From e8024b70dc1ba7dd0dbbb9ee636bea9221530a95 Mon Sep 17 00:00:00 2001 From: Vratislav Podzimek Date: Fri, 24 Jul 2015 13:13:09 +0200 Subject: [PATCH] New version - Explicitly specify the type of the cert_data parameter (#1246096) (vpodzime) --- explicit_type_cert_data_1246096.patch | 50 +++++++++++++++++++++++++++ libblockdev.spec | 7 +++- 2 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 explicit_type_cert_data_1246096.patch diff --git a/explicit_type_cert_data_1246096.patch b/explicit_type_cert_data_1246096.patch new file mode 100644 index 0000000..328bf34 --- /dev/null +++ b/explicit_type_cert_data_1246096.patch @@ -0,0 +1,50 @@ +From 2c1af1f8d6afe69753de9beb6949922acd25a4fd Mon Sep 17 00:00:00 2001 +From: Vratislav Podzimek +Date: Fri, 24 Jul 2015 12:33:17 +0200 +Subject: [PATCH] Explicitly specify the type of the cert_data parameter + (#1246096) + +GObject introspection translates 'gchar*' into 'utf8', but the cert_data +parameter holds binary data which are not UTF-8 encoded and which are usually +passed from the outside (like in Python as described in the bug) as binary data +and not as a string. On the other hand NSS expects certificate data as a +character buffer so we need to just take a character buffer from the caller +(instead of doing some transformation magic). Thus we need to specify the type +explicitly to a zero-terminated array of chars which resolves the issue on the +caller interface and keeps everything okay for NSS. + +Signed-off-by: Vratislav Podzimek +--- + src/lib/plugin_apis/crypto.api | 2 +- + src/plugins/crypto.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/lib/plugin_apis/crypto.api b/src/lib/plugin_apis/crypto.api +index d58fc09..fddb806 100644 +--- a/src/lib/plugin_apis/crypto.api ++++ b/src/lib/plugin_apis/crypto.api +@@ -161,7 +161,7 @@ gboolean bd_crypto_luks_resize (const gchar *luks_device, guint64 size, GError * + * bd_crypto_escrow_device: + * @device: path of the device to create escrow data for + * @passphrase: passphrase used for the device +- * @cert_data: certificate data to use for escrow ++ * @cert_data: (array zero-terminated=1) (element-type gchar): certificate data to use for escrow + * @directory: directory to put escrow data into + * @backup_passphrase: (allow-none): backup passphrase for the device or %NULL + * @error: (out): place to store error (if any) +diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c +index 5cf311a..28c9c63 100644 +--- a/src/plugins/crypto.c ++++ b/src/plugins/crypto.c +@@ -697,7 +697,7 @@ static gboolean write_escrow_data_file (struct libvk_volume *volume, struct libv + * bd_crypto_escrow_device: + * @device: path of the device to create escrow data for + * @passphrase: passphrase used for the device +- * @cert_data: certificate data to use for escrow ++ * @cert_data: (array zero-terminated=1) (element-type gchar): certificate data to use for escrow + * @directory: directory to put escrow data into + * @backup_passphrase: (allow-none): backup passphrase for the device or %NULL + * @error: (out): place to store error (if any) +-- +2.1.0 + diff --git a/libblockdev.spec b/libblockdev.spec index f122fb3..3a65c8a 100644 --- a/libblockdev.spec +++ b/libblockdev.spec @@ -1,10 +1,11 @@ Name: libblockdev Version: 1.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A library for low-level manipulation with block devices License: LGPLv2+ URL: https://github.com/vpodzime/libblockdev Source0: https://github.com/vpodzime/libblockdev/archive/%{name}-%{version}.tar.gz +Patch0: explicit_type_cert_data_1246096.patch BuildRequires: scons BuildRequires: glib2-devel @@ -296,6 +297,7 @@ A meta-package that pulls all the libblockdev plugins as dependencies. %prep %setup -q -n %{name}-%{version} +%patch0 -p1 %build %configure @@ -454,6 +456,9 @@ find %{buildroot} -type f -name "*.la" | xargs %{__rm} %files plugins-all %changelog +* Fri Jul 24 2015 Vratislav Podzimek - 1.1-2 +- Explicitly specify the type of the cert_data parameter (#1246096) (vpodzime) + * Fri Jun 19 2015 Vratislav Podzimek - 1.1-1 - Clean generated boilerplate code on 'make clean' (vpodzime) - Merge pull request #31 from atodorov/use_lang_c (vpodzime)