updated to 2.2.0
This commit is contained in:
Nikos Mavrogiannopoulos
parent
ad5c5f2dfe
commit
5f6815cc85
2
.gitignore
vendored
2
.gitignore
vendored
@ -10,3 +10,5 @@
|
||||
/softhsm-2.0.0.tar.gz.sig
|
||||
/softhsm-2.1.0.tar.gz
|
||||
/softhsm-2.1.0.tar.gz.sig
|
||||
/softhsm-2.2.0.tar.gz.sig
|
||||
/softhsm-2.2.0.tar.gz
|
||||
|
||||
@ -1,8 +0,0 @@
|
||||
# This file describes how to load the pk11 module
|
||||
# See: http://p11-glue.freedesktop.org/doc/p11-kit/config.html
|
||||
|
||||
# This is a relative path, which means it will be loaded from
|
||||
# the p11-kit default path which is usually $(libdir)/pkcs11.
|
||||
# Doing it this way allows for packagers to package for
|
||||
# 32-bit and 64-bit and make them parallel installable
|
||||
module: libsofthsm2.so
|
||||
11
softhsm.spec
11
softhsm.spec
@ -2,16 +2,14 @@
|
||||
|
||||
Summary: Software version of a PKCS#11 Hardware Security Module
|
||||
Name: softhsm
|
||||
Version: 2.1.0
|
||||
Version: 2.2.0
|
||||
Release: %{?prever:0.}2%{?prever:.%{prever}}%{?dist}.1
|
||||
License: BSD
|
||||
Url: http://www.opendnssec.org/
|
||||
Source: http://dist.opendnssec.org/source/%{?prever:testing/}%{name}-%{version}.tar.gz
|
||||
Source1: http://dist.opendnssec.org/source/%{?prever:testing/}%{name}-%{version}.tar.gz.sig
|
||||
Source2: softhsm.module
|
||||
# taken from coolkey which is not build on all arches we build on
|
||||
Source3: softhsm2-pk11install.c
|
||||
Patch1: softhsm2-1378800-openssl.patch
|
||||
|
||||
Group: Applications/System
|
||||
BuildRequires: openssl-devel >= 1.0.1k-6, sqlite-devel >= 3.4.2, cppunit-devel
|
||||
@ -45,7 +43,6 @@ The devel package contains the libsofthsm include files
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}%{?prever}
|
||||
%patch1 -p1
|
||||
|
||||
%if 0%{?prever:1}
|
||||
autoreconf -fiv
|
||||
@ -60,7 +57,7 @@ sed -i "s:libdir)/@PACKAGE@:libdir):" Makefile.in
|
||||
|
||||
%build
|
||||
%configure --libdir=%{_libdir}/pkcs11 --with-openssl=%{_prefix} --enable-ecc --disable-gost \
|
||||
--with-migrate --enable-visibility
|
||||
--with-migrate --enable-visibility --with-p11-kit=%{_datadir}/p11-kit/modules/
|
||||
|
||||
make %{?_smp_mflags}
|
||||
# install our copy of pk11install taken from coolkey package
|
||||
@ -75,7 +72,6 @@ gcc $(pkg-config --libs nss) -lpthread -lsoftokn3 -ldl -lz %{optflags} softhsm2
|
||||
%install
|
||||
rm -rf %{buildroot}
|
||||
make DESTDIR=%{buildroot} install
|
||||
install -D %{SOURCE2} %{buildroot}/%{_datadir}/p11-kit/modules/softhsm.module
|
||||
|
||||
rm %{buildroot}/%{_sysconfdir}/softhsm2.conf.sample
|
||||
rm -f %{buildroot}/%{_libdir}/pkcs11/*a
|
||||
@ -131,6 +127,9 @@ if [ -f /var/softhsm/slot0.db ]; then
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Thu Jun 22 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.2.0-1
|
||||
- Rebased to latest upstream release
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-2.1
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
|
||||
@ -1,59 +0,0 @@
|
||||
From 371686fb68eff02020ddd80a702c39f31a849b8e Mon Sep 17 00:00:00 2001
|
||||
From: David Woodhouse <David.Woodhouse@intel.com>
|
||||
Date: Wed, 21 Sep 2016 08:20:29 +0100
|
||||
Subject: [PATCH] Issue #239: Crash on module unload with OpenSSL
|
||||
|
||||
We use CRYPTO_set_id_callback() to set a callback, but we don't ever
|
||||
remove it again on unload. So OpenSSL crashes the next time it needs a
|
||||
thread-id.
