|
|
04581f4 |
Name: opencryptoki
|
|
|
ef773a0 |
Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0
|
|
|
f405c3b |
Version: 3.21.0
|
|
|
0eba1a0 |
Release: 6%{?dist}
|
|
|
e211a28 |
License: CPL-1.0
|
|
|
baa5bc5 |
URL: https://github.com/opencryptoki/opencryptoki
|
|
|
378eda3 |
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
|
|
|
b16bb63 |
Source1: opencryptoki.module
|
|
|
d739e8c |
# bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/*
|
|
|
190ffcb |
Patch1: opencryptoki-3.11.0-lockdir.patch
|
|
|
4d69833 |
# fix install problem in buildroot
|
|
|
f405c3b |
Patch2: opencryptoki-3.21.0-p11sak.patch
|
|
|
190ffcb |
# upstream patches
|
|
|
e6fc48b |
# pkcsstats: Fix handling of user name
|
|
|
e6fc48b |
Patch100: opencryptoki-3.21.0-f4166214552a92d8d66de8011ab11c9c2c6bb0a4.patch
|
|
|
e6fc48b |
# p11sak: Fix user confirmation prompt behavior when stdin is closed
|
|
|
e6fc48b |
Patch101: opencryptoki-3.21.0-4ff774568e334a719fc8de16fe2309e2070f0da8.patch
|
|
|
7ae4b00 |
# p11sak fails as soon as there reside non-key objects
|
|
|
7ae4b00 |
Patch102: opencryptoki-3.21.0-92999f344a3ad99a67a1bcfd9ad28f28c33e51bc.patch
|
|
|
7ae4b00 |
# opencryptoki p11sak tool: slot option does not accept argument 0 for slot index 0
|
|
|
7ae4b00 |
Patch103: opencryptoki-3.21.0-2ba0f41ef5e14d4b509c8854e27cf98e3ee89445.patch
|
|
|
4f1d4c9 |
|
|
|
226094e |
Requires(pre): coreutils
|
|
|
824d4de |
Requires: (selinux-policy >= 34.9-1 if selinux-policy-targeted)
|
|
|
b5a9166 |
BuildRequires: gcc
|
|
|
7851537 |
BuildRequires: gcc-c++
|
|
|
ef773a0 |
BuildRequires: openssl-devel >= 1.1.1
|
|
|
1ab7c61 |
%if 0%{?tmptok}
|
|
|
eaf25b8 |
BuildRequires: trousers-devel
|
|
|
1ab7c61 |
%endif
|
|
|
c301a40 |
BuildRequires: openldap-devel
|
|
|
04581f4 |
BuildRequires: autoconf automake libtool
|
|
|
c301a40 |
BuildRequires: bison flex
|
|
|
f405c3b |
BuildRequires: libcap-devel
|
|
|
f58d817 |
BuildRequires: expect
|
|
|
a9de92b |
BuildRequires: make
|
|
|
e82e62e |
BuildRequires: systemd-rpm-macros
|
|
|
04581f4 |
%ifarch s390 s390x
|
|
|
bd91601 |
BuildRequires: libica-devel >= 2.3
|
|
|
550ad4e |
# for /usr/include/libudev.h
|
|
|
550ad4e |
BuildRequires: systemd-devel
|
|
|
04581f4 |
%endif
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
04581f4 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
6294303 |
Requires: %{name}(token)
|
|
|
190ffcb |
Requires(post): systemd diffutils
|
|
|
c301a40 |
Requires(preun): systemd
|
|
|
c301a40 |
Requires(postun): systemd
|
|
|
ace0290 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%description
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package contains the Slot Daemon (pkcsslotd) and general utilities.
|
|
|
eaf25b8 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%package libs
|
|
|
eaf25b8 |
Summary: The run-time libraries for opencryptoki package
|
|
|
c8cf931 |
Requires(pre): shadow-utils
|
|
|
04581f4 |
|
|
|
04581f4 |
%description libs
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package contains the PKCS#11 library implementation, and requires
|
|
|
eaf25b8 |
at least one token implementation (packaged separately) to be fully
|
|
|
eaf25b8 |
functional.
|
|
|
eaf25b8 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%package devel
|
|
|
04581f4 |
Summary: Development files for openCryptoki
|
|
|
18aa734 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
04581f4 |
|
|
|
04581f4 |
%description devel
|
|
|
eaf25b8 |
This package contains the development header files for building
|
|
|
eaf25b8 |
opencryptoki and PKCS#11 based applications
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%package swtok
|
|
|
eaf25b8 |
Summary: The software token implementation for opencryptoki
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
eaf25b8 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
6294303 |
Provides: %{name}(token)
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%description swtok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package brings the software token implementation to use opencryptoki
|
|
|
eaf25b8 |
without any specific cryptographic hardware.
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%package tpmtok
|
|
|
eaf25b8 |
Summary: Trusted Platform Module (TPM) device support for opencryptoki
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
eaf25b8 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
6294303 |
Provides: %{name}(token)
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%description tpmtok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package brings the necessary libraries and files to support
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) devices in the opencryptoki stack.
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
|
|
|
c301a40 |
%package icsftok
|
|
|
c301a40 |
Summary: ICSF token support for opencryptoki
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
c301a40 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
c301a40 |
Provides: %{name}(token)
|
|
|
c301a40 |
|
|
|
c301a40 |
%description icsftok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
c301a40 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
c301a40 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
c301a40 |
token implementation that can be used without any cryptographic
|
|
|
c301a40 |
hardware.
|
|
|
c301a40 |
This package brings the necessary libraries and files to support
|
|
|
c301a40 |
ICSF token in the opencryptoki stack.
|
|
|
c301a40 |
|
|
|
c301a40 |
|
|
|
eaf25b8 |
%ifarch s390 s390x
|
|
|
eaf25b8 |
%package icatok
|
|
|
eaf25b8 |
Summary: ICA cryptographic devices (clear-key) support for opencryptoki
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
eaf25b8 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
6294303 |
Provides: %{name}(token)
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%description icatok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package brings the necessary libraries and files to support ICA
|
|
|
eaf25b8 |
devices in the opencryptoki stack. ICA is an interface to IBM
|
|
|
eaf25b8 |
cryptographic hardware such as IBM 4764 or 4765 that uses the
|
|
|
eaf25b8 |
"accelerator" or "clear-key" path.
