new upstream release 3.1

2014-07-24 15:26:11 +02:00 · 2014-07-24 15:26:11 +02:00 · c92b26c0a0
commit c92b26c0a0
parent ac40e6f532
9 changed files with 9 additions and 2998 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,3 +7,4 @@ opencryptoki-2.3.1.tar.gz
 /opencryptoki-2.4.3.tar.gz
 /opencryptoki-2.4.3.1-tar.gz
 /opencryptoki-v3.0.tar.gz
+/opencryptoki-v3.1.tgz
--- a/opencryptoki-3.0-bz1033284.patch
+++ b/opencryptoki-3.0-bz1033284.patch
--- a/opencryptoki-3.0-bz1054661.patch
+++ b/opencryptoki-3.0-bz1054661.patch
@ -1,59 +0,0 @@
-From 95064291fe13d4ed98e195946d931fe779f8a48f Mon Sep 17 00:00:00 2001
-From: Joy Latten <jmlatten@linux.vnet.ibm.com>
-Date: Fri, 17 Jan 2014 10:33:19 -0600
-Subject: [PATCH] Problem: A regular user in pkcs11 group cannot issue pkcsconf
- -t. When shm_open() creates shared memory object, it honors umask of the
- caller. This patch ensures the shared memory has expected permissions when it
- is created.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
-Signed-off-by: Dan Horák <dan@danny.cz>
---
- usr/lib/pkcs11/common/shared_memory.c | 27 ++++++++++++++++++++++-----
- 1 file changed, 22 insertions(+), 5 deletions(-)
-
-diff --git a/usr/lib/pkcs11/common/shared_memory.c b/usr/lib/pkcs11/common/shared_memory.c
-index a8710c5..bf0411d 100644
--- a/usr/lib/pkcs11/common/shared_memory.c
-+++ b/usr/lib/pkcs11/common/shared_memory.c
-@@ -161,12 +161,29 @@ sm_open(const char *sm_name, int mode, void **p_addr, size_t len, int force)
- 		goto done;
- 	}
- 
-	fd = shm_open(name, O_RDWR | O_CREAT, mode);
-+	/* try and open first... */
-+	fd = shm_open(name, O_RDWR, mode);
- 	if (fd < 0) {
-		rc = -errno;
-		SYS_ERROR(errno, "Failed to open shared memory \"%s\".\n",
-				name);
-		goto done;
-+		/* maybe it needs to be created ... */
-+		fd = shm_open(name, O_RDWR | O_CREAT, mode);
-+		if (fd < 0) {
-+			rc = -errno;
-+			SYS_ERROR(errno,
-+				  "Failed to open shared memory \"%s\".\n",
-+				  name);
-+			goto done;
-+		} else {
-+			/* umask may have altered permissions if we created
-+			 * the shared memory in above call, so set proper
-+			 * permissions just in case.
-+			 */
-+			if (fchmod(fd, mode) == -1) {
-+				rc = -errno;
-+				SYS_ERROR(errno, "fchmod(%s): %s\n",
-+						name, strerror(errno));
-+				goto done;
-+			}
-+		}
- 	}
- 
- 	/*
-- 
-1.8.1.4
-
--- a/opencryptoki-3.0-format.patch
+++ b/opencryptoki-3.0-format.patch
@ -1,30 +0,0 @@
-From 02d46e95acfca2ac3ca85a3f1c3d271a04e29206 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
-Date: Tue, 3 Dec 2013 14:44:36 +0100
-Subject: [PATCH] fix build with -Werror=format-security
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-
-Signed-off-by: Dan Horák <dan@danny.cz>
---
- usr/sbin/pkcsslotd/log.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/usr/sbin/pkcsslotd/log.c b/usr/sbin/pkcsslotd/log.c
-index 949d95d..a2292ac 100755
--- a/usr/sbin/pkcsslotd/log.c
-+++ b/usr/sbin/pkcsslotd/log.c
-@@ -823,7 +823,7 @@ BOOL PKCS_Log ( pLogHandle phLog, char *Format, va_list ap ) {
- 
-   /* Always log to syslog, if we're using it */
-   if ( pInfo->UseSyslog ) {
-    syslog(pInfo->LogLevel,  Buffer);
-+    syslog(pInfo->LogLevel,  "%s", Buffer);
-   }
- 
-   return TRUE;
-- 
-1.8.1.4
-
--- a/opencryptoki-3.0-opencryptoki-man.patch
+++ b/opencryptoki-3.0-opencryptoki-man.patch
@ -1,37 +0,0 @@
-commit b50eb39e3cf8ccfdb735fbddfcdae10bdb70e1c4
-Author: Joy Latten <jmlatten@linux.vnet.ibm.com>
-Date:   Wed Sep 4 16:12:38 2013 -0500
-
-    Update the opencryptoki(7) man page and remove reference to
-    pkcs11_startup and pk_config_data.
-    
-    Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
-
-diff --git a/man/man7/opencryptoki.7.in b/man/man7/opencryptoki.7.in
-index 5030bd2..bf5a65e 100644
--- a/man/man7/opencryptoki.7.in
-+++ b/man/man7/opencryptoki.7.in
-@@ -9,11 +9,9 @@ tokens, which may be implemented via software or hardware. The PKCS#11
- specification has been released by RSA Labs. More information on PKCS#11
- can be found on the RSA labs website: http://www.rsa.com/rsalabs.
- 
-To use openCryptoki, first run \fIpkcs11_startup\fP to initialize the
-contents of the pk_config_data file. Then run the \fIpkcsslotd\fP daemon. At
-this point, openCryptoki is ready to start receiving PKCS#11 requests
-from user applications. If openCryptoki is included by your distro, its
-likely that pkcs11_startup is run automatically by an init script.
-+To use openCryptoki, run the \fIpkcsslotd\fP daemon. The daemon will 
-+read the \fIopencryptoki.conf\fP file to collect information about the 
-+tokens and their slots.
- 
- Use the \fIpkcsconf\fP utility to further configure openCryptoki once the
- daemon is running.
-@@ -33,7 +31,5 @@ privileges of other openCryptoki users.
- .TP
- \fBpkcsconf\fP(1),
- .TP
-\fBpk_config_data\fP(5),
-.TP
-\fBpkcs11_startup\fP(1).
-+\fBopencryptoki.conf\fP(5).
- .PD
--- a/opencryptoki-3.0-pkcsconf-man.patch
+++ b/opencryptoki-3.0-pkcsconf-man.patch
@ -1,35 +0,0 @@
-From 48e9a2fdcae6d373f56aefcb85507758803be7df Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
-Date: Mon, 22 Jul 2013 18:49:43 +0200
-Subject: [PATCH] update options in the pkcsconf man page to match the pkcsconf
- binary
-
---
- man/man1/pkcsconf.1.in | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/man/man1/pkcsconf.1.in b/man/man1/pkcsconf.1.in
-index 1b95651..76293ae 100644
--- a/man/man1/pkcsconf.1.in
-+++ b/man/man1/pkcsconf.1.in
-@@ -4,7 +4,7 @@ pkcsconf \- configuration utility for the pkcsslotd daemon
- 
- .SH SYNOPSIS
- \fBpkcsconf\fP
-[\fB-itsmMIupPh\fP]
-+[\fB-itsmlIupPh\fP]
- [\fB-c\fP \fIslotnumber\fP \fB-U\fP \fIuserPIN\fP
- \fB-S\fP \fISOPin\fP \fB-n\fP \fInewpin\fP]
- 
-@@ -21,6 +21,8 @@ display token info
- display slot info
- .IP "\fB-m\fP" 10
- display mechanism list
-+.IP "\fB-l\fP" 10
-+display slot description
- .IP "\fB-I\fP" 10
- initialize token 
- .IP "\fB-u\fP" 10
-- 
-1.8.1.4
-
--- a/opencryptoki-3.0-unit.patch
+++ b/opencryptoki-3.0-unit.patch
@ -1,24 +0,0 @@
-From a8870725de46b8c5716e1539a0d01256b319940b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
-Date: Fri, 23 Aug 2013 16:57:52 +0200
-Subject: [PATCH] update unit file for 3.0
-
---
- misc/pkcsslotd.service.in | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/misc/pkcsslotd.service.in b/misc/pkcsslotd.service.in
-index bfd9934..461be60 100644
--- a/misc/pkcsslotd.service.in
