import opencryptoki-3.16.0-4.el8
This commit is contained in:
parent
cb6b49e5e0
commit
bd874b55c0
|
@ -0,0 +1,106 @@
|
||||||
|
commit 5951869263b556280da53498270cf4826f779c5b
|
||||||
|
Author: Ingo Franzki <ifranzki@linux.ibm.com>
|
||||||
|
Date: Tue Jul 13 09:05:22 2021 +0200
|
||||||
|
|
||||||
|
pkcstok_migrate: Fix detection if pkcsslotd is still running
|
||||||
|
|
||||||
|
Change the code to use the pid file that pkcsslotd creates, and check
|
||||||
|
if the process with the pid contained in the pid file still exists and
|
||||||
|
runs pkcsslotd.
|
||||||
|
|
||||||
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
||||||
|
|
||||||
|
diff --git a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
|
||||||
|
index 05081aff..a29dc8f7 100644
|
||||||
|
--- a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
|
||||||
|
+++ b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
|
||||||
|
@@ -2474,54 +2474,53 @@ static CK_RV backup_repository(const char *data_store)
|
||||||
|
*/
|
||||||
|
static CK_BBOOL pkcsslotd_running(void)
|
||||||
|
{
|
||||||
|
- DIR *dir;
|
||||||
|
FILE *fp;
|
||||||
|
- struct dirent* ent;
|
||||||
|
char* endptr;
|
||||||
|
- char buf[PATH_MAX];
|
||||||
|
+ long lpid;
|
||||||
|
char fname[PATH_MAX];
|
||||||
|
+ char buf[PATH_MAX];
|
||||||
|
+ char* first;
|
||||||
|
|
||||||
|
TRACE_INFO("Checking if pkcsslotd is running ...\n");
|
||||||
|
- if (!(dir = opendir("/proc"))) {
|
||||||
|
- TRACE_WARN("Cannot open /proc, i.e. cannot check if pkcsslotd is running.\n");
|
||||||
|
- return CK_TRUE;
|
||||||
|
+
|
||||||
|
+ fp = fopen(PID_FILE_PATH, "r");
|
||||||
|
+ if (fp == NULL) {
|
||||||
|
+ TRACE_INFO("Pid file '%s' not existent, pkcsslotd is not running\n",
|
||||||
|
+ PID_FILE_PATH);
|
||||||
|
+ return CK_FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
- while ((ent = readdir(dir)) != NULL) {
|
||||||
|
- /* if endptr is not a null character, the directory is not
|
||||||
|
- * entirely numeric, so ignore it */
|
||||||
|
- long lpid = strtol(ent->d_name, &endptr, 10);
|
||||||
|
- if (*endptr != '\0') {
|
||||||
|
- continue;
|
||||||
|
- }
|
||||||
|
+ if (fgets(buf, sizeof(buf), fp) == NULL) {
|
||||||
|
+ TRACE_WARN("Cannot read pid file '%s': %s\n", PID_FILE_PATH,
|
||||||
|
+ strerror(errno));
|
||||||
|
+ fclose(fp);
|
||||||
|
+ return CK_FALSE;
|
||||||
|
+ }
|
||||||
|
+ fclose(fp);
|
||||||
|
|
||||||
|
- /* try to open the cmdline file */
|
||||||
|
- snprintf(fname, sizeof(fname), "/proc/%ld/cmdline", lpid);
|
||||||
|
- fp = fopen(fname, "r");
|
||||||
|
- if (!fp) {
|
||||||
|
- warnx("fopen(%s) failed, errno=%s", fname, strerror(errno));
|
||||||
|
- return CK_TRUE;
|
||||||
|
- }
|
||||||
|
+ lpid = strtol(buf, &endptr, 10);
|
||||||
|
+ if (*endptr != '\0' && *endptr != '\n') {
|
||||||
|
+ TRACE_WARN("Failed to parse pid file '%s': %s\n", PID_FILE_PATH,
|
||||||
|
+ buf);
|
||||||
|
+ return CK_FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- /* check the first token in the file: the program pathname */
|
||||||
|
- if (fgets(buf, sizeof(buf), fp) != NULL) {
|
||||||
|
- char* first = strtok(buf, " ");
|
||||||
|
- if (!first) {
|
||||||
|
- TRACE_WARN("Cannot read program name from %s, i.e. cannot check if pkcsslotd is running.\n",
|
||||||
|
- fname);
|
||||||
|
- return CK_TRUE;
|
||||||
|
- }
|
||||||
|
- if (strstr(first, "pkcsslotd") != NULL) {
|
||||||
|
- fclose(fp);
|
||||||
|
- closedir(dir);
|
||||||
|
- return CK_TRUE;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
+ snprintf(fname, sizeof(fname), "/proc/%ld/cmdline", lpid);
|
||||||
|
+ fp = fopen(fname, "r");
|
||||||
|
+ if (fp == NULL) {
|
||||||
|
+ TRACE_INFO("Stale pid file, pkcsslotd is not running\n");
|
||||||
|
+ return CK_FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (fgets(buf, sizeof(buf), fp) == NULL) {
|
||||||
|
+ TRACE_INFO("Failed to read '%s'\n", fname);
|
||||||
|
fclose(fp);
|
||||||
|
+ return CK_FALSE;
|
||||||
|
}
|
||||||
|
+ fclose(fp);
|
||||||
|
|
||||||
|
- closedir(dir);
|
||||||
|
- return CK_FALSE;
|
||||||
|
+ first = strtok(buf, " ");
|
||||||
|
+ return (first != NULL && strstr(first, "pkcsslotd") != NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
|
@ -1,7 +1,7 @@
|
||||||
Name: opencryptoki
|
Name: opencryptoki
|
||||||
Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11
|
Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11
|
||||||
Version: 3.16.0
|
Version: 3.16.0
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
License: CPL
|
License: CPL
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
URL: https://github.com/opencryptoki/opencryptoki
|
URL: https://github.com/opencryptoki/opencryptoki
|
||||||
|
@ -26,6 +26,7 @@ Patch210: opencryptoki-3.16.0-d7de5092247a0efc2c397f12977a7c9925420143.patch
|
||||||
Patch211: opencryptoki-3.16.0-1fdd0e4497b0078e73e0004e3492db647c7c458b.patch
|
Patch211: opencryptoki-3.16.0-1fdd0e4497b0078e73e0004e3492db647c7c458b.patch
|
||||||
Patch212: opencryptoki-3.16.0-bf812c652c49d7e248b115d121a4f7f6568941a2.patch
|
Patch212: opencryptoki-3.16.0-bf812c652c49d7e248b115d121a4f7f6568941a2.patch
|
||||||
Patch213: opencryptoki-3.16.0-7b7d83c571ceb3050969359817d4145600f14ae8.patch
|
Patch213: opencryptoki-3.16.0-7b7d83c571ceb3050969359817d4145600f14ae8.patch
|
||||||
|
Patch214: opencryptoki-3.16.0-pkcstok_migrate-detection_if_pkcsslotd_is_still_running.patch
|
||||||
|
|
||||||
Requires(pre): coreutils
|
Requires(pre): coreutils
|
||||||
Requires: (selinux-policy >= 3.14.3-70 if selinux-policy-targeted)
|
Requires: (selinux-policy >= 3.14.3-70 if selinux-policy-targeted)
|
||||||
|
@ -356,6 +357,9 @@ fi
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jul 16 2021 Than Ngo <than@redhat.com> - 3.16.0-4
|
||||||
|
- Resolves: #1964304, Fix detection if pkcsslotd is still running
|
||||||
|
|
||||||
* Tue Jun 15 2021 Than Ngo <than@redhat.com> - 3.16.0-3
|
* Tue Jun 15 2021 Than Ngo <than@redhat.com> - 3.16.0-3
|
||||||
- Related: #1919223, add conditional requirement
|
- Related: #1919223, add conditional requirement
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue