diff --git a/opensc-gcc11.patch b/opensc-gcc11.patch
index 0f41d60..484405b 100644
--- a/opensc-gcc11.patch
+++ b/opensc-gcc11.patch
@@ -15,3 +15,347 @@ index 41e620a..57f8a79 100644
  	/* loop over the args and parse them, making sure the result fits into buf[] */
  	for (i = 0, len = 0; i < (unsigned) argc && len < sizeof(buf); i++)   {
  		size_t len0 = sizeof(buf) - len;
+commit 1680b3a1fb15319e41dbe3214ef8c4a4c215d529
+Author: Jakub Jelen <jjelen@redhat.com>
+Date:   Tue Feb 23 19:57:02 2021 +0100
+
+    Fix build on gcc11
+    
+    This made most of the applications crashing in Fedora 34 when
+    smart card was plugged in.
+    
+    The suggested patch makes the code path more obvious for gcc to
+    handle.
+    
+    https://bugzilla.redhat.com/show_bug.cgi?id=1930652
+
+diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
+index 18803b83..c65ec3ed 100644
+--- a/src/pkcs11/framework-pkcs15.c
++++ b/src/pkcs11/framework-pkcs15.c
+@@ -670,6 +670,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
+ {
+ 	struct sc_pkcs15_cert_info *p15_info = NULL;
+ 	struct sc_pkcs15_cert *p15_cert = NULL;
++	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_cert_object *object = NULL;
+ 	struct pkcs15_pubkey_object *obj2 = NULL;
+ 	int rv;
+@@ -686,8 +687,9 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
+ 	}
+ 
+ 	/* Certificate object */
+-	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
++	rv = __pkcs15_create_object(fw_data, &any_object,
+ 			cert, &pkcs15_cert_ops, sizeof(struct pkcs15_cert_object));
++	object = (struct pkcs15_cert_object *) any_object;
+ 	if (rv < 0) {
+ 		if (p15_cert != NULL)
+ 			sc_pkcs15_free_certificate(p15_cert);
+@@ -720,7 +722,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
+ 	pkcs15_cert_extract_label(object);
+ 
+ 	if (cert_object != NULL)
+-		*cert_object = (struct pkcs15_any_object *) object;
++		*cert_object = any_object;
+ 
+ 	return 0;
+ }
+@@ -730,6 +732,7 @@ static int
+ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
+ 	struct sc_pkcs15_object *pubkey, struct pkcs15_any_object **pubkey_object)
+ {
++	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_pubkey_object *object = NULL;
+ 	struct sc_pkcs15_pubkey *p15_key = NULL;
+ 	int rv;
+@@ -758,8 +761,9 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
+ 	}
+ 
+ 	/* Public key object */
+-	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
++	rv = __pkcs15_create_object(fw_data, &any_object,
+ 			pubkey, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
++	object = (struct pkcs15_pubkey_object *) any_object;
+ 	if (rv >= 0) {
+ 		object->pub_info = (struct sc_pkcs15_pubkey_info *) pubkey->data;
+ 		object->pub_data = p15_key;
+@@ -773,7 +777,7 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
+ 			object->pub_data->alg_id->params = &((object->pub_data->u).gostr3410.params);
+ 	}
+ 	if (pubkey_object != NULL)
+-		*pubkey_object = (struct pkcs15_any_object *) object;
++		*pubkey_object = any_object;
+ 
+ 	return rv;
+ }
+@@ -783,16 +787,18 @@ static int
+ __pkcs15_create_prkey_object(struct pkcs15_fw_data *fw_data,
+ 	struct sc_pkcs15_object *prkey, struct pkcs15_any_object **prkey_object)
+ {
++	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_prkey_object *object = NULL;
+ 	int rv;
+ 
+-	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
++	rv = __pkcs15_create_object(fw_data, &any_object,
+ 			prkey, &pkcs15_prkey_ops, sizeof(struct pkcs15_prkey_object));
++	object = (struct pkcs15_prkey_object *) any_object;
+ 	if (rv >= 0)
+ 		object->prv_info = (struct sc_pkcs15_prkey_info *) prkey->data;
+ 
+ 	if (prkey_object != NULL)
+-		*prkey_object = (struct pkcs15_any_object *) object;
++		*prkey_object = any_object;
+ 
+ 	return rv;
+ }
+@@ -802,18 +808,20 @@ static int
+ __pkcs15_create_data_object(struct pkcs15_fw_data *fw_data,
+ 		struct sc_pkcs15_object *object, struct pkcs15_any_object **data_object)
+ {
++	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_data_object *dobj = NULL;
+ 	int rv;
+ 
+-	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &dobj,
++	rv = __pkcs15_create_object(fw_data, &any_object,
+ 			object, &pkcs15_dobj_ops, sizeof(struct pkcs15_data_object));
++        dobj = (struct pkcs15_data_object *) any_object;
+ 	if (rv >= 0)   {
+ 		dobj->info = (struct sc_pkcs15_data_info *) object->data;
+ 		dobj->value = NULL;
+ 	}
+ 
+ 	if (data_object != NULL)
+-		*data_object = (struct pkcs15_any_object *) dobj;
++		*data_object = any_object;
+ 
+ 	return rv;
+ }
+@@ -853,16 +861,18 @@ static int
+ __pkcs15_create_secret_key_object(struct pkcs15_fw_data *fw_data,
+ 		struct sc_pkcs15_object *object, struct pkcs15_any_object **skey_object)
+ {
++	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_skey_object *skey = NULL;
+ 	int rv;
+ 
+-	rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &skey,
++	rv = __pkcs15_create_object(fw_data, &any_object,
+ 			object, &pkcs15_skey_ops, sizeof(struct pkcs15_skey_object));
++        skey = (struct pkcs15_skey_object *) any_object;
+ 	if (rv >= 0)
+ 		skey->info = (struct sc_pkcs15_skey_info *) object->data;
+ 
+ 	if (skey_object != NULL)
+-		*skey_object = (struct pkcs15_any_object *) skey;
++		*skey_object = any_object;
+ 
+ 	return rv;
+ }
+diff --git a/src/libopensc/pkcs15-westcos.c b/src/libopensc/pkcs15-westcos.c
+index 885abd37..9277061b 100644
+--- a/src/libopensc/pkcs15-westcos.c
++++ b/src/libopensc/pkcs15-westcos.c
+@@ -124,18 +124,17 @@ static int sc_pkcs15emu_westcos_init(sc_pkcs15_card_t * p15card)
+ 		struct sc_pkcs15_pubkey_info pubkey_info;
+ 		struct sc_pkcs15_object pubkey_obj;
+ 		struct sc_pkcs15_pubkey *pkey = NULL;
++		sc_pkcs15_cert_t *cert = NULL;
++
+ 		memset(&cert_info, 0, sizeof(cert_info));
+ 		memset(&cert_obj, 0, sizeof(cert_obj));
+ 		cert_info.id.len = 1;
+ 		cert_info.id.value[0] = 0x45;
+ 		cert_info.authority = 0;
+ 		cert_info.path = path;
+-		r = sc_pkcs15_read_certificate(p15card, &cert_info,
+-					       (sc_pkcs15_cert_t
+-						**) (&cert_obj.data));
++		r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert);
++		cert_obj.data = (void *) cert;
+ 		if (!r) {
+-			sc_pkcs15_cert_t *cert =
+-			    (sc_pkcs15_cert_t *) (cert_obj.data);
+ 			strlcpy(cert_obj.label, "User certificate",
+ 				sizeof(cert_obj.label));
+ 			cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
+diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
+index c65ec3ed..a5e6ff1f 100644
+--- a/src/pkcs11/framework-pkcs15.c
++++ b/src/pkcs11/framework-pkcs15.c
+@@ -673,6 +673,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
+ 	struct pkcs15_any_object *any_object = NULL;
+ 	struct pkcs15_cert_object *object = NULL;
+ 	struct pkcs15_pubkey_object *obj2 = NULL;
++	struct pkcs15_any_object *any_object2 = NULL;
+ 	int rv;
+ 
+ 	p15_info = (struct sc_pkcs15_cert_info *) cert->data;
+@@ -700,10 +701,11 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
+ 	object->cert_data = p15_cert;
+ 
+ 	/* Corresponding public key */
+-	rv = public_key_created(fw_data, &p15_info->id, (struct pkcs15_any_object **) &obj2);
++	rv = public_key_created(fw_data, &p15_info->id, &any_object2);
+ 	if (rv != SC_SUCCESS)
+-		rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &obj2,
++		rv = __pkcs15_create_object(fw_data, &any_object2,
+ 				NULL, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
++	obj2 = (struct pkcs15_pubkey_object *) any_object2;
+ 	if (rv < 0)
+ 		return rv;
+ 
+@@ -2975,14 +2977,17 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
+ 	const CK_BYTE * gost_params_encoded_oid_from_template;
+ 	const CK_BYTE * gost_hash_params_encoded_oid_from_template;
+ 	size_t len, param_index, hash_index;
++	void *ptr = NULL;
+ 	CK_RV rv;
+ 
+ 	/* If template has CKA_GOSTR3410_PARAMS attribute, set param_index to
+ 	 * corresponding item's index in gostr3410_param_oid[] */
+-	if (pPrivTpl && ulPrivCnt)
+-		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
+-	else
+-		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
++	if (pPrivTpl && ulPrivCnt) {
++		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
++	} else {
++		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
++	}
++	gost_params_encoded_oid_from_template = (const CK_BYTE *) ptr;
+ 
+ 	if (rv == CKR_OK) {
+ 		size_t nn = sizeof(gostr3410_param_oid)/sizeof(gostr3410_param_oid[0]);
+@@ -3005,10 +3010,12 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
+ 
+ 	/* If template has CKA_GOSTR3411_PARAMS attribute, set hash_index to
+ 	 * corresponding item's index in gostr3410_hash_param_oid[] */
+-	if (pPrivTpl && ulPrivCnt)
+-		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
+-	else
+-		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
++	if (pPrivTpl && ulPrivCnt) {
++		rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
++	} else {
++		rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
++	}
++	gost_hash_params_encoded_oid_from_template = ptr;
+ 
+ 	if (rv == CKR_OK) {
+ 		size_t nn = sizeof(gostr3410_hash_param_oid)/sizeof(gostr3410_hash_param_oid[0]);
+@@ -3155,9 +3162,11 @@ pkcs15_gen_keypair(struct sc_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism,
+ 	}
+ 	else if (keytype == CKK_EC)   {
+ 		struct sc_lv_data *der = &keygen_args.prkey_args.key.u.ec.params.der;
++		void *ptr = NULL;
+ 
+ 		der->len = sizeof(struct sc_object_id);
+-		rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, (void **)&der->value, &der->len);
++		rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, &ptr, &der->len);
++		der->value = (unsigned char *) ptr;
+ 		if (rv != CKR_OK)   {
+ 			sc_unlock(p11card->card);
+ 			return sc_to_cryptoki_error(rc, "C_GenerateKeyPair");
+diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
+index 8fb3e5af..a6c91ce1 100644
+--- a/src/pkcs11/pkcs11-object.c
++++ b/src/pkcs11/pkcs11-object.c
+@@ -347,6 +347,7 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession,	/* the session's handle */
+ 	struct sc_pkcs11_object *object;
+ 	struct sc_pkcs11_find_operation *operation;
+ 	struct sc_pkcs11_slot *slot;
++	struct sc_pkcs11_operation *op = NULL;
+ 
+ 	if (pTemplate == NULL_PTR && ulCount > 0)
+ 		return CKR_ARGUMENTS_BAD;
+@@ -363,7 +364,8 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession,	/* the session's handle */
+ 	dump_template(SC_LOG_DEBUG_NORMAL, "C_FindObjectsInit()", pTemplate, ulCount);
+ 
+ 	rv = session_start_operation(session, SC_PKCS11_OPERATION_FIND,
+-				     &find_mechanism, (struct sc_pkcs11_operation **)&operation);
++				     &find_mechanism, &op);
++	operation = (struct sc_pkcs11_find_operation *) op;
+ 	if (rv != CKR_OK)
+ 		goto out;
+ 
+diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
+index a6c91ce1..603a6713 100644
+--- a/src/pkcs11/pkcs11-object.c
++++ b/src/pkcs11/pkcs11-object.c
+@@ -453,6 +453,7 @@ C_FindObjects(CK_SESSION_HANDLE hSession,	/* the session's handle */
+ 	CK_ULONG to_return;
+ 	struct sc_pkcs11_session *session;
+ 	struct sc_pkcs11_find_operation *operation;
++	struct sc_pkcs11_operation *op = NULL;
+ 
+ 	if (phObject == NULL_PTR || ulMaxObjectCount == 0 || pulObjectCount == NULL_PTR)
+ 		return CKR_ARGUMENTS_BAD;
