From 4369004335343ef555d411b06dc67142ea82b5ad Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Dec 08 2020 10:09:49 +0000 Subject: import opencryptoki-3.15.1-3.el8 --- diff --git a/SOURCES/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch b/SOURCES/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch new file mode 100644 index 0000000..05ac844 --- /dev/null +++ b/SOURCES/opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch @@ -0,0 +1,118 @@ +diff -up opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c.orig opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c +--- opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c.orig 2020-11-26 13:25:41.679655774 +0100 ++++ opencryptoki-3.15.1/usr/sbin/p11sak/p11sak.c 2020-11-26 13:26:00.170892352 +0100 +@@ -2192,10 +2192,8 @@ static CK_RV confirm_destroy(char **user + while (1){ + nread = getline(user_input, &buflen, stdin); + if (nread == -1) { +- printf("User input failed (error code 0x%lX: %s)\n", +- rc, p11_get_ckr(rc)); +- rc = -1; +- return rc; ++ printf("User input: EOF\n"); ++ return CKR_CANCEL; + } + + if (user_input_ok(*user_input)) { +@@ -2210,17 +2208,16 @@ static CK_RV confirm_destroy(char **user + return rc; + } + +- + static CK_RV finalize_destroy_object(char *label, CK_SESSION_HANDLE *session, +- CK_OBJECT_HANDLE *hkey) ++ CK_OBJECT_HANDLE *hkey, CK_BBOOL *boolDestroyFlag) + { + char *user_input = NULL; + CK_RV rc = CKR_OK; + + rc = confirm_destroy(&user_input, label); + if (rc != CKR_OK) { +- printf("User input failed (error code 0x%lX: %s)\n", +- rc, p11_get_ckr(rc)); ++ printf("Skip deleting Key. User input %s\n", p11_get_ckr(rc)); ++ rc = CKR_CANCEL; + goto done; + } + +@@ -2232,9 +2229,11 @@ static CK_RV finalize_destroy_object(cha + label, rc, p11_get_ckr(rc)); + goto done; + } ++ *boolDestroyFlag = CK_TRUE; + printf("DONE - Destroy Object with Label: %s\n", label); + } else if (strncmp(user_input, "n", 1) == 0) { + printf("Skip deleting Key\n"); ++ *boolDestroyFlag = CK_FALSE; + } else { + printf("Please just enter (y) for yes or (n) for no.\n"); + } +@@ -2254,6 +2253,8 @@ static CK_RV delete_key(CK_SESSION_HANDL + CK_OBJECT_HANDLE hkey; + char *keytype = NULL; + char *label = NULL; ++ CK_BBOOL boolDestroyFlag = CK_FALSE; ++ CK_BBOOL boolSkipFlag = CK_FALSE; + CK_RV rc = CKR_OK; + + rc = tok_key_list_init(session, kt, label); +@@ -2290,6 +2291,7 @@ static CK_RV delete_key(CK_SESSION_HANDL + if (*forceAll) { + if ((strcmp(rm_label, "") == 0) || (strcmp(rm_label, label) == 0)) { + printf("Destroy Object with Label: %s\n", label); ++ + rc = funcs->C_DestroyObject(session, hkey); + if (rc != CKR_OK) { + printf( +@@ -2297,14 +2299,18 @@ static CK_RV delete_key(CK_SESSION_HANDL + label, rc, p11_get_ckr(rc)); + goto done; + } +- printf("DONE - Destroy Object with Label: %s\n", label); ++ boolDestroyFlag = CK_TRUE; + } + } else { + if ((strcmp(rm_label, "") == 0) || (strcmp(rm_label, label) == 0)) { +- rc = finalize_destroy_object(label, &session, &hkey); ++ rc = finalize_destroy_object(label, &session, &hkey, &boolDestroyFlag); + if (rc != CKR_OK) { + goto done; + } ++ ++ if (!boolDestroyFlag) { ++ boolSkipFlag = CK_TRUE; ++ } + } + } + +@@ -2321,6 +2327,16 @@ static CK_RV delete_key(CK_SESSION_HANDL + + done: + ++ if (strlen(rm_label) > 0) { ++ if (boolDestroyFlag) { ++ printf("Object with Label: %s found and destroyed \n", rm_label); ++ } else if (boolSkipFlag) { ++ printf("Object with Label: %s not deleted\n", rm_label); ++ } else if (rc == CKR_OK) { ++ printf("Object with Label: %s not found\n", rm_label); ++ } ++ } ++ + if (rc != CKR_OK) { + free(label); + free(keytype); +@@ -2494,8 +2510,11 @@ int main(int argc, char *argv[]) + /* Execute command */ + rc = execute_cmd(session, slot, cmd, kt, keylength, exponent, ECcurve, + label, attr_string, long_print, &forceAll); +- if (rc != CKR_OK) { +- printf("Failed to execute p11sak command (error code 0x%lX: %s)\n", rc, ++ if (rc == CKR_CANCEL) { ++ printf("Cancel execution: p11sak %s command (error code 0x%lX: %s)\n", cmd2str(cmd), rc, ++ p11_get_ckr(rc)); ++ } else if (rc != CKR_OK) { ++ printf("Failed to execute p11sak %s command (error code 0x%lX: %s)\n", cmd2str(cmd), rc, + p11_get_ckr(rc)); + goto done; + } diff --git a/SOURCES/opencryptoki-3.15.1-fix_compiling_with_c++.patch b/SOURCES/opencryptoki-3.15.1-fix_compiling_with_c++.patch new file mode 100644 index 0000000..9f590e0 --- /dev/null +++ b/SOURCES/opencryptoki-3.15.1-fix_compiling_with_c++.patch @@ -0,0 +1,13 @@ +diff -up opencryptoki-3.15.1/usr/include/pkcs11types.h.me opencryptoki-3.15.1/usr/include/pkcs11types.h +--- opencryptoki-3.15.1/usr/include/pkcs11types.h.me 2020-11-26 18:33:58.707979547 +0100 ++++ opencryptoki-3.15.1/usr/include/pkcs11types.h 2020-11-26 18:35:22.428095872 +0100 +@@ -1483,7 +1483,7 @@ typedef CK_FUNCTION_LIST_3_0_PTR CK_PTR + + typedef struct CK_IBM_FUNCTION_LIST_1_0 CK_IBM_FUNCTION_LIST_1_0; + typedef struct CK_IBM_FUNCTION_LIST_1_0 CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR; +-typedef struct CK_IBM_FUNCTION_LIST_1_0_PTR CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR_PTR; ++typedef CK_IBM_FUNCTION_LIST_1_0_PTR CK_PTR CK_IBM_FUNCTION_LIST_1_0_PTR_PTR; + + typedef CK_RV (CK_PTR CK_C_Initialize) (CK_VOID_PTR pReserved); + typedef CK_RV (CK_PTR CK_C_Finalize) (CK_VOID_PTR pReserved); +diff -up opencryptoki-3.15.1/usr/sbin/pkcstok_migrate/pkcstok_migrate.c.me opencryptoki-3.15.1/usr/sbin/pkcstok_migrate/pkcstok_migrate.c diff --git a/SPECS/opencryptoki.spec b/SPECS/opencryptoki.spec index 6bdfe74..ac34bad 100644 --- a/SPECS/opencryptoki.spec +++ b/SPECS/opencryptoki.spec @@ -1,7 +1,7 @@ Name: opencryptoki Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11 Version: 3.15.1 -Release: 1%{?dist} +Release: 3%{?dist} License: CPL Group: System Environment/Base URL: https://github.com/opencryptoki/opencryptoki @@ -12,6 +12,10 @@ Patch0: opencryptoki-3.11.0-group.patch # bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* Patch1: opencryptoki-3.11.0-lockdir.patch # upstream fixes +# https://github.com/opencryptoki/opencryptoki/commit/eef7049ce857ee5d5ec64e369a10e05e8bb5c4dd +Patch2: opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch +# https://github.com/opencryptoki/opencryptoki/commit/2d16f003911ceee50967546f4b3c7cac2db9ba86 +Patch3: opencryptoki-3.15.1-fix_compiling_with_c++.patch Requires(pre): coreutils BuildRequires: gcc @@ -338,6 +342,14 @@ fi %changelog +* Thu Nov 26 2020 Than Ngo - 3.15.1-3 +- Resolves: #1902022 + Fix compiling with c++ + Added error message handling for p11sak remove-key command + +* Thu Nov 26 2020 Than Ngo - 3.15.1-2 +- Related: #1847433, Added error message handling for p11sak remove-key command + * Mon Nov 02 2020 Than Ngo - 3.15.1-1 - Related: #1847433 upstream fixes: