diff --git a/.gitignore b/.gitignore
index f9524fb..a1070a7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@
 /opensc-0.19.0.tar.gz
 /opensc-0.20.0.tar.gz
 /opensc-0.21.0.tar.gz
+/opensc-0.22.0.tar.gz
diff --git a/opensc-gcc11.patch b/opensc-gcc11.patch
index 484405b..0f41d60 100644
--- a/opensc-gcc11.patch
+++ b/opensc-gcc11.patch
@@ -15,347 +15,3 @@ index 41e620a..57f8a79 100644
  	/* loop over the args and parse them, making sure the result fits into buf[] */
  	for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++)   {
  		size_t len0 = sizeof(buf) - len;
-commit 1680b3a1fb15319e41dbe3214ef8c4a4c215d529
-Author: Jakub Jelen <jjelen@redhat.com>
-Date:   Tue Feb 23 19:57:02 2021 +0100
-
-    Fix build on gcc11
-    
-    This made most of the applications crashing in Fedora 34 when
-    smart card was plugged in.
-    
-    The suggested patch makes the code path more obvious for gcc to
-    handle.
-    
-    https://bugzilla.redhat.com/show_bug.cgi?id=1930652
-
-diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
-index 18803b83..c65ec3ed 100644
---- a/src/pkcs11/framework-pkcs15.c
-+++ b/src/pkcs11/framework-pkcs15.c
-@@ -670,6 +670,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
- {
- 	struct sc_pkcs15_cert_info *p15_info = NULL;
- 	struct sc_pkcs15_cert *p15_cert = NULL;
-+	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_cert_object *object = NULL;
- 	struct pkcs15_pubkey_object *obj2 = NULL;
- 	int rv;
-@@ -686,8 +687,9 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
- 	}
- 
- 	/* Certificate object */
--	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
-+	rv = __pkcs15_create_object(fw_data, &any_object,
- 			cert, &pkcs15_cert_ops, sizeof(struct pkcs15_cert_object));
-+	object = (struct pkcs15_cert_object *) any_object;
- 	if (rv < 0) {
- 		if (p15_cert != NULL)
- 			sc_pkcs15_free_certificate(p15_cert);
-@@ -720,7 +722,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
- 	pkcs15_cert_extract_label(object);
- 
- 	if (cert_object != NULL)
--		*cert_object = (struct pkcs15_any_object *) object;
-+		*cert_object = any_object;
- 
- 	return 0;
- }
-@@ -730,6 +732,7 @@ static int
- __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
- 	struct sc_pkcs15_object *pubkey, struct pkcs15_any_object **pubkey_object)
- {
-+	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_pubkey_object *object = NULL;
- 	struct sc_pkcs15_pubkey *p15_key = NULL;
- 	int rv;
-@@ -758,8 +761,9 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
- 	}
- 
- 	/* Public key object */
--	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
-+	rv = __pkcs15_create_object(fw_data, &any_object,
- 			pubkey, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
-+	object = (struct pkcs15_pubkey_object *) any_object;
- 	if (rv >= 0) {
- 		object->pub_info = (struct sc_pkcs15_pubkey_info *) pubkey->data;
- 		object->pub_data = p15_key;
-@@ -773,7 +777,7 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
- 			object->pub_data->alg_id->params = &((object->pub_data->u).gostr3410.params);
- 	}
- 	if (pubkey_object != NULL)
--		*pubkey_object = (struct pkcs15_any_object *) object;
-+		*pubkey_object = any_object;
- 
- 	return rv;
- }
-@@ -783,16 +787,18 @@ static int
- __pkcs15_create_prkey_object(struct pkcs15_fw_data *fw_data,
- 	struct sc_pkcs15_object *prkey, struct pkcs15_any_object **prkey_object)
- {
-+	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_prkey_object *object = NULL;
- 	int rv;
- 
--	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
-+	rv = __pkcs15_create_object(fw_data, &any_object,
- 			prkey, &pkcs15_prkey_ops, sizeof(struct pkcs15_prkey_object));
-+	object = (struct pkcs15_prkey_object *) any_object;
- 	if (rv >= 0)
- 		object->prv_info = (struct sc_pkcs15_prkey_info *) prkey->data;
