pool/openCryptoki
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 390252 from home:markkp:branches:security

Browse Source 
Reconciled all the differences between the OBS and IBS versions of the package. Merged the changelog files so that everything is in there.

OBS-URL: https://build.opensuse.org/request/show/390252
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=29
This commit is contained in:
Marcus Meissner 2016-04-16 17:18:42 +00:00 committed by Git OBS Bridge
parent 7d406e241d
commit 695604103a
10 changed files with 137 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
ocki-3.1-fix-implicit-decl.patch
View File

@ -1,66 +0,0 @@
--- opencryptoki/usr/lib/pkcs11/common/loadsave.c
+++ opencryptoki/usr/lib/pkcs11/common/loadsave.c
@@ -287,6 +287,9 @@
//
//
+/* _GNU_SOURCE necessary for asprintf */
+#define _GNU_SOURCE
+
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
--- opencryptoki/usr/lib/pkcs11/common/mech_rng.c
+++ opencryptoki/usr/lib/pkcs11/common/mech_rng.c
@@ -301,6 +301,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
+#include <unistd.h>
#include "pkcs11types.h"
--- opencryptoki/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
+++ opencryptoki/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
@@ -31,6 +31,9 @@
*
*/
+#define _GNU_SOURCE
+#include <stdio.h>
+
#include <pthread.h>
#include <string.h>
#include <stdlib.h>
--- opencryptoki/usr/sbin/pkcsslotd/garbage_linux.c
+++ opencryptoki/usr/sbin/pkcsslotd/garbage_linux.c
@@ -294,6 +294,7 @@
#include <string.h>
#include <sys/types.h>
#include <fcntl.h>
+#include <unistd.h>
#include "log.h"
#include "slotmgr.h"
--- opencryptoki/usr/sbin/pkcsslotd/mutex.c
+++ opencryptoki/usr/sbin/pkcsslotd/mutex.c
@@ -293,6 +293,9 @@
#include <sys/types.h>
#include <sys/file.h>
#include <grp.h>
+#include <sys/stat.h>
+#include <string.h>
+#include <unistd.h>
#include "log.h"
#include "slotmgr.h"
--- opencryptoki/usr/sbin/pkcsslotd/slotmgr.c
+++ opencryptoki/usr/sbin/pkcsslotd/slotmgr.c
@@ -292,6 +292,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
+#include <unistd.h>
#include "log.h"
#include "slotmgr.h"

11
ocki-3.1-fix-init_d-path.patch
View File

@ -1,11 +0,0 @@
--- opencryptoki.orig/misc/Makefile.am 2014-01-27 15:01:57.000000000 -0700
+++ opencryptoki/misc/Makefile.am 2014-01-31 09:15:15.816980000 -0700
@@ -11,7 +11,7 @@ pkcsslotd.service: pkcsslotd.service.in
@SED@ -e s!\@sbindir\@!"@sbindir@"!g < $< > $@-t
mv $@-t $@
else
-initddir = $(sysconfdir)/rc.d/init.d
+initddir = $(sysconfdir)/init.d
initd_SCRIPTS = pkcsslotd
CLEANFILES = pkcsslotd

11
ocki-3.1-fix-libica-link.patch
View File

@ -1,11 +0,0 @@
--- opencryptoki/configure.in
+++ opencryptoki/configure.in
@@ -328,7 +328,7 @@
old_cflags="$CFLAGS"
old_libs="$LIBS"
CFLAGS="$CFLAGS $LIBICA_CFLAGS"
- LIBS="$LIBS $LIBICA_LIBS"
+ LIBS="$LIBS $LIBICA_LIBS -lrt -lcrypto -lpthread"
AC_CHECK_HEADER([ica_api.h], [], [
if test "x$with_libica" != "xcheck"; then
AC_MSG_ERROR([Build with Libica requested but Libica headers couldn't be found])