|
||||
|
||||
CRYPTO_set_id_callback() has been deprecated since OpenSSL 1.0.0, the
|
||||
oldest we support. And redundant too, since OpenSSL has fallbacks which
|
||||
include the address of errno. Which is going to work on any platform
|
||||
with pthreads... and we were only calling CRYPTO_set_id_callback() on
|
||||
platforms with pthreads.
|
||||
|
||||
So just rip it out.
|
||||
---
|
||||
src/lib/crypto/OSSLCryptoFactory.cpp | 14 --------------
|
||||
1 file changed, 14 deletions(-)
|
||||
|
||||
diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp b/src/lib/crypto/OSSLCryptoFactory.cpp
|
||||
index 3aa8dcd..fc059ae 100644
|
||||
--- a/src/lib/crypto/OSSLCryptoFactory.cpp
|
||||
+++ b/src/lib/crypto/OSSLCryptoFactory.cpp
|
||||
@@ -55,9 +55,6 @@
|
||||
#include "OSSLGOST.h"
|
||||
#endif
|
||||
|
||||
-#ifdef HAVE_PTHREAD_H
|
||||
-#include <pthread.h>
|
||||
-#endif
|
||||
#include <algorithm>
|
||||
#include <string.h>
|
||||
#include <openssl/ssl.h>
|
||||
@@ -72,14 +69,6 @@
|
||||
bool OSSLCryptoFactory::FipsSelfTestStatus = false;
|
||||
#endif
|
||||
|
||||
-// Thread ID callback
|
||||
-#ifdef HAVE_PTHREAD_H
|
||||
-static unsigned long id_callback()
|
||||
-{
|
||||
- return (unsigned long) pthread_self();
|
||||
-}
|
||||
-#endif
|
||||
-
|
||||
static unsigned nlocks;
|
||||
static Mutex** locks;
|
||||
|
||||
@@ -116,9 +105,6 @@ OSSLCryptoFactory::OSSLCryptoFactory()
|
||||
{
|
||||
locks[i] = MutexFactory::i()->getMutex();
|
||||
}
|
||||
-#ifdef HAVE_PTHREAD_H
|
||||
- CRYPTO_set_id_callback(id_callback);
|
||||
-#endif
|
||||
CRYPTO_set_locking_callback(lock_callback);
|
||||
|
||||
#ifdef WITH_FIPS
|
||||
4
sources
4
sources
@ -1,2 +1,2 @@
|
||||
4dc6ffa59c22e500e0fd16d9c00e814c softhsm-2.1.0.tar.gz
|
||||
bd48fa65a5cc2a0516825fc97d5dcd74 softhsm-2.1.0.tar.gz.sig
|
||||
SHA512 (softhsm-2.2.0.tar.gz.sig) = 949f34efc2a24fb4f95f3c372ceafa83e7828f27e1ee8530f4648839d1c930048ba3634ba0c7824ea1be6e3dfdab6c29431455a2e6cc15789419ee21aef3a69d
|
||||
SHA512 (softhsm-2.2.0.tar.gz) = 6ef17deef491f7298244a3d2ddefe25843fc17534c4e5f2e08927f05cafdaf05601beb953539fce5d34fa02fe355cbd4ab3aaabb6e5a106936b04c06aae9793c
|
||||
|
||||
Loading…
Reference in New Issue
Block a user