Rebase to 0.23.0
Resolves: RHEL-280
This commit is contained in:
parent
ba90259736
commit
399c3d3b19
1
.gitignore
vendored
1
.gitignore
vendored
@ -9,3 +9,4 @@
|
||||
/opensc-0.20.0.tar.gz
|
||||
/opensc-0.21.0.tar.gz
|
||||
/opensc-0.22.0.tar.gz
|
||||
/opensc-0.23.0.tar.gz
|
||||
|
@ -3,7 +3,7 @@ diff -up opensc-0.19.0/etc/opensc.conf.pinpad opensc-0.19.0/etc/opensc.conf
|
||||
+++ opensc-0.19.0/etc/opensc.conf 2018-10-22 14:33:59.939410701 +0200
|
||||
@@ -4,4 +4,9 @@ app default {
|
||||
framework pkcs15 {
|
||||
# use_file_caching = true;
|
||||
# use_file_caching = public;
|
||||
}
|
||||
+ reader_driver pcsc {
|
||||
+ # The pinpad is disabled by default,
|
||||
|
@ -1,62 +0,0 @@
|
||||
From fe198e8b3837aa4c960e75d0e2a41020ad4dc9f9 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Fri, 24 Sep 2021 13:33:26 +0200
|
||||
Subject: [PATCH 1/9] pkcs11: Unbreak detection of unenrolled cards
|
||||
|
||||
This was broken since 58b03b68, which tried to sanitize some states,
|
||||
but caused C_GetTokenInfo returning CKR_TOKEN_NOT_RECOGNIZED instead
|
||||
of empty token information.
|
||||
|
||||
Note, that this has effect only if the configuration options
|
||||
enable_default_driver and pkcs11_enable_InitToken are turned on.
|
||||
Otherwise it still returns CKR_TOKEN_NOT_RECOGNIZED.
|
||||
---
|
||||
src/pkcs11/framework-pkcs15.c | 17 +++++++++--------
|
||||
1 file changed, 9 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
|
||||
index 74fe7b3c49..4205e41739 100644
|
||||
--- a/src/pkcs11/framework-pkcs15.c
|
||||
+++ b/src/pkcs11/framework-pkcs15.c
|
||||
@@ -544,9 +544,7 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
||||
{
|
||||
struct sc_pkcs11_slot *slot;
|
||||
struct pkcs15_fw_data *fw_data = NULL;
|
||||
- struct sc_pkcs15_card *p15card = NULL;
|
||||
struct sc_pkcs15_object *auth;
|
||||
- struct sc_pkcs15_auth_info *pin_info;
|
||||
CK_RV rv;
|
||||
|
||||
sc_log(context, "C_GetTokenInfo(%lx)", slotID);
|
||||
@@ -578,12 +576,6 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
||||
rv = sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
|
||||
goto out;
|
||||
}
|
||||
- p15card = fw_data->p15_card;
|
||||
- if (!p15card) {
|
||||
- rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
|
||||
- goto out;
|
||||
- }
|
||||
-
|
||||
/* User PIN flags are cleared before re-calculation */
|
||||
slot->token_info.flags &= ~(CKF_USER_PIN_COUNT_LOW|CKF_USER_PIN_FINAL_TRY|CKF_USER_PIN_LOCKED);
|
||||
auth = slot_data_auth(slot->fw_data);
|
||||
@@ -591,8 +583,17 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
||||
"C_GetTokenInfo() auth. object %p, token-info flags 0x%lX", auth,
|
||||
slot->token_info.flags);
|
||||
if (auth) {
|
||||
+ struct sc_pkcs15_card *p15card = NULL;
|
||||
+ struct sc_pkcs15_auth_info *pin_info = NULL;
|
||||
+
|
||||
pin_info = (struct sc_pkcs15_auth_info*) auth->data;
|
||||
|
||||
+ p15card = fw_data->p15_card;
|
||||
+ if (!p15card) {
|
||||
+ rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
sc_pkcs15_get_pin_info(p15card, auth);
|
||||
|
||||
if (pin_info->tries_left >= 0) {
|
||||
|
@ -5,8 +5,8 @@ diff -up opensc-0.22.0/etc/opensc.conf.file-cache opensc-0.22.0/etc/opensc.conf
|
||||
# debug = 3;
|
||||
# debug_file = opensc-debug.txt;
|
||||
framework pkcs15 {
|
||||
- # use_file_caching = true;
|
||||
+ use_file_caching = true;
|
||||
- # use_file_caching = public;
|
||||
+ use_file_caching = public;
|
||||
}
|
||||
reader_driver pcsc {
|
||||
# The pinpad is disabled by default,
|
||||
@ -18,6 +18,6 @@ diff -up opensc-0.22.0/etc/opensc.conf.file-cache opensc-0.22.0/etc/opensc.conf
|
||||
+# brings more trouble than use so disable that:
|
||||
+app pkcs15-init {
|
||||
+ framework pkcs15 {
|
||||
+ use_file_caching = false;
|
||||
+ use_file_caching = no;
|
||||
+ }
|
||||
+}
|
||||
|
212
opensc-0.23.0-pkcs11-tool-import.patch
Normal file
212
opensc-0.23.0-pkcs11-tool-import.patch
Normal file
@ -0,0 +1,212 @@
|
||||
From 99f7b82f187ca3512ceae6270c391243d018fdac Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Thu, 1 Dec 2022 20:08:53 +0100
|
||||
Subject: [PATCH 1/4] pkcs11-tool: Fix private key import
|
||||
|
||||
---
|
||||
src/tools/pkcs11-tool.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
|
||||
index aae205fe2c..cfee8526d5 100644
|
||||
--- a/src/tools/pkcs11-tool.c
|
||||
+++ b/src/tools/pkcs11-tool.c
|
||||
@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
|
||||
RSA_get0_factors(r, &r_p, &r_q);
|
||||
RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
|
||||
#else
|
||||
- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 ||
|
||||
+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
|
||||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
|
||||
util_fatal("OpenSSL error during RSA private key parsing");
|
||||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
|
||||
}
|
||||
#endif
|
||||
RSA_GET_BN(rsa, private_exponent, r_d);
|
||||
|
||||
From 4a6e1d1dcd18757502027b1c5d2fb2cbaca28407 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Thu, 1 Dec 2022 20:11:41 +0100
|
||||
Subject: [PATCH 2/4] pkcs11-tool: Log more information on OpenSSL errors
|
||||
|
||||
---
|
||||
src/tools/pkcs11-tool.c | 15 ++++++---------
|
||||
1 file changed, 6 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
|
||||
index cfee8526d5..f2e6b1dd91 100644
|
||||
--- a/src/tools/pkcs11-tool.c
|
||||
+++ b/src/tools/pkcs11-tool.c
|
||||
@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
|
||||
const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp;
|
||||
r = EVP_PKEY_get1_RSA(pkey);
|
||||
if (!r) {
|
||||
- if (private)
|
||||
- util_fatal("OpenSSL error during RSA private key parsing");
|
||||
- else
|
||||
- util_fatal("OpenSSL error during RSA public key parsing");
|
||||
+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
|
||||
+ ERR_error_string(ERR_peek_last_error(), NULL));
|
||||
}
|
||||
|
||||
RSA_get0_key(r, &r_n, &r_e, NULL);
|
||||
@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
|
||||
BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL;
|
||||
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
|
||||
- if (private)
|
||||
