basebuilder_pel7ppc64bebuilder0
7 years ago
2 changed files with 165 additions and 0 deletions
@ -0,0 +1,102 @@ |
|||||||
|
From c7783ffebee147c3491c58656d9b77c74cdf3667 Mon Sep 17 00:00:00 2001 |
||||||
|
From: Kamil Dudka <kdudka@redhat.com> |
||||||
|
Date: Fri, 21 Apr 2017 13:32:25 +0200 |
||||||
|
Subject: [PATCH] remove implementation of the WaitForSlotEvent callback |
||||||
|
|
||||||
|
This reverts commit eefef2286183f1c895f408202367a0e4cb3b44c8. |
||||||
|
--- |
||||||
|
src/ckpem.h | 1 - |
||||||
|
src/pinst.c | 13 +------------ |
||||||
|
src/pobject.c | 19 ++++++++++++------- |
||||||
|
3 files changed, 13 insertions(+), 20 deletions(-) |
||||||
|
|
||||||
|
diff --git a/src/ckpem.h b/src/ckpem.h |
||||||
|
index b4fff2c..e6ecc5f 100644 |
||||||
|
--- a/src/ckpem.h |
||||||
|
+++ b/src/ckpem.h |
||||||
|
@@ -211,7 +211,6 @@ struct pemInternalObjectStr { |
||||||
|
NSS_EXTERN_DATA pemInternalObject **pem_objs; |
||||||
|
NSS_EXTERN_DATA int pem_nobjs; |
||||||
|
NSS_EXTERN_DATA int token_needsLogin[]; |
||||||
|
-NSS_EXTERN_DATA NSSCKMDSlot *lastEventSlot; |
||||||
|
|
||||||
|
struct pemTokenStr { |
||||||
|
PRBool logged_in; |
||||||
|
diff --git a/src/pinst.c b/src/pinst.c |
||||||
|
index 9cfbf45..5ac0ff3 100644 |
||||||
|
--- a/src/pinst.c |
||||||
|
+++ b/src/pinst.c |
||||||
|
@@ -53,7 +53,6 @@ static PRBool pemInitialized = PR_FALSE; |
||||||
|
pemInternalObject **pem_objs; |
||||||
|
int pem_nobjs = 0; |
||||||
|
int token_needsLogin[NUM_SLOTS]; |
||||||
|
-NSSCKMDSlot *lastEventSlot; |
||||||
|
|
||||||
|
/* |
||||||
|
* simple cert decoder to avoid the cost of asn1 engine |
||||||
|
@@ -833,16 +832,6 @@ pem_mdInstance_ModuleHandlesSessionObjects |
||||||
|
return CK_TRUE; |
||||||
|
} |
||||||
|
|
||||||
|
-static NSSCKMDSlot * |
||||||
|
-pem_mdInstance_WaitForSlotEvent( |
||||||
|
- NSSCKMDInstance * mdInstance, |
||||||
|
- NSSCKFWInstance * fwInstance, |
||||||
|
- CK_BBOOL block, |
||||||
|
- CK_RV * pError) |
||||||
|
-{ |
||||||
|
- return lastEventSlot; |
||||||
|
-} |
||||||
|
- |
||||||
|
NSS_IMPLEMENT_DATA const NSSCKMDInstance |
||||||
|
pem_mdInstance = { |
||||||
|
(void *) NULL, /* etc */ |
||||||
|
@@ -855,6 +844,6 @@ pem_mdInstance = { |
||||||
|
pem_mdInstance_GetLibraryVersion, |
||||||
|
pem_mdInstance_ModuleHandlesSessionObjects, |
||||||
|
pem_mdInstance_GetSlots, |
||||||
|
- pem_mdInstance_WaitForSlotEvent, |
||||||
|
+ NULL, /* WaitForSlotEvent */ |
||||||
|
(void *) NULL /* null terminator */ |
||||||
|
}; |
||||||
|
diff --git a/src/pobject.c b/src/pobject.c |
||||||
|
index 6551d06..1227737 100644 |
||||||
|
--- a/src/pobject.c |
||||||
|
+++ b/src/pobject.c |
||||||
|
@@ -1212,6 +1212,7 @@ pem_CreateObject |
||||||
|
/* Brute force: find the id of the certificate, if any, in this slot */ |
||||||
|
int i; |
||||||
|
SECItem certDER; |
||||||
|
+ CK_SESSION_HANDLE hSession; |
||||||
|
PRBool added; |
||||||
|
|
||||||
|
nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_FALSE /* keys only */); |
||||||
|
@@ -1259,14 +1260,18 @@ pem_CreateObject |
||||||
|
* the token was removed so we can force a login. |
||||||
|
*/ |
||||||
|
if (cipher && added) { |
||||||
|
- /* remember the slot for pem_mdInstance_WaitForSlotEvent() */ |
||||||
|
- lastEventSlot = NSSCKFWSlot_GetMDSlot(fwSlot); |
||||||
|
- |
||||||
|
+ /* FIXME: Why 1.0s? Is it enough? Isn't it too much? |
||||||
|
+ * What about e.g. 3.14s? */ |
||||||
|
+ PRIntervalTime onesec = PR_SecondsToInterval(1); |
||||||
|
token_needsLogin[slotID - 1] = PR_TRUE; |
||||||
|
- /* FIXME: dirty hack relying on NSS internals */ |
||||||
|
- CK_SESSION_HANDLE hSession = |
||||||
|
- NSSCKFWInstance_FindSessionHandle(fwInstance, fwSession); |
||||||
|
- NSSCKFWInstance_DestroySessionHandle(fwInstance, hSession); |
||||||
|
+ |
||||||
|
+ /* We have to sleep so that NSS will notice that the token was |
||||||
|
+ * removed. |
||||||
|
+ */ |
||||||
|
+ PR_Sleep(onesec); |
||||||
|
+ hSession = |
||||||
|
+ NSSCKFWInstance_FindSessionHandle(fwInstance, fwSession); |
||||||
|
+ NSSCKFWInstance_DestroySessionHandle(fwInstance, hSession); |
||||||
|
} else { |
||||||
|
*pError = CKR_KEY_UNEXTRACTABLE; |
||||||
|
} |
||||||
|
-- |
||||||
|
2.9.3 |
||||||
|
|
@ -0,0 +1,63 @@ |
|||||||
|
Name: nss-pem |
||||||
|
Version: 1.0.3 |
||||||
|
Release: 4%{?dist} |
||||||
|
Summary: PEM file reader for Network Security Services (NSS) |
||||||
|
|
||||||
|
License: MPLv1.1 |
||||||
|
URL: https://github.com/kdudka/nss-pem |
||||||
|
Source0: https://github.com/kdudka/nss-pem/releases/download/%{name}-%{version}/%{name}-%{version}.tar.xz |
||||||
|
Patch1: 0001-nss-pem-1.0.3-drop-wait-for-slot-event-cb.patch |
||||||
|
|
||||||
|
BuildRequires: cmake |
||||||
|
BuildRequires: nss-pkcs11-devel |
||||||
|
|
||||||
|
# require at least the version of nss that nss-pem was built against (#1428965) |
||||||
|
Requires: nss%{?_isa} >= %(nss-config --version 2>/dev/null || echo 0) |
||||||
|
|
||||||
|
# make the nss-pem pkg conflict with all nss builds with bundled nss-pem |
||||||
|
Conflicts: nss%{?_isa} < 3.28.2-2.el7 |
||||||
|
|
||||||
|
%description |
||||||
|
PEM file reader for Network Security Services (NSS), implemented as a PKCS#11 |
||||||
|
module. |
||||||
|
|
||||||
|
%prep |
||||||
|
%setup -q |
||||||
|
%patch1 -p1 |
||||||
|
|
||||||
|
%build |
||||||
|
mkdir build |
||||||
|
cd build |
||||||
|
%cmake ../src |
||||||
|
make %{?_smp_mflags} VERBOSE=yes |
||||||
|
|
||||||
|
%install |
||||||
|
cd build |
||||||
|
make install DESTDIR=%{buildroot} |
||||||
|
|
||||||
|
%check |
||||||
|
cd build |
||||||
|
ctest %{?_smp_mflags} --output-on-failure |
||||||
|
|
||||||
|
%files |
||||||
|
%{_libdir}/libnsspem.so |
||||||
|
%license COPYING |
||||||
|
|
||||||
|
%changelog |
||||||
|
* Wed Apr 26 2017 Kamil Dudka <kdudka@redhat.com> 1.0.3-4 |
||||||
|
- fix missing prototypes detected by Covscan |
||||||
|
|
||||||
|
* Tue Apr 25 2017 Kamil Dudka <kdudka@redhat.com> 1.0.3-3 |
||||||
|
- remove implementation of the WaitForSlotEvent callback (#1445384) |
||||||
|
|
||||||
|
* Mon Mar 06 2017 Kamil Dudka <kdudka@redhat.com> 1.0.3-2 |
||||||
|
- require at least the version of nss that nss-pem was built against (#1428965) |
||||||
|
|
||||||
|
* Wed Mar 01 2017 Kamil Dudka <kdudka@redhat.com> 1.0.3-1 |
||||||
|
- update to latest upstream bugfix release (#1427917) |
||||||
|
|
||||||
|
* Tue Feb 14 2017 Kamil Dudka <kdudka@redhat.com> 1.0.2-2 |
||||||
|
- explicitly conflict with all nss builds with bundled nss-pem |
||||||
|
|
||||||
|
* Tue Jan 24 2017 Kamil Dudka <kdudka@redhat.com> 1.0.2-1 |
||||||
|
- imported into RHEL-7 |
Loading…
Reference in new issue