Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package p11-kit for openSUSE:Factory checked in at 2023-11-22 18:54:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/p11-kit (Old) and /work/SRC/openSUSE:Factory/.p11-kit.new.25432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "p11-kit" Wed Nov 22 18:54:14 2023 rev:46 rq:1127895 version:0.25.3 Changes: -------- --- /work/SRC/openSUSE:Factory/p11-kit/p11-kit.changes 2023-11-05 12:19:02.729690822 +0100 +++ /work/SRC/openSUSE:Factory/.p11-kit.new.25432/p11-kit.changes 2023-11-22 18:54:23.559100573 +0100 @@ -1,0 +2,7 @@ +Fri Nov 17 10:11:56 UTC 2023 - Pedro Monreal <pmonreal@suse.com> + +- Update to 0.25.3: + * rpc: fix serialization of NULL mechanism pointer [#601] + * fix meson build failure in macOS (appleframeworks not found) [#603] + +------------------------------------------------------------------- Old: ---- p11-kit-0.25.2.tar.xz p11-kit-0.25.2.tar.xz.sig New: ---- p11-kit-0.25.3.tar.xz p11-kit-0.25.3.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ p11-kit.spec ++++++ --- /var/tmp/diff_new_pack.08fvqP/_old 2023-11-22 18:54:25.079156359 +0100 +++ /var/tmp/diff_new_pack.08fvqP/_new 2023-11-22 18:54:25.079156359 +0100 @@ -21,7 +21,7 @@ %define trustdir_cfg %{pkidir_cfg}/trust %define trustdir_static %{pkidir_static}/trust Name: p11-kit -Version: 0.25.2 +Version: 0.25.3 Release: 0 Summary: Library to work with PKCS#11 modules License: BSD-3-Clause ++++++ p11-kit-0.25.2.tar.xz -> p11-kit-0.25.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/ChangeLog new/p11-kit-0.25.3/ChangeLog --- old/p11-kit-0.25.2/ChangeLog 2023-10-31 10:20:52.000000000 +0100 +++ new/p11-kit-0.25.3/ChangeLog 2023-11-15 13:43:08.000000000 +0100 @@ -1,5 +1,49 @@ # Generate automatically. Do not edit. +commit 917e02a3211dabbdea4b079cb598581dce84fda1 +Author: Zoltan Fridrich <zfridric@redhat.com> +Date: 2023-11-15 + + Release 0.25.3 + + Signed-off-by: Zoltan Fridrich <zfridric@redhat.com> + + NEWS | 4 ++++ + configure.ac | 4 ++-- + meson.build | 4 ++-- + 3 files changed, 8 insertions(+), 4 deletions(-) + +commit b7589ec79305f68b552ebb5cf2e4c6c3aa0703fa +Author: Zoltan Fridrich <zfridric@redhat.com> +Date: 2023-11-15 + + Fix meson build failure in macOS (appleframeworks not found) + + Signed-off-by: Zoltan Fridrich <zfridric@redhat.com> + + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 66f1fc7b8f60693e0947d5a9d38cd0d1bc306baa +Author: Daiki Ueno <ueno@gnu.org> +Date: 2023-11-15 + + rpc: Fix serialization of NULL mechanism pointer + + A NULL mechanism pointer is valid for C_*Init functions to cancel the + operation. Since 852ccd8d we encoded it with a CK_MECHANISM_TYPE 0 as + an indicator, though it clashes with CKM_RSA_PKCS_KEY_PAIR_GEN (0). + This patch changes the encoding to use a special value (0xffffffff) to + indicate that and also properly advance the offset when reading. + + Signed-off-by: Daiki Ueno <ueno@gnu.org> + + p11-kit/rpc-client.c | 8 ++++++-- + p11-kit/rpc-message.c | 10 ++++++++-- + p11-kit/rpc-server.c | 8 +++++++- + p11-kit/test-rpc.c | 27 +++++++++++++++++++++++++++ + 4 files changed, 48 insertions(+), 5 deletions(-) + commit 66d6b42ef8dd84fcd8e199ac9f23f822f1a058c9 Author: Zoltan Fridrich <zfridric@redhat.com> Date: 2023-10-31 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/NEWS new/p11-kit-0.25.3/NEWS --- old/p11-kit-0.25.2/NEWS 2023-10-31 10:14:42.000000000 +0100 +++ new/p11-kit-0.25.3/NEWS 2023-11-15 13:40:11.000000000 +0100 @@ -1,3 +1,7 @@ +0.25.3 (stable) +* rpc: fix serialization of NULL mechanism pointer [PR#601] +* fix meson build failure in macOS (appleframeworks not found) [PR#603] + 0.25.2 (stable) * fix error code checking of readpassphrase for --login option [PR#595] * build fixes [PR#594] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/configure new/p11-kit-0.25.3/configure --- old/p11-kit-0.25.2/configure 2023-10-31 10:18:59.000000000 +0100 +++ new/p11-kit-0.25.3/configure 2023-11-15 13:41:32.