
||||
blob_sig = g_bytes_new_static (sig_gpgme, strlen (sig_gpgme));
|
||||
- result_pass = fu_keyring_verify_data (keyring, blob_pass, blob_sig, &error);
|
||||
+ result_pass = fu_keyring_verify_data (keyring, blob_pass, blob_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE,
|
||||
+ &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (result_pass);
|
||||
g_assert_cmpint (fu_keyring_result_get_timestamp (result_pass), == , 1438072952);
|
||||
@@ -1960,7 +1962,8 @@ fu_keyring_gpg_func (void)
|
||||
blob_fail = fu_common_get_contents_bytes (fw_fail, &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (blob_fail);
|
||||
- result_fail = fu_keyring_verify_data (keyring, blob_fail, blob_sig, &error);
|
||||
+ result_fail = fu_keyring_verify_data (keyring, blob_fail, blob_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE, &error);
|
||||
g_assert_error (error, FWUPD_ERROR, FWUPD_ERROR_SIGNATURE_INVALID);
|
||||
g_assert_null (result_fail);
|
||||
g_clear_error (&error);
|
||||
@@ -2010,7 +2013,9 @@ fu_keyring_pkcs7_func (void)
|
||||
blob_sig = fu_common_get_contents_bytes (sig_fn, &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (blob_sig);
|
||||
- result_pass = fu_keyring_verify_data (keyring, blob_pass, blob_sig, &error);
|
||||
+ result_pass = fu_keyring_verify_data (keyring, blob_pass, blob_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_DISABLE_TIME_CHECKS,
|
||||
+ &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (result_pass);
|
||||
g_assert_cmpint (fu_keyring_result_get_timestamp (result_pass), >= , 1502871248);
|
||||
@@ -2022,7 +2027,8 @@ fu_keyring_pkcs7_func (void)
|
||||
blob_sig2 = fu_common_get_contents_bytes (sig_fn2, &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (blob_sig2);
|
||||
- result_fail = fu_keyring_verify_data (keyring, blob_pass, blob_sig2, &error);
|
||||
+ result_fail = fu_keyring_verify_data (keyring, blob_pass, blob_sig2,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE, &error);
|
||||
g_assert_error (error, FWUPD_ERROR, FWUPD_ERROR_SIGNATURE_INVALID);
|
||||
g_assert_null (result_fail);
|
||||
g_clear_error (&error);
|
||||
@@ -2033,7 +2039,8 @@ fu_keyring_pkcs7_func (void)
|
||||
blob_fail = fu_common_get_contents_bytes (fw_fail, &error);
|
||||
g_assert_no_error (error);
|
||||
g_assert_nonnull (blob_fail);
|
||||
- result_fail = fu_keyring_verify_data (keyring, blob_fail, blob_sig, &error);
|
||||
+ result_fail = fu_keyring_verify_data (keyring, blob_fail, blob_sig,
|
||||
+ FU_KEYRING_VERIFY_FLAG_NONE, &error);
|
||||
g_assert_error (error, FWUPD_ERROR, FWUPD_ERROR_SIGNATURE_INVALID);
|
||||
g_assert_null (result_fail);
|
||||
g_clear_error (&error);
|
@ -0,0 +1,114 @@
|
||||
From 839b89f45a38b2373bf5836337a33f450aaab72e Mon Sep 17 00:00:00 2001
|
||||
From: Richard Hughes <richard@hughsie.com>
|
||||
Date: Thu, 28 May 2020 10:41:23 +0100
|
||||
Subject: [PATCH] Validate that gpgme_op_verify_result() returned at least one
|
||||
signature
|
||||
|
||||
If a detached signature is actually a PGP message, gpgme_op_verify() returns
|
||||
the rather perplexing GPG_ERR_NO_ERROR, and then gpgme_op_verify_result()
|
||||
builds an empty list.
|
||||
|
||||
Explicitly check for no signatures present to avoid returning a JcatResult with
|
||||
no timestamp and an empty authority.
