Hello community, here is the log from the commit of package shim for openSUSE:Factory checked in at 2013-03-08 13:40:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shim (Old) and /work/SRC/openSUSE:Factory/.shim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "shim", Maintainer is "GLin@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/shim/shim.changes 2013-03-05 13:08:10.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.shim.new/shim.changes 2013-03-08 13:40:38.000000000 +0100 @@ -1,0 +2,8 @@ +Fri Mar 8 06:53:47 UTC 2013 - glin@suse.com + +- Add shim-bnc807760-change-pxe-2nd-loader-name.patch to change the + PXE 2nd stage loader name (bnc#807760) +- Add shim-bnc808106-correct-certcount.patch to correct the + certificate count of the signature list (bnc#808106) + +------------------------------------------------------------------- New: ---- shim-bnc807760-change-pxe-2nd-loader-name.patch shim-bnc808106-correct-certcount.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shim.spec ++++++ --- /var/tmp/diff_new_pack.6sdEcn/_old 2013-03-08 13:40:40.000000000 +0100 +++ /var/tmp/diff_new_pack.6sdEcn/_new 2013-03-08 13:40:40.000000000 +0100 @@ -57,6 +57,10 @@ Patch11: shim-bnc804631-fix-broken-bootpath.patch # PATCH-FIX-UPSTREAM shim-bnc798043-no-doulbe-separators.patch bnc#798043 glin@suse.com -- Remove all double-separators from the bootpath Patch12: shim-bnc798043-no-doulbe-separators.patch +# PATCH-FIX-UPSTREAM shim-bnc807760-change-pxe-2nd-loader-name.patch bnc#807760 glin@suse.com -- Change the PXE 2nd stage loader to match the filename we are using +Patch13: shim-bnc807760-change-pxe-2nd-loader-name.patch +# PATCH-FIX-UPSTREAM shim-bnc808106-correct-certcount.patch bnc#808106 glin@suse.com -- Correct the certifcate count of the signature list +Patch14: shim-bnc808106-correct-certcount.patch BuildRequires: gnu-efi >= 3.0q BuildRequires: mozilla-nss-tools BuildRequires: openssl >= 0.9.8 @@ -90,6 +94,8 @@ %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 %build chmod +x "make-certs" ++++++ shim-bnc807760-change-pxe-2nd-loader-name.patch ++++++
From 8222b5f6dd8ff34368173b86ae6108cb792802a7 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin
Date: Thu, 7 Mar 2013 11:59:44 +0800 Subject: [PATCH] Define the PXE 2nd stage loader in the beginning of the file
Make it easier to change the PXE 2nd stage loader. --- netboot.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/netboot.c b/netboot.c index 90fb9cb..ae723c7 100644 --- a/netboot.c +++ b/netboot.c @@ -39,6 +39,7 @@ #include "shim.h" #include "netboot.h" +#define DEFAULT_LOADER "/grub.efi" static inline unsigned short int __swap16(unsigned short int x) { @@ -238,7 +239,7 @@ static BOOLEAN extract_tftp_info(char *url) { char *start, *end; char ip6str[128]; - char *template = "/grubx64.efi"; + char *template = DEFAULT_LOADER; if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { Print(L"URLS MUST START WITH tftp://\n"); @@ -294,9 +295,11 @@ static EFI_STATUS parseDhcp6() static EFI_STATUS parseDhcp4() { - char *template = "/grubx64.efi"; - char *tmp = AllocatePool(16); + char *template = DEFAULT_LOADER; + char *tmp; + int len = strlen((CHAR8 *)template); + tmp = AllocatePool(len+1); if (!tmp) return EFI_OUT_OF_RESOURCES; @@ -304,8 +307,7 @@ static EFI_STATUS parseDhcp4() memcpy(&tftp_addr.v4, pxe->Mode->DhcpAck.Dhcpv4.BootpSiAddr, 4); - memcpy(tmp, template, 12); - tmp[13] = '\0'; + memcpy(tmp, template, len+1); full_path = tmp; /* Note we don't capture the filename option here because we know its shim.efi -- 1.7.10.4 ++++++ shim-bnc808106-correct-certcount.patch ++++++
From 822b44b8d978449a43fb2cd7bcd1381d961d0b25 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin
Date: Fri, 8 Mar 2013 14:44:50 +0800 Subject: [PATCH] Correct the certificate count of the signature list
--- shim.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/shim.c b/shim.c index c36b641..1daa84b 100644 --- a/shim.c +++ b/shim.c @@ -228,7 +228,7 @@ static CHECK_STATUS check_db_cert_in_ram(EFI_SIGNATURE_LIST *CertList, while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) { if (CompareGuid (&CertList->SignatureType, &CertType) == 0) { - CertCount = (CertList->SignatureListSize - CertList->SignatureHeaderSize) / CertList->SignatureSize; + CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize; Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize); for (Index = 0; Index < CertCount; Index++) { IsFound = AuthenticodeVerify (data->CertData, @@ -293,7 +293,7 @@ static CHECK_STATUS check_db_hash_in_ram(EFI_SIGNATURE_LIST *CertList, BOOLEAN IsFound = FALSE; while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) { - CertCount = (CertList->SignatureListSize - CertList->SignatureHeaderSize) / CertList->SignatureSize; + CertCount = (CertList->SignatureListSize -sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize; Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize); if (CompareGuid(&CertList->SignatureType, &CertType) == 0) { for (Index = 0; Index < CertCount; Index++) { -- 1.7.10.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org