Update to 0.4.0 release
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
This commit is contained in:
parent
0b183ace80
commit
bb6336e087
@ -1,7 +1,7 @@
|
||||
From 19e8c9071b3d9306ca7b7329b313b31f86c2936d Mon Sep 17 00:00:00 2001
|
||||
From: Harry Youd <harry@harryyoud.co.uk>
|
||||
Date: Wed, 31 Jul 2019 19:44:53 +0100
|
||||
Subject: [PATCH 12/12] Avoid taking pointer to packed struct
|
||||
Subject: [PATCH] Avoid taking pointer to packed struct
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
@ -1,36 +0,0 @@
|
||||
From 1313fa02a5b2bfe61ee6702696600fc148ec2d6e Mon Sep 17 00:00:00 2001
|
||||
From: Gary Ching-Pang Lin <glin@suse.com>
|
||||
Date: Tue, 4 Nov 2014 15:50:03 +0800
|
||||
Subject: [PATCH 1/7] Fix the potential buffer overflow
|
||||
|
||||
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
|
||||
---
|
||||
src/mokutil.c | 5 ++---
|
||||
1 file changed, 2 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index 5b34f22..93fb6fa 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -1743,7 +1743,7 @@ set_toggle (const char * VarName, uint32_t state)
|
||||
MokToggleVar tvar;
|
||||
char *password = NULL;
|
||||
unsigned int pw_len;
|
||||
- efi_char16_t efichar_pass[SB_PASSWORD_MAX];
|
||||
+ efi_char16_t efichar_pass[SB_PASSWORD_MAX+1];
|
||||
int ret = -1;
|
||||
|
||||
printf ("password length: %d~%d\n", SB_PASSWORD_MIN, SB_PASSWORD_MAX);
|
||||
@@ -1757,8 +1757,7 @@ set_toggle (const char * VarName, uint32_t state)
|
||||
efichar_from_char (efichar_pass, password,
|
||||
SB_PASSWORD_MAX * sizeof(efi_char16_t));
|
||||
|
||||
- memcpy(tvar.password, efichar_pass,
|
||||
- SB_PASSWORD_MAX * sizeof(efi_char16_t));
|
||||
+ memcpy(tvar.password, efichar_pass, sizeof(tvar.password));
|
||||
|
||||
tvar.mok_toggle_state = state;
|
||||
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,34 +0,0 @@
|
||||
From cdb4b6f3bfd6ada6558ddfb889e27150f0841b28 Mon Sep 17 00:00:00 2001
|
||||
From: Gary Ching-Pang Lin <glin@suse.com>
|
||||
Date: Mon, 24 Nov 2014 11:38:54 +0800
|
||||
Subject: [PATCH 2/7] Fix the 32bit signedness comparison
|
||||
|
||||
---
|
||||
src/mokutil.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index 93fb6fa..a7e83f7 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -1284,7 +1284,7 @@ issue_mok_request (char **files, uint32_t total, MokRequest req,
|
||||
|
||||
/* Mok */
|
||||
read_size = read (fd, ptr, sizes[i]);
|
||||
- if (read_size < 0 || read_size != sizes[i]) {
|
||||
+ if (read_size < 0 || read_size != (int64_t)sizes[i]) {
|
||||
fprintf (stderr, "Failed to read %s\n", files[i]);
|
||||
goto error;
|
||||
}
|
||||
@@ -1645,7 +1645,7 @@ export_moks ()
|
||||
goto error;
|
||||
}
|
||||
|
||||
- while (offset < list[i].mok_size) {
|
||||
+ while (offset < (int64_t)list[i].mok_size) {
|
||||
write_size = write (fd, list[i].mok + offset,
|
||||
list[i].mok_size - offset);
|
||||
if (write_size < 0) {
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,42 +0,0 @@
|
||||
From 9eb111a7f7b897ba4ae19a68708e010a5c384260 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 19 Jun 2015 16:53:36 -0400
|
||||
Subject: [PATCH 3/7] Build with -fshort-wchar so toggle passwords work right.
