[arch-commits] Commit in lib32-p11-kit/trunk (2 files)
Jan Steffens
heftig at archlinux.org
Fri Jan 24 21:56:58 UTC 2020
Date: Friday, January 24, 2020 @ 21:56:58
Author: heftig
Revision: 555373
0.23.19-2: FS#64401 Drop the custom libnssckbi and use p11-kit-trust proper
Modified:
lib32-p11-kit/trunk/PKGBUILD
Deleted:
lib32-p11-kit/trunk/0001-Build-and-install-libnssckbi-p11-kit.so.patch
----------------------------------------------------+
0001-Build-and-install-libnssckbi-p11-kit.so.patch | 100 -------------------
PKGBUILD | 19 ---
2 files changed, 5 insertions(+), 114 deletions(-)
Deleted: 0001-Build-and-install-libnssckbi-p11-kit.so.patch
===================================================================
--- 0001-Build-and-install-libnssckbi-p11-kit.so.patch 2020-01-24 21:56:54 UTC (rev 555372)
+++ 0001-Build-and-install-libnssckbi-p11-kit.so.patch 2020-01-24 21:56:58 UTC (rev 555373)
@@ -1,100 +0,0 @@
-From 5bc704e6a0de57d451cf551d74fa8543fc7ec9a0 Mon Sep 17 00:00:00 2001
-From: "Jan Alexander Steffens (heftig)" <jan.steffens at gmail.com>
-Date: Tue, 10 Sep 2019 18:08:25 +0000
-Subject: [PATCH] Build and install libnssckbi-p11-kit.so
-
-Create an additional library which is a copy of p11-kit-trust.so but
-uses the same label for root certs as libnssckbi.so:
- "Builtin Object Token" instead of "Default Trust".
-
-https://bugs.freedesktop.org/show_bug.cgi?id=66161
----
- trust/Makefile.am | 14 ++++++++++++++
- trust/meson.build | 13 +++++++++++++
- trust/module.c | 12 +++++++++++-
- 3 files changed, 38 insertions(+), 1 deletion(-)
-
-diff --git a/trust/Makefile.am b/trust/Makefile.am
-index b050a8f..4943aba 100644
---- a/trust/Makefile.am
-+++ b/trust/Makefile.am
-@@ -66,6 +66,20 @@ p11_kit_trust_la_LDFLAGS = \
-
- p11_kit_trust_la_SOURCES = $(TRUST_SRCS) trust/module-init.c
-
-+libnssckbi_compatdir = $(libdir)
-+libnssckbi_compat_LTLIBRARIES = \
-+ libnssckbi-p11-kit.la
-+
-+libnssckbi_p11_kit_la_CFLAGS = \
-+ -DLIBNSSCKBI_COMPAT \
-+ $(p11_kit_trust_la_CFLAGS)
-+
-+libnssckbi_p11_kit_la_LIBADD = $(p11_kit_trust_la_LIBADD)
-+
-+libnssckbi_p11_kit_la_LDFLAGS = $(p11_kit_trust_la_LDFLAGS)
-+
-+libnssckbi_p11_kit_la_SOURCES = $(p11_kit_trust_la_SOURCES)
-+
- libtrust_testable_la_LDFLAGS = \
- -no-undefined
-
-diff --git a/trust/meson.build b/trust/meson.build
-index c5b978b..14993e5 100644
---- a/trust/meson.build
-+++ b/trust/meson.build
-@@ -58,6 +58,19 @@ shared_module('p11-kit-trust',
- install: true,
- install_dir: prefix / p11_module_path)
-
-+shared_module('libnssckbi-p11-kit',
-+ libtrust_sources,
-+ 'module-init.c',
-+ name_prefix: '',
-+ c_args: p11_kit_trust_c_args + ['-DLIBNSSCKBI_COMPAT'],
-+ dependencies: [libp11_library_dep] + libtasn1_deps,
-+ link_args: p11_module_ldflags,
-+ link_depends: [p11_module_symbol_map,
-+ p11_module_symbol_def],
-+ link_with: libtrust_data,
-+ vs_module_defs: p11_module_symbol_def,
-+ install: true)
-+
