Hello community,
here is the log from the commit of package pesign for openSUSE:Factory checked in at 2013-02-25 21:41:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pesign (Old)
and /work/SRC/openSUSE:Factory/.pesign.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign", Maintainer is "GLin@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/pesign/pesign.changes 2013-02-22 16:57:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.pesign.new/pesign.changes 2013-02-25 21:41:15.000000000 +0100
@@ -1,0 +2,13 @@
+Mon Feb 25 07:35:59 UTC 2013 - glin@suse.com
+
+- Update pesign-bnc805166-fix-signature-list.patch to skip the
+ unneeded private key request. (bnc#805166c#17)
+
+-------------------------------------------------------------------
+Sat Feb 23 04:47:48 UTC 2013 - jlee@suse.com
+
+- Modified pesign-bnc805166-fix-signature-list.patch, block out the
+ source code for find/attach Issuer certificate
+ (bnc#805166 comment#13)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pesign-bnc805166-fix-signature-list.patch ++++++
--- /var/tmp/diff_new_pack.3LK5SK/_old 2013-02-25 21:41:17.000000000 +0100
+++ /var/tmp/diff_new_pack.3LK5SK/_new 2013-02-25 21:41:17.000000000 +0100
@@ -1,39 +1,53 @@
-commit 63c6ad572b3c1a7041dc581072421c2c94ff5d35
-Author: Gary Ching-Pang Lin
-Date: Fri Feb 22 15:13:08 2013 +0800
-
- Backport patches to fix signature list
-
- Get cms_context out of wincert functions.
- ee357451be9968cedda57ce13b103eb82c590e67
-
- Rework siglist to be somewhat more useful.
- a5ec0d2cd06dec0961fc3fed680e7e385dc5bec8
-
- Don't allow our signature list iterator to walk off the end of the file.
- 18980866e7952100d98510297c0e1cc25fca8fc8
-
- Include old signatures in new space calculations.
- 77d334d77435d64e88fcc772b5b58440b394584a
-
- Make implanting extracted certificates work again.
- 5ceddd2f80dfea70d211236190943746c2d2f77b
-
- Add error handling macros to make code simpler.
- 0bafa814b49a9556550cfbc373e0ea5b9edb929e
-
- Add is_issuer_of(cert, cert) helper function.
- 7750aaeceb2655807788f8e45417e84cb5404a8e
-
- Add "find_named_certificate()" helper function.
- c89c8dbf7929f8f8f36bc1c4045fcc17d5ce7e5c
-
- Make generate_certificate_list include the issuing certificate.
- 8c3d82ceb5029bedfee1577682fec5ff3669ff3c
-
- Fix a casting problem on 32-bit.
-
- 9eb2814858270af2d7ecfbfa5ca131e7be2f9f53
+From 4956251d79904be08c4012fa06c14434f8e706ed Mon Sep 17 00:00:00 2001
+From: Gary Ching-Pang Lin
+Date: Fri, 22 Feb 2013 15:13:08 +0800
+Subject: [PATCH 1/2] Backport patches to fix signature list
+
+Get cms_context out of wincert functions.
+ee357451be9968cedda57ce13b103eb82c590e67
+
+Rework siglist to be somewhat more useful.
+a5ec0d2cd06dec0961fc3fed680e7e385dc5bec8
+
+Don't allow our signature list iterator to walk off the end of the file.
+18980866e7952100d98510297c0e1cc25fca8fc8
+
+Include old signatures in new space calculations.
+77d334d77435d64e88fcc772b5b58440b394584a
+
+Make implanting extracted certificates work again.
+5ceddd2f80dfea70d211236190943746c2d2f77b
+
+Add error handling macros to make code simpler.
+0bafa814b49a9556550cfbc373e0ea5b9edb929e
+
+Add is_issuer_of(cert, cert) helper function.
+7750aaeceb2655807788f8e45417e84cb5404a8e
+
+Add "find_named_certificate()" helper function.
+c89c8dbf7929f8f8f36bc1c4045fcc17d5ce7e5c
+
+Make generate_certificate_list include the issuing certificate.
+8c3d82ceb5029bedfee1577682fec5ff3669ff3c
+
+Fix a casting problem on 32-bit.
+9eb2814858270af2d7ecfbfa5ca131e7be2f9f53
+---
+ libdpe/pe_addcert.c | 2 +-
+ libdpe/pe_updatefile.c | 13 ++++++-
+ src/actions.c | 12 +------
+ src/actions.h | 2 +-
+ src/cms_common.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++
+ src/cms_common.h | 32 ++++++++++++++++-
+ src/daemon.c | 6 ++--
+ src/pesign.c | 35 +++++++++++++++---
+ src/peverify.c | 7 ++--
+ src/siglist.c | 46 +++++++++++++++++++-----
+ src/siglist.h | 3 +-
+ src/signed_data.c | 53 +++++++++++++++++++++------
+ src/wincert.c | 65 +++++++++++++++++++++++----------
+ src/wincert.h | 8 +++--
+ 14 files changed, 312 insertions(+), 65 deletions(-)
diff --git a/libdpe/pe_addcert.c b/libdpe/pe_addcert.c
index e391242..b6ba969 100644
@@ -779,3 +793,33 @@
+
#endif /* PESIGN_WINCERT_H */
+--
+1.7.10.4
+
+
+From 8d86f6db19be98538fd5397a9de5f7d06733746e Mon Sep 17 00:00:00 2001
+From: Gary Ching-Pang Lin
+Date: Mon, 25 Feb 2013 10:43:09 +0800
+Subject: [PATCH 2/2] Don't request the private key in
+ find_named_certificate() when importing a raw signature
+
+---
+ src/cms_common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/cms_common.c b/src/cms_common.c
+index 3b2e71a..642cc86 100644
+--- a/src/cms_common.c
++++ b/src/cms_common.c
+@@ -498,7 +498,7 @@ find_named_certificate(cms_context *cms, char *name, CERTCertificate **cert)
+ }
+
+ SECStatus status;
+- if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
++ if (!cms->privkey_unneeded && PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
+ status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
+ if (status != SECSuccess) {
+ PK11_DestroySlotListElement(slots, &psle);
+--
+1.7.10.4
+
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org