58
ocki-3.1-remove-make-install-chgrp-chmod.patch → ocki-3.1-remove-make-install-chgrp.patch
View File

@ -1,100 +1,94 @@
--- opencryptoki/usr/Makefile.am --- opencryptoki/usr/Makefile.am
+++ opencryptoki/usr/Makefile.am +++ opencryptoki/usr/Makefile.am
@@ -6,5 +6,3 @@ @@ -6,5 +6,4 @@
install-data-hook: install-data-hook:
$(MKDIR_P) $(DESTDIR)$(lockdir) $(MKDIR_P) $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir) - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
- $(CHMOD) 0770 $(DESTDIR)$(lockdir) $(CHMOD) 0770 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
--- opencryptoki/usr/lib/pkcs11/cca_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/cca_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/cca_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/cca_stdll/Makefile.am
@@ -66,13 +66,7 @@ @@ -66,12 +66,9 @@
cd $(DESTDIR)/$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)/$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_cca.so PKCS11_CCA.so ln -sf libpkcs11_cca.so PKCS11_CCA.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
$(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok $(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)/$(libdir)/opencryptoki/stdll; then \
--- opencryptoki/usr/lib/pkcs11/ep11_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/ep11_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/ep11_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/ep11_stdll/Makefile.am
@@ -54,13 +54,7 @@ @@ -49,12 +49,9 @@
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_ep11.so PKCS11_EP11.so ln -sf libpkcs11_ep11.so PKCS11_EP11.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
$(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok $(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)$(libdir)/opencryptoki/stdll; then \
--- opencryptoki/usr/lib/pkcs11/ica_s390_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/ica_s390_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/ica_s390_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/ica_s390_stdll/Makefile.am
@@ -62,13 +62,7 @@ @@ -64,12 +64,9 @@
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_ica.so PKCS11_ICA.so ln -sf libpkcs11_ica.so PKCS11_ICA.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
$(MKDIR_P) $(DESTDIR)$(lockdir)/lite $(MKDIR_P) $(DESTDIR)$(lockdir)/lite
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)$(libdir)/opencryptoki/stdll; then \
--- opencryptoki/usr/lib/pkcs11/icsf_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/icsf_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/icsf_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/icsf_stdll/Makefile.am
@@ -76,11 +76,7 @@ @@ -79,10 +79,8 @@
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_icsf.so PKCS11_ICSF.so ln -sf libpkcs11_icsf.so PKCS11_ICSF.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
$(MKDIR_P) $(DESTDIR)$(lockdir)/icsf $(MKDIR_P) $(DESTDIR)$(lockdir)/icsf
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)$(libdir)/opencryptoki/stdll; then \
--- opencryptoki/usr/lib/pkcs11/soft_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/soft_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/soft_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/soft_stdll/Makefile.am
@@ -54,13 +54,7 @@ @@ -56,12 +56,9 @@
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_sw.so PKCS11_SW.so ln -sf libpkcs11_sw.so PKCS11_SW.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
$(MKDIR_P) $(DESTDIR)$(lockdir)/swtok $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)$(libdir)/opencryptoki/stdll; then \
--- opencryptoki/usr/lib/pkcs11/tpm_stdll/Makefile.am --- opencryptoki/usr/lib/pkcs11/tpm_stdll/Makefile.am
+++ opencryptoki/usr/lib/pkcs11/tpm_stdll/Makefile.am +++ opencryptoki/usr/lib/pkcs11/tpm_stdll/Makefile.am
@@ -69,11 +69,7 @@ @@ -71,10 +71,8 @@
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -sf libpkcs11_tpm.so PKCS11_TPM.so ln -sf libpkcs11_tpm.so PKCS11_TPM.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm - $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
$(MKDIR_P) $(DESTDIR)$(lockdir)/tpm $(MKDIR_P) $(DESTDIR)$(lockdir)/tpm
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm - $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm
- $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm
uninstall-hook: uninstall-hook:
if test -d $(DESTDIR)$(libdir)/opencryptoki/stdll; then \

13
openCryptoki-tmp.conf
View File

@ -1,8 +1,7 @@
# Lock directories needed by openCryptoki # Lock directories needed by openCryptoki
D /run/lock/opencryptoki 0770 root pkcs11 D /var/lock/opencryptoki/swtok 0770 root pkcs11
D /run/lock/opencryptoki/swtok 0770 root pkcs11 D /var/lock/opencryptoki/lite 0770 root pkcs11
D /run/lock/opencryptoki/lite 0770 root pkcs11 D /var/lock/opencryptoki/tpm 0770 root pkcs11
D /run/lock/opencryptoki/tpm 0770 root pkcs11 D /var/lock/opencryptoki/ccatok 0770 root pkcs11
D /run/lock/opencryptoki/ccatok 0770 root pkcs11 D /var/lock/opencryptoki/icsf 0770 root pkcs11
D /run/lock/opencryptoki/icsf 0770 root pkcs11 D /var/lock/opencryptoki/ep11tok 0770 root pkcs11
D /run/lock/opencryptoki/ep11tok 0770 root pkcs11

73
openCryptoki.changes
View File

@ -1,3 +1,76 @@
-------------------------------------------------------------------
Thu Apr 14 01:47:08 UTC 2016 - mpost@suse.com
- Upgraded to openCryptoki v3.4.1 (Fate#319576, 319585, 319592, 319938).
- Changed BuildRequires for libica_2_3_0-devel to libica2-devel.
- Changed BuildRequires for openssl-devel to specify >= 1.0
Contrary to what the README says, version 0.9.7 isn't
sufficient.
- Removed the redundant DESTDIR= parameter from the %make_install
- Removed the following obsolete patches
opencryptoki-run-lock.patch (/var/lock and run/lock are actually the
same place) Also reverted the changed to openCryptoki-tmp.conf to match.
ocki-3.1_10_0001-ica-sha-update-empty-msg.patch
ocki-3.1-fix-implicit-decl.patch
ocki-3.1-fix-init_d-path.patch
ocki-3.1-fix-libica-link.patch
ocki-3.2_01_fix-return-type-error.patch
ocki-3.2_02_ep11-token-incorrectly-copied-the-public-key-object-.patch
ocki-3.2_03_ICSF-Token-C_SignUpdate-was-sometimes-segfaulting-an.patch
ocki-3.2_04_CKA_EC_POINT-is-not-required-in-the-ECDSA-private-ke.patch
ocki-3.2_05_icsf_ldap_handles.patch
ocki-3.2_06_icsf_sign_verify.patch
-------------------------------------------------------------------
Fri Nov 6 14:00:42 UTC 2015 - jjolly@suse.com
- Get a new ldap handle for each session opened in the icsf token,
once the user has authenticated. (bsc#953347,LTC#130078)
- ocki-3.2_05_icsf_ldap_handles.patch
- ocki-3.2_06_icsf_sign_verify.patch
-------------------------------------------------------------------
