rpm/openCryptoki
SHA256
1
0
Fork 0
forked from pool/openCryptoki
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openCryptoki?expand=0&rev=1

Browse Source
This commit is contained in:
OBS User unknown 2007-01-15 23:27:33 +00:00 committed by Git OBS Bridge
commit f6f067176e
21 changed files with 4648 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

12
ock_222_cmd_fix_ptr_to_arr.diff Normal file
View File

@ -0,0 +1,12 @@
diff -Naur ./openCryptoki-2.2.2-rc2/usr/sbin/pkcsslotd/garbage_linux.h openCryptoki-2.2.2-rc2-cmd_fix/usr/sbin/pkcsslotd/garbage_linux.h
--- ./openCryptoki-2.2.2-rc2/usr/sbin/pkcsslotd/garbage_linux.h 2006-04-04 14:45:04.000000000 -0500
+++ openCryptoki-2.2.2-rc2-cmd_fix/usr/sbin/pkcsslotd/garbage_linux.h 2006-04-04 14:50:40.000000000 -0500
@@ -301,7 +301,7 @@
pid; /* process id */
char
- *cmd, /* command line string vector for /proc/<pid>/cmdline */
+ cmd[16], /* command line string vector for /proc/<pid>/cmdline */
state; /* single-char code for process state [R, S, D, Z, or T] */
int

143
ock_222_proc_struct_cmd_20060309.diff Normal file
View File

@ -0,0 +1,143 @@
Index: usr/sbin/pkcsslotd/garbage_linux.c
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/sbin/pkcsslotd/garbage_linux.c,v
retrieving revision 1.4
diff -a -u -r1.4 garbage_linux.c
--- usr/sbin/pkcsslotd/garbage_linux.c 24 Jan 2006 17:18:25 -0000 1.4
+++ usr/sbin/pkcsslotd/garbage_linux.c 9 Mar 2006 17:06:15 -0000
@@ -295,91 +295,15 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
-/* #include "garbage_linux.h" */
#pragma info(restore)
-
#define PROC_BASE "/proc"
-
extern BOOL GCBlockSignals (void);
-
#if !defined(NOGARBAGE)
-
-/*
- * Basic data structure which holds information we can get about a process.
- * (unless otherwise specified, fields are read from /proc/<pid>/stat)
- *
- * Comes from task_struct in linux/sched.h
- */
-typedef struct {
- int
- pid; /* process id */
-
- char
- *cmd, /* command line string vector for /proc/<pid>/cmdline */
- state; /* single-char code for process state [R, S, D, Z, or T] */
-
- int
- ppid, /* pid of parent process */
- pgrp, /* process group id */
- session, /* session id */
- tty, /* full device number of controlling terminal */
- tpgid; /* terminal process group id */
-
- unsigned long
- flags, /* kernel flags for the process */
- min_flt, /* number of minor page faults since process start */
- cmin_flt, /* cumulative min_flt of process and child processes */
- maj_flt, /* number of major page faults since process start */
- cmaj_flt, /* cumulative maj_flt of process and child processes */
- utime, /* user-mode CPU time accumulated by process */
- stime; /* kernel-mode CPU time accumulated by process */
-
- long
- cutime, /* cumulative utime of process and reaped children */
- cstime, /* cumulative stime of process and reaped children */
- priority, /* kernel scheduling priority */
- nice, /* standard unix nice level of process */
- timeout, /* ? */
- it_real_value; /* ? */
-
- unsigned long
- start_time, /* start time of process -- seconds since 1-1-70 */
- vsize; /* number of pages of virtual memory ... */
-
- long
- rss; /* resident set size from /proc/<pid>/stat (pages) */
-
- unsigned long
- rss_rlim, /* resident set size limit? */
- start_code, /* address of beginning of code segment */
- end_code, /* address of end of code segment */
- start_stack, /* address of the bottom of stack for the process */
- kstk_esp, /* kernel stack pointer */
- kstk_eip; /* kernel instruction pointer */
-
- char
- /* Linux 2.1.7x and up have more signals. This handles 88. */
- /* long long (instead of char xxxxxx[24]) handles 64 */
- signal[24], /* mask of pending signals */
- blocked[24], /* mask of blocked signals */
- sigignore[24], /* mask of ignored signals */
- sigcatch[24]; /* mask of caught signals */
-
- unsigned long
- wchan, /* address of kernel wait channel proc is sleeping in */
- nswap, /* ? */
- cnswap; /* cumulative nswap ? */
-
- int
- exit_signal,
- processor;
-
-} proc_t;
-
+#include "garbage_linux.h"
#ifdef PKCS64
BOOL IsValidProcessEntry ( pid_t_64 pid, time_t_64 RegTime );
Index: usr/sbin/pkcsslotd/garbage_linux.h
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/sbin/pkcsslotd/garbage_linux.h,v
retrieving revision 1.2
diff -a -u -r1.2 garbage_linux.h
--- usr/sbin/pkcsslotd/garbage_linux.h 24 Jan 2006 17:18:26 -0000 1.2
+++ usr/sbin/pkcsslotd/garbage_linux.h 9 Mar 2006 17:06:24 -0000
@@ -291,18 +291,11 @@
*/
-/* (C) COPYRIGHT International Business Machines Corp. 2001 */
-
+/* (C) COPYRIGHT International Business Machines Corp. 2001 */
#ifndef GARBAGE_LINUX_H
#define GARBAGE_LINUX_H
-/*
- * Basic data structure which holds all information we can get about a process.
- * (unless otherwise specified, fields are read from /proc/#/stat)
- *
- * Most of it comes from task_struct in linux/sched.h
- */
typedef struct {
int
pid; /* process id */
@@ -323,7 +316,7 @@
min_flt, /* number of minor page faults since process start */
cmin_flt, /* cumulative min_flt of process and child processes */
maj_flt, /* number of major page faults since process start */
- cmaj_flt; /* cumulative maj_flt of process and child processes */
+ cmaj_flt, /* cumulative maj_flt of process and child processes */
utime, /* user-mode CPU time accumulated by process */
stime; /* kernel-mode CPU time accumulated by process */
@@ -369,6 +362,5 @@
} proc_t;
-
#endif

35
ock_64_bit_fixes.diff Normal file
View File

@ -0,0 +1,35 @@
diff -Naur ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/api/apiutil.c ./openCryptoki-2.2.2-rc2-64_bit_fixes/usr/lib/pkcs11/api/apiutil.c
--- ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/api/apiutil.c 2006-04-10 22:22:16.000000000 +0200
+++ ./openCryptoki-2.2.2-rc2-64_bit_fixes/usr/lib/pkcs11/api/apiutil.c 2006-04-10 22:23:07.000000000 +0200
@@ -1026,16 +1026,17 @@
// Check for the name specified to be corre
sprintf(path,"%s",sinfp->dll_location); // make a copy since dir name can change the memory
- sprintf(path2,"%s/stdll",LIBLOCATION); // make a copy since dir name can change the memory
dname = dirname(path);
+ sprintf(path2,"%s/stdll%s",LIBLOCATION,&(sinfp->dll_location[strlen(dname)])); // make a copy since dir name can change the memory
+ /*
if (strcmp(dname,path2) != 0 ) {
// Not in the location we expect
sltp->dlop_p = NULL;
return 0;
}
-
- dllload[i].dlop_p = dlopen(sinfp->dll_location,RTLD_NOW);
+ */
+ dllload[i].dlop_p = dlopen(path2,RTLD_NOW);
if (dllload[i].dlop_p != NULL ){
sltp->dlop_p = dllload[i].dlop_p;
diff -Naur ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/common/utility.c ./openCryptoki-2.2.2-rc2-64_bit_fixes/usr/lib/pkcs11/common/utility.c
--- ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/common/utility.c 2006-04-10 22:22:16.000000000 +0200
+++ ./openCryptoki-2.2.2-rc2-64_bit_fixes/usr/lib/pkcs11/common/utility.c 2006-04-10 22:22:53.000000000 +0200
@@ -294,6 +294,7 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#include <sys/shm.h>
#include <pthread.h>
#include <sys/stat.h>
#include <sys/ipc.h>

25
ock_add_free_mech_list_20060131.diff Normal file
View File

@ -0,0 +1,25 @@
Index: ./usr/lib/pkcs11/ica_s390_stdll/ica_specific.c
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/lib/pkcs11/ica_s390_stdll/ica_specific.c,v
retrieving revision 1.6
diff -a -u -r1.6 ica_specific.c
--- ./usr/lib/pkcs11/ica_s390_stdll/ica_specific.c 4 Jan 2006 15:05:50 -0000 1.6
+++ ./usr/lib/pkcs11/ica_s390_stdll/ica_specific.c 31 Jan 2006 17:06:13 -0000
@@ -2050,6 +2050,7 @@
int rc = CKR_OK;
struct mech_list_item head;
struct mech_list_item *walker;
+ head.next = NULL;
#if 1
rc = ock_generic_get_mechanism_list(pMechanismList, pulCount);
if (rc != CKR_OK) {
@@ -2090,7 +2091,8 @@
walker = next;
}
#endif
- out:
+out:
+ free_mech_list(&head);
return rc;
}

11
ock_head_ptr_to_null_20060308.diff Normal file
View File

@ -0,0 +1,11 @@
diff -Naur ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/ica_s390_stdll/ica_specific.c openCryptoki-2.2.2-rc2-head_ptr_to_null/usr/lib/pkcs11/ica_s390_stdll/ica_specific.c
--- ./openCryptoki-2.2.2-rc2/usr/lib/pkcs11/ica_s390_stdll/ica_specific.c 2006-03-08 13:06:28.000000000 -0500
+++ openCryptoki-2.2.2-rc2-head_ptr_to_null/usr/lib/pkcs11/ica_s390_stdll/ica_specific.c 2006-03-08 13:07:11.000000000 -0500
@@ -2110,6 +2110,7 @@
int rc = CKR_MECHANISM_INVALID;
struct mech_list_item head;
struct mech_list_item *walker;
+ head.next = NULL;
#if 1
rc = ock_generic_get_mechanism_info(type, pInfo);
if (rc == CKR_OK) {

3
openCryptoki-2.2.2-rc2.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:38e80887e0fadf5d6ca2c7ba7a561dbdc98f01595148bc62d31f8fe848930a5b
size 612893

1320
openCryptoki-TFAQ.html Normal file
View File

File diff suppressed because it is too large Load Diff

135
openCryptoki-autoconf.patch Normal file
View File

@ -0,0 +1,135 @@
--- find_files.sh
+++ find_files.sh
@@ -21,7 +21,7 @@
# Recursively search these paths for header or library file(s)
#
HDR_PATHS="${ADDED_INCS} /usr/include /usr/local/include /usr/X11R6/include $HOME/include"
-LIB_PATHS="${ADDED_LIBS} /lib /usr/lib /usr/local/lib /usr/X11R6/lib $HOME/lib"
+LIB_PATHS="${ADDED_LIBS} /lib /lib64 /usr/lib /usr/lib64 /usr/local/lib /usr/local/lib64 /usr/X11R6/lib $HOME/lib"
if [ "$1" == "LIB" ]; then
--- usr/lib/pkcs11/aep_stdll/Makefile.am
+++ usr/lib/pkcs11/aep_stdll/Makefile.am
@@ -4,7 +4,7 @@
PKCS11_AEP_so_LDFLAGS = $(LCRYPTO) $(AEP_LIB_DIRS) -nostartfiles -shared -Wl,-soname,PKCS11_AEP.so.1 -lc -lpthread -lcrypto -laep
-CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON -DAEP_GENERIC
+AM_CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON -DAEP_GENERIC
VPATH= ./:../common
--- usr/lib/pkcs11/api/Makefile.am
+++ usr/lib/pkcs11/api/Makefile.am
@@ -2,7 +2,7 @@
bin_PROGRAMS=PKCS11_API.so
bindir=/tmp
PKCS11_API_so_LDFLAGS = -g -nostartfiles -shared -Wl,-soname,$@ -Wl,-Bsymbolic -lc -ldl -lpthread
-CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DAPI -DDEV -D_THREAD_SAFE -DLINUX -fPIC
+AM_CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DAPI -DDEV -D_THREAD_SAFE -DLINUX -fPIC
PKCS11_API_so_SOURCES = api_interface.c shrd_mem.c apiutil.c
INCLUDES = -I../. -I../../../include/pkcs11
--- usr/lib/pkcs11/bcom_stdll/Makefile.am
+++ usr/lib/pkcs11/bcom_stdll/Makefile.am
@@ -5,7 +5,7 @@
PKCS11_BC_so_LDFLAGS = $(LCRYPTO) $(BC_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,PKCS11_BC.so.1 -lc -lpthread -lubsec -ldl -lcrypto
VARIANT = -DSHALLOW=0 -DSWTOK=1 -DLITE=0
-CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DNOAES -DNODH -DDEBUGON -D_LINUX -D_LINUX_
+AM_CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DNOAES -DNODH -DDEBUGON -D_LINUX -D_LINUX_
VPATH= ./:../common
--- usr/lib/pkcs11/cr_stdll/Makefile.am
+++ usr/lib/pkcs11/cr_stdll/Makefile.am
@@ -5,7 +5,7 @@
PKCS11_CR_so_LDFLAGS = $(LCRYPTO) $(CR_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,PKCS11_BC.so.1 -lc -lpthread -lsocketarmor -ldl -lcrypto
VARIANT = -DSHALLOW=0 -DSWTOK=1 -DLITE=0
-CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON -D_LINUX -D_LINUX_
+AM_CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON -D_LINUX -D_LINUX_
VPATH= ./:../common
--- usr/lib/pkcs11/ica_s390_stdll/Makefile.am
+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am
@@ -6,7 +6,7 @@
PKCS11_ICA_so_LDFLAGS = $(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,$@ -Wl,-Bsymbolic -lc -lpthread -lica -ldl -lcrypto
-CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH -DNOAES -DNOCDMF -DNOMD2 -DNODSA -D_LINUX -D_LINUX_
+AM_CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH -DNOAES -DNOCDMF -DNOMD2 -DNODSA -D_LINUX -D_LINUX_
VPATH= ./:../common
--- usr/lib/pkcs11/ica_stdll/Makefile.am
+++ usr/lib/pkcs11/ica_stdll/Makefile.am
@@ -4,7 +4,7 @@
PKCS11_ICA_so_LDFLAGS = $(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,PKCS11_ICA.so.1 -lc -lpthread -lica -ldl -lcrypto
-CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNOCDMF -DNOMD2 -DNODSA -DNOAES -DNODH -D_LINUX -D_LINUX_
+AM_CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNOCDMF -DNOMD2 -DNODSA -DNOAES -DNODH -D_LINUX -D_LINUX_
VPATH= ./:../common
--- usr/lib/pkcs11/leeds_stdll/Makefile.am
+++ usr/lib/pkcs11/leeds_stdll/Makefile.am
@@ -5,7 +5,7 @@
LIBS = -lscc
-CFLAGS = $(PERFFLAG) -DDEV -D_THREAD_SAFE -DLINUX -DLEEDS_BUILD -DAIXSTDLL -D_LINUX_
+AM_CFLAGS = $(PERFFLAG) -DDEV -D_THREAD_SAFE -DLINUX -DLEEDS_BUILD -DAIXSTDLL -D_LINUX_
PKCS11_4758_so_SOURCES = host_api.c util.c
--- usr/lib/pkcs11/methods/4758_status/Makefile.am
+++ usr/lib/pkcs11/methods/4758_status/Makefile.am
@@ -3,9 +3,9 @@
bindir=/tmp
-LDFLAGS = $(SCC_LIB_DIRS) -ldl -lpthread
+AM_LDFLAGS = $(SCC_LIB_DIRS) -ldl -lpthread
LIBS = -lscc
-CFLAGS = $(PERFFLAG) -DDEV -D_THREAD_SAFE -DLINUX -DDEBUG -DAPI
+AM_CFLAGS = $(PERFFLAG) -DDEV -D_THREAD_SAFE -DLINUX -DDEBUG -DAPI
SOURCES = 4758_status.c
--- usr/lib/pkcs11/methods/pkcsconf/Makefile.am
+++ usr/lib/pkcs11/methods/pkcsconf/Makefile.am
@@ -4,7 +4,7 @@
pkcsconf_LDFLAGS = -lpthread -ldl
-CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DLINUX -D_THREAD_SAFE -DDEBUG -DDEV -DAPI
+AM_CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DLINUX -D_THREAD_SAFE -DDEBUG -DDEV -DAPI
pkcsconf_SOURCES = pkcsconf.c
--- usr/lib/pkcs11/soft_stdll/Makefile.am
+++ usr/lib/pkcs11/soft_stdll/Makefile.am
@@ -4,7 +4,7 @@
PKCS11_SW_so_LDFLAGS = $(LCRYPTO) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,PKCS11_SW.so.1 -lc -lpthread -lcrypto
-CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON
+AM_CFLAGS = $(PERFFLAG) -DSPINXPL -DDEV -D_THREAD_SAFE -DLINUX -fPIC -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON
VPATH= ./:../common
--- usr/sbin/pkcsslotd/Makefile.am
+++ usr/sbin/pkcsslotd/Makefile.am
@@ -4,7 +4,7 @@
pkcsslotd_LDFLAGS = -lpthread
-CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DLINUX -DPROGRAM_NAME=\"$(@)\" -DNOODM -DNODAE
+AM_CFLAGS = $(PERFFLAG) $(PKCS64_FLG) -DSPINXPL -DLINUX -DPROGRAM_NAME=\"$(@)\" -DNOODM -DNODAE
pkcsslotd_SOURCES = slotmgr.c shmem.c signal.c mutex.c err.c log.c daemon.c no_odm.c garbage_linux.c

1534
openCryptoki-compile-fixes.patch Normal file
View File

File diff suppressed because it is too large Load Diff

81
openCryptoki-config.patch Normal file
View File

@ -0,0 +1,81 @@
? opencryptoki-include-fix.patch
Index: Makefile.am
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/Makefile.am,v
retrieving revision 1.2
diff -u -r1.2 Makefile.am
--- Makefile.am 3 Jun 2005 18:18:35 -0000 1.2
+++ Makefile.am 11 Jan 2006 13:24:51 -0000
@@ -1,5 +1,5 @@
SUBDIRS = usr testcases
-SPEC=rpm//openCryptoki-$(shell uname -m).spec
+SPEC=rpm//openCryptoki-$(host_cpu).spec
rpm: ${SPEC}
rm -rf /usr/src/openCryptoki
Index: usr/include/pkcs11/Makefile.am
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/include/pkcs11/Makefile.am,v
retrieving revision 1.3
diff -u -r1.3 Makefile.am
--- usr/include/pkcs11/Makefile.am 1 Jun 2005 15:08:35 -0000 1.3
+++ usr/include/pkcs11/Makefile.am 11 Jan 2006 13:24:51 -0000
@@ -1,5 +1,5 @@
opencryptoki_headers = apiclient.h pkcs11types.h pkcs11.h
-opencryptokiincludedir=$(DESTDIR)/$(includedir)/opencryptoki
+opencryptokiincludedir=$(includedir)/opencryptoki
opencryptokiinclude_HEADERS = $(opencryptoki_headers)
Index: usr/lib/pkcs11/api/Makefile.am
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/lib/pkcs11/api/Makefile.am,v
retrieving revision 1.28
diff -u -r1.28 Makefile.am
--- usr/lib/pkcs11/api/Makefile.am 3 Aug 2005 02:43:41 -0000 1.28
+++ usr/lib/pkcs11/api/Makefile.am 11 Jan 2006 13:24:51 -0000
@@ -37,29 +37,3 @@
mkdir -p $(DESTDIR)/$(libdir)/opencryptoki/stdll
cd $(DESTDIR)/$(libdir)/pkcs11 && rm -f stdll && \
ln -sf ../opencryptoki/stdll/ stdll
- -groupadd pkcs11
- if test "x$(prefix)" = "x/usr"; then \
- mkdir -p $(DESTDIR)/var/lib/opencryptoki ; \
- chown root:pkcs11 $(DESTDIR)/var/lib/opencryptoki ; \
- chmod 775 $(DESTDIR)/var/lib/opencryptoki ; \
- if [ ! -L $(DESTDIR)/etc/pkcs11 ] ; then \
- if [ -e $(DESTDIR)/etc/pkcs11/* ] ; then \
- mv $(DESTDIR)/etc/pkcs11/* $(DESTDIR)/var/lib/opencryptoki ; \
- fi ; \
- fi ;\
- cd $(DESTDIR)/etc && rm -rf pkcs11 && \
- ln -sf $(DESTDIR)/var/lib/opencryptoki pkcs11 ; \
- else \
- mkdir -p $(DESTDIR)/$(localstatedir)/lib/opencryptoki ; \
- chown root:pkcs11 $(DESTDIR)/$(localstatedir)/lib/opencryptoki ; \
- chmod 775 $(DESTDIR)/$(localstatedir)/lib/opencryptoki ; \
- if [ ! -L $(DESTDIR)/$(sysconfdir)/pkcs11 ] ; then \
- if [ -e $(DESTDIR)/$(sysconfdir)/pkcs11/* ] ; then \
- mv $(DESTDIR)/$(sysconfdir)/pkcs11/* \
- $(DESTDIR)/$(localstatedir)/lib/opencryptoki ; \
- fi ; \
- fi ; \
- mkdir -p $(DESTDIR)/$(sysconfdir) ; \
- cd $(DESTDIR)/$(sysconfdir) && rm -rf pkcs11 && \
- ln -sf $(DESTDIR)/$(localstatedir)/lib/opencryptoki pkcs11 ; \
- fi
Index: usr/lib/pkcs11/methods/4758_status/Makefile.am
===================================================================
RCS file: /cvsroot/opencryptoki/opencryptoki/usr/lib/pkcs11/methods/4758_status/Makefile.am,v
retrieving revision 1.2
diff -u -r1.2 Makefile.am
--- usr/lib/pkcs11/methods/4758_status/Makefile.am 22 Feb 2005 20:48:07 -0000 1.2
+++ usr/lib/pkcs11/methods/4758_status/Makefile.am 11 Jan 2006 13:25:00 -0000
@@ -11,6 +11,6 @@
install-data-local:
mkdir -p $(INSROOT)/usr/lib/pkcs11/methods; \
- if [ $(shell uname -m) != s390x ] ;then cp 4758_status \
+ if [ $(host_cpu) != s390x ] ;then cp 4758_status \
$(INSROOT)/usr/lib/pkcs11/methods/; fi; \
rm -f /tmp/4758*;

11
openCryptoki-no_mmap.patch Normal file
View File

@ -0,0 +1,11 @@
--- configure.in 2006-01-11 13:16:18.000000000 -0600
+++ configure.in 2006-01-25 16:32:36.000000000 -0600
@@ -246,7 +246,7 @@
AC_MSG_RESULT([*** Disabling the Corrent Crypto Accelerator token at user request ***])
fi
-CFLAGS="$CFLAGS -DMMAP -DPKCS64 \
+CFLAGS="$CFLAGS -DPKCS64 \
-DCONFIG_PATH=\\\"$CONFIG_PATH\\\" \
-DSBIN_PATH=\\\"$SBIN_PATH\\\" \
-DLIB_PATH=\\\"$LIB_PATH\\\" \

331
openCryptoki-per_user.patch Normal file
View File

@ -0,0 +1,331 @@
--- usr/lib/pkcs11/common/loadsave.c 2006-01-25 17:06:14.000000000 -0600
+++ usr/lib/pkcs11/common/loadsave.c 2006-01-25 18:02:20.000000000 -0600
@@ -320,9 +320,21 @@
void
set_perm(int file)
{
+#ifdef PER_USER_TOKEN
/* With per user data stores, we don't share the token data amongst a
* group. In fact, we want to restrict access to a single user */
fchmod(file,S_IRUSR|S_IWUSR);
+#else
+ struct group *grp;
+
+ // Set absolute permissions or rw-rw-r--
+ fchmod(file,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH);
+
+ grp = getgrnam("pkcs11"); // Obtain the group id
+ if (grp){
+ fchown(file,getuid(),grp->gr_gid); // set ownership to root, and pkcs11 group
+ }
+#endif
}
//
@@ -339,6 +351,7 @@
CK_ULONG clear_len, cipher_len;
#endif
CK_RV rc;
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -347,6 +360,9 @@
}
sprintf((char *)fname,"%s/%s/%s",(char *)pk_dir, pw->pw_name, PK_LITE_NV);
+#else
+ sprintf((char *)fname,"%s/%s",(char *)pk_dir, PK_LITE_NV);
+#endif
rc = XProcLock( xproclock );
if (rc != CKR_OK){
@@ -440,6 +456,7 @@
#endif
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -448,6 +465,9 @@
}
sprintf((char *)fname,"%s/%s/%s",(char *)pk_dir, pw->pw_name, PK_LITE_NV);
+#else
+ sprintf((char *)fname,"%s/%s",pk_dir, PK_LITE_NV);
+#endif
rc = XProcLock( xproclock );
if (rc != CKR_OK){
@@ -507,8 +527,9 @@
CK_BYTE line[100];
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
-
+#endif
if (object_is_private(obj) == TRUE)
rc = save_private_token_object( obj );
@@ -521,6 +542,7 @@
}
// update the index file if it exists
//
+#ifdef PER_USER_TOKEN
if ((pw = getpwuid(getuid())) == NULL){
LogError("getpwuid failed: %s", strerror(errno));
return CKR_FUNCTION_FAILED;
@@ -528,6 +550,9 @@
sprintf((char *)fname,"%s/%s/%s/%s",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
+#else
+ sprintf((char *)fname,"%s/%s/%s",pk_dir,PK_LITE_OBJ_DIR,PK_LITE_OBJ_IDX);
+#endif
//fp = fopen( "/tmp/TOK_OBJ/OBJ.IDX", "r" );
fp = fopen( (char *)fname, "r" );
@@ -579,6 +604,7 @@
CK_BBOOL flag = FALSE;
CK_RV rc;
CK_ULONG_32 total_len;
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -588,6 +614,9 @@
sprintf((char *)fname,"%s/%s/%s/",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR);
+#else
+ sprintf( (char *)fname,"%s/%s/", pk_dir,PK_LITE_OBJ_DIR);
+#endif
//strcpy( fname, "/tmp/TOK_OBJ/" );
strncat( (char *)fname, (char *) obj->name, 8 );
@@ -643,6 +672,7 @@
CK_RV rc;
CK_ULONG_32 obj_data_len_32;
CK_ULONG_32 total_len;
+#ifdef PER_USER_TOKEN
struct passwd * pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -652,6 +682,9 @@
sprintf((char *)fname,"%s/%s/%s/",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR);
+#else
+ sprintf( (char *)fname,"%s/%s/", pk_dir,PK_LITE_OBJ_DIR);
+#endif
rc = object_flatten( obj, &obj_data, &obj_data_len );
obj_data_len_32 = obj_data_len;
@@ -777,6 +810,7 @@
CK_BYTE tmp[2048], fname[2048],iname[2048];
CK_BBOOL priv;
CK_ULONG_32 size;
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -786,6 +820,9 @@
sprintf((char *)iname,"%s/%s/%s/%s",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
+#else
+ sprintf((char *)iname,"%s/%s/%s",pk_dir,PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
+#endif
//fp1 = fopen("/tmp/TOK_OBJ/OBJ.IDX", "r");
fp1 = fopen((char *)iname, "r");
@@ -798,7 +835,11 @@
tmp[ strlen((char *)tmp)-1 ] = 0;
//strcpy(fname,"/tmp/TOK_OBJ/");
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/%s/",pk_dir, pw->pw_name, PK_LITE_OBJ_DIR);
+#else
+ sprintf((char *)fname,"%s/%s/",pk_dir, PK_LITE_OBJ_DIR);
+#endif
strcat((char *)fname, (char *)tmp );
fp2 = fopen( (char *)fname, "r" );
@@ -849,6 +890,7 @@
CK_BBOOL priv;
CK_ULONG_32 size;
CK_RV rc;
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -858,6 +900,9 @@
sprintf((char *)iname,"%s/%s/%s/%s",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
+#else
+ sprintf((char *)iname,"%s/%s/%s",pk_dir,PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
+#endif
//fp1 = fopen("/tmp/TOK_OBJ/OBJ.IDX", "r");
fp1 = fopen((char *)iname, "r");
@@ -870,7 +915,11 @@
tmp[ strlen((char *)tmp)-1 ] = 0;
//strcpy(fname,"/tmp/TOK_OBJ/");
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/%s/",pk_dir, pw->pw_name, PK_LITE_OBJ_DIR);
+#else
+ sprintf((char *)fname,"%s/%s/",pk_dir,PK_LITE_OBJ_DIR);
+#endif
strcat((char *)fname,(char *) tmp );
fp2 = fopen( (char *)fname, "r" );
@@ -1057,6 +1106,7 @@
CK_ULONG cipher_len, clear_len, hash_len;
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd * pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -1065,6 +1115,9 @@
}
sprintf((char *)fname,"%s/%s/MK_SO",(char *)pk_dir, pw->pw_name);
+#else
+ sprintf((char *)fname,"%s/MK_SO",pk_dir);
+#endif
memset( master_key, 0x0, 3*DES_KEY_SIZE );
@@ -1167,6 +1220,7 @@
CK_ULONG cipher_len, clear_len, hash_len;
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd * pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -1175,6 +1229,9 @@
}
sprintf((char *)fname,"%s/%s/MK_USER",(char *)pk_dir, pw->pw_name);
+#else
+ sprintf((char *)fname,"%s/MK_USER",pk_dir);
+#endif
memset( master_key, 0x0, 3*DES_KEY_SIZE );
@@ -1274,12 +1331,14 @@
CK_ULONG hash_len, cleartxt_len, ciphertxt_len, padded_len;
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd * pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
LogError("getpwuid failed: %s", strerror(errno));
return CKR_FUNCTION_FAILED;
}
+#endif
memcpy( mk.key, master_key, 3 * DES_KEY_SIZE);
@@ -1329,7 +1388,11 @@
//
// probably ought to ensure the permissions are correct
//
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/MK_SO",(char *)pk_dir, pw->pw_name);
+#else
+ sprintf((char *)fname,"%s/MK_SO",pk_dir);
+#endif
//fp = fopen( "/tmp/MK_SO", "w" );
fp = fopen( (char *)fname, "w" );
if (!fp) {
@@ -1369,12 +1432,14 @@
CK_ULONG hash_len, cleartxt_len, ciphertxt_len, padded_len;
CK_RV rc;
CK_BYTE fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd * pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
LogError("getpwuid failed: %s", strerror(errno));
return CKR_FUNCTION_FAILED;
}
+#endif
memcpy( mk.key, master_key, 3 * DES_KEY_SIZE);
@@ -1426,7 +1491,11 @@
//
// probably ought to ensure the permissions are correct
//
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/MK_USER",(char *)pk_dir, pw->pw_name);
+#else
+ sprintf((char *)fname,"%s/MK_USER", pk_dir);
+#endif
//fp = fopen( "/tmp/MK_USER", "w" );
fp = fopen( (char *)fname, "w" );
if (!fp) {
@@ -1463,17 +1532,22 @@
CK_ULONG_32 size;
CK_ULONG size_64;
CK_RV rc;
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
LogError("getpwuid failed: %s", strerror(errno));
return CKR_FUNCTION_FAILED;
}
-
+#endif
memset( (char *)fname, 0x0, sizeof(fname) );
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/%s/",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR);
+#else
+ sprintf((char *)fname,"%s/%s/",pk_dir, PK_LITE_OBJ_DIR);
+#endif
// strcpy(fname, "/tmp/TOK_OBJ/" );
strncat((char *)fname,(char *) obj->name, 8 );
@@ -1532,6 +1606,7 @@
FILE *fp1, *fp2;
CK_BYTE line[100];
CK_BYTE objidx[2048], idxtmp[2048],fname[2048];
+#ifdef PER_USER_TOKEN
struct passwd *pw = NULL;
if ((pw = getpwuid(getuid())) == NULL){
@@ -1543,7 +1618,10 @@
PK_LITE_OBJ_DIR, PK_LITE_OBJ_IDX);
sprintf((char *)idxtmp,"%s/%s/%s/%s",(char *)pk_dir, pw->pw_name,
PK_LITE_OBJ_DIR, "IDX.TMP");
-
+#else
+ sprintf((char *)objidx,"%s/%s/%s",pk_dir, PK_LITE_OBJ_DIR,PK_LITE_OBJ_IDX);
+ sprintf((char *)idxtmp,"%s/%s/%s",pk_dir, PK_LITE_OBJ_DIR, "IDX.TMP");
+#endif
// FIXME: on UNIX, we need to make sure these guys aren't symlinks
// before we blindly write to these files...
@@ -1600,7 +1678,11 @@
fclose(fp1);
fclose(fp2);
+#ifdef PER_USER_TOKEN
sprintf((char *)fname,"%s/%s/%s/%s",pk_dir, pw->pw_name, PK_LITE_OBJ_DIR, (char *)obj->name);
+#else
+ sprintf((char *)fname,"%s/%s/%s",pk_dir, PK_LITE_OBJ_DIR,(char *)obj->name);
+#endif
unlink((char *)fname);
return CKR_OK;

32
openCryptoki-pkcsslotd-removepidfile.patch Normal file
View File

@ -0,0 +1,32 @@
--- usr/include/pkcs11/slotmgr.h
+++ usr/include/pkcs11/slotmgr.h
@@ -325,7 +325,7 @@
#endif
-#define PID_FILE_PATH CONFIG_PATH "/.slotpid"
+#define PID_FILE_PATH "/var/run/pkcsslotd.pid"
#ifndef CK_BOOL
#define CK_BOOL CK_BBOOL
--- usr/sbin/pkcsslotd/slotmgr.c
+++ usr/sbin/pkcsslotd/slotmgr.c
@@ -314,6 +314,10 @@
void DumpSharedMemory ( void );
+void unlink_pidfile(void)
+{
+ unlink(PID_FILE_PATH);
+}
/*****************************************
* main() -
@@ -575,6 +579,7 @@
fprintf(pidfile,"%d",getpid());
fclose(pidfile);
}
+ atexit(unlink_pidfile);
}
#pragma info(none)

11
openCryptoki-prototypes.patch Normal file
View File

@ -0,0 +1,11 @@
--- usr/lib/pkcs11/api/shrd_mem.c.in
+++ usr/lib/pkcs11/api/shrd_mem.c.in
@@ -322,6 +322,8 @@
#include <slotmgr.h>
#include <apictl.h>
+#include <string.h>
+
#define MAPFILENAME "@CONFIG_PATH@/.apimap"
extern API_Proc_Struct_t *Anchor;

107
openCryptoki-retval.patch Normal file
View File

@ -0,0 +1,107 @@
--- testcases/login/login.c
+++ testcases/login/login.c
@@ -82,7 +82,7 @@
} else {
printf("usage: %s [-slot <num>] [-h] [-pass passwd] [-user|-so]\n\n", argv[0] );
printf("By default, Slot %d is used, as user\n\n", SLOT_ID_DEFAULT);
- return;
+ return 0;
}
}
--- testcases/oc-digest/oc-digest.c
+++ testcases/oc-digest/oc-digest.c
@@ -164,7 +164,7 @@
if( (rc = funcs->C_Initialize( &initialize_args )) != CKR_OK ) {
oc_err_msg("C_Initialize", rc);
- return;
+ return clean_up();
}
/* stat the file for size, etc */
--- testcases/rsa_test/rsa_test_genkey.c
+++ testcases/rsa_test/rsa_test_genkey.c
@@ -544,7 +544,7 @@
printf("By default, Slot #1 is used\n\n");
printf("By default we skip anything that creates or modifies\n");
printf("token objects to preserve flash lifetime.\n");
- return;
+ return 0;
}
}
@@ -552,7 +552,7 @@
rc = do_GetFunctionList();
if (!rc)
- return;
+ return 0;
memset( &cinit_args, 0x0, sizeof(cinit_args) );
cinit_args.flags = CKF_OS_LOCKING_OK;
@@ -564,7 +564,8 @@
rc = do_EncryptRSA_PKCS();
if (!rc)
- return;
+ return 0;
funcs->C_Finalize( NULL );
+ return 0;
}
--- testcases/rsa_test/rsa_thread_test.c
+++ testcases/rsa_test/rsa_thread_test.c
@@ -417,7 +417,7 @@
threads[index].processed = loopcount - failed;
threads[index].ops = (float) ((float)(loopcount - failed) / (float)diff);
- return;
+ return 0;
errordecrypt:
//if (len1 != len2) {
// printf(" ERROR: lengths don't match\n");
--- testcases/v2.11/aes_func.c
+++ testcases/v2.11/aes_func.c
@@ -1946,7 +1946,7 @@
if ((rc = funcs->C_Initialize(&initialize_args)) != CKR_OK) {
OC_ERR_MSG("C_Initialize", rc);
- return;
+ return 0;
}
--- testcases/v2.11/hw_fn.c
+++ testcases/v2.11/hw_fn.c
@@ -289,7 +289,7 @@
if( (rc = funcs->C_Initialize( &initialize_args )) != CKR_OK ) {
OC_ERR_MSG("C_Initialize", rc);
- return;
+ return 0;
}
/* Open a session with the token */
--- testcases/v2.11/login.c
+++ testcases/v2.11/login.c
@@ -63,7 +63,7 @@
if( (rc = funcs->C_Initialize( &initialize_args )) != CKR_OK ) {
oc_err_msg("C_Initialize", rc);
- return;
+ return 0;
}
//
--- testcases/v2.11/rijndael.c
+++ testcases/v2.11/rijndael.c
@@ -925,7 +925,7 @@
if( (rc = funcs->C_Initialize( &initialize_args )) != CKR_OK ) {
OC_ERR_MSG("C_Initialize", rc);
- return;
+ return 0;
}
/* Open a session with the token */

261
openCryptoki.changes Normal file
View File

@ -0,0 +1,261 @@
-------------------------------------------------------------------
Fri Oct 20 02:25:46 CEST 2006 - ro@suse.de
- fix missing return values from non-void funcs
-------------------------------------------------------------------
Fri Apr 21 13:06:00 CEST 2006 - uli@suse.de
- pkcsslotd: create PID file in the right place, delete it on
exit (bug #164664)
-------------------------------------------------------------------
Tue Apr 11 13:29:07 CEST 2006 - uli@suse.de
- added 64-bit patches from IBM (bug #145666)
-------------------------------------------------------------------
Mon Apr 10 13:30:50 CEST 2006 - uli@suse.de
- added small change missing from patch for bug #156651
-------------------------------------------------------------------
Mon Apr 3 13:57:52 CEST 2006 - uli@suse.de
- fixed location of pkcs11_startup in init script (bug #162372)
-------------------------------------------------------------------
Mon Mar 13 15:05:17 CET 2006 - uli@suse.de
- fixed proc_t structure mixup (bug #156651)
-------------------------------------------------------------------
Thu Mar 9 17:18:33 CET 2006 - uli@suse.de
- initialize head pointer (bug #156229)
-------------------------------------------------------------------
Mon Mar 6 13:20:21 CET 2006 - uli@suse.de
- %ghost symlinks that are generated in %post (bug #154961)
-------------------------------------------------------------------
Thu Feb 2 13:15:13 CET 2006 - uli@suse.de
- stuffed memleak (patch by IBM, bug #147036)
-------------------------------------------------------------------
Wed Feb 1 13:31:05 CET 2006 - uli@suse.de
- changed RPM layout to meet IBM's demands (based on patch by IBM,
bug #145666)
- removed mmap, per-user data store support (patch by IBM, bug
#145666)
-------------------------------------------------------------------
Wed Jan 25 21:38:59 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Thu Jan 12 10:25:37 CET 2006 - hare@suse.de
- Update to 2.2.2-rc2
-------------------------------------------------------------------
Wed Jan 11 17:11:58 CET 2006 - hare@suse.de
- Update to 2.2.1-rc2
- Fixed build errors
- Cleaned up spec file.
-------------------------------------------------------------------
Wed Dec 14 01:32:20 CET 2005 - ro@suse.de
- copy TFAQ to build directory (fix build)
-------------------------------------------------------------------
Mon Dec 12 15:35:22 CET 2005 - hare@suse.de
- Update to 2.1.6-rc5.
- Port fixes from SLES9 SP3.
-------------------------------------------------------------------
Tue Nov 15 18:03:22 CET 2005 - uli@suse.de
- enabled for ARM
-------------------------------------------------------------------
Thu Feb 17 12:58:00 CET 2005 - od@suse.de
- fix #50050:
- ./configure.in: wrong test against $host makes ppc(64) miss
-DPKCS64 in CFLAGS
- corrected: S390 flag was set for ppc in this conditional
-------------------------------------------------------------------
Mon Aug 16 12:52:01 CEST 2004 - ro@suse.de
- run full autoreconf / simplify specfile a little
-------------------------------------------------------------------
Tue Apr 27 08:26:46 CEST 2004 - hare@suse.de
- Print correct error message (#37427 again).
-------------------------------------------------------------------
Fri Apr 23 08:18:14 CEST 2004 - hare@suse.de
- Check for the correct module on startup (#37427)
-------------------------------------------------------------------
Sun Apr 18 17:57:30 CEST 2004 - olh@suse.de
- update to openCryptoki-2.1.5, ppc64 version (#39026)
-------------------------------------------------------------------
Wed Feb 18 01:29:07 CET 2004 - ro@suse.de
- adapt filelist on ppc
-------------------------------------------------------------------
Thu Feb 12 14:27:08 CET 2004 - kukuk@suse.de
- Fix owner/group of files/directories
-------------------------------------------------------------------
Fri Dec 5 12:28:30 CET 2003 - ro@suse.de
- no need to specify "root" as supplementary group for root,
it's already primary
-------------------------------------------------------------------
Wed Jul 30 18:12:32 CEST 2003 - hare@suse.de
- Update to openCryptoki-2.1.3
- Fixed configure errors.
-------------------------------------------------------------------
Mon Jun 23 02:12:34 CEST 2003 - ro@suse.de
- added directories to filelist
-------------------------------------------------------------------
Wed Jun 4 00:31:28 CEST 2003 - ro@suse.de
- remove CVS subdirs
- remove unpackaged files from buildroot
-------------------------------------------------------------------
Thu Nov 21 01:34:11 CET 2002 - ro@suse.de
- removed duplicates from configure.in
-------------------------------------------------------------------
Tue Oct 1 10:51:18 CEST 2002 - froh@suse.de
- exclude ppc64 from the architectures, the package is built for.
64bit mode is not supported by IBM yet; dlopen wrappers are also
missing 64bit filename handling. (#20380)
- actually compress the openCryptoki-1.4*.tar.bz2
-------------------------------------------------------------------
Tue Sep 24 20:18:36 CEST 2002 - ro@suse.de
- make it even build ...
-------------------------------------------------------------------
Tue Sep 24 14:25:51 CEST 2002 - froh@suse.de
- make openCryptoki-XXbit PreReq: openCryptoki to enforce pkcs11 group
creation before package installation (#20079)
- correct version number (the patch actiually lifts openCryptoki to 1.5)
- fix groupadd call to no longer silently ignore errors in all cases
using (hopefully) posix exit codes. alternative would be to use
undocumented '-f' option of groupadd.
-------------------------------------------------------------------
Fri Sep 20 13:37:22 CEST 2002 - froh@suse.de
- add user root to group pkcs11 to enable root to administrate the
crypto hardware support (#19566)
-------------------------------------------------------------------
Mon Aug 26 17:24:21 CEST 2002 - okir@suse.de
- misc security fixes (#18377)
-------------------------------------------------------------------
Fri Aug 23 17:14:45 CEST 2002 - froh@suse.de
- replaced openCryptoki-tools with openCryptoki-32bit and
openCryptoki-64bit
-------------------------------------------------------------------
Thu Aug 22 10:45:35 CEST 2002 - froh@suse.de
- moved dlopen objects that are available for non-x86 out of the
ifarch ix86
- moved postun to tools subpackge (which contains the daemon)
- removed include files. no development support for now.
- replaced %%ix86, etc by appropriate generic %%openCryptoki_tools_arch
and %%openCryptoki_no_tools_arch
-------------------------------------------------------------------
Wed Aug 21 12:06:21 CEST 2002 - ro@suse.de
- replaced all i386 occurrences with %ix86
- changed filelist to what's really built
-------------------------------------------------------------------
Tue Aug 20 12:24:50 CEST 2002 - froh@suse.de
- split package to openCryptoki and openCryptoki-tools to allow
parallel installation of 32bit tools with 64bit dlopen objects for
foreign middleware.
- removed automatical insserv on install, because the package needs
manual configuration (#18031)
-------------------------------------------------------------------
Mon Aug 12 11:01:37 CEST 2002 - froh@suse.de
- added missing %post before insserv (Bug #17600)
-------------------------------------------------------------------
Fri Aug 9 13:03:05 CEST 2002 - kukuk@suse.de
- Fix path in PreReq.
-------------------------------------------------------------------
Wed Aug 7 12:36:09 CEST 2002 - froh@suse.de
- add groupadd pkcs11 in %pre install
-------------------------------------------------------------------
Mon Jul 29 17:21:49 CEST 2002 - froh@suse.de
- updated to current version
- removed old START_ variable
-------------------------------------------------------------------
Fri Jun 14 00:07:03 CEST 2002 - ro@suse.de
- always use macros when calling insserv
-------------------------------------------------------------------
Tue Apr 9 21:06:49 CEST 2002 - bk@suse.de
- add lib64 support
-------------------------------------------------------------------
Tue Feb 5 11:01:16 CET 2002 - froh@suse.de
- Added openssl to #neededforbuild, which is needed in addition to
openssl-devel
-------------------------------------------------------------------
Wed Jan 30 16:20:48 CET 2002 - froh@suse.de
- initial version
-------------------------------------------------------------------

149
openCryptoki.pkcsslotd Normal file
View File

@ -0,0 +1,149 @@
#! /bin/sh
# Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
#
# Author: Jiri Smid <feedback@suse.de>
#
# /etc/init.d/pkcsslotd
#
# and symbolic its link
#
# /usr/sbin/rcpkcsslotd
#
### BEGIN INIT INFO
# Provides: pkcsslotd
# Required-Start: z90crypt
# Required-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Description: Start the pkcsslotd daemon
### END INIT INFO
. /etc/rc.status
# Check for missing binaries (stale symlinks should not happen)
PKCSSLOTD_BIN=/usr/sbin/pkcsslotd
test -x $PKCSSLOTD_BIN || exit 5
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
# Check for machine architecture
PKCS_ARCH=$(/bin/uname -m)
# First reset status of this service
rc_reset
case "$1" in
start)
case "$PKCS_ARCH" in
s390|s390x)
PKCS_MODULE="z90crypt"
;;
*)
PKCS_MODULE="leedslite"
;;
esac
lsmod | grep $PKCS_MODULE > /dev/null 2>&1 \
|| echo "$PKCS_MODULE module is not installed - PKCS#11 will not be hardware accelerated"
echo -n "Starting pkcsslotd daemon:"
# Generate the configuration information
/usr/sbin/pkcs11_startup
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
if [ ! -f /var/run/pkcsslotd.pid ]; then
# /var/run/pkcsslotd.pid does not exist
startproc -f $PKCSSLOTD_BIN
elif ! ps -h --pid `cat /var/run/pkcsslotd.pid` | grep "$PKCSSLOTD_BIN" 2>&1 >/dev/null; then
# /var/run/pkcsslotd.pid exists but named pid not
rm -f /var/run/pkcsslotd.pid
startproc -f $PKCSSLOTD_BIN
else
# just to have "failed" message
startproc $PKCSSLOTD_BIN
fi
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down pkcsslotd daemon:"
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
killproc -p /var/run/pkcsslotd.pid -TERM $PKCSSLOTD_BIN
# Remember status and be verbose
rc_status -v
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reload service pkcsslotd"
## if it supports it:
killproc -p /var/run/pkcsslotd.pid -HUP $PKCSSLOTD_BIN
#touch /var/run/pkcsslotd.pid
rc_status -v
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
# If it supports signalling:
echo -n "Reload service pkcsslotd"
killproc -p /var/run/pkcsslotd.pid -HUP $PKCSSLOTD_BIN
#touch /var/run/pkcsslotd.pid
rc_status -v
# If it does not support reload:
#exit 3
;;
status)
echo -n "Checking for service pkcsslotd: "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
# NOTE: checkproc returns LSB compliant status values.
checkproc $PKCSSLOTD_BIN
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit

423
openCryptoki.spec Normal file
View File

@ -0,0 +1,423 @@
#
# spec file for package openCryptoki (Version 2.2.2)
#
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: openCryptoki
BuildRequires: gcc-c++ libica openssl-devel
Summary: An Implementation of PKCS#11 (Cryptoki) v2.01 for IBM Cryptographic Hardware
Version: 2.2.2
Release: 27
License: Other License(s), see package, IBM Public License
Group: Productivity/Security
# :pserver:anonymous@cvs.sourceforge.net:/cvsroot/opencryptoki
# cvs co -r openCryptoki-2-1-5 -d openCryptoki-2-1-5 .
Source: openCryptoki-2.2.2-rc2.tar.bz2
Source1: openCryptoki.pkcsslotd
Source2: openCryptoki-TFAQ.html
Patch0: openCryptoki-autoconf.patch
Patch1: openCryptoki-config.patch
Patch3: openCryptoki-compile-fixes.patch
Patch4: openCryptoki-no_mmap.patch
Patch5: openCryptoki-per_user.patch
Patch6: openCryptoki-prototypes.patch
Patch7: ock_add_free_mech_list_20060131.diff
Patch8: ock_head_ptr_to_null_20060308.diff
Patch9: ock_222_proc_struct_cmd_20060309.diff
Patch10: ock_222_cmd_fix_ptr_to_arr.diff
Patch11: ock_64_bit_fixes.diff
Patch12: openCryptoki-pkcsslotd-removepidfile.patch
Patch13: openCryptoki-retval.patch
URL: http://oss.software.ibm.com/developerworks/opensource/opencryptoki
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: /usr/sbin/groupadd /usr/bin/id /usr/sbin/usermod /bin/sed
Requires: libica
%define oc_cvs_tag openCryptoki-2.2.2-rc2
# the userland tools are only maintained in 32bit, when a 32bit
# userland compatibility is available for the corresponding 64bit
# architecture.
#
# Thus, the user is supposed to install the 32bit package and the
# additional 64bit package together.
#
#
# openCryptoki contains the common files. is always installed natively
# openCryptoki-32bit contains the 32bit binaries for native use and
# for the 'other' distribution
# openCryptoki-64bit contains the 64bit binaries for use on the 'other' distribution
%define openCryptoki_32bit_arch %ix86 s390 ppc %arm
# support in the workings for: ppc64
# no support in sight for: ia64 x86_64
%define openCryptoki_64bit_arch s390x ppc64
# autobuild:/work/cd/lib/misc/group
# openCryptoki pkcs11:x:64:
%define pkcs11_group_id 64
# IBM maintains openCryptoki on these architectures:
ExclusiveArch: %openCryptoki_32bit_arch %openCryptoki_64bit_arch
#
%description
The PKCS#11 version 2.01 API implemented for the IBM cryptographic
cards. This package includes support for the IBM 4758 cryptographic
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries).
%ifarch %openCryptoki_32bit_arch
%package 32bit
%else
%package 64bit
%endif
Summary: Implementation of PKCS#11 (Cryptoki) v2.01 for IBM Crypto Hardware
Group: Productivity/Security
# this is needed to make sure the pkcs11 group exists before
# installation:
PreReq: openCryptoki
%ifarch %openCryptoki_32bit_arch
%description 32bit
This is a re-packaged binary rpm. For the package source, please look
for the source of the package without the "32bit" ending
The PKCS#11 version 2.01 API implemented for the IBM cryptographic
cards. This package includes support for the IBM 4758 cryptographic
co-processor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries).
%else
%description 64bit
This is a re-packaged binary rpm. For the package source, please look
for the source of the package without the "64bit" ending
The PKCS#11 Version 2.01 api implemented for the IBM Crypto cards. This
package includes support for the IBM 4758 Cryptographic CoProcessor
(with the PKCS#11 firmware loaded) and the IBM eServer Cryptographic
Accelerator (FC 4960 on pSeries)
%endif
%package devel
Summary: An Implementation of PKCS#11 (Cryptoki) v2.01 for IBM Cryptographic Hardware
Group: Productivity/Security
Requires: openCryptoki = %{version}-%{release}, glibc-devel, openssl-devel
%description devel
The PKCS#11 version 2.01 API implemented for the IBM cryptographic
cards. This package includes support for the IBM 4758 cryptographic
co-processor (with the PKCS#11 firmware loaded) and the IBM eServer
Cryptographic Accelerator (FC 4960 on pSeries).
%prep
%setup -n %{oc_cvs_tag}
%patch1
%patch3
%patch4
%patch5
%patch6
%patch7
%patch8 -p1
%patch9
%patch10 -p1
%patch11 -p2
%patch12
%patch13
cp %{SOURCE2} .
#find -name CVS -type d -print0 | xargs -0 rm -rfv
%build
autoreconf --force --install
CFLAGS="$RPM_OPT_FLAGS -D__USE_BSD" ./configure --prefix=/usr --libdir=%{_libdir}
make
%install
make install DESTDIR=$RPM_BUILD_ROOT INSROOT=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/usr/include
mkdir -p $RPM_BUILD_ROOT/var/lib/opencryptoki
mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/usr/sbin
cp -av %{S:1} $RPM_BUILD_ROOT/etc/init.d/pkcsslotd
ln -sfv ../../etc/init.d/pkcsslotd $RPM_BUILD_ROOT/usr/sbin/rcpkcsslotd
rm -rf $RPM_BUILD_ROOT/tmp
# Remove all development files
rm -f $RPM_BUILD_ROOT${_libdir}/opencryptoki/libopencryptoki.la
#
# FIX to build it on ppc64
#
# %ifarch ppc64
# rm -f $RPM_BUILD_ROOT/usr/lib/pkcs11/methods/pkcs11_startup
# rm -f $RPM_BUILD_ROOT/usr/lib/pkcs11/methods/pkcs_slot
# rm -f $RPM_BUILD_ROOT/usr/lib/pkcs11/stdll/PKCS11_SW.so
# rm -f $RPM_BUILD_ROOT/usr/sbin/pkcsslotd
# %endif
%ifnarch %openCryptoki_32bit_arch
rm -f $RPM_BUILD_ROOT/etc/init.d/pkcsslotd
rm -f $RPM_BUILD_ROOT/usr/include/opencryptoki/apiclient.h
rm -f $RPM_BUILD_ROOT/usr/include/opencryptoki/pkcs11.h
rm -f $RPM_BUILD_ROOT/usr/include/opencryptoki/pkcs11types.h
rm -f $RPM_BUILD_ROOT/usr/lib64/opencryptoki/libopencryptoki.la
rm -f $RPM_BUILD_ROOT/usr/lib64/opencryptoki/stdll/libpkcs11_ica.la
rm -f $RPM_BUILD_ROOT/usr/lib64/opencryptoki/stdll/libpkcs11_sw.la
rm -f $RPM_BUILD_ROOT/usr/sbin/pkcs11_startup
rm -f $RPM_BUILD_ROOT/usr/sbin/pkcs_slot
rm -f $RPM_BUILD_ROOT/usr/sbin/pkcsconf
rm -f $RPM_BUILD_ROOT/usr/sbin/pkcsslotd
rm -f $RPM_BUILD_ROOT/usr/sbin/rcpkcsslotd
%endif
rm -f $RPM_BUILD_ROOT/%_libdir/opencryptoki/methods
%pre
# autobuild:/work/cd/lib/misc/group
# openCryptoki pkcs11:x:64:
/usr/sbin/groupadd -g %pkcs11_group_id -o -r pkcs11 2>/dev/null || true
# add root to group pkcs11 to enable root to run pkcsconf
/usr/sbin/usermod -G $(/usr/bin/id --groups --name root | /bin/sed \
-e 's/root//' -e '
# add the pkcs group if it is missing
/(^| )pkcs11( |$)/!s/$/ pkcs11/
# replace spaces by commas
y/ /,/
'),pkcs11 root
%ifarch %openCryptoki_32bit_arch
%postun
if [ -L %{_sysconfdir}/pkcs11 ] ; then
rm %{_sysconfdir}/pkcs11
fi
%postun 32bit
# remove the openCryptoki start script
%{insserv_cleanup}
%endif
%ifarch %openCryptoki_32bit_arch
%post 32bit
# Old library name links
cd %{_libdir}/opencryptoki && ln -sf ./libopencryptoki.so PKCS11_API.so
ln -sf %{_sbindir} %{_libdir}/opencryptoki/methods
rm -rf %{_libdir}/pkcs11/stdll
if [ -d %{_libdir}/pkcs11 ] ; then
cd %{_libdir}/pkcs11
ln -sf ../opencryptoki/stdll stdll
cd stdll
[ -f libpkcs11_ica.so ] && ln -sf ./libpkcs11_ica.so PKCS11_ICA.so || true
[ -f libpkcs11_sw.so ] && ln -sf ./libpkcs11_sw.so PKCS11_SW.so || true
fi
%else
%post 64bit
# Old library name for 64bit libs were under /usr/lib/pkcs11. For migration purposes only.
test -d /usr/lib/pkcs11 || mkdir -p /usr/lib/pkcs11
ln -sf %{_libdir}/opencryptoki/libopencryptoki.so /usr/lib/pkcs11/PKCS11_API.so64
%endif
%post
# Symlink from /var/lib/opencryptoki to /etc/pkcs11
if [ ! -L %{_sysconfdir}/pkcs11 ] ; then
if [ -e %{_sysconfdir}/pkcs11/pk_config_data ] ; then
mv %{_sysconfdir}/pkcs11/* %{_localstatedir}/lib/opencryptoki
cd %{_sysconfdir} && rm -rf pkcs11 && \
ln -sf %{_localstatedir}/lib/opencryptoki pkcs11
fi
fi
###################################################################
%ifarch %openCryptoki_32bit_arch
%files
%defattr(-,root,root)
%doc openCryptoki-TFAQ.html
# configuration directory
%dir %attr(755,root,pkcs11) /var/lib/opencryptoki
/etc/init.d/pkcsslotd
/usr/sbin/rcpkcsslotd
# utilities
/usr/sbin/pkcsslotd
/usr/sbin/pkcs11_startup
/usr/sbin/pkcsconf
/usr/sbin/pkcs_slot
%dir %{_libdir}/opencryptoki
%dir %{_libdir}/opencryptoki/stdll
%files 32bit
%defattr(-,root,root)
# these don't conflict because they only exist as 64bit binaries if
# there is no 32bit version of them usable
%{_libdir}/opencryptoki/libopencryptoki.so
%ghost %{_libdir}/opencryptoki/PKCS11_API.so
%{_libdir}/opencryptoki/*.0
%{_libdir}/opencryptoki/stdll/libpkcs11_ica.so
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_ICA.so
%ifnarch s390 s390x
%{_libdir}/opencryptoki/stdll/libpkcs11_sw.so
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_SW.so
%endif
%{_libdir}/opencryptoki/stdll/*.0
%dir %{_libdir}/pkcs11
%ghost %{_libdir}/pkcs11/stdll
%ghost %{_libdir}/pkcs11/methods
%{_libdir}/pkcs11/*.so
%{_libdir}/libopencryptoki.so
%{_libdir}/libopencryptoki.so.0
%files devel
%defattr(-,root,root)
%dir %{_libdir}/opencryptoki
%dir %{_libdir}/opencryptoki/stdll
%{_libdir}/opencryptoki/*.la
%{_libdir}/opencryptoki/stdll/*.la
%{_includedir}/opencryptoki
###################################################################
%else # not openCryptoki_32bit_arch but 64bit arch
%files 64bit
%defattr(-,root,root)
%dir %_libdir/opencryptoki
%{_libdir}/opencryptoki/*.so
%{_libdir}/opencryptoki/*.0
%dir %_libdir/opencryptoki/stdll
%{_libdir}/opencryptoki/stdll/*.so
%{_libdir}/opencryptoki/stdll/*.0
%{_libdir}/pkcs11
%{_libdir}/libopencryptoki.so
%{_libdir}/libopencryptoki.so.0
%endif
%changelog -n openCryptoki
* Fri Oct 20 2006 - ro@suse.de
- fix missing return values from non-void funcs
* Fri Apr 21 2006 - uli@suse.de
- pkcsslotd: create PID file in the right place, delete it on
exit (bug #164664)
* Tue Apr 11 2006 - uli@suse.de
- added 64-bit patches from IBM (bug #145666)
* Mon Apr 10 2006 - uli@suse.de
- added small change missing from patch for bug #156651
* Mon Apr 03 2006 - uli@suse.de
- fixed location of pkcs11_startup in init script (bug #162372)
* Mon Mar 13 2006 - uli@suse.de
- fixed proc_t structure mixup (bug #156651)
* Thu Mar 09 2006 - uli@suse.de
- initialize head pointer (bug #156229)
* Mon Mar 06 2006 - uli@suse.de
- %%ghost symlinks that are generated in %%post (bug #154961)
* Thu Feb 02 2006 - uli@suse.de
- stuffed memleak (patch by IBM, bug #147036)
* Wed Feb 01 2006 - uli@suse.de
- changed RPM layout to meet IBM's demands (based on patch by IBM,
bug #145666)
- removed mmap, per-user data store support (patch by IBM, bug
[#145666])
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Jan 12 2006 - hare@suse.de
- Update to 2.2.2-rc2
* Wed Jan 11 2006 - hare@suse.de
- Update to 2.2.1-rc2
- Fixed build errors
- Cleaned up spec file.
* Wed Dec 14 2005 - ro@suse.de
- copy TFAQ to build directory (fix build)
* Mon Dec 12 2005 - hare@suse.de
- Update to 2.1.6-rc5.
- Port fixes from SLES9 SP3.
* Tue Nov 15 2005 - uli@suse.de
- enabled for ARM
* Thu Feb 17 2005 - od@suse.de
- fix #50050:
- ./configure.in: wrong test against $host makes ppc(64) miss
-DPKCS64 in CFLAGS
- corrected: S390 flag was set for ppc in this conditional
* Mon Aug 16 2004 - ro@suse.de
- run full autoreconf / simplify specfile a little
* Tue Apr 27 2004 - hare@suse.de
- Print correct error message (#37427 again).
* Fri Apr 23 2004 - hare@suse.de
- Check for the correct module on startup (#37427)
* Sun Apr 18 2004 - olh@suse.de
- update to openCryptoki-2.1.5, ppc64 version (#39026)
* Wed Feb 18 2004 - ro@suse.de
- adapt filelist on ppc
* Thu Feb 12 2004 - kukuk@suse.de
- Fix owner/group of files/directories
* Fri Dec 05 2003 - ro@suse.de
- no need to specify "root" as supplementary group for root,
it's already primary
* Wed Jul 30 2003 - hare@suse.de
- Update to openCryptoki-2.1.3
- Fixed configure errors.
* Mon Jun 23 2003 - ro@suse.de
- added directories to filelist
* Wed Jun 04 2003 - ro@suse.de
- remove CVS subdirs
- remove unpackaged files from buildroot
* Thu Nov 21 2002 - ro@suse.de
- removed duplicates from configure.in
* Tue Oct 01 2002 - froh@suse.de
- exclude ppc64 from the architectures, the package is built for.
64bit mode is not supported by IBM yet; dlopen wrappers are also
missing 64bit filename handling. (#20380)
- actually compress the openCryptoki-1.4*.tar.bz2
* Tue Sep 24 2002 - ro@suse.de
- make it even build ...
* Tue Sep 24 2002 - froh@suse.de
- make openCryptoki-XXbit PreReq: openCryptoki to enforce pkcs11 group
creation before package installation (#20079)
- correct version number (the patch actiually lifts openCryptoki to 1.5)
- fix groupadd call to no longer silently ignore errors in all cases
using (hopefully) posix exit codes. alternative would be to use
undocumented '-f' option of groupadd.
* Fri Sep 20 2002 - froh@suse.de
- add user root to group pkcs11 to enable root to administrate the
crypto hardware support (#19566)
* Mon Aug 26 2002 - okir@suse.de
- misc security fixes (#18377)
* Fri Aug 23 2002 - froh@suse.de
- replaced openCryptoki-tools with openCryptoki-32bit and
openCryptoki-64bit
* Thu Aug 22 2002 - froh@suse.de
- moved dlopen objects that are available for non-x86 out of the
ifarch ix86
- moved postun to tools subpackge (which contains the daemon)
- removed include files. no development support for now.
- replaced %%ix86, etc by appropriate generic %%openCryptoki_tools_arch
and %%openCryptoki_no_tools_arch
* Wed Aug 21 2002 - ro@suse.de
- replaced all i386 occurrences with %%ix86
- changed filelist to what's really built
* Tue Aug 20 2002 - froh@suse.de
- split package to openCryptoki and openCryptoki-tools to allow
parallel installation of 32bit tools with 64bit dlopen objects for
foreign middleware.
- removed automatical insserv on install, because the package needs
manual configuration (#18031)
* Mon Aug 12 2002 - froh@suse.de
- added missing %%post before insserv (Bug #17600)
* Fri Aug 09 2002 - kukuk@suse.de
- Fix path in PreReq.
* Wed Aug 07 2002 - froh@suse.de
- add groupadd pkcs11 in %%pre install
* Mon Jul 29 2002 - froh@suse.de
- updated to current version
- removed old START_ variable
* Fri Jun 14 2002 - ro@suse.de
- always use macros when calling insserv
* Tue Apr 09 2002 - bk@suse.de
- add lib64 support
* Tue Feb 05 2002 - froh@suse.de
- Added openssl to #neededforbuild, which is needed in addition to
openssl-devel
* Wed Jan 30 2002 - froh@suse.de
- initial version

0
ready Normal file
View File