diff --git a/pthread-link.patch b/pthread-link.patch new file mode 100644 index 0000000..93e5680 --- /dev/null +++ b/pthread-link.patch @@ -0,0 +1,23 @@ +Index: yubico-piv-tool-2.2.0/ykcs11/CMakeLists.txt +=================================================================== +--- yubico-piv-tool-2.2.0.orig/ykcs11/CMakeLists.txt ++++ yubico-piv-tool-2.2.0/ykcs11/CMakeLists.txt +@@ -60,6 +60,9 @@ if(${ENABLE_HARDWARE_TESTS}) + set(HW_TESTS 1) + endif(${ENABLE_HARDWARE_TESTS}) + ++set(THREADS_PREFER_PTHREAD_FLAG ON) ++find_package(Threads REQUIRED) ++ + # static library + if(BUILD_STATIC_LIB) + add_library(ykcs11 STATIC ${SOURCE}) +@@ -73,7 +76,7 @@ endif(BUILD_STATIC_LIB) + + # dynamic library + add_library(ykcs11_shared SHARED ${SOURCE}) +-target_link_libraries(ykcs11_shared ${LIBCRYPTO_LDFLAGS} ykpiv_shared) ++target_link_libraries(ykcs11_shared ${LIBCRYPTO_LDFLAGS} ykpiv_shared Threads::Threads) + set_target_properties(ykcs11_shared PROPERTIES SOVERSION ${SO_VERSION} VERSION ${VERSION}) + set_target_properties(ykcs11_shared PROPERTIES INSTALL_RPATH "${YKPIV_INSTALL_LIB_DIR}") + if(WIN32) diff --git a/yubico-piv-tool-2.0.0.tar.gz b/yubico-piv-tool-2.0.0.tar.gz deleted file mode 100644 index 2878288..0000000 --- a/yubico-piv-tool-2.0.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dae510ea88922720019029c7f0296ddc74bb30573e40d9bc18fc155023859488 -size 1701905 diff --git a/yubico-piv-tool-2.0.0.tar.gz.sig b/yubico-piv-tool-2.0.0.tar.gz.sig deleted file mode 100644 index f752459..0000000 Binary files a/yubico-piv-tool-2.0.0.tar.gz.sig and /dev/null differ diff --git a/yubico-piv-tool-2.2.0.tar.gz b/yubico-piv-tool-2.2.0.tar.gz new file mode 100644 index 0000000..7e0ff21 --- /dev/null +++ b/yubico-piv-tool-2.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:74cb2e03c7137c0dd529f35a230b4a598121cb71b10d7e55b91fd0cdefcac457 +size 1321651 diff --git a/yubico-piv-tool-2.2.0.tar.gz.sig b/yubico-piv-tool-2.2.0.tar.gz.sig new file mode 100644 index 0000000..c340589 Binary files /dev/null and b/yubico-piv-tool-2.2.0.tar.gz.sig differ diff --git a/yubico-piv-tool.changes b/yubico-piv-tool.changes index e7e07e0..308d61c 100644 --- a/yubico-piv-tool.changes +++ b/yubico-piv-tool.changes @@ -1,3 +1,35 @@ +------------------------------------------------------------------- +Sun Feb 28 18:33:22 UTC 2021 - Dirk Müller + +- update to 2.2.0: + * ykpiv: Increased SO version + * ykpiv: Fixed minor memory leaks + * ykpiv: Improved error handling + * ykpiv: Improved handling of PCSC card validation + * ykcs11: Updated Cryptoki version + * ykcs11: Support for CKM_ECDH1_DERIVE mechanism info + * ykcs11: Support for destroying ECDH derived keys + * ykcs11: Improved handling of PIN after device re-connection + * ykcs11: Improved debug logging + * cmd: Improved parsing of certificate Distinguished Name to allow an escape character + * cmd: Warning to discourage generating RSA1024 keys + * build: Use of platform standard installation path when building yubico-piv-tool + * tests: Improved testing + * Replaced building with autotool with building with cmake + * Security update for YSA-2020-02 + * ykpiv: Fixed potential memory leaks + * ykpiv: Use PIN-protected MGMT key if the device is configured that way + * ykpiv: Added attestation to CSR if requested + * ykpiv: Fixed compatibility with LibreSSL + * ykcs11: Improved handling of error codes + * ykcs11: Improved handling of examples in the PKCS11 specifications + * ykcs11: Added the possibility to have debug output as a runtime setting + * ykcs11: Added support to unblock PIN with PUK + * ykcs11: Make C_SetPIN backwards compatible while also allowing unblock PIN + * tests: Improved tests +- run tests +- add pthread-link.patch + ------------------------------------------------------------------- Sun Mar 1 00:11:08 UTC 2020 - Marcus Rueckert diff --git a/yubico-piv-tool.spec b/yubico-piv-tool.spec index 6ebea07..5abaf99 100644 --- a/yubico-piv-tool.spec +++ b/yubico-piv-tool.spec @@ -1,7 +1,7 @@ # # spec file for package yubico-piv-tool # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,9 +16,9 @@ # -%define sover 1 +%define sover 2 Name: yubico-piv-tool -Version: 2.0.0 +Version: 2.2.0 Release: 0 Summary: Yubico YubiKey NEO CCID Manager License: BSD-2-Clause @@ -26,8 +26,12 @@ Group: Productivity/Networking/Security URL: https://developers.yubico.com/ Source0: https://developers.yubico.com/yubico-piv-tool/Releases/%{name}-%{version}.tar.gz Source1: https://developers.yubico.com/yubico-piv-tool/Releases/%{name}-%{version}.tar.gz.sig +Patch1: pthread-link.patch +BuildRequires: c++_compiler BuildRequires: check-devel -BuildRequires: libtool +BuildRequires: cmake +BuildRequires: gengetopt +BuildRequires: help2man BuildRequires: pcsc-lite-devel BuildRequires: pkgconfig BuildRequires: valgrind @@ -76,14 +80,18 @@ Yubikey NEO PKCS#11 applet library. %prep %setup -q +%autopatch -p1 %build -%configure --disable-static --with-backend=pcsc -make %{?_smp_mflags} V=1 +%cmake -DBUILD_STATIC_LIB=OFF +%cmake_build + +%check +cd build +make test %install -%make_install INSTALL="install -p" -find %{buildroot} -type f -name "*.la" -delete -print +%cmake_install %post -n libykpiv%{sover} -p /sbin/ldconfig %postun -n libykpiv%{sover} -p /sbin/ldconfig @@ -92,7 +100,7 @@ find %{buildroot} -type f -name "*.la" -delete -print %files %license COPYING -%doc NEWS ChangeLog README +%doc NEWS README %{_bindir}/%{name} %{_mandir}/man1/*