From 1d1bd720de464b343c1f23de735b398cde9ab4e1 Mon Sep 17 00:00:00 2001
From: MSVSphere Packaging Team <packager@msvsphere-os.ru>
Date: Tue, 5 Nov 2024 05:05:01 +0300
Subject: [PATCH] import p11-kit-0.25.5-7.el10

---
 .../p11-kit-0.25.5-trust-file-length.patch    | 73 +++++++++++++++++++
 SPECS/p11-kit.spec                            | 13 +++-
 2 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/p11-kit-0.25.5-trust-file-length.patch

diff --git a/SOURCES/p11-kit-0.25.5-trust-file-length.patch b/SOURCES/p11-kit-0.25.5-trust-file-length.patch
new file mode 100644
index 0000000..d84f858
--- /dev/null
+++ b/SOURCES/p11-kit-0.25.5-trust-file-length.patch
@@ -0,0 +1,73 @@
+From a8b94642dbe6d52aa7a7805fbb60b64c4cfd7245 Mon Sep 17 00:00:00 2001
+From: Zoltan Fridrich <zfridric@redhat.com>
+Date: Thu, 3 Oct 2024 11:34:14 +0200
+Subject: [PATCH] trust: don't create file names longer then 255
+
+Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
+---
+ trust/save.c | 19 ++++++++++++++++---
+ 1 file changed, 16 insertions(+), 3 deletions(-)
+
+diff --git a/trust/save.c b/trust/save.c
+index 057a9c5e3..acabcbf6d 100644
+--- a/trust/save.c
++++ b/trust/save.c
+@@ -61,6 +61,8 @@
+ #define O_DIRECTORY 0
+ #endif
+ 
++#define MAX_FILE_NAME 255
++
+ struct _p11_save_file {
+ 	char *bare;
+ 	char *extension;
+@@ -414,12 +416,23 @@ make_unique_name (const char *bare,
+ 	p11_buffer buf;
+ 	int ret;
+ 	int i;
++	int bare_len, ext_len, diff;
+ 
+ 	assert (bare != NULL);
+ 	assert (check != NULL);
+ 
+ 	p11_buffer_init_null (&buf, 0);
+ 
++	/*
++	 * Make sure the name will not be longer then MAX_FILE_NAME
++	 */
++	bare_len = strlen (bare);
++	ext_len = extension ? strlen (extension) : 0;
++	diff = bare_len + ext_len + sizeof (unique) - MAX_FILE_NAME;
++	if (diff > 0)
++		bare_len -= diff;
++	return_val_if_fail (bare_len > 0, NULL);
++
+ 	for (i = 0; true; i++) {
+ 
+ 		p11_buffer_reset (&buf, 64);
+@@ -431,7 +444,7 @@ make_unique_name (const char *bare,
+ 		 * provided by the caller.
+ 		 */
+ 		case 0:
+-			p11_buffer_add (&buf, bare, -1);
++			p11_buffer_add (&buf, bare, bare_len);
+ 			break;
+ 
+ 		/*
+@@ -448,14 +461,14 @@ make_unique_name (const char *bare,
+ 			/* fall through */
+ 
+ 		default:
+-			p11_buffer_add (&buf, bare, -1);
++			p11_buffer_add (&buf, bare, bare_len);
+ 			snprintf (unique, sizeof (unique), ".%d", i);
+ 			p11_buffer_add (&buf, unique, -1);
+ 			break;
+ 		}
+ 
+ 		if (extension)
+-			p11_buffer_add (&buf, extension, -1);
++			p11_buffer_add (&buf, extension, ext_len);
+ 
+ 		return_val_if_fail (p11_buffer_ok (&buf), NULL);
+ 
diff --git a/SPECS/p11-kit.spec b/SPECS/p11-kit.spec
index df1f051..0fa4cde 100644
--- a/SPECS/p11-kit.spec
+++ b/SPECS/p11-kit.spec
@@ -2,7 +2,7 @@
 ## (rpmautospec version 0.6.5)
 ## RPMAUTOSPEC: autorelease, autochangelog
 %define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
-    release_number = 4;
+    release_number = 7;
     base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
     print(release_number + base_release_number - 1);
 }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
@@ -22,6 +22,8 @@ Source2:        https://p11-glue.github.io/p11-glue/p11-kit/p11-kit-release-keyr
 Source3:        trust-extract-compat
 Source4:        p11-kit-client.service
 
+Patch:          p11-kit-0.25.5-trust-file-length.patch
+
 BuildRequires:  gcc
 BuildRequires:  libtasn1-devel >= 2.3
 BuildRequires:  libffi-devel
@@ -163,6 +165,15 @@ fi
 
 %changelog
 ## START: Generated by rpmautospec
+* Fri Nov 01 2024 Miluse Bezo Konecna <mbezokon@redhat.com> - 0.25.5-7
+- fix typo in ci.fmf
+
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 0.25.5-6
+- Bump release for October 2024 mass rebuild:
+
+* Fri Oct 25 2024 Zoltan Fridrich <zfridric@redhat.com> - 0.25.5-5
+- Fix regression in trust where file creation fails for long cert labels
+
 * Tue Jul 30 2024 Miluse Bezo Konecna <mbezokon@redhat.com> - 0.25.5-4
 - Fix gating.yaml