Hello community, here is the log from the commit of package pesign for openSUSE:Factory checked in at 2013-12-03 14:27:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pesign (Old) and /work/SRC/openSUSE:Factory/.pesign.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign" Changes: -------- --- /work/SRC/openSUSE:Factory/pesign/pesign.changes 2013-10-24 14:11:08.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pesign.new/pesign.changes 2013-12-03 14:27:10.000000000 +0100 @@ -1,0 +2,6 @@ +Thu Nov 7 09:17:04 UTC 2013 - [email protected] + +- Add pesign-no-db.patch to allow some commands to proceed without + a NSS database. + +------------------------------------------------------------------- New: ---- pesign-no-db.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pesign.spec ++++++ --- /var/tmp/diff_new_pack.a4NV6K/_old 2013-12-03 14:27:10.000000000 +0100 +++ /var/tmp/diff_new_pack.a4NV6K/_new 2013-12-03 14:27:10.000000000 +0100 @@ -34,6 +34,8 @@ Patch4: pesign-clear-padding-bits.patch # PATCH-FIX-SUSE use-standard-pid-location.patch [email protected] --Use standard /run instead of /var/run for pidfile Patch6: use-standard-pid-location.patch +# PATCH-FIX-UPSTREAM pesign-no-db.patch [email protected] -- Allow some commands to proceed without a NSS database +Patch7: pesign-no-db.patch BuildRequires: mozilla-nss-devel BuildRequires: pkg-config BuildRequires: popt-devel @@ -59,6 +61,7 @@ %patch3 -p1 %patch4 -p1 %patch6 -p1 +%patch7 -p1 %build make OPTFLAGS="$RPM_OPT_FLAGS" ++++++ pesign-no-db.patch ++++++ >From b55ecad4b6ec280d7d17caa5e02c20a7391b8a05 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <[email protected]> Date: Thu, 7 Nov 2013 16:58:04 +0800 Subject: [PATCH] Allow some commands to proceed without a NSS db The NSS db is not necessary to calculate the hash, to show the signature or to export the signed attributes. Signed-off-by: Gary Ching-Pang Lin <[email protected]> --- src/pesign.c | 91 +++++++++++++++++++++++++++++++++++------------------------- 1 file changed, 53 insertions(+), 38 deletions(-) diff --git a/src/pesign.c b/src/pesign.c index c7313a6..0cd47a8 100644 --- a/src/pesign.c +++ b/src/pesign.c @@ -405,6 +405,7 @@ main(int argc, char *argv[]) int daemon = 0; int fork = 1; int padding = 0; + int need_db = 0; char *digest_name = "sha256"; char *tokenname = "NSS Certificate DB"; @@ -526,8 +527,59 @@ main(int argc, char *argv[]) } } + int action = 0; + if (daemon) + action |= DAEMONIZE; + + if (ctxp->rawsig) { + action |= IMPORT_RAW_SIGNATURE; + need_db = 1; + } + + if (ctxp->insattrs) + action |= IMPORT_SATTRS; + + if (ctxp->outsattrs) + action |= EXPORT_SATTRS; + + if (ctxp->insig) + action |= IMPORT_SIGNATURE; + + if (ctxp->outkey) { + action |= EXPORT_PUBKEY; + need_db = 1; + } + + if (ctxp->outcert) { + action |= EXPORT_CERT; + need_db = 1; + } + + if (ctxp->outsig) + action |= EXPORT_SIGNATURE; + + if (remove != 0) + action |= REMOVE_SIGNATURE; + + if (list != 0) + action |= LIST_SIGNATURES; + + if (ctxp->sign) { + action |= GENERATE_SIGNATURE; + if (!(action & EXPORT_SIGNATURE)) + action |= IMPORT_SIGNATURE; + need_db = 1; + } + + if (ctxp->hash) + action |= GENERATE_DIGEST|PRINT_DIGEST; + if (!daemon) { - SECStatus status = NSS_Init(certdir); + SECStatus status; + if (need_db) + status = NSS_Init(certdir); + else + status = NSS_NoDB_Init(NULL); if (status != SECSuccess) { fprintf(stderr, "Could not initialize nss: %s\n", PORT_ErrorToString(PORT_GetError())); @@ -571,42 +623,8 @@ main(int argc, char *argv[]) if (certname) free(certname); - int action = 0; - if (daemon) - action |= DAEMONIZE; - - if (ctxp->rawsig) - action |= IMPORT_RAW_SIGNATURE; - - if (ctxp->insattrs) - action |= IMPORT_SATTRS; - - if (ctxp->outsattrs) - action |= EXPORT_SATTRS; - - if (ctxp->insig) - action |= IMPORT_SIGNATURE; - - if (ctxp->outkey) - action |= EXPORT_PUBKEY; - - if (ctxp->outcert) - action |= EXPORT_CERT; - - if (ctxp->outsig) - action |= EXPORT_SIGNATURE; - - if (remove != 0) - action |= REMOVE_SIGNATURE; - - if (list != 0) - action |= LIST_SIGNATURES; if (ctxp->sign) { - action |= GENERATE_SIGNATURE; - if (!(action & EXPORT_SIGNATURE)) - action |= IMPORT_SIGNATURE; - if (!ctxp->cms_ctx->certname) { fprintf(stderr, "pesign: signing requested but no " "certificate nickname provided\n"); @@ -614,9 +632,6 @@ main(int argc, char *argv[]) } } - if (ctxp->hash) - action |= GENERATE_DIGEST|PRINT_DIGEST; - ssize_t sigspace = 0; switch (action) { -- 1.8.1.4 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