|
||||
|
||||
This source tree uses:
|
||||
|
||||
typedef wchar_t efi_char16_t;
|
||||
|
||||
to define UEFI's UCS-2 character type. On many platforms, wchar_t is
|
||||
32-bits by default. As a result, efichar_from_char winds up writing
|
||||
4-byte characters instead of 2-byte characters. In the case where we
|
||||
hash the password in mokutil, this works fine, because the same datatype
|
||||
is used, and the values are the same. But for our feature toggles,
|
||||
where we store the raw data and shim is interpretting the character
|
||||
array, every other character winds up being L'\0', and verification
|
||||
fails.
|
||||
|
||||
So always build with -fshort-wchar to ensure we get 2-byte character
|
||||
storage.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
configure.ac | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index fe28fb9..69d412a 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -37,7 +37,7 @@ else
|
||||
default_strict=no
|
||||
fi
|
||||
|
||||
-WARNINGFLAGS_C="$WARNINGFLAGS_C -std=gnu11"
|
||||
+WARNINGFLAGS_C="$WARNINGFLAGS_C -std=gnu11 -fshort-wchar"
|
||||
|
||||
AC_ARG_ENABLE(strict, AS_HELP_STRING([--enable-strict],[Enable strict compilation options]), enable_strict=$enableval,
|
||||
enable_strict=$default_strict)
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,32 +0,0 @@
|
||||
From ecc8fb0d92f0f453414a98172df22e23fb5893f5 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 16 Jun 2015 17:06:30 -0400
|
||||
Subject: [PATCH 4/7] Don't allow sha1 on the mokutil command line.
|
||||
|
||||
Related: rhbz#1115843
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
src/mokutil.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index a7e83f7..1fb34f9 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -1351,10 +1351,12 @@ identify_hash_type (const char *hash_str, efi_guid_t *type)
|
||||
}
|
||||
|
||||
switch (len) {
|
||||
+#if 0
|
||||
case SHA_DIGEST_LENGTH*2:
|
||||
*type = efi_guid_sha1;
|
||||
hash_size = SHA_DIGEST_LENGTH;
|
||||
break;
|
||||
+#endif
|
||||
case SHA224_DIGEST_LENGTH*2:
|
||||
*type = efi_guid_sha224;
|
||||
hash_size = SHA224_DIGEST_LENGTH;
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,87 +0,0 @@
|
||||
From eba569a8e6c33f07042758cbfa1706d7339464e1 Mon Sep 17 00:00:00 2001
|
||||
From: Gary Lin <glin@suse.com>
|
||||
Date: Wed, 13 Jan 2016 16:05:21 +0800
|
||||
Subject: [PATCH 5/7] Make all efi_guid_t const
|
||||
|
||||
All UEFI GUIDs defined in efivar are const. Declare all of them const
|
||||
to make gcc happy.
