Date: Tuesday, November 1, 2022 @ 19:22:38
Author: foutrelis
Revision: 459965
archrelease: copy trunk to staging-x86_64
Added:
sbsigntools/repos/staging-x86_64/
sbsigntools/repos/staging-x86_64/PKGBUILD
(from rev 459964, sbsigntools/trunk/PKGBUILD)
sbsigntools/repos/staging-x86_64/keys/
sbsigntools/repos/staging-x86_64/openssl3.patch
(from rev 459964, sbsigntools/trunk/openssl3.patch)
----------------+
PKGBUILD | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
openssl3.patch | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 86 insertions(+)
Copied: sbsigntools/repos/staging-x86_64/PKGBUILD (from rev 459964,
sbsigntools/trunk/PKGBUILD)
===================================================================
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2022-11-01 19:22:38 UTC (rev 459965)
@@ -0,0 +1,51 @@
+# Maintainer: David Runge <[email protected]>
+# Contributor: Tobias Powalowski <[email protected]>
+# Contributor: Mico Tischler <mt-ml at gmx dot net>
+# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt)
(gemmaeiil) (ddoott) (ccoomm)>
+
+pkgname=sbsigntools
+pkgver=0.9.4
+pkgrel=2
+pkgdesc="Tools to add signatures to EFI binaries and Drivers"
+arch=('x86_64')
+url="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git/about";
+license=('GPL3')
+depends=('glibc' 'openssl')
+makedepends=('git' 'gnu-efi' 'help2man' 'util-linux-libs')
+source=("git+https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git#tag=v${pkgver}?signed";
+ "git+https://git.ozlabs.org/ccan";
+ openssl3.patch
+ )
+sha256sums=('SKIP'
+ 'SKIP'
+ '631336ec0687150c80aef32f296b50d322a5c461187c8456d89ae66f32a92718')
+validpgpkeys=('D5606E73C8B46271BEAD9ADF814AE47C214854D6') # James Bottomley
<[email protected]>
+
+prepare() {
+ cd ${pkgname}
+ patch -Np1 -i ../openssl3.patch
+ git submodule init
+ git config submodule."lib/ccan.git".url "${srcdir}/ccan"
+ git -c protocol.file.allow=always submodule update
+ ./autogen.sh
+}
+
+build() {
+ cd "${pkgname}"
+ CFLAGS+=' -Wno-error=deprecated-declarations'
+ ./configure --prefix="/usr" \
+ --bindir="/usr/bin" \
+ --sbindir="/usr/bin" \
+ --libexecdir="/usr/lib" \
+ --mandir="/usr/share/man" \
+ --sysconfdir="/etc"
+ make
+}
+
+package() {
+ depends+=('libuuid.so')
+ cd "${pkgname}"
+ make DESTDIR="${pkgdir}" install
+ install -vDm 644 {AUTHORS,ChangeLog,NEWS,README} \
+ -t "${pkgdir}/usr/share/doc/${pkgname}"
+}
Copied: sbsigntools/repos/staging-x86_64/openssl3.patch (from rev 459964,
sbsigntools/trunk/openssl3.patch)
===================================================================
--- staging-x86_64/openssl3.patch (rev 0)
+++ staging-x86_64/openssl3.patch 2022-11-01 19:22:38 UTC (rev 459965)
@@ -0,0 +1,35 @@
+Subject: [PATCH] Fix openssl-3.0 issue involving ASN1 xxx_it
+From: Jeremi Piotrowski <[email protected]>
+Origin: https://groups.io/g/sbsigntools/message/54
+
+Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.
+
+openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it` to
+`const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
+OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
+available. This change should have been transparent to the application, but
+only if the `ASN1_ITEM_rptr()` macro is used.
+
+This change passes `make check` with both openssl 1.1 and 3.0.
+
+Signed-off-by: Jeremi Piotrowski <[email protected]>
+---
+ src/idc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/idc.c b/src/idc.c
+index 6d87bd4..0a82218 100644
+--- a/src/idc.c
++++ b/src/idc.c
+@@ -189,7 +189,7 @@ int IDC_set(PKCS7 *p7, PKCS7_SIGNER_INFO *si, struct image
*image)
+
+ idc->data->type = OBJ_nid2obj(peid_nid);
+ idc->data->value = ASN1_TYPE_new();
+- type_set_sequence(image, idc->data->value, peid, &IDC_PEID_it);
++ type_set_sequence(image, idc->data->value, peid,
ASN1_ITEM_rptr(IDC_PEID));
+
+ idc->digest->alg->parameter = ASN1_TYPE_new();
+ idc->digest->alg->algorithm = OBJ_nid2obj(NID_sha256);
+--
+2.25.1
+
