rpms/opencryptoki
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- add verify attributes for opencryptoki.conf to ignore the verification

Browse Source 
- drop unnecessary opencryptoki-3.11.0-group.patch

Related: #2159697
This commit is contained in:
Than Ngo 2023-05-25 18:03:03 +02:00
parent 4c8aef5468
commit 5bc4f8b724
2 changed files with 6 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
opencryptoki-3.11.0-group.patch
View File

@ -1,31 +0,0 @@
diff -up opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in.me opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in
--- opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in.me 2019-01-31 10:42:23.325797012 +0100
+++ opencryptoki-3.11.0/usr/lib/api/shrd_mem.c.in 2019-01-31 10:52:17.585191667 +0100
@@ -55,9 +55,11 @@ void *attach_shared_memory()
int shmid;
char *shmp;
struct stat statbuf;
+#if 0
struct group *grp;
struct passwd *pw, *epw;
uid_t uid, euid;
+#endif
#if !(MMAP)
// Really should fstat the tok_path, since it will be the actual
@@ -69,6 +71,7 @@ void *attach_shared_memory()
return NULL;
}
+#if 0
uid = getuid();
euid = geteuid();
// only check group membership if not root user
@@ -102,6 +105,7 @@ void *attach_shared_memory()
return NULL;
}
}
+#endif
Anchor->shm_tok = ftok(TOK_PATH, 'b');

10
opencryptoki.spec
View File

@ -1,13 +1,11 @@
Name: opencryptoki Name: opencryptoki
Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0 Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0
Version: 3.21.0 Version: 3.21.0
Release: 3%{?dist} Release: 4%{?dist}
License: CPL License: CPL
Group: System Environment/Base Group: System Environment/Base
URL: https://github.com/opencryptoki/opencryptoki URL: https://github.com/opencryptoki/opencryptoki
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
# https://bugzilla.redhat.com/show_bug.cgi?id=732756
Patch0: opencryptoki-3.11.0-group.patch
# bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* # bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/*
Patch1: opencryptoki-3.11.0-lockdir.patch Patch1: opencryptoki-3.11.0-lockdir.patch
# add missing p11sak_defined_attrs.conf # add missing p11sak_defined_attrs.conf
@ -276,7 +274,7 @@ fi
%doc doc/README.token_data %doc doc/README.token_data
%doc %{_docdir}/%{name}/*.conf %doc %{_docdir}/%{name}/*.conf
%dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf %verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/p11sak_defined_attrs.conf %attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/p11sak_defined_attrs.conf
%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/strength.conf %attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/strength.conf
%{_tmpfilesdir}/%{name}.conf %{_tmpfilesdir}/%{name}.conf
@ -379,6 +377,10 @@ fi
%changelog %changelog
* Thu May 25 2023 Than Ngo <than@redhat.com> - 3.21.0-4
- add verify attributes for opencryptoki.conf to ignore the verification
Related: #2159697
* Mon May 22 2023 Than Ngo <than@redhat.com> - 3.21.0-3 * Mon May 22 2023 Than Ngo <than@redhat.com> - 3.21.0-3
- pkcsstats: Fix handling of user name - pkcsstats: Fix handling of user name
- p11sak: Fix user confirmation prompt behavior when stdin is closed - p11sak: Fix user confirmation prompt behavior when stdin is closed