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%package ccatok
|
|
|
eaf25b8 |
Summary: CCA cryptographic devices (secure-key) support for opencryptoki
|
|
|
ca25420 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
eaf25b8 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
6294303 |
Provides: %{name}(token)
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%description ccatok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
eaf25b8 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
eaf25b8 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
eaf25b8 |
token implementation that can be used without any cryptographic
|
|
|
eaf25b8 |
hardware.
|
|
|
eaf25b8 |
This package brings the necessary libraries and files to support CCA
|
|
|
eaf25b8 |
devices in the opencryptoki stack. CCA is an interface to IBM
|
|
|
eaf25b8 |
cryptographic hardware such as IBM 4764 or 4765 that uses the
|
|
|
eaf25b8 |
"co-processor" or "secure-key" path.
|
|
|
bd91601 |
|
|
|
bd91601 |
%package ep11tok
|
|
|
0f8dad3 |
Summary: EP11 cryptographic devices (secure-key) support for opencryptoki
|
|
|
bd91601 |
Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
bd91601 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
|
bd91601 |
Provides: %{name}(token)
|
|
|
bd91601 |
|
|
|
bd91601 |
%description ep11tok
|
|
|
ef773a0 |
Opencryptoki implements the PKCS#11 specification v2.20 for a set of
|
|
|
bd91601 |
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
|
|
|
bd91601 |
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
|
|
|
bd91601 |
token implementation that can be used without any cryptographic
|
|
|
bd91601 |
hardware.
|
|
|
bd91601 |
This package brings the necessary libraries and files to support EP11
|
|
|
bd91601 |
tokens in the opencryptoki stack. The EP11 token is a token that uses
|
|
|
bd91601 |
the IBM Crypto Express adapters (starting with Crypto Express 4S adapters)
|
|
|
bd91601 |
configured with Enterprise PKCS#11 (EP11) firmware.
|
|
|
eaf25b8 |
%endif
|
|
|
eaf25b8 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%prep
|
|
|
378eda3 |
%autosetup -p1
|
|
|
5645138 |
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%build
|
|
|
04581f4 |
./bootstrap.sh
|
|
|
eaf25b8 |
|
|
|
baa5bc5 |
%configure --with-systemd=%{_unitdir} --enable-testcases \
|
|
|
f405c3b |
--with-pkcsslotd-user=pkcsslotd --with-pkcs-group=pkcs11 \
|
|
|
1ab7c61 |
%if 0%{?tpmtok}
|
|
|
1ab7c61 |
--enable-tpmtok \
|
|
|
1ab7c61 |
%else
|
|
|
1ab7c61 |
--disable-tpmtok \
|
|
|
1ab7c61 |
%endif
|
|
|
143e398 |
%ifarch s390 s390x
|
|
|
bd91601 |
--enable-icatok --enable-ccatok --enable-ep11tok --enable-pkcsep11_migrate
|
|
|
eaf25b8 |
%else
|
|
|
e058927 |
--disable-icatok --disable-ccatok --disable-ep11tok --disable-pkcsep11_migrate
|
|
|
143e398 |
%endif
|
|
|
143e398 |
|
|
|
d026a63 |
%make_build CHGRP=/bin/true
|
|
|
04581f4 |
|
|
|
eaf25b8 |
|
|
|
04581f4 |
%install
|
|
|
d026a63 |
%make_install CHGRP=/bin/true
|
|
|
04581f4 |
|
|
|
04581f4 |
|
|
|
190ffcb |
%pre
|
|
|
190ffcb |
# don't touch opencryptoki.conf even if it is unchanged due to new tokversion
|
|
|
190ffcb |
# backup config file. bz#2044179
|
|
|
190ffcb |
%global cfile /etc/opencryptoki/opencryptoki.conf
|
|
|
190ffcb |
%global csuffix .rpmsave.XyoP
|
|
|
190ffcb |
if test $1 -gt 1 && test -f %{cfile} ; then
|
|
|
190ffcb |
cp -p %{cfile} %{cfile}%{csuffix}
|
|
|
190ffcb |
fi
|
|
|
190ffcb |
|
|
|
102c73f |
%pre libs
|
|
|
eaf25b8 |
getent group pkcs11 >/dev/null || groupadd -r pkcs11
|
|
|
f405c3b |
getent passwd pkcsslotd >/dev/null || useradd -r -g pkcs11 -d /run/opencryptoki -s /sbin/nologin -c "Opencryptoki pkcsslotd user" pkcsslotd
|
|
|
04581f4 |
exit 0
|
|
|
04581f4 |
|
|
|
ace0290 |
%post
|
|
|
190ffcb |
# restore the config file from %pre
|
|
|
190ffcb |
if test $1 -gt 1 && test -f %{cfile} ; then
|
|
|
190ffcb |
if ( ! cmp -s %{cfile} %{cfile}%{csuffix} ) ; then
|
|
|
190ffcb |
cp -p %{cfile} %{cfile}.rpmnew
|
|
|
190ffcb |
fi
|
|
|
190ffcb |
cp -p %{cfile}%{csuffix} %{cfile} && rm -f %{cfile}%{csuffix}
|
|
|
190ffcb |
fi
|
|
|
190ffcb |
|
|
|
f35b1ba |
%systemd_post pkcsslotd.service
|
|
|
a97cd99 |
if test $1 -eq 1; then
|
|
|
98cd1f7 |
%tmpfiles_create %{name}.conf
|
|
|
a97cd99 |
fi
|
|
|
ace0290 |
|
|
|
04581f4 |
%preun
|
|
|
f35b1ba |
%systemd_preun pkcsslotd.service
|
|
|
ace0290 |
|
|
|
ace0290 |
%postun
|
|
|
f35b1ba |
