rpms/opensc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Added fixes for issues in pkcs11-tool

Browse Source 
Resolves: #1071369, #1071368
This commit is contained in:
Nikos Mavrogiannopoulos 2014-02-28 16:28:52 +01:00
parent b7946ebbe2
commit b79ccf8517
3 changed files with 100 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
opensc-dlclose.patch Normal file
View File

@ -0,0 +1,26 @@
From 6d02503e19680a9f3f4e556e4cd99b1c2bbf6d1a Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 28 Feb 2014 16:17:37 +0100
Subject: [PATCH] Call dlclose() only when having a valid handle.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
src/common/libpkcs11.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/common/libpkcs11.c b/src/common/libpkcs11.c
index f8c70a7..b22d16d 100644
--- a/src/common/libpkcs11.c
+++ b/src/common/libpkcs11.c
@@ -74,7 +74,7 @@ C_UnloadModule(void *module)
if (!mod || mod->_magic != MAGIC)
return CKR_ARGUMENTS_BAD;
- if (sc_dlclose(mod->handle) < 0)
+ if (mod->handle != NULL && sc_dlclose(mod->handle) < 0)
return CKR_FUNCTION_FAILED;
memset(mod, 0, sizeof(*mod));
--
1.8.5.3

64
opensc-out-of-scope.patch Normal file
View File

@ -0,0 +1,64 @@
diff -ur opensc-0.13.0.orig/src/tools/pkcs11-tool.c opensc-0.13.0/src/tools/pkcs11-tool.c
--- opensc-0.13.0.orig/src/tools/pkcs11-tool.c 2012-12-04 15:43:40.000000000 +0100
+++ opensc-0.13.0/src/tools/pkcs11-tool.c 2014-02-28 16:33:19.234607615 +0100
@@ -1778,6 +1778,9 @@
CK_RV rv;
int need_to_parse_certdata = 0;
unsigned char *oid_buf = NULL;
+ CK_OBJECT_CLASS clazz;
+ CK_CERTIFICATE_TYPE cert_type;
+ CK_KEY_TYPE type = CKK_RSA;
#ifdef ENABLE_OPENSSL
struct x509cert_info cert;
struct rsakey_info rsa;
@@ -1858,8 +1861,8 @@
}
if (opt_object_class == CKO_CERTIFICATE) {
- CK_OBJECT_CLASS clazz = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE cert_type = CKC_X_509;
+ clazz = CKO_CERTIFICATE;
+ cert_type = CKC_X_509;
FILL_ATTR(cert_templ[0], CKA_TOKEN, &_true, sizeof(_true));
FILL_ATTR(cert_templ[1], CKA_VALUE, contents, contents_len);
@@ -1892,7 +1895,7 @@
}
else
if (opt_object_class == CKO_PRIVATE_KEY) {
- CK_OBJECT_CLASS clazz = CKO_PRIVATE_KEY;
+ clazz = CKO_PRIVATE_KEY;
n_privkey_attr = 0;
FILL_ATTR(privkey_templ[n_privkey_attr], CKA_CLASS, &clazz, sizeof(clazz));
@@ -1940,7 +1943,7 @@
}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_EC)
else if (evp_key->type == NID_id_GostR3410_2001) {
- CK_KEY_TYPE type = CKK_GOSTR3410;
+ type = CKK_GOSTR3410;
FILL_ATTR(privkey_templ[n_privkey_attr], CKA_KEY_TYPE, &type, sizeof(type));
n_privkey_attr++;
@@ -1958,8 +1961,8 @@
}
else
if (opt_object_class == CKO_PUBLIC_KEY) {
- CK_OBJECT_CLASS clazz = CKO_PUBLIC_KEY;
- CK_KEY_TYPE type = CKK_RSA;
+ clazz = CKO_PUBLIC_KEY;
+ type = CKK_RSA;
FILL_ATTR(pubkey_templ[0], CKA_CLASS, &clazz, sizeof(clazz));
FILL_ATTR(pubkey_templ[1], CKA_KEY_TYPE, &type, sizeof(type));
@@ -1998,7 +2001,7 @@
}
else
if (opt_object_class == CKO_DATA) {
- CK_OBJECT_CLASS clazz = CKO_DATA;
+ clazz = CKO_DATA;
FILL_ATTR(data_templ[0], CKA_CLASS, &clazz, sizeof(clazz));
FILL_ATTR(data_templ[1], CKA_TOKEN, &_true, sizeof(_true));
FILL_ATTR(data_templ[2], CKA_VALUE, &contents, contents_len);
Only in opensc-0.13.0/src/tools: pkcs11-tool.c~
Only in opensc-0.13.0/src/tools: pkcs11-tool.c.orig

11
opensc.spec
View File

@ -1,6 +1,6 @@
Name: opensc Name: opensc
Version: 0.13.0 Version: 0.13.0
Release: 11%{?dist} Release: 12%{?dist}
Summary: Smart card library and applications Summary: Smart card library and applications
Group: System Environment/Libraries Group: System Environment/Libraries
@ -13,6 +13,8 @@ Source1: opensc.module
Patch0: 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch Patch0: 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch
Patch1: opensc-epass2003.patch Patch1: opensc-epass2003.patch
Patch2: opensc-myeid.patch Patch2: opensc-myeid.patch
Patch3: opensc-out-of-scope.patch
Patch4: opensc-dlclose.patch
BuildRequires: pcsc-lite-devel BuildRequires: pcsc-lite-devel
BuildRequires: readline-devel BuildRequires: readline-devel
@ -39,6 +41,8 @@ every software/card that does so, too.
%patch0 -p1 -b .cert_length %patch0 -p1 -b .cert_length
%patch1 -p1 -b .epass2003 %patch1 -p1 -b .epass2003
%patch2 -p1 -b .myeid %patch2 -p1 -b .myeid
%patch3 -p1 -b .out-of-scope
%patch4 -p1 -b .dlclose
sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths
cp -p src/pkcs15init/README ./README.pkcs15init cp -p src/pkcs15init/README ./README.pkcs15init
@ -125,6 +129,11 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libsmm-local.so
%changelog %changelog
* Fri Feb 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 0.13.0-12
- Added fix for crash when calling pkcs11-tool with an invalid module (#1071368)
- Added fix for invalid parameters passed to module by pkcs11-tool
when importing a private key (#1071369)
* Fri Jan 31 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 0.13.0-11 * Fri Jan 31 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 0.13.0-11
- Corrected installation path of opensc.module (#1060053) - Corrected installation path of opensc.module (#1060053)