- fix FIPS integrity validation (#1857130)

libica-3.7.0-fips.patch

@@ -0,0 +1,31 @@
+From 34ae2c50cbe595ae475f5e3491c39f3b2dbe8a67 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
+Date: Wed, 15 Jul 2020 10:58:10 +0200
+Subject: [libica PATCH] fix library filename for FIPS integrity check
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes: https://github.com/opencryptoki/libica/issues/45
+
+Signed-off-by: Dan Horák <dan@danny.cz>
+---
+ src/fips.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/fips.c b/src/fips.c
+index 07310c3..2bf11f5 100644
+--- a/src/fips.c
++++ b/src/fips.c
+@@ -306,7 +306,7 @@ static void fips_lib_integrity_check(void)
+ {
+ 	int rc;
+ 	char path[PATH_MAX];
+-	const char *libname = "libica.so";
++	const char *libname = "libica.so.3";
+ 	const char *symbolname = "ica_sha256";
+ 
+ 	rc = get_library_path(libname, symbolname, path, sizeof(path));
+-- 
+2.26.2
+

libica.spec

@@ -1,7 +1,7 @@
 Summary: Library for accessing ICA hardware crypto on IBM z Systems
 Name: libica
 Version: 3.7.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: CPL
 URL: https://github.com/opencryptoki/
 Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
@@ -9,6 +9,9 @@ Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{v
 # https://bugzilla.redhat.com/show_bug.cgi?id=1630582
 # https://github.com/opencryptoki/libica/pull/24
 Patch0: %{name}-3.7.0-annotate.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1857130
+# https://github.com/opencryptoki/libica/pull/46
+Patch1: %{name}-3.7.0-fips.patch
 BuildRequires: gcc
 BuildRequires: openssl-devel
 BuildRequires: autoconf
@@ -79,6 +82,9 @@ fi
 
 
 %changelog
+* Wed Jul 15 2020 Dan Horák <dan[at]danny.cz> - 3.7.0-2
+- fix FIPS integrity validation (#1857130)
+
 * Fri May 15 2020 Dan Horák <dan[at]danny.cz> - 3.7.0-1
 - updated to 3.7.0