|
||||
|
||||
Many thanks to Justin Steven <justin@justinsteven.com> for the discovery and
|
||||
coordinated disclosure of this issue. Fixes CVE-2020-10759
|
||||
---
|
||||
libjcat/jcat-gpg-engine.c | 7 +++++
|
||||
libjcat/jcat-self-test.c | 55 +++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 62 insertions(+)
|
||||
|
||||
diff --git libjcat/jcat-gpg-engine.c libjcat/jcat-gpg-engine.c
|
||||
index 0812a62..bd44dba 100644
|
||||
--- libjcat/jcat-gpg-engine.c
|
||||
+++ libjcat/jcat-gpg-engine.c
|
||||
@@ -267,6 +267,13 @@ jcat_gpg_engine_pubkey_verify (JcatEngine *engine,
|
||||
"no result record from libgpgme");
|
||||
return NULL;
|
||||
}
|
||||
+ if (result->signatures == NULL) {
|
||||
+ g_set_error_literal (error,
|
||||
+ G_IO_ERROR,
|
||||
+ G_IO_ERROR_FAILED,
|
||||
+ "no signatures from libgpgme");
|
||||
+ return NULL;
|
||||
+ }
|
||||
|
||||
/* look at each signature */
|
||||
for (s = result->signatures; s != NULL ; s = s->next ) {
|
||||
diff --git libjcat/jcat-self-test.c libjcat/jcat-self-test.c
|
||||
index d79a3a9..fd4295e 100644
|
||||
--- libjcat/jcat-self-test.c
|
||||
+++ libjcat/jcat-self-test.c
|
||||
@@ -393,6 +393,60 @@ jcat_gpg_engine_func (void)
|
||||
#endif
|
||||
}
|
||||
|
||||
+static void
|
||||
+jcat_gpg_engine_msg_func (void)
|
||||
+{
|
||||
+#ifdef ENABLE_GPG
|
||||
+ g_autofree gchar *fn = NULL;
|
||||
+ g_autofree gchar *pki_dir = NULL;
|
||||
+ g_autoptr(GBytes) data = NULL;
|
||||
+ g_autoptr(GBytes) data_sig = NULL;
|
||||
+ g_autoptr(GError) error = NULL;
|
||||
+ g_autoptr(JcatContext) context = jcat_context_new ();
|
||||
+ g_autoptr(JcatEngine) engine = NULL;
|
||||
+ g_autoptr(JcatResult) result = NULL;
|
||||
+ const gchar *sig =
|
||||
+ "-----BEGIN PGP MESSAGE-----\n"
|
||||
+ "owGbwMvMwMEovmZX76/pfOKMp0WSGOLOX3/ikZqTk6+jUJ5flJOiyNXJaMzCwMjB\n"
|
||||
+ "ICumyCJmt5VRUil28/1+z1cwbaxMID0MXJwCMJG4RxwMLUYXDkUad34I3vrT8+X2\n"
|
||||
+ "m+ZyHyMWnTiQYaQb/eLJGqbiAJc5Jr4a/PPqHNi7auwzGsKsljebabjtnJRzpDr0\n"
|
||||
+ "YvwrnmmWLJUnTzjM3MH5Kn+RzqXkywsYdk9yD2OUdLy736CiemFMdcuF02lOZvPU\n"
|
||||
+ "HaTKl76wW62QH8Lr8yGMQ1Xgc6nC2ZwUhvctky7NOZtc1T477uBTL81p31ZmaIUJ\n"
|
||||
+ "paS8uWZl8UzX5sFsqQi37G1TbDc8Cm+oU/yRkFj2pLBzw367ncsa4n7EqEWu1yrN\n"
|
||||
+ "yD39LUeErePdqfKCG+xhL6WkWt5ZJ/6//XnjouXhl5Z4tWspT49MtNp5d3aDQ43c\n"
|
||||
+ "mnbresn6A7KMZgdOiwIA\n"
|
||||
+ "=a9ui\n"
|
||||
+ "-----END PGP MESSAGE-----\n";
|
||||
+
|
||||
+ /* set up context */
|
||||
+ jcat_context_set_keyring_path (context, "/tmp/libjcat-self-test/var");
|
||||
+ pki_dir = g_test_build_filename (G_TEST_DIST, "pki", NULL);
|
||||
+ jcat_context_add_public_keys (context, pki_dir);
|
||||
+
|
||||
+ /* get engine */
|
||||
+ engine = jcat_context_get_engine (context, JCAT_BLOB_KIND_GPG, &error);
|
||||
+ g_assert_no_error (error);
|
||||
+ g_assert_nonnull (engine);
|
||||
+ g_assert_cmpint (jcat_engine_get_kind (engine), ==, JCAT_BLOB_KIND_GPG);
|
||||
+ g_assert_cmpint (jcat_engine_get_verify_kind (engine), ==, JCAT_ENGINE_VERIFY_KIND_SIGNATURE);
|
||||
+
|
||||
+ /* verify with GnuPG, which should fail as the signature is not a
|
||||
+ * detached signature at all, but gnupg stabs us in the back by returning
|
||||
+ * success from gpgme_op_verify() with an empty list of signatures */
|
||||
+ fn = g_test_build_filename (G_TEST_DIST, "colorhug", "firmware.bin", NULL);
|
||||
+ data = jcat_get_contents_bytes (fn, &error);
|
||||
+ g_assert_no_error (error);
|
||||
+ g_assert_nonnull (data);
|
||||
+ data_sig = g_bytes_new_static (sig, strlen (sig));
|
||||
+ result = jcat_engine_pubkey_verify (engine, data, data_sig,
|
||||
+ JCAT_VERIFY_FLAG_NONE, &error);
|
||||
+ g_assert_error (error, G_IO_ERROR, G_IO_ERROR_FAILED);
|
||||
+ g_assert_null (result);
|
||||
+#else
|
||||
