From b44b295cd386ba5de19b9deabf54cbf65991500c8c3c8e5ec955070d25dc7b83 Mon Sep 17 00:00:00 2001
From: Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
Date: Thu, 15 Jun 2023 12:05:44 +0000
Subject: [PATCH] Accepting request 1093121 from
 home:pmonrealgonzalez:branches:security

- Enable running the regression test suite.
- Force a regeneration of the man pages from AsciiDoc.
- Add LUKS1 and LUKS2 On-Disk Format Specification pdfs to doc.

- FIPS: Remove not needed libcryptsetup12-hmac package that contains
  the HMAC checksums for integrity checking for FIPS. [bsc#1185116]
  * Remove the cryptsetup-rpmlintrc file.
  * Remove not needed fipscheck dependency.

OBS-URL: https://build.opensuse.org/request/show/1093121
OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=188
---
 baselibs.conf        |  3 ++-
 cryptsetup-rpmlintrc |  5 -----
 cryptsetup.changes   | 15 +++++++++++++++
 cryptsetup.spec      | 39 +++++++++++++--------------------------
 4 files changed, 30 insertions(+), 32 deletions(-)
 delete mode 100644 cryptsetup-rpmlintrc

diff --git a/baselibs.conf b/baselibs.conf
index bea93f4..63dacec 100644
--- a/baselibs.conf
+++ b/baselibs.conf
@@ -1,2 +1,3 @@
 libcryptsetup12
-libcryptsetup12-hmac
+  provides "libcryptsetup12-hmac-<targettype> = %{version}"
+  obsoletes "libcryptsetup12-hmac-<targettype> < %{version}"
diff --git a/cryptsetup-rpmlintrc b/cryptsetup-rpmlintrc
deleted file mode 100644
index fb665e4..0000000
--- a/cryptsetup-rpmlintrc
+++ /dev/null
@@ -1,5 +0,0 @@
-# intentionally named
-addFilter("libcryptsetup.*hmac.* hidden-file-or-dir .*\.libcryptsetup\.so\..*\.hmac")
-# hmacs for identical files are identical
-addFilter("libcryptsetup.*hmac.* files-duplicate .*\.libcryptsetup\.so\..*\.hmac")
-
diff --git a/cryptsetup.changes b/cryptsetup.changes
index ae4e3c3..06bfe92 100644
--- a/cryptsetup.changes
+++ b/cryptsetup.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Wed Jun 14 08:07:56 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
+
+- Enable running the regression test suite.
+- Force a regeneration of the man pages from AsciiDoc.
+- Add LUKS1 and LUKS2 On-Disk Format Specification pdfs to doc.
+
+-------------------------------------------------------------------
+Wed Jun 14 07:31:41 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
+
+- FIPS: Remove not needed libcryptsetup12-hmac package that contains
+  the HMAC checksums for integrity checking for FIPS. [bsc#1185116]
+  * Remove the cryptsetup-rpmlintrc file.
+  * Remove not needed fipscheck dependency.
+
 -------------------------------------------------------------------
 Sun Feb 12 21:15:43 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/cryptsetup.spec b/cryptsetup.spec
index 53a6e78..bd51030 100644
--- a/cryptsetup.spec
+++ b/cryptsetup.spec
@@ -29,10 +29,7 @@ Source0:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetu
 Source1:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{version}.tar.sign
 Source2:        baselibs.conf
 Source3:        cryptsetup.keyring
-Source4:        %{name}-rpmlintrc
 BuildRequires:  device-mapper-devel
-BuildRequires:  fipscheck
-BuildRequires:  fipscheck-devel
 BuildRequires:  libjson-c-devel
 BuildRequires:  libpwquality-devel
 BuildRequires:  libselinux-devel
@@ -78,6 +75,7 @@ Summary:        Cryptsetup Documentation
 Group:          Documentation/Man
 Supplements:    (cryptsetup and man)
 Supplements:    (cryptsetup and patterns-base-documentation)
+BuildArch:      noarch
 
 %description doc
 Documentation and man pages for cryptsetup
@@ -85,7 +83,8 @@ Documentation and man pages for cryptsetup
 %package -n libcryptsetup%{so_ver}
 Summary:        Library for setting up dm-crypt Based Encrypted Block Devices
 Group:          System/Libraries
-Suggests:       libcryptsetup%{so_ver}-hmac = %{version}-%{release}
+Provides:       libcryptsetup%{so_ver}-hmac = %{version}
+Obsoletes:      libcryptsetup%{so_ver}-hmac < %{version}
 
 %description -n libcryptsetup%{so_ver}
 cryptsetup is used to conveniently set up dm-crypt based device-mapper
@@ -94,15 +93,6 @@ volumes as well as LUKS formatted ones. The package additionally
 includes support for automatically setting up encrypted volumes at boot
 time via the config file %{_sysconfdir}/crypttab.
 
-%package -n libcryptsetup%{so_ver}-hmac
-Summary:        Checksums for libcryptsetup%{so_ver}
-Group:          System/Base
-Requires:       libcryptsetup%{so_ver} = %{version}-%{release}
-
-%description -n libcryptsetup%{so_ver}-hmac
-This package contains HMAC checksums for integrity checking of libcryptsetup4,
-used for FIPS.
-
 %package -n lib%{name}-devel
 Summary:        Header files for libcryptsetup
 Group:          Development/Libraries/C and C++
@@ -123,6 +113,9 @@ time via the config file %{_sysconfdir}/crypttab.
 %autosetup -p1
 
 %build
+# force regeneration of manual pages from AsciiDoc
+rm -f man/*.8
+
 %configure \
   --enable-selinux \
   --enable-fips \
@@ -137,13 +130,6 @@ time via the config file %{_sysconfdir}/crypttab.
 %make_build
 
 %install
-# Generate HMAC checksums (FIPS)
-%define __spec_install_post \
-  %{?__debug_package:%{__debug_install_post}} \
-  %{__arch_install_post} \
-  %__os_install_post \
-  fipshmac %{buildroot}/%{_libdir}/libcryptsetup.so.* \
-%{nil}
 
 %make_install
 %if 0%{?suse_version} < 1550
@@ -152,9 +138,12 @@ ln -s ..%{_sbindir}/cryptsetup %{buildroot}/sbin
 %endif
 # don't want this file in /lib (FHS compat check), and can't move it to /usr/lib
 find %{buildroot} -type f -name "*.la" -delete -print
-#
+
 %find_lang %{name} --all-name
 
+%check
+%make_build check
+
 %post
 %{?regenerate_initrd_post}
 %tmpfiles_create %{_tmpfilesdir}/cryptsetup.conf
@@ -178,15 +167,13 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_sbindir}/veritysetup
 %{_sbindir}/integritysetup
 %{_tmpfilesdir}/cryptsetup.conf
+%ghost %attr(700, -, -) %dir /run/cryptsetup
 
 %files lang -f %{name}.lang
 
 %files -n libcryptsetup%{so_ver}
 %{_libdir}/libcryptsetup.so.%{so_ver}*
 
-%files -n libcryptsetup%{so_ver}-hmac
-%{_libdir}/.libcryptsetup.so.%{so_ver}*hmac
-
 %files -n lib%{name}-devel
 %doc docs/examples/
 %{_includedir}/libcryptsetup.h
@@ -194,14 +181,14 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_libdir}/pkgconfig/*
 
 %files ssh
-%license COPYING COPYING.LGPL
+%license COPYING*
 %dir %{_libdir}/%{name}
 %{_libdir}/%{name}/libcryptsetup-token-ssh.so
 %{_mandir}/man8/cryptsetup-ssh.8.gz
 %{_sbindir}/cryptsetup-ssh
 
 %files doc
-%doc AUTHORS FAQ.md README.md docs/*ReleaseNotes
+%doc AUTHORS FAQ.md README.md docs/*ReleaseNotes docs/on-disk-format*.pdf
 %{_mandir}/man8/cryptsetup.8.gz
 %{_mandir}/man8/cryptsetup-benchmark.8.gz
 %{_mandir}/man8/cryptsetup-bitlkDump.8.gz