From dbbdcdacbe73c9a69b90b1ddad2df1fc7a14afda Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Thu, 19 May 2022 13:57:07 +0200
Subject: [PATCH] SELinux userspace 3.4 release

---
 .gitignore                            |  1 +
 0001-Use-SHA-2-instead-of-SHA-1.patch | 32 +++++++++++++--------------
 libselinux.spec                       | 13 ++++++-----
 sources                               |  2 +-
 4 files changed, 26 insertions(+), 22 deletions(-)

diff --git a/.gitignore b/.gitignore
index c824162..e9d2dad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -224,3 +224,4 @@ libselinux-2.0.96.tgz
 /libselinux-3.4-rc1.tar.gz
 /libselinux-3.4-rc2.tar.gz
 /libselinux-3.4-rc3.tar.gz
+/libselinux-3.4.tar.gz
diff --git a/0001-Use-SHA-2-instead-of-SHA-1.patch b/0001-Use-SHA-2-instead-of-SHA-1.patch
index 57070e7..1ab5f13 100644
--- a/0001-Use-SHA-2-instead-of-SHA-1.patch
+++ b/0001-Use-SHA-2-instead-of-SHA-1.patch
@@ -1,4 +1,4 @@
-From a6529e0fb5b3f385a3f4239d977da0491a1687ec Mon Sep 17 00:00:00 2001
+From ff417d9a70e6d6ee40176b184ea7b67ee3f2355b Mon Sep 17 00:00:00 2001
 From: Petr Lautrbach <plautrba@redhat.com>
 Date: Fri, 30 Jul 2021 14:14:37 +0200
 Subject: [PATCH] Use SHA-2 instead of SHA-1
@@ -365,7 +365,7 @@ index 54fd49a5b7b9..4003eb8dc7af 100644
  	digest->hashbuf = NULL;
  	return;
 diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
-index e61929120a74..b77b3bc5639f 100644
+index 9dd6be817832..dc222b425c95 100644
 --- a/libselinux/src/selinux_restorecon.c
 +++ b/libselinux/src/selinux_restorecon.c
 @@ -37,7 +37,7 @@
@@ -377,16 +377,16 @@ index e61929120a74..b77b3bc5639f 100644
  
  #define STAR_COUNT 1024
  
-@@ -298,7 +298,7 @@ static int exclude_non_seclabel_mounts(void)
+@@ -305,7 +305,7 @@ static uint64_t exclude_non_seclabel_mounts(void)
  static int add_xattr_entry(const char *directory, bool delete_nonmatch,
  			   bool delete_all)
  {
 -	char *sha1_buf = NULL;
 +	char *sha256_buf = NULL;
  	size_t i, digest_len = 0;
- 	int rc, digest_result;
- 	bool match;
-@@ -321,15 +321,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+ 	int rc;
+ 	enum digest_result digest_result;
+@@ -329,15 +329,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
  	}
  
  	/* Convert entry to a hex encoded string. */
@@ -405,7 +405,7 @@ index e61929120a74..b77b3bc5639f 100644
  
  	digest_result = match ? MATCH : NOMATCH;
  
-@@ -349,7 +349,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+@@ -357,7 +357,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
  	/* Now add entries to link list. */
  	new_entry = malloc(sizeof(struct dir_xattr));
  	if (!new_entry) {
@@ -414,7 +414,7 @@ index e61929120a74..b77b3bc5639f 100644
  		goto oom;
  	}
  	new_entry->next = NULL;
-@@ -357,15 +357,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+@@ -365,15 +365,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
  	new_entry->directory = strdup(directory);
  	if (!new_entry->directory) {
  		free(new_entry);
@@ -433,7 +433,7 @@ index e61929120a74..b77b3bc5639f 100644
  		goto oom;
  	}
  
-@@ -379,7 +379,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+@@ -387,7 +387,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
  		dir_xattr_last = new_entry;
  	}
  
@@ -442,7 +442,7 @@ index e61929120a74..b77b3bc5639f 100644
  	return 0;
  
  oom:
-@@ -759,7 +759,7 @@ err:
+@@ -781,7 +781,7 @@ err:
  