+ g_test_skip ("no GnuPG support enabled");
|
||||
+#endif
|
||||
+}
|
||||
+
|
||||
static void
|
||||
jcat_pkcs7_engine_func (void)
|
||||
{
|
||||
@@ -753,6 +807,7 @@ main (int argc, char **argv)
|
||||
g_test_add_func ("/jcat/engine{sha1}", jcat_sha1_engine_func);
|
||||
g_test_add_func ("/jcat/engine{sha256}", jcat_sha256_engine_func);
|
||||
g_test_add_func ("/jcat/engine{gpg}", jcat_gpg_engine_func);
|
||||
+ g_test_add_func ("/jcat/engine{gpg-msg}", jcat_gpg_engine_msg_func);
|
||||
g_test_add_func ("/jcat/engine{pkcs7}", jcat_pkcs7_engine_func);
|
||||
g_test_add_func ("/jcat/engine{pkcs7-self-signed}", jcat_pkcs7_engine_self_signed_func);
|
||||
g_test_add_func ("/jcat/context{verify-blob}", jcat_context_verify_blob_func);
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,32 @@
|
||||
From d7a1eb17bef650f13e7f96430f99294c36a40806 Mon Sep 17 00:00:00 2001
|
||||
From: Vincent Huang <vincent.huang@tw.synaptics.com>
|
||||
Date: Tue, 19 May 2020 13:09:28 +0800
|
||||
Subject: [PATCH] synaptics-prometheus: Force the minor version from 0x02 to
|
||||
0x01 to make sure the devices can be updated back to 0x01.
|
||||
|
||||
---
|
||||
plugins/synaptics-prometheus/fu-synaprom-device.c | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git plugins/synaptics-prometheus/fu-synaprom-device.c plugins/synaptics-prometheus/fu-synaprom-device.c
|
||||
index 5a19203c..299ebde2 100644
|
||||
--- a/plugins/synaptics-prometheus/fu-synaprom-device.c
|
||||
+++ b/plugins/synaptics-prometheus/fu-synaprom-device.c
|
||||
@@ -142,6 +142,14 @@ fu_synaprom_device_set_version (FuSynapromDevice *self,
|
||||
{
|
||||
g_autofree gchar *str = NULL;
|
||||
|
||||
+ /* We decide to skip 10.02.xxxxxx firmware, so we force the minor version from 0x02
|
||||
+ ** to 0x01 to make the devices with 0x02 minor version firmware allow to be updated
|
||||
+ ** back to minor version 0x01. */
|
||||
+ if (vmajor == 0x0a && vminor == 0x02) {
|
||||
+ g_debug ("quirking vminor from %02x to 01", vminor);
|
||||
+ vminor = 0x01;
|
||||
+ }
|
||||
+
|
||||
/* set display version */
|
||||
str = g_strdup_printf ("%02u.%02u.%u", vmajor, vminor, buildnum);
|
||||
fu_device_set_version (FU_DEVICE (self), str);
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,29 +0,0 @@
|
||||
From 48cea11bd5d3d8c7f7423ad9807b1e537bc051c8 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Hughes <richard@hughsie.com>
|
||||
Date: Thu, 8 Nov 2018 20:05:12 +0000
|
||||
Subject: [PATCH] trivial: Relax the timing requirements on the FuDevice poll
|
||||
test
|
||||
|
||||
If the poll source is scheduled just at the right time, we might only get 8x
|
||||
'10ms ticks' in a 100ms window. This fixes an occasional build failure on
|
||||
slower hardware and in CI.
|
||||
---
|
||||
src/fu-self-test.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/fu-self-test.c b/src/fu-self-test.c
|
||||
index 3c774b55..edc0088d 100644
|
||||
--- a/src/fu-self-test.c
|
||||
+++ b/src/fu-self-test.c
|
||||
@@ -2806,7 +2806,7 @@ fu_device_poll_func (void)
|
||||
fu_test_loop_run_with_timeout (100);
|
||||
fu_test_loop_quit ();
|
||||
cnt = fu_device_get_metadata_integer (device, "cnt");
|
||||
- g_assert_cmpint (cnt, >=, 9);
|
||||
+ g_assert_cmpint (cnt, >=, 8);
|
||||
|
||||
/* disable the poll */
|
||||
fu_device_set_poll_interval (device, 0);
|
||||
--
|
||||
2.19.1
|
||||
|
@ -1,74 +0,0 @@
|
||||
From 3cd6171c44ef217acef059c871efc726eb9df062 Mon Sep 17 00:00:00 2001
|
||||
From: Gary Lin <glin@suse.com>
|
||||
Date: Thu, 28 Mar 2019 16:20:22 +0800
|
||||
Subject: [PATCH] uefi: add a new option to specify the os name
|
||||
|
||||
fu_uefi_get_esp_path_for_os() generates the path to the OS directory
|
||||
based on "ID" in /etc/os-release, and it may not work for some distros.
|
||||
|
||||
Take openSUSE as an example, the "ID" for openSUSE Leap is
|
||||
"opensuse-leap" and that for openSUSE Tumbleweed is "opensuse-tumbleweed".
|
||||
However, both of them use the same OS directory in the ESP, i.e.
|
||||
"/EFI/opensuse".
|
||||
|
||||
This commit adds a new build option, efi_os_dir, to allow the packager to
|
||||
specify the name of OS directory at build time instead of the runtime
|
||||
detection.
|
||||
|
||||
Signed-off-by: Gary Lin <glin@suse.com>
|
||||
---
|
||||
meson_options.txt | 1 +
|
||||
plugins/uefi/fu-uefi-common.c | 4 ++++
|
||||
plugins/uefi/meson.build | 5 +++++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/meson_options.txt b/meson_options.txt
|
||||
index 23ef8cdb..c1767205 100644
|
||||
--- a/meson_options.txt
|
||||
+++ b/meson_options.txt
|
||||
@@ -24,3 +24,4 @@ option('efi-ld', type : 'string', value : 'ld', description : 'the linker to use
|
||||
option('efi-libdir', type : 'string', description : 'path to the EFI lib directory')
|
||||
option('efi-ldsdir', type : 'string', description : 'path to the EFI lds directory')
|
||||
option('efi-includedir', type : 'string', value : '/usr/include/efi', description : 'path to the EFI header directory')
|
||||
+option('efi_os_dir', type: 'string', description : 'the name of OS directory in ESP')
|
||||
diff --git a/plugins/uefi/fu-uefi-common.c b/plugins/uefi/fu-uefi-common.c
|
||||
index 2e3268aa..4d9d03d7 100644
|
||||
--- a/plugins/uefi/fu-uefi-common.c
|
||||
+++ b/plugins/uefi/fu-uefi-common.c
|
||||
@@ -246,6 +246,7 @@ gchar *
|
||||
fu_uefi_get_esp_path_for_os (const gchar *esp_path)
|
||||
{
|
||||
const gchar *os_release_id = NULL;
|
||||
+#ifndef EFI_OS_DIR
|
||||
g_autoptr(GError) error_local = NULL;
|
||||
g_autoptr(GHashTable) os_release = fwupd_get_os_release (&error_local);
|
||||
if (os_release != NULL) {
|
||||
@@ -255,6 +256,9 @@ fu_uefi_get_esp_path_for_os (const gchar *esp_path)
|
||||
}
|
||||
if (os_release_id == NULL)
|
||||
os_release_id = "unknown";
|
||||
+#else
|
||||
+ os_release_id = EFI_OS_DIR;
|
||||
+#endif
|
||||
return g_build_filename (esp_path, "EFI", os_release_id, NULL);
|
||||
}
|
||||
|
||||
diff --git a/plugins/uefi/meson.build b/plugins/uefi/meson.build
|
||||
index 140418a8..21d4b6c8 100644
|
||||
--- a/plugins/uefi/meson.build
|
||||
+++ b/plugins/uefi/meson.build
|
||||
@@ -3,6 +3,11 @@ subdir('efi')
|
||||
cargs = ['-DG_LOG_DOMAIN="FuPluginUefi"']
|
||||
cargs += '-DEFI_APP_LOCATION_BUILD="' + app.full_path() + '"'
|
||||
|
||||
+efi_os_dir = get_option('efi_os_dir')
|
||||
+if efi_os_dir != ''
|
||||
+ cargs += '-DEFI_OS_DIR="' + efi_os_dir + '"'
|
||||
+endif
|
||||
+
|
||||
shared_module('fu_plugin_uefi',
|
||||
sources : [
|
||||
'fu-plugin-uefi.c',
|
||||
--
|
||||
2.24.1
|
||||
|
198
SPECS/fwupd.spec
198
SPECS/fwupd.spec
@ -1,9 +1,10 @@
|
||||
%global glib2_version 2.45.8
|
||||
%global libappstream_version 0.7.4
|
||||
%global libxmlb_version 0.1.3
|
||||
%global libgusb_version 0.2.11
|
||||
%global libsoup_version 2.51.92
|
||||
%global systemd_version 231
|
||||
%global json_glib_version 1.1.1
|
||||
%global __meson_wrap_mode default
|
||||
|
||||
%global enable_tests 1
|
||||
%global enable_dummy 1
|
||||
@ -23,13 +24,19 @@
|
||||
%global have_dell 1
|
||||
%endif
|
||||
|
||||
# only available recently
|
||||
%if 0%{?fedora} >= 30 || 0%{?rhel} >= 8
|
||||
%global have_modem_manager 1
|
||||
%endif
|
||||
|
||||
Summary: Firmware update daemon
|
||||
Name: fwupd
|
||||
Version: 1.1.4
|
||||
Release: 7%{?dist}
|
||||
Version: 1.4.2
|
||||
Release: 4%{?dist}
|
||||
License: LGPLv2+
|
||||
URL: https://github.com/hughsie/fwupd
|
||||
URL: https://github.com/fwupd/fwupd
|
||||
Source0: http://people.freedesktop.org/~hughsient/releases/%{name}-%{version}.tar.xz
|
||||
Source1: http://people.freedesktop.org/~hughsient/releases/libjcat-0.1.2.tar.xz
|
||||
|
||||
# these are numbered high just to keep them wildly away from colliding with
|
||||
# the real package sources, in order to reduce churn.
|
||||
@ -38,16 +45,14 @@ Source301: redhatsecureboot301.cer
|
||||
Source500: redhatsecurebootca5.cer
|
||||
Source503: redhatsecureboot503.cer
|
||||
|
||||
# backport from upstream
|
||||
Patch0: 0001-trivial-Relax-the-timing-requirements-on-the-FuDevic.patch
|
||||
Patch1: 0001-Relax-the-certificate-time-checks-in-the-self-tests-.patch
|
||||
Patch2: 0001-Disable-wacomhid-by-default-as-probing-the-device-st.patch
|
||||
Patch3: 0001-uefi-add-a-new-option-to-specify-the-os-name.patch
|
||||
Patch1: 0001-synaptics-prometheus-Force-the-minor-version-from-0x.patch
|
||||
Patch2: 0001-Do-not-use-the-LVFS.patch
|
||||
Patch3: 0001-Validate-that-gpgme_op_verify_result-returned-at-lea.patch
|
||||
|
||||
BuildRequires: efi-srpm-macros
|
||||
BuildRequires: gettext
|
||||
BuildRequires: glib2-devel >= %{glib2_version}
|
||||
BuildRequires: libappstream-glib-devel >= %{libappstream_version}
|
||||
BuildRequires: libxmlb-devel >= %{libxmlb_version}
|
||||
BuildRequires: libgcab1-devel
|
||||
BuildRequires: libgudev1-devel
|
||||
BuildRequires: libgusb-devel >= %{libgusb_version}
|
||||
@ -65,7 +70,6 @@ BuildRequires: valgrind-devel
|
||||
%endif
|
||||
BuildRequires: elfutils-libelf-devel
|
||||
BuildRequires: gtk-doc
|
||||
BuildRequires: libuuid-devel
|
||||
BuildRequires: gnutls-devel
|
||||
BuildRequires: gnutls-utils
|
||||
BuildRequires: meson
|
||||
@ -74,9 +78,15 @@ BuildRequires: json-glib-devel >= %{json_glib_version}
|
||||
BuildRequires: vala
|
||||
BuildRequires: python3-devel
|
||||
BuildRequires: bash-completion
|
||||
BuildRequires: git-core
|
||||
%if 0%{?have_flashrom}
|
||||
BuildRequires: flashrom-devel >= 1.2-2
|
||||
%endif
|
||||
|
||||
# until rh-signing-tools is fixed
|
||||
BuildRequires: nss-tools
|
||||
%if 0%{?have_modem_manager}
|
||||
BuildRequires: ModemManager-glib-devel >= 1.10.0
|
||||
BuildRequires: libqmi-devel >= 1.22.0
|
||||
%endif
|
||||
|
||||
%if 0%{?have_redfish}
|
||||
BuildRequires: efivar-devel >= 33
|
||||
@ -104,15 +114,17 @@ Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
|
||||
Requires: glib2%{?_isa} >= %{glib2_version}
|
||||
Requires: libappstream-glib%{?_isa} >= %{libappstream_version}
|
||||
Requires: libxmlb%{?_isa} >= %{libxmlb_version}
|
||||
Requires: libgusb%{?_isa} >= %{libgusb_version}
|
||||
Requires: libsoup%{?_isa} >= %{libsoup_version}
|
||||
Requires: bubblewrap
|
||||
Requires: shared-mime-info
|
||||
|
||||
Obsoletes: fwupd-sign < 0.1.6
|
||||
Obsoletes: libebitdo < 0.7.5-3
|
||||
Obsoletes: libdfu < 1.0.0
|
||||
Obsoletes: fwupd-labels < 1.1.0-1
|
||||
Obsoletes: fwupdate
|
||||
|
||||
%description
|
||||
fwupd is a daemon to allow session software to update device firmware.
|
||||
@ -128,24 +140,33 @@ Files for development with %{name}.
