diff --git a/oath-toolkit-2.0.2-man-fix.patch b/oath-toolkit-2.0.2-man-fix.patch deleted file mode 100644 index 9349065..0000000 --- a/oath-toolkit-2.0.2-man-fix.patch +++ /dev/null @@ -1,59 +0,0 @@ -diff --git a/libpskc/man/pskc_get_key_algparm_chall_max.3 b/libpskc/man/pskc_get_key_algparm_chall_max.3 -index 6ae79a3..2001320 100644 ---- a/libpskc/man/pskc_get_key_algparm_chall_max.3 -+++ b/libpskc/man/pskc_get_key_algparm_chall_max.3 -@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. - Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Max - value. This attribute defines the maximum size of the challenge - accepted by the device for CR mode and MUST be included. If the --'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or --'ALPHANUMERIC', this value indicates the maximum number of -+\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or -+\&'ALPHANUMERIC', this value indicates the maximum number of - digits/characters. If the 'Encoding' attribute is set to 'BASE64' - or 'BINARY', this value indicates the maximum number of bytes of - the unencoded value. -diff --git a/libpskc/man/pskc_get_key_algparm_chall_min.3 b/libpskc/man/pskc_get_key_algparm_chall_min.3 -index 85009d6..6e51e52 100644 ---- a/libpskc/man/pskc_get_key_algparm_chall_min.3 -+++ b/libpskc/man/pskc_get_key_algparm_chall_min.3 -@@ -15,8 +15,8 @@ output variable indicating whether data was provided or not. - Get the PSKC KeyPackage Key AlgorithmParameters ChallengeFormat Min - value. This attribute defines the minimum size of the challenge - accepted by the device for CR mode and MUST be included. If the --'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or --'ALPHANUMERIC', this value indicates the minimum number of -+\&'Encoding' attribute is set to 'DECIMAL', 'HEXADECIMAL', or -+\&'ALPHANUMERIC', this value indicates the minimum number of - digits/characters. If the 'Encoding' attribute is set to 'BASE64' - or 'BINARY', this value indicates the minimum number of bytes of - the unencoded value. -diff --git a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -index be96a9a..d4ce51e 100644 ---- a/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -+++ b/libpskc/man/pskc_get_key_policy_pinmaxlength.3 -@@ -16,9 +16,9 @@ Get the PSKC KeyPackage Key Policy PINPolicy MaxLength value. This - attribute indicates the maximum length of a PIN that can be set to - protect this key. It MUST NOT be possible to set a PIN longer than - this value. If the 'PINFormat' attribute is set to 'DECIMAL', --'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number -+\&'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates the number - of digits/ characters. If the 'PINFormat' attribute is set to --'BASE64' or 'BINARY', this value indicates the number of bytes of -+\&'BASE64' or 'BINARY', this value indicates the number of bytes of - the unencoded value. - - If \fIpresent\fP is non\-NULL, it will be 0 if the field is not present -diff --git a/libpskc/man/pskc_get_key_policy_pinminlength.3 b/libpskc/man/pskc_get_key_policy_pinminlength.3 -index c00523d..a5efe53 100644 ---- a/libpskc/man/pskc_get_key_policy_pinminlength.3 -+++ b/libpskc/man/pskc_get_key_policy_pinminlength.3 -@@ -16,7 +16,7 @@ Get the PSKC KeyPackage Key Policy PINPolicy MinLength value. This - attribute indicates the minimum length of a PIN that can be set to - protect the associated key. It MUST NOT be possible to set a PIN - shorter than this value. If the 'PINFormat' attribute is set to --'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates -+\&'DECIMAL', 'HEXADECIMAL', or 'ALPHANUMERIC', this value indicates - the number of digits/ characters. If the 'PINFormat' attribute is - set to 'BASE64' or 'BINARY', this value indicates the number of - bytes of the unencoded value. diff --git a/oath-toolkit-2.4.1-retain-original-xmldoc.patch b/oath-toolkit-2.4.1-retain-original-xmldoc.patch deleted file mode 100644 index 07530cd..0000000 --- a/oath-toolkit-2.4.1-retain-original-xmldoc.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- a/libpskc/build.c -+++ a/libpskc/build.c -@@ -510,7 +510,7 @@ pskc_build_xml (pskc_t * container, char **out, size_t * len) - - xmlDocSetRootElement (doc, keycont); - -- if (container->xmldoc) -+ if (container->xmldoc && container->xmldoc != container->original_xmldoc) - xmlFreeDoc (container->xmldoc); - container->xmldoc = doc; - doc = NULL; ---- a/libpskc/internal.h -+++ a/libpskc/internal.h -@@ -103,7 +103,7 @@ struct pskc_key - struct pskc - { - /* raw XML */ -- xmlDocPtr xmldoc; -+ xmlDocPtr xmldoc, original_xmldoc; - /* Is there a Signature element in xmldoc? */ - int signed_p; - ---- a/libpskc/parser.c -+++ a/libpskc/parser.c -@@ -677,6 +677,8 @@ pskc_done (pskc_t * container) - return; - - xmlFreeDoc (container->xmldoc); -+ if (container->original_xmldoc != container->xmldoc) -+ xmlFreeDoc (container->original_xmldoc); - - for (i = 0; i < container->nkeypackages; i++) - { -@@ -717,7 +719,7 @@ pskc_parse_from_memory (pskc_t * container, size_t len, const char *buffer) - if (xmldoc == NULL) - return PSKC_XML_ERROR; - -- container->xmldoc = xmldoc; -+ container->original_xmldoc = container->xmldoc = xmldoc; - - root = xmlDocGetRootElement (xmldoc); - parse_keycontainer (container, root, &rc); diff --git a/oath-toolkit-2.6.2-lockfile.patch b/oath-toolkit-2.6.4-lockfile.patch similarity index 95% rename from oath-toolkit-2.6.2-lockfile.patch rename to oath-toolkit-2.6.4-lockfile.patch index ef672bf..befed30 100644 --- a/oath-toolkit-2.6.2-lockfile.patch +++ b/oath-toolkit-2.6.4-lockfile.patch @@ -1,5 +1,5 @@ diff --git a/liboath/global.c b/liboath/global.c -index 6fb51fd..251ad15 100644 +index 89c18c5..7fc7b8a 100644 --- a/liboath/global.c +++ b/liboath/global.c @@ -25,9 +25,12 @@ @@ -61,7 +61,7 @@ index 6fb51fd..251ad15 100644 + return OATH_OK; +} diff --git a/liboath/liboath.map b/liboath/liboath.map -index 010c512..fd32e07 100644 +index 5e31cef..436cd65 100644 --- a/liboath/liboath.map +++ b/liboath/liboath.map @@ -75,6 +75,7 @@ LIBOATH_2.2.0 @@ -73,7 +73,7 @@ index 010c512..fd32e07 100644 LIBOATH_2.6.0 diff --git a/liboath/oath.h b/liboath/oath.h -index 7819c02..8bb5fc6 100644 +index 0786453..14b579c 100644 --- a/liboath/oath.h +++ b/liboath/oath.h @@ -136,11 +136,15 @@ typedef enum @@ -93,7 +93,7 @@ index 7819c02..8bb5fc6 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/oath.h.in b/liboath/oath.h.in -index 524e9ac..4d5cddc 100644 +index 8654342..17fddd3 100644 --- a/liboath/oath.h.in +++ b/liboath/oath.h.in @@ -136,11 +136,15 @@ typedef enum @@ -113,7 +113,7 @@ index 524e9ac..4d5cddc 100644 extern OATHAPI const char *oath_strerror (int err); diff --git a/liboath/usersfile.c b/liboath/usersfile.c -index 3442fd2..066f936 100644 +index 9da30fe..d9bd943 100644 --- a/liboath/usersfile.c +++ b/liboath/usersfile.c @@ -323,9 +323,18 @@ update_usersfile (const char *usersfile, @@ -139,7 +139,7 @@ index 3442fd2..066f936 100644 lockfh = fopen (lockfile, "w"); if (!lockfh) diff --git a/pam_oath/pam_oath.c b/pam_oath/pam_oath.c -index 57fd33c..aa041e3 100644 +index 8ac4605..ef4d034 100644 --- a/pam_oath/pam_oath.c +++ b/pam_oath/pam_oath.c @@ -70,6 +70,7 @@ struct cfg @@ -175,7 +175,7 @@ index 57fd33c..aa041e3 100644 D (("digits=%d", cfg->digits)); D (("window=%d", cfg->window)); } -@@ -189,6 +194,17 @@ pam_sm_authenticate (pam_handle_t * pamh, +@@ -206,6 +211,17 @@ pam_sm_authenticate (pam_handle_t * pamh, goto done; } diff --git a/oath-toolkit.spec b/oath-toolkit.spec index a6c7ee5..144c2e6 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,5 +1,5 @@ Name: oath-toolkit -Version: 2.6.3 +Version: 2.6.4 Release: 1%{?dist} License: GPLv3+ Summary: One-time password components @@ -7,13 +7,7 @@ BuildRequires: pam-devel, gtk-doc, libtool, libtool-ltdl-devel BuildRequires: xmlsec1-devel, xmlsec1-openssl-devel, autoconf, automake Source0: http://download.savannah.gnu.org/releases/%{name}/%{name}-%{version}.tar.gz URL: http://www.nongnu.org/oath-toolkit/ -# Escape leading single quotes in man pages which are misinterpreted as macros, -# patch sent upstream, upstream ticket #108312 -Patch0: oath-toolkit-2.0.2-man-fix.patch -# Fix invalid reads due to references to old (freed) xmlDoc, -# upstream ticket #108736 -Patch1: oath-toolkit-2.4.1-retain-original-xmldoc.patch -Patch2: oath-toolkit-2.6.2-lockfile.patch +Patch0: oath-toolkit-2.6.4-lockfile.patch %description The OATH Toolkit provide components for building one-time password @@ -109,9 +103,7 @@ A PAM module for pluggable login authentication for OATH. %prep %setup -q -%patch0 -p1 -b .man-fix -%patch1 -p1 -b .retain-original-xmldoc -%patch2 -p1 -b .lockfile +%patch0 -p1 -b .lockfile %build autoreconf -fi @@ -183,6 +175,10 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Nov 12 2020 Jaroslav Škarvada - 2.6.4-1 +- New version + Resolves: rhbz#1896920 + * Mon Nov 9 2020 Jaroslav Škarvada - 2.6.3-1 - New version Resolves: rhbz#1895618 diff --git a/sources b/sources index 5febff8..38d025d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (oath-toolkit-2.6.3.tar.gz) = 878017638c7333b23e6abd7efcca8489e4f11fce0dd25cb588b95a9368f290c1235db1d44f93a01c1492e9f057000fb8864673d9fca448bbf336090fddcfc696 +SHA512 (oath-toolkit-2.6.4.tar.gz) = a77b3250769e763eb0fa5904339d82ec962709225aeff8176d65e460961826690a040c0de76969134256aad74429629891ca2bd8b9a8fc849d58d99ecf559197