diff --git a/SPECS/opencryptoki.spec b/SPECS/opencryptoki.spec index 68b80e9..ac34bad 100644 --- a/SPECS/opencryptoki.spec +++ b/SPECS/opencryptoki.spec @@ -1,27 +1,22 @@ Name: opencryptoki Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11 -Version: 3.14.0 -Release: 5%{?dist} +Version: 3.15.1 +Release: 3%{?dist} License: CPL Group: System Environment/Base URL: https://github.com/opencryptoki/opencryptoki Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz +Source1: opencryptoki.module # https://bugzilla.redhat.com/show_bug.cgi?id=732756 Patch0: opencryptoki-3.11.0-group.patch # bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* Patch1: opencryptoki-3.11.0-lockdir.patch -# bz#1780293, fix regression, segfault in C_SetPin -Patch2: opencryptoki-3.14.0-crash-in-c_setpin.patch -# Fix missing entries for p11sak tool in template spec file -Patch3: opencryptoki-3.14.0-missing-p11sak-tool-a94436937b6364c53219fb3c7922439f403e8d5e.patch -# bz#1780294, PIN conversion tool -Patch4: opencryptoki-3.14.0-cd40f4b7cb1b502ca754b9bfb307d934285709a9-PIN-conversion-tool.patch -# bz#1853420, endian issue -Patch5: 0001-pkcstok_migrate-Fix-NVTOK.DAT-conversion-on-little-e.patch -Patch6: 0002-pkcstok_migrate-Fix-private-token-object-conversion-.patch -Patch7: 0003-pkcstok_migrate-Fix-public-token-object-conversion-o.patch -Patch8: 0004-pkcstok_migrate-Remove-the-token-s-shared-memory-seg.patch -Patch9: 0005-Fix-storing-of-public-token-objects-in-new-data-form.patch +# upstream fixes +# https://github.com/opencryptoki/opencryptoki/commit/eef7049ce857ee5d5ec64e369a10e05e8bb5c4dd +Patch2: opencryptoki-3.15.1-error_message_handling_for_p11sak_remove-key_command.patch +# https://github.com/opencryptoki/opencryptoki/commit/2d16f003911ceee50967546f4b3c7cac2db9ba86 +Patch3: opencryptoki-3.15.1-fix_compiling_with_c++.patch + Requires(pre): coreutils BuildRequires: gcc BuildRequires: openssl-devel @@ -204,6 +199,7 @@ make %{?_smp_mflags} CHGRP=/bin/true %install make install DESTDIR=$RPM_BUILD_ROOT CHGRP=/bin/true +install -Dpm 644 %{SOURCE1} $RPM_BUILD_ROOT%{_datadir}/p11-kit/modules/opencryptoki.module # Remove unwanted cruft rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/*.la @@ -286,6 +282,10 @@ fi %{_libdir}/pkcs11/libopencryptoki.so %{_libdir}/pkcs11/PKCS11_API.so %{_libdir}/pkcs11/stdll +# Co-owned with p11-kit +%dir %{_datadir}/p11-kit/ +%dir %{_datadir}/p11-kit/modules/ +%{_datadir}/p11-kit/modules/opencryptoki.module %files devel %{_includedir}/%{name}/ @@ -342,6 +342,31 @@ fi %changelog +* Thu Nov 26 2020 Than Ngo - 3.15.1-3 +- Resolves: #1902022 + Fix compiling with c++ + Added error message handling for p11sak remove-key command + +* Thu Nov 26 2020 Than Ngo - 3.15.1-2 +- Related: #1847433, Added error message handling for p11sak remove-key command + +* Mon Nov 02 2020 Than Ngo - 3.15.1-1 +- Related: #1847433 + upstream fixes: + - Free generated key in all error cases + - CCA: Zeroize key buffer to avoid CCA 8/32 error + - Do not delete the map-btree entry if destroying an object is not allowed + - Remove now unused header timeb.h + - TESTCASES: Use FIPS conforming keys for 3DES CBC-MAC test vectors + - Fix buffer overrun in C_CopyObject + - TPM: Fix double free in openssl_gen_key + +* Mon Oct 19 2020 Than Ngo - 3.15.0-1 +- Resolves: #1847433, rebase to 3.15.0 +- Resolves: #1851105, PKCS #11 3.0 - baseline provider support +- Resolves: #1851108, openCryptoki ep11 token: enhanced functionality +- Resolves: #1851109, openCryptoki key management tool: key deletion function + * Mon Jul 06 2020 Than Ngo - 3.14.0-5 - Related: #1853420, more fixes