|
||||
|
||||
%package tests
|
||||
Summary: Data files for installed tests
|
||||
BuildArch: noarch
|
||||
Recommends: python3
|
||||
|
||||
%description tests
|
||||
Data files for installed tests.
|
||||
|
||||
%prep
|
||||
%autosetup -p1
|
||||
%setup -q
|
||||
%patch2 -p1 -b .lvfs-disabled
|
||||
|
||||
mkdir -p subprojects/libjcat
|
||||
tar xfvs %{SOURCE1} -C subprojects/libjcat --strip-components=1
|
||||
|
||||
# apply patch to subproject
|
||||
cd subprojects/libjcat
|
||||
%patch3 -p0 -b .gpgme-parsing
|
||||
cd -
|
||||
|
||||
sed -ri '1s=^#!/usr/bin/(env )?python3=#!%{__python3}=' \
|
||||
libfwupd/generate-version-script.py \
|
||||
data/installed-tests/hardware.py \
|
||||
po/test-deps \
|
||||
contrib/ci/*.py \
|
||||
contrib/firmware_packager/*.py \
|
||||
contrib/*.py \
|
||||
contrib/standalone-installer/assets/*.py \
|
||||
contrib/standalone-installer/*.py \
|
||||
data/device-tests/*.py \
|
||||
libfwupdplugin/*.py \
|
||||
plugins/dfu/contrib/*.py \
|
||||
po/make-images \
|
||||
contrib/ci/generate_debian.py \
|
||||
contrib/ci/generate_docker.py \
|
||||
contrib/firmware-packager/firmware-packager \
|
||||
plugins/dfu/contrib/parse-avrdude-conf.py
|
||||
po/test-deps
|
||||
|
||||
%build
|
||||
|
||||
@ -155,6 +176,10 @@ export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
||||
%meson \
|
||||
-Dgtkdoc=true \
|
||||
-Defi_os_dir=%{efi_vendor} \
|
||||
-Dplugin_tpm=false \
|
||||
-Dlibjcat:gtkdoc=false \
|
||||
-Dlibjcat:introspection=false \
|
||||
-Dlibjcat:tests=false \
|
||||
%if 0%{?enable_tests}
|
||||
-Dtests=true \
|
||||
%else
|
||||
@ -164,6 +189,11 @@ export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
||||
-Dplugin_dummy=true \
|
||||
%else
|
||||
-Dplugin_dummy=false \
|
||||
%endif
|
||||
%if 0%{?have_flashrom}
|
||||
-Dplugin_flashrom=true \
|
||||
%else
|
||||
-Dplugin_flashrom=false \
|
||||
%endif
|
||||
-Dplugin_thunderbolt=true \
|
||||
%if 0%{?have_redfish}
|
||||
@ -184,6 +214,11 @@ export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
||||
%else
|
||||
-Dplugin_dell=false \
|
||||
-Dplugin_synaptics=false \
|
||||
%endif
|
||||
%if 0%{?have_modem_manager}
|
||||
-Dplugin_modem_manager=true \
|
||||
%else
|
||||
-Dplugin_modem_manager=false \
|
||||
%endif
|
||||
-Dman=true
|
||||
|
||||
@ -213,77 +248,112 @@ rm -fv %{fwup_efi_fn}.tmp
|
||||
|
||||
mkdir -p --mode=0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/fwupd/gnupg
|
||||
|
||||
# workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1757948
|
||||
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/fwupd
|
||||
|
||||
%find_lang %{name}
|
||||
|
||||
%post
|
||||
/sbin/ldconfig
|
||||
%systemd_post fwupd.service
|
||||
|
||||
%preun
|
||||
%systemd_preun fwupd.service
|
||||
|
||||
%postun
|
||||
/sbin/ldconfig
|
||||
%systemd_postun_with_restart fwupd.service
|
||||
%systemd_postun_with_restart pesign.service
|
||||
|
||||
%files -f %{name}.lang
|
||||
%doc README.md AUTHORS NEWS
|
||||
%doc README.md AUTHORS
|
||||
%license COPYING
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/ata.conf
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/daemon.conf
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/upower.conf
|
||||
%if 0%{?have_uefi}
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/uefi.conf
|
||||
%endif
|
||||
%if 0%{?have_redfish}
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/redfish.conf
|
||||
%endif
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/thunderbolt.conf
|
||||
%dir %{_libexecdir}/fwupd
|
||||
%{_libexecdir}/fwupd/fwupd
|
||||
%{_libexecdir}/fwupd/fwupdtool
|
||||
%{_libexecdir}/fwupd/fwupdoffline
|
||||
%if 0%{?have_uefi}
|
||||
%{_libexecdir}/fwupd/efi/*.efi
|
||||
%{_libexecdir}/fwupd/efi/*.efi.signed
|
||||
%{_libexecdir}/fwupd/fwupdate
|
||||
%{_bindir}/fwupdate
|
||||
%endif
|
||||
%{_bindir}/dfu-tool
|
||||
%{_bindir}/fwupdmgr
|
||||
%{_bindir}/fwupdtool
|
||||
%{_bindir}/fwupdagent
|
||||
%{_bindir}/jcat-tool
|
||||
%dir %{_sysconfdir}/fwupd
|
||||
%dir %{_sysconfdir}/fwupd/remotes.d
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/fwupd.conf
|
||||
%if 0%{?have_dell}
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/dell-esrt.conf
|
||||
%endif
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/lvfs.conf