+@@ -465,7 +466,8 @@ C_FindObjects(CK_SESSION_HANDLE hSession,	/* the session's handle */
+ 	if (rv != CKR_OK)
+ 		goto out;
+ 
+-	rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, (sc_pkcs11_operation_t **) & operation);
++	rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, &op);
++	operation = (struct sc_pkcs11_find_operation *) op;
+ 	if (rv != CKR_OK)
+ 		goto out;
+ 
+diff --git a/src/tools/pkcs11-register.c b/src/tools/pkcs11-register.c
+index 007ff1ae..873ebcba 100644
+--- a/src/tools/pkcs11-register.c
++++ b/src/tools/pkcs11-register.c
+@@ -123,13 +123,15 @@ add_module_pkcs11_txt(const char *profile_dir,
+ 	char pkcs11_txt_path[PATH_MAX];
+ 	char *pkcs11_txt = NULL;
+ 	size_t pkcs11_txt_len = 0;
++	unsigned char *txt = NULL;
++
+ 	if (!profile_dir
+ 			|| snprintf(pkcs11_txt_path, sizeof pkcs11_txt_path,
+ 				"%s%c%s", profile_dir, path_sep, "pkcs11.txt") < 0
+-			|| !fread_to_eof(pkcs11_txt_path,
+-				(unsigned char **) &pkcs11_txt, &pkcs11_txt_len)) {
++			|| !fread_to_eof(pkcs11_txt_path, &txt, &pkcs11_txt_len)) {
+ 		goto err;
+ 	}
++	pkcs11_txt = (char *)txt;
+ 	char *p = realloc(pkcs11_txt, pkcs11_txt_len+1);
+ 	if (!p)
+ 		goto err;
+diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
+index a4d9c94b..35b96792 100644
+--- a/src/tools/pkcs11-tool.c
++++ b/src/tools/pkcs11-tool.c
+@@ -6303,11 +6303,12 @@ static CK_SESSION_HANDLE test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE
+ 		return session;
+ 	}
+ 
+-	tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
+-	if (opt_object_id_len == 0) {
++	tmp = getID(session, priv_key, &i);
++	if (i == 0) {
+ 		fprintf(stderr, "ERR: newly generated private key has no (or an empty) CKA_ID\n");
+ 		return session;
+ 	}
++	opt_object_id_len = (size_t) i;
+ 	memcpy(opt_object_id, tmp, opt_object_id_len);
+ 
+ 	/* This is done in NSS */
+@@ -6485,11 +6486,12 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
+ 	if (!gen_keypair(slot, session, &pub_key, &priv_key, opt_key_type))
+ 		return;
+ 
+-	tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
+-	if (opt_object_id_len == 0) {
++	tmp = getID(session, priv_key, &i);
++	if (i == 0) {
+ 		printf("ERR: newly generated private key has no (or an empty) CKA_ID\n");
+ 		return;
+ 	}
++	i = (size_t) opt_object_id_len;
+ 	memcpy(opt_object_id, tmp, opt_object_id_len);
+ 
+ 	/* This is done in NSS */
diff --git a/opensc.spec b/opensc.spec
index 786b307..0253d17 100644
--- a/opensc.spec
+++ b/opensc.spec
@@ -3,7 +3,7 @@
 
 Name:           opensc
 Version:        0.21.0
-Release:        2%{?dist}
+Release:        4%{?dist}
 Summary:        Smart card library and applications
 
 License:        LGPLv2+
@@ -14,6 +14,7 @@ Source1:        opensc.module
 # https://github.com/OpenSC/OpenSC/blob/master/tests/common.sh
 Source2:        common.sh
 Patch1:         opensc-0.19.0-pinpad.patch
+# https://github.com/OpenSC/OpenSC/pull/2241/
 Patch5:         %{name}-gcc11.patch
 
 BuildRequires: make
@@ -73,6 +74,8 @@ autoreconf -fvi
 sed -i -e 's/opensc.conf/opensc-%{_arch}.conf/g' src/libopensc/Makefile.in
 %endif
 sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths
+%set_build_flags
+CFLAGS="$CFLAGS -Wstrict-aliasing=2"
 %configure  --disable-static \
   --disable-autostart-items \
   --disable-notify \
@@ -207,6 +210,12 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
 
 
 %changelog
+* Thu Feb 25 2021 Jakub Jelen <jjelen@redhat.com> - 0.21.0-4
+- Couple of more issues of strict aliasing (#1930652)
+
+* Tue Feb 23 2021 Jakub Jelen <jjelen@redhat.com> - 0.21.0-3
+- Unbreak with gcc11 (#1930652)
+
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.21.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild