import ktls-utils-0.11-1.el10

c10-beta imports/c10-beta/ktls-utils-0.11-1.el10
MSVSphere Packaging Team 1 month ago
commit caa541fa68
Signed by: sys_gitsync
GPG Key ID: B2B0B9F29E528FE8

1
.gitignore vendored

@ -0,0 +1 @@
SOURCES/ktls-utils-0.11.tar.gz

@ -0,0 +1 @@
47ca531793bca179280c02768e94a2f67f1ded07 SOURCES/ktls-utils-0.11.tar.gz

@ -0,0 +1,88 @@
diff --git a/src/tlshd/config.c b/src/tlshd/config.c
index 7b6a533..fae83b3 100644
--- a/src/tlshd/config.c
+++ b/src/tlshd/config.c
@@ -186,6 +186,7 @@ bool tlshd_config_get_client_truststore(char **bundle)
return false;
} else if (access(pathname, F_OK)) {
tlshd_log_debug("client x509.truststore pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
@@ -222,6 +223,7 @@ bool tlshd_config_get_client_certs(gnutls_pcert_st *certs,
return false;
} else if (access(pathname, F_OK)) {
tlshd_log_debug("client x509.certificate pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
@@ -268,7 +270,8 @@ bool tlshd_config_get_client_privkey(gnutls_privkey_t *privkey)
g_error_free(error);
return false;
} else if (access(pathname, F_OK)) {
- tlshd_log_debug("client x095.private_key pathname \"%s\" is not accessible", pathname);
+ tlshd_log_debug("client x509.private_key pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
@@ -321,6 +324,7 @@ bool tlshd_config_get_server_truststore(char **bundle)
return false;
} else if (access(pathname, F_OK)) {
tlshd_log_debug("server x509.truststore pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
@@ -357,6 +361,7 @@ bool tlshd_config_get_server_certs(gnutls_pcert_st *certs,
return false;
} else if (access(pathname, F_OK)) {
tlshd_log_debug("server x509.certificate pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
@@ -378,6 +383,7 @@ bool tlshd_config_get_server_certs(gnutls_pcert_st *certs,
tlshd_log_debug("Retrieved %u x.509 server certificate(s) from %s",
*certs_len, pathname);
+ g_free(pathname);
return true;
}
@@ -403,6 +409,7 @@ bool tlshd_config_get_server_privkey(gnutls_privkey_t *privkey)
return false;
} else if (access(pathname, F_OK)) {
tlshd_log_debug("server x509.privkey pathname \"%s\" is not accessible", pathname);
+ g_free(pathname);
return false;
}
diff --git a/src/tlshd/handshake.c b/src/tlshd/handshake.c
index 50c2f62..768dac2 100644
--- a/src/tlshd/handshake.c
+++ b/src/tlshd/handshake.c
@@ -59,7 +59,7 @@ static void tlshd_save_nagle(gnutls_session_t session, int *saved)
int ret;
- len = sizeof(saved);
+ len = sizeof(*saved);
ret = getsockopt(gnutls_transport_get_int(session),
IPPROTO_TCP, TCP_NODELAY, saved, &len);
if (ret < 0) {
diff --git a/src/tlshd/netlink.c b/src/tlshd/netlink.c
index 2e206f6..439904c 100644
--- a/src/tlshd/netlink.c
+++ b/src/tlshd/netlink.c
@@ -269,7 +269,7 @@ static int tlshd_genl_valid_handler(struct nl_msg *msg, void *arg)
tlshd_parse_certificate(parms, tb[HANDSHAKE_A_ACCEPT_CERTIFICATE]);
if (peername)
- strcpy(tlshd_peername, peername);
+ strncpy(tlshd_peername, peername, sizeof(tlshd_peername) - 1);
else {
err = getnameinfo(parms->peeraddr, parms->peeraddr_len,
tlshd_peername, sizeof(tlshd_peername),

@ -0,0 +1,113 @@
## START: Set by rpmautospec
## (rpmautospec version 0.6.5)
## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
release_number = 1;
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
## END: Set by rpmautospec
%global forgeurl https://github.com/oracle/ktls-utils
%global baseversion 0.11
Name: ktls-utils
Version: %{baseversion}
# Using a base release of 3 to continue the sequence from the SRPM taken
# from Fedora ELN.
Release: %{autorelease}
Summary: TLS handshake agent for kernel sockets
%forgemeta
License: GPL-2.0-only AND (GPL-2.0-only OR BSD-3-Clause)
URL: %{forgeurl}
# FIXME: is this a bug in the tagging scheme or forgesource macro?
Source0: %{forgeurl}/releases/download/%{name}-%{baseversion}/%{name}-%{baseversion}.tar.gz
Patch0: ktls-utils-0.11-openscanhub.patch
BuildRequires: bash systemd-rpm-macros
BuildRequires: gcc make coreutils
BuildRequires: pkgconfig(gnutls) >= 3.3.0
BuildRequires: autoconf >= 2.69
BuildRequires: automake
BuildRequires: pkgconfig(libkeyutils)
BuildRequires: pkgconfig(glib-2.0) >= 2.6
BuildRequires: pkgconfig(libnl-3.0) >= 3.1
%description
In-kernel TLS consumers need a mechanism to perform TLS handshakes
on a connected socket to negotiate TLS session parameters that can
then be programmed into the kernel's TLS record protocol engine.
This package of software provides a TLS handshake user agent that
listens for kernel requests and then materializes a user space
socket endpoint on which to perform these handshakes. The resulting
negotiated session parameters are passed back to the kernel via
standard kTLS socket options.
%prep
%setup -q -n %{name}-%{baseversion}
%autopatch -p1
%build
./autogen.sh
%configure --with-systemd
%make_build
%install
%make_install
%files
%config(noreplace) %{_sysconfdir}/tlshd.conf
%{_sbindir}/tlshd
%{_mandir}/man5/tlshd.conf.5.gz
%{_mandir}/man8/tlshd.8.gz
%{_unitdir}/tlshd.service
%license COPYING
%doc README.md
%doc SECURITY.md
%post
%systemd_post tlshd.service
%preun
%systemd_preun tlshd.service
%postun
%systemd_postun_with_restart tlshd.service
%changelog
## START: Generated by rpmautospec
* Wed Jul 17 2024 Scott Mayhew <smayhew@redhat.com> - 0.11-1
- Update to 0.11 (RHEL-48604)
- Also fix some OpenScanHub warnings.
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.10-6
- Bump release for June 2024 mass rebuild
* Thu Jun 13 2024 Scott Mayhew <smayhew@redhat.com> - 0.10-5
- Add initial gating for RHEL 10
* Tue Jun 11 2024 Scott Mayhew <smayhew@redhat.com> - 0.10-4
- spec: update autorelease to continue the sequence from the base SRPM
taken from Fedora ELN.
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Oct 07 2023 Steve Dickson <steved@redhat.com> - 0.10-1
- Updated to the latest upstream release: 0.10
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.9^20230627.g52ac9ff05a5e-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 27 2023 Jeff Layton <jlayton@kernel.org> - 0.9^20230627.g52ac9ff05a5e-1
- Initial import (fedora#2182151)
## END: Generated by rpmautospec
Loading…
Cancel
Save