Accepting request 57877 from home:sbrabec:branches:security:chipcard
Accepted my own submit. OBS-URL: https://build.opensuse.org/request/show/57877 OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=25
This commit is contained in:
parent
986028a554
commit
5a40d6a1ae
@ -1,2 +0,0 @@
|
||||
opensc
|
||||
libopensc2
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:8ef1bc9dd5f6c8df6814bfd1a53bd5ac135716a610a1dac957c9d5a35de19071
|
||||
size 1128054
|
3
opensc-0.12.0.tar.bz2
Normal file
3
opensc-0.12.0.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:295a9f3dfe4d7a18b8b98f54f21e6b396b88c0607bbab785aa32c94792842cc8
|
||||
size 1065834
|
@ -1,26 +0,0 @@
|
||||
Index: opensc-0.11.13/src/libopensc/card-belpic.c
|
||||
===================================================================
|
||||
--- opensc-0.11.13.orig/src/libopensc/card-belpic.c
|
||||
+++ opensc-0.11.13/src/libopensc/card-belpic.c
|
||||
@@ -1338,7 +1338,7 @@ static int belpic_pin_cmd_usage(sc_card_
|
||||
data->pin1.encoding = data->pin2.encoding = BELPIC_PIN_ENCODING;
|
||||
data->pin1.pad_char = data->pin2.pad_char = BELPIC_PAD_CHAR;
|
||||
data->pin1.min_length = data->pin2.min_length = BELPIC_MIN_USER_PIN_LEN;
|
||||
- data->pin1.max_length = data->pin1.max_length = BELPIC_MAX_USER_PIN_LEN;
|
||||
+ data->pin1.max_length = data->pin2.max_length = BELPIC_MAX_USER_PIN_LEN;
|
||||
data->apdu = NULL;
|
||||
|
||||
return iso_ops->pin_cmd(card, data, tries_left);
|
||||
Index: opensc-0.11.13/src/libopensc/card-myeid.c
|
||||
===================================================================
|
||||
--- opensc-0.11.13.orig/src/libopensc/card-myeid.c
|
||||
+++ opensc-0.11.13/src/libopensc/card-myeid.c
|
||||
@@ -394,7 +394,7 @@ static int myeid_create_file(struct sc_c
|
||||
SC_FUNC_RETURN(card->ctx, 1, SC_ERROR_FILE_ALREADY_EXISTS);
|
||||
|
||||
r = sc_check_sw(card, apdu.sw1, apdu.sw2);
|
||||
- SC_TEST_RET(card->ctx, r, "Card returned error");
|
||||
+ SC_FUNC_RETURN(card->ctx, 1, r);
|
||||
}
|
||||
|
||||
/* no record oriented file services */
|
@ -1,118 +0,0 @@
|
||||
---
|
||||
m4/gpg-error.m4 | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
m4/libassuan.m4 | 2 -
|
||||
src/signer/dialog.c | 35 +++++++++++++++++-----------
|
||||
3 files changed, 88 insertions(+), 14 deletions(-)
|
||||
|
||||
Index: opensc-0.11.13/m4/libassuan.m4
|
||||
===================================================================
|
||||
--- opensc-0.11.13.orig/m4/libassuan.m4 2009-12-13 10:14:26.000000000 +0100
|
||||
+++ opensc-0.11.13/m4/libassuan.m4 2010-04-13 12:26:56.000000000 +0200
|
||||
@@ -26,7 +26,7 @@ AC_DEFUN([_AM_PATH_LIBASSUAN_COMMON],
|
||||
fi
|
||||
AC_PATH_PROG(LIBASSUAN_CONFIG, libassuan-config, no)
|
||||
|
||||
- tmp=ifelse([$1], ,1:0.9.2,$1)
|
||||
+ tmp=ifelse([$1], ,2:2.0.0,$1)
|
||||
if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
|
||||
req_libassuan_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'`
|
||||
min_libassuan_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
|
||||
Index: opensc-0.11.13/src/signer/dialog.c
|
||||
===================================================================
|
||||
--- opensc-0.11.13.orig/src/signer/dialog.c 2010-02-16 10:03:25.000000000 +0100
|
||||
+++ opensc-0.11.13/src/signer/dialog.c 2010-04-13 16:03:10.000000000 +0200
|
||||
@@ -15,31 +15,31 @@ struct entry_parm_s {
|
||||
char *buffer;
|
||||
};
|
||||
|
||||
-static AssuanError
|
||||
+static gpg_error_t
|
||||
getpin_cb (void *opaque, const void *buffer, size_t length)
|
||||
{
|
||||
struct entry_parm_s *parm = (struct entry_parm_s *) opaque;
|
||||
|
||||
/* we expect the pin to fit on one line */
|
||||
if (parm->lines || length >= parm->size)
|
||||
- return ASSUAN_Too_Much_Data;
|
||||
+ return gpg_error(GPG_ERR_ASS_TOO_MUCH_DATA);
|
||||
|
||||
/* fixme: we should make sure that the assuan buffer is allocated in
|
||||
secure memory or read the response byte by byte */
|
||||
memcpy(parm->buffer, buffer, length);
|
||||
parm->buffer[length] = 0;
|
||||
parm->lines++;
|
||||
- return (AssuanError) 0;
|
||||
+ return gpg_error(GPG_ERR_NO_ERROR);
|
||||
}
|
||||
|
||||
int ask_and_verify_pin_code(struct sc_pkcs15_card *p15card,
|
||||
struct sc_pkcs15_object *pin)
|
||||
{
|
||||
- int r;
|
||||
+ gpg_error_t r;
|
||||
size_t len;
|
||||
const char *argv[3];
|
||||
const char *pgmname = PIN_ENTRY;
|
||||
- ASSUAN_CONTEXT ctx;
|
||||
+ assuan_context_t ctx = NULL;
|
||||
char buf[500];
|
||||
char errtext[100];
|
||||
struct entry_parm_s parm;
|
||||
@@ -48,16 +48,26 @@ int ask_and_verify_pin_code(struct sc_pk
|
||||
argv[0] = pgmname;
|
||||
argv[1] = NULL;
|
||||
|
||||
- r = assuan_pipe_connect(&ctx, pgmname, (char **) argv, NULL);
|
||||
+ assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
|
||||
+
|
||||
+ r = assuan_new(&ctx);
|
||||
+ if (r) {
|
||||
+ printf("Can't initialize assuan context: %s\n)",
|
||||
+ gpg_strerror(r));
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ r = assuan_pipe_connect(ctx, pgmname, (const char **) argv, \
|
||||
+ NULL, NULL, NULL, 0);
|
||||
if (r) {
|
||||
printf("Can't connect to the PIN entry module: %s\n",
|
||||
- assuan_strerror((AssuanError) r));
|
||||
+ gpg_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
sprintf(buf, "SETDESC Enter PIN [%s] for digital signing ", pin->label);
|
||||
r = assuan_transact(ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL);
|
||||
if (r) {
|
||||
- printf("SETDESC: %s\n", assuan_strerror((AssuanError) r));
|
||||
+ printf("SETDESC: %s\n", gpg_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
errtext[0] = 0;
|
||||
@@ -71,12 +81,12 @@ int ask_and_verify_pin_code(struct sc_pk
|
||||
parm.size = sizeof(buf);
|
||||
parm.buffer = buf;
|
||||
r = assuan_transact(ctx, "GETPIN", getpin_cb, &parm, NULL, NULL, NULL, NULL);
|
||||
- if (r == ASSUAN_Canceled) {
|
||||
- assuan_disconnect(ctx);
|
||||
+ if (gpg_err_code(r) == GPG_ERR_ASS_CANCELED) {
|
||||
+ assuan_release(ctx);
|
||||
return -2;
|
||||
}
|
||||
if (r) {
|
||||
- printf("GETPIN: %s\n", assuan_strerror((AssuanError) r));
|
||||
+ printf("GETPIN: %s\n", gpg_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
len = strlen(buf);
|
||||
@@ -104,9 +114,9 @@ int ask_and_verify_pin_code(struct sc_pk
|
||||
break;
|
||||
}
|
||||
|
||||
- assuan_disconnect(ctx);
|
||||
+ assuan_release(ctx);
|
||||
return 0;
|
||||
err:
|
||||
- assuan_disconnect(ctx);
|
||||
+ assuan_release(ctx);
|
||||
return -1;
|
||||
}
|
@ -1,26 +0,0 @@
|
||||
Index: opensc-0.11.13/src/signer/Makefile.am
|
||||
===================================================================
|
||||
--- opensc-0.11.13/src/signer/Makefile.am
|
||||
+++ opensc-0.11.13/src/signer/Makefile.am
|
||||
@@ -2,8 +2,9 @@ MAINTAINERCLEANFILES = $(srcdir)/Makefil
|
||||
|
||||
SUBDIRS = npinclude
|
||||
if ENABLE_NSPLUGIN
|
||||
+nsplugindir = $(plugindir)
|
||||
noinst_HEADERS = opensc-crypto.h opensc-support.h signer.h
|
||||
-lib_LTLIBRARIES = opensc-signer.la
|
||||
+nsplugin_LTLIBRARIES = opensc-signer.la
|
||||
dist_noinst_DATA = testprog.c
|
||||
endif
|
||||
|
||||
@@ -18,10 +19,3 @@ opensc_signer_la_LIBADD = $(OPENSSL_LIBS
|
||||
opensc_signer_la_LDFLAGS = $(AM_LDFLAGS) \
|
||||
-export-symbols "$(srcdir)/signer.exports" \
|
||||
-module -avoid-version -no-undefined
|
||||
-
|
||||
-if ENABLE_NSPLUGIN
|
||||
-plugin_DATA=#Create directory
|
||||
-install-exec-hook: install-pluginDATA
|
||||
- -rm -f "$(DESTDIR)$(plugindir)/opensc-signer.so"
|
||||
- $(LN_S) "$(libdir)/opensc-signer.so" "$(DESTDIR)$(plugindir)"
|
||||
-endif
|
@ -1,4 +1,4 @@
|
||||
addFilter("devel-file-in-non-devel-package")
|
||||
addFilter("shlib-policy-devel-file")
|
||||
addFilter("shlib-policy-nonversioned-dir")
|
||||
# Private library don't need to be in a separate package.
|
||||
addFilter("shlib-policy-missing-suffix")
|
||||
# There is no devel package any more.
|
||||
addFilter("obsolete-not-provided")
|
||||
|
@ -1,3 +1,18 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 7 14:49:37 CET 2011 - sbrabec@suse.cz
|
||||
|
||||
- Updated to version 0.12.0:
|
||||
* Security fix (bnc#660109, CVE-2010-4523).
|
||||
* Only one backend is supported. openSUSE will use pcsc-lite.
|
||||
* libopensc made private, library should not be used by other
|
||||
applications. Please use generic PKCS#11 interface instead.
|
||||
* Signer plugin discontinued. Please use openssl engine_pkcs11.
|
||||
* No more depends on libassuan.
|
||||
* New card drivers.
|
||||
* Support for CardOS enhanced.
|
||||
* More changes and enhancements.
|
||||
- libopensc merged back to the main package, as it is private now.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 23 14:15:22 CEST 2010 - sbrabec@suse.cz
|
||||
|
||||
|
156
opensc.spec
156
opensc.spec
@ -15,130 +15,54 @@
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
# norootforbuild
|
||||
|
||||
|
||||
Name: opensc
|
||||
BuildRequires: libassuan-devel >= 2.0.0
|
||||
BuildRequires: libusb-devel
|
||||
BuildRequires: openct-devel
|
||||
BuildRequires: libtool
|
||||
BuildRequires: openssl-devel
|
||||
BuildRequires: pcsc-lite-devel
|
||||
BuildRequires: pkg-config
|
||||
BuildRequires: readline-devel
|
||||
BuildRequires: xorg-x11-devel
|
||||
BuildRequires: libgpg-error-devel
|
||||
# bug437293
|
||||
%ifarch ppc64
|
||||
Obsoletes: opensc-64bit
|
||||
%endif
|
||||
#
|
||||
BuildRequires: libxslt docbook-xsl-stylesheets
|
||||
Url: http://www.opensc-project.org/opensc/
|
||||
Version: 0.11.13
|
||||
Release: 4
|
||||
Version: 0.12.0
|
||||
Release: 0
|
||||
Group: Productivity/Security
|
||||
Summary: OpenSC Smart Card Library
|
||||
Summary: Smart Card Utilities
|
||||
License: LGPLv2.1+
|
||||
Requires: libopensc2 = %{version}
|
||||
Requires: pcsc-lite
|
||||
Requires: pinentry
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
Source: %{name}-%{version}.tar.bz2
|
||||
Source1: %{name}-ADVISORIES
|
||||
# Supress all ugly warnings related to required .so and .la files in the main package:
|
||||
Source2: %{name}-rpmlintrc
|
||||
# and also skip-check-libtool-deps (and add these dependencies to the devel package)
|
||||
Source3: baselibs.conf
|
||||
# PATCH-FIX-UPSTREAM opensc-libassuan-2.patch http://www.opensc-project.org/opensc/ticket/217 puzel@novell.com -- allows to build with libassuan2
|
||||
Patch0: opensc-libassuan-2.patch
|
||||
# PATCH-FIX-UPSTREAM opensc-fix-gcc-warnings.patch http://www.opensc-project.org/opensc/ticket/249 reddwarf@opensuse.org -- the card-myeid.c part has an equivalent fix in upstream's trunk
|
||||
Patch1: opensc-fix-gcc-warnings.patch
|
||||
# PATCH-FIX-UPSTREAM opensc-plugindir.patch https://www.opensc-project.org/opensc/ticket/251 sbrabec@suse.cz -- clean plugin installation
|
||||
Patch2: opensc-plugindir.patch
|
||||
Requires: pcsc-lite
|
||||
# There is no more devel package.
|
||||
Obsoletes: opensc-devel < %{version}
|
||||
# This package is not supported any more. Last appeared in openSUSE 11.3, never appeared in SLE:
|
||||
Obsoletes: opensc-java <= 0.2.2
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
OpenSC provides a set of libraries and utilities to access smart cards.
|
||||
It mainly focuses on cards that support cryptographic operations. It
|
||||
facilitates their use in security applications such as mail encryption,
|
||||
|
||||
OpenSC provides a set of utilities to access smart cards. It mainly
|
||||
focuses on cards that support cryptographic operations. It facilitates
|
||||
their use in security applications such as mail encryption,
|
||||
authentication, and digital signature. OpenSC implements the PKCS#11
|
||||
API. Applications supporting this API, such as Mozilla Firefox and
|
||||
Thunderbird, can use it. OpenSC implements the PKCS#15 standard and
|
||||
aims to be compatible with every software that does so, too.
|
||||
|
||||
Before purchasing any cards, please read carefully documentation in
|
||||
/usr/share/doc/packages/opensc/wiki/index.html - only some cards are
|
||||
supported. Not only card type matters, but also card version, card OS
|
||||
version and preloaded applet. Only subset of possible operations may be
|
||||
supported for your card. Card initialization may require third party
|
||||
proprietary software.
|
||||
|
||||
Thunderbird, can use it. OpenSC implements the PKCS#15 standard and aims
|
||||
to be compatible with every software that does so, too.
|
||||
|
||||
Before purchasing any cards, please read carefully documentation on the
|
||||
web pageonly some cards are supported. Not only card type matters, but
|
||||
also card version, card OS version and preloaded applet. Only subset of
|
||||
possible operations may be supported for your card. Card initialization
|
||||
may require third party proprietary software.
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Juha Yrjölä <jyrjola@cc.hut.fi>
|
||||
Juha Yrjölä <jyrjola@cc.hut.fi>
|
||||
Antti Tapaninen <aet@cc.hut.fi>
|
||||
Timo Teräs <timo.teras@iki.fi>
|
||||
Timo Teräs <timo.teras@iki.fi>
|
||||
Olaf Kirch <okir@suse.de>
|
||||
|
||||
%package -n libopensc2
|
||||
License: LGPLv2.1+
|
||||
Group: System/Libraries
|
||||
Summary: OpenSC Smart Card Library
|
||||
|
||||
%description -n libopensc2
|
||||
OpenSC provides a set of libraries and utilities to access smart cards.
|
||||
It mainly focuses on cards that support cryptographic operations. It
|
||||
facilitates their use in security applications such as mail encryption,
|
||||
authentication, and digital signature. OpenSC implements the PKCS#11
|
||||
API. Applications supporting this API, such as Mozilla Firefox and
|
||||
Thunderbird, can use it. OpenSC implements the PKCS#15 standard and
|
||||
aims to be compatible with every software that does so, too.
|
||||
|
||||
Before purchasing any cards, please read carefully documentation in
|
||||
/usr/share/doc/packages/opensc/wiki/index.html - only some cards are
|
||||
supported. Not only card type matters, but also card version, card OS
|
||||
version and preloaded applet. Only subset of possible operations may be
|
||||
supported for your card. Card initialization may require third party
|
||||
proprietary software.
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Juha Yrjölä <jyrjola@cc.hut.fi>
|
||||
Antti Tapaninen <aet@cc.hut.fi>
|
||||
Timo Teräs <timo.teras@iki.fi>
|
||||
Olaf Kirch <okir@suse.de>
|
||||
|
||||
%package devel
|
||||
License: GPLv2+
|
||||
Group: Development/Libraries/C and C++
|
||||
Summary: Additional files needed for OpenSC development
|
||||
# FIXME: Change to libtool-devel for the next libtool version:
|
||||
Requires: %{name} = %{version} glibc-devel openct-devel libopenssl-devel zlib-devel libtool
|
||||
|
||||
%description devel
|
||||
This package contains files required to develop applications using the
|
||||
OpenSC framework.
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Juha Yrjölä <juha.yrjola@iki.fi>
|
||||
Antti Tapaninen <aet@cc.hut.fi>
|
||||
Timo Teräs <timo.teras@iki.fi>
|
||||
Olaf Kirch <okir@caldera.de>
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
tr -d '\r' <doc/nonpersistent/wiki.out/trac.css >doc/nonpersistent/wiki.out/trac.css~
|
||||
touch -r doc/nonpersistent/wiki.out/trac.css doc/nonpersistent/wiki.out/trac.css~
|
||||
mv doc/nonpersistent/wiki.out/trac.css~ doc/nonpersistent/wiki.out/trac.css
|
||||
cp -a %{S:1} ADVISORIES
|
||||
|
||||
%build
|
||||
@ -148,25 +72,21 @@ autoreconf -f -i
|
||||
%configure\
|
||||
--docdir=%{_docdir}/%{name}\
|
||||
--disable-static\
|
||||
--enable-doc\
|
||||
--enable-pcsc\
|
||||
--enable-openct\
|
||||
--enable-nsplugin\
|
||||
--with-pinentry=/usr/bin/pinentry\
|
||||
--with-plugindir=%{_libdir}/browser-plugins
|
||||
--enable-doc
|
||||
make %{?jobs:-j%jobs}
|
||||
|
||||
%install
|
||||
%makeinstall
|
||||
rm $RPM_BUILD_ROOT%{_libdir}/browser-plugins/*.la
|
||||
cp COPYING ADVISORIES doc/nonpersistent/ChangeLog $RPM_BUILD_ROOT%{_docdir}/%{name}
|
||||
cp COPYING ADVISORIES ChangeLog README $RPM_BUILD_ROOT%{_docdir}/%{name}
|
||||
# Private library.
|
||||
rm $RPM_BUILD_ROOT%{_libdir}/libopensc.so
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%post -n libopensc2 -p /sbin/ldconfig
|
||||
%post -p /sbin/ldconfig
|
||||
|
||||
%postun -n libopensc2 -p /sbin/ldconfig
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
@ -177,28 +97,16 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%doc %{_docdir}/%{name}/NEWS
|
||||
%doc %{_docdir}/%{name}/README
|
||||
%doc %{_docdir}/%{name}/tools.html
|
||||
%doc %{_docdir}/%{name}/wiki
|
||||
%{_bindir}/*
|
||||
%exclude %{_bindir}/*-config
|
||||
%{_datadir}/opensc
|
||||
# Note: .la and .so must be in the main package, required by ltdl:
|
||||
%{_libdir}/*.la
|
||||
%{_libdir}/*.so
|
||||
%{_libdir}/browser-plugins/*.so
|
||||
%dir %{_libdir}/pkcs11
|
||||
%{_libdir}/pkcs11/*.so
|
||||
%doc %{_mandir}/man?/*.*
|
||||
%config %{_sysconfdir}/opensc.conf
|
||||
|
||||
%files -n libopensc2
|
||||
%defattr(-,root,root)
|
||||
%{_libdir}/*.so.*
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%doc %{_docdir}/%{name}/api.html
|
||||
%{_bindir}/*-config
|
||||
%{_includedir}/opensc
|
||||
%{_libdir}/pkgconfig/*.pc
|
||||
# This is a private library. There is no reason to split it to libopensc* package.
|
||||
%{_libdir}/libopensc.so.*
|
||||
|
||||
%changelog
|
||||
|
Loading…
Reference in New Issue
Block a user