- libtrust_testable_c_args = [
- '-DP11_DEFAULT_TRUST_PREFIX="@0@"'.format(meson.current_build_dir() / 'default'),
- '-DP11_SYSTEM_TRUST_PREFIX="@0@"'.format(meson.current_build_dir() / 'system')
-diff --git a/trust/module.c b/trust/module.c
-index ec3333d..9204673 100644
---- a/trust/module.c
-+++ b/trust/module.c
-@@ -201,7 +201,11 @@ create_tokens_inlock (p11_array *tokens,
- int flags;
- } labels[] = {
- { "~/", "User Trust", P11_TOKEN_FLAG_NONE },
-+#ifdef LIBNSSCKBI_COMPAT
-+ { P11_DEFAULT_TRUST_PREFIX, "Builtin Object Token", P11_TOKEN_FLAG_WRITE_PROTECTED },
-+#else
- { P11_DEFAULT_TRUST_PREFIX, "Default Trust", P11_TOKEN_FLAG_WRITE_PROTECTED },
-+#endif
- { P11_SYSTEM_TRUST_PREFIX, "System Trust", P11_TOKEN_FLAG_NONE },
- { NULL },
- };
-@@ -534,8 +538,14 @@ sys_C_GetSlotInfo (CK_SLOT_ID id,
- info->flags = CKF_TOKEN_PRESENT;
- memcpy ((char*)info->manufacturerID, MANUFACTURER_ID, 32);
-
-+#ifdef LIBNSSCKBI_COMPAT
-+ /* Change description to match libnssckbi so HPKP works in Chromium */
-+ if (strcmp (p11_token_get_label (token), "Builtin Object Token") == 0)
-+ path = "NSS Builtin Objects";
-+ else
-+#endif
-+ path = p11_token_get_path (token);
- /* If too long, copy the first 64 characters into buffer */
-- path = p11_token_get_path (token);
- length = strlen (path);
- if (length > sizeof (info->slotDescription))
- length = sizeof (info->slotDescription);
---
-2.23.0
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-01-24 21:56:54 UTC (rev 555372)
+++ PKGBUILD 2020-01-24 21:56:58 UTC (rev 555373)
@@ -3,30 +3,21 @@
pkgname=lib32-p11-kit
pkgver=0.23.19
-pkgrel=1
+pkgrel=2
pkgdesc="Provides a way to load and enumerate PKCS#11 modules (32-bit)"
arch=(x86_64)
url="https://p11-glue.freedesktop.org"
license=(BSD)
-depends=(lib32-glibc lib32-libtasn1 lib32-libffi lib32-systemd p11-kit)
-makedepends=(git meson)
+depends=(lib32-glibc lib32-libtasn1 lib32-libffi p11-kit)
+makedepends=(git meson lib32-systemd)
provides=(libp11-kit.so)
-_commit=b0ebe7555c291808db29377ba79cb8326301f0a6 # tags/0.23.18.1^0
-source=("git+https://github.com/p11-glue/p11-kit?signed#tag=$pkgver"
- 0001-Build-and-install-libnssckbi-p11-kit.so.patch)
-sha256sums=('SKIP'
- 'e832eece10587ac50ae42ca4515786b51e67fea0647716061e51cd94f5e058cd')
+source=("git+https://github.com/p11-glue/p11-kit?signed#tag=$pkgver")
+sha256sums=('SKIP')
validpgpkeys=('C0F67099B808FB063E2C81117BFB1108D92765AF' # Stef Walter
'462225C3B46F34879FC8496CD605848ED7E69871') # Daiki Ueno
prepare() {
cd p11-kit
-
- # Build and install an additional library (libnssckbi-p11-kit.so) which
- # is a copy of p11-kit-trust.so but uses the same label for root certs as
- # libnssckbi.so ("Builtin Object Token" instead of "Default Trust")
- # https://bugs.freedesktop.org/show_bug.cgi?id=66161
- patch -Np1 -i ../0001-Build-and-install-libnssckbi-p11-kit.so.patch
}
build() {
More information about the arch-commits
mailing list