%systemd_postun_with_restart pkcsslotd.service
|
|
|
04581f4 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%files
|
|
|
d660478 |
%doc ChangeLog FAQ README.md
|
|
|
d660478 |
%doc doc/opencryptoki-howto.md
|
|
|
c301a40 |
%doc doc/README.token_data
|
|
|
0aad2e6 |
%doc %{_docdir}/%{name}/*.conf
|
|
|
c301a40 |
%dir %{_sysconfdir}/%{name}
|
|
|
a222ec3 |
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
|
|
|
12cb816 |
%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/p11sak_defined_attrs.conf
|
|
|
121df6d |
%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/strength.conf
|
|
|
baa5bc5 |
%{_tmpfilesdir}/%{name}.conf
|
|
|
ace0290 |
%{_unitdir}/pkcsslotd.service
|
|
|
bb83251 |
%{_sbindir}/p11sak
|
|
|
a8de220 |
%{_sbindir}/pkcstok_migrate
|
|
|
c301a40 |
%{_sbindir}/pkcsconf
|
|
|
c301a40 |
%{_sbindir}/pkcsslotd
|
|
|
0aad2e6 |
%{_sbindir}/pkcsstats
|
|
|
f405c3b |
%{_sbindir}/pkcshsm_mk_change
|
|
|
bb83251 |
%{_mandir}/man1/p11sak.1*
|
|
|
a8de220 |
%{_mandir}/man1/pkcstok_migrate.1*
|
|
|
c301a40 |
%{_mandir}/man1/pkcsconf.1*
|
|
|
0aad2e6 |
%{_mandir}/man1/pkcsstats.1*
|
|
|
f405c3b |
%{_mandir}/man1/pkcshsm_mk_change.1*
|
|
|
0aad2e6 |
%{_mandir}/man5/policy.conf.5*
|
|
|
0aad2e6 |
%{_mandir}/man5/strength.conf.5*
|
|
|
c301a40 |
%{_mandir}/man5/%{name}.conf.5*
|
|
|
92372e5 |
%{_mandir}/man5/p11sak_defined_attrs.conf.5*
|
|
|
c301a40 |
%{_mandir}/man7/%{name}.7*
|
|
|
c301a40 |
%{_mandir}/man8/pkcsslotd.8*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/methods
|
|
|
eaf25b8 |
%{_libdir}/pkcs11/methods
|
|
|
04581f4 |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}
|
|
|
a36c8e9 |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/HSM_MK_CHANGE
|
|
|
a97cd99 |
%ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name}
|
|
|
a97cd99 |
%ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name}/*
|
|
|
f405c3b |
%dir %attr(710,pkcsslotd,pkcs11) /run/%{name}
|
|
|
04581f4 |
|
|
|
04581f4 |
%files libs
|
|
|
1a58859 |
%license LICENSE
|
|
|
04581f4 |
%{_sysconfdir}/ld.so.conf.d/*
|
|
|
04581f4 |
# Unversioned .so symlinks usually belong to -devel packages, but opencryptoki
|
|
|
04581f4 |
# needs them in the main package, because:
|
|
|
04581f4 |
# documentation suggests that programs should dlopen "PKCS11_API.so".
|
|
|
bd91601 |
%dir %{_libdir}/opencryptoki
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/libopencryptoki.*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/PKCS11_API.so
|
|
|
eaf25b8 |
%dir %{_libdir}/opencryptoki/stdll
|
|
|
eaf25b8 |
%dir %{_libdir}/pkcs11
|
|
|
eaf25b8 |
%{_libdir}/pkcs11/libopencryptoki.so
|
|
|
eaf25b8 |
%{_libdir}/pkcs11/PKCS11_API.so
|
|
|
eaf25b8 |
%{_libdir}/pkcs11/stdll
|
|
|
a36c8e9 |
%dir %attr(770,root,pkcs11) %{_localstatedir}/log/opencryptoki
|
|
|
04581f4 |
|
|
|
04581f4 |
%files devel
|
|
|
18aa734 |
%{_includedir}/%{name}/
|
|
|
c1bf451 |
%{_libdir}/pkgconfig/%{name}.pc
|
|
|
04581f4 |
|
|
|
eaf25b8 |
%files swtok
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/libpkcs11_sw.*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/PKCS11_SW.so
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/swtok/
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/swtok/TOK_OBJ/
|
|
|
eaf25b8 |
|
|
|
1ab7c61 |
%if 0%{?tmptok}
|
|
|
eaf25b8 |
%files tpmtok
|
|
|
eaf25b8 |
%doc doc/README.tpm_stdll
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/libpkcs11_tpm.*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/PKCS11_TPM.so
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/tpm/
|
|
|
1ab7c61 |
%endif
|
|
|
eaf25b8 |
|
|
|
c301a40 |
%files icsftok
|
|
|
c301a40 |
%doc doc/README.icsf_stdll
|
|
|
c301a40 |
%{_sbindir}/pkcsicsf
|
|
|
c301a40 |
%{_mandir}/man1/pkcsicsf.1*
|
|
|
c301a40 |
%{_libdir}/opencryptoki/stdll/libpkcs11_icsf.*
|
|
|
c301a40 |
%{_libdir}/opencryptoki/stdll/PKCS11_ICSF.so
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/icsf/
|
|
|
c301a40 |
|
|
|
eaf25b8 |
%ifarch s390 s390x
|
|
|
eaf25b8 |
%files icatok
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/libpkcs11_ica.*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/PKCS11_ICA.so
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/lite/
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/lite/TOK_OBJ/
|
|
|
eaf25b8 |
|
|
|
eaf25b8 |
%files ccatok
|
|
|
eaf25b8 |
%doc doc/README.cca_stdll
|
|
|
c1bf451 |
%config(noreplace) %{_sysconfdir}/%{name}/ccatok.conf