- 
- 	if (prkey_object != NULL)
--		*prkey_object = (struct pkcs15_any_object *) object;
-+		*prkey_object = any_object;
- 
- 	return rv;
- }
-@@ -802,18 +808,20 @@ static int
- __pkcs15_create_data_object(struct pkcs15_fw_data *fw_data,
- 		struct sc_pkcs15_object *object, struct pkcs15_any_object **data_object)
- {
-+	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_data_object *dobj = NULL;
- 	int rv;
- 
--	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &dobj,
-+	rv = __pkcs15_create_object(fw_data, &any_object,
- 			object, &pkcs15_dobj_ops, sizeof(struct pkcs15_data_object));
-+        dobj = (struct pkcs15_data_object *) any_object;
- 	if (rv >= 0)   {
- 		dobj->info = (struct sc_pkcs15_data_info *) object->data;
- 		dobj->value = NULL;
- 	}
- 
- 	if (data_object != NULL)
--		*data_object = (struct pkcs15_any_object *) dobj;
-+		*data_object = any_object;
- 
- 	return rv;
- }
-@@ -853,16 +861,18 @@ static int
- __pkcs15_create_secret_key_object(struct pkcs15_fw_data *fw_data,
- 		struct sc_pkcs15_object *object, struct pkcs15_any_object **skey_object)
- {
-+	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_skey_object *skey = NULL;
- 	int rv;
- 
--	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &skey,
-+	rv = __pkcs15_create_object(fw_data, &any_object,
- 			object, &pkcs15_skey_ops, sizeof(struct pkcs15_skey_object));
-+        skey = (struct pkcs15_skey_object *) any_object;
- 	if (rv >= 0)
- 		skey->info = (struct sc_pkcs15_skey_info *) object->data;
- 
- 	if (skey_object != NULL)
--		*skey_object = (struct pkcs15_any_object *) skey;
-+		*skey_object = any_object;
- 
- 	return rv;
- }
-diff --git a/src/libopensc/pkcs15-westcos.c b/src/libopensc/pkcs15-westcos.c
-index 885abd37..9277061b 100644
---- a/src/libopensc/pkcs15-westcos.c
-+++ b/src/libopensc/pkcs15-westcos.c
-@@ -124,18 +124,17 @@ static int sc_pkcs15emu_westcos_init(sc_pkcs15_card_t * p15card)
- 		struct sc_pkcs15_pubkey_info pubkey_info;
- 		struct sc_pkcs15_object pubkey_obj;
- 		struct sc_pkcs15_pubkey *pkey = NULL;
-+		sc_pkcs15_cert_t *cert = NULL;
-+
- 		memset(&cert_info, 0, sizeof(cert_info));
- 		memset(&cert_obj, 0, sizeof(cert_obj));
- 		cert_info.id.len = 1;
- 		cert_info.id.value[0] = 0x45;
- 		cert_info.authority = 0;
- 		cert_info.path = path;
--		r = sc_pkcs15_read_certificate(p15card, &cert_info,
--					       (sc_pkcs15_cert_t
--						**) (&cert_obj.data));
-+		r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert);
-+		cert_obj.data = (void *) cert;
- 		if (!r) {
--			sc_pkcs15_cert_t *cert =
--			    (sc_pkcs15_cert_t *) (cert_obj.data);
- 			strlcpy(cert_obj.label, "User certificate",
- 				sizeof(cert_obj.label));
- 			cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
-diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
-index c65ec3ed..a5e6ff1f 100644
---- a/src/pkcs11/framework-pkcs15.c
-+++ b/src/pkcs11/framework-pkcs15.c
-@@ -673,6 +673,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
- 	struct pkcs15_any_object *any_object = NULL;
- 	struct pkcs15_cert_object *object = NULL;
- 	struct pkcs15_pubkey_object *obj2 = NULL;
-+	struct pkcs15_any_object *any_object2 = NULL;
- 	int rv;
- 
- 	p15_info = (struct sc_pkcs15_cert_info *) cert->data;
-@@ -700,10 +701,11 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
- 	object->cert_data = p15_cert;
- 
- 	/* Corresponding public key */
--	rv = public_key_created(fw_data, &p15_info->id, (struct pkcs15_any_object **) &obj2);
-+	rv = public_key_created(fw_data, &p15_info->id, &any_object2);
- 	if (rv != SC_SUCCESS)
--		rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &obj2,
-+		rv = __pkcs15_create_object(fw_data, &any_object2,
- 				NULL, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
-+	obj2 = (struct pkcs15_pubkey_object *) any_object2;
- 	if (rv < 0)
- 		return rv;
- 
-@@ -2975,14 +2977,17 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
- 	const CK_BYTE * gost_params_encoded_oid_from_template;
- 	const CK_BYTE * gost_hash_params_encoded_oid_from_template;
- 	size_t len, param_index, hash_index;
-+	void *ptr = NULL;
- 	CK_RV rv;
- 
- 	/* If template has CKA_GOSTR3410_PARAMS attribute, set param_index to
- 	 * corresponding item's index in gostr3410_param_oid[] */
--	if (pPrivTpl && ulPrivCnt)
--		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
--	else
--		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
-+	if (pPrivTpl && ulPrivCnt) {
-+		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
-+	} else {
-+		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
-+	}
-+	gost_params_encoded_oid_from_template = (const CK_BYTE *) ptr;
- 
- 	if (rv == CKR_OK) {
- 		size_t nn = sizeof(gostr3410_param_oid)/sizeof(gostr3410_param_oid[0]);
-@@ -3005,10 +3010,12 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
- 
- 	/* If template has CKA_GOSTR3411_PARAMS attribute, set hash_index to
- 	 * corresponding item's index in gostr3410_hash_param_oid[] */
--	if (pPrivTpl && ulPrivCnt)
--		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
--	else
--		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
-+	if (pPrivTpl && ulPrivCnt) {
-+		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
-+	} else {
-+		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
-+	}
-+	gost_hash_params_encoded_oid_from_template = ptr;
- 
- 	if (rv == CKR_OK) {
- 		size_t nn = sizeof(gostr3410_hash_param_oid)/sizeof(gostr3410_hash_param_oid[0]);
-@@ -3155,9 +3162,11 @@ pkcs15_gen_keypair(struct sc_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism,
- 	}
- 	else if (keytype == CKK_EC)   {
- 		struct sc_lv_data *der = &keygen_args.prkey_args.key.u.ec.params.der;
-+		void *ptr = NULL;
- 
- 		der->len = sizeof(struct sc_object_id);
--		rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, (void **)&der->value, &der->len);
-+		rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, &ptr, &der->len);
-+		der->value = (unsigned char *) ptr;
- 		if (rv != CKR_OK)   {
- 			sc_unlock(p11card->card);
- 			return sc_to_cryptoki_error(rc, "C_GenerateKeyPair");
-diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
-index 8fb3e5af..a6c91ce1 100644
---- a/src/pkcs11/pkcs11-object.c
-+++ b/src/pkcs11/pkcs11-object.c
-@@ -347,6 +347,7 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession,	/* the session's handle */
- 	struct sc_pkcs11_object *object;
- 	struct sc_pkcs11_find_operation *operation;
- 	struct sc_pkcs11_slot *slot;
-+	struct sc_pkcs11_operation *op = NULL;
- 
- 	if (pTemplate == NULL_PTR && ulCount > 0)
- 		return CKR_ARGUMENTS_BAD;
-@@ -363,7 +364,8 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession,	/* the session's handle */
- 	dump_template(SC_LOG_DEBUG_NORMAL, "C_FindObjectsInit()", pTemplate, ulCount);
- 
- 	rv = session_start_operation(session, SC_PKCS11_OPERATION_FIND,
--				     &find_mechanism, (struct sc_pkcs11_operation **)&operation);
-+				     &find_mechanism, &op);
-+	operation = (struct sc_pkcs11_find_operation *) op;
- 	if (rv != CKR_OK)
- 		goto out;
- 
-diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
-index a6c91ce1..603a6713 100644
---- a/src/pkcs11/pkcs11-object.c
-+++ b/src/pkcs11/pkcs11-object.c
-@@ -453,6 +453,7 @@ C_FindObjects(CK_SESSION_HANDLE hSession,	/* the session's handle */
- 	CK_ULONG to_return;
- 	struct sc_pkcs11_session *session;
- 	struct sc_pkcs11_find_operation *operation;
-+	struct sc_pkcs11_operation *op = NULL;
- 
- 	if (phObject == NULL_PTR || ulMaxObjectCount == 0 || pulObjectCount == NULL_PTR)
- 		return CKR_ARGUMENTS_BAD;
-@@ -465,7 +466,8 @@ C_FindObjects(CK_SESSION_HANDLE hSession,	/* the session's handle */
- 	if (rv != CKR_OK)
- 		goto out;
- 
--	rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, (sc_pkcs11_operation_t **) & operation);
-+	rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, &op);
-+	operation = (struct sc_pkcs11_find_operation *) op;
- 	if (rv != CKR_OK)
- 		goto out;
- 
-diff --git a/src/tools/pkcs11-register.c b/src/tools/pkcs11-register.c
-index 007ff1ae..873ebcba 100644
---- a/src/tools/pkcs11-register.c
-+++ b/src/tools/pkcs11-register.c
-@@ -123,13 +123,15 @@ add_module_pkcs11_txt(const char *profile_dir,
- 	char pkcs11_txt_path[PATH_MAX];
- 	char *pkcs11_txt = NULL;
- 	size_t pkcs11_txt_len = 0;
-+	unsigned char *txt = NULL;
-+
- 	if (!profile_dir
- 			|| snprintf(pkcs11_txt_path, sizeof pkcs11_txt_path,
- 				"%s%c%s", profile_dir, path_sep, "pkcs11.txt") < 0
--			|| !fread_to_eof(pkcs11_txt_path,
--				(unsigned char **) &pkcs11_txt, &pkcs11_txt_len)) {
-+			|| !fread_to_eof(pkcs11_txt_path, &txt, &pkcs11_txt_len)) {
- 		goto err;
- 	}
-+	pkcs11_txt = (char *)txt;
- 	char *p = realloc(pkcs11_txt, pkcs11_txt_len+1);
- 	if (!p)
- 		goto err;
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index a4d9c94b..35b96792 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -6303,11 +6303,12 @@ static CK_SESSION_HANDLE test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE
- 		return session;
- 	}
- 
--	tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
--	if (opt_object_id_len == 0) {
-+	tmp = getID(session, priv_key, &i);
-+	if (i == 0) {
- 		fprintf(stderr, "ERR: newly generated private key has no (or an empty) CKA_ID\n");
- 		return session;
- 	}
-+	opt_object_id_len = (size_t) i;
- 	memcpy(opt_object_id, tmp, opt_object_id_len);
- 
- 	/* This is done in NSS */
-@@ -6485,11 +6486,12 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
- 	if (!gen_keypair(slot, session, &pub_key, &priv_key, opt_key_type))
- 		return;
- 
--	tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
--	if (opt_object_id_len == 0) {
-+	tmp = getID(session, priv_key, &i);
-+	if (i == 0) {
- 		printf("ERR: newly generated private key has no (or an empty) CKA_ID\n");
- 		return;
- 	}
-+	i = (size_t) opt_object_id_len;
- 	memcpy(opt_object_id, tmp, opt_object_id_len);
- 
- 	/* This is done in NSS */
diff --git a/opensc.spec b/opensc.spec
index faaf0dc..b95c6f1 100644
--- a/opensc.spec
+++ b/opensc.spec
@@ -2,8 +2,8 @@
 %define nssdb %{_sysconfdir}/pki/nssdb
 
 Name:           opensc
-Version:        0.21.0
-Release:        5%{?dist}
+Version:        0.22.0
+Release:        1%{?dist}
 Summary:        Smart card library and applications
 
 License:        LGPLv2+
@@ -56,11 +56,6 @@ every software/card that does so, too.
 %patch5 -p1 -b .gcc11
 
 cp %{SOURCE2} tests/
-# The test-pkcs11-tool-allowed-mechanisms already works in Fedora
-sed -i -e '/XFAIL_TESTS/,$ {
-  s/XFAIL_TESTS.*/XFAIL_TESTS=test-pkcs11-tool-test.sh/
-  q
-}' tests/Makefile.am
 
 cp -p src/pkcs15init/README ./README.pkcs15init
 cp -p src/scconf/README.scconf .
@@ -210,6 +205,9 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
 
 
 %changelog
+* Tue Aug 10 2021 Jakub Jelen <jjelen@redhat.com> - 0.22.0-1
+- New upstream release (#1955837)
+
 * Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.21.0-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 
diff --git a/sources b/sources
index 1c5465e..b82dd98 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (opensc-0.21.0.tar.gz) = 3511b0a04a96e62011c48667e3fd36a1611fe67a89f7626ff056c9c3614f8cabc91c9924a6ca7a8ea50076a128e3967277a0dd624b4fa27c62cefee9fab22646
+SHA512 (opensc-0.22.0.tar.gz) = 70ad5f1219f2ec2a5529a30d8e9955510c77c87d0bc857d5951c7227c75cf9de1c6071f43dd3816a2034123ebd902709793ff776e84d5379fdd54c811ccfaaee