From 5f6815cc85ad57363773d38882bad2e60a8cbc75 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 22 Jun 2017 15:22:15 +0200 Subject: [PATCH] updated to 2.2.0 --- .gitignore | 2 ++ softhsm.module | 8 ----- softhsm.spec | 11 +++---- softhsm2-1378800-openssl.patch | 59 ---------------------------------- sources | 4 +-- 5 files changed, 9 insertions(+), 75 deletions(-) delete mode 100644 softhsm.module delete mode 100644 softhsm2-1378800-openssl.patch diff --git a/.gitignore b/.gitignore index 655e99d..54fbdab 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,5 @@ /softhsm-2.0.0.tar.gz.sig /softhsm-2.1.0.tar.gz /softhsm-2.1.0.tar.gz.sig +/softhsm-2.2.0.tar.gz.sig +/softhsm-2.2.0.tar.gz diff --git a/softhsm.module b/softhsm.module deleted file mode 100644 index e1e5619..0000000 --- a/softhsm.module +++ /dev/null @@ -1,8 +0,0 @@ -# This file describes how to load the pk11 module -# See: http://p11-glue.freedesktop.org/doc/p11-kit/config.html - -# This is a relative path, which means it will be loaded from -# the p11-kit default path which is usually $(libdir)/pkcs11. -# Doing it this way allows for packagers to package for -# 32-bit and 64-bit and make them parallel installable -module: libsofthsm2.so diff --git a/softhsm.spec b/softhsm.spec index 0698d97..30f06a3 100644 --- a/softhsm.spec +++ b/softhsm.spec @@ -2,16 +2,14 @@ Summary: Software version of a PKCS#11 Hardware Security Module Name: softhsm -Version: 2.1.0 +Version: 2.2.0 Release: %{?prever:0.}2%{?prever:.%{prever}}%{?dist}.1 License: BSD Url: http://www.opendnssec.org/ Source: http://dist.opendnssec.org/source/%{?prever:testing/}%{name}-%{version}.tar.gz Source1: http://dist.opendnssec.org/source/%{?prever:testing/}%{name}-%{version}.tar.gz.sig -Source2: softhsm.module # taken from coolkey which is not build on all arches we build on Source3: softhsm2-pk11install.c -Patch1: softhsm2-1378800-openssl.patch Group: Applications/System BuildRequires: openssl-devel >= 1.0.1k-6, sqlite-devel >= 3.4.2, cppunit-devel @@ -45,7 +43,6 @@ The devel package contains the libsofthsm include files %prep %setup -q -n %{name}-%{version}%{?prever} -%patch1 -p1 %if 0%{?prever:1} autoreconf -fiv @@ -60,7 +57,7 @@ sed -i "s:libdir)/@PACKAGE@:libdir):" Makefile.in %build %configure --libdir=%{_libdir}/pkcs11 --with-openssl=%{_prefix} --enable-ecc --disable-gost \ - --with-migrate --enable-visibility + --with-migrate --enable-visibility --with-p11-kit=%{_datadir}/p11-kit/modules/ make %{?_smp_mflags} # install our copy of pk11install taken from coolkey package @@ -75,7 +72,6 @@ gcc $(pkg-config --libs nss) -lpthread -lsoftokn3 -ldl -lz %{optflags} softhsm2 %install rm -rf %{buildroot} make DESTDIR=%{buildroot} install -install -D %{SOURCE2} %{buildroot}/%{_datadir}/p11-kit/modules/softhsm.module rm %{buildroot}/%{_sysconfdir}/softhsm2.conf.sample rm -f %{buildroot}/%{_libdir}/pkcs11/*a @@ -131,6 +127,9 @@ if [ -f /var/softhsm/slot0.db ]; then fi %changelog +* Thu Jun 22 2017 Nikos Mavrogiannopoulos - 2.2.0-1 +- Rebased to latest upstream release + * Sat Feb 11 2017 Fedora Release Engineering - 2.1.0-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/softhsm2-1378800-openssl.patch b/softhsm2-1378800-openssl.patch deleted file mode 100644 index 8c1814c..0000000 --- a/softhsm2-1378800-openssl.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 371686fb68eff02020ddd80a702c39f31a849b8e Mon Sep 17 00:00:00 2001 -From: David Woodhouse -Date: Wed, 21 Sep 2016 08:20:29 +0100 -Subject: [PATCH] Issue #239: Crash on module unload with OpenSSL - -We use CRYPTO_set_id_callback() to set a callback, but we don't ever -remove it again on unload. So OpenSSL crashes the next time it needs a -thread-id. - -CRYPTO_set_id_callback() has been deprecated since OpenSSL 1.0.0, the -oldest we support. And redundant too, since OpenSSL has fallbacks which -include the address of errno. Which is going to work on any platform -with pthreads... and we were only calling CRYPTO_set_id_callback() on -platforms with pthreads. - -So just rip it out. ---- - src/lib/crypto/OSSLCryptoFactory.cpp | 14 -------------- - 1 file changed, 14 deletions(-) - -diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp b/src/lib/crypto/OSSLCryptoFactory.cpp -index 3aa8dcd..fc059ae 100644 ---- a/src/lib/crypto/OSSLCryptoFactory.cpp -+++ b/src/lib/crypto/OSSLCryptoFactory.cpp -@@ -55,9 +55,6 @@ - #include "OSSLGOST.h" - #endif - --#ifdef HAVE_PTHREAD_H --#include --#endif - #include - #include - #include -@@ -72,14 +69,6 @@ - bool OSSLCryptoFactory::FipsSelfTestStatus = false; - #endif - --// Thread ID callback --#ifdef HAVE_PTHREAD_H --static unsigned long id_callback() --{ -- return (unsigned long) pthread_self(); --} --#endif -- - static unsigned nlocks; - static Mutex** locks; - -@@ -116,9 +105,6 @@ OSSLCryptoFactory::OSSLCryptoFactory() - { - locks[i] = MutexFactory::i()->getMutex(); - } --#ifdef HAVE_PTHREAD_H -- CRYPTO_set_id_callback(id_callback); --#endif - CRYPTO_set_locking_callback(lock_callback); - - #ifdef WITH_FIPS diff --git a/sources b/sources index 14fa881..4b81af2 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -4dc6ffa59c22e500e0fd16d9c00e814c softhsm-2.1.0.tar.gz -bd48fa65a5cc2a0516825fc97d5dcd74 softhsm-2.1.0.tar.gz.sig +SHA512 (softhsm-2.2.0.tar.gz.sig) = 949f34efc2a24fb4f95f3c372ceafa83e7828f27e1ee8530f4648839d1c930048ba3634ba0c7824ea1be6e3dfdab6c29431455a2e6cc15789419ee21aef3a69d +SHA512 (softhsm-2.2.0.tar.gz) = 6ef17deef491f7298244a3d2ddefe25843fc17534c4e5f2e08927f05cafdaf05601beb953539fce5d34fa02fe355cbd4ab3aaabb6e5a106936b04c06aae9793c