rpms
/
p11-kit
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f37-riscv64
rpms:f37
rpms:main
rpms:f36
rpms:f35
rpms:f32
rpms:f33
rpms:f34
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f20-gnome-3-12
rpms:f19
rpms:f18
rpms:f17
rpms:f16
...
pull from: rpms:f26
Branches Tags
rpms:f37-riscv64
rpms:f37
rpms:main
rpms:rawhide
rpms:f36
rpms:f35
rpms:f32
rpms:f33
rpms:f34
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f20-gnome-3-12
rpms:f19
rpms:f18
rpms:f17
rpms:f16

8 Commits
rawhide ... f26

Author SHA1 Message Date
Daiki Ueno 69572929bc Update to 0.23.10-1 
- Update to upstream 0.23.10 release
 2018-02-28 11:34:34 +01:00
Daiki Ueno e4e4f5629c Update to 0.23.9-2 
- server: Make it possible to eval envvar settings
 2017-10-05 17:27:55 +02:00
Daiki Ueno b07aba67cf Update to 0.23.9-1 
- Update to upstream 0.23.9 release
 2017-10-04 13:21:48 +02:00
Stef Walter 9ace4b154a tests: Add initial integration test for p11-kit 
These are documented here and will be used to ensure that p11-kit
works as expected.

https://fedoraproject.org/wiki/CI

This is just the first such test. Feel free to edit it if there
are mistakes or add others, or check out the docs:

https://fedoraproject.org/wiki/CI/Tests
 2017-09-21 00:39:49 +02:00
Daiki Ueno d16a588ec4 Remove unused patch 2017-08-15 16:01:53 +02:00
Daiki Ueno 6b58b6728e Update to 0.23.8 release 2017-08-15 15:59:33 +02:00
Daiki Ueno e6da7f0a69 Update p11-kit-modifiable.patch to simplify the logic 2017-05-18 14:52:14 +02:00
Daiki Ueno edbdcfe8dd Make "trust anchor --remove" work again 2017-05-18 13:16:00 +02:00
8 changed files with 144 additions and 4 deletions
Show Stats Expand all files Collapse all files

8
.gitignore vendored
View File

@ -3,3 +3,11 @@
/*.src.rpm
/p11-kit-0.*/
/x86_64/
/trust-extract-compat
/p11-kit-0.23.9.tar.gz
/p11-kit-client.service
/trust-extract-compat
/p11-kit-0.23.9.tar.gz
/p11-kit-client.service
/trust-extract-compat
/p11-kit-0.23.10.tar.gz

11
p11-kit-client.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=p11-kit client
[Service]
Type=oneshot
RemainAfterExit=true
RuntimeDirectory=p11-kit
ExecStart=/usr/bin/true
[Install]
WantedBy=default.target

33
p11-kit.spec
View File

@ -1,17 +1,22 @@
# This spec file has been automatically updated
Version: 0.23.10
Release: 1%{?dist}
Name: p11-kit
Version: 0.23.5
Release: 1%{?dist}
Summary: Library for loading and sharing PKCS#11 modules
License: BSD
URL: http://p11-glue.freedesktop.org/p11-kit.html
Source0: https://github.com/p11-glue/p11-kit/releases/download/%{version}/p11-kit-%{version}.tar.gz
Source1: trust-extract-compat
Source2: p11-kit-client.service
BuildRequires: libtasn1-devel >= 2.3
BuildRequires: libffi-devel
BuildRequires: gtk-doc
BuildRequires: systemd
# Work around for https://bugzilla.redhat.com/show_bug.cgi?id=1497147
# Remove this once it is fixed
BuildRequires: pkgconfig(glib-2.0)
%description
p11-kit provides a way to load and enumerate PKCS#11 modules, as well
@ -60,7 +65,7 @@ feature is still experimental.
%prep
%setup -q
%autosetup -p1
%build
# These paths are the source paths that come from the plan here:
@ -76,6 +81,8 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/pkcs11/*.la
install -p -m 755 %{SOURCE1} $RPM_BUILD_ROOT%{_libexecdir}/p11-kit/
# Install the example conf with %%doc instead
rm $RPM_BUILD_ROOT%{_sysconfdir}/pkcs11/pkcs11.conf.example
mkdir -p $RPM_BUILD_ROOT%{_userunitdir}
install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_userunitdir}
%check
make check
@ -123,16 +130,36 @@ fi
%files trust
%{_bindir}/trust
%dir %{_libdir}/pkcs11
%ghost %{_libdir}/libnssckbi.so
%{_libdir}/pkcs11/p11-kit-trust.so
%{_datadir}/p11-kit/modules/p11-kit-trust.module
%{_libexecdir}/p11-kit/trust-extract-compat
%files server
%{_libdir}/pkcs11/p11-kit-client.so
%{_userunitdir}/p11-kit-client.service
%{_libexecdir}/p11-kit/p11-kit-server
%changelog
* Wed Feb 28 2018 Daiki Ueno <dueno@redhat.com> - 0.23.10-1
- Update to upstream 0.23.10 release
* Thu Oct 05 2017 Daiki Ueno <dueno@redhat.com> - 0.23.9-2
- server: Make it possible to eval envvar settings
* Wed Oct 04 2017 Daiki Ueno <dueno@redhat.com> - 0.23.9-1
- Update to upstream 0.23.9 release
* Tue Aug 15 2017 Daiki Ueno <dueno@redhat.com> - 0.23.8-1
- Update to 0.23.8 release
* Thu May 18 2017 Daiki Ueno <dueno@redhat.com> - 0.23.5-3
- Update p11-kit-modifiable.patch to simplify the logic
* Thu May 18 2017 Daiki Ueno <dueno@redhat.com> - 0.23.5-2
- Make "trust anchor --remove" work again
* Thu Mar 2 2017 Daiki Ueno <dueno@redhat.com> - 0.23.5-1
- Update to 0.23.5 release
- Rename -tools subpackage to -server and remove systemd unit files