|
|
|
bd91601 |
%{_sbindir}/pkcscca
|
|
|
bd91601 |
%{_mandir}/man1/pkcscca.1*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/libpkcs11_cca.*
|
|
|
eaf25b8 |
%{_libdir}/opencryptoki/stdll/PKCS11_CCA.so
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ccatok/
|
|
|
102c73f |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ccatok/TOK_OBJ/
|
|
|
bd91601 |
|
|
|
bd91601 |
%files ep11tok
|
|
|
bd91601 |
%doc doc/README.ep11_stdll
|
|
|
bd91601 |
%config(noreplace) %{_sysconfdir}/%{name}/ep11tok.conf
|
|
|
378eda3 |
%config(noreplace) %{_sysconfdir}/%{name}/ep11cpfilter.conf
|
|
|
bd91601 |
%{_sbindir}/pkcsep11_migrate
|
|
|
378eda3 |
%{_sbindir}/pkcsep11_session
|
|
|
378eda3 |
%{_mandir}/man1/pkcsep11_migrate.1*
|
|
|
378eda3 |
%{_mandir}/man1/pkcsep11_session.1*
|
|
|
bd91601 |
%{_libdir}/opencryptoki/stdll/libpkcs11_ep11.*
|
|
|
bd91601 |
%{_libdir}/opencryptoki/stdll/PKCS11_EP11.so
|
|
|
bd91601 |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ep11tok/
|
|
|
bd91601 |
%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ep11tok/TOK_OBJ/
|
|
|
eaf25b8 |
%endif
|
|
|
eaf25b8 |
|
|
|
04581f4 |
|
|
|
04581f4 |
%changelog
|
|
|
0eba1a0 |
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.21.0-6
|
|
|
0eba1a0 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
|
|
0eba1a0 |
|
|
|
7ae4b00 |
* Mon Jul 17 2023 Than Ngo <than@redhat.com> - 3.21.0-5
|
|
|
7ae4b00 |
- p11sak tool: slot option does not accept argument 0 for slot index 0
|
|
|
7ae4b00 |
- p11sak fails as soon as there reside non-key objects
|
|
|
7ae4b00 |
|
|
|
a222ec3 |
* Thu May 25 2023 Than Ngo <than@redhat.com> - 3.21.0-4
|
|
|
a222ec3 |
- add verify attributes for opencryptoki.conf to ignore the
|
|
|
a222ec3 |
verification
|
|
|
a222ec3 |
|
|
|
e6fc48b |
* Mon May 22 2023 Than Ngo <than@redhat.com> - 3.21.0-3
|
|
|
e6fc48b |
- drop p11_kit_support
|
|
|
e6fc48b |
- fix handling of user name
|
|
|
e6fc48b |
- fix user confirmation prompt behavior when stdin is closed
|
|
|
e6fc48b |
|
|
|
a36c8e9 |
* Tue May 16 2023 Than Ngo <than@redhat.com> - 3.21.0-2
|
|
|
a36c8e9 |
- add missing /var/lib/opencryptoki/HSM_MK_CHANGE
|
|
|
a36c8e9 |
|
|
|
fbb90ce |
* Mon May 15 2023 Than Ngo <than@redhat.com> - 3.21.0-1
|
|
|
fbb90ce |
- update to 3.21.0
|
|
|
fbb90ce |
|
|
|
e211a28 |
* Tue Feb 14 2023 Than Ngo <than@redhat.com> - 3.20.0-2
|
|
|
e211a28 |
- migrated to SPDX license
|
|
|
e211a28 |
|
|
|
bca00e7 |
* Mon Feb 13 2023 Than Ngo <than@redhat.com> - 3.20.0-1
|
|
|
bca00e7 |
- update to 3.20.0
|
|
|
4d69833 |
- drop unnecessary opencryptoki-3.11.0-group.patch
|
|
|
bca00e7 |
|
|
|
aa8a770 |
* Wed Feb 08 2023 Than Ngo <than@redhat.com> - 3.19.0-3
|
|
|
aa8a770 |
- Add support of ep11 token for new IBM Z Hardware (IBM z16)
|
|
|
aa8a770 |
|
|
|
e435fa6 |
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.19.0-2
|
|
|
e435fa6 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
|
e435fa6 |
|
|
|
ff9dd41 |
* Tue Oct 11 2022 Than Ngo <than@redhat.com> - 3.19.0-1
|
|
|
ff9dd41 |
- update to 3.19.0
|
|
|
ff9dd41 |
|
|
|
e82e62e |
* Wed Sep 14 2022 Florian Weimer <fweimer@redhat.com> - 3.18.0-5
|
|
|
e82e62e |
- Add missing build dependency on systemd-rpm-macros
|
|
|
e82e62e |
|
|
|
190ffcb |
* Mon Aug 01 2022 Than Ngo <than@redhat.com> - 3.18.0-4
|
|
|
190ffcb |
- fix json output
|
|
|
190ffcb |
- do not touch opencryptoki.conf if it is in place already and even if it is unchanged
|
|
|
190ffcb |
|
|
|
a7176ed |
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.18.0-3
|
|
|
a7176ed |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
|
|
a7176ed |
|
|
|
121df6d |
* Mon May 09 2022 Than Ngo <than@redhat.com> - 3.18.0-2
|
|
|
121df6d |
- add missing strength.conf
|
|
|
121df6d |
|
|
|
0aad2e6 |
* Mon May 02 2022 Than Ngo <than@redhat.com> - 3.18.0-1
|
|
|
0aad2e6 |
- 3.18.0
|
|
|
0aad2e6 |
|
|
|
5d430b6 |
* Wed Apr 20 2022 Dan Horák <dan[at]danny.cz> - 3.17.0-7
|
|
|
5d430b6 |
- fix initialization (#2075851, #2074587)
|
|
|
5d430b6 |
|
|
|
6ad7730 |
* Wed Apr 06 2022 Than Ngo <than@redhat.com> - 3.17.0-6
|
|
|
6ad7730 |
- add tokversion
|
|
|
6ad7730 |
|
|
|
e70f861 |
* Wed Apr 06 2022 Than Ngo <than@redhat.com> - 3.17.0-5
|
|
|
e70f861 |
- upstream fixes - openssl cleanup for opencryptoki, Avoid deadlock when stopping event thread
|
|
|
e70f861 |
|
|
|
501d214 |
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.17.0-4
|
|
|
501d214 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
|
|
501d214 |
|
|
|
d42252d |
* Thu Nov 25 2021 Than Ngo <than@redhat.com> - 3.17.0-3
|
|
|
d42252d |
- fix covscan issues
|
|
|
d42252d |
|
|
|
12cb816 |
* Tue Nov 09 2021 Than Ngo <than@redhat.com> - 3.17.0-2
|
|
|
12cb816 |
- add missing config file p11sak_defined_attrs.conf
|
|
|
12cb816 |
|
|
|
ef773a0 |
* Tue Oct 19 2021 Than Ngo <than@redhat.com> - 3.17.0-1
|
|
|
ef773a0 |
- rebase to 3.17.0
|
|
|
ef773a0 |
|
|
|
2030195 |
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 3.16.0-5
|
|
|
2030195 |
- Rebuilt with OpenSSL 3.0.0
|
|
|
2030195 |
|
|
|
b43456f |
* Fri Sep 03 2021 Than Ngo <than@redhat.com> - 3.16.0-4
|
|
|
b43456f |
- Resolves: #1987186, pkcstok_migrate leaves options with multiple strings in opencryptoki.conf options without double-quotes
|
|
|
b43456f |
- Resolves: #1974365, Fix detection if pkcsslotd is still running
|
|
|
b43456f |
|
|
|
b6ef252 |
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.16.0-3
|
|
|
b6ef252 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
|
|
b6ef252 |
|
|
|
824d4de |
* Wed Jun 30 2021 Than Ngo <than@redhat.com> - 3.16.0-2
|
|
|
824d4de |
- Added Event Notification Support
|
|
|
824d4de |
- Added conditional requirement on selinux-policy >= 34.10-1
|
|
|
824d4de |
- pkcsslotd PIDfile below legacy directory
|
|
|
e75a28b |
- Added BR on systemd-devel
|
|
|
824d4de |
|
|
|
7851537 |
* Wed Mar 31 2021 Dan Horák <dan[at]danny.cz> - 3.16.0-1
|
|
|
7851537 |
- Rebase to 3.16.0
|
|
|
7851537 |
|
|
|
c05764d |
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.15.1-6
|
|
|
c05764d |
- Rebuilt for updated systemd-rpm-macros
|
|
|
c05764d |
See https://pagure.io/fesco/issue/2583.
|
|
|
c05764d |
|
|
|
580c4f7 |
* Fri Feb 12 2021 Than Ngo <than@redhat.com> - 3.15.1-5
|
|
|
580c4f7 |
- Added upstream patch, a slot ID has nothing to do with the number of slots
|
|
|
580c4f7 |
|
|
|
7bb3425 |
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.15.1-4
|
|
|
7bb3425 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
7bb3425 |
|
|
|
1ab7c61 |
* Tue Dec 22 2020 Than Ngo <than@redhat.com> - 3.15.1-3
|
|
|
1ab7c61 |
- Drop tpm1.2 support by default
|
|
|
1ab7c61 |
|
|
|
a9de92b |
* Tue Dec 22 2020 Than Ngo <than@redhat.com> - 3.15.1-2
|
|
|
a9de92b |
- Fix compiling with c++
|
|
|
a9de92b |
- Added error message handling for p11sak remove-key command
|
|
|
a9de92b |
- Add BR on make
|
|
|
a9de92b |
|
|
|
812c4de |
* Mon Nov 02 2020 Than Ngo <than@redhat.com> - 3.15.1-1
|
|
|
812c4de |
- Rebase to 3.15.1
|
|
|
812c4de |
|
|
|
47c5c53 |
* Mon Oct 19 2020 Dan Horák <dan[at]danny.cz> - 3.15.0-1
|
|
|
47c5c53 |
- Rebase to 3.15.0
|
|
|
47c5c53 |
|
|
|
28f33cc |
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.14.0-6
|
|
|
28f33cc |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
28f33cc |
|
|
|
d026a63 |
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3.14.0-5
|
|
|
d026a63 |
- Use make macros
|
|
|
d026a63 |
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
|
|
|
d026a63 |
|
|
|
a8de220 |
* Wed Jul 08 2020 Than Ngo <than@redhat.com> - 3.14.0-4
|
|
|
a8de220 |
- added PIN conversion tool
|
|
|
a8de220 |
|
|
|
6fc6ecb |
* Wed Jul 01 2020 Than Ngo <than@redhat.com> - 3.14.0-3
|
|
|
6fc6ecb |
- upstream fix - handle early error cases in C_Initialize
|
|
|
6fc6ecb |
|
|
|
90da26b |
* Wed May 27 2020 Than Ngo <than@redhat.com> - 3.14.0-2
|
|
|
90da26b |
- fix regression, segfault in C_SetPin
|
|
|
90da26b |
|
|
|
bb83251 |
* Fri May 15 2020 Dan Horák <dan[at]danny.cz> - 3.14.0-1
|
|
|
bb83251 |
- Rebase to 3.14.0
|
|
|
bb83251 |
|
|
|
4016d42 |
* Fri Mar 06 2020 Dan Horák <dan[at]danny.cz> - 3.13.0-1
|
|
|
4016d42 |
- Rebase to 3.13.0
|
|
|
4016d42 |
|
|
|
32de57c |
* Mon Feb 03 2020 Dan Horák <dan[at]danny.cz> - 3.12.1-3
|
|
|
32de57c |
- fix build with gcc 10
|
|
|
32de57c |
|
|
|
3cf0603 |
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.12.1-2
|
|
|
3cf0603 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
3cf0603 |
|
|
|
51001a7 |
* Wed Nov 27 2019 Dan Horák <dan[at]danny.cz> - 3.12.1-1
|
|
|
51001a7 |
- Rebase to 3.12.1
|
|
|
51001a7 |
|
|
|
4033021 |
* Wed Nov 13 2019 Dan Horák <dan[at]danny.cz> - 3.12.0-1
|
|
|
4033021 |
- Rebase to 3.12.0
|
|
|
4033021 |
|
|
|
e058927 |
* Sun Sep 22 2019 Dan Horák <dan[at]danny.cz> - 3.11.1-1
|
|
|
e058927 |
- Rebase to 3.11.1
|
|
|
e058927 |
|
|
|
14a9950 |
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.11.0-5
|
|
|
14a9950 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
14a9950 |
|
|
|
baa5bc5 |
* Thu Mar 28 2019 Than Ngo <than@redhat.com> - 3.11.0-4
|
|
|
baa5bc5 |
- enable testcase by default
|
|
|
baa5bc5 |
- fix URL
|
|
|
baa5bc5 |
|
|
|
d739e8c |
* Tue Feb 19 2019 Than Ngo <than@redhat.com> - 3.11.0-3
|
|
|
d739e8c |
- Resolved #1063763 - opencryptoki tools should inform the user that he is not in pkcs11 group
|
|
|
d739e8c |
|
|
|
9a3196a |
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.11.0-2
|
|
|
9a3196a |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
|
9a3196a |
|
|
|
a97cd99 |
* Thu Jan 31 2019 Than Ngo <than@redhat.com> - 3.11.0-1
|
|
|
a97cd99 |
- Updated to 3.11.0
|
|
|
a97cd99 |
- Resolved #1341079 - Failed to create directory or subvolume "/var/lock/opencryptoki"
|
|
|
a97cd99 |
- Ported root's group membership's patch for 3.11.0
|
|
|
a97cd99 |
|
|
|
2256b40 |
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.10.0-2
|
|
|
2256b40 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
|
2256b40 |
|
|
|
eea7412 |
* Tue Jun 12 2018 Dan Horák <dan[at]danny.cz> - 3.10.0-1
|
|
|
eea7412 |
- Rebase to 3.10.0
|
|
|
eea7412 |
|
|
|
378eda3 |
* Fri Feb 23 2018 Dan Horák <dan[at]danny.cz> - 3.9.0-1
|
|
|
378eda3 |
- Rebase to 3.9.0
|
|
|
378eda3 |
|
|
|
ea17535 |
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.8.2-3
|
|
|
ea17535 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
ea17535 |
|
|
|
04e1581 |
* Fri Nov 24 2017 Dan Horák <dan[at]danny.cz> - 3.8.2-2
|
|
|
04e1581 |
- use upstream tmpfiles config
|
|
|
04e1581 |
|
|
|
d660478 |
* Thu Nov 23 2017 Dan Horák <dan[at]danny.cz> - 3.8.2-1
|
|
|
d660478 |
- Rebase to 3.8.2 (#1512678)
|
|
|
d660478 |
|
|
|
1941e4a |
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.0-3
|
|
|
1941e4a |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
1941e4a |
|
|
|
08e8476 |
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.0-2
|
|
|
08e8476 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
08e8476 |
|
|
Sinny Kumari |
9cad4f6 |
* Wed May 17 2017 Sinny Kumari <sinny@redhat.com> - 3.7.0-1
|
|
Sinny Kumari |
9cad4f6 |
- Rebase to 3.7.0
|
|
Sinny Kumari |
9cad4f6 |
- Added libitm-devel as BuildRequires
|
|
Sinny Kumari |
9cad4f6 |
|
|
Sinny Kumari |
f121dde |
* Mon Apr 03 2017 Sinny Kumari <sinny@redhat.com> - 3.6.2-1
|
|
Sinny Kumari |
f121dde |
- Rebase to 3.6.2
|
|
Sinny Kumari |
f121dde |
- RHBZ#1424017 - opencryptoki: FTBFS in rawhide
|
|
Sinny Kumari |
f121dde |
|
|
|
7a963a7 |
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-2
|
|
|
7a963a7 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
7a963a7 |
|
|
|
14a3b6f |
* Thu Sep 01 2016 Jakub Jelen <jjelen@redhat.com> - 3.5.1-1
|
|
|
14a3b6f |
- New upstream release
|
|
|
14a3b6f |
|
|
|
c41b53b |
* Tue May 03 2016 Jakub Jelen <jjelen@redhat.com> - 3.5-1
|
|
|
c41b53b |
- New upstream release
|
|
|
c41b53b |
|
|
|
5a6ffb2 |
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.1-2
|
|
|
5a6ffb2 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
5a6ffb2 |
|
|
|
29e018c |
* Mon Dec 07 2015 Jakub Jelen <jjelen@redhat.com> 3.4.1-1
|
|
|
29e018c |
- New bugfix upstream release
|
|
|
29e018c |
|
|
|
1a58859 |
* Wed Nov 18 2015 Jakub Jelen <jjelen@redhat.com> 3.4-1
|
|
|
7c890fb |
- New upstream release
|
|
|
7c890fb |
- Adding post-release patch fixing compile warnings
|
|
|
7c890fb |
|
|
|
7c2a3dc |
* Thu Aug 27 2015 Jakub Jelen <jjelen@redhat.com> 3.3-1.1
|
|
|
7c2a3dc |
- New upstream release
|
|
|
7c2a3dc |
- Correct dependencies for group creation
|
|
|
7c2a3dc |
|
|
|
dbdcbe4 |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.2-4
|
|
|
dbdcbe4 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
dbdcbe4 |
|
|
|
00e69e4 |
* Thu May 07 2015 Jakub Jelen <jjelen@redhat.com> 3.2-3
|
|
|
00e69e4 |
- Few more undefined symbols fixed for s390(x) specific targets
|
|
|
00e69e4 |
- Do not require --no-undefined, because s390(x) requires some
|
|
|
00e69e4 |
|
|
|
1adc190 |
* Mon May 04 2015 Jakub Jelen <jjelen@redhat.com> 3.2-2
|
|
|
1adc190 |
- Fix missing sources and libraries in makefiles causing undefined symbols (#1193560)
|
|
|
1adc190 |
- Make inline function compatible for GCC5
|
|
|
1adc190 |
|
|
|
bd91601 |
* Wed Sep 10 2014 Petr Lautrbach <plautrba@redhat.com> 3.2-1
|
|
|
bd91601 |
- new upstream release 3.2
