rpms/opensc
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import opensc-0.22.0-2.el9

Browse Source
This commit is contained in:
CentOS Sources 2021-12-07 14:14:03 -05:00 committed by Stepan Oksanichenko
parent 4ccc938875
commit 4f0ec313e1
3 changed files with 96 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
SOURCES/opensc-0.22.0-detect-empty.patch Normal file
View File

@ -0,0 +1,62 @@
From fe198e8b3837aa4c960e75d0e2a41020ad4dc9f9 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 24 Sep 2021 13:33:26 +0200
Subject: [PATCH 1/9] pkcs11: Unbreak detection of unenrolled cards
This was broken since 58b03b68, which tried to sanitize some states,
but caused C_GetTokenInfo returning CKR_TOKEN_NOT_RECOGNIZED instead
of empty token information.
Note, that this has effect only if the configuration options
enable_default_driver and pkcs11_enable_InitToken are turned on.
Otherwise it still returns CKR_TOKEN_NOT_RECOGNIZED.
---
src/pkcs11/framework-pkcs15.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 74fe7b3c49..4205e41739 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -544,9 +544,7 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
{
struct sc_pkcs11_slot *slot;
struct pkcs15_fw_data *fw_data = NULL;
- struct sc_pkcs15_card *p15card = NULL;
struct sc_pkcs15_object *auth;
- struct sc_pkcs15_auth_info *pin_info;
CK_RV rv;
sc_log(context, "C_GetTokenInfo(%lx)", slotID);
@@ -578,12 +576,6 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
rv = sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
goto out;
}
- p15card = fw_data->p15_card;
- if (!p15card) {
- rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
- goto out;
- }
-
/* User PIN flags are cleared before re-calculation */
slot->token_info.flags &= ~(CKF_USER_PIN_COUNT_LOW|CKF_USER_PIN_FINAL_TRY|CKF_USER_PIN_LOCKED);
auth = slot_data_auth(slot->fw_data);
@@ -591,8 +583,17 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
"C_GetTokenInfo() auth. object %p, token-info flags 0x%lX", auth,
slot->token_info.flags);
if (auth) {
+ struct sc_pkcs15_card *p15card = NULL;
+ struct sc_pkcs15_auth_info *pin_info = NULL;
+
pin_info = (struct sc_pkcs15_auth_info*) auth->data;
+ p15card = fw_data->p15_card;
+ if (!p15card) {
+ rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
+ goto out;
+ }
+
sc_pkcs15_get_pin_info(p15card, auth);
if (pin_info->tries_left >= 0) {

23
SOURCES/opensc-0.22.0-file-cache.patch Normal file
View File

@ -0,0 +1,23 @@
diff -up opensc-0.22.0/etc/opensc.conf.file-cache opensc-0.22.0/etc/opensc.conf
--- opensc-0.22.0/etc/opensc.conf.file-cache 2021-10-08 13:14:44.091772071 +0200
+++ opensc-0.22.0/etc/opensc.conf 2021-10-08 13:19:27.339051951 +0200
@@ -2,7 +2,7 @@ app default {
# debug = 3;
# debug_file = opensc-debug.txt;
framework pkcs15 {
- # use_file_caching = true;
+ use_file_caching = true;
}
reader_driver pcsc {
# The pinpad is disabled by default,
@@ -10,3 +10,10 @@ app default {
enable_pinpad = false;
}
}
+# the pkcs15-init is used for card initialization when the file caching
+# brings more trouble than use so disable that:
+app pkcs15-init {
+ framework pkcs15 {
+ use_file_caching = false;
+ }
+}

12
SPECS/opensc.spec
View File

@ -3,7 +3,7 @@
Name: opensc Name: opensc
Version: 0.22.0 Version: 0.22.0
Release: 1%{?dist} Release: 2%{?dist}
Summary: Smart card library and applications Summary: Smart card library and applications
License: LGPLv2+ License: LGPLv2+
@ -15,6 +15,10 @@ Patch1: opensc-0.19.0-pinpad.patch
Patch5: %{name}-gcc11.patch Patch5: %{name}-gcc11.patch
# https://github.com/OpenSC/OpenSC/pull/2343 # https://github.com/OpenSC/OpenSC/pull/2343
Patch7: %{name}-32b-arch.patch Patch7: %{name}-32b-arch.patch
# File caching by default (#2000626)
Patch8: %{name}-%{version}-file-cache.patch
# https://github.com/OpenSC/OpenSC/pull/2414 (#2007029)
Patch9: %{name}-%{version}-detect-empty.patch
BuildRequires: make BuildRequires: make
BuildRequires: pcsc-lite-devel BuildRequires: pcsc-lite-devel
@ -54,6 +58,8 @@ every software/card that does so, too.
%patch1 -p1 -b .pinpad %patch1 -p1 -b .pinpad
%patch5 -p1 -b .gcc11 %patch5 -p1 -b .gcc11
%patch7 -p1 -b .32b %patch7 -p1 -b .32b
%patch8 -p1 -b .file-cache
%patch9 -p1 -b .detect-empty
cp -p src/pkcs15init/README ./README.pkcs15init cp -p src/pkcs15init/README ./README.pkcs15init
cp -p src/scconf/README.scconf . cp -p src/scconf/README.scconf .
@ -203,6 +209,10 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
%changelog %changelog
* Fri Oct 08 2021 Jakub Jelen <jjelen@redhat.com> - 0.22.0-2
- Unbreak detection of unentrolled smart cards (#2007029)
- Enable file caching by default except for pkcs15-init (#2000626)
* Wed Aug 11 2021 Jakub Jelen <jjelen@redhat.com> - 0.22.0-1 * Wed Aug 11 2021 Jakub Jelen <jjelen@redhat.com> - 0.22.0-1
- New upstream release (#1970534) - New upstream release (#1970534)