1
0

Accepting request 875814 from home:dirkmueller:Factory

- update to 2.2.0:
  * ykpiv: Increased SO version
  * ykpiv: Fixed minor memory leaks
  * ykpiv: Improved error handling
  * ykpiv: Improved handling of PCSC card validation
  * ykcs11: Updated Cryptoki version
  * ykcs11: Support for CKM_ECDH1_DERIVE mechanism info
  * ykcs11: Support for destroying ECDH derived keys
  * ykcs11: Improved handling of PIN after device re-connection
  * ykcs11: Improved debug logging
  * cmd: Improved parsing of certificate Distinguished Name to allow an escape character
  * cmd: Warning to discourage generating RSA1024 keys
  * build: Use of platform standard installation path when building yubico-piv-tool
  * tests: Improved testing
  * Replaced building with autotool with building with cmake
  * Security update for YSA-2020-02
  * ykpiv: Fixed potential memory leaks
  * ykpiv: Use PIN-protected MGMT key if the device is configured that way
  * ykpiv: Added attestation to CSR if requested
  * ykpiv: Fixed compatibility with LibreSSL
  * ykcs11: Improved handling of error codes
  * ykcs11: Improved handling of examples in the PKCS11 specifications
  * ykcs11: Added the possibility to have debug output as a runtime setting
  * ykcs11: Added support to unblock PIN with PUK
  * ykcs11: Make C_SetPIN backwards compatible while also allowing unblock PIN
  * tests: Improved tests 
- run tests
- add pthread-link.patch

OBS-URL: https://build.opensuse.org/request/show/875814
OBS-URL: https://build.opensuse.org/package/show/security/yubico-piv-tool?expand=0&rev=32
This commit is contained in:
Torsten Gruner 2021-03-02 06:16:17 +00:00 committed by Git OBS Bridge
parent 94d65bd980
commit 504faa7337
7 changed files with 75 additions and 12 deletions

23
pthread-link.patch Normal file
View File

@ -0,0 +1,23 @@
Index: yubico-piv-tool-2.2.0/ykcs11/CMakeLists.txt
===================================================================
--- yubico-piv-tool-2.2.0.orig/ykcs11/CMakeLists.txt
+++ yubico-piv-tool-2.2.0/ykcs11/CMakeLists.txt
@@ -60,6 +60,9 @@ if(${ENABLE_HARDWARE_TESTS})
set(HW_TESTS 1)
endif(${ENABLE_HARDWARE_TESTS})
+set(THREADS_PREFER_PTHREAD_FLAG ON)
+find_package(Threads REQUIRED)
+
# static library
if(BUILD_STATIC_LIB)
add_library(ykcs11 STATIC ${SOURCE})
@@ -73,7 +76,7 @@ endif(BUILD_STATIC_LIB)
# dynamic library
add_library(ykcs11_shared SHARED ${SOURCE})
-target_link_libraries(ykcs11_shared ${LIBCRYPTO_LDFLAGS} ykpiv_shared)
+target_link_libraries(ykcs11_shared ${LIBCRYPTO_LDFLAGS} ykpiv_shared Threads::Threads)
set_target_properties(ykcs11_shared PROPERTIES SOVERSION ${SO_VERSION} VERSION ${VERSION})
set_target_properties(ykcs11_shared PROPERTIES INSTALL_RPATH "${YKPIV_INSTALL_LIB_DIR}")
if(WIN32)

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dae510ea88922720019029c7f0296ddc74bb30573e40d9bc18fc155023859488
size 1701905

Binary file not shown.

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:74cb2e03c7137c0dd529f35a230b4a598121cb71b10d7e55b91fd0cdefcac457
size 1321651

Binary file not shown.

View File

@ -1,3 +1,35 @@
-------------------------------------------------------------------
Sun Feb 28 18:33:22 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 2.2.0:
* ykpiv: Increased SO version
* ykpiv: Fixed minor memory leaks
* ykpiv: Improved error handling
* ykpiv: Improved handling of PCSC card validation
* ykcs11: Updated Cryptoki version
* ykcs11: Support for CKM_ECDH1_DERIVE mechanism info
* ykcs11: Support for destroying ECDH derived keys
* ykcs11: Improved handling of PIN after device re-connection
* ykcs11: Improved debug logging
* cmd: Improved parsing of certificate Distinguished Name to allow an escape character
* cmd: Warning to discourage generating RSA1024 keys
* build: Use of platform standard installation path when building yubico-piv-tool
* tests: Improved testing
* Replaced building with autotool with building with cmake
* Security update for YSA-2020-02
* ykpiv: Fixed potential memory leaks
* ykpiv: Use PIN-protected MGMT key if the device is configured that way
* ykpiv: Added attestation to CSR if requested
* ykpiv: Fixed compatibility with LibreSSL
* ykcs11: Improved handling of error codes
* ykcs11: Improved handling of examples in the PKCS11 specifications
* ykcs11: Added the possibility to have debug output as a runtime setting
* ykcs11: Added support to unblock PIN with PUK
* ykcs11: Make C_SetPIN backwards compatible while also allowing unblock PIN
* tests: Improved tests
- run tests
- add pthread-link.patch
-------------------------------------------------------------------
Sun Mar 1 00:11:08 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>

View File

@ -1,7 +1,7 @@
#
# spec file for package yubico-piv-tool
#
# Copyright (c) 2020 SUSE LLC
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -16,9 +16,9 @@
#
%define sover 1
%define sover 2
Name: yubico-piv-tool
Version: 2.0.0
Version: 2.2.0
Release: 0
Summary: Yubico YubiKey NEO CCID Manager
License: BSD-2-Clause
@ -26,8 +26,12 @@ Group: Productivity/Networking/Security
URL: https://developers.yubico.com/
Source0: https://developers.yubico.com/yubico-piv-tool/Releases/%{name}-%{version}.tar.gz
Source1: https://developers.yubico.com/yubico-piv-tool/Releases/%{name}-%{version}.tar.gz.sig
Patch1: pthread-link.patch
BuildRequires: c++_compiler
BuildRequires: check-devel
BuildRequires: libtool
BuildRequires: cmake
BuildRequires: gengetopt
BuildRequires: help2man
BuildRequires: pcsc-lite-devel
BuildRequires: pkgconfig
BuildRequires: valgrind
@ -76,14 +80,18 @@ Yubikey NEO PKCS#11 applet library.
%prep
%setup -q
%autopatch -p1
%build
%configure --disable-static --with-backend=pcsc
make %{?_smp_mflags} V=1
%cmake -DBUILD_STATIC_LIB=OFF
%cmake_build
%check
cd build
make test
%install
%make_install INSTALL="install -p"
find %{buildroot} -type f -name "*.la" -delete -print
%cmake_install
%post -n libykpiv%{sover} -p /sbin/ldconfig
%postun -n libykpiv%{sover} -p /sbin/ldconfig
@ -92,7 +100,7 @@ find %{buildroot} -type f -name "*.la" -delete -print
%files
%license COPYING
%doc NEWS ChangeLog README
%doc NEWS README
%{_bindir}/%{name}
%{_mandir}/man1/*