Accepting request 263190 from home:gary_lin:branches:Base:System

- fix the signature size check while importing a signature - Amend the spec file with spec-cleaner OBS-URL: https://build.opensuse.org/request/show/263190 OBS-URL: https://build.opensuse.org/package/show/Base:System/pesign?expand=0&rev=31
2014-11-27 02:23:44 +00:00 · 2014-11-27 02:23:44 +00:00 · 91f29681d8
commit 91f29681d8
parent 6268b01894
3 changed files with 49 additions and 9 deletions
--- a/pesign-fix-import-sig-check.patch
+++ b/pesign-fix-import-sig-check.patch
@ -0,0 +1,30 @@
+From b5f822be1da9c8e4f6e04286b4b7ab73165478ab Mon Sep 17 00:00:00 2001
+From: Gary Ching-Pang Lin <glin@suse.com>
+Date: Tue, 25 Nov 2014 15:28:40 +0800
+Subject: [PATCH] Correct the signature size check
+
+Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
+---
+ src/actions.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/actions.c b/src/actions.c
+index 74a34e3..44c9675 100644
+--- a/src/actions.c
+++ b/src/actions.c
+@@ -416,10 +416,9 @@ check_signature_space(pesign_context *ctx)
+ 	ssize_t available = available_cert_space(ctx->outpe);
+ 	ssize_t target = ctx->cms_ctx->newsig.len + sizeof (win_certificate);
+ 
+-	if (available == target)
+-		return;
+	target += ALIGNMENT_PADDING(target, 8);
+ 
+-	if (target + 8 > available)
+	if (available >= target)
+ 		return;
+ 
+ 	fprintf(stderr, "Could not add new signature: insufficient space.\n");
+-- 
+2.1.2
+
--- a/pesign.changes
+++ b/pesign.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Nov 26 09:46:50 UTC 2014 - glin@suse.com
+
+- Add pesign-fix-import-sig-check.patch to fix the signature size
+  check while importing a signature
+- Amend the spec file with spec-cleaner
+
 -------------------------------------------------------------------
 Fri Oct 31 07:16:40 UTC 2014 - glin@suse.com

--- a/pesign.spec
+++ b/pesign.spec
@ -38,14 +38,16 @@ Patch5:         pesign-run.patch
 Patch6:         pesign-fix-authvar-write-loop.patch
 # PATCH-FIX-SUSE pesign-install-supplementary-programs.patch glin@suse.com -- Install the supplementary programs
 Patch7:         pesign-install-supplementary-programs.patch
+# PATCH-FIX-UPSTREAM pesign-fix-import-sig-check.patch glin@suse.com -- Fix the signature size check while importing a signature
+Patch8:         pesign-fix-import-sig-check.patch
 BuildRequires:  efivar-devel
 BuildRequires:  libuuid-devel
 BuildRequires:  mozilla-nss-devel
 BuildRequires:  pkg-config
 BuildRequires:  popt-devel
 BuildRequires:  pkgconfig(systemd)
+Requires(pre):  pwdutils
 %{?systemd_requires}
-PreReq:         pwdutils
 ExclusiveArch:  ia64 %ix86 x86_64 aarch64

 %description
@ -67,24 +69,25 @@ Authors:
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1

 %build
-make OPTFLAGS="$RPM_OPT_FLAGS"
+make %{?_smp_mflags} OPTFLAGS="%{optflags}"

 %install
 make INSTALLROOT=%{buildroot} PREFIX=/usr DOCDIR=/share/doc/packages install
-mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/pesign
+mkdir -p %{buildroot}%{_localstatedir}/lib/pesign

-mkdir -p $RPM_BUILD_ROOT%{_sbindir}
+mkdir -p %{buildroot}%{_sbindir}
 make INSTALLROOT=%{buildroot} UNITDIR=%{_unitdir} install_systemd

 # there's some stuff that's not really meant to be shipped yet
-rm -rf %{buildroot}/boot %{buildroot}/usr/include
+rm -rf %{buildroot}/boot %{buildroot}%{_prefix}/include
 rm -rf %{buildroot}%{_libdir}/libdpe*

 %pre
 getent group pesign >/dev/null || groupadd -r pesign
-getent passwd pesign >/dev/null || useradd -r -g pesign -d /var/lib/pesign -s /bin/false -c "PE-COFF signing daemon" pesign
+getent passwd pesign >/dev/null || useradd -r -g pesign -d %{_localstatedir}/lib/pesign -s /bin/false -c "PE-COFF signing daemon" pesign
 %service_add_pre pesign.service

 %preun
@ -92,7 +95,7 @@ getent passwd pesign >/dev/null || useradd -r -g pesign -d /var/lib/pesign -s /b

 %post
 %service_add_post pesign.service
-systemd-tmpfiles --create /usr/lib/tmpfiles.d/pesign.conf
+systemd-tmpfiles --create %{_libexecdir}/tmpfiles.d/pesign.conf

 %postun
 %service_del_preun pesign.service
@ -111,9 +114,9 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/pesign.conf
 %{_sysconfdir}/pki/
 %config %{_sysconfdir}/rpm/macros.pesign
 %{_mandir}/man?/*
-/var/lib/pesign
+%{_localstatedir}/lib/pesign
 %{_unitdir}/pesign.service
-/usr/lib/tmpfiles.d/pesign.conf
+%{_libexecdir}/tmpfiles.d/pesign.conf
 %dir %attr(0775,pesign,pesign) %{_sysconfdir}/pki/pesign
 %ghost %dir %attr(0770,pesign,pesign) /run/%{name}
 %dir %attr(0770,pesign,pesign) %{_localstatedir}/lib/%{name}