Add pkcs11 support
Fix broken libsofthsm2.so detection in the test on i686 arch Add missing bugzilla references from rebase commit Related: rhbz#2026449 Resolves: rhbz#1977913, rhbz#1975500 Signed-off-by: Norbert Pocs <npocs@redhat.com>
This commit is contained in:
		
							parent
							
								
									ed3909edd6
								
							
						
					
					
						commit
						4c5d5408bf
					
				
							
								
								
									
										14
									
								
								libssh.spec
									
									
									
									
									
								
							
							
						
						
									
										14
									
								
								libssh.spec
									
									
									
									
									
								
							| @ -1,6 +1,6 @@ | ||||
| Name:           libssh | ||||
| Version:        0.10.4 | ||||
| Release:        2%{?dist} | ||||
| Release:        3%{?dist} | ||||
| Summary:        A library implementing the SSH protocol | ||||
| License:        LGPLv2+ | ||||
| URL:            http://www.libssh.org | ||||
| @ -15,6 +15,7 @@ BuildRequires:  cmake | ||||
| BuildRequires:  gcc-c++ | ||||
| BuildRequires:  gnupg2 | ||||
| BuildRequires:  openssl-devel | ||||
| BuildRequires:  openssl-pkcs11 | ||||
| BuildRequires:  pkgconfig | ||||
| BuildRequires:  zlib-devel | ||||
| BuildRequires:  krb5-devel | ||||
| @ -26,6 +27,8 @@ BuildRequires:  uid_wrapper | ||||
| BuildRequires:  openssh-clients | ||||
| BuildRequires:  openssh-server | ||||
| BuildRequires:  nmap-ncat | ||||
| BuildRequires:  softhsm | ||||
| BuildRequires:  gnutls-utils | ||||
| 
 | ||||
| Requires:       %{name}-config = %{version}-%{release} | ||||
| Requires:       crypto-policies | ||||
| @ -37,6 +40,7 @@ Provides: libssh_threads.so.4 | ||||
| %endif | ||||
| 
 | ||||
| Patch1: coverity_scan.patch | ||||
| Patch2: pkcs11_test_fix.patch | ||||
| 
 | ||||
| %description | ||||
| The ssh library was designed to be used by programmers needing a working SSH | ||||
| @ -71,6 +75,7 @@ gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0} | ||||
|     -DUNIT_TESTING=ON \ | ||||
|     -DCLIENT_TESTING=ON \ | ||||
|     -DSERVER_TESTING=ON \ | ||||
|     -DWITH_PKCS11_URI=ON \ | ||||
|     -DGLOBAL_CLIENT_CONFIG="%{_sysconfdir}/libssh/libssh_client.config" \ | ||||
|     -DGLOBAL_BIND_CONFIG="%{_sysconfdir}/libssh/libssh_server.config" | ||||
| 
 | ||||
| @ -128,6 +133,13 @@ popd | ||||
| %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config | ||||
| 
 | ||||
| %changelog | ||||
| * Tue Oct 4 2022 Norbert Pocs <npocs@redhat.com> - 0.10.4-3 | ||||
| - Enable pkcs11 support | ||||
| - Fix broken libsofthsm path on i686 | ||||
| - Add missing bugzilla references from the rebase commit | ||||
| - Related: rhbz#2026449 | ||||
| - Resolves: rhbz#1977913, rhbz#1975500 | ||||
| 
 | ||||
| * Tue Sep 27 2022 Norbert Pocs <npocs@redhat.com> - 0.10.4-2 | ||||
| - Fix coverity scan issues | ||||
| - Resolves: rhbz#2130126 | ||||
|  | ||||
							
								
								
									
										42
									
								
								pkcs11_test_fix.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								pkcs11_test_fix.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,42 @@ | ||||
| diff --git a/tests/pkcs11/setup-softhsm-tokens.sh b/tests/pkcs11/setup-softhsm-tokens.sh
 | ||||
| index 532c86a7..8a15c2e9 100755
 | ||||
| --- a/tests/pkcs11/setup-softhsm-tokens.sh
 | ||||
| +++ b/tests/pkcs11/setup-softhsm-tokens.sh
 | ||||
| @@ -41,8 +41,27 @@ if [ $ret -ne 0 ]; then
 | ||||
|      exit 1 | ||||
|  fi | ||||
|   | ||||
| +find_library_path() {
 | ||||
| +    echo "$@"
 | ||||
| +    for _lib in "$@" ; do
 | ||||
| +        if test -f "$_lib" ; then
 | ||||
| +            LIBSOFTHSM_PATH="$_lib"
 | ||||
| +            echo "Using libsofthsm path: $_lib"
 | ||||
| +            return
 | ||||
| +        fi
 | ||||
| +    done
 | ||||
| +    echo "libsofthsm2.so not found"
 | ||||
| +    exit 1
 | ||||
| +}
 | ||||
| +
 | ||||
| +find_library_path \
 | ||||
| +    /usr/lib64/libsofthsm2.so \
 | ||||
| +    /usr/lib/libsofthsm2.so \
 | ||||
| +    /usr/local/lib/softhsm/libsofthsm2.so \
 | ||||
| +    /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
 | ||||
| +
 | ||||
|  #load private key | ||||
| -cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-privkey "$PRIVKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
 | ||||
| +cmd='p11tool --provider $LIBSOFTHSM_PATH --write --load-privkey "$PRIVKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
 | ||||
|  eval echo "$cmd" | ||||
|  out=$(eval $cmd) | ||||
|  ret=$? | ||||
| @@ -58,7 +77,7 @@ ls -l $TESTDIR
 | ||||
|   | ||||
|  if [ $LOADPUBLIC -ne 0 ]; then | ||||
|  #load public key | ||||
| -    cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-pubkey "$PUBKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
 | ||||
| +    cmd='p11tool --provider $LIBSOFTHSM_PATH --write --load-pubkey "$PUBKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
 | ||||
|      eval echo "$cmd" | ||||
|      out=$(eval $cmd) | ||||
|      ret=$? | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user