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/lvfs-testing.conf
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/vendor.conf
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/vendor-directory.conf
|
||||
%config(noreplace)%{_sysconfdir}/pki/fwupd
|
||||
%{_sysconfdir}/pki/fwupd-metadata
|
||||
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.fwupd.conf
|
||||
%{_datadir}/dbus-1/system.d/org.freedesktop.fwupd.conf
|
||||
%{_datadir}/bash-completion/completions/fwupdmgr
|
||||
%{_datadir}/bash-completion/completions/fwupdtool
|
||||
%{_datadir}/bash-completion/completions/fwupdagent
|
||||
%{_datadir}/fish/vendor_completions.d/fwupdmgr.fish
|
||||
%{_datadir}/fwupd/metainfo/org.freedesktop.fwupd*.metainfo.xml
|
||||
%{_datadir}/fwupd/remotes.d/fwupd/metadata.xml
|
||||
%if 0%{?have_dell}
|
||||
%{_datadir}/fwupd/remotes.d/dell-esrt/metadata.xml
|
||||
%endif
|
||||
%{_datadir}/fwupd/remotes.d/vendor/firmware/README.md
|
||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.fwupd.xml
|
||||
%{_datadir}/polkit-1/actions/org.freedesktop.fwupd.policy
|
||||
%{_datadir}/polkit-1/rules.d/org.freedesktop.fwupd.rules
|
||||
%{_datadir}/dbus-1/system-services/org.freedesktop.fwupd.service
|
||||
%{_datadir}/man/man1/fwupdtool.1.gz
|
||||
%{_datadir}/man/man1/fwupdagent.1.gz
|
||||
%{_datadir}/man/man1/dfu-tool.1.gz
|
||||
%{_datadir}/man/man1/fwupdmgr.1.gz
|
||||
%if 0%{?have_uefi}
|
||||
%{_datadir}/man/man1/fwupdate.1.gz
|
||||
%endif
|
||||
%{_datadir}/man/man1/jcat-tool.1*
|
||||
%{_datadir}/metainfo/org.freedesktop.fwupd.metainfo.xml
|
||||
%{_datadir}/fwupd/firmware-packager
|
||||
%{_datadir}/icons/hicolor/scalable/apps/org.freedesktop.fwupd.svg
|
||||
%{_datadir}/fwupd/firmware_packager.py
|
||||
%{_datadir}/fwupd/simple_client.py
|
||||
%{_datadir}/fwupd/add_capsule_header.py
|
||||
%{_datadir}/fwupd/install_dell_bios_exe.py
|
||||
%{_unitdir}/fwupd-offline-update.service
|
||||
%{_unitdir}/fwupd.service
|
||||
%{_unitdir}/fwupd-refresh.service
|
||||
%{_unitdir}/fwupd-refresh.timer
|
||||
%{_presetdir}/fwupd-refresh.preset
|
||||
%{_unitdir}/system-update.target.wants/
|
||||
%dir %{_localstatedir}/lib/fwupd
|
||||
%dir %{_localstatedir}/cache/fwupd
|
||||
%dir %{_datadir}/fwupd/quirks.d
|
||||
%{_datadir}/fwupd/quirks.d/*.quirk
|
||||
%{_localstatedir}/lib/fwupd/builder/README.md
|
||||
%{_libdir}/libfwupd*.so.*
|
||||
%{_libdir}/libjcat.so.*
|
||||
%{_libdir}/girepository-1.0/Fwupd-2.0.typelib
|
||||
%{_libdir}/girepository-1.0/FwupdPlugin-1.0.typelib
|
||||
/usr/lib/udev/rules.d/*.rules
|
||||
/usr/lib/systemd/system-shutdown/fwupd.shutdown
|
||||
%dir %{_libdir}/fwupd-plugins-3
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_altos.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_amt.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_ata.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_ccgx.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_colorhug.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_coreboot.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_csr.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_cpu.so
|
||||
%if 0%{?have_dell}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_dell.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_dell_esrt.so
|
||||
@ -291,33 +361,53 @@ mkdir -p --mode=0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/fwupd/gnupg
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_dell_dock.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_dfu.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_ebitdo.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_emmc.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_ep963x.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_fastboot.so
|
||||
%if 0%{?have_flashrom}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_flashrom.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_fresco_pd.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_jabra.so
|
||||
%if 0%{?have_modem_manager}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_modem_manager.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_nitrokey.so
|
||||
%if 0%{?have_uefi}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_nvme.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_optionrom.so
|
||||
%if 0%{?have_redfish}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_redfish.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_rts54hid.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_rts54hub.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_solokey.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_steelseries.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_superio.so
|
||||
%if 0%{?have_dell}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_synapticsmst.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_synaptics_mst.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_synaptics_cxaudio.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_synaptics_prometheus.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_synaptics_rmi.so
|
||||
%if 0%{?enable_dummy}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_test.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_invalid.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_thelio_io.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_thunderbolt.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_thunderbolt_power.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_udev.so
|
||||
%if 0%{?have_uefi}
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_uefi.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_uefi_recovery.so
|
||||
%endif
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_unifying.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_logind.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_logitech_hidpp.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_upower.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_wacomhid.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_vli.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_wacom_raw.so
|
||||
%{_libdir}/fwupd-plugins-3/libfu_plugin_wacom_usb.so
|
||||
%ghost %{_localstatedir}/lib/fwupd/gnupg
|
||||
%if 0%{?have_uefi}
|
||||
%{_datadir}/locale/*/LC_IMAGES/fwupd*
|
||||
@ -325,26 +415,50 @@ mkdir -p --mode=0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/fwupd/gnupg
|
||||
|
||||
%files devel
|
||||
%{_datadir}/gir-1.0/Fwupd-2.0.gir
|
||||
%{_datadir}/gtk-doc/html/libfwupd
|
||||
%{_datadir}/gir-1.0/FwupdPlugin-1.0.gir
|
||||
%{_datadir}/gtk-doc/html/fwupd
|
||||
%{_datadir}/vala/vapi
|
||||
%{_includedir}/fwupd-1
|
||||
%{_includedir}/libjcat-1
|
||||
%{_libdir}/libfwupd*.so
|
||||
%{_libdir}/libjcat.so
|
||||
%{_libdir}/pkgconfig/fwupd.pc
|
||||
%{_libdir}/pkgconfig/fwupdplugin.pc
|
||||
%{_libdir}/pkgconfig/jcat.pc
|
||||
|
||||
%files tests
|
||||
%if 0%{?enable_tests}
|
||||
%dir %{_datadir}/installed-tests/fwupd
|
||||
%{_datadir}/installed-tests/fwupd/firmware-example.xml.gz
|
||||
%{_datadir}/installed-tests/fwupd/firmware-example.xml.gz.asc
|
||||
%{_datadir}/installed-tests/fwupd/fwupd-tests.xml
|
||||
%{_datadir}/installed-tests/fwupd/*.test
|
||||
%{_datadir}/installed-tests/fwupd/*.cab
|
||||
%{_datadir}/installed-tests/fwupd/*.sh
|
||||
%{_datadir}/installed-tests/fwupd/*.py*
|
||||
%dir %{_sysconfdir}/fwupd/remotes.d
|
||||
%config(noreplace)%{_sysconfdir}/fwupd/remotes.d/fwupd-tests.conf
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Jul 27 2020 Peter Jones <pjones@redhat.com> - 1.1.4-7
|
||||
* Fri Jul 24 2020 Peter Jones <pjones@redhat.com> - 1.4.2-4
|
||||
- Add signing with redhatsecureboot503 cert
|
||||
Related: CVE-2020-10713
|
||||
|
||||
* Thu Jul 23 2020 Richard Hughes <richard@hughsie.com> 1.4.2-3
|
||||
- Obsolete the now-dead fwupdate package to prevent file conflicts
|
||||
- Resolves: #1859202
|
||||
|
||||
* Fri Jun 05 2020 Richard Hughes <richard@hughsie.com> 1.4.2-2
|
||||
- Security fix for CVE-2020-10759
|
||||
- Resolves: #1844324
|
||||
|
||||
* Mon May 18 2020 Richard Hughes <richard@hughsie.com> 1.4.2-1
|
||||
- New upstream release
|
||||
- Backport a patch to fix the synaptics fingerprint reader update.
|
||||
- Resolves: #1775277
|
||||
|
||||
* Mon Apr 27 2020 Richard Hughes <richard@hughsie.com> 1.4.1-1
|
||||
- New upstream release
|
||||
- Resolves: #1775277
|
||||
|
||||
* Wed Feb 19 2020 Richard Hughes <richard@hughsie.com> 1.1.4-6
|
||||
- Rebuild to get the EFI executable signed with the Red Hat key
|
||||
- Resolves: #1713033
|
||||
|
Loading…
Reference in New Issue
Block a user