Группа :: Система/Библиотеки
Пакет: libp11
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: libp11-0.4.12-alt.patch
Скачать
Скачать
configure.ac | 2 +-
src/eng_front.c | 28 ++++++++++++++++++++++++----
tests/pkcs11-uri-without-token.softhsm | 13 ++++++++-----
tests/search-all-matching-tokens.softhsm | 14 +++++++++-----
4 files changed, 42 insertions(+), 15 deletions(-)
diff --git a/configure.ac b/configure.ac
index ce71673..4f86572 100644
--- a/configure.ac
+++ b/configure.ac
@@ -33,7 +33,7 @@ AC_C_BIGENDIAN
# issues with applications linking to new openssl, old libp11, and vice versa
case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \
$PKG_CONFIG --modversion openssl`" in
- 3.0.*) # Predicted engines directory prefix for OpenSSL 3.x
+ 3.*) # Predicted engines directory prefix for OpenSSL 3.x
LIBP11_LT_OLDEST="3"
debian_ssl_prefix="openssl-3.0.0";;
1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x
diff --git a/src/eng_front.c b/src/eng_front.c
index 3a3c891..fd6940f 100644
--- a/src/eng_front.c
+++ b/src/eng_front.c
@@ -82,6 +82,8 @@ static const ENGINE_CMD_DEFN engine_cmd_defns[] = {
{0, NULL, NULL, 0}
};
+static int bind_helper_methods(ENGINE *e);
+
static ENGINE_CTX *get_ctx(ENGINE *engine)
{
ENGINE_CTX *ctx;
@@ -174,6 +176,7 @@ static EVP_PKEY *load_pubkey(ENGINE *engine, const char *s_key_id,
ctx = get_ctx(engine);
if (!ctx)
return 0;
+ bind_helper_methods(engine);
return ctx_load_pubkey(ctx, s_key_id, ui_method, callback_data);
}
@@ -186,6 +189,7 @@ static EVP_PKEY *load_privkey(ENGINE *engine, const char *s_key_id,
ctx = get_ctx(engine);
if (!ctx)
return 0;
+ bind_helper_methods(engine);
pkey = ctx_load_privkey(ctx, s_key_id, ui_method, callback_data);
#ifdef EVP_F_EVP_PKEY_SET1_ENGINE
/* EVP_PKEY_set1_engine() is required for OpenSSL 1.1.x,
@@ -205,6 +209,7 @@ static int engine_ctrl(ENGINE *engine, int cmd, long i, void *p, void (*f) ())
ctx = get_ctx(engine);
if (!ctx)
return 0;
+ bind_helper_methods(engine);
return ctx_engine_ctrl(ctx, cmd, i, p, f);
}
@@ -219,6 +224,24 @@ static int bind_helper(ENGINE *e)
!ENGINE_set_ctrl_function(e, engine_ctrl) ||
!ENGINE_set_cmd_defns(e, engine_cmd_defns) ||
!ENGINE_set_name(e, PKCS11_ENGINE_NAME) ||
+ !ENGINE_set_load_pubkey_function(e, load_pubkey) ||
+ !ENGINE_set_load_privkey_function(e, load_privkey)) {
+ return 0;
+ } else {
+ ERR_load_ENG_strings();
+ return 1;
+ }
+}
+
+/*
+ * With OpenSSL 3.x, engines might be used because defined in openssl.cnf
+ * which will cause problems
+ * only add engine routines after a call to load keys
+ */
+
+static int bind_helper_methods(ENGINE *e)
+{
+ if (
#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, PKCS11_get_rsa_method()) ||
#endif
@@ -235,12 +258,9 @@ static int bind_helper(ENGINE *e)
!ENGINE_set_ECDH(e, PKCS11_get_ecdh_method()) ||
#endif
#endif /* OPENSSL_VERSION_NUMBER */
- !ENGINE_set_pkey_meths(e, PKCS11_pkey_meths) ||
- !ENGINE_set_load_pubkey_function(e, load_pubkey) ||
- !ENGINE_set_load_privkey_function(e, load_privkey)) {
+ !ENGINE_set_pkey_meths(e, PKCS11_pkey_meths)) {
return 0;
} else {
- ERR_load_ENG_strings();
return 1;
}
}
diff --git a/tests/pkcs11-uri-without-token.softhsm b/tests/pkcs11-uri-without-token.softhsm
index 8833fa8..da95ebf 100755
--- a/tests/pkcs11-uri-without-token.softhsm
+++ b/tests/pkcs11-uri-without-token.softhsm
@@ -29,11 +29,14 @@ common_init
echo "Detected system: ${OSTYPE}"
-if [[ "${OSTYPE}" == "darwin"* ]]; then
- SHARED_EXT=.dylib
-else
- SHARED_EXT=.so
-fi
+case "${OSTYPE}" in
+ darwin* )
+ SHARED_EXT=.dylib
+ ;;
+ *)
+ SHARED_EXT=.so
+ ;;
+esac
sed -e "s|@MODULE_PATH@|${MODULE}|g" -e \
"s|@ENGINE_PATH@|../src/.libs/pkcs11${SHARED_EXT}|g" \
diff --git a/tests/search-all-matching-tokens.softhsm b/tests/search-all-matching-tokens.softhsm
index 915e7c6..3cd26a6 100755
--- a/tests/search-all-matching-tokens.softhsm
+++ b/tests/search-all-matching-tokens.softhsm
@@ -45,11 +45,15 @@ create_devices $NUM_DEVICES $PIN $PUK "libp11-test" "label"
echo "Detected system: ${OSTYPE}"
-if [[ "${OSTYPE}" == "darwin"* ]]; then
- SHARED_EXT=.dylib
-else
- SHARED_EXT=.so
-fi
+
+case "${OSTYPE}" in
+ darwin* )
+ SHARED_EXT=.dylib
+ ;;
+ *)
+ SHARED_EXT=.so
+ ;;
+esac
sed -e "s|@MODULE_PATH@|${MODULE}|g" -e \
"s|@ENGINE_PATH@|../src/.libs/pkcs11${SHARED_EXT}|g" \