!20 update version to 0.21.0

From: @zou_lin77 Reviewed-by: @zhujianwei001 Signed-off-by: @zhujianwei001
2021-01-26 18:52:53 +08:00 · 2021-01-26 18:52:53 +08:00 · 37c8331343
commit 37c8331343
parent 07d1883ebb e7d8295438
6 changed files with 8 additions and 147 deletions
--- a/backport-CVE-2020-26570-Heap-buffer-overflow-WRITE.patch
+++ b/backport-CVE-2020-26570-Heap-buffer-overflow-WRITE.patch
@ -1,36 +0,0 @@
-From 6903aebfddc466d966c7b865fae34572bf3ed23e Mon Sep 17 00:00:00 2001
-From: Frank Morgner <frankmorgner@gmail.com>
-Date: Thu, 30 Jul 2020 02:21:17 +0200
-Subject: [PATCH] Heap-buffer-overflow WRITE
-
-fixes https://oss-fuzz.com/testcase-detail/5088104168554496
---
- src/libopensc/pkcs15-oberthur.c | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
-diff --git a/src/libopensc/pkcs15-oberthur.c b/src/libopensc/pkcs15-oberthur.c
-index a873aaa..2fb32b8 100644
--- a/src/libopensc/pkcs15-oberthur.c
-+++ b/src/libopensc/pkcs15-oberthur.c
-@@ -271,11 +271,15 @@ sc_oberthur_read_file(struct sc_pkcs15_card *p15card, const char *in_path,
- 		rv = sc_read_binary(card, 0, *out, sz, 0);
- 	}
- 	else	{
-		int rec;
-		int offs = 0;
-		int rec_len = file->record_length;
-+		size_t rec;
-+		size_t offs = 0;
-+		size_t rec_len = file->record_length;
- 
- 		for (rec = 1; ; rec++)   {
-+			if (rec > file->record_count) {
-+				rv = 0;
-+				break;
-+			}
- 			rv = sc_read_record(card, rec, *out + offs + 2, rec_len, SC_RECORD_BY_REC_NR);
- 			if (rv == SC_ERROR_RECORD_NOT_FOUND)   {
- 				rv = 0;
-- 
-1.8.3.1
-
--- a/backport-CVE-2020-26571-fixed-invalid-read.patch
+++ b/backport-CVE-2020-26571-fixed-invalid-read.patch
@ -1,44 +0,0 @@
-From ed55fcd2996930bf58b9bb57e9ba7b1f3a753c43 Mon Sep 17 00:00:00 2001
-From: Frank Morgner <frankmorgner@gmail.com>
-Date: Mon, 18 May 2020 17:25:32 +0200
-Subject: [PATCH] fixed invalid read
-
-fixes https://oss-fuzz.com/testcase-detail/5765246676631552
---
- src/libopensc/pkcs15-gemsafeGPK.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/libopensc/pkcs15-gemsafeGPK.c b/src/libopensc/pkcs15-gemsafeGPK.c
-index e13f3b8798..4b80daf2a1 100644
--- a/src/libopensc/pkcs15-gemsafeGPK.c
-+++ b/src/libopensc/pkcs15-gemsafeGPK.c
-@@ -205,7 +205,7 @@ static int sc_pkcs15emu_gemsafeGPK_init(sc_pkcs15_card_t *p15card)
- 
- 	u8 sysrec[7];
- 	int num_keyinfo = 0;
-	keyinfo kinfo[8]; /* will loook for 8 keys */
-+	keyinfo kinfo[9]; /* will look for 9 keys */
- 	u8 modulus_buf[ 1 + 1024 / 8]; /* tag+modulus */
- 	u8 *cp;
- 	char buf[256];
-@@ -255,9 +255,9 @@ static int sc_pkcs15emu_gemsafeGPK_init(sc_pkcs15_card_t *p15card)
- 
- 	/* There may be more then one key in the directory. */
- 	/* we need to find them so we can associate them with the */
-	/* the certificate.  The files are 0007 to 000f */
-+	/* the certificate.  The files are 0007 to 000F */
- 
-	for (i = 7; i < 16; i++) {
-+	for (i = 0x7; i <= 0xF; i++) {
- 		path.value[0] = 0x00;
- 		path.value[1] = i;
- 		path.len = 2;	
-@@ -297,7 +297,7 @@ static int sc_pkcs15emu_gemsafeGPK_init(sc_pkcs15_card_t *p15card)
- 		while (j--) 
- 			*cp++ =  modulus_buf[j + 1];
- 		num_keyinfo++;
-	} 
-+	}
- 
- 	/* Get the gemsafe data with the cert */
- 	 sc_format_path("3F000200004", &path);
--- a/myeid-fixed-memory-leak.patch
+++ b/myeid-fixed-memory-leak.patch
@ -1,61 +0,0 @@
-From b119781b0218cdbc5b5a060f9a4e8555a25c8b1d Mon Sep 17 00:00:00 2001
-From: Frank Morgner <frankmorgner@gmail.com>
-Date: Wed, 29 Jan 2020 13:34:22 +0100
-Subject: [PATCH] myeid: fixed memory leak
-
-Credits to OSS-Fuzz
-
-Fixes https://oss-fuzz.com/testcase-detail/5671550682660864
---
- src/libopensc/card-myeid.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/src/libopensc/card-myeid.c b/src/libopensc/card-myeid.c
-index 57779ec..677e068 100644
--- a/src/libopensc/card-myeid.c
-+++ b/src/libopensc/card-myeid.c
-@@ -176,6 +176,7 @@ static int myeid_init(struct sc_card *card)
- 	size_t resp_len = 0;
- 	static struct sc_aid myeid_aid = { "\xA0\x00\x00\x00\x63\x50\x4B\x43\x53\x2D\x31\x35", 0x0C };
- 	int rv = 0;
-+	void *old_drv_data = card->drv_data;
- 
- 	LOG_FUNC_CALLED(card->ctx);
- 
-@@ -200,14 +201,14 @@ static int myeid_init(struct sc_card *card)
- 
- 	/* Ensure that the MyEID applet is selected. */	
- 	rv = myeid_select_aid(card, &myeid_aid, NULL, &resp_len);
-	LOG_TEST_RET(card->ctx, rv, "Failed to select MyEID applet.");
-+	LOG_TEST_GOTO_ERR(card->ctx, rv, "Failed to select MyEID applet.");
- 
- 	/* find out MyEID version */
- 
- 	appletInfoLen = 20;
- 
- 	if (0 > myeid_get_info(card, appletInfo, appletInfoLen))
-		LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_CARD, "Failed to get MyEID applet information.");
-+		LOG_TEST_GOTO_ERR(card->ctx, SC_ERROR_INVALID_CARD, "Failed to get MyEID applet information.");
- 
- 	priv->change_counter = appletInfo[19] | appletInfo[18] << 8;
- 
-@@ -286,7 +287,15 @@ static int myeid_init(struct sc_card *card)
- 		card->max_recv_size = 255;
- 	card->max_send_size = 255;
- 
-	LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
-+	rv = SC_SUCCESS;
-+
-+err:
-+	if (rv < 0) {
-+		free(priv);
-+		card->drv_data = old_drv_data;
-+	}
-+
-+	LOG_FUNC_RETURN(card->ctx, rv);
- }
- 
- static const struct sc_card_operations *iso_ops = NULL;
-- 
-1.8.3.1
-
--- a/opensc-0.20.0.tar.gz
+++ b/opensc-0.20.0.tar.gz
--- a/opensc-0.21.0.tar.gz
+++ b/opensc-0.21.0.tar.gz
--- a/opensc.spec
+++ b/opensc.spec
@ -2,16 +2,13 @@
 %define nssdb %{_sysconfdir}/pki/nssdb

 Name:            opensc
-Version:         0.20.0
-Release:         6
+Version:         0.21.0
+Release:         1
 License:         LGPLv2.1+
 Summary:         Smart card library and applications
 URL:             https://github.com/OpenSC/OpenSC/wiki
 Source0:         https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz

-Patch0:          myeid-fixed-memory-leak.patch
-Patch1:          backport-CVE-2020-26570-Heap-buffer-overflow-WRITE.patch
-Patch2:          backport-CVE-2020-26571-fixed-invalid-read.patch 

 BuildRequires:   openssl-devel pcsc-lite-devel bash-completion docbook-style-xsl readline-devel
 BuildRequires:   desktop-file-utils /usr/bin/xsltproc autoconf automake libtool gcc
@ -60,6 +57,8 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libsmm-local.so
 rm -rf %{buildroot}%{_bindir}/npa-tool
 rm -f $RPM_BUILD_ROOT%{_libdir}/libopensc.so
 rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/opensc
+rm -rf %{buildroot}%{_bindir}/pkcs11-register
+rm -rf %{buildroot}%{_mandir}/man1/pkcs11-register.1*

 desktop-file-validate %{buildroot}/%{_datadir}/applications/org.opensc.notify.desktop

@ -79,6 +78,7 @@ make check
 %{_mandir}/man1/egk-tool.1*
 %{_mandir}/man1/eidenv.1*
 %{_mandir}/man1/gids-tool.1*
+%{_mandir}/man1/goid-tool.1*
 %{_mandir}/man1/iasecc-tool.1*
 %{_mandir}/man1/netkey-tool.1*
 %{_mandir}/man1/openpgp-tool.1*
@ -115,7 +115,6 @@ make check
 %{_bindir}/opensc-notify
 %{_bindir}/piv-tool
 %{_bindir}/pkcs11-tool
-%{_bindir}/pkcs11-register
 %{_bindir}/pkcs15-crypt
 %{_bindir}/pkcs15-init
 %{_bindir}/pkcs15-tool
@ -135,6 +134,9 @@ make check
 %{_sysconfdir}/xdg/autostart/pkcs11-register.desktop

 %changelog
+* Mon Jan 25 2021 zoulin <zoulin13@huawei.com> - 0.21.0-1
+- Update to 0.21.0
+
 * Sat Jan 23 2021 zoulin <zoulin13@huawei.com> - 0.20.0-6
 - fix CVE-2020-26571