- util_fatal("OpenSSL error during RSA private key parsing");
|
||||
- else
|
||||
- util_fatal("OpenSSL error during RSA public key parsing");
|
||||
+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
|
||||
+ ERR_error_string(ERR_peek_last_error(), NULL));
|
||||
}
|
||||
#endif
|
||||
RSA_GET_BN(rsa, modulus, r_n);
|
||||
@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
|
||||
- util_fatal("OpenSSL error during RSA private key parsing");
|
||||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
|
||||
+ util_fatal("OpenSSL error during RSA private key parsing: %s",
|
||||
+ ERR_error_string(ERR_peek_last_error(), NULL));
|
||||
}
|
||||
#endif
|
||||
RSA_GET_BN(rsa, private_exponent, r_d);
|
||||
|
||||
From 267da3e81f1fc23a9ccce1462ab5deb1a4d4aec5 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Thu, 1 Dec 2022 20:38:31 +0100
|
||||
Subject: [PATCH 3/4] Reproducer for broken pkcs11-tool key import
|
||||
|
||||
---
|
||||
tests/Makefile.am | 10 ++++---
|
||||
tests/test-pkcs11-tool-import.sh | 48 ++++++++++++++++++++++++++++++++
|
||||
2 files changed, 54 insertions(+), 4 deletions(-)
|
||||
create mode 100755 tests/test-pkcs11-tool-import.sh
|
||||
|
||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
||||
index d378e2ee00..9d8a24c321 100644
|
||||
--- a/tests/Makefile.am
|
||||
+++ b/tests/Makefile.am
|
||||
@@ -14,8 +14,9 @@ dist_noinst_SCRIPTS = common.sh \
|
||||
test-pkcs11-tool-test-threads.sh \
|
||||
test-pkcs11-tool-sign-verify.sh \
|
||||
test-pkcs11-tool-allowed-mechanisms.sh \
|
||||
- test-pkcs11-tool-sym-crypt-test.sh\
|
||||
- test-pkcs11-tool-unwrap-wrap-test.sh
|
||||
+ test-pkcs11-tool-sym-crypt-test.sh \
|
||||
+ test-pkcs11-tool-unwrap-wrap-test.sh \
|
||||
+ test-pkcs11-tool-import.sh
|
||||
|
||||
.NOTPARALLEL:
|
||||
TESTS = \
|
||||
@@ -25,8 +26,9 @@ TESTS = \
|
||||
test-pkcs11-tool-test.sh \
|
||||
test-pkcs11-tool-test-threads.sh \
|
||||
test-pkcs11-tool-allowed-mechanisms.sh \
|
||||
- test-pkcs11-tool-sym-crypt-test.sh\
|
||||
- test-pkcs11-tool-unwrap-wrap-test.sh
|
||||
+ test-pkcs11-tool-sym-crypt-test.sh \
|
||||
+ test-pkcs11-tool-unwrap-wrap-test.sh \
|
||||
+ test-pkcs11-tool-import.sh
|
||||
XFAIL_TESTS = \
|
||||
test-pkcs11-tool-test-threads.sh \
|
||||
test-pkcs11-tool-test.sh
|
||||
diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
|
||||
new file mode 100755
|
||||
index 0000000000..76ff8e51be
|
||||
--- /dev/null
|
||||
+++ b/tests/test-pkcs11-tool-import.sh
|
||||
@@ -0,0 +1,48 @@
|
||||
+#!/bin/bash
|
||||
+SOURCE_PATH=${SOURCE_PATH:-..}
|
||||
+
|
||||
+source $SOURCE_PATH/tests/common.sh
|
||||
+
|
||||
+echo "======================================================="
|
||||
+echo "Setup SoftHSM"
|
||||
+echo "======================================================="
|
||||
+if [[ ! -f $P11LIB ]]; then
|
||||
+ echo "WARNING: The SoftHSM is not installed. Can not run this test"
|
||||
+ exit 77;
|
||||
+fi
|
||||
+card_setup
|
||||
+
|
||||
+ID="0100"
|
||||
+OPTS=""
|
||||
+for KEYTYPE in "RSA" "EC"; do
|
||||
+ echo "======================================================="
|
||||