-+++ b/misc/pkcsslotd.service.in
-@@ -5,7 +5,6 @@ After=syslog.target
- [Service]
- Type=forking
- PIDFile=/var/run/pkcsslotd.pid
-ExecStartPre=@sbindir@/pkcs11_startup
- ExecStart=@sbindir@/pkcsslotd
- 
- [Install]
-- 
-1.8.1.4
-
--- a/opencryptoki.spec
+++ b/opencryptoki.spec
@ -2,31 +2,15 @@

 Name:			opencryptoki
 Summary:		Implementation of the PKCS#11 (Cryptoki) specification v2.11
-Version:		3.0
-Release:		11%{?dist}
+Version:		3.1
+Release:		1%{?dist}
 License:		CPL
 Group:			System Environment/Base
 URL:			http://sourceforge.net/projects/opencryptoki
-Source0:		http://downloads.sourceforge.net/%{name}/%{name}-v%{version}.tar.gz
+Source0:		http://downloads.sourceforge.net/%{name}/%{name}-v%{version}.tgz
 Source1:		%{name}-tmpfiles.conf
 # https://bugzilla.redhat.com/show_bug.cgi?id=732756
 Patch0:			%{name}-2.4-group.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=948460
-# http://sourceforge.net/mailarchive/message.php?msg_id=31202168
-Patch1:			%{name}-3.0-pkcsconf-man.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=995002
-# http://sourceforge.net/mailarchive/message.php?msg_id=31321105
-Patch2:			%{name}-3.0-unit.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1001729
-# http://sourceforge.net/p/opencryptoki/opencryptoki/ci/b50eb39e3cf8ccfdb735fbddfcdae10bdb70e1c4/
-Patch3:			%{name}-3.0-opencryptoki-man.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1033284
-# post-3.0 upstream fixes
-Patch4:			%{name}-3.0-bz1033284.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1037228
-Patch5:			%{name}-3.0-format.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1054661
-Patch6:			%{name}-3.0-bz1054661.patch
 Requires(pre):		shadow-utils coreutils sed
 BuildRequires:		openssl-devel
 BuildRequires:		trousers-devel
@ -173,12 +157,6 @@ cryptographic hardware such as IBM 4764 or 4765 that uses the
 %prep
 %setup -q -n %{name}
 %patch0 -p1 -b .group
-%patch1 -p1 -b .pkcsconf-man
-%patch2 -p1 -b .unit
-%patch3 -p1 -b .opencryptoki-man
-%patch4 -p1 -b .bz1033284
-%patch5 -p1 -b .format
-%patch6 -p1 -b .bz1054661

 # Upstream tarball has unnecessary executable perms set on the sources
 find . -name '*.[ch]' -print0 | xargs -0 chmod -x
@ -264,6 +242,7 @@ exit 0
 %{_sbindir}/pkcsconf
 %{_sbindir}/pkcsslotd
 %{_mandir}/man1/pkcsconf.1*
+%{_mandir}/man1/pkcsep11_migrate.1.*
 %{_mandir}/man5/%{name}.conf.5*
 %{_mandir}/man7/%{name}.7*
 %{_mandir}/man8/pkcsslotd.8*
@ -330,6 +309,9 @@ exit 0


 %changelog
+* Thu Jul 24 2014 Petr Lautrbach <plautrba@redhat.com> 3.1-1
+- new upstream release 3.1
+
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.0-11
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-ec4e2a196c8a336d400d3b17288260af  opencryptoki-v3.0.tar.gz
+ab5f2cc8680ddedde5a86a6cd2e1817f  opencryptoki-v3.1.tgz