Compare commits
No commits in common. "c8s" and "changed/a8-beta/pesign-0.112-26.el8.alma" have entirely different histories.
c8s
...
changed/a8
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,4 +1,2 @@
|
|||||||
SOURCES/certs.tar.xz
|
SOURCES/certs.tar.xz
|
||||||
SOURCES/pesign-0.112.tar.bz2
|
SOURCES/pesign-0.112.tar.bz2
|
||||||
/certs.tar.xz
|
|
||||||
/pesign-0.112.tar.bz2
|
|
||||||
|
|||||||
2
.pesign.metadata
Normal file
2
.pesign.metadata
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
53d9b43ef6eadb4512ce9738b5a6efbb40477983 SOURCES/certs.tar.xz
|
||||||
|
7cba5cfddabc425d0a927edfdd6865cc92f00c7b SOURCES/pesign-0.112.tar.bz2
|
||||||
45
SOURCES/0032-fix-the-build-with-nss-3.44.patch
Normal file
45
SOURCES/0032-fix-the-build-with-nss-3.44.patch
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
From b535d1ac5cbcdf18a97d97a92581e38080d9e521 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Tue, 14 May 2019 11:28:38 -0400
|
||||||
|
Subject: [PATCH] efikeygen: Fix the build with nss 3.44
|
||||||
|
|
||||||
|
NSS 3.44 adds some certificate types, which changes a type and makes
|
||||||
|
some encoding stuff weird. As a result, we get:
|
||||||
|
|
||||||
|
gcc8 -I/wrkdirs/usr/ports/sysutils/pesign/work/pesign-0.110/include -O2 -pipe -fstack-protector-strong -Wl,-rpath=/usr/local/lib/gcc8 -isystem /usr/local/include -fno-strict-aliasing -g -O0 -g -O0 -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants --std=gnu99 -D_GNU_SOURCE -Wno-unused-result -Wno-unused-function -I../include/ -I/usr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include/nspr -Werror -fPIC -isystem /usr/local/include -DCONFIG_amd64 -DCONFIG_amd64 -c efikeygen.c -o efikeygen.o
|
||||||
|
In file included from /usr/local/include/nss/nss/cert.h:22,
|
||||||
|
from efikeygen.c:39:
|
||||||
|
efikeygen.c: In function 'add_cert_type':
|
||||||
|
/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow]
|
||||||
|
(NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \
|
||||||
|
^
|
||||||
|
efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP'
|
||||||
|
unsigned char type = NS_CERT_TYPE_APP;
|
||||||
|
^~~~~~~~~~~~~~~~
|
||||||
|
cc1: all warnings being treated as errors
|
||||||
|
|
||||||
|
This is fixed by just making it an int.
|
||||||
|
|
||||||
|
Fixes github issue #48.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/efikeygen.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/efikeygen.c b/src/efikeygen.c
|
||||||
|
index ede76ef..2cd953e 100644
|
||||||
|
--- a/src/efikeygen.c
|
||||||
|
+++ b/src/efikeygen.c
|
||||||
|
@@ -208,7 +208,7 @@ static int
|
||||||
|
add_cert_type(cms_context *cms, void *extHandle, int is_ca)
|
||||||
|
{
|
||||||
|
SECItem bitStringValue;
|
||||||
|
- unsigned char type = NS_CERT_TYPE_APP;
|
||||||
|
+ int type = NS_CERT_TYPE_APP;
|
||||||
|
|
||||||
|
if (is_ca)
|
||||||
|
type |= NS_CERT_TYPE_SSL_CA |
|
||||||
|
--
|
||||||
|
2.21.0
|
||||||
|
|
||||||
@ -3,7 +3,7 @@
|
|||||||
Name: pesign
|
Name: pesign
|
||||||
Summary: Signing utility for UEFI binaries
|
Summary: Signing utility for UEFI binaries
|
||||||
Version: 0.112
|
Version: 0.112
|
||||||
Release: 26%{?dist}
|
Release: 26%{?dist}.alma
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
URL: https://github.com/vathpela/pesign
|
URL: https://github.com/vathpela/pesign
|
||||||
|
|
||||||
@ -61,6 +61,7 @@ Patch0028: 0028-rpm-Make-the-client-signer-use-the-fedora-values-unl.patch
|
|||||||
Patch0029: 0029-Make-macros.pesign-error-in-kojibuilder-if-we-don-t-.patch
|
Patch0029: 0029-Make-macros.pesign-error-in-kojibuilder-if-we-don-t-.patch
|
||||||
Patch0030: 0030-Replace-var-run-with-run.patch
|
Patch0030: 0030-Replace-var-run-with-run.patch
|
||||||
Patch0031: 0031-efikeygen-Fix-the-build-with-nss-3.44.patch
|
Patch0031: 0031-efikeygen-Fix-the-build-with-nss-3.44.patch
|
||||||
|
Patch0032: 0032-fix-the-build-with-nss-3.44.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
This package contains the pesign utility for signing UEFI binaries as
|
This package contains the pesign utility for signing UEFI binaries as
|
||||||
@ -165,6 +166,9 @@ exit 0
|
|||||||
%{python3_sitelib}/mockbuild/plugins/pesign.*
|
%{python3_sitelib}/mockbuild/plugins/pesign.*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 01 2022 Eduard Abdullin <eabdullin@almalinux.org> - 0.112-26.alma
|
||||||
|
- AlmaLinux changes
|
||||||
|
|
||||||
* Mon Nov 08 2021 Robbie Harwood <rharwood@redhat.com> - 0.112-26
|
* Mon Nov 08 2021 Robbie Harwood <rharwood@redhat.com> - 0.112-26
|
||||||
- Perform the /var/run to /run "migration" stupidity
|
- Perform the /var/run to /run "migration" stupidity
|
||||||
- Resolves: rhbz#1801976
|
- Resolves: rhbz#1801976
|
||||||
@ -1,6 +0,0 @@
|
|||||||
--- !Policy
|
|
||||||
product_versions:
|
|
||||||
- rhel-8
|
|
||||||
decision_context: osci_compose_gate
|
|
||||||
rules:
|
|
||||||
- !PassingTestCaseRule {test_case_name: kernel-qe.kernel-ci.hardware-pesign.tier0.functional}
|
|
||||||
@ -1,13 +0,0 @@
|
|||||||
---
|
|
||||||
inspections:
|
|
||||||
# Not a Java package
|
|
||||||
javabytecode: off
|
|
||||||
|
|
||||||
# These just flag when things change "too much"
|
|
||||||
changedfiles: off
|
|
||||||
filesize: off
|
|
||||||
patches: off
|
|
||||||
upstream: off
|
|
||||||
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2010936
|
|
||||||
annocheck: off
|
|
||||||
2
sources
2
sources
@ -1,2 +0,0 @@
|
|||||||
SHA512 (certs.tar.xz) = 5df34f507a365ef87320776c99cbfad76365693901c71eaf64fec008afb9acfd7b615da5906b92a070c864e74f44934395c3f474ce5b33844cfa3df49a8ad188
|
|
||||||
SHA512 (pesign-0.112.tar.bz2) = 96bff27ce5059f1ea299c21ac88998a0c17851b8b06ba2f3e286de5cd4d73651b670ac00ca035481faf9c963338527c89120c63ec891a95ce9ecb9130fbc5e5c
|
|
||||||
Loading…
Reference in New Issue
Block a user