Update to 0.98
- Add client/server mode.
This commit is contained in:
Peter Jones
parent
60f1503bcc
commit
e7f0d0243b
@ -1,27 +0,0 @@
|
||||
From 1caa864e41ebd26a2289bf69d44183e88b76b207 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Aug 2012 11:52:29 -0400
|
||||
Subject: [PATCH] Make macros.pesign work a bit better.
|
||||
|
||||
---
|
||||
src/macros.pesign | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/macros.pesign b/src/macros.pesign
|
||||
index d12ad05..beb6489 100644
|
||||
--- a/src/macros.pesign
|
||||
+++ b/src/macros.pesign
|
||||
@@ -6,8 +6,8 @@
|
||||
# %pesign -s -i shim.orig -o shim.efi
|
||||
# And magically get the right thing.
|
||||
|
||||
-%__pesign_token %{expand: %%{?defined(pe_signing_token):%{nil}}%%{!?defined(pe_signing_token):-t "%%{pe_signing_token}"}}
|
||||
-%__pesign_cert %{expand: %%{?defined(pe_signing_cert):%{nil}}%%{!?defined(pe_signing_cert):-c "%%{pe_signing_cert}"}}
|
||||
+%__pesign_token %{expand: %%{nil} %%{?pe_signing_token:-t "%%{pe_signing_token}"}}
|
||||
+%__pesign_cert %{expand: %%{!?pe_signing_cert:-c "Red Hat Test Certificate"} %%{?pe_signing_cert:-c "%%{pe_signing_cert}"}}
|
||||
|
||||
%_pesign /usr/bin/pesign
|
||||
%pesign \
|
||||
--
|
||||
1.7.11.4
|
||||
|
||||
@ -1,38 +0,0 @@
|
||||
From 3b8ca0d0068e452e7c97e761a69a34757cbd135c Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Wed, 15 Aug 2012 11:32:40 -0400
|
||||
Subject: [PATCH] Simplify macros.pesign some more.
|
||||
|
||||
---
|
||||
src/macros.pesign | 16 ++++++++++++----
|
||||
1 file changed, 12 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/macros.pesign b/src/macros.pesign
|
||||
index 7932629..703edbb 100644
|
||||
--- a/src/macros.pesign
|
||||
+++ b/src/macros.pesign
|
||||
@@ -6,9 +6,17 @@
|
||||
# %pesign -s -i shim.orig -o shim.efi
|
||||
# And magically get the right thing.
|
||||
|
||||
-%__pesign_token %{expand: %%{nil} %%{?pe_signing_token:-t "%%{pe_signing_token}"}}
|
||||
-%__pesign_cert %{expand: %%{!?pe_signing_cert:-c "Red Hat Test Certificate"} %%{?pe_signing_cert:-c "%%{pe_signing_cert}"}}
|
||||
+%__pesign_token %{nil}%{?pe_signing_token:-t "%{pe_signing_token}"}
|
||||
+%__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"}
|
||||
|
||||
-%_pesign %{expand:%%([ %%{_arch} == x86_64 ] && echo /usr/bin/pesign || echo /usr/bin/true)}
|
||||
+%_pesign /usr/bin/pesign
|
||||
+
|
||||
+%pesign(i:o:C:s) \
|
||||
+ if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
|
||||
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-s} \
|
||||
+ else \
|
||||
+ if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
|
||||
+ mv %{-i*} %{-o*} \
|
||||
+ fi \
|
||||
+ fi ;
|
||||
|
||||
-%pesign %{_pesign} %{__pesign_token} %{__pesign_cert}
|
||||
--
|
||||
1.7.11.2
|
||||
|
||||
@ -1,24 +0,0 @@
|
||||
From a967a147079085fce9b3a4d66cbdd28ccbab559f Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Fri, 28 Sep 2012 14:27:54 -0400
|
||||
Subject: [PATCH] Fix missing section relocation when we've added space.
|
||||
|
||||
---
|
||||
libdpe/pe_allocspace.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c
|
||||
index d766503..0ae1f5d 100644
|
||||
--- a/libdpe/pe_allocspace.c
|
||||
+++ b/libdpe/pe_allocspace.c
|
||||
@@ -46,6 +46,7 @@ pe_fix_addresses(Pe *pe, int64_t offset)
|
||||
&pe->state.pe.shdr[cnt];
|
||||
|
||||
adjust(pe->state.pe.scns.data[cnt].rawdata_base, offset);
|
||||
+ adjust(pe->state.pe.scns.data[cnt].data_base, offset);
|
||||
}
|
||||
}
|
||||
#undef adjust
|
||||
--
|
||||
1.7.12.1
|
||||
|
||||
@ -1,26 +0,0 @@
|
||||
From a8e0e93a15ae57dcfc2bf20921fc5fe604dee3fa Mon Sep 17 00:00:00 2001
|
||||
From: Peter Jones <pjones@redhat.com>
|
||||
Date: Tue, 14 Aug 2012 15:44:26 -0400
|
||||
Subject: [PATCH] Only sign things on x86_64.
|
||||
|
||||
---
|
||||
src/macros.pesign | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/macros.pesign b/src/macros.pesign
|
||||
index beb6489..7932629 100644
|
||||
--- a/src/macros.pesign
|
||||
+++ b/src/macros.pesign
|
||||
@@ -9,6 +9,6 @@
|
||||
%__pesign_token %{expand: %%{nil} %%{?pe_signing_token:-t "%%{pe_signing_token}"}}
|
||||
%__pesign_cert %{expand: %%{!?pe_signing_cert:-c "Red Hat Test Certificate"} %%{?pe_signing_cert:-c "%%{pe_signing_cert}"}}
|
||||
|
||||
-%_pesign /usr/bin/pesign
|
||||
-%pesign \
|
||||
-%{_pesign} %{__pesign_token} %{__pesign_cert}
|
||||
+%_pesign %{expand:%%([ %%{_arch} == x86_64 ] && echo /usr/bin/pesign || echo /usr/bin/true)}
|
||||
+
|
||||
+%pesign %{_pesign} %{__pesign_token} %{__pesign_cert}
|
||||
--
|
||||
1.7.11.4
|
||||
|
||||
40
pesign.spec
40
pesign.spec
@ -1,13 +1,14 @@
|
||||
Summary: Signing utility for UEFI binaries
|
||||
Name: pesign
|
||||
Version: 0.10
|
||||
Release: 5%{?dist}
|
||||
Version: 0.98
|
||||
Release: 1%{?dist}
|
||||
Group: Development/System
|
||||
License: GPLv2
|
||||
URL: https://github.com/vathpela/pesign
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: git gnu-efi nspr nspr-devel nss nss-devel nss-util popt-devel
|
||||
Requires: nspr nss nss-util popt rpm
|
||||
Requires(pre): shadow-utils
|
||||
ExclusiveArch: i686 x86_64 ia64
|
||||
|
||||
# there is no tarball at github, of course. To get this version do:
|
||||
@ -16,11 +17,6 @@ ExclusiveArch: i686 x86_64 ia64
|
||||
Source0: pesign-%{version}.tar.bz2
|
||||
Source1: rh-test-certs.tar.bz2
|
||||
|
||||
Patch0: pesign-0.10-better-macros.patch
|
||||
Patch1: pesign-0.10-only-sign-on-x86-64.patch
|
||||
Patch2: pesign-0.10-even-better-macros.patch
|
||||
Patch3: pesign-0.10-missing-section-reloc.patch
|
||||
|
||||
%description
|
||||
This package contains the pesign utility for signing UEFI binaries as
|
||||
well as other associated tools.
|
||||
@ -49,17 +45,43 @@ mv rh-test-certs/etc/pki/pesign/* %{buildroot}/etc/pki/pesign/
|
||||
%clean
|
||||
rm -rf %{buildroot}
|
||||
|
||||
%pre
|
||||
getent group pesign >/dev/null || groupadd -r pesign
|
||||
getent passwd pesign >/dev/null || \
|
||||
useradd -r -g pesign -d /var/run/pesign -s /sbin/nologin \
|
||||
-c "Group for the pesign signing daemon" pesign
|
||||
exit 0
|
||||
|
||||
%post
|
||||
%systemd_post pesign.service
|
||||
|
||||
%preun
|
||||
%systemd_preun pesign.service
|
||||
|
||||
%postun
|
||||
%systemd_postun_with_restart pesign.service
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%doc README TODO COPYING
|
||||
%{_bindir}/pesign
|
||||
%{_bindir}/pesign-client
|
||||
%{_sysconfdir}/popt.d/pesign.popt
|
||||
%{_sysconfdir}/rpm/macros.pesign
|
||||
%{_mandir}/man*/*
|
||||
%attr(0755,root,root) /etc/pki/pesign
|
||||
%attr(0644,root,root) /etc/pki/pesign/*
|
||||
%{_unitdir}/pesign.service
|
||||
%{_prefix}/lib/tmpfiles.d/pesign.conf
|
||||
%dir %attr(0770,pesign,pesign) /etc/pki/pesign
|
||||
%attr(0660,pesign,pesign) /etc/pki/pesign/*
|
||||
%dir %attr(0770, pesign, pesign) %{_localstatedir}/run/%{name}
|
||||
%ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/socket
|
||||
%ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid
|
||||
|
||||
%changelog
|
||||
* Fri Oct 12 2012 Peter Jones <pjones@redhat.com> - 0.98-1
|
||||
- Update to 0.98
|
||||
- Add client/server mode.
|
||||
|
||||
* Mon Oct 01 2012 Peter Jones <pjones@redhat.com> - 0.10-5
|
||||
- Fix missing section address fixup.
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user