Make it work on the -el6 branch as well.

0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch

@@ -1,7 +1,7 @@
 From 406a08cc45a2d0761294002d946ee3381a4706ee Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 09:53:07 -0400
-Subject: [PATCH 01/30] Use PK11_TraverseCertsForNicknameInSlot after all.
+Subject: [PATCH 01/32] Use PK11_TraverseCertsForNicknameInSlot after all.
 
 As of 76bc13c it doesn't appear to be leaky any more, and it does a
 better job of disinguishing between certificates with the same nickname

0002-Remove-an-unused-field.patch

@@ -1,7 +1,7 @@
 From e4aa0a2755d7b00e31760a7f90561b0566445fa4 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 09:54:10 -0400
-Subject: [PATCH 02/30] Remove an unused field.
+Subject: [PATCH 02/32] Remove an unused field.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch

@@ -1,7 +1,7 @@
 From df5afd0e6d92f31a804f5f1631b6fae3b8ef4d8b Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 09:54:37 -0400
-Subject: [PATCH 03/30] Free the certificate list we make once we're done
+Subject: [PATCH 03/32] Free the certificate list we make once we're done
  using it.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch

@@ -1,7 +1,7 @@
 From c13cc0b03dcae9a743cc49aaa62c3923a3e7d8f9 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 09:55:02 -0400
-Subject: [PATCH 04/30] Make sure we actually look up the certificate when not
+Subject: [PATCH 04/32] Make sure we actually look up the certificate when not
  in daemon mode.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0005-Fix-check-for-allocations-on-tokenname-certname.patch

@@ -1,7 +1,7 @@
 From 844138e07535a8aa2be80496378c9929acaa1687 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 10:35:41 -0400
-Subject: [PATCH 05/30] Fix check for allocations on tokenname,certname.
+Subject: [PATCH 05/32] Fix check for allocations on tokenname,certname.
 
 If we didn't have anything to start with, we won't have anything when
 we're done...

0006-Update-valgrind.supp-for-newer-codepaths.patch

@@ -1,7 +1,7 @@
 From 682233d107460b49071017b4d88c0430373dbd35 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 10:55:25 -0400
-Subject: [PATCH 06/30] Update valgrind.supp for newer codepaths.
+Subject: [PATCH 06/32] Update valgrind.supp for newer codepaths.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0007-Free-the-pid-string-once-we-re-done-writing-it.patch

@@ -1,7 +1,7 @@
 From 81bf0e36a82a3d746a01aee50d8ee460dc794b19 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 10:57:20 -0400
-Subject: [PATCH 07/30] Free the pid string once we're done writing it.
+Subject: [PATCH 07/32] Free the pid string once we're done writing it.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch

@@ -1,7 +1,7 @@
 From 50c50c8fbebab3d8b5efff35dc1a7ca4b44d6b19 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 11:08:30 -0400
-Subject: [PATCH 08/30] [valgrind] Don't complain about unlocking a key and
+Subject: [PATCH 08/32] [valgrind] Don't complain about unlocking a key and
  keeping the handle.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0009-Only-try-to-register-OIDs-once.patch

@@ -1,7 +1,7 @@
 From b71f1d2e8f7ad6853e5e68134a66baf9dea2471b Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 11:26:04 -0400
-Subject: [PATCH 09/30] Only try to register OIDs once.
+Subject: [PATCH 09/32] Only try to register OIDs once.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0010-Check-for-NSS_Shutdown-failure.patch

@@ -1,7 +1,7 @@
 From f966137c17f74fc3e343dfb6e04300a9d179de03 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 12:05:29 -0400
-Subject: [PATCH 10/30] Check for NSS_Shutdown() failure.
+Subject: [PATCH 10/32] Check for NSS_Shutdown() failure.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch

@@ -1,7 +1,7 @@
 From 0dddfd5e738232403220b0d18888f94fa0032a59 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 12:17:39 -0400
-Subject: [PATCH 11/30] Don't destroy stdin/stdout/stderr if we don't fork.
+Subject: [PATCH 11/32] Don't destroy stdin/stdout/stderr if we don't fork.
 
 I like being able to read my error messages.
 

0012-valgrind-Add-SECMOD_LoadModule-codepath.patch

@@ -1,7 +1,7 @@
 From 19c8e797d092e17f2882d249d5446728a76db050 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 14:29:30 -0400
-Subject: [PATCH 12/30] [valgrind] Add SECMOD_LoadModule codepath.
+Subject: [PATCH 12/32] [valgrind] Add SECMOD_LoadModule codepath.
 
 This is called once when we initialize the database.
 

0013-Don-t-set-up-digests-in-cms_context_init.patch

@@ -1,7 +1,7 @@
 From 186b6d5d39a1feeaa5f9493d28dc4f53015d551d Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 14:33:35 -0400
-Subject: [PATCH 13/30] Don't set up digests in cms_context_init.
+Subject: [PATCH 13/32] Don't set up digests in cms_context_init.
 
 Move digest setup out of cms_context_init, so we can avoid leaking the
 reference to the digests by not having them in ctx->backup_cms in the

0014-Do-register_oids-where-we-re-doing-NSS_Init.patch

@@ -1,7 +1,7 @@
 From e1f8d4e38f4ad08fb407691a3f59edc19a1f15e2 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 14:41:18 -0400
-Subject: [PATCH 14/30] Do register_oids() where we're doing NSS_Init()
+Subject: [PATCH 14/32] Do register_oids() where we're doing NSS_Init()
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch

@@ -1,7 +1,7 @@
 From 092e3f81233655849156b0948a53f3b5f51b8c97 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 14:43:58 -0400
-Subject: [PATCH 15/30] Make daemon shutdown actually close the NSS databases
+Subject: [PATCH 15/32] Make daemon shutdown actually close the NSS databases
  and whatnot.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch

@@ -1,7 +1,7 @@
 From b6ff405da1bf4627a40fc104457a539788c9f470 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:18:08 -0400
-Subject: [PATCH 16/30] Reformat a bunch of error messages to be vaguely
+Subject: [PATCH 16/32] Reformat a bunch of error messages to be vaguely
  consistent.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0017-Use-PORT_ArenaStrdup-where-appropriate.patch

@@ -1,7 +1,7 @@
 From 8ffe6943f04d42314f81eb8b5e3350d4ccc41895 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:26:23 -0400
-Subject: [PATCH 17/30] Use PORT_ArenaStrdup() where appropriate.
+Subject: [PATCH 17/32] Use PORT_ArenaStrdup() where appropriate.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0018-Minor-whitespace-fixes.patch

@@ -1,7 +1,7 @@
 From c196b462ad5267e8ed20c0b855b9921268b22a7b Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:26:47 -0400
-Subject: [PATCH 18/30] Minor whitespace fixes.
+Subject: [PATCH 18/32] Minor whitespace fixes.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch

@@ -1,7 +1,7 @@
 From 7a8c50f620c7484af9d750f484df8a6837e6b2a5 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:27:03 -0400
-Subject: [PATCH 19/30] [daemon] Make sure inpe is initialized before all
+Subject: [PATCH 19/32] [daemon] Make sure inpe is initialized before all
  error handling.
 
 find_certificate() and set_up_inpe() errors wind up being at the same

0020-Allocate-pesign_context-rather-than-having-it-on-the.patch

@@ -1,7 +1,7 @@
 From 66d3353e6d24c9e69ce71735c5aa4741717a6d68 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:31:15 -0400
-Subject: [PATCH 20/30] Allocate pesign_context rather than having it on the
+Subject: [PATCH 20/32] Allocate pesign_context rather than having it on the
  stack.
 
 This way it won't try to re-initialize cms_context when it's cleaned up.

0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch

@@ -1,7 +1,7 @@
 From 444a514e1a7c9a27953f914cf416d559ef5be083 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:32:57 -0400
-Subject: [PATCH 21/30] [pesign] initialize nss only if we're not a daemon.
+Subject: [PATCH 21/32] [pesign] initialize nss only if we're not a daemon.
 
 If it's a deamon, NSS_Init, register_oids, and setup_digests will be
 done in the daemon code, not in the normal tool code.

0022-Handle-errors-on-pesign_context_init.patch

@@ -1,7 +1,7 @@
 From a1ce809e199c7fbbd6f5c0e75f27a4234fcbd2bc Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 15:34:00 -0400
-Subject: [PATCH 22/30] Handle errors on pesign_context_init()
+Subject: [PATCH 22/32] Handle errors on pesign_context_init()
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch

@@ -1,7 +1,7 @@
 From 4ed91a1bb65769401c0fd6c1c5b2a3c64c0c1266 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 16:35:43 -0400
-Subject: [PATCH 23/30] Add sanity checking to make sure we don't emit
+Subject: [PATCH 23/32] Add sanity checking to make sure we don't emit
  uninitialized hashes.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>

0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch

@@ -1,7 +1,7 @@
 From d8ead122f34375a496d280bcc803f730542ca78d Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 17:47:49 -0400
-Subject: [PATCH 24/30] Make sure we free the token/cert we get from the
+Subject: [PATCH 24/32] Make sure we free the token/cert we get from the
  command line.
 
 This probably needs some further examination, but valgrind likes what's

0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch

@@ -1,7 +1,7 @@
 From 2030d382b49a1b957de829a67f74d9cc127c55ee Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 17:48:44 -0400
-Subject: [PATCH 25/30] [pesign] Only shut down nss in pesign.c if we're not
+Subject: [PATCH 25/32] [pesign] Only shut down nss in pesign.c if we're not
  the daemon.
 
 The daemon does its own init and shutdown.

0026-Rework-setup_digests-and-teardown_digests.patch

@@ -1,7 +1,7 @@
 From 4efe979d6b781e064fe1afa946753ead9e3bbb9d Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 17:49:17 -0400
-Subject: [PATCH 26/30] Rework setup_digests() and teardown_digests()
+Subject: [PATCH 26/32] Rework setup_digests() and teardown_digests()
 
 This fixes the problem I was seeing with empty content_info digests, and
 makes the code a /little/ bit cleaner in some ways.

0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch

@@ -1,7 +1,7 @@
 From 15cd554d35c5ea8d31671b346dffd84e27e7c6ec Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 17:52:57 -0400
-Subject: [PATCH 27/30] We shouldn't need
+Subject: [PATCH 27/32] We shouldn't need
  Environment=NSS_STRICT_NOFORK=DISABLED any more.
 
 Since NSS_Init is called from the daemon now, we should get past its

0028-Fix-errors-found-by-coverity.patch

@@ -1,7 +1,7 @@
 From 1b94dd90f5a1c65df16ffe3b0619ce5dc0ca1f06 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Wed, 17 Oct 2012 19:59:49 -0400
-Subject: [PATCH 28/30] Fix errors found by coverity.
+Subject: [PATCH 28/32] Fix errors found by coverity.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0029-Don-t-keep-the-DEPS-list-twice.patch

@@ -1,7 +1,7 @@
 From 95c0fe1d512fcdf3b397359fb0f54dc44e5947c2 Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Thu, 18 Oct 2012 09:12:25 -0400
-Subject: [PATCH 29/30] Don't keep the DEPS list twice.
+Subject: [PATCH 29/32] Don't keep the DEPS list twice.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0030-Don-t-build-util-right-now.patch

@@ -1,7 +1,7 @@
 From 44aad110fd3f0a12e1817d95047f882c4d8b0fce Mon Sep 17 00:00:00 2001
 From: Peter Jones <pjones@redhat.com>
 Date: Thu, 18 Oct 2012 11:36:10 -0400
-Subject: [PATCH 30/30] Don't build util/ right now.
+Subject: [PATCH 30/32] Don't build util/ right now.
 
 Signed-off-by: Peter Jones <pjones@redhat.com>
 ---

0031-Make-install_systemd-and-install_sysvinit-separate-t.patch

@@ -0,0 +1,163 @@
+From 4c13f6d393db0aa5ff5b327cb5e842ee21522236 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Thu, 18 Oct 2012 13:09:58 -0400
+Subject: [PATCH 31/32] Make "install_systemd" and "install_sysvinit" separate
+ targets
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ Makefile            |  6 ++++
+ src/Makefile        | 16 +++++++----
+ src/pesign.sysvinit | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 99 insertions(+), 5 deletions(-)
+ create mode 100644 src/pesign.sysvinit
+
+diff --git a/Makefile b/Makefile
+index 5e9bd31..12e0dbb 100644
+--- a/Makefile
++++ b/Makefile
+@@ -19,6 +19,12 @@ install :
+ 	$(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
+ 	$(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
+ 
++install_systemd:
++	@for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
++
++install_sysvinit:
++	@for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
++
+ .PHONY: $(SUBDIRS) clean install
+ 
+ include $(TOPDIR)/Make.rules
+diff --git a/src/Makefile b/src/Makefile
+index cb74c12..7e611c8 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -42,7 +42,7 @@ client : $(client_OBJECTS) $(STATIC_LIBS)
+ fuzzsocket_SOURCES = fuzzsocket.c
+ fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
+ fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
+-fuzzsocket : $(fuzzsocket_OBJECTS)
++fuzzsocket : $(fuzzsocket_OBJECTS) -lrt
+ 
+ DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
+ 	$(peverify_DEPS)
+@@ -57,6 +57,16 @@ depclean :
+ clean : depclean
+ 	@rm -rfv *.o *.a *.so $(TARGETS)
+ 
++install_systemd:
++	$(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
++	$(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
++	$(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
++	$(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
++
++install_sysvinit:
++	$(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rc.d/init.d/
++	$(INSTALL) -m 755 pesign.sysvinit $(INSTALLROOT)/etc/rc.d/init.d/pesign
++
+ install :
+ 	$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/
+ 	$(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/
+@@ -72,10 +82,6 @@ install :
+ 	#$(INSTALL) -m 644 peverify.1 $(INSTALLROOT)/usr/share/man/man1/
+ 	$(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rpm/
+ 	$(INSTALL) -m 644 macros.pesign $(INSTALLROOT)/etc/rpm/
+-	$(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
+-	$(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
+-	$(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
+-	$(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
+ 
+ .PHONY: all deps clean install
+ 
+diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit
+new file mode 100644
+index 0000000..f955e01
+--- /dev/null
++++ b/src/pesign.sysvinit
+@@ -0,0 +1,82 @@
++#! /bin/sh
++#
++# pesign	This starts the pesign PE signing daemon
++#
++# chkconfig: - 50 50
++# processname: /usr/bin/pesign
++# pidfile: /var/run/pesign.pid
++### BEGIN INIT INFO 
++# Provides: pesign
++# Default-Start:
++# Default-Stop:
++# Short-Description: The pesign PE signing daemon
++# Description: The pesign PE signing daemon
++### END INIT INFO
++
++. /etc/init.d/functions
++[ -f /usr/bin/pesign ] || exit 1
++
++RETVAL=0
++
++start(){
++    echo -n "Starting pesign: "
++    daemon /usr/bin/pesign --daemonize
++    RETVAL=$?
++    echo
++    touch /var/lock/subsys/pesign
++}
++
++stop(){
++    echo -n "Stopping pesign: "
++    killproc -p /var/run/pesign.pid pesignd
++    RETVAL=$?
++    echo
++    rm -f /var/lock/subsys/pesign
++}
++
++restart(){
++    stop
++    start
++}
++
++reload(){
++    stop
++    start
++}
++
++condrestart(){
++    [ -e /var/lock/subsys/pesign ] && restart
++}
++
++# See how we were called.
++case "$1" in
++    start)
++	start
++	;;
++    stop)
++	stop
++	;;
++    status)
++	status /usr/bin/pesign
++	;;
++    restart)
++	restart
++	;;
++    reload)
++	reload
++	;;
++    force-reload)
++	reload
++	;;
++    condrestart)
++	condrestart
++	;;
++    try-restart)
++	condrestart
++	;;
++    *)
++	echo "Usage: pesign {start|stop|status|restart|condrestart|reload}"
++	RETVAL=1
++esac
++
++exit $RETVAL
+-- 
+1.7.12.1
+

0032-Get-rid-of-an-unnecessary-allocation.patch

@@ -0,0 +1,75 @@
+From df1b69e304f2a7eb82e2f94e50f07099afbf4578 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Thu, 18 Oct 2012 13:10:28 -0400
+Subject: [PATCH 32/32] Get rid of an unnecessary allocation.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ src/client.c | 32 ++++++++++++++------------------
+ 1 file changed, 14 insertions(+), 18 deletions(-)
+
+diff --git a/src/client.c b/src/client.c
+index 8336749..df1c8f2 100644
+--- a/src/client.c
++++ b/src/client.c
+@@ -223,25 +223,17 @@ unlock_token(int sd, char *tokenname, char *pin)
+ {
+ 	struct msghdr msg;
+ 	struct iovec iov[2];
+-	pesignd_msghdr *pm;
++	pesignd_msghdr pm;
+ 
+ 	uint32_t size0 = pesignd_string_size(tokenname);
+ 
+ 	uint32_t size1 = pesignd_string_size(pin);
+ 	
+-	pm = calloc(1, sizeof(*pm));
+-	if (!pm) {
+-oom:
+-		fprintf(stderr, "pesign-client: could not allocate memory: "
+-			"%m\n");
+-		exit(1);
+-	}
+-
+-	pm->version = PESIGND_VERSION;
+-	pm->command = CMD_UNLOCK_TOKEN;
+-	pm->size = size0 + size1;
+-	iov[0].iov_base = pm;
+-	iov[0].iov_len = sizeof (*pm);
++	pm.version = PESIGND_VERSION;
++	pm.command = CMD_UNLOCK_TOKEN;
++	pm.size = size0 + size1;
++	iov[0].iov_base = &pm;
++	iov[0].iov_len = sizeof (pm);
+ 
+ 	memset(&msg, '\0', sizeof(msg));
+ 	msg.msg_iov = iov;
+@@ -257,8 +249,11 @@ oom:
+ 
+ 	uint8_t *buffer = NULL;
+ 	buffer = calloc(1, size0 + size1);
+-	if (!buffer)
+-		goto oom;
++	if (!buffer) {
++		fprintf(stderr, "pesign-client: could not allocate memory: "
++			"%m\n");
++		exit(1);
++	}
+ 
+ 	pesignd_string *tn = (pesignd_string *)buffer;
+ 	pesignd_string_set(tn, tokenname);
+@@ -478,8 +473,9 @@ main(int argc, char *argv[])
+ 
+ 	rc = poptReadDefaultConfig(optCon, 0);
+ 	if (rc < 0) {
+-		fprintf(stderr, "pesign: poprReadDefaultConfig failed: %s\n",
+-		poptStrerror(rc));
++		fprintf(stderr,
++			"pesign-client: poptReadDefaultConfig failed: %s\n",
++			poptStrerror(rc));
+ 		exit(1);
+ 	}
+ 
+-- 
+1.7.12.1
+

pesign.spec

@@ -1,7 +1,7 @@
 Summary: Signing utility for UEFI binaries
 Name: pesign
 Version: 0.99
-Release: 4%{?dist}
+Release: 5%{?dist}
 Group: Development/System
 License: GPLv2
 URL: https://github.com/vathpela/pesign
@@ -17,36 +17,38 @@ ExclusiveArch: i686 x86_64 ia64
 Source0: pesign-%{version}.tar.bz2
 Source1: rh-test-certs.tar.bz2
 
-Patch0: 0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
+Patch1: 0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
-Patch1: 0002-Remove-an-unused-field.patch
+Patch2: 0002-Remove-an-unused-field.patch
-Patch2: 0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
+Patch3: 0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
-Patch3: 0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
+Patch4: 0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
-Patch4: 0005-Fix-check-for-allocations-on-tokenname-certname.patch
+Patch5: 0005-Fix-check-for-allocations-on-tokenname-certname.patch
-Patch5: 0006-Update-valgrind.supp-for-newer-codepaths.patch
+Patch6: 0006-Update-valgrind.supp-for-newer-codepaths.patch
-Patch6: 0007-Free-the-pid-string-once-we-re-done-writing-it.patch
+Patch7: 0007-Free-the-pid-string-once-we-re-done-writing-it.patch
-Patch7: 0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
+Patch8: 0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
-Patch8: 0009-Only-try-to-register-OIDs-once.patch
+Patch9: 0009-Only-try-to-register-OIDs-once.patch
-Patch9: 0010-Check-for-NSS_Shutdown-failure.patch
+Patch10: 0010-Check-for-NSS_Shutdown-failure.patch
-Patch10: 0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
+Patch11: 0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
-Patch11: 0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
+Patch12: 0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
-Patch12: 0013-Don-t-set-up-digests-in-cms_context_init.patch
+Patch13: 0013-Don-t-set-up-digests-in-cms_context_init.patch
-Patch13: 0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
+Patch14: 0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
-Patch14: 0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
+Patch15: 0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
-Patch15: 0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
+Patch16: 0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
-Patch16: 0017-Use-PORT_ArenaStrdup-where-appropriate.patch
+Patch17: 0017-Use-PORT_ArenaStrdup-where-appropriate.patch
-Patch17: 0018-Minor-whitespace-fixes.patch
+Patch18: 0018-Minor-whitespace-fixes.patch
-Patch18: 0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
+Patch19: 0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
-Patch19: 0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
+Patch20: 0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
-Patch20: 0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
+Patch21: 0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
-Patch21: 0022-Handle-errors-on-pesign_context_init.patch
+Patch22: 0022-Handle-errors-on-pesign_context_init.patch
-Patch22: 0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
+Patch23: 0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
-Patch23: 0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
+Patch24: 0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
-Patch24: 0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
+Patch25: 0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
-Patch25: 0026-Rework-setup_digests-and-teardown_digests.patch
+Patch26: 0026-Rework-setup_digests-and-teardown_digests.patch
-Patch26: 0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
+Patch27: 0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
-Patch27: 0028-Fix-errors-found-by-coverity.patch
+Patch28: 0028-Fix-errors-found-by-coverity.patch
-Patch28: 0029-Don-t-keep-the-DEPS-list-twice.patch
+Patch29: 0029-Don-t-keep-the-DEPS-list-twice.patch
 Patch30: 0030-Don-t-build-util-right-now.patch
+Patch31: 0031-Make-install_systemd-and-install_sysvinit-separate-t.patch
+Patch32: 0032-Get-rid-of-an-unnecessary-allocation.patch
 
 %description
 This package contains the pesign utility for signing UEFI binaries as
@@ -111,6 +113,9 @@ exit 0
 %ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid
 
 %changelog
+* Thu Oct 18 2012 Peter Jones <pjones@redhat.com> - 0.99-5
+- Make it work on the -el6 branch as well.
+
 * Wed Oct 17 2012 Peter Jones <pjones@redhat.com> - 0.99-4
 - Fix some more bugs found by valgrind and coverity.
 - Don't build utils/ ; we're not using them and they're not ready anyway.