.ktls-utils.metadata

@@ -1 +1 @@
-9dae5134b7af7ebb14e518f9f4013a92bb44165e SOURCES/ktls-utils-0.11.tar.gz
+47ca531793bca179280c02768e94a2f67f1ded07 SOURCES/ktls-utils-0.11.tar.gz

SOURCES/ktls-utils-0.11-openscanhub.patch

@@ -0,0 +1,88 @@
+diff --git a/src/tlshd/config.c b/src/tlshd/config.c
+index 7b6a533..fae83b3 100644
+--- a/src/tlshd/config.c
++++ b/src/tlshd/config.c
+@@ -186,6 +186,7 @@ bool tlshd_config_get_client_truststore(char **bundle)
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+ 		tlshd_log_debug("client x509.truststore pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+@@ -222,6 +223,7 @@ bool tlshd_config_get_client_certs(gnutls_pcert_st *certs,
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+ 		tlshd_log_debug("client x509.certificate pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+@@ -268,7 +270,8 @@ bool tlshd_config_get_client_privkey(gnutls_privkey_t *privkey)
+ 		g_error_free(error);
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+-		tlshd_log_debug("client x095.private_key pathname \"%s\" is not accessible", pathname);
++		tlshd_log_debug("client x509.private_key pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+@@ -321,6 +324,7 @@ bool tlshd_config_get_server_truststore(char **bundle)
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+ 		tlshd_log_debug("server x509.truststore pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+@@ -357,6 +361,7 @@ bool tlshd_config_get_server_certs(gnutls_pcert_st *certs,
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+ 		tlshd_log_debug("server x509.certificate pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+@@ -378,6 +383,7 @@ bool tlshd_config_get_server_certs(gnutls_pcert_st *certs,
+ 
+ 	tlshd_log_debug("Retrieved %u x.509 server certificate(s) from %s",
+ 			*certs_len, pathname);
++	g_free(pathname);
+ 	return true;
+ }
+ 
+@@ -403,6 +409,7 @@ bool tlshd_config_get_server_privkey(gnutls_privkey_t *privkey)
+ 		return false;
+ 	} else if (access(pathname, F_OK)) {
+ 		tlshd_log_debug("server x509.privkey pathname \"%s\" is not accessible", pathname);
++		g_free(pathname);
+ 		return false;
+ 	}
+ 
+diff --git a/src/tlshd/handshake.c b/src/tlshd/handshake.c
+index 50c2f62..768dac2 100644
+--- a/src/tlshd/handshake.c
++++ b/src/tlshd/handshake.c
+@@ -59,7 +59,7 @@ static void tlshd_save_nagle(gnutls_session_t session, int *saved)
+ 	int ret;
+ 
+ 
+-	len = sizeof(saved);
++	len = sizeof(*saved);
+ 	ret = getsockopt(gnutls_transport_get_int(session),
+ 			 IPPROTO_TCP, TCP_NODELAY, saved, &len);
+ 	if (ret < 0) {
+diff --git a/src/tlshd/netlink.c b/src/tlshd/netlink.c
+index 2e206f6..439904c 100644
+--- a/src/tlshd/netlink.c
++++ b/src/tlshd/netlink.c
+@@ -269,7 +269,7 @@ static int tlshd_genl_valid_handler(struct nl_msg *msg, void *arg)
+ 	tlshd_parse_certificate(parms, tb[HANDSHAKE_A_ACCEPT_CERTIFICATE]);
+ 
+ 	if (peername)
+-		strcpy(tlshd_peername, peername);
++		strncpy(tlshd_peername, peername, sizeof(tlshd_peername) - 1);
+ 	else {
+ 		err = getnameinfo(parms->peeraddr, parms->peeraddr_len,
+ 				  tlshd_peername, sizeof(tlshd_peername),

SPECS/ktls-utils.spec

@@ -1,9 +1,21 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.5)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 %global forgeurl https://github.com/oracle/ktls-utils
 %global baseversion 0.11
 
 Name:           ktls-utils
 Version:        %{baseversion}
-Release:        1%{?dist}
+# Using a base release of 3 to continue the sequence from the SRPM taken
+# from Fedora ELN.
+Release:        %{autorelease}
 Summary:        TLS handshake agent for kernel sockets
 
 %forgemeta
@@ -14,6 +26,8 @@ URL:            %{forgeurl}
 # FIXME: is this a bug in the tagging scheme or forgesource macro?
 Source0:        %{forgeurl}/releases/download/%{name}-%{baseversion}/%{name}-%{baseversion}.tar.gz
 
+Patch0:		ktls-utils-0.11-openscanhub.patch
+
 BuildRequires:  bash systemd-rpm-macros
 BuildRequires:  gcc make coreutils
 BuildRequires:  pkgconfig(gnutls) >= 3.3.0
@@ -66,16 +80,37 @@ standard kTLS socket options.
 %systemd_postun_with_restart tlshd.service
 
 %changelog
-* Thu Jul 11 2024 Steve Dickson <steved@redhat.com> 0.11-1
-- Updated to the latest upstream release 0.11 (RHEL-47101)
-
-* Thu Feb 29 2024 Steve Dickson <steved@redhat.com> 0.10-0
-- Initial package
-- Upstream contributions by:
-    - Chuck Lever <chuck.lever@oracle.com>
-    - Hannes Reinecke <hare@suse.de>
-    - Jeff Layton <jlayton@kernel.org>
-    - Benjamin Coddington <bcodding@redhat.com>
-    - David Härdeman <david@hardeman.nu>
-    - Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
-    - Moritz "WanzenBug" Wanzenböck <moritz.wanzenboeck@linbit.com>
+* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 0.11-1
+- Rebuilt for MSVSphere 10
+
+## START: Generated by rpmautospec
+* Wed Jul 17 2024 Scott Mayhew <smayhew@redhat.com> - 0.11-1
+- Update to 0.11 (RHEL-48604)
+- Also fix some OpenScanHub warnings.
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.10-6
+- Bump release for June 2024 mass rebuild
+
+* Thu Jun 13 2024 Scott Mayhew <smayhew@redhat.com> - 0.10-5
+- Add initial gating for RHEL 10
+
+* Tue Jun 11 2024 Scott Mayhew <smayhew@redhat.com> - 0.10-4
+- spec: update autorelease to continue the sequence from the base SRPM
+  taken from Fedora ELN.
+
+* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.10-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.10-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sat Oct 07 2023 Steve Dickson <steved@redhat.com> - 0.10-1
+- Updated to the latest upstream release: 0.10
+
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.9^20230627.g52ac9ff05a5e-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue Jun 27 2023 Jeff Layton <jlayton@kernel.org> - 0.9^20230627.g52ac9ff05a5e-1
+- Initial import (fedora#2182151)
+
+## END: Generated by rpmautospec