|
|
|
bd91601 |
- add new sub-package opencryptoki-ep11tok on s390x
|
|
|
bd91601 |
|
|
|
165008c |
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1-2
|
|
|
165008c |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
165008c |
|
|
|
c92b26c |
* Thu Jul 24 2014 Petr Lautrbach <plautrba@redhat.com> 3.1-1
|
|
|
c92b26c |
- new upstream release 3.1
|
|
|
c92b26c |
|
|
|
ac40e6f |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.0-11
|
|
|
ac40e6f |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
ac40e6f |
|
|
|
6103f68 |
* Mon Feb 17 2014 Petr Lautrbach <plautrba@redhat.com> 3.0-10
|
|
|
6103f68 |
- create the right lock directory for cca tokens (#1054442)
|
|
|
6103f68 |
|
|
|
ac50372 |
* Wed Jan 29 2014 Petr Lautrbach <plautrba@redhat.com> 3.0-9
|
|
|
ac50372 |
- use Requires(pre): opencryptoki-libs for subpackages
|
|
|
ac50372 |
|
|
|
102c73f |
* Mon Jan 20 2014 Dan Horák <dan[at]danny.cz> - 3.0-8
|
|
|
102c73f |
- include token specific directories (#1013017, #1045775, #1054442)
|
|
|
102c73f |
- fix pkcsconf crash for non-root users (#10054661)
|
|
|
102c73f |
- the libs subpackage must care of creating the pkcs11 group, it's the first to be installed
|
|
|
102c73f |
|
|
|
84596f9 |
* Tue Dec 03 2013 Dan Horák <dan[at]danny.cz> - 3.0-7
|
|
|
84596f9 |
- fix build with -Werror=format-security (#1037228)
|
|
|
84596f9 |
|
|
|
1a12858 |
* Fri Nov 22 2013 Dan Horák <dan[at]danny.cz> - 3.0-6
|
|
|
1a12858 |
- apply post-3.0 fixes (#1033284)
|
|
|
1a12858 |
|
|
|
484374c |
* Tue Nov 19 2013 Dan Horák <dan[at]danny.cz> - 3.0-5
|
|
|
484374c |
- update opencryptoki man page (#1001729)
|
|
|
484374c |
|
|
|
9a87789 |
* Fri Aug 23 2013 Dan Horák <dan[at]danny.cz> - 3.0-4
|
|
|
9a87789 |
- update unit file (#995002)
|
|
|
9a87789 |
|
|
|
baa2ede |
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.0-3
|
|
|
baa2ede |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
baa2ede |
|
|
|
fe2d7f3 |
* Tue Jul 23 2013 Dan Horák <dan[at]danny.cz> - 3.0-2
|
|
|
fe2d7f3 |
- update pkcsconf man page (#948460)
|
|
|
fe2d7f3 |
|
|
|
c301a40 |
* Mon Jul 22 2013 Dan Horák <dan[at]danny.cz> - 3.0-1
|
|
|
c301a40 |
- new upstream release 3.0
|
|
|
c301a40 |
|
|
|
017e821 |
* Tue Jun 25 2013 Dan Horák <dan[at]danny.cz> - 2.4.3.1-1
|
|
|
017e821 |
- new upstream release 2.4.3.1
|
|
|
017e821 |
|
|
|
017e821 |
* Fri May 03 2013 Dan Horák <dan[at]danny.cz> - 2.4.3-1
|
|
|
017e821 |
- new upstream release 2.4.3
|
|
|
017e821 |
|
|
|
f35b1ba |
* Thu Apr 04 2013 Dan Horák <dan[at]danny.cz> - 2.4.2-4
|
|
|
f35b1ba |
- enable hardened build
|
|
|
f35b1ba |
- switch to systemd macros in scriptlets (#850240)
|
|
|
f35b1ba |
|
|
|
6294303 |
* Mon Jan 28 2013 Dan Horák <dan[at]danny.cz> - 2.4.2-3
|
|
|
6294303 |
- add virtual opencryptoki(token) Provides to token modules and as Requires
|
|
|
6294303 |
to main package (#904986)
|
|
|
6294303 |
|
|
|
fbfd242 |
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-2
|
|
|
fbfd242 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
fbfd242 |
|
|
|
18aa734 |
* Thu Jun 21 2012 Dan Horák <dan[at]danny.cz> - 2.4.2-1
|
|
|
18aa734 |
- new upstream release 2.4.2
|
|
|
18aa734 |
- add pkcs_slot man page
|
|
|
18aa734 |
- don't add root to the pkcs11 group
|
|
|
18aa734 |
|
|
|
b44c0f1 |
* Mon Jun 11 2012 Dan Horák <dan[at]danny.cz> - 2.4.1-2
|
|
|
b44c0f1 |
- fix unresolved symbols in TPM module (#830129)
|
|
|
b44c0f1 |
|
|
|
ace0290 |
* Sat Feb 25 2012 Dan Horák <dan[at]danny.cz> - 2.4.1-1
|
|
|
ace0290 |
- new upstream release 2.4.1
|
|
|
ace0290 |
- convert from initscript to systemd unit
|
|
|
ace0290 |
- import fixes from RHEL-6 about root's group membership (#732756, #730903)
|
|
|
ace0290 |
|
|
|
e6e769e |
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-2
|
|
|
e6e769e |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
e6e769e |
|
|
|
2387e87 |
* Thu Jul 07 2011 Dan Horák <dan[at]danny.cz> - 2.4-1
|
|
|
2387e87 |
- new upstream release 2.4
|
|
|
2387e87 |
|
|
|
8fefdf8 |
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.3-2
|
|
|
8fefdf8 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
8fefdf8 |
|
|
|
4c2f57e |
* Mon Jan 17 2011 Dan Horák <dan[at]danny.cz> 2.3.3-1
|
|
|
4c2f57e |
- new upstream release 2.3.3
|
|
|
4c2f57e |
|
|
|
cad2424 |
* Tue Nov 09 2010 Michal Schmidt <mschmidt@redhat.com> 2.3.2-2
|
|
|
cad2424 |
- Apply Obsoletes to package names, not provides.
