import libica-4.0.2-1.el8
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
22dda75e00
commit
febda2f2b2
|
|
@ -1 +1 @@
|
|||
SOURCES/libica-3.9.0.tar.gz
|
||||
SOURCES/libica-4.0.2.tar.gz
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
98f9f376a8db6f58deab1e08987653170159fe41 SOURCES/libica-3.9.0.tar.gz
|
||||
a9137e070966cefc5a2078893edc4693ee62088f SOURCES/libica-4.0.2.tar.gz
|
||||
|
|
|
|||
|
|
@ -1,64 +0,0 @@
|
|||
From da198ddc689ee877e2fe9724a5f0252ffca5265c Mon Sep 17 00:00:00 2001
|
||||
From: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
||||
Date: Wed, 2 Jun 2021 09:40:47 +0200
|
||||
Subject: [PATCH] Compute HMAC from installed library
|
||||
|
||||
The HMAC hash was computed from the libica in the build tree, but
|
||||
the runtime check is run against the installed libica and those 2
|
||||
files were different. The runtime one has debuginfo stripped
|
||||
(and placed into a separate file), thus the hashes are different.
|
||||
|
||||
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
|
||||
---
|
||||
Makefile.am | 9 ++++-----
|
||||
src/Makefile.am | 8 +++++++-
|
||||
2 files changed, 11 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/Makefile.am b/src/Makefile.am
|
||||
index 4a1ef14..5367d49 100644
|
||||
--- a/src/Makefile.am
|
||||
+++ b/src/Makefile.am
|
||||
@@ -46,6 +46,12 @@ mp.S : mp.pl
|
||||
./mp.pl mp.S
|
||||
|
||||
if ICA_FIPS
|
||||
+fipsinstall:
|
||||
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
|
||||
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
|
||||
+ $(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica-cex.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica-cex.so.$(VERSION1).hmac
|
||||
+ $(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -s .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
|
||||
+
|
||||
hmac-file-lnk: hmac-file
|
||||
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
|
||||
$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
|
||||
@@ -108,4 +114,4 @@ internal_tests_ec_internal_test_SOURCES = \
|
||||
include/rng.h ../test/testcase.h
|
||||
endif
|
||||
|
||||
-.PHONY: hmac-file hmac-file-lnk
|
||||
+.PHONY: hmac-file hmac-file-lnk fipsinstall
|
||||
--
|
||||
2.29.2.windows.2
|
||||
|
||||
diff -up libica-3.9.0/Makefile.am.orig libica-3.9.0/Makefile.am
|
||||
--- libica-3.9.0/Makefile.am.orig 2022-02-08 09:50:48.320207446 +0100
|
||||
+++ libica-3.9.0/Makefile.am 2022-02-08 09:51:25.945624410 +0100
|
||||
@@ -17,11 +17,8 @@ coverage: check
|
||||
cd ${top_builddir}/src && gcov .libs/*.gcda
|
||||
|
||||
if ICA_FIPS
|
||||
-install-data-hook:
|
||||
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica.so.$(VERSION).hmac $(DESTDIR)$(libdir)
|
||||
- cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION).hmac .libica.so.$(MAJOR).hmac
|
||||
- $(INSTALL) -m 0444 ${top_builddir}/src/.libs/.libica-cex.so.$(VERSION).hmac $(DESTDIR)$(libdir)
|
||||
- cd $(DESTDIR)$(libdir) && ln -sf .libica-cex.so.$(VERSION).hmac .libica-cex.so.$(MAJOR).hmac
|
||||
+fipsinstall:
|
||||
+ $(AM_V_GEN)$(MAKE) -C src fipsinstall
|
||||
if ICA_OPENSSL3
|
||||
test -f $(DESTDIR)$(sysconfdir)/libica || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/libica
|
||||
test -f $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || $(INSTALL) -m 644 ${top_builddir}/src/openssl3-fips.cnf $(DESTDIR)$(sysconfdir)/libica/openssl3-fips.cnf || true
|
||||
@@ -38,3 +35,4 @@ if ICA_OPENSSL3
|
||||
endif
|
||||
endif
|
||||
|
||||
+.PHONY: fipsinstall
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