|
||||
|
||||
Signed-off-by: Gary Lin <glin@suse.com>
|
||||
---
|
||||
src/mokutil.c | 18 +++++++++---------
|
||||
1 file changed, 9 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index 1fb34f9..d2c52b4 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -200,7 +200,7 @@ efichar_from_char (efi_char16_t *dest, const char *src, size_t dest_len)
|
||||
}
|
||||
|
||||
static uint32_t
|
||||
-efi_hash_size (efi_guid_t *hash_type)
|
||||
+efi_hash_size (const efi_guid_t *hash_type)
|
||||
{
|
||||
if (efi_guid_cmp (hash_type, &efi_guid_sha1) == 0) {
|
||||
return SHA_DIGEST_LENGTH;
|
||||
@@ -218,7 +218,7 @@ efi_hash_size (efi_guid_t *hash_type)
|
||||
}
|
||||
|
||||
static uint32_t
|
||||
-signature_size (efi_guid_t *hash_type)
|
||||
+signature_size (const efi_guid_t *hash_type)
|
||||
{
|
||||
uint32_t hash_size;
|
||||
|
||||
@@ -439,7 +439,7 @@ list_keys (uint8_t *data, size_t data_size)
|
||||
|
||||
/* match the hash in the hash array and return the index if matched */
|
||||
static int
|
||||
-match_hash_array (efi_guid_t *hash_type, const void *hash,
|
||||
+match_hash_array (const efi_guid_t *hash_type, const void *hash,
|
||||
const void *hash_array, const uint32_t array_size)
|
||||
{
|
||||
uint32_t hash_size, hash_count;
|
||||
@@ -469,8 +469,8 @@ match_hash_array (efi_guid_t *hash_type, const void *hash,
|
||||
}
|
||||
|
||||
static int
|
||||
-delete_data_from_list (efi_guid_t *var_guid, const char *var_name,
|
||||
- efi_guid_t *type, void *data, uint32_t data_size)
|
||||
+delete_data_from_list (const efi_guid_t *var_guid, const char *var_name,
|
||||
+ const efi_guid_t *type, void *data, uint32_t data_size)
|
||||
{
|
||||
uint8_t *var_data = NULL;
|
||||
size_t var_data_size = 0;
|
||||
@@ -1006,8 +1006,8 @@ is_valid_cert (void *cert, uint32_t cert_size)
|
||||
}
|
||||
|
||||
static int
|
||||
-is_duplicate (efi_guid_t *type, const void *data, const uint32_t data_size,
|
||||
- efi_guid_t *vendor, const char *db_name)
|
||||
+is_duplicate (const efi_guid_t *type, const void *data, const uint32_t data_size,
|
||||
+ const efi_guid_t *vendor, const char *db_name)
|
||||
{
|
||||
uint8_t *var_data;
|
||||
size_t var_data_size;
|
||||
@@ -1059,7 +1059,7 @@ done:
|
||||
}
|
||||
|
||||
static int
|
||||
-is_valid_request (efi_guid_t *type, void *mok, uint32_t mok_size,
|
||||
+is_valid_request (const efi_guid_t *type, void *mok, uint32_t mok_size,
|
||||
MokRequest req)
|
||||
{
|
||||
switch (req) {
|
||||
@@ -1096,7 +1096,7 @@ is_valid_request (efi_guid_t *type, void *mok, uint32_t mok_size,
|
||||
}
|
||||
|
||||
static int
|
||||
-in_pending_request (efi_guid_t *type, void *data, uint32_t data_size,
|
||||
+in_pending_request (const efi_guid_t *type, void *data, uint32_t data_size,
|
||||
MokRequest req)
|
||||
{
|
||||
uint8_t *authvar_data;
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,37 +0,0 @@
|
||||
From b68dca2d4de779387c4b5306bb9cfc9a3bab2572 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Jun 2016 10:19:43 -0400
|
||||
Subject: [PATCH 6/7] mokutil: be explicit about file modes in all cases.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
src/mokutil.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index d2c52b4..d554f6c 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -574,7 +574,8 @@ delete_data_from_list (const efi_guid_t *var_guid, const char *var_name,
|
||||
| EFI_VARIABLE_BOOTSERVICE_ACCESS
|
||||
| EFI_VARIABLE_RUNTIME_ACCESS;
|
||||
ret = efi_set_variable (*var_guid, var_name,
|
||||
- var_data, total, attributes);
|
||||
+ var_data, total, attributes,
|
||||
+ S_IRUSR | S_IWUSR);
|
||||
if (ret < 0) {
|
||||
fprintf (stderr, "Failed to write variable \"%s\": %m\n",
|
||||
var_name);
|
||||
@@ -938,7 +939,8 @@ update_request (void *new_list, int list_len, MokRequest req,
|
||||
data_size = list_len;
|
||||
|
||||
if (efi_set_variable (efi_guid_shim, req_name,
|
||||
- data, data_size, attributes) < 0) {
|
||||
+ data, data_size, attributes,
|
||||
+ S_IRUSR | S_IWUSR) < 0) {
|
||||
switch (req) {
|
||||
case ENROLL_MOK:
|
||||
fprintf (stderr, "Failed to enroll new keys\n");
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,98 +0,0 @@
|
||||
From d16c76d139f9a9a56b49c0dd51cd9056f626031e Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Jun 2016 10:20:14 -0400
|
||||
Subject: [PATCH 7/7] Add bash completion file.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
Makefile.am | 5 +++++
|
||||
configure.ac | 17 +++++++++++++++++
|
||||
data/mokutil | 37 +++++++++++++++++++++++++++++++++++++
|
||||
3 files changed, 59 insertions(+)
|
||||
create mode 100755 data/mokutil
|
||||
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index 9f0d419..c17cc4a 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -1 +1,6 @@
|
||||
SUBDIRS = src man
|
||||
+
|
||||
+if ENABLE_BASH_COMPLETION
|
||||
+ bashcompletiondir = $(BASH_COMPLETION_DIR)
|
||||
+ dist_bashcompletion_DATA = data/mokutil
|
||||
+endif
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 69d412a..7b52a06 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -86,6 +86,23 @@ AC_CHECK_FUNCS([memset])
|
||||
PKG_CHECK_MODULES(OPENSSL, [openssl >= 0.9.8])
|
||||
PKG_CHECK_MODULES(EFIVAR, [efivar >= 0.12])
|
||||
|
||||
+AC_ARG_WITH([bash-completion-dir],
|
||||
+ AS_HELP_STRING([--with-bash-completion-dir[=PATH]],
|
||||
+ [Install the bash auto-completion script in this directory. @<:@default=yes@:>@]),
|
||||
+ [],
|
||||
+ [with_bash_completion_dir=yes])
|
||||
+
|
||||
+if test "x$with_bash_completion_dir" = "xyes"; then
|
||||
+ PKG_CHECK_MODULES([BASH_COMPLETION], [bash-completion >= 2.0],
|
||||
+ [BASH_COMPLETION_DIR="`pkg-config --variable=completionsdir bash-completion`"],
|
||||
+ [BASH_COMPLETION_DIR="$datadir/bash-completion/completions"])
|
||||
+else
|
||||
+ BASH_COMPLETION_DIR="$with_bash_completion_dir"
|
||||
+fi
|
||||
+
|
||||
+AC_SUBST([BASH_COMPLETION_DIR])
|
||||
+AM_CONDITIONAL([ENABLE_BASH_COMPLETION],[test "x$with_bash_completion_dir" != "xno"])
|
||||
+
|
||||
AC_CONFIG_FILES([Makefile
|
||||
src/Makefile
|
||||
man/Makefile])
|
||||
diff --git a/data/mokutil b/data/mokutil
|
||||
new file mode 100755
|
||||
index 0000000..800b039
|
||||
--- /dev/null
|
||||
+++ b/data/mokutil
|
||||
@@ -0,0 +1,37 @@
|
||||
+#!/bin/bash
|
||||
+
|
||||
+_mokutil()
|
||||
+{
|
||||
+ local cur=${COMP_WORDS[COMP_CWORD]}
|
||||
+
|
||||
+ if [[ "$cur" == -* ]]; then
|
||||
