From f0ac0b659eb1f7f04f588e3e67812ebfc5cf7cc6 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 31 Jul 2020 15:46:44 +0200
Subject: [PATCH] libcacard-2.8.0-1

This also switches build system from autotools to meson
---
 .gitignore                         |   3 +
 libcacard-2.7.0-caching-keys.patch | 124 -----------------------------
 libcacard.spec                     |  25 +++---
 sources                            |   6 +-
 4 files changed, 19 insertions(+), 139 deletions(-)
 delete mode 100644 libcacard-2.7.0-caching-keys.patch

diff --git a/.gitignore b/.gitignore
index 906ecaf..fc9bb91 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,6 @@
 /libcacard-2.7.0.tar.xz
 /libcacard-2.7.0.tar.xz.asc
 /gpgkey-15B5C33D.gpg
+/libcacard-2.8.0.tar.xz
+/libcacard-2.8.0.tar.xz.asc
+/gpgkey-E37A484F.gpg
diff --git a/libcacard-2.7.0-caching-keys.patch b/libcacard-2.7.0-caching-keys.patch
deleted file mode 100644
index 8c8a3b9..0000000
--- a/libcacard-2.7.0-caching-keys.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From 2c10ae315375730020108cbcae0c282d0d6eff5f Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Mon, 26 Aug 2019 17:42:06 +0200
-Subject: [PATCH 1/2] vcard_emul_nss: Drop the key caching to simplify error
- handling
-
-It could happen with PKCS#11 modules that (correctly) invalidate object
-handles after logout (which was introduced in 0d3a683a), that the handles
-are not valid when we try to use the objects again.
-
-This is trying to address this use case, which I noticed was breaking
-CI with SoftHSM PKCS#11 modules.
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
----
- src/vcard_emul_nss.c | 15 +--------------
- 1 file changed, 1 insertion(+), 14 deletions(-)
-
-diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
-index e8f5c56..f788964 100644
---- a/src/vcard_emul_nss.c
-+++ b/src/vcard_emul_nss.c
-@@ -52,7 +52,6 @@ typedef enum {
- struct VCardKeyStruct {
-     CERTCertificate *cert;
-     PK11SlotInfo *slot;
--    SECKEYPrivateKey *key;
-     VCardEmulTriState failedX509;
- };
- 
-@@ -155,10 +154,6 @@ vcard_emul_make_key(PK11SlotInfo *slot, CERTCertificate *cert)
-     key = g_new(VCardKey, 1);
-     key->slot = PK11_ReferenceSlot(slot);
-     key->cert = CERT_DupCertificate(cert);
--    /* NOTE: if we aren't logged into the token, this could return NULL */
--    /* NOTE: the cert is a temp cert, not necessarily the cert in the token,
--     * use the DER version of this function */
--    key->key = PK11_FindKeyByDERCert(slot, cert, NULL);
-     key->failedX509 = VCardEmulUnknown;
-     return key;
- }
-@@ -170,10 +165,6 @@ vcard_emul_delete_key(VCardKey *key)
-     if (!nss_emul_init || (key == NULL)) {
-         return;
-     }
--    if (key->key) {
--        SECKEY_DestroyPrivateKey(key->key);
--        key->key = NULL;
--    }
-     if (key->cert) {
-         CERT_DestroyCertificate(key->cert);
-     }
-@@ -189,12 +180,8 @@ vcard_emul_delete_key(VCardKey *key)
- static SECKEYPrivateKey *
- vcard_emul_get_nss_key(VCardKey *key)
- {
--    if (key->key) {
--        return key->key;
--    }
-     /* NOTE: if we aren't logged into the token, this could return NULL */
--    key->key = PK11_FindPrivateKeyFromCert(key->slot, key->cert, NULL);
--    return key->key;
-+    return PK11_FindPrivateKeyFromCert(key->slot, key->cert, NULL);
- }
- 
- /*
--- 
-2.22.0
-
-
-From 06587ef683373690f61540935b4516b4f23238ea Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Tue, 27 Aug 2019 12:38:45 +0200
-Subject: [PATCH 2/2] tests: Reproducer for pkcs11 modules invalidating object
- handles on logout
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
----
- tests/hwtests.c | 21 +++++++++++++++++++++
- 1 file changed, 21 insertions(+)
-
-diff --git a/tests/hwtests.c b/tests/hwtests.c
-index cd9a33b..39decfb 100644
---- a/tests/hwtests.c
-+++ b/tests/hwtests.c
-@@ -339,6 +339,26 @@ static void test_sign_bad_data_x509(void)
-     vreader_free(reader); /* get by id ref */
- }
- 
-+/* This is a regression test for issues with PKCS#11 tokens
-+ * invalidating object handles after logout (such as softhsm).
-+ * See: https://bugzilla.mozilla.org/show_bug.cgi?id=1576642
-+ */
-+static void test_sign_logout_sign(void)
-+{
-+    VReader *reader = vreader_get_reader_by_id(0);
-+
-+    g_assert_nonnull(reader);
-+
-+    test_login();
-+    test_sign();
-+
-+    /* This implicitly logs out the user */
-+    test_login();
-+    test_sign();
-+
-+    vreader_free(reader); /* get by id ref */
-+}
-+
- static void libcacard_finalize(void)
- {
-     VReader *reader = vreader_get_reader_by_id(0);
-@@ -374,6 +394,7 @@ int main(int argc, char *argv[])
-     g_test_add_func("/hw-tests/sign-bad-data", test_sign_bad_data_x509);
-     g_test_add_func("/hw-tests/empty-applets", test_empty_applets);
-     g_test_add_func("/hw-tests/get-response", test_get_response);
-+    g_test_add_func("/hw-tests/sign-logout-sign", test_sign_logout_sign);
- 
-     ret = g_test_run();
- 
--- 
-2.22.0
-
-
diff --git a/libcacard.spec b/libcacard.spec
index 2a76ff3..9d9def3 100644
--- a/libcacard.spec
+++ b/libcacard.spec
@@ -1,14 +1,12 @@
 Name:           libcacard
-Version:        2.7.0
-Release:        5%{?dist}
+Version:        2.8.0
+Release:        1%{?dist}
 Summary:        CAC (Common Access Card) library
 License:        LGPLv2+
 URL:            https://gitlab.freedesktop.org/spice/libcacard
 Source0:        http://www.spice-space.org/download/libcacard/%{name}-%{version}.tar.xz
 Source1:        http://www.spice-space.org/download/libcacard/%{name}-%{version}.tar.xz.asc
-Source2:        gpgkey-15B5C33D.gpg
-# https://gitlab.freedesktop.org/spice/libcacard/merge_requests/5
-Patch0:         %{name}-2.7.0-caching-keys.patch
+Source2:        gpgkey-E37A484F.gpg
 Epoch:          3
 
 BuildRequires:  gcc
@@ -19,8 +17,10 @@ BuildRequires:  opensc
 BuildRequires:  gnutls-utils
 BuildRequires:  nss-tools
 BuildRequires:  openssl
-BuildRequires:  lcov
 BuildRequires:  gnupg2
+BuildRequires:  meson
+BuildRequires:  gcc-c++
+BuildRequires:  pcsc-lite-devel
 Conflicts:      qemu-common < 2:2.5.0
 
 %description
@@ -41,22 +41,20 @@ developing applications that use %{name}.
 %prep
 gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
 %setup -q
-%patch0 -p1
 
 %build
-%configure --disable-static
-sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool
-%make_build
+%meson
+%meson_build
 
 %check
 # Do not run the tests on s390x, which fails
 %ifnarch s390x
 sed -i "s!/usr/lib64/!%{_libdir}/!" tests/setup-softhsm2.sh
-make check
+%meson_test
 %endif
 
 %install
-%make_install
+%meson_install
 rm -f %{buildroot}%{_libdir}/*.la
 
 %ldconfig_scriptlets
@@ -72,6 +70,9 @@ rm -f %{buildroot}%{_libdir}/*.la
 %{_libdir}/pkgconfig/libcacard.pc
 
 %changelog
+* Tue Oct 06 2020 Jakub Jelen <jjelen@redhat.com> - 2.8.0-1
+- New upstream release
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.7.0-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 
diff --git a/sources b/sources
index 40c6d7c..5599e17 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (libcacard-2.7.0.tar.xz) = 347c13396e6777193e4e158321605410f4cbd90727c1ba8d85a1aac41d5ada96728dbef367ed4027d16dd0b10c8a4d0cf902ce3345334be4c78994cf72c58352
-SHA512 (libcacard-2.7.0.tar.xz.asc) = a8890117610a0d89019fee5c2ec67a8e383095a39ce56b3a2d092c6e1164435888c5128f9ca303689ffa304f4bcdf71bfab9b2218361bb352427c58dae54dce0
-SHA512 (gpgkey-15B5C33D.gpg) = 7f17283e5ea7e173d867ff815370c37b138df4fd8b7310f8a6eca13c5af90b0e6bd51bac79c0d3265021f6ae0e0e32f738ba4e12ba21e5302d628c235d5aed58
+SHA512 (libcacard-2.8.0.tar.xz) = 68a7ef8446995b8495f23656d481ed8accc451412561dac9b2397b34accaf88c44499bc753de2e56ae22a07af81594a29b4e47fa9418a2f97c33804e3c6b9da3
+SHA512 (libcacard-2.8.0.tar.xz.asc) = fffe6a236276cd01bcdd1962e17d2b1b3f5450aae4848b3640808faabcf5e93a3c8ec394b335ccd21cebdcca5129859cfe52c2f7c69f8a3c37763c3844311d5e
+SHA512 (gpgkey-E37A484F.gpg) = 091755da8a358c8c8ebd3b5443b4b5eb3c260afed943454c085d48c973de6a42763547c321c64e4da5c1b2983ad0c5146aaeddeb1d54ef414f7e6a530a3bf14a