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for p11-kit 0.25.2. +# Generated by GNU Autoconf 2.71 for p11-kit 0.25.3. # # Report bugs to <https://github.com/p11-glue/p11-kit/issues>. # @@ -621,8 +621,8 @@ # Identity of this package. PACKAGE_NAME='p11-kit' PACKAGE_TARNAME='p11-kit' -PACKAGE_VERSION='0.25.2' -PACKAGE_STRING='p11-kit 0.25.2' +PACKAGE_VERSION='0.25.3' +PACKAGE_STRING='p11-kit 0.25.3' PACKAGE_BUGREPORT='https://github.com/p11-glue/p11-kit/issues' PACKAGE_URL='https://p11-glue.github.io/p11-glue/p11-kit.html' @@ -1491,7 +1491,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures p11-kit 0.25.2 to adapt to many kinds of systems. +\`configure' configures p11-kit 0.25.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1562,7 +1562,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of p11-kit 0.25.2:";; + short | recursive ) echo "Configuration of p11-kit 0.25.3:";; esac cat <<\_ACEOF @@ -1748,7 +1748,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -p11-kit configure 0.25.2 +p11-kit configure 0.25.3 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2405,7 +2405,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by p11-kit $as_me 0.25.2, which was +It was created by p11-kit $as_me 0.25.3, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -3172,7 +3172,7 @@ # ? : +1 : ? == internal changes that doesn't break anything. P11KIT_CURRENT=3 -P11KIT_REVISION=0 +P11KIT_REVISION=1 P11KIT_AGE=3 # ------------------------------------------------------------------------------ @@ -3702,7 +3702,7 @@ # Define the identity of the package. PACKAGE='p11-kit' - VERSION='0.25.2' + VERSION='0.25.3' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -21239,7 +21239,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by p11-kit $as_me 0.25.2, which was +This file was extended by p11-kit $as_me 0.25.3, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21308,7 +21308,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -p11-kit config.status 0.25.2 +p11-kit config.status 0.25.3 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/configure.ac new/p11-kit-0.25.3/configure.ac --- old/p11-kit-0.25.2/configure.ac 2023-10-31 10:14:42.000000000 +0100 +++ new/p11-kit-0.25.3/configure.ac 2023-11-15 13:40:11.000000000 +0100 @@ -1,7 +1,7 @@ AC_PREREQ(2.61) AC_INIT([p11-kit], - [0.25.2], + [0.25.3], [https://github.com/p11-glue/p11-kit/issues], [p11-kit], [https://p11-glue.github.io/p11-glue/p11-kit.html]) @@ -14,7 +14,7 @@ # ? : +1 : ? == internal changes that doesn't break anything. P11KIT_CURRENT=3 -P11KIT_REVISION=0 +P11KIT_REVISION=1 P11KIT_AGE=3 # ------------------------------------------------------------------------------ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/doc/manual/html/index.html new/p11-kit-0.25.3/doc/manual/html/index.html --- old/p11-kit-0.25.2/doc/manual/html/index.html 2023-10-31 10:20:51.000000000 +0100 +++ new/p11-kit-0.25.3/doc/manual/html/index.html 2023-11-15 13:43:08.000000000 +0100 @@ -14,7 +14,7 @@ <div class="titlepage"> <div> <div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">p11-kit</p></th></tr></table></div> -<div><p class="releaseinfo">for p11-kit 0.25.2</p></div> +<div><p class="releaseinfo">for p11-kit 0.25.3</p></div> </div> <hr> </div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/meson.build new/p11-kit-0.25.3/meson.build --- old/p11-kit-0.25.2/meson.build 2023-10-31 10:14:42.000000000 +0100 +++ new/p11-kit-0.25.3/meson.build 2023-11-15 13:40:11.000000000 +0100 @@ -1,5 +1,5 @@ project('p11-kit', 'c', - version: '0.25.2', + version: '0.25.3', meson_version: '>= 0.51') version_arr = meson.project_version().split('.') @@ -10,7 +10,7 @@ cc = meson.get_compiler('c') current = 3 -revision = 0 +revision = 1 age = 3 soversion = current - age @@ -67,7 +67,7 @@ if cc.has_function('dgettext', dependencies : libintl) libintl_deps += libintl if ['darwin', 'ios'].contains(host_system) - appleframeworks = dependency('appleframeworks', modules : 'foundation') + appleframeworks = dependency('appleframeworks', modules : 'CoreFoundation') if appleframeworks.found() libintl_deps += appleframeworks endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/p11-kit/rpc-client.c new/p11-kit-0.25.3/p11-kit/rpc-client.c --- old/p11-kit-0.25.2/p11-kit/rpc-client.c 2023-10-24 14:58:49.000000000 +0200 +++ new/p11-kit-0.25.3/p11-kit/rpc-client.c 2023-11-15 11:57:26.000000000 +0100 @@ -430,9 +430,13 @@ /* Make sure this is in the right order */ assert (!msg->signature || p11_rpc_message_verify_part (msg, "M")); - /* This case is valid for C_*Init () functions to cancel operation */ + /* + * The NULL mechanism is used for C_*Init () functions to + * cancel operation. We use a special value 0xffffffff as a + * marker to indicate that. + */ if (mech == NULL) { - p11_rpc_buffer_add_uint32 (msg->output, 0); + p11_rpc_buffer_add_uint32 (msg->output, 0xffffffff); return p11_buffer_failed (msg->output) ? CKR_HOST_MEMORY : CKR_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/p11-kit/rpc-message.c new/p11-kit-0.25.3/p11-kit/rpc-message.c --- old/p11-kit-0.25.2/p11-kit/rpc-message.c 2023-10-26 11:56:44.000000000 +0200 +++ new/p11-kit-0.25.3/p11-kit/rpc-message.c 2023-11-15 11:57:27.000000000 +0100 @@ -2114,8 +2114,14 @@ mech->mechanism = mechanism; - /* special NULL case */ - if (mechanism == 0) { + /* + * The NULL mechanism is used for C_*Init () functions to + * cancel operation. We use a special value 0xffffffff as a + * marker to indicate that. + */ + if (mechanism == 0xffffffff) { + mech->ulParameterLen = 0; + mech->pParameter = NULL; return true; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/p11-kit/rpc-server.c new/p11-kit-0.25.3/p11-kit/rpc-server.c --- old/p11-kit-0.25.2/p11-kit/rpc-server.c 2023-10-24 14:58:49.000000000 +0200 +++ new/p11-kit-0.25.3/p11-kit/rpc-server.c 2023-11-15 11:57:27.000000000 +0100 @@ -480,8 +480,14 @@ return PARSE_ERROR; } - if (temp.mechanism == 0) { + /* + * The NULL mechanism is used for C_*Init () functions to + * cancel operation. We use a special value 0xffffffff as a + * marker to indicate that. + */ + if (temp.mechanism == 0xffffffff) { *mech = NULL; + msg->parsed = offset; return CKR_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/p11-kit/test-rpc.c new/p11-kit-0.25.3/p11-kit/test-rpc.c --- old/p11-kit-0.25.2/p11-kit/test-rpc.c 2023-10-24 14:58:49.000000000 +0200 +++ new/p11-kit-0.25.3/p11-kit/test-rpc.c 2023-11-15 11:57:27.000000000 +0100 @@ -675,6 +675,31 @@ p11_mutex_uninit (&delay_mutex); } +static void +test_mechanism_unsupported (void *module) +{ + CK_FUNCTION_LIST_PTR rpc_module; + CK_SESSION_HANDLE session; + CK_MECHANISM mech; + CK_RV rv; + + rpc_module = setup_test_rpc_module (&test_normal_vtable, + module, &session); + + memset (&mech, 0, sizeof(mech)); + + /* + * This mechanism is not supported by the remote mock module, + * but it should be able to return an error through RPC. + */ + mech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; + + rv = (rpc_module->C_DigestInit) (session, &mech); + assert_num_eq (rv, CKR_MECHANISM_INVALID); + + teardown_mock_module (rpc_module); +} + #ifdef OS_UNIX static void @@ -759,6 +784,7 @@ p11_testx (test_get_info_stand_in, &mock_module_no_slots, "/rpc/get-info-stand-in"); p11_testx (test_get_slot_list_no_device, &mock_module_no_slots, "/rpc/get-slot-list-no-device"); p11_testx (test_simultaneous_functions, &mock_module_no_slots, "/rpc/simultaneous-functions"); + p11_testx (test_mechanism_unsupported, &mock_module, "/rpc/mechanism-unsupported"); #ifdef OS_UNIX p11_testx (test_fork_and_reinitialize, &mock_module_no_slots, "/rpc/fork-and-reinitialize"); @@ -778,6 +804,7 @@ p11_testx (test_get_info_stand_in, &mock_module_v3_no_slots, "/rpc3/get-info-stand-in"); p11_testx (test_get_slot_list_no_device, &mock_module_v3_no_slots, "/rpc3/get-slot-list-no-device"); p11_testx (test_simultaneous_functions, &mock_module_v3_no_slots, "/rpc3/simultaneous-functions"); + p11_testx (test_mechanism_unsupported, &mock_module_v3, "/rpc3/mechanism-unsupported"); #ifdef OS_UNIX p11_testx (test_fork_and_reinitialize, &mock_module_v3_no_slots, "/rpc3/fork-and-reinitialize"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/p11-kit-0.25.2/po/p11-kit.pot new/p11-kit-0.25.3/po/p11-kit.pot --- old/p11-kit-0.25.2/po/p11-kit.pot 2023-10-31 10:20:49.000000000 +0100 +++ new/p11-kit-0.25.3/po/p11-kit.pot 2023-11-15 13:43:06.000000000 +0100 @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: p11-kit 0.25.2\n" +"Project-Id-Version: p11-kit 0.25.3\n" "Report-Msgid-Bugs-To: https://github.com/p11-glue/p11-kit/issues\n" -"POT-Creation-Date: 2023-10-31 10:20+0100\n" +"POT-Creation-Date: 2023-11-15 13:43+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -943,19 +943,19 @@ msgid "returned attributes in invalid order" msgstr "" -#: p11-kit/rpc-client.c:741 trust/module.c:384 +#: p11-kit/rpc-client.c:745 trust/module.c:384 msgid "invalid set of mutex calls supplied" msgstr "" -#: p11-kit/rpc-client.c:750 trust/module.c:393 +#: p11-kit/rpc-client.c:754 trust/module.c:393 msgid "can't do without os locking" msgstr "" -#: p11-kit/rpc-client.c:763 +#: p11-kit/rpc-client.c:767 msgid "C_Initialize called twice for same process" msgstr "" -#: p11-kit/rpc-client.c:870 +#: p11-kit/rpc-client.c:874 #, c-format msgid "finalizing rpc module returned an error: %lu" msgstr "" @@ -982,52 +982,52 @@ msgid "invalid length space padded string received: %d != %d" msgstr "" -#: p11-kit/rpc-server.c:614 +#: p11-kit/rpc-server.c:620 msgid "invalid request from module, probably too short" msgstr "" -#: p11-kit/rpc-server.c:624 +#: p11-kit/rpc-server.c:630 msgid "couldn't initialize rpc response" msgstr "" -#: p11-kit/rpc-server.c:761 +#: p11-kit/rpc-server.c:767 msgid "invalid handshake received from connecting module" msgstr "" -#: p11-kit/rpc-server.c:2318 +#: p11-kit/rpc-server.c:2324 msgid "couldn't parse pkcs11 rpc message" msgstr "" -#: p11-kit/rpc-server.c:2430 +#: p11-kit/rpc-server.c:2436 msgid "out of memory error putting together message" msgstr "" -#: p11-kit/rpc-server.c:2454 +#: p11-kit/rpc-server.c:2460 msgid "out of memory responding with error" msgstr "" -#: p11-kit/rpc-server.c:2500 +#: p11-kit/rpc-server.c:2506 #, c-format msgid "unsupported version received: %d" msgstr "" -#: p11-kit/rpc-server.c:2506 +#: p11-kit/rpc-server.c:2512 msgid "couldn't read credential byte" msgstr "" -#: p11-kit/rpc-server.c:2518 +#: p11-kit/rpc-server.c:2524 msgid "couldn't write credential byte" msgstr "" -#: p11-kit/rpc-server.c:2541 +#: p11-kit/rpc-server.c:2547 msgid "failed to read rpc message" msgstr "" -#: p11-kit/rpc-server.c:2546 +#: p11-kit/rpc-server.c:2552 msgid "unexpected error handling rpc message" msgstr "" -#: p11-kit/rpc-server.c:2564 +#: p11-kit/rpc-server.c:2570 msgid "failed to write rpc message" msgstr ""