+ #COMPREPLY=( $( compgen -W "--help --list-enrolled --list-new --list-delete --import --delete --revoke-import --revoke-delete --export --password --clear-password --disable-validation --enable-validation --sb-state --test-key --reset --generate-hash --hash-file --root-pw --simple-hash" -- $cur ) )
|
||||
+ COMPREPLY=( $( compgen -W '$( _parse_help "$1" --long-help ) -h -l -N -D -i -d -x -p -c -t -f -g -P -s -X' -- "$cur" ) )
|
||||
+ [[ $COMPREPLY == *= ]] && compopt -o nospace
|
||||
+ return 0
|
||||
+ fi
|
||||
+
|
||||
+ case "${COMP_WORDS[COMP_CWORD-1]}" in
|
||||
+ --import|-i|--delete|-d|--test-key|-t|--hash-file|-f)
|
||||
+ _filedir
|
||||
+ return 0
|
||||
+ ;;
|
||||
+ --import-hash|--delete-hash)
|
||||
+ COMPREPLY=( $( compgen -W "" ) )
|
||||
+ return 0
|
||||
+ ;;
|
||||
+ --set-verbosity)
|
||||
+ COMPREPLY=( $( compgen -W "true false") )
|
||||
+ return 0
|
||||
+ ;;
|
||||
+ --generate-hash|-g)
|
||||
+ COMPREPLY=( $( compgen -o nospace -P= -W "") )
|
||||
+ return 0
|
||||
+ ;;
|
||||
+ *)
|
||||
+ return 0
|
||||
+ ;;
|
||||
+ esac
|
||||
+}
|
||||
+
|
||||
+complete -F _mokutil mokutil
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,102 +0,0 @@
|
||||
From 385a7dd63fad61a28e38444da797d947f1c79623 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 15 May 2018 11:20:15 -0400
|
||||
Subject: [PATCH 01/12] generate_hash() / generate_pw_hash(): don't use
|
||||
strlen() for strncpy bounds
|
||||
|
||||
New gcc rightly comlplains when we do the following:
|
||||
|
||||
strncpy (dest, src, strlen(src));
|
||||
|
||||
For two reasons:
|
||||
a) it doesn't copy the NUL byte
|
||||
b) it's otherwise the same thing strcpy() would have done
|
||||
|
||||
This patch replaces that with stpncpy (just because it's slightly easier
|
||||
to use) and the real bounds for the destination.
|
||||
|
||||
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
---
|
||||
src/mokutil.c | 34 +++++++++++++++++++++++-----------
|
||||
1 file changed, 23 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||
index 6e9a342..6e31e2d 100644
|
||||
--- a/src/mokutil.c
|
||||
+++ b/src/mokutil.c
|
||||
@@ -766,9 +766,10 @@ generate_hash (pw_crypt_t *pw_crypt, char *password, unsigned int pw_len)
|
||||
{
|
||||
pw_crypt_t new_crypt;
|
||||
char settings[SETTINGS_LEN];
|
||||
+ char *next;
|
||||
char *crypt_string;
|
||||
const char *prefix;
|
||||
- int hash_len, prefix_len;
|
||||
+ int hash_len, settings_len = sizeof (settings) - 2;
|
||||
|
||||
if (!password || !pw_crypt || password[pw_len] != '\0')
|
||||
return -1;
|
||||
@@ -776,15 +777,19 @@ generate_hash (pw_crypt_t *pw_crypt, char *password, unsigned int pw_len)
|
||||
prefix = get_crypt_prefix (pw_crypt->method);
|
||||
if (!prefix)
|
||||
return -1;
|
||||
- prefix_len = strlen(prefix);
|
||||
|
||||
pw_crypt->salt_size = get_salt_size (pw_crypt->method);
|
||||
generate_salt ((char *)pw_crypt->salt, pw_crypt->salt_size);
|
||||
|
||||
- strncpy (settings, prefix, prefix_len);
|
||||
- strncpy (settings + prefix_len, (const char *)pw_crypt->salt,
|
||||
- pw_crypt->salt_size);
|
||||
- settings[pw_crypt->salt_size + prefix_len] = '\0';
|
||||
+ memset (settings, 0, sizeof (settings));
|
||||
+ next = stpncpy (settings, prefix, settings_len);
|
||||
+ if (pw_crypt->salt_size > settings_len - (next - settings)) {
|
||||
+ errno = EOVERFLOW;
|
||||
+ return -1;
|
||||
+ }
|
||||
+ next = stpncpy (next, (const char *)pw_crypt->salt,
|
||||
+ pw_crypt->salt_size);
|
||||
+ *next = '\0';
|
||||
|
||||
crypt_string = crypt (password, settings);
|
||||
if (!crypt_string)
|
||||
@@ -1931,10 +1936,11 @@ static int
|
||||
generate_pw_hash (const char *input_pw)
|
||||
{
|
||||
char settings[SETTINGS_LEN];
|
||||
+ char *next;
|
||||
char *password = NULL;
|
||||
char *crypt_string;
|
||||
const char *prefix;
|
||||
- int prefix_len;
|
||||
+ int settings_len = sizeof (settings) - 2;
|
||||
unsigned int pw_len, salt_size;
|
||||
|
||||
if (input_pw) {
|
||||
@@ -1960,12 +1966,18 @@ generate_pw_hash (const char *input_pw)
|
||||
prefix = get_crypt_prefix (DEFAULT_CRYPT_METHOD);
|
||||
if (!prefix)
|
||||
return -1;
|
||||
- prefix_len = strlen(prefix);
|
||||
|
||||
- strncpy (settings, prefix, prefix_len);
|
||||
+ memset (settings, 0, sizeof (settings));
|
||||
+ next = stpncpy (settings, prefix, settings_len);
|
||||
salt_size = get_salt_size (DEFAULT_CRYPT_METHOD);
|
||||
- generate_salt ((settings + prefix_len), salt_size);
|
||||
- settings[DEFAULT_SALT_SIZE + prefix_len] = '\0';
|
||||
+ if (salt_size > settings_len - (next - settings)) {
|
||||
+ free(password);
|
||||
+ errno = EOVERFLOW;
|
||||
+ return -1;
|
||||
+ }
|
||||
+ generate_salt (next, salt_size);
|
||||
+ next += salt_size;
|
||||
+ *next = '\0';
|
||||
|
||||
crypt_string = crypt (password, settings);
|
||||
free (password);
|
||||
--
|
||||
2.21.0
|
||||
|
19
mokutil.spec
19
mokutil.spec
@ -1,6 +1,6 @@
|
||||
Name: mokutil
|
||||
Version: 0.3.0
|
||||
Release: 15%{?dist}
|
||||
Version: 0.4.0
|
||||
Release: 1%{?dist}
|
||||
Epoch: 2
|
||||
Summary: Tool to manage UEFI Secure Boot MoK Keys
|
||||
License: GPLv3+
|
||||
@ -13,16 +13,8 @@ Source0: https://github.com/lcp/mokutil/archive/%{version}.tar.gz
|
||||
Conflicts: shim < 0.8-1%{?dist}
|
||||
Obsoletes: mokutil < 0.2.0
|
||||
|
||||
Patch0001: 0001-Fix-the-potential-buffer-overflow.patch
|
||||
Patch0002: 0002-Fix-the-32bit-signedness-comparison.patch
|
||||
Patch0003: 0003-Build-with-fshort-wchar-so-toggle-passwords-work-rig.patch
|
||||
Patch0004: 0004-Don-t-allow-sha1-on-the-mokutil-command-line.patch
|
||||
Patch0005: 0005-Make-all-efi_guid_t-const.patch
|
||||
Patch0006: 0006-mokutil-be-explicit-about-file-modes-in-all-cases.patch
|
||||
Patch0007: 0007-Add-bash-completion-file.patch
|
||||
Patch0008: 0008-generate_hash-generate_pw_hash-don-t-use-strlen-for-.patch
|
||||
Patch0009: 0009-Avoid-taking-pointer-to-packed-struct.patch
|
||||
Patch0010: 0010-Fix-a-integer-comparison-sign-issue.patch
|
||||
Patch0001: 0001-Avoid-taking-pointer-to-packed-struct.patch
|
||||
Patch0002: 0002-Fix-a-integer-comparison-sign-issue.patch
|
||||
|
||||
%description
|
||||
mokutil provides a tool to manage keys for Secure Boot through the MoK
|
||||
@ -57,6 +49,9 @@ make PREFIX=%{_prefix} LIBDIR=%{_libdir} DESTDIR=%{buildroot} install
|
||||
%{_datadir}/bash-completion/completions/mokutil
|
||||
|
||||
%changelog
|
||||
* Thu Jun 11 2020 Javier Martinez Canillas <javierm@redhat.com> - 0.4.0-1
|
||||
- Update to 0.4.0 release
|
||||
|
||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:0.3.0-15
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user