rpms/ecryptfs-utils/F-11 ecryptfs-utils-75-werror.patch, 1.6, 1.7 ecryptfs-utils.spec, 1.54, 1.55
Michal Hlavinka
mhlavink at fedoraproject.org
Mon Mar 22 09:14:48 UTC 2010
- Previous message: rpms/ecryptfs-utils/F-12 ecryptfs-utils-75-werror.patch, 1.4, 1.5 ecryptfs-utils.spec, 1.60, 1.61
- Next message: rpms/rply/devel RPLYConfig.cmake.in, NONE, 1.1 rply_cmake_export_cmakelists.txt, NONE, 1.1 import.log, 1.1, 1.2 rply.spec, 1.1, 1.2 rply_CMakeLists.txt, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mhlavink
Update of /cvs/pkgs/rpms/ecryptfs-utils/F-11
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv16274
Modified Files:
ecryptfs-utils-75-werror.patch ecryptfs-utils.spec
Log Message:
* Mon Mar 22 2010 Michal Hlavinka <mhlavink at redhat.com> - 83-2
- enable PKCS#11 support
ecryptfs-utils-75-werror.patch:
key_mod/ecryptfs_key_mod_pkcs11_helper.c | 39 +++++++++++++++----------------
libecryptfs/ecryptfs-stat.c | 2 -
pam_ecryptfs/pam_ecryptfs.c | 35 ++-------------------------
3 files changed, 23 insertions(+), 53 deletions(-)
Index: ecryptfs-utils-75-werror.patch
===================================================================
RCS file: /cvs/pkgs/rpms/ecryptfs-utils/F-11/ecryptfs-utils-75-werror.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- ecryptfs-utils-75-werror.patch 18 Feb 2010 10:33:21 -0000 1.6
+++ ecryptfs-utils-75-werror.patch 22 Mar 2010 09:14:48 -0000 1.7
@@ -1,6 +1,149 @@
+diff -up ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c
+--- ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2010-03-22 09:14:49.758683763 +0100
++++ ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2010-03-22 09:21:16.957387907 +0100
+@@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize(
+ pkcs11h_data->serialized_id = NULL;
+ }
+ else {
+- pkcs11h_data->serialized_id = blob + i;
++ pkcs11h_data->serialized_id = (char *)blob + i;
+ i += serialized_id_length;
+ }
+ pkcs11h_data->certificate_blob_size = blob[i++] % 256;
+@@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize(
+ pkcs11h_data->passphrase = NULL;
+ }
+ else {
+- pkcs11h_data->passphrase = blob + i;
++ pkcs11h_data->passphrase = (char *)blob + i;
+ i += passphrase_length;
+ }
+
+ rc = 0;
+-out:
+ return rc;
+ }
+
+@@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig(
+ data[i++] = '\02';
+ data[i++] = (char)(nbits >> 8);
+ data[i++] = (char)nbits;
+- BN_bn2bin(rsa->n, &(data[i]));
++ BN_bn2bin(rsa->n, (unsigned char *)&(data[i]));
+ i += nbytes;
+ data[i++] = (char)(ebits >> 8);
+ data[i++] = (char)ebits;
+- BN_bn2bin(rsa->e, &(data[i]));
++ BN_bn2bin(rsa->e, (unsigned char *)&(data[i]));
+ i += ebytes;
+- SHA1(data, len + 3, hash);
+- to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
++ SHA1((unsigned char *)data, len + 3, (unsigned char *)hash);
++ to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE);
+ sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+
+ rc = 0;
+@@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char
+ if (
+ (rc = RSA_public_encrypt(
+ from_size,
+- from,
+- to,
++ (unsigned char *)from,
++ (unsigned char *)to,
+ rsa,
+ RSA_PKCS1_PADDING
+ )) == -1
+@@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char
+ (rv = pkcs11h_certificate_decryptAny (
+ certificate,
+ CKM_RSA_PKCS,
+- from,
++ (unsigned char *)from,
+ from_size,
+- to,
++ (unsigned char *)to,
+ to_size
+ )) != CKR_OK
+ ) {
+@@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char
+ pkcs11h_certificate_decryptAny (
+ certificate,
+ CKM_RSA_PKCS,
+- from,
++ (unsigned char *)from,
+ from_size,
+- tmp,
++ (unsigned char *)tmp,
+ to_size
+ );
+
+@@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key(
+ rc = MOUNT_ERROR;
+ goto out;
+ }
+- if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob,
++ if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob,
+ &subgraph_key_ctx->key_mod->blob_size,
+ pkcs11h_data))) {
+ syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc);
+@@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st
+
+ rc = DEFAULT_TOK;
+ node->val = NULL;
+-out:
++// out:
+ return rc;
+ }
+
+@@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st
+
+ rc = DEFAULT_TOK;
+ node->val = NULL;
+-out:
++// out:
+ return rc;
+ }
+
+@@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth
+ sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication);
+ rc = DEFAULT_TOK;
+ node->val = NULL;
+-out:
++
+ return rc;
+ }
+
+@@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv
+ sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private);
+ rc = DEFAULT_TOK;
+ node->val = NULL;
+-out:
++
+ return rc;
+ }
+
+@@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m
+
+ rc = DEFAULT_TOK;
+ node->val = NULL;
+-out:
++
+ return rc;
+ }
+
+@@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc
+ free(subgraph_provider_ctx);
+ *foo = NULL;
+ rc = DEFAULT_TOK;
+-out:
++
+ return rc;
+ }
+
diff -up ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c
--- ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c.werror 2009-10-20 20:49:55.000000000 +0200
-+++ ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c 2010-02-18 10:40:45.447667184 +0100
++++ ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c 2010-03-22 09:13:24.003425916 +0100
@@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_
if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
@@ -12,7 +155,7 @@ diff -up ecryptfs-utils-83/src/libecrypt
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
diff -up ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c
--- ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c.werror 2010-02-16 18:01:43.000000000 +0100
-+++ ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c 2010-02-18 10:41:48.792416776 +0100
++++ ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c 2010-03-22 09:13:24.003425916 +0100
@@ -43,31 +43,6 @@
#define PRIVATE_DIR "Private"
Index: ecryptfs-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ecryptfs-utils/F-11/ecryptfs-utils.spec,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -p -r1.54 -r1.55
--- ecryptfs-utils.spec 18 Feb 2010 10:33:21 -0000 1.54
+++ ecryptfs-utils.spec 22 Mar 2010 09:14:48 -0000 1.55
@@ -3,7 +3,7 @@
Name: ecryptfs-utils
Version: 83
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: The eCryptfs mount helper and support libraries
Group: System Environment/Base
License: GPLv2+
@@ -28,6 +28,7 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{na
Requires: keyutils, cryptsetup-luks, e2fsprogs
BuildRequires: libgcrypt-devel keyutils-libs-devel openssl-devel pam-devel
BuildRequires: trousers-devel nss-devel desktop-file-utils intltool
+BuildRequires: pkcs11-helper-devel
%description
eCryptfs is a stacked cryptographic filesystem that ships in Linux
@@ -66,7 +67,7 @@ the interface supplied by the ecryptfs-u
%build
export CFLAGS="$RPM_OPT_FLAGS -ggdb -O2 -Werror"
-%configure --disable-rpath --enable-tspi --enable-nss --enable-static
+%configure --disable-rpath --enable-tspi --enable-nss --enable-statis --enable-pkcs11-helper
make clean
#disable rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
@@ -182,6 +183,9 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so
%changelog
+* Mon Mar 22 2010 Michal Hlavinka <mhlavink at redhat.com> - 83-2
+- enable PKCS#11 support
+
* Wed Jan 27 2010 Michal Hlavinka <mhlavink at redhat.com> - 83-1
- updated to v. 83
- Previous message: rpms/ecryptfs-utils/F-12 ecryptfs-utils-75-werror.patch, 1.4, 1.5 ecryptfs-utils.spec, 1.60, 1.61
- Next message: rpms/rply/devel RPLYConfig.cmake.in, NONE, 1.1 rply_cmake_export_cmakelists.txt, NONE, 1.1 import.log, 1.1, 1.2 rply.spec, 1.1, 1.2 rply_CMakeLists.txt, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list