From a2a03ff3ae60831c9d118bfe28c2b15b9a34fa7e Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Tue, 22 Dec 2020 11:02:11 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/opencryptoki.git#a9de92bcdaeff132c3b00e3de0d8d0af6ce3122e --- ...ndling_for_p11sak_remove-key_command.patch | 118 ++++++++++++++++++ ...yptoki-3.15.1-fix_compiling_with_c++.patch | 13 ++ opencryptoki.spec | 14 ++- 3 files changed, 144 insertions(+), 1 deletion(-) create mode 100644 opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch create mode 100644 opencryptoki-3.15.1-fix_compiling_with_c++.patch diff --git a/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch b/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch new file mode 100644 index 0000000..05ac844 --- /dev/null +++ b/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch @@ -0,0 +1,118 @@ +diff -up opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c.orig opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c +--- opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c.orig 2020-11-26 13:25:41.679655774 +0100 ++++ opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c 2020-11-26 13:26:00.170892352 +0100 +@@ -2192,10 +2192,8 @@ static CK_RV confirm_destroy(char **user + while (1){ + nread = getline(user_input, &buflen, stdin); + if (nread == -1) { +- printf("User input failed (error code 0x%lX: %s)\n", +- rc, p11_get_ckr(rc)); +- rc = -1; +- return rc; ++ printf("User input: EOF\n"); ++ return CKR_CANCEL; + } + + if (user_input_ok(*user_input)) { +@@ -2210,17 +2208,16 @@ static CK_RV confirm_destroy(char **user + return rc; + } + +- + static CK_RV finalize_destroy_object(char *label, CK_SESSION_HANDLE *session, +- CK_OBJECT_HANDLE *hkey) ++ CK_OBJECT_HANDLE *hkey, CK_BBOOL *boolDestroyFlag) + { + char *user_input = NULL; + CK_RV rc = CKR_OK; + + rc = confirm_destroy(&user_input, label); + if (rc != CKR_OK) { +- printf("User input failed (error code 0x%lX: %s)\n", +- rc, p11_get_ckr(rc)); ++ printf("Skip deleting Key. User input %s\n", p11_get_ckr(rc)); ++ rc = CKR_CANCEL; + goto done; + } + +@@ -2232,9 +2229,11 @@ static CK_RV finalize_destroy_object(cha + label, rc, p11_get_ckr(rc)); + goto done; + } ++ *boolDestroyFlag = CK_TRUE; + printf("DONE - Destroy Object with Label: %s\n", label); + } else if (strncmp(user_input, "n", 1) == 0) { + printf("Skip deleting Key\n"); ++ *boolDestroyFlag = CK_FALSE; + } else { + printf("Please just enter (y) for yes or (n) for no.\n"); + } +@@ -2254,6 +2253,8 @@ static CK_RV delete_key(CK_SESSION_HANDL + CK_OBJECT_HANDLE hkey; + char *keytype = NULL; + char *label = NULL; ++ CK_BBOOL boolDestroyFlag = CK_FALSE; ++ CK_BBOOL boolSkipFlag = CK_FALSE; + CK_RV rc = CKR_OK; + + rc = tok_key_list_init(session, kt, label); +@@ -2290,6 +2291,7 @@ static CK_RV delete_key(CK_SESSION_HANDL + if (*forceAll) { + if ((strcmp(rm_label, "") == 0) || (strcmp(rm_label, label) == 0)) { + printf("Destroy Object with Label: %s\n", label); ++ + rc = funcs->C_DestroyObject(session, hkey); + if (rc != CKR_OK) { + printf( +@@ -2297,14 +2299,18 @@ static CK_RV delete_key(CK_SESSION_HANDL + label, rc, p11_get_ckr(rc)); + goto done; + } +- printf("DONE - Destroy Object with Label: %s\n", label); ++ boolDestroyFlag = CK_TRUE; + } + } else { + if ((strcmp(rm_label, "") == 0) || (strcmp(rm_label, label) == 0)) { +- rc = finalize_destroy_object(label, &session, &hkey); ++ rc = finalize_destroy_object(label, &session, &hkey, &boolDestroyFlag); + if (rc != CKR_OK) { + goto done; + } ++ ++ if (!boolDestroyFlag) { ++ boolSkipFlag = CK_TRUE; ++ } + } + } + +@@ -2321,6 +2327,16 @@ static CK_RV delete_key(CK_SESSION_HANDL + + done: + ++ if (strlen(rm_label) > 0) { ++ if (boolDestroyFlag) { ++ printf("Object with Label: %s found and destroyed \n", rm_label); ++ } else if (boolSkipFlag) { ++ printf("Object with Label: %s not deleted\n", rm_label); ++ } else if (rc == CKR_OK) { ++ printf("Object with Label: %s not found\n", rm_label); ++ } ++ } ++ + if (rc != CKR_OK) { + free(label); + free(keytype); +@@ -2494,8 +2510,11 @@ int main(int argc, char *argv[]) + /* Execute command */ + rc = execute_cmd(session, slot, cmd, kt, keylength, exponent, ECcurve, + label, attr_string, long_print, &forceAll); +- if (rc != CKR_OK) { +- printf("Failed to execute p11sak command (error code 0x%lX: %s)\n", rc, ++ if (rc == CKR_CANCEL) { ++ printf("Cancel execution: p11sak %s command (error code 0x%lX: %s)\n", cmd2str(cmd), rc, ++ p11_get_ckr(rc)); ++ } else if (rc != CKR_OK) { ++ printf("Failed to execute p11sak %s command (error code 0x%lX: %s)\n", cmd2str(cmd), rc, + p11_get_ckr(rc)); + goto done; + } diff --git a/opencryptoki-3.15.1-fix_compiling_with_c++.patch b/opencryptoki-3.15.1-fix_compiling_with_c++.patch new file mode 100644 index 0000000..9f590e0 --- /dev/null +++ b/opencryptoki-3.15.1-fix_compiling_with_c++.patch @@ -0,0 +1,13 @@ +diff -up opencryptoki-3.15.1/usr/include/pkcs11types.h.me opencryptoki-3.15.1/usr/include/pkcs11types.h +--- opencryptoki-3.15.1/usr/include/pkcs11types.h.me 2020-11-26 18:33:58.707979547 +0100 ++++ opencryptoki-3.15.1/usr/include/pkcs11types.h 2020-11-26 18:35:22.428095872 +0100 +@@ -1483,7 +1483,7 @@ typedef CK_FUNCTION_LIST_3_0_PTR CK_PTR + + typedef struct CK_IBM_FUNCTION_LIST_1_0 CK_IBM_FUNCTION_LIST_1_0; + typedef struct CK_IBM_FUNCTION_LIST_1_0 CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR; +-typedef struct CK_IBM_FUNCTION_LIST_1_0_PTR CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR_PTR; ++typedef CK_IBM_FUNCTION_LIST_1_0_PTR CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR_PTR; + + typedef CK_RV (CK_PTR CK_C_Initialize) (CK_VOID_PTR pReserved); + typedef CK_RV (CK_PTR CK_C_Finalize) (CK_VOID_PTR pReserved); +diff -up opencryptoki-3.15.1/usr/sbin/pkcstok_migrate/pkcstok_migrate.c.me opencryptoki-3.15.1/usr/sbin/pkcstok_migrate/pkcstok_migrate.c diff --git a/opencryptoki.spec b/opencryptoki.spec index 69511f0..7e61b85 100644 --- a/opencryptoki.spec +++ b/opencryptoki.spec @@ -1,7 +1,7 @@ Name: opencryptoki Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11 Version: 3.15.1 -Release: 1%{?dist} +Release: 2%{?dist} License: CPL URL: https://github.com/opencryptoki/opencryptoki Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz @@ -15,6 +15,12 @@ Patch1: opencryptoki-3.11.0-lockdir.patch # Use --no-undefined to debug missing symbols #Patch100: %%{name}-3.2-no-undefined.patch +# upstream fixes +# https://github.com/opencryptoki/opencryptoki/commit/eef7049ce857ee5d5ec64e369a10e05e8bb5c4dd +Patch200: opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch +# https://github.com/opencryptoki/opencryptoki/commit/2d16f003911ceee50967546f4b3c7cac2db9ba86 +Patch201: opencryptoki-3.15.1-fix_compiling_with_c++.patch + Requires(pre): coreutils BuildRequires: gcc BuildRequires: openssl-devel @@ -25,6 +31,7 @@ BuildRequires: bison flex BuildRequires: systemd BuildRequires: libitm-devel BuildRequires: expect +BuildRequires: make %ifarch s390 s390x BuildRequires: libica-devel >= 2.3 %endif @@ -309,6 +316,11 @@ fi %changelog +* Tue Dec 22 2020 Than Ngo - 3.15.1-2 +- Fix compiling with c++ +- Added error message handling for p11sak remove-key command +- Add BR on make + * Mon Nov 02 2020 Than Ngo - 3.15.1-1 - Rebase to 3.15.1