From 72313d167b544d1d5826b3b33d2e99dae8bf4b2c Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 30 2021 17:56:11 +0000 Subject: import esc-1.1.2-15.el8 --- diff --git a/SOURCES/esc-1.1.2-fix10.patch b/SOURCES/esc-1.1.2-fix10.patch new file mode 100644 index 0000000..7678b5a --- /dev/null +++ b/SOURCES/esc-1.1.2-fix10.patch @@ -0,0 +1,291 @@ +diff -up ./esc/esc-1.1.2/esc/src/app/esc.js.fix10 ./esc/esc-1.1.2/esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix10 2020-12-02 15:47:00.688951279 -0800 ++++ ./esc/src/app/esc.js 2020-12-02 15:47:00.690951273 -0800 +@@ -370,12 +370,20 @@ class ESC { + let nick = ""; + if(certObj.token == null) + token = "internal"; +- else ++ else { + token = certObj.token; ++ } + + nick = certObj.nick; +- +- certDetail = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', token + ":" + nick]); ++ ++ let tokenNick = '"' + token + ":" + nick + '"' ; ++ token = '"' + token + '"'; ++ let argv1 = ['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', tokenNick]; ++ ++ print("argv1: " + argv1); ++ ++ ++ certDetail = this._execProgram(argv1); + + return certDetail; + } +@@ -475,7 +483,7 @@ class ESC { + result = -1; + return result; + } +- ++ + result = stdoutb.toString(); + + } catch (e) { +@@ -792,19 +800,18 @@ class ESC { + let status = this._selectedTokenInfo.status; + + if(status == 4 /* enrolled */) { +- this._pinMgr = new PinDialog.pinDialog(this); +- this._pinMgr.launchPinPrompt(this._promptPinDone.bind(this)); ++ let coolkey_token = this._selectedTokenInfo; ++ ++ this._tokenInfoBuffer.text += ++ this.mgr.get_certs_info(coolkey_token); ++ + } + + } +- _promptPinDone(tempFileName) { +- +- let coolkey_token = this._selectedTokenInfo; +- +- this._tokenInfoBuffer.text += +- this._getCertList(coolkey_token,tempFileName) + "\n"; + ++ _promptPinDone(tempFileName) { + } ++ + _response_cb() { + if(this._messageDialog) { + this._messageDialog.destroy(); +diff -up ./esc/src/app/opensc.esc.conf.fix10 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix10 2020-12-02 15:51:05.812283690 -0800 ++++ ./esc/src/app/opensc.esc.conf 2020-12-02 15:51:30.835215539 -0800 +@@ -94,6 +94,7 @@ app default { + module_path = /usr/lib64; + } + framework pkcs15 { ++ use_file_caching = true; + builtin_emulators = coolkey, cac, cac1, PIV-II; + } + } +diff -up ./esc/src/app/pinDialog.js.fix10 ./esc/src/app/pinDialog.js +--- ./esc/src/app/pinDialog.js.fix10 2020-12-02 15:47:00.683951293 -0800 ++++ ./esc/src/app/pinDialog.js 2020-12-02 15:47:00.691951271 -0800 +@@ -94,7 +94,6 @@ pinDialog.prototype = { + if(this.notify) { + this.notify(this.tempFileName); + } +- + this.clearTempFile(); + this.dialog.destroy(); + this.dialog = null; +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 2020-12-02 16:25:29.075670723 -0800 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-12-02 16:30:53.310789119 -0800 +@@ -46,6 +46,7 @@ + + static const char *cac_manu_id= "Common Access Card"; + static const char *piv_manu_id= "piv II "; ++static const char *piv_manu_id_1= "piv_II"; + + //static char *test_extended_login = "s=325&msg_type=13&invalid_login=0&blocked=0&error=&required_parameter0=id%3DUSER%5FID%26name%3DUser+ID%26desc%3DUser+ID%26type%3Dstring%26option%3Doption1%2Coption2%2Coption3&required_parameter1=id%3DUSER%5FPWD%26name%3DUser+Password%26desc%3DUser+Password%26type%3Dpassword%26option%3D&required_parameter2=id%3DUSER%5FPIN%26name%3DPIN%26desc%3DOne+time+PIN+received+via+mail%26type%3Dpassword%26option%3D"; + +@@ -2300,7 +2301,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + if(!memcmp( tokenInfo.manufacturerID,cac_manu_id,strlen(cac_manu_id ))) { + isACAC = 1; + } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id, strlen(piv_manu_id))) { +- isAPIV = 1; ++ isAPIV = 1; ++ } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id_1, strlen(piv_manu_id_1))) { ++ isAPIV = 1; + } else { + isACOOLKey = 1; + } +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp +--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2020-12-02 15:47:00.691951271 -0800 +@@ -17,6 +17,8 @@ + + #include "coolkey-api.h" + #include "rhCoolKey.h" ++#include ++ + + static rhCoolKey *coolkey = NULL; + static const char * coolkeyDbusName = NULL; +@@ -79,6 +81,54 @@ char *coolkey_get_phone_home(char *url) + } + } + ++/* get a string with all the certs detail for a token */ ++ ++char *coolkey_get_certs_info(int keyType, const char *keyID) { ++ ++ string str_result; ++ if (coolkey == NULL) { ++ return NULL; ++ } ++ ++ char *result = NULL; ++ char **names = NULL; ++ PRUint32 count = 0; ++ HRESULT res = coolkey->GetCoolKeyCertNicknames(keyType, keyID, &count, &names); ++ ++ if(count > 0 && res == S_OK) { ++ for(int i = 0 ; i < count ; i++) { ++ char *curName = names[i]; ++ ++ if(curName) { ++ char *certDetail = NULL; ++ str_result = str_result + curName + "\n" ; ++ res = coolkey->GetCoolKeyCertInfo(keyType, keyID, curName, &certDetail); ++ if(res == S_OK && certDetail != NULL) { ++ str_result = str_result + certDetail + "\n"; ++ PL_strfree(certDetail); ++ certDetail = NULL; ++ } ++ } ++ } ++ } ++ ++ if(str_result.c_str()) { ++ result = PL_strdup((char *) str_result.c_str()); ++ } ++ ++ for(int i = 0 ; i < count ; i++) { ++ if(names[i]) { ++ PL_strfree(names[i]); ++ names[i] = NULL; ++ } ++ } ++ ++ PR_Free(names); ++ names = NULL; ++ ++ return result; ++} ++ + + /* get a block of data about a token in a structure format */ + tokenInfo *coolkey_get_token_info(int keyType, const char *keyID) { +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.h +--- ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.h 2020-12-02 15:47:00.691951271 -0800 +@@ -43,6 +43,8 @@ void coolkey_init(const char *db_dir, co + void coolkey_destroy(); + + char *coolkey_get_phone_home(char *url); ++char *coolkey_get_certs_info(int keyType, const char *keyID); ++ + tokenInfo *coolkey_get_token_info(int keyType,const char *keyID); + void coolkey_free_token_info(tokenInfo *tInfo); + +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.c +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.c 2020-12-02 15:47:00.691951271 -0800 +@@ -346,6 +346,36 @@ cleanup: + } + + ++gchar* ++coolkey_mgr_get_certs_info(CoolkeyMgr *self, CoolkeyToken* token) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ int keyTypeInt = 0; ++ gchar *certInfo = NULL; ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ keyTypeInt = atoi(keyType); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ certInfo = coolkey_get_certs_info(keyTypeInt, cuid); ++ ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return certInfo; ++} + + void + coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token) { +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.h +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.h 2020-12-02 15:47:00.691951271 -0800 +@@ -46,6 +46,8 @@ int coolkey_mgr_cancel_token_operation(C + + void coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token); + ++gchar * coolkey_mgr_get_certs_info(CoolkeyMgr*self, CoolkeyToken* token); ++ + gchar * coolkey_mgr_phone_home(CoolkeyMgr* self, gchar *url); + + gchar * coolkey_mgr_speak (CoolkeyMgr* self, gchar *words); +diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix10 ./esc/src/lib/coolkey/NSSManager.cpp +--- ./esc/src/lib/coolkey/NSSManager.cpp.fix10 2020-12-02 15:47:00.680951301 -0800 ++++ ./esc/src/lib/coolkey/NSSManager.cpp 2020-12-02 15:47:00.691951271 -0800 +@@ -41,7 +41,7 @@ + + #include + #include +- ++#include + #include "SlotUtils.h" + + static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS"); +@@ -314,7 +314,10 @@ NSSManager::GetKeyCertNicknames( const C + CERTCertificate *cert = node->cert; + if(cert) + { +- if(cert->slot != slot) ++ char *certSlotName = PK11_GetSlotName(cert->slot); ++ char *slotName = PK11_GetSlotName(slot); ++ ++ if(strcmp(certSlotName, slotName)) + { + CERT_RemoveCertListNode(node); + } +@@ -346,7 +349,10 @@ NSSManager::GetKeyCertNicknames( const C + PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetCertKeyNicknames name %s \n",GetTStamp(tBuff,56),curName)); + + string str = curName; +- aStrings.push_back (str); ++ ++ if (find(aStrings.begin(), aStrings.end(), str) == aStrings.end()) { ++ aStrings.push_back (str); ++ } + } + + CERT_FreeNicknames(nicknames); +@@ -691,6 +697,16 @@ HRESULT NSSManager::GetKeyCertInfo(const + aCertInfo = issuedToCNStr + "\n" + issuerCNStr + "\n" + + notBeforeStr + "\n" + notAfterStr + "\n" + serialStr ; + PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyCertInfo issuerCN %s issuedToCN %s \n",GetTStamp(tBuff,56),issuerCN, issuedToCN)); ++ ++ if(nBefore) { ++ PORT_Free(nBefore); ++ nBefore = NULL; ++ } ++ ++ if(nAfter) { ++ PORT_Free(nAfter); ++ nAfter = NULL; ++ } + + break; + } diff --git a/SOURCES/esc-1.1.2-fix8.patch b/SOURCES/esc-1.1.2-fix8.patch new file mode 100644 index 0000000..4231b9b --- /dev/null +++ b/SOURCES/esc-1.1.2-fix8.patch @@ -0,0 +1,60 @@ +diff -up ./esc/src/app/opensc.esc.conf.fix8 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix8 2020-08-07 16:17:37.464650003 -0700 ++++ ./esc/src/app/opensc.esc.conf 2020-08-07 16:20:21.861957011 -0700 +@@ -89,12 +89,12 @@ app default { + } + reader_driver openct { + }; +- card_drivers = coolkey, cac,cac1, piv, default; ++ card_drivers = coolkey, cac,cac1, PIV-II, default; + secure_messaging local_authentic { + module_path = /usr/lib64; + } + framework pkcs15 { +- builtin_emulators = coolkey, cac, cac1, piv; ++ builtin_emulators = coolkey, cac, cac1, PIV-II; + } + } + app opensc-pkcs11 { +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix8 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix8 2020-08-07 12:05:35.982966019 -0700 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-08-07 16:08:16.747602873 -0700 +@@ -593,6 +593,7 @@ char *CoolKeyGetFullReaderName(const cha + } else { + fullReaderName = strdup(thisReader); + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56))); ++ break; + } + } + +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 2020-08-07 12:05:44.394982245 -0700 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-07 16:10:35.504862004 -0700 +@@ -2225,8 +2225,17 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + HRESULT hres,atrRes,cycleRes,cuidRes; + + char *readerName = PK11_GetSlotName(aSlot); ++ int readerNameLen = strlen(readerName); + +- char *actualReaderName = CoolKeyGetFullReaderName(readerName); ++ //Since there is no local support to get a reader name by slot, ++ //Will simply do a partial substring compare, using less characters ++ //to avoid any hard coded trailing