#6 Bring epel7 up to the level of f29/f30 and fix broken pkcs11 engine
Merged 2 months ago by ansasaki. Opened 2 months ago by dwd.
rpms/ dwd/openssl-pkcs11 epel7  into  epel7

file modified
+2

@@ -1,2 +1,4 @@ 

  /libp11-0.4.7.tar.gz

  /libp11-0.4.8.tar.gz

+ /libp11-0.4.9.tar.gz

+ /libp11-0.4.10.tar.gz

file modified
+38 -13

@@ -1,8 +1,12 @@ 

- Version: 0.4.8

+ Version: 0.4.10

  Release: 1%{?dist}

  

  # Define the directory where the OpenSSL engines are installed

+ %if 0%{?el7}

+ %global enginesdir %{_libdir}/openssl/engines

+ %else

  %global enginesdir %{_libdir}/engines-1.1

+ %endif

  

  Name:           openssl-pkcs11

  Summary:        A PKCS#11 engine for use with OpenSSL

@@ -13,6 +17,7 @@ 

  

  BuildRequires:  autoconf automake libtool

  BuildRequires:  openssl-devel

+ BuildRequires:  openssl >= 1.0.2

  BuildRequires:  pkgconfig

  BuildRequires:  pkgconfig(p11-kit-1)

  # Needed for testsuite

@@ -23,7 +28,7 @@ 

  %endif

  

  Requires:       p11-kit-trust

- Requires:       openssl > 0.9.6

+ Requires:       openssl >= 1.0.2

  

  # Package renamed from libp11 to openssl-pkcs11 in release 0.4.7-4

  Provides:       libp11%{?_isa} = %{version}-%{release}

@@ -39,10 +44,11 @@ 

  %endif

  

  %description -n openssl-pkcs11

- openssl-pkcs11 is an implementation of an engine for OpenSSL. It can be loaded

- using code, config file or command line and will pass any function call by

- OpenSSL to a PKCS#11 module. openssl-pkcs11 is meant to be used with smart

- cards and software for using smart cards in PKCS#11 format, such as OpenSC.

+ openssl-pkcs11 enables hardware security module (HSM), and smart card support in

+ OpenSSL applications. More precisely, it is an OpenSSL engine which makes

+ registered PKCS#11 modules available for OpenSSL applications. The engine is

+ optional and can be loaded by configuration file, command line or through the

+ OpenSSL ENGINE API.

  

  # The libp11-devel subpackage was reintroduced in libp11-0.4.7-7 for Fedora

  %if 0%{?fedora}

@@ -88,11 +94,9 @@ 

  rm -rf %{buildroot}%{_docdir}/libp11/

  

  %check

- make check %{?_smp_mflags}

- 

- %post -p /sbin/ldconfig

+ make check %{?_smp_mflags} || if [ $? -ne 0 ]; then cat tests/*.log; exit 1; fi;

  

- %postun -p /sbin/ldconfig

+ %ldconfig_scriptlets

  

  %files

  %license COPYING

@@ -109,6 +113,30 @@ 

  %endif

  

  %changelog

+ * Mon Jul 08 2019 Dave Dykstra <dwd@fnal.gov> - 0.4.10-1

+ - Moved enginesdir on el7 to where openssl 1.0 expects it

+ 

+ * Fri Apr 05 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.4.10-1

+ - Added BuildRequires for openssl >= 1.0.2

+ 

+ * Thu Apr 04 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.4.10-1

+ - Update to upstream version 0.4.10

+ 

+ * Tue Feb 19 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.4.9-1

+ - Update to upstream version 0.4.9

+ 

+ * Tue Sep 18 2018 Anderson Sasaki <ansasaki@redhat.com> - 0.4.8-2

+ - Require OpenSSL >= 1.0.2

+ - Fixed missing declaration of ERR_get_CKR_code()

+ - Add support to use EC keys and tests (#1619184)

+ - Exposed check_fork() API

+ - Fixed memory leak of RSA objects in pkcs11_store_key()

+ - Updated OpenSSL license in eng_front.c

+ - Fixed build for old C dialects

+ - Allow engine to use private key without PIN

+ - Require DEBUG to be defined to print debug messages

+ - Changed package description (#1614699)

+ 

  * Mon Aug 06 2018 Anderson Sasaki <ansasaki@redhat.com> - 0.4.8-1

  - Update to 0.4.8-1

  - RSA key generation on the token

@@ -118,9 +146,6 @@ 

  - Removed support for OpenSSL 0.9.8

  - Various bug fixes and enhancements

  

- * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.7-8

- - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

- 

  * Wed Jun 06 2018 Anderson Sasaki <ansasaki@redhat.com> - 0.4.7-7

  - Reintroduce libp11-devel subpackage to Fedora (#1583719)

  

file modified
+1 -1

@@ -1,1 +1,1 @@ 

- SHA512 (libp11-0.4.8.tar.gz) = efce50f88bf560255666640f30d6a5fa7d8cbbb55678551c4e938abdc6f60331534f9e6245d99d6b6c5c5d283f21b7c2dfb8c97b381da56035be4fe0550a948b

+ SHA512 (libp11-0.4.10.tar.gz) = 7005dbbab170dff48bee99de67ab9ffbfd2004f4b5150a0a67717aabb30eb93a34495b6d084da5d05162dd8666e8ff4c451d0d153ee4dd5422b59f6f6ca2130c

Pull in the changes from f29 and add a fix for https://bugzilla.redhat.com/show_bug.cgi?id=1728011 to move the pkcs11 engine back to where openssl 1.0 is expecting it.

1 new commit added

  • move enginesdir on el7 to where openssl 1.0 expects it
2 months ago

1 new commit added

  • added changelog for el7 enginesdir location
2 months ago

Thank you for your contribution!

The patch looks good to me, I'll merge it and build an update.

Pull-Request has been merged by ansasaki

2 months ago