+ echo "Generate and import $KEYTYPE keys"
|
||||
+ echo "======================================================="
|
||||
+ if [ "$KEYTYPE" == "RSA" ]; then
|
||||
+ ID="0100"
|
||||
+ elif [ "$KEYTYPE" == "EC" ]; then
|
||||
+ ID="0200"
|
||||
+ OPTS="-pkeyopt ec_paramgen_curve:P-521"
|
||||
+ fi
|
||||
+ openssl genpkey -out "${KEYTYPE}_private.der" -outform DER -algorithm $KEYTYPE $OPTS
|
||||
+ assert $? "Failed to generate private $KEYTYPE key"
|
||||
+ $PKCS11_TOOL --write-object "${KEYTYPE}_private.der" --id "$ID" --type privkey \
|
||||
+ --label "$KEYTYPE" -p "$PIN" --module "$P11LIB"
|
||||
+ assert $? "Failed to write private $KEYTYPE key"
|
||||
+
|
||||
+ openssl pkey -in "${KEYTYPE}_private.der" -out "${KEYTYPE}_public.der" -pubout -inform DER -outform DER
|
||||
+ assert $? "Failed to convert private $KEYTYPE key to public"
|
||||
+ $PKCS11_TOOL --write-object "${KEYTYPE}_public.der" --id "$ID" --type pubkey --label "$KEYTYPE" \
|
||||
+ -p $PIN --module $P11LIB
|
||||
+ assert $? "Failed to write public $KEYTYPE key"
|
||||
+ # certificate import already tested in all other tests
|
||||
+
|
||||
+ rm "${KEYTYPE}_private.der" "${KEYTYPE}_public.der"
|
||||
+done
|
||||
+
|
||||
+echo "======================================================="
|
||||
+echo "Cleanup"
|
||||
+echo "======================================================="
|
||||
+card_cleanup
|
||||
+
|
||||
+exit $ERRORS
|
||||
|
||||
From 63a7bceeca43ece1eee201ef7a974b20b294ba4e Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jakuje@gmail.com>
|
||||
Date: Fri, 2 Dec 2022 18:07:43 +0100
|
||||
Subject: [PATCH 4/4] Simplify the new test
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Co-authored-by: Veronika Hanulíková <61348757+xhanulik@users.noreply.github.com>
|
||||
---
|
||||
tests/test-pkcs11-tool-import.sh | 8 +++-----
|
||||
1 file changed, 3 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
|
||||
index 76ff8e51be..c90b3b4926 100755
|
||||
--- a/tests/test-pkcs11-tool-import.sh
|
||||
+++ b/tests/test-pkcs11-tool-import.sh
|
||||
@@ -12,15 +12,13 @@ if [[ ! -f $P11LIB ]]; then
|
||||
fi
|
||||
card_setup
|
||||
|
||||
-ID="0100"
|
||||
-OPTS=""
|
||||
for KEYTYPE in "RSA" "EC"; do
|
||||
echo "======================================================="
|
||||
echo "Generate and import $KEYTYPE keys"
|
||||
echo "======================================================="
|
||||
- if [ "$KEYTYPE" == "RSA" ]; then
|
||||
- ID="0100"
|
||||
- elif [ "$KEYTYPE" == "EC" ]; then
|
||||
+ ID="0100"
|
||||
+ OPTS=""
|
||||
+ if [ "$KEYTYPE" == "EC" ]; then
|
||||
ID="0200"
|
||||
OPTS="-pkeyopt ec_paramgen_curve:P-521"
|
||||
fi
|
||||
|
@ -1,33 +0,0 @@
|
||||
commit 6bc05d7037041e543d627248ca9df90723426ce1
|
||||
Author: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Tue Aug 10 16:30:40 2021 +0200
|
||||
|
||||
p11test: Fix invalid format string on 32b architectures
|
||||
|
||||
diff --git a/src/tests/p11test/p11test.c b/src/tests/p11test/p11test.c
|
||||
index dbac167d..49de6a93 100644
|
||||
--- a/src/tests/p11test/p11test.c
|
||||
+++ b/src/tests/p11test/p11test.c
|
||||