diff -up libica-3.8.0/src/Makefile.am.orig libica-3.8.0/src/Makefile.am
|
||||
--- libica-3.8.0/src/Makefile.am.orig 2021-07-08 12:20:00.123572020 +0200
|
||||
+++ libica-3.8.0/src/Makefile.am 2021-07-08 12:20:13.611929256 +0200
|
||||
@@ -30,13 +30,13 @@ SOURCES_common = ica_api.c init.c icasta
|
||||
diff -up libica-4.0.1/src/Makefile.am.orig libica-4.0.1/src/Makefile.am
|
||||
--- libica-4.0.1/src/Makefile.am.orig 2022-03-22 13:13:36.186395805 +0100
|
||||
+++ libica-4.0.1/src/Makefile.am 2022-03-22 13:13:55.224076905 +0100
|
||||
@@ -31,13 +31,13 @@ SOURCES_common = ica_api.c init.c icasta
|
||||
include/rng.h
|
||||
|
||||
libica_la_CFLAGS = ${CFLAGS_common} -DLIBNAME=\"libica\"
|
||||
|
|
@ -11,7 +11,7 @@ diff -up libica-3.8.0/src/Makefile.am.orig libica-3.8.0/src/Makefile.am
|
|||
libica_la_LDFLAGS = ${LDFLAGS_common}
|
||||
libica_la_SOURCES = ${SOURCES_common}
|
||||
|
||||
libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DNO_SW_FALLBACKS -DLIBNAME=\"libica-cex\"
|
||||
libica_cex_la_CFLAGS = ${CFLAGS_common} -DNO_CPACF -DLIBNAME=\"libica-cex\"
|
||||
-libica_cex_la_CCASFLAGS = ${AM_CFLAGS}
|
||||
+libica_cex_la_CCASFLAGS = ${AM_CFLAGS} -Wa,--generate-missing-build-notes=yes
|
||||
libica_cex_la_LIBADD = ${LIBS_common}
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -1,8 +1,10 @@
|
|||
%global with_fips 1
|
||||
# workaround to keep ABI/soname stable at major version 3
|
||||
%global fakeversion 3:99:1
|
||||
|
||||
Summary: Library for accessing ICA hardware crypto on IBM z Systems
|
||||
Name: libica
|
||||
Version: 3.9.0
|
||||
Version: 4.0.2
|
||||
Release: 1%{?dist}
|
||||
License: CPL
|
||||
Group: System Environment/Libraries
|
||||
|
|
@ -10,9 +12,10 @@ URL: https://github.com/opencryptoki/
|
|||
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||
# annotate assembler source
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1630582
|
||||
Patch0: %{name}-3.8.0-annotate.patch
|
||||
# https://github.com/opencryptoki/libica/issues/62
|
||||
Patch1: %{name}-3.9.0-hmac.patch
|
||||
Patch0: %{name}-4.0.1-annotate.patch
|
||||
# revert ABI to 3.x
|
||||
# reverted commit 4a3a77232ee85cf9f4eb7ac2d366b613013b9048
|
||||
Patch1: %{name}-4.0.1-revert-abi.patch
|
||||
BuildRequires: gcc
|
||||
BuildRequires: openssl
|
||||
BuildRequires: openssl-devel
|
||||
|
|
@ -51,11 +54,11 @@ sh ./bootstrap.sh
|
|||
%else
|
||||
--disable-fips
|
||||
%endif
|
||||
make %{?_smp_mflags}
|
||||
make %{?_smp_mflags} VERSION=%{fakeversion}
|
||||
|
||||
|
||||
%install
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
make install DESTDIR=$RPM_BUILD_ROOT VERSION=%{fakeversion}
|
||||
rm %{buildroot}%{_libdir}/libica*.la
|
||||
rm %{buildroot}%{_pkgdocdir}/{INSTALL,README.md}
|
||||
|
||||
|
|
@ -77,7 +80,7 @@ fi
|
|||
%{?__debug_package:%{__debug_install_post}} \
|
||||
%{__arch_install_post} \
|
||||
%{__os_install_post} \
|
||||
make fipsinstall DESTDIR=%{buildroot}
|
||||
make fipsinstall DESTDIR=%{buildroot} VERSION=%{fakeversion}
|
||||
%{nil}
|
||||
%endif
|
||||
|
||||
|
|
@ -103,6 +106,14 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Thu Jun 30 2022 Dan Horák <dhorak@redhat.com> - 4.0.2-1
|
||||
- updated to 4.0.2 (#2101766)
|
||||
- Resolves: #2101766
|
||||
|
||||
* Tue Mar 22 2022 Dan Horák <dhorak@redhat.com> - 4.0.1-1
|
||||
- updated to 4.0.1 (#2043843)
|
||||
- Resolves: #2043843 #2043904
|
||||
|
||||
* Tue Feb 08 2022 Dan Horák <dhorak@redhat.com> - 3.9.0-1
|
||||
- updated to 3.9.0 (#1984972)
|
||||
- Resolves: #1984972
|
||||
|
|
|
|||
Loading…
Reference in New Issue