Hello community, here is the log from the commit of package mokutil for openSUSE:Factory checked in at 2015-07-02 22:51:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mokutil (Old) and /work/SRC/openSUSE:Factory/.mokutil.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mokutil" Changes: -------- --- /work/SRC/openSUSE:Factory/mokutil/mokutil.changes 2014-11-12 00:20:59.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mokutil.new/mokutil.changes 2015-07-03 00:10:21.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Jun 30 08:43:45 UTC 2015 - glin@suse.com + +- Add mokutil-fshort-wchar.patch to make sure the UEFI strings are + UCS-2 encoding. + +------------------------------------------------------------------- New: ---- mokutil-fshort-wchar.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mokutil.spec ++++++ --- /var/tmp/diff_new_pack.5JDAfZ/_old 2015-07-03 00:10:22.000000000 +0200 +++ /var/tmp/diff_new_pack.5JDAfZ/_new 2015-07-03 00:10:22.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package mokutil # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,8 @@ Source: %{name}-%{version}.tar.bz2 # PATCH-FIX-UPSTREAM mokutil-fix-overflow.patch glin@suse.com -- Fix the potential buffer overflow Patch1: mokutil-fix-overflow.patch +# PATCH-FIX-UPSTREAM mokutil-fshort-wchar.patch glin@suse.com -- Add "-fshort-wchar" to make sure the UEFI strings are UCS-2 encoding +Patch2: mokutil-fshort-wchar.patch # OPENSUSE ONLY # PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate Patch100: mokutil-support-revoke-builtin-cert.patch @@ -50,9 +52,11 @@ %prep %setup -q %patch1 -p1 +%patch2 -p1 %patch100 -p1 %build +autoreconf %configure make ++++++ mokutil-fshort-wchar.patch ++++++
From 9eb111a7f7b897ba4ae19a68708e010a5c384260 Mon Sep 17 00:00:00 2001 From: Peter Jones
Date: Fri, 19 Jun 2015 16:53:36 -0400 Subject: [PATCH] Build with -fshort-wchar so toggle passwords work right.
This source tree uses:
typedef wchar_t efi_char16_t;
to define UEFI's UCS-2 character type. On many platforms, wchar_t is
32-bits by default. As a result, efichar_from_char winds up writing
4-byte characters instead of 2-byte characters. In the case where we
hash the password in mokutil, this works fine, because the same datatype
is used, and the values are the same. But for our feature toggles,
where we store the raw data and shim is interpretting the character
array, every other character winds up being L'\0', and verification
fails.
So always build with -fshort-wchar to ensure we get 2-byte character
storage.
Signed-off-by: Peter Jones