From 5b5fe59439a21aefcd3459707a9ec12b568a4b0e Mon Sep 17 00:00:00 2001 From: milisarge Date: Tue, 13 Jun 2017 19:36:34 +0300 Subject: [PATCH] p11-kit --- .../genel/p11-kit/libnssckbi-compat.patch | 57 +++++++++++++++++++ talimatname/genel/p11-kit/talimat | 26 +++++---- 2 files changed, 72 insertions(+), 11 deletions(-) create mode 100644 talimatname/genel/p11-kit/libnssckbi-compat.patch diff --git a/talimatname/genel/p11-kit/libnssckbi-compat.patch b/talimatname/genel/p11-kit/libnssckbi-compat.patch new file mode 100644 index 000000000..d1b70a3bb --- /dev/null +++ b/talimatname/genel/p11-kit/libnssckbi-compat.patch @@ -0,0 +1,57 @@ +diff -upr p11-kit-0.23.1.orig/trust/Makefile.am p11-kit-0.23.1/trust/Makefile.am +--- p11-kit-0.23.1.orig/trust/Makefile.am 2014-11-12 12:58:50.000000000 +0200 ++++ p11-kit-0.23.1/trust/Makefile.am 2015-03-30 16:43:35.275993032 +0300 +@@ -61,6 +61,20 @@ p11_kit_trust_la_LDFLAGS = \ + + p11_kit_trust_la_SOURCES = $(TRUST_SRCS) + ++libnssckbi_compatdir = $(libdir) ++libnssckbi_compat_LTLIBRARIES = \ ++ libnssckbi-p11-kit.la ++ ++libnssckbi_p11_kit_la_CFLAGS = \ ++ -DLIBNSSCKBI_COMPAT \ ++ $(p11_kit_trust_la_CFLAGS) ++ ++libnssckbi_p11_kit_la_LIBADD = $(p11_kit_trust_la_LIBADD) ++ ++libnssckbi_p11_kit_la_LDFLAGS = $(p11_kit_trust_la_LDFLAGS) ++ ++libnssckbi_p11_kit_la_SOURCES = $(p11_kit_trust_la_SOURCES) ++ + libtrust_testable_la_LDFLAGS = \ + -no-undefined + +diff -upr p11-kit-0.23.1.orig/trust/module.c p11-kit-0.23.1/trust/module.c +--- p11-kit-0.23.1.orig/trust/module.c 2014-12-16 12:24:01.000000000 +0200 ++++ p11-kit-0.23.1/trust/module.c 2015-03-30 16:48:41.370360130 +0300 +@@ -196,7 +196,11 @@ create_tokens_inlock (p11_array *tokens, + const char *label; + } labels[] = { + { "~/", "User Trust" }, ++#ifdef LIBNSSCKBI_COMPAT ++ { DATA_DIR, "Builtin Object Token" }, ++#else + { DATA_DIR, "Default Trust" }, ++#endif + { SYSCONFDIR, "System Trust" }, + { NULL }, + }; +@@ -521,9 +525,15 @@ sys_C_GetSlotInfo (CK_SLOT_ID id, + info->flags = CKF_TOKEN_PRESENT; + strncpy ((char*)info->manufacturerID, MANUFACTURER_ID, 32); + +- /* If too long, copy the first 64 characters into buffer */ +- path = p11_token_get_path (token); ++#ifdef LIBNSSCKBI_COMPAT ++ /* Change description to match libnssckbi so HPKP works in Chromium */ ++ if (strcmp (p11_token_get_label (token), "Builtin Object Token" ) == 0) ++ path = "NSS Builtin Objects"; ++ else ++#endif ++ path = p11_token_get_path (token); + length = strlen (path); ++ /* If too long, copy the first 64 characters into buffer */ + if (length > sizeof (info->slotDescription)) + length = sizeof (info->slotDescription); + memset (info->slotDescription, ' ', sizeof (info->slotDescription)); diff --git a/talimatname/genel/p11-kit/talimat b/talimatname/genel/p11-kit/talimat index 29c902cb5..a7b1bbdde 100644 --- a/talimatname/genel/p11-kit/talimat +++ b/talimatname/genel/p11-kit/talimat @@ -4,19 +4,23 @@ # Depends on: libffi libtasn1 name=p11-kit -version=0.23.2 +version=0.23.7 release=1 -source=(http://p11-glue.freedesktop.org/releases/$name-$version.tar.gz) +source=(https://github.com/p11-glue/p11-kit/archive/$version.tar.gz + libnssckbi-compat.patch) build() { -cd $name-$version -./configure --prefix=/usr \ ---sysconfdir=/etc -make -make DESTDIR=$PKG install -rm -r $PKG/usr/share -if [ -f $PKG/etc/pkcs11/pkcs11.conf.example ]; then - mv $PKG/etc/pkcs11/pkcs11.conf{.example,} -fi + cd $name-$version + patch -Np1 -i ../libnssckbi-compat.patch + NOCONFIGURE=1 ./autogen.sh + ./configure --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --libexecdir=/usr/lib \ + --with-module-path=/usr/lib/pkcs11 \ + --with-trust-paths=/etc/ca-certificates/trust-source:/usr/share/ca-certificates/trust-source:/etc/ssl + make + make DESTDIR="$PKG" install + ln -srf "$PKG/usr/bin/update-ca-trust" "$PKG/usr/lib/p11-kit/trust-extract-compat" }