From 8c8d2c3d81fac5c01075447b436c4fe1cb4c8d22 Mon Sep 17 00:00:00 2001 From: Hiroki Sato Date: Wed, 18 May 2016 17:22:59 +0000 Subject: Update to 3.5. Notable changes are as follows: - No longer required to run pkcs11_startup. pkcs11_startup and pkcs_slotd were shell scripts that created the config file, pk_config_data, which was read by pkcsslotd to get available slot information. The pk_config_data configuration file has been replaced with /etc/opencryptoki/opencryptoki.conf. In version 3, the pkcsslotd daemon reads opencryptoki.conf to get slot information. The opencryptoki.conf by default contains slot information for each token currently supported by opencryptoki with the exception of the ICSF token, which requires some initial setup. Please see man page for opencryptoki.conf for further information. Since pk_config_data is no longer required, pkcs11_startup and pkcs_slotd have been removed. --- .../files/patch-usr-sbin-pkcsslotd-mutex.c | 49 +++++++++------------- 1 file changed, 19 insertions(+), 30 deletions(-) (limited to 'security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c') diff --git a/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c b/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c index 412566aa9422..6169b34024d4 100644 --- a/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c +++ b/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c @@ -1,17 +1,20 @@ ---- usr/sbin/pkcsslotd/mutex.c.orig 2010-07-29 21:28:41.000000000 +0900 -+++ usr/sbin/pkcsslotd/mutex.c 2010-12-19 12:13:34.837579374 +0900 -@@ -293,6 +293,26 @@ - - #include "pkcsslotd.h" +--- usr/sbin/pkcsslotd/mutex.c.orig 2016-04-29 17:26:46 UTC ++++ usr/sbin/pkcsslotd/mutex.c +@@ -281,10 +281,28 @@ + legal action under this Agreement more than one year after + the cause of action arose. Each party waives its rights to + a jury trial in any resulting litigation. ++*/ +#include -+ + +#ifdef __sun +#define LOCK_EX F_LOCK +#define LOCK_UN F_ULOCK +#define flock(fd, func) lockf(fd, func, 0) +#endif -+ + +-*/ +#ifndef LOCK_SH +#define LOCK_SH 1 /* shared lock */ +#endif @@ -25,28 +28,14 @@ +#define LOCK_UN 8 /* unlock */ +#endif - #if SYSVSEM - #error "Caveat Emptor... this does not work" -@@ -315,7 +335,7 @@ - #include - #include - #include --#include -+#include - static int xplfd=-1; - #endif + /* (C) COPYRIGHT International Business Machines Corp. 2001 */ -@@ -349,6 +369,13 @@ - #elif (SPINXPL) - - xplfd = open (XPL_FILE,O_CREAT|O_RDWR,S_IRWXU|S_IRWXG|S_IRWXO); -+ { -+ struct group *grp; -+ fchmod(xplfd,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH); -+ grp = getgrnam(PKCS11GROUP); -+ if (grp) -+ fchown(xplfd,getuid(),grp->gr_gid); -+ } +@@ -323,7 +341,7 @@ CreateXProcLock(void) + goto error; + } - #elif (SYSVSEM) - #error "Caveat Emptor... this does not work" +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp != NULL) { + if (fchown(xplfd,-1,grp->gr_gid) == -1) { + DbgLog(DL0,"%s:fchown(%s):%s\n", -- cgit v1.2.3