@@ -139,7 +139,7 @@ int main(int argc, char** argv) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- debug_print("Card info:\n\tPIN %s\n\tPIN LENGTH %lu\n\t",
|
||||
+ debug_print("Card info:\n\tPIN %s\n\tPIN LENGTH %zu\n\t",
|
||||
token.pin, token.pin_length);
|
||||
|
||||
return cmocka_run_group_tests(readonly_tests_without_initialization,
|
||||
diff --git a/src/tests/p11test/p11test_case_pss_oaep.c b/src/tests/p11test/p11test_case_pss_oaep.c
|
||||
index 1d876a5b..5a6ae9d0 100644
|
||||
--- a/src/tests/p11test/p11test_case_pss_oaep.c
|
||||
+++ b/src/tests/p11test/p11test_case_pss_oaep.c
|
||||
@@ -402,7 +402,7 @@ int oaep_encrypt_decrypt_test(test_cert_t *o, token_info_t *info, test_mech_t *m
|
||||
if (message_length < 0) {
|
||||
mech->usage_flags &= ~CKF_DECRYPT;
|
||||
debug_print(" [SKIP %s ] Too small modulus (%ld bits)"
|
||||
- " or too large hash %s (%lu B) for OAEP", o->id_str,
|
||||
+ " or too large hash %s (%zu B) for OAEP", o->id_str,
|
||||
o->bits, get_mechanism_name(mech->hash),
|
||||
get_hash_length(mech->hash));
|
||||
return 0;
|
||||
|
@ -1,16 +0,0 @@
|
||||
diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
|
||||
index d251495c..e48f3189 100644
|
||||
--- a/src/tools/opensc-explorer.c
|
||||
+++ b/src/tools/opensc-explorer.c
|
||||
@@ -2030,9 +2030,9 @@ static int do_put_data(int argc, char **argv)
|
||||
static int do_apdu(int argc, char **argv)
|
||||
{
|
||||
sc_apdu_t apdu;
|
||||
- u8 buf[SC_MAX_EXT_APDU_BUFFER_SIZE];
|
||||
+ u8 buf[SC_MAX_EXT_APDU_BUFFER_SIZE] = {0};
|
||||
u8 rbuf[SC_MAX_EXT_APDU_BUFFER_SIZE];
|
||||
- size_t len, i;
|
||||
+ size_t len = 0, i;
|
||||
int r;
|
||||
|
||||
if (argc < 1)
|
30
opensc.spec
30
opensc.spec
@ -2,8 +2,8 @@
|
||||
%define nssdb %{_sysconfdir}/pki/nssdb
|
||||
|
||||
Name: opensc
|
||||
Version: 0.22.0
|
||||
Release: 2%{?dist}
|
||||
Version: 0.23.0
|
||||
Release: 1%{?dist}
|
||||
Summary: Smart card library and applications
|
||||
|
||||
License: LGPLv2+
|
||||
@ -11,16 +11,10 @@ URL: https://github.com/OpenSC/OpenSC/wiki
|
||||
Source0: https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||
Source1: opensc.module
|
||||
Patch1: opensc-0.19.0-pinpad.patch
|
||||
# https://github.com/OpenSC/OpenSC/pull/2241/
|
||||
Patch5: %{name}-gcc11.patch
|
||||
# https://github.com/OpenSC/OpenSC/pull/2343
|
||||
Patch7: %{name}-32b-arch.patch
|
||||
# File caching by default (#2000626)
|
||||
Patch8: %{name}-%{version}-file-cache.patch
|
||||
# https://github.com/OpenSC/OpenSC/pull/2414 (#2007029)
|
||||
Patch9: %{name}-%{version}-detect-empty.patch
|
||||
Patch8: %{name}-0.22.0-file-cache.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: make
|
||||
BuildRequires: pcsc-lite-devel
|
||||
BuildRequires: readline-devel
|
||||
BuildRequires: openssl-devel
|
||||
@ -31,6 +25,7 @@ BuildRequires: bash-completion
|
||||
BuildRequires: zlib-devel
|
||||
# For tests
|
||||
BuildRequires: libcmocka-devel
|
||||
BuildRequires: vim-common
|
||||
%if ! 0%{?rhel}
|
||||
BuildRequires: softhsm
|
||||
%endif
|
||||
@ -56,10 +51,7 @@ every software/card that does so, too.
