rpm/parsec
SHA256
1
0
Fork 0
forked from pool/parsec
Code Pull Requests Activity

Accepting request 848361 from home:Guillaume_G:branches:security

Browse Source 
- Enable 'all-providers' which adds 'pkcs11-provider' compared to 
  previous config
- Drop unneeded patch:
  * pkcs11-libloading-issue.patch

OBS-URL: https://build.opensuse.org/request/show/848361
OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=3
This commit is contained in:
Guillaume GARDET 2020-11-13 14:30:27 +00:00 committed by Git OBS Bridge
parent 0cdf8cd906
commit 55c56f76c2
3 changed files with 10 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
parsec.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Fri Nov 13 14:19:05 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Enable 'all-providers' which adds 'pkcs11-provider' compared to
previous config
- Drop unneeded patch:
* pkcs11-libloading-issue.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Oct 23 15:10:32 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org> Fri Oct 23 15:10:32 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>

8
parsec.spec
View File

@ -17,7 +17,7 @@
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now' %global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
# Features available: mbed-crypto-provider, pkcs11-provider, tpm-provider, all-providers # Features available: mbed-crypto-provider, pkcs11-provider, tpm-provider, all-providers
%define features "mbed-crypto-provider,tpm-provider" %define features "all-providers"
%{?systemd_ordering} %{?systemd_ordering}
Name: parsec Name: parsec
Version: 0.6.0 Version: 0.6.0
@ -32,14 +32,11 @@ Source3: parsec.service
Source4: config.toml Source4: config.toml
Source5: parsec.conf Source5: parsec.conf
Source6: system-user-parsec.conf Source6: system-user-parsec.conf
# Borrowed from Fedora - https://src.fedoraproject.org/rpms/parsec/blob/master/f/pkcs11-libloading-issue.patch
Patch1: pkcs11-libloading-issue.patch
BuildRequires: cargo BuildRequires: cargo
BuildRequires: clang-devel BuildRequires: clang-devel
BuildRequires: cmake BuildRequires: cmake
BuildRequires: llvm-devel BuildRequires: llvm-devel
BuildRequires: protobuf-devel BuildRequires: protobuf-devel
BuildRequires: pkcs11-helper-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: pkgconfig(tss2-esys) >= 2.3.3 BuildRequires: pkgconfig(tss2-esys) >= 2.3.3
BuildRequires: python3 BuildRequires: python3
@ -57,11 +54,10 @@ enabling cloud-native delivery flows within the data center and at the edge.
%prep %prep
%setup -qa1 %setup -qa1
%patch1 -p1
mkdir .cargo mkdir .cargo
cp %{SOURCE2} .cargo/config cp %{SOURCE2} .cargo/config
sed -i -e 's#default = \[\]##' Cargo.toml sed -i -e 's#default = \[\]##' Cargo.toml
echo 'default = ["tpm-provider", "mbed-crypto-provider"]' >> Cargo.toml echo 'default = ["all-providers"]' >> Cargo.toml
%build %build
export PROTOC=%{_bindir}/protoc export PROTOC=%{_bindir}/protoc

16
pkcs11-libloading-issue.patch
View File

@ -1,16 +0,0 @@
diff --git a/src/providers/pkcs11/utils.rs b/src/providers/pkcs11/utils.rs
index 7f51e8d..1755226 100644
--- a/src/providers/pkcs11/utils.rs
+++ b/src/providers/pkcs11/utils.rs
@@ -284,7 +284,10 @@ impl CkMechanism {
/// of memory, hardware failure, corruption detection, lack of entropy and unsupported operations.
pub fn to_response_status(error: Error) -> ResponseStatus {
match error {
- Error::Io(e) => ResponseStatus::from(e),
+ Error::LibraryLoading{err} => {
+ format_error!("PKCS11 error to PsaErrorCommunicationFailure", err);
+ ResponseStatus::PsaErrorCommunicationFailure
+ },
Error::Module(e) | Error::InvalidInput(e) => {
format_error!("Conversion of error to PsaErrorCommunicationFailure", e);
ResponseStatus::PsaErrorCommunicationFailure