  struct dir_hash_node {
  	char *path;
@@ -451,7 +451,7 @@ index e61929120a74..b77b3bc5639f 100644
  	struct dir_hash_node *next;
  };
  /*
-@@ -1249,7 +1249,7 @@ static int selinux_restorecon_common(const char *pathname_orig,
+@@ -1270,7 +1270,7 @@ static int selinux_restorecon_common(const char *pathname_orig,
  			if (setxattr(current->path,
  			    RESTORECON_PARTIAL_MATCH_DIGEST,
  			    current->digest,
@@ -1173,7 +1173,7 @@ index 000000000000..406ed869cd82
 +        SHA256_HASH*        Digest          // [in]
 +    );
 diff --git a/libselinux/utils/selabel_digest.c b/libselinux/utils/selabel_digest.c
-index 49408a0ba8d8..67befadd23c5 100644
+index 6a8313a2c88d..a69331f1c6b5 100644
 --- a/libselinux/utils/selabel_digest.c
 +++ b/libselinux/utils/selabel_digest.c
 @@ -15,8 +15,8 @@ static __attribute__ ((__noreturn__)) void usage(const char *progname)
@@ -1254,7 +1254,7 @@ index 49408a0ba8d8..67befadd23c5 100644
  	selabel_close(hnd);
  	return rc;
 diff --git a/libselinux/utils/selabel_get_digests_all_partial_matches.c b/libselinux/utils/selabel_get_digests_all_partial_matches.c
-index e28833d2ce97..900f018c0091 100644
+index c4e0f836b260..80723f714264 100644
 --- a/libselinux/utils/selabel_get_digests_all_partial_matches.c
 +++ b/libselinux/utils/selabel_get_digests_all_partial_matches.c
 @@ -18,8 +18,8 @@ static __attribute__ ((__noreturn__)) void usage(const char *progname)
@@ -1277,7 +1277,7 @@ index e28833d2ce97..900f018c0091 100644
  
  	struct selabel_handle *hnd;
  	struct selinux_opt selabel_option[] = {
-@@ -105,27 +105,27 @@ int main(int argc, char **argv)
+@@ -106,27 +106,27 @@ int main(int argc, char **argv)
  							 &xattr_digest,
  							 &digest_len);
  
@@ -1311,7 +1311,7 @@ index e28833d2ce97..900f018c0091 100644
  					       ftsent->fts_path);
  					printf("as file_context entry is \"<<none>>\"\n");
  					goto cleanup;
-@@ -135,25 +135,25 @@ int main(int argc, char **argv)
+@@ -136,25 +136,25 @@ int main(int argc, char **argv)
  				       ftsent->fts_path);
  
  				for (i = 0; i < digest_len; i++)
@@ -1343,5 +1343,5 @@ index e28833d2ce97..900f018c0091 100644
  		}
  		default:
 -- 
-2.36.0
+2.36.1
 
diff --git a/libselinux.spec b/libselinux.spec
index d77dd07..54c4be6 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -1,19 +1,19 @@
 %define ruby_inc %(pkg-config --cflags ruby)
-%define libsepolver 3.4-0
+%define libsepolver 3.4-1
 
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 3.4
-Release: 0.rc3.1%{?dist}
+Release: 1%{?dist}
 License: Public Domain
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4-rc3/libselinux-3.4-rc3.tar.gz
+Source0: https://github.com/SELinuxProject/selinux/releases/download/3.4/libselinux-3.4.tar.gz
 Source1: selinuxconlist.8
 Source2: selinuxdefcon.8
 Url: https://github.com/SELinuxProject/selinux/wiki
 # $ git clone https://github.com/fedora-selinux/selinux.git
 # $ cd selinux
-# $ git format-patch -N 3.4-rc3 -- libselinux
+# $ git format-patch -N 3.4 -- libselinux
 # $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
 # Patch list start
 Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch
@@ -87,7 +87,7 @@ The libselinux-static package contains the static libraries
 needed for developing SELinux applications. 
 
 %prep
-%autosetup -p 2 -n libselinux-%{version}-rc3
+%autosetup -p 2 -n libselinux-%{version}
 
 %build
 export DISABLE_RPM="y"
@@ -213,6 +213,9 @@ rm -f %{buildroot}%{_mandir}/man8/togglesebool*
 %{ruby_vendorarchdir}/selinux.so
 
 %changelog
+* Thu May 19 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-1
+- SELinux userspace 3.4 release
+
 * Tue May 10 2022 Petr Lautrbach <plautrba@redhat.com> - 3.4-0.rc3.1
 - SELinux userspace 3.4-rc3 release
 
diff --git a/sources b/sources
index 9bc934c..7d10b82 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (libselinux-3.4-rc3.tar.gz) = 588d46ee7be688df31daea2280a8e98aa968b1ca07f9a2bf4034bc0dee0d7b0872286e3355538c52bb0179948891a4b26400d7ad8c4abbe84f4698846d56affd
+SHA512 (libselinux-3.4.tar.gz) = 7ffa6d2159d2333d836bde3f75dfc78a278283b66ae1e441c178371adb6f463aa6f2d62439079e2068d1135c39dd2b367b001d917c0bdc6871a73630919ef81e