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1 -b .pinpad
|
||||
%patch5 -p1 -b .gcc11
|
||||
%patch7 -p1 -b .32b
|
||||
%patch8 -p1 -b .file-cache
|
||||
%patch9 -p1 -b .detect-empty
|
||||
|
||||
cp -p src/pkcs15init/README ./README.pkcs15init
|
||||
cp -p src/scconf/README.scconf .
|
||||
@ -75,21 +67,19 @@ sed -i -e 's/opensc.conf/opensc-%{_arch}.conf/g' src/libopensc/Makefile.in
|
||||
sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths
|
||||
%set_build_flags
|
||||
CFLAGS="$CFLAGS -Wstrict-aliasing=2 -Wno-deprecated-declarations"
|
||||
%configure --disable-static \
|
||||
%configure --disable-static \
|
||||
--disable-autostart-items \
|
||||
--disable-notify \
|
||||
--disable-assert \
|
||||
--enable-pcsc \
|
||||
--enable-cmocka \
|
||||
--enable-sm \
|
||||
--with-pcsc-provider=libpcsclite.so.1
|
||||
--enable-sm
|
||||
%make_build
|
||||
|
||||
|
||||
%check
|
||||
make check
|
||||
|
||||
|
||||
%install
|
||||
%make_install
|
||||
install -Dpm 644 %{SOURCE1} $RPM_BUILD_ROOT%{_datadir}/p11-kit/modules/opensc.module
|
||||
@ -119,9 +109,6 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libopensc.so
|
||||
# remove the .pc file so we do not confuse users #1673139
|
||||
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*.pc
|
||||
rm -f $RPM_BUILD_ROOT%{_libdir}/libsmm-local.so
|
||||
%if 0%{?rhel} && 0%{?rhel} < 7
|
||||
rm -rf %{buildroot}%{_datadir}/bash-completion/
|
||||
%endif
|
||||
|
||||
# the npa-tool builds to nothing since we do not have OpenPACE library
|
||||
rm -rf %{buildroot}%{_bindir}/npa-tool
|
||||
@ -132,7 +119,6 @@ rm -rf %{buildroot}%{_bindir}/pkcs11-register
|
||||
rm -rf %{buildroot}%{_mandir}/man1/pkcs11-register.1*
|
||||
|
||||
# Remove the notification files
|
||||
rm %{buildroot}%{_bindir}/opensc-notify
|
||||
rm %{buildroot}%{_datadir}/applications/org.opensc.notify.desktop
|
||||
rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
|
||||
|
||||
@ -140,9 +126,7 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
|
||||
%files
|
||||
%doc COPYING NEWS README*
|
||||
|
||||
%if ! 0%{?rhel} || 0%{?rhel} >= 7
|
||||
%{_datadir}/bash-completion/*
|
||||
%endif
|
||||
|
||||
%ifarch %{ix86}
|
||||
%{_mandir}/man5/opensc-%{_arch}.conf.5*
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (opensc-0.22.0.tar.gz) = 70ad5f1219f2ec2a5529a30d8e9955510c77c87d0bc857d5951c7227c75cf9de1c6071f43dd3816a2034123ebd902709793ff776e84d5379fdd54c811ccfaaee
|
||||
SHA512 (opensc-0.23.0.tar.gz) = cd102cd64e719c59153960a4921b7525055045f16e6f6ffa8c9def6ce999a9c5098267b41f8753b41107f626bea20c34561002f5d38eddb4ce6b371913a17a1b
|
||||
|
Loading…
Reference in New Issue
Block a user