4
sources
View File

@ -1 +1,3 @@
SHA512 (p11-kit-0.23.5.tar.gz) = 5276db3c9bb14d5e0441e7b781033b1684edfc1d4da88a9c9ce501ed1f6121918d3afe6725ceb0e2d65fc253c2f9eebf37c3380741de6c1b09cec06ae86417a7
SHA512 (p11-kit-client.service) = 0f08618851c6eafb35c630957044fc96324be4d3828cdd2aa9b5d6e1245549197ca5b969d6a2f735c893d73c02e885cdc3205bd43e37f6124ebc6cfa61970d3b
SHA512 (trust-extract-compat) = 91210705f9bcf1a13c0de1ca9943e3ac68296bfcb7953fc59241de060247b470b39be6e914dd4d92e38a78d5df0962c83315ad78f8c0eade8e62d884b05fdd42
SHA512 (p11-kit-0.23.10.tar.gz) = 42a004613f951e4e18c10cd204bcba348267cc7b3ae0d9f26d69012b086af446947660575d5751539b8d4dd77fa9b684054ad5ac978119e0a2e94fcdf9842178

2
tests/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*.retry
artifacts/

14
tests/tests.yml Normal file
View File

@ -0,0 +1,14 @@
---
# This first play always runs on the local staging system
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- classic
- atomic
- container
tests:
- trust-anchor-complains-about-invalid-attribute-and
required_packages:
- openssl
- p11-kit

17
tests/trust-anchor-complains-about-invalid-attribute-and/PURPOSE Normal file
View File

@ -0,0 +1,17 @@
PURPOSE of /CoreOS/p11-kit/trust-anchor-complains-about-invalid-attribute-and
Description: Test for trust anchor complains about invalid attribute and
Author: Hubert Kario <hkario@redhat.com>
Bug summary: trust anchor complains about invalid attribute and fails when a new certificate tries to store into trust place
Steps to Reproduce:
1. /etc/pki/tls/certs/make-dummy-cert mycert-tmp.pem
2. openssl x509 -in mycert-tmp.pem -addtrust clientAuth -addtrust serverAuth -addtrust emailProtection -out mycert.pem
3. trust anchor --store mycert.pem
Actual results:
p11-kit: the CKA_TRUSTED attribute is not valid for the object
p11-kit: couldn't create object: Certain fields have invalid values
Expected results:
Certificate is stored in trust place.

59
tests/trust-anchor-complains-about-invalid-attribute-and/runtest.sh Executable file
View File

@ -0,0 +1,59 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/p11-kit/trust-anchor-complains-about-invalid-attribute-and
# Description: Test for trust anchor complains about invalid attribute and
# Author: Hubert Kario <hkario@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="p11-kit"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "rlFileBackup --clean /etc/pki"
rlPhaseEnd
rlPhaseStartTest
DUMMY_MAKER_BIN="/etc/pki/tls/certs/make-dummy-cert"
[ -x /usr/bin/make-dummy-cert ] && DUMMY_MAKER_BIN="/usr/bin/make-dummy-cert"
rlRun "$DUMMY_MAKER_BIN mycert-tmp.pem"
rlRun "openssl x509 -in mycert-tmp.pem -addtrust clientAuth -addtrust serverAuth -addtrust emailProtection -out mycert.pem"
rlAssertNotExists "/etc/pki/ca-trust/source/localhost.localdomain.p11-kit"
rlRun -s "trust anchor --store mycert.pem"
rlAssertNotGrep "p11-kit:" $rlRun_LOG
rlAssertExists "/etc/pki/ca-trust/source/localhost.localdomain.p11-kit"
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rlFileRestore"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd