s390utils/s390-tools-2.15.0-ekmfweb.patch
2020-10-27 10:17:25 +00:00

261 lines
9.8 KiB
Diff

From 4a1979de79d9de48a44538f856f1d50f398541a8 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Thu, 22 Oct 2020 11:10:54 +0200
Subject: [PATCH] zkey: Add library versioning for libekmfweb and zkey-ekmfweb
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes: https://github.com/ibm-s390-tools/s390-tools/issues/93
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Jan Höppner <hoeppner@linux.ibm.com>
---
.gitignore | 3 +++
common.mak | 6 +++---
libekmfweb/Makefile | 29 ++++++++++++++++++-----------
zkey/ekmfweb/Makefile | 22 +++++++++++++++-------
zkey/kms.c | 33 +++++++++++++++++++++++----------
5 files changed, 62 insertions(+), 31 deletions(-)
diff --git a/.gitignore b/.gitignore
index 0a0cbe5a..40bb2a55 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,6 +37,8 @@ iucvterm/test/test_afiucv
libekmfweb/check-dep-libekmfweb
libekmfweb/detect-openssl-version.dep
libekmfweb/libekmfweb.so
+libekmfweb/libekmfweb.so.1
+libekmfweb/libekmfweb.so.1.0
libutil/util_base_example
libutil/util_file_example
libutil/util_libc_example
@@ -97,6 +99,7 @@ zipl/src/zipl_helper.device-mapper
zkey/check-dep-zkey
zkey/check-dep-zkey-cryptsetup
zkey/detect-libcryptsetup.dep
+zkey/ekmfweb/libekmfweb.dep
zkey/ekmfweb/zkey-ekmfweb.so
zkey/zkey
zkey/zkey-cryptsetup
diff --git a/common.mak b/common.mak
index fa99c514..b413b66f 100644
--- a/common.mak
+++ b/common.mak
@@ -163,7 +163,7 @@ USRSBINDIR = $(INSTALLDIR)/usr/sbin
USRBINDIR = $(INSTALLDIR)/usr/bin
BINDIR = $(INSTALLDIR)/sbin
LIBDIR = $(INSTALLDIR)/lib
-LIB64DIR = $(INSTALLDIR)/lib64
+USRLIB64DIR = $(INSTALLDIR)/usr/lib64
SYSCONFDIR = $(INSTALLDIR)/etc
MANDIR = $(INSTALLDIR)/usr/share/man
VARDIR = $(INSTALLDIR)/var
@@ -179,10 +179,10 @@ INSTDIRS = $(USRSBINDIR) $(USRBINDIR) $(BINDIR) $(LIBDIR) $(MANDIR) \
$(SYSCONFDIR) $(SYSCONFDIR)/sysconfig \
$(TOOLS_LIBDIR) $(TOOLS_DATADIR) \
$(ZFCPDUMP_DIR) $(SYSTEMDSYSTEMUNITDIR) \
- $(LIB64DIR) $(USRINCLUDEDIR)
+ $(USRLIB64DIR) $(USRINCLUDEDIR)
OWNER = $(shell id -un)
GROUP = $(shell id -gn)
-export INSTALLDIR BINDIR LIBDIR LIB64DIR MANDIR OWNER GROUP
+export INSTALLDIR BINDIR LIBDIR USRLIB64DIR MANDIR OWNER GROUP
# Special defines for zfcpdump
ZFCPDUMP_IMAGE = zfcpdump-image
diff --git a/libekmfweb/Makefile b/libekmfweb/Makefile
index 0212398c..50a22669 100644
--- a/libekmfweb/Makefile
+++ b/libekmfweb/Makefile
@@ -1,10 +1,13 @@
include ../common.mak
+VERSION = 1.0
+VERM = $(shell echo $(VERSION) | cut -d '.' -f 1)
+
ifneq (${HAVE_OPENSSL},0)
ifneq (${HAVE_JSONC},0)
ifneq (${HAVE_LIBCURL},0)
- BUILD_TARGETS += libekmfweb.so
- INSTALL_TARGETS += install-libekmfweb.so
+ BUILD_TARGETS += libekmfweb.so.$(VERSION)
+ INSTALL_TARGETS += install-libekmfweb.so.$(VERSION)
else
BUILD_TARGETS += skip-libekmfweb-curl
INSTALL_TARGETS += skip-libekmfweb-curl
@@ -64,22 +67,26 @@ ekmfweb.o: check-dep-libekmfweb ekmfweb.c utilities.h cca.h $(rootdir)include/ek
utilities.o: check-dep-libekmfweb utilities.c utilities.h $(rootdir)include/ekmfweb/ekmfweb.h
cca.o: check-dep-libekmfweb cca.c cca.h utilities.h $(rootdir)include/ekmfweb/ekmfweb.h
-libekmfweb.so: ALL_CFLAGS += -fPIC
-libekmfweb.so: LDLIBS = -ljson-c -lcrypto -lssl -lcurl -ldl -shared
-libekmfweb.so: LDFLAGS = -shared -Wl,--version-script=libekmfweb.map \
- -Wl,-z,defs,-Bsymbolic
-libekmfweb.so: ekmfweb.o utilities.o cca.o
+libekmfweb.so.$(VERSION): ALL_CFLAGS += -fPIC
+libekmfweb.so.$(VERSION): LDLIBS = -ljson-c -lcrypto -lssl -lcurl -ldl
+libekmfweb.so.$(VERSION): ALL_LDFLAGS += -shared -Wl,--version-script=libekmfweb.map \
+ -Wl,-z,defs,-Bsymbolic -Wl,-soname,libekmfweb.so.$(VERM)
+libekmfweb.so.$(VERSION): ekmfweb.o utilities.o cca.o
$(LINK) $(ALL_LDFLAGS) $^ $(LDLIBS) -o $@
+ ln -srf libekmfweb.so.$(VERSION) libekmfweb.so.$(VERM)
+ ln -srf libekmfweb.so.$(VERSION) libekmfweb.so
-install-libekmfweb.so: libekmfweb.so
- $(INSTALL) -g $(GROUP) -o $(OWNER) -m 755 -T libekmfweb.so $(DESTDIR)$(LIB64DIR)/libekmfweb.so
+install-libekmfweb.so.$(VERSION): libekmfweb.so.$(VERSION)
+ $(INSTALL) -g $(GROUP) -o $(OWNER) -m 755 -T libekmfweb.so.$(VERSION) $(DESTDIR)$(USRLIB64DIR)/libekmfweb.so.$(VERSION)
+ ln -srf $(DESTDIR)$(USRLIB64DIR)/libekmfweb.so.$(VERSION) $(DESTDIR)$(USRLIB64DIR)/libekmfweb.so.$(VERM)
+ ln -srf $(DESTDIR)$(USRLIB64DIR)/libekmfweb.so.$(VERSION) $(DESTDIR)$(USRLIB64DIR)/libekmfweb.so
$(INSTALL) -d -m 770 $(DESTDIR)$(USRINCLUDEDIR)/ekmfweb
$(INSTALL) -g $(GROUP) -o $(OWNER) -m 755 $(rootdir)include/ekmfweb/ekmfweb.h $(DESTDIR)$(USRINCLUDEDIR)/ekmfweb
install: all $(INSTALL_TARGETS)
clean:
- rm -f *.o libekmfweb.so check-dep-libekmfweb detect-openssl-version.dep
+ rm -f *.o libekmfweb.so* check-dep-libekmfweb detect-openssl-version.dep
.PHONY: all install clean skip-libekmfweb-openssl skip-libekmfweb-jsonc \
- skip-libekmfweb-curl install-libekmfweb.so
+ skip-libekmfweb-curl install-libekmfweb.so.$(VERSION)
diff --git a/zkey/ekmfweb/Makefile b/zkey/ekmfweb/Makefile
index 42e3937f..79a16cb5 100644
--- a/zkey/ekmfweb/Makefile
+++ b/zkey/ekmfweb/Makefile
@@ -1,5 +1,8 @@
include ../../common.mak
+VERSION = 1.0
+VERM = $(shell echo $(VERSION) | cut -d '.' -f 1)
+
all: zkey-ekmfweb.so
libs = $(rootdir)/libutil/libutil.a
@@ -8,7 +11,7 @@ export LIBRARY_PATH = $(rootdir)/libekmfweb:$LIBRARY_PATH
zkey-ekmfweb.o: zkey-ekmfweb.c zkey-ekmfweb.h ../kms-plugin.h \
../cca.h ../utils.h ../pkey.h ../properties.h \
- $(rootdir)include/ekmfweb/ekmfweb.h $(rootdir)/libekmfweb/libekmfweb.so
+ $(rootdir)include/ekmfweb/ekmfweb.h libekmfweb.dep
properties.o: ../properties.c ../properties.h
$(CC) $(ALL_CPPFLAGS) $(ALL_CFLAGS) -fPIC -c $< -o $@
@@ -26,9 +29,9 @@ utils.o: ../utils.c ../utils.h ../pkey.h ../cca.h ../ep11.h
$(CC) $(ALL_CPPFLAGS) $(ALL_CFLAGS) -fPIC -c $< -o $@
zkey-ekmfweb.so: ALL_CFLAGS += -fPIC
-zkey-ekmfweb.so: LDLIBS = -lekmfweb -ldl -lcrypto -shared
-zkey-ekmfweb.so: LDFLAGS = -shared -Wl,--version-script=zkey-ekmfweb.map \
- -Wl,-z,defs,-Bsymbolic
+zkey-ekmfweb.so: LDLIBS = -lekmfweb -ldl -lcrypto
+zkey-ekmfweb.so: ALL_LDFLAGS += -shared -Wl,--version-script=zkey-ekmfweb.map \
+ -Wl,-z,defs,-Bsymbolic -Wl,-soname,zkey-ekmfweb.so.$(VERM)
zkey-ekmfweb.so: zkey-ekmfweb.o properties.o pkey.o cca.o ep11.o utils.o $(libs)
$(LINK) $(ALL_LDFLAGS) $^ $(LDLIBS) -o $@
@@ -36,13 +39,18 @@ install-libekmfweb.dep:
$(MAKE) -C $(rootdir)/libekmfweb/ TOPDIR=$(TOPDIR) ARCH=$(ARCH) install
touch install-libekmfweb.dep
+libekmfweb.dep:
+ $(MAKE) -C $(rootdir)/libekmfweb/ TOPDIR=$(TOPDIR) ARCH=$(ARCH) all
+ touch libekmfweb.dep
+
install: all install-libekmfweb.dep zkey-ekmfweb.so
$(INSTALL) -d -m 755 $(DESTDIR)$(MANDIR)/man1
$(INSTALL) -m 644 -c zkey-ekmfweb.1 $(DESTDIR)$(MANDIR)/man1
- $(INSTALL) -d -m 755 $(DESTDIR)$(LIB64DIR)
- $(INSTALL) -g $(GROUP) -o $(OWNER) -m 755 -T zkey-ekmfweb.so $(DESTDIR)$(LIB64DIR)/zkey-ekmfweb.so
+ $(INSTALL) -d -m 755 $(DESTDIR)$(USRLIB64DIR)
+ $(INSTALL) -d -m 755 $(DESTDIR)$(USRLIB64DIR)/zkey
+ $(INSTALL) -g $(GROUP) -o $(OWNER) -m 755 -T zkey-ekmfweb.so $(DESTDIR)$(USRLIB64DIR)/zkey/zkey-ekmfweb.so
clean:
- rm -f *.o zkey-ekmfweb.so install-libekmfweb.dep
+ rm -f *.o zkey-ekmfweb.so install-libekmfweb.dep libekmfweb.dep
.PHONY: all install clean
\ No newline at end of file
diff --git a/zkey/kms.c b/zkey/kms.c
index 46427e6e..b2ce165a 100644
--- a/zkey/kms.c
+++ b/zkey/kms.c
@@ -40,6 +40,7 @@
#define ENVVAR_ZKEY_KMS_PLUGINS "ZKEY_KMS_PLUGINS"
#define DEFAULT_KMS_PLUGINS "/etc/zkey/kms-plugins.conf"
+#define KMS_PLUGIN_LOCATION "/usr/lib64/zkey"
#define KMS_CONFIG_FILE "kms.conf"
#define KMS_CONFIG_PROP_KMS "kms"
@@ -209,6 +210,7 @@ static int load_kms_plugin(const char *plugin,
void **plugin_lib, char **plugin_name, bool verbose)
{
kms_get_functions_t _kms_get_functions;
+ char load_so_name[PATH_MAX];
char *so_name = NULL;
FILE *fp = NULL;
char line[4096];
@@ -258,15 +260,26 @@ static int load_kms_plugin(const char *plugin,
goto out;
}
+ /* Try to load via LD_LIBRARY_PATH first */
+ snprintf(load_so_name, sizeof(load_so_name), "%s", so_name);
pr_verbose(verbose, "Loading KMS plugin '%s': '%s'", *plugin_name,
- so_name);
- *plugin_lib = dlopen(so_name, RTLD_GLOBAL | RTLD_NOW);
+ load_so_name);
+ *plugin_lib = dlopen(load_so_name, RTLD_GLOBAL | RTLD_NOW);
if (*plugin_lib == NULL) {
- pr_verbose(verbose, "%s", dlerror());
- warnx("Failed to load KMS plugin '%s': '%s'", *plugin_name,
- so_name);
- rc = -ELIBACC;
- goto out;
+ /* Try to load from default plugin location */
+ snprintf(load_so_name, sizeof(load_so_name), "%s/%s",
+ KMS_PLUGIN_LOCATION, so_name);
+ pr_verbose(verbose, "Loading KMS plugin '%s': '%s'",
+ *plugin_name, load_so_name);
+
+ *plugin_lib = dlopen(load_so_name, RTLD_GLOBAL | RTLD_NOW);
+ if (*plugin_lib == NULL) {
+ pr_verbose(verbose, "%s", dlerror());
+ warnx("Failed to load KMS plugin '%s': '%s'",
+ *plugin_name, load_so_name);
+ rc = -ELIBACC;
+ goto out;
+ }
}
_kms_get_functions = (kms_get_functions_t)dlsym(*plugin_lib,
@@ -274,7 +287,7 @@ static int load_kms_plugin(const char *plugin,
if (_kms_get_functions == NULL) {
pr_verbose(verbose, "%s", dlerror());
warnx("Failed to load KMS plugin '%s': '%s'", *plugin_name,
- so_name);
+ load_so_name);
rc = -ELIBACC;
goto out;
}
@@ -283,13 +296,13 @@ static int load_kms_plugin(const char *plugin,
if (*kms_functions == NULL) {
pr_verbose(verbose, "kms_get_functions() reutned NULL");
warnx("Failed to load KMS plugin '%s': '%s'", *plugin_name,
- so_name);
+ load_so_name);
rc = -ELIBACC;
goto out;
}
pr_verbose(verbose, "Successfully loaded KMS plugin '%s': '%s' (API "
- "version: %u)", *plugin_name, so_name,
+ "version: %u)", *plugin_name, load_so_name,
(*kms_functions)->api_version);
out: