From dd52f351d7d89e43996d62342255be4758c485879e1a4f6653b44cd70ef70a66 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <lnussel@suse.com>
Date: Mon, 13 Oct 2014 16:18:49 +0000
Subject: [PATCH] - remove patches:  *
 trust-Print-label-of-certificate-when-complaining-.patch  *
 trust-Dont-use-invalid-public-keys-for-looking-up-.patch - new version 0.20.7
 (stable)  * New public pkcs11x.h header containing extensions [fdo#83495]  *
 Export necessary defines to lookup attached extensions [fdo#83495]  * Build
 fixes - new version 0.20.6 (stable)  * Make the p11-kit-proxy.so module
 respect critical = no [fdo#83651]  * Build fix for FreeBSD [fdo#75674] - new
 version 0.20.5 (stable)  * Don't use invalid keys for looking up stapled
 extensions [fdo#82328]  * Better error messages when invalid certificate
 extensions  * Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files  *
 Fix some leaks, and memory issues  * Silence some clang scanner warnings -
 new version 0.20.4 (stable)  * Don't complain about C_Finalize after a fork 
 * Fix typo

OBS-URL: https://build.opensuse.org/package/show/Base:System/p11-kit?expand=0&rev=19
---
 p11-kit-0.20.3.tar.gz                         |   3 --
 p11-kit-0.20.3.tar.gz.sig                     | Bin 71 -> 0 bytes
 p11-kit-0.20.7.tar.gz                         |   3 ++
 p11-kit-0.20.7.tar.gz.sig                     | Bin 0 -> 72 bytes
 p11-kit.changes                               |  27 +++++++++++++
 p11-kit.spec                                  |  13 +-----
 ...-invalid-public-keys-for-looking-up-.patch |  26 ------------
 ...bel-of-certificate-when-complaining-.patch |  37 ------------------
 8 files changed, 32 insertions(+), 77 deletions(-)
 delete mode 100644 p11-kit-0.20.3.tar.gz
 delete mode 100644 p11-kit-0.20.3.tar.gz.sig
 create mode 100644 p11-kit-0.20.7.tar.gz
 create mode 100644 p11-kit-0.20.7.tar.gz.sig
 delete mode 100644 trust-Dont-use-invalid-public-keys-for-looking-up-.patch
 delete mode 100644 trust-Print-label-of-certificate-when-complaining-.patch

diff --git a/p11-kit-0.20.3.tar.gz b/p11-kit-0.20.3.tar.gz
deleted file mode 100644
index 50fa141..0000000
--- a/p11-kit-0.20.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b77032bc68c24e6c3cfd8cb340a4a3bb8b7d62a7c659dae08e9b6bb7287193c3
-size 1171155
diff --git a/p11-kit-0.20.3.tar.gz.sig b/p11-kit-0.20.3.tar.gz.sig
deleted file mode 100644
index 70d7e1e621bc3191406b86fd39ad22dedad3ebbafa7f4ac975a0a6d263d00aaf..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 71
zcmV-N0J#5%MFap50ssaD0#mlQwg3tV5PSO(2-zoPuVxtlpG$}dP9=o9XRB~wQIVYy
dx&0+@^Z=JyleFN$XkH$u3|G}l)sI$3h?Yfk8<YS5

diff --git a/p11-kit-0.20.7.tar.gz b/p11-kit-0.20.7.tar.gz
new file mode 100644
index 0000000..5f0bb03
--- /dev/null
+++ b/p11-kit-0.20.7.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:68405492fe466b33927d461302aa98e703db3b8a596411585508bc33084484d2
+size 986731
diff --git a/p11-kit-0.20.7.tar.gz.sig b/p11-kit-0.20.7.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..fbdca1b18ab478b02f0b0ac7dfb3ae2e28b4e1756a761fc91608c146b486ed6d
GIT binary patch
literal 72
zcmV-O0Jr~$Mg#y60ssaD0#q8qSpW(N5PSO(2-zoPuP=H4o;U-Woj03;VjIbmwurtM
esy~p<JOH16X(0f7HCqz6Y@2nA!P7vqv@|&z{Tc57

literal 0
HcmV?d00001

diff --git a/p11-kit.changes b/p11-kit.changes
index b064cd0..37560da 100644
--- a/p11-kit.changes
+++ b/p11-kit.changes
@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Mon Oct 13 16:09:09 UTC 2014 - lnussel@suse.de
+
+- remove patches:
+ * trust-Print-label-of-certificate-when-complaining-.patch
+ * trust-Dont-use-invalid-public-keys-for-looking-up-.patch
+
+- new version 0.20.7 (stable)
+ * New public pkcs11x.h header containing extensions [fdo#83495]
+ * Export necessary defines to lookup attached extensions [fdo#83495]
+ * Build fixes
+
+- new version 0.20.6 (stable)
+ * Make the p11-kit-proxy.so module respect critical = no [fdo#83651]
+ * Build fix for FreeBSD [fdo#75674]
+
+- new version 0.20.5 (stable)
+ * Don't use invalid keys for looking up stapled extensions [fdo#82328]
+ * Better error messages when invalid certificate extensions
+ * Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files
+ * Fix some leaks, and memory issues
+ * Silence some clang scanner warnings
+
+- new version 0.20.4 (stable)
+ * Don't complain about C_Finalize after a fork
+ * Fix typo
+
 -------------------------------------------------------------------
 Fri Aug 29 06:47:50 UTC 2014 - lnussel@suse.de
 
diff --git a/p11-kit.spec b/p11-kit.spec
index debec9d..c789d62 100644
--- a/p11-kit.spec
+++ b/p11-kit.spec
@@ -22,7 +22,7 @@
 %define trustdir_static  %{pkidir_static}/trust
 
 Name:           p11-kit
-Version:        0.20.3
+Version:        0.20.7
 Release:        0
 Summary:        Library to work with PKCS#11 modules
 License:        BSD-3-Clause
@@ -35,12 +35,6 @@ Source99:       baselibs.conf
 # patch proposed upstream. If it gets rejected, need to implement
 # this in ca-certificates.
 Patch0:         0001-trust-allow-to-also-add-openssl-style-hashes-to-pem-d.diff
-# PATCH-FIX-OPENSUSE
-# trust-Print-label-of-certificate-when-complaining-.patch bnc#890908 lnussel@suse.de
-Patch1:         trust-Print-label-of-certificate-when-complaining-.patch
-# PATCH-FIX-OPENSUSE
-# trust-Dont-use-invalid-public-keys-for-looking-up-.patch bnc#890908 lnussel@suse.de
-Patch2:         trust-Dont-use-invalid-public-keys-for-looking-up-.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
@@ -98,10 +92,7 @@ Adaptor library to make NSS read the p11-kit trust store. It has
 to be installed intead of mozilla-nss-certs.
 
 %prep
-%setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
+%autosetup -p1
 
 %build
 # just because of patch0
diff --git a/trust-Dont-use-invalid-public-keys-for-looking-up-.patch b/trust-Dont-use-invalid-public-keys-for-looking-up-.patch
deleted file mode 100644
index 99d3914..0000000
--- a/trust-Dont-use-invalid-public-keys-for-looking-up-.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 244e885d3e9aae7f7b286f1115a220eb16fa0530 Mon Sep 17 00:00:00 2001
-From: Stef Walter <stefw@redhat.com>
-Date: Fri, 8 Aug 2014 08:47:54 +0200
-Subject: [PATCH] trust: Don't use invalid public keys for looking up stapled
- extensions
-
-https://bugs.freedesktop.org/show_bug.cgi?id=82328
----
- trust/builder.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/trust/builder.c b/trust/builder.c
-index f7ea86a..fd7a662 100644
---- a/trust/builder.c
-+++ b/trust/builder.c
-@@ -125,7 +125,7 @@ lookup_extension (p11_builder *builder,
- 		{ CKA_INVALID },
- 	};
- 
--	if (public_key == NULL)
-+	if (public_key == NULL || public_key->type == CKA_INVALID)
- 		public_key = p11_attrs_find_valid (cert, CKA_X_PUBLIC_KEY_INFO);
- 
- 	/* Look for a stapled certificate extension */
--- 
-1.9.3
\ No newline at end of file
diff --git a/trust-Print-label-of-certificate-when-complaining-.patch b/trust-Print-label-of-certificate-when-complaining-.patch
deleted file mode 100644
index bec7bb2..0000000
--- a/trust-Print-label-of-certificate-when-complaining-.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 70228770eb96e7121e12632a85e603727ed42431 Mon Sep 17 00:00:00 2001
-From: Stef Walter <stefw@redhat.com>
-Date: Fri, 8 Aug 2014 08:47:23 +0200
-Subject: [PATCH] trust: Print label of certificate when complaining about
- basic constraints
-
-https://bugs.freedesktop.org/show_bug.cgi?id=82328
----
- trust/builder.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/trust/builder.c b/trust/builder.c
-index 18c09ad..f7ea86a 100644
---- a/trust/builder.c
-+++ b/trust/builder.c
-@@ -551,6 +551,7 @@ calc_certificate_category (p11_builder *builder,
-                            CK_ATTRIBUTE *public_key,
-                            CK_ULONG *category)
- {
-+	CK_ATTRIBUTE *label;
- 	unsigned char *ext;
- 	size_t ext_len;
- 	bool is_ca = 0;
-@@ -570,7 +571,10 @@ calc_certificate_category (p11_builder *builder,
- 		ret = p11_x509_parse_basic_constraints (builder->asn1_defs, ext, ext_len, &is_ca);
- 		free (ext);
- 		if (!ret) {
--			p11_message ("invalid basic constraints certificate extension");
-+			label = p11_attrs_find_valid (cert, CKA_LABEL);
-+			p11_message ("%.*s: invalid basic constraints certificate extension",
-+				     label ? (int)label->ulValueLen : 7,
-+				     label ? (char *)label->pValue : "unknown");
- 			return false;
- 		}
- 
--- 
-1.9.3
\ No newline at end of file