Fri Oct 2 04:05:45 UTC 2015 - jjolly@suse.com
- Added /var/lib/opencryptoki/lite/TOK_OBJ token directory (bsc#943070)
- Added ocki-3.2_02_ep11-token-incorrectly-copied-the-public-key-object-.patch
- Fixed two public key object inclusion in EP11 token (bsc#946808)
- Added ocki-3.2_03_ICSF-Token-C_SignUpdate-was-sometimes-segfaulting-an.patch
- Fixed GPF when calling C_SignUpdate using ICFS toekn (bsc#946172)
- Added ocki-3.2_04_CKA_EC_POINT-is-not-required-in-the-ECDSA-private-ke.patch
- Fixed failure to import ECDSA because of lack of attribute (bsc#948114)
-------------------------------------------------------------------
Thu Aug 20 00:49:21 UTC 2015 - jjolly@suse.com
- Fixed BuildRequires: libica2-devel
- Added ocki-3.2_01_fix-return-type-error.patch
- Changing doc/README.ep11_stdll to unix-style EOL
- Added BuildRequires: dos2unix
- Removed globbing in %files and specified libraries to include (bsc#942162)
-------------------------------------------------------------------
Tue Aug 18 02:50:08 UTC 2015 - jjolly@suse.com
- Updated to openCryptoki v3.2 (FATE#318240)
- Removed unnecessary patches:
- ocki-3.1_01_ep11_makefile.patch
- ocki-3.1_02_ep11_m_init.patch
- ocki-3.1_03_ock_obj_mgr.patch
- ocki-3.1_04_ep11_opaque2blob_error_handl.patch
- ocki-3.1_05_ep11_readme_update.patch
- ocki-3.1_06_0001-print_mechanism-ignored-bad-returncodes-from-the-cal.patch
- ocki-3.1_06_0002-Fix-failure-when-confname-is-not-given-use-default-e.patch
- ocki-3.1_06_0003-Configure-was-checking-for-the-ep11-lib-and-the-m_in.patch
- ocki-3.1_06_0004-The-asm-zcrypt.h-header-file-uses-some-std-int-types.patch
- ocki-3.1_06_0005-Small-reworks.patch
- ocki-3.1_06_0006-The-31-bit-build-on-s390-showed-an-build-error-at-in.patch
- ocki-3.1_06_0007-ep11-is-not-building-because-not-setting-with_zcrypt.patch
- ocki-3.1_07_0001-Man-page-corrections.patch
- ocki-3.1_08_0001-Add-a-pkcscca-tool-to-help-migrate-cca-private-token.patch
- ocki-3.1_08_0002-Add-documentation-pkcscca-manpage-and-README.cca_std.patch
- ocki-3.1_09_0001-Fix-EOL-encoding-in-README.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 7 21:22:57 UTC 2015 - crrodriguez@opensuse.org Tue Apr 7 21:22:57 UTC 2015 - crrodriguez@opensuse.org

71
openCryptoki.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package openCryptoki # spec file for package openCryptoki
# #
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -36,34 +36,34 @@ BuildRequires: bison
BuildRequires: flex BuildRequires: flex
BuildRequires: gcc-c++ BuildRequires: gcc-c++
%ifarch s390 s390x %ifarch s390 s390x
BuildRequires: libica-2_3_0-devel BuildRequires: libica2-devel
%endif %endif
BuildRequires: libtool BuildRequires: libtool
BuildRequires: openldap2-devel BuildRequires: openldap2-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel >= 1.0
BuildRequires: pwdutils BuildRequires: pwdutils
BuildRequires: trousers-devel BuildRequires: trousers-devel
%if %{uses_systemd} %if %{uses_systemd}
BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(systemd)
%{?systemd_requires} %{?systemd_requires}
%else %else
%insserv_prereq BuildRequires: %insserv_prereq
%endif %endif
BuildRequires: dos2unix
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
License: IPL-1.0 License: IPL-1.0
Group: Productivity/Security Group: Productivity/Security
Version: 3.2 Version: 3.4.1
Release: 0 Release: 0
Source: http://downloads.sourceforge.net/project/opencryptoki/opencryptoki/v3.2/opencryptoki-v3.2.tgz Source: %{oc_cvs_tag}-v%{version}.tgz
Source1: openCryptoki.pkcsslotd Source1: openCryptoki.pkcsslotd
Source2: openCryptoki-TFAQ.html Source2: openCryptoki-TFAQ.html
Source3: openCryptoki-tmp.conf Source3: openCryptoki-tmp.conf
Patch1: ocki-3.1-remove-make-install-chgrp-chmod.patch # Patch 1 is needed because group pkcs11 doesn't exist in the build environment
Patch2: ocki-3.1-fix-init_d-path.patch # and because we don't want(?) various file and directory permissions to be 0700.
Patch3: ocki-3.1-fix-implicit-decl.patch Patch1: ocki-3.1-remove-make-install-chgrp.patch
Patch4: ocki-3.1-fix-libica-link.patch Url: https://sourceforge.net/projects/opencryptoki/
Patch5: opencryptoki-run-lock.patch
Url: http://sourceforge.net/projects/opencryptoki/
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed
# IBM maintains openCryptoki on these architectures: # IBM maintains openCryptoki on these architectures:
@ -77,13 +77,16 @@ coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries). Cryptographic Accelerator (FC 4960 on pSeries).
%package devel %package devel
Summary: An Implementation of PKCS#11 (Cryptoki) v2.01 for IBM Cryptographic Hardware Summary: An Implementation of PKCS#11 (Cryptoki) v2.01 for IBM Cryptographic Hardware
Group: Development/Languages/C and C++ Group: Development/Languages/C and C++
Requires: glibc-devel Requires: glibc-devel
Requires: openCryptoki = %{version}-%{release} %ifarch s390 s390x
Requires: openssl-devel Requires: libica2-devel
%endif
Requires: libopenssl-devel
Requires: openldap2-devel
Requires: trousers-devel
%description devel %description devel
The PKCS#11 version 2.01 API implemented for the IBM cryptographic The PKCS#11 version 2.01 API implemented for the IBM cryptographic
@ -92,7 +95,6 @@ co-processor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries). Cryptographic Accelerator (FC 4960 on pSeries).
%ifarch %openCryptoki_32bit_arch %ifarch %openCryptoki_32bit_arch
%package 32bit %package 32bit
@ -113,7 +115,6 @@ coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries). Cryptographic Accelerator (FC 4960 on pSeries).
%endif %endif
%ifarch %openCryptoki_64bit_arch %ifarch %openCryptoki_64bit_arch
@ -135,16 +136,11 @@ coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries). Cryptographic Accelerator (FC 4960 on pSeries).
%endif %endif
%prep %prep
%setup -q -n %{oc_cvs_tag} %setup -q -n %{oc_cvs_tag}
%patch1 -p1 %patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
cp %{SOURCE2} . cp %{SOURCE2} .
%build %build
@ -155,9 +151,10 @@ autoreconf --force --install
--with-systemd=%{_unitdir} --with-systemd=%{_unitdir}
%endif %endif
make %{?_smp_mflags} make %{?_smp_mflags}
dos2unix doc/README.ep11_stdll
%install %install
%make_install DESTDIR=$RPM_BUILD_ROOT INSROOT=$RPM_BUILD_ROOT %make_install
install -d $RPM_BUILD_ROOT/usr/include install -d $RPM_BUILD_ROOT/usr/include
install -d $RPM_BUILD_ROOT/var/lib/opencryptoki install -d $RPM_BUILD_ROOT/var/lib/opencryptoki
install -d $RPM_BUILD_ROOT/etc/init.d install -d $RPM_BUILD_ROOT/etc/init.d
@ -172,8 +169,8 @@ ln -sfv ../../etc/init.d/pkcsslotd $RPM_BUILD_ROOT/usr/sbin/rcpkcsslotd
%endif %endif
rm -rf $RPM_BUILD_ROOT/tmp rm -rf $RPM_BUILD_ROOT/tmp
# Remove all development files # Remove all development files
rm -f $RPM_BUILD_ROOT${_libdir}/opencryptoki/libopencryptoki.la find $RPM_BUILD_ROOT%{_libdir} -type f -name "*.la" -delete
rm -f $RPM_BUILD_ROOT/%_libdir/opencryptoki/methods rm -f $RPM_BUILD_ROOT%{_libdir}/opencryptoki/methods
%pre %pre
%if %{uses_systemd} %if %{uses_systemd}
@ -182,15 +179,7 @@ rm -f $RPM_BUILD_ROOT/%_libdir/opencryptoki/methods
# autobuild:/work/cd/lib/misc/group # autobuild:/work/cd/lib/misc/group
# openCryptoki pkcs11:x:64: # openCryptoki pkcs11:x:64:
/usr/sbin/groupadd -g %pkcs11_group_id -r pkcs11 2>/dev/null || true /usr/sbin/groupadd -g %pkcs11_group_id -r pkcs11 2>/dev/null || true
/usr/sbin/usermod -G $(/usr/bin/id --groups --name root | /bin/sed \ /usr/sbin/usermod -a -G pkcs11 root
-e 's/root//' -e '
# add the pkcs group if it is missing
/(^| )pkcs11( |$)/!s/$/ pkcs11/
# replace spaces by commas
y/ /,/
# remove leading , if present
s/^,//
'),pkcs11 root
%preun %preun
%if %{uses_systemd} %if %{uses_systemd}
@ -295,10 +284,10 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so6
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/tpm %dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/tpm
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/icsf %dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/icsf
%ifarch s390 s390x %ifarch s390 s390x
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite/TOK_OBJ
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok %dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok/TOK_OBJ %dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok/TOK_OBJ
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite/TOK_OBJ
%endif %endif
%{_mandir}/man*/* %{_mandir}/man*/*
@ -306,11 +295,9 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so6
%defattr(-,root,root) %defattr(-,root,root)
%dir %{_libdir}/opencryptoki %dir %{_libdir}/opencryptoki
%dir %{_libdir}/opencryptoki/stdll %dir %{_libdir}/opencryptoki/stdll
%{_libdir}/opencryptoki/*.la
%{_libdir}/opencryptoki/stdll/*.la
%{_includedir}/opencryptoki %{_includedir}/opencryptoki
%ifarch %openCryptoki_32bit_arch
%ifarch %openCryptoki_32bit_arch
%files 32bit %files 32bit
%defattr(-,root,root) %defattr(-,root,root)
# these don't conflict because they only exist as 64bit binaries if # these don't conflict because they only exist as 64bit binaries if
@ -339,14 +326,14 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so6
%{_libdir}/pkcs11/*.so %{_libdir}/pkcs11/*.so
%{_sysconfdir}/ld.so.conf.d/* %{_sysconfdir}/ld.so.conf.d/*
%endif %endif
%ifarch %openCryptoki_64bit_arch
%ifarch %openCryptoki_64bit_arch
%files 64bit %files 64bit
%defattr(-,root,root) %defattr(-,root,root)
%dir %_libdir/opencryptoki %dir %{_libdir}/opencryptoki
%{_libdir}/opencryptoki/*.so %{_libdir}/opencryptoki/*.so
%{_libdir}/opencryptoki/*.0 %{_libdir}/opencryptoki/*.0
%dir %_libdir/opencryptoki/stdll %dir %{_libdir}/opencryptoki/stdll
%{_libdir}/opencryptoki/stdll/*.so %{_libdir}/opencryptoki/stdll/*.so
%{_libdir}/opencryptoki/stdll/*.0 %{_libdir}/opencryptoki/stdll/*.0
%{_libdir}/pkcs11 %{_libdir}/pkcs11

11
opencryptoki-run-lock.patch
View File

@ -1,11 +0,0 @@
--- opencryptoki.orig/configure.in
+++ opencryptoki/configure.in
@@ -40,7 +40,7 @@ AC_PROG_YACC
dnl Define custom variables
-lockdir=$localstatedir/lock/opencryptoki
+lockdir=/run/lock/opencryptoki
AC_SUBST(lockdir)
dnl ---

3
opencryptoki-v3.2.tgz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d0b4676766753449f4d9001436cf8371812ddff7b59869e8d5adef94c4fd261b
size 911965

3
opencryptoki-v3.4.1.tgz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:018ea402f3a1b38b203282fb047dfac209d94bf2988f2c29793eca65455452c4
size 1014416