Hello community, here is the log from the commit of package mokutil for openSUSE:Factory checked in at 2014-02-13 15:01:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mokutil (Old) and /work/SRC/openSUSE:Factory/.mokutil.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mokutil" Changes: -------- --- /work/SRC/openSUSE:Factory/mokutil/mokutil.changes 2014-01-23 15:49:40.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.mokutil.new/mokutil.changes 2014-02-13 15:01:57.000000000 +0100 @@ -1,0 +2,8 @@ +Wed Feb 12 10:06:31 UTC 2014 - g...@suse.com + +- Add mokutil-fix-hash-list-size.patch to update the list size + after merging or deleting a hash +- Add mokutil-clean-request.patch to clean the request if all keys + are removed + +------------------------------------------------------------------- New: ---- mokutil-clean-request.patch mokutil-fix-hash-list-size.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mokutil.spec ++++++ --- /var/tmp/diff_new_pack.eZfRud/_old 2014-02-13 15:01:57.000000000 +0100 +++ /var/tmp/diff_new_pack.eZfRud/_new 2014-02-13 15:01:57.000000000 +0100 @@ -28,6 +28,10 @@ Patch1: mokutil-upstream-fixes.patch # PATCH-FIX-UPSTREAM mokutil-mokx-support.patch g...@suse.com -- Support the MOK blacklist Patch2: mokutil-mokx-support.patch +# PATCH-FIX-UPSTREAM mokutil-fix-hash-list-size.patch g...@suse.com -- Update the list size after merging or deleting a hash +Patch3: mokutil-fix-hash-list-size.patch +# PATCH-FIX-UPSTREAM mokutil-clean-request.patch g...@suse.com -- Clear the request if all keys are removed +Patch4: mokutil-clean-request.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libopenssl-devel >= 0.9.8 @@ -49,6 +53,8 @@ %setup -q %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build %configure ++++++ mokutil-clean-request.patch ++++++ >From a8165e89893bbaf8245fda6a59bcfe562bee4854 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <g...@suse.com> Date: Wed, 12 Feb 2014 15:57:51 +0800 Subject: [PATCH] Clean the request when all keys are removed Signed-off-by: Gary Ching-Pang Lin <g...@suse.com> --- src/mokutil.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/mokutil.c b/src/mokutil.c index 935cb94..1c32313 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -513,6 +513,24 @@ delete_data_from_list (efi_guid_t type, void *data, uint32_t data_size, if (start == NULL) return 0; + /* all keys are removed */ + if (total == 0) { + test_and_delete_var (var_name); + + /* delete the password */ + if (strcmp (var_name, "MokNew") == 0) + test_and_delete_var ("MokAuth"); + else if (strcmp (var_name, "MokXNew") == 0) + test_and_delete_var ("MokXAuth"); + else if (strcmp (var_name, "MokDel") == 0) + test_and_delete_var ("MokDelAuth"); + else if (strcmp (var_name, "MokXDel") == 0) + test_and_delete_var ("MokXDelAuth"); + + ret = 1; + goto done; + } + /* remove the key or hash */ if (remain > 0) memmove (start, end, remain); -- 1.8.4.5 ++++++ mokutil-fix-hash-list-size.patch ++++++ >From bf19feea5cbc44e6c50d14814d00c902073d8d92 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <g...@suse.com> Date: Wed, 12 Feb 2014 11:38:24 +0800 Subject: [PATCH 1/2] Fix the signature list size calculation While merging the hashes into the previous request, the list size mistakenly included the signature list header, and this made the request invalid. Signed-off-by: Gary Ching-Pang Lin <g...@suse.com> --- src/mokutil.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index dbec25b..b706c80 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -1374,6 +1374,9 @@ issue_hash_request (const char *hash_str, MokRequest req, old_req.VariableName = req_name; old_req.VendorGuid = SHIM_LOCK_GUID; + + list_size = sizeof(EFI_SIGNATURE_LIST) + sizeof(efi_guid_t) + hash_size; + if (read_variable (&old_req) == EFI_SUCCESS) { int i; list_size += old_req.DataSize; @@ -1388,13 +1391,12 @@ issue_hash_request (const char *hash_str, MokRequest req, if (efi_guidcmp (mok_list[i].header->SignatureType, hash_type) == 0) { merge_ind = i; + list_size -= sizeof(EFI_SIGNATURE_LIST); break; } } } - list_size += sizeof(EFI_SIGNATURE_LIST) + sizeof(efi_guid_t) + hash_size; - new_list = malloc (list_size); if (!new_list) { fprintf (stderr, "Failed to allocate space for %s\n", req_name); -- 1.8.4.5 >From 0c8e542eaaa1f3f8be2198806a5bc370813b4d81 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <g...@suse.com> Date: Wed, 12 Feb 2014 15:24:23 +0800 Subject: [PATCH 2/2] Update the list size after deleting a hash Signed-off-by: Gary Ching-Pang Lin <g...@suse.com> --- src/mokutil.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/mokutil.c b/src/mokutil.c index b706c80..935cb94 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -501,6 +501,7 @@ delete_data_from_list (efi_guid_t type, void *data, uint32_t data_size, start += sizeof(EFI_SIGNATURE_LIST) + sig_size * del_ind; end = start + sig_size; total -= sig_size; + list[i].header->SignatureListSize -= sig_size; remain += sig_list_size - sizeof(EFI_SIGNATURE_LIST) - (del_ind + 1) * sig_size; } -- 1.8.4.5 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org