diff --git a/SOURCES/libica-3.7.0-fips.patch b/SOURCES/libica-3.7.0-fips.patch new file mode 100644 index 0000000..f6b0d7e --- /dev/null +++ b/SOURCES/libica-3.7.0-fips.patch @@ -0,0 +1,31 @@ +From 34ae2c50cbe595ae475f5e3491c39f3b2dbe8a67 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Dan=20Hor=C3=A1k?= +Date: Wed, 15 Jul 2020 10:58:10 +0200 +Subject: [libica PATCH] fix library filename for FIPS integrity check +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes: https://github.com/opencryptoki/libica/issues/45 + +Signed-off-by: Dan Horák +--- + src/fips.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/fips.c b/src/fips.c +index 07310c3..2bf11f5 100644 +--- a/src/fips.c ++++ b/src/fips.c +@@ -306,7 +306,7 @@ static void fips_lib_integrity_check(void) + { + int rc; + char path[PATH_MAX]; +- const char *libname = "libica.so"; ++ const char *libname = "libica.so.3"; + const char *symbolname = "ica_sha256"; + + rc = get_library_path(libname, symbolname, path, sizeof(path)); +-- +2.26.2 + diff --git a/SPECS/libica.spec b/SPECS/libica.spec index df13788..5b71c62 100644 --- a/SPECS/libica.spec +++ b/SPECS/libica.spec @@ -1,14 +1,17 @@ Summary: Library for accessing ICA hardware crypto on IBM z Systems Name: libica Version: 3.7.0 -Release: 1%{?dist} +Release: 2%{?dist} License: CPL Group: System Environment/Libraries URL: https://github.com/opencryptoki/ Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz # annotate assembler source # https://bugzilla.redhat.com/show_bug.cgi?id=1630582 -Patch1: %{name}-3.7.0-annotate.patch +Patch0: %{name}-3.7.0-annotate.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1857130 +# https://github.com/opencryptoki/libica/pull/46 +Patch1: %{name}-3.7.0-fips.patch BuildRequires: gcc BuildRequires: openssl-devel BuildRequires: autoconf @@ -77,6 +80,10 @@ fi %changelog +* Mon Jul 20 2020 Dan Horák - 3.7.0-2 +- fix FIPS integrity validation (#1857130) +- Resolves: #1857130 + * Thu May 21 2020 Dan Horák - 3.7.0-1 - updated to 3.7.0 (#1780299) - Resolves: #1780299