chars. ++ ++ char partialReaderName[60]; ++ memset(partialReaderName, 0, 60); ++ ++ strncpy(partialReaderName,readerName, 59); ++ char *actualReaderName = CoolKeyGetFullReaderName(partialReaderName); + + memset((void *) &tokenInfo,0,sizeof(tokenInfo)); + ATR.data = NULL; // initialize for error processing +@@ -2348,7 +2357,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + if(isACOOLKey && cuidRes == E_FAIL) { + //Let's try to get the cuid directly from the token. + +- cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName); ++ cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, actualReaderName); + + if(cuidRes != S_OK) { + strcpy(info->mCUID, "unknown"); diff --git a/SOURCES/esc-1.1.2-fix9.patch b/SOURCES/esc-1.1.2-fix9.patch new file mode 100644 index 0000000..0ddf203 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix9.patch @@ -0,0 +1,41 @@ +diff -up ./esc/src/app/esc.js.fix9 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix9 2020-08-12 11:15:29.423093856 -0700 ++++ ./esc/src/app/esc.js 2020-08-12 11:43:47.646556310 -0700 +@@ -271,7 +271,6 @@ class ESC { + if(!insertedToken && !doReset) { + return; + } +- + if(doReset) { + this._operationsGrid.remove(this._phoneHomeButton); + this._operationsGrid.remove(this._enrollButton); +@@ -297,6 +296,12 @@ class ESC { + } + + this._operationsGrid.show_all(); ++ } else { ++ if(insertedToken.status == 4) { ++ this._operationsGrid.add(this._certDetailButton); ++ this._operationsGrid.show_all(); ++ ++ } + } + } + +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2020-08-12 10:59:24.844704399 -0700 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-12 11:11:05.480713407 -0700 +@@ -2329,11 +2329,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + } + + //Massage the tokenInfo so it adhered to when coolkey was doing it. +- if(hasApplet) { ++ if(hasApplet == 1 || isACAC == 1 || isAPIV == 1) { + tokenInfo.firmwareVersion.major = 1; + } + +- if(isPersonalized) { ++ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) { + tokenInfo.flags |= CKF_TOKEN_INITIALIZED; + } + diff --git a/SPECS/esc.spec b/SPECS/esc.spec index fb34e6f..39a374a 100644 --- a/SPECS/esc.spec +++ b/SPECS/esc.spec @@ -1,6 +1,6 @@ Name: esc Version: 1.1.2 -Release: 12%{?dist} +Release: 15%{?dist} Summary: Enterprise Security Client Smart Card Client License: GPL+ URL: http://directory.fedora.redhat.com/wiki/CoolKey @@ -14,6 +14,9 @@ Patch4: esc-1.1.2-fix4.patch Patch5: esc-1.1.2-fix5.patch Patch6: esc-1.1.2-fix6.patch Patch7: esc-1.1.2-fix7.patch +Patch8: esc-1.1.2-fix8.patch +Patch9: esc-1.1.2-fix9.patch +Patch10: esc-1.1.2-fix10.patch #BuildRequires: doxygen fontconfig-devel @@ -79,6 +82,9 @@ cryptographic smartcards. %patch5 -p1 -b .fix5 %patch6 -p1 -b .fix6 %patch7 -p1 -b .fix7 +%patch8 -p1 -b .fix8 +%patch9 -p1 -b .fix9 +%patch10 -p1 -b .fix10 %build @@ -147,6 +153,12 @@ cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir} %{_datadir}/%{appdir}/esc.desktop %changelog +* Mon Nov 23 2020 Jack Magne - 1.1.2-15 +- Resolves: rhbz#1870715 - HP Keyboard does not list the certificates on an enrolled smart card. +* Fri Aug 07 2020 Jack Magne - 1.1.2-14 +- Resolves: rhbz#1848629 - Smartcard is not detected by esc. Ammendment to bug fix. +* Fri Aug 07 2020 Jack Magne - 1.1.2-13 +- Resolves: rhbz#1848629 - Smartcard is not detected by esc * Sat May 30 2020 Jack Magne - 1.1.2-12 - Resolves: rhbz#1646486 - alt tokens not detected by ESC - Resolves: rhbz#1774750 - ESC's unusual behavior after formatting a blank Gemalto token