|
|
|
cad2424 |
|
|
|
eaf25b8 |
* Tue Sep 14 2010 Dan Horák <dan[at]danny.cz> 2.3.2-1
|
|
|
eaf25b8 |
- new upstream release 2.3.2
|
|
|
eaf25b8 |
- put STDLLs in separate packages to match upstream package design
|
|
|
eaf25b8 |
|
|
|
ae46ec3 |
* Thu Jul 08 2010 Michal Schmidt <mschmidt@redhat.com> 2.3.1-7
|
|
|
ae46ec3 |
- Move the LICENSE file to the -libs subpackage.
|
|
|
ae46ec3 |
|
|
|
143e398 |
* Tue Jun 29 2010 Dan Horák <dan[at]danny.cz> 2.3.1-6
|
|
|
143e398 |
- rebuilt with CCA enabled (#604287)
|
|
|
143e398 |
- fixed issues from #546274
|
|
|
143e398 |
|
|
|
4deba9f |
* Fri Apr 30 2010 Dan Horák <dan[at]danny.cz> 2.3.1-5
|
|
|
4deba9f |
- fixed one more issue in the initscript (#547324)
|
|
|
4deba9f |
|
|
|
fdde48d |
* Mon Apr 26 2010 Dan Horák <dan[at]danny.cz> 2.3.1-4
|
|
|
fdde48d |
- fixed pidfile creating and usage (#547324)
|
|
|
fdde48d |
|
|
|
f86e736 |
* Mon Feb 08 2010 Michal Schmidt <mschmidt@redhat.com> 2.3.1-3
|
|
|
f86e736 |
- Also list 'reload' and 'force-reload' in "Usage: ...".
|
|
|
f86e736 |
|
|
|
9f98d22 |
* Mon Feb 08 2010 Michal Schmidt <mschmidt@redhat.com> 2.3.1-2
|
|
|
9f98d22 |
- Support 'force-reload' in the initscript.
|
|
|
9f98d22 |
|
|
|
90b81b9 |
* Wed Jan 27 2010 Michal Schmidt <mschmidt@redhat.com> 2.3.1-1
|
|
|
90b81b9 |
- New upstream release 2.3.1.
|
|
|
90b81b9 |
- opencryptoki-2.3.0-fix-nss-breakage.patch was merged.
|
|
|
90b81b9 |
|
|
|
42761bb |
* Fri Jan 22 2010 Dan Horák <dan[at]danny.cz> 2.3.0-5
|
|
|
42761bb |
- made pkcsslotd initscript LSB compliant (#522149)
|
|
|
42761bb |
|
|
|
53b6bc9 |
* Mon Sep 07 2009 Michal Schmidt <mschmidt@redhat.com> 2.3.0-4
|
|
|
53b6bc9 |
- Added opencryptoki-2.3.0-fix-nss-breakage.patch on upstream request.
|
|
|
53b6bc9 |
|
|
|
b0b9590 |
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.3.0-3
|
|
|
b0b9590 |
- rebuilt with new openssl
|
|
|
b0b9590 |
|
|
|
2c19c03 |
* Sun Aug 16 2009 Michal Schmidt <mschmidt@redhat.com> 2.3.0-2
|
|
|
2c19c03 |
- Require libica-2.0.
|
|
|
2c19c03 |
|
|
|
6e4e60a |
* Fri Aug 07 2009 Michal Schmidt <mschmidt@redhat.com> 2.3.0-1
|
|
|
6e4e60a |
- New upstream release 2.3.0:
|
|
|
6e4e60a |
- adds support for RSA 4096 bit keys in the ICA token.
|
|
|
6e4e60a |
|
|
|
04581f4 |
* Tue Jul 21 2009 Michal Schmidt <mschmidt@redhat.com> - 2.2.8-5
|
|
|
04581f4 |
- Require arch-specific dependency on -libs.
|
|
|
04581f4 |
|
|
|
04581f4 |
* Tue Jul 21 2009 Michal Schmidt <mschmidt@redhat.com> - 2.2.8-4
|
|
|
04581f4 |
- Return support for crypto hw on s390.
|
|
|
04581f4 |
- Renamed to opencryptoki.
|
|
|
04581f4 |
- Simplified multilib by putting libs in subpackage as suggested by Dan Horák.
|
|
|
04581f4 |
|
|
|
04581f4 |
* Tue Jul 21 2009 Michal Schmidt <mschmidt@redhat.com> - 2.2.8-2
|
|
|
04581f4 |
- Fedora package based on RHEL-5 package.
|