Import from Fedora

2022-02-11 15:05:38 +01:00 · 2022-02-11 15:05:38 +01:00 · 3bff8faa1c
parent 773580448c
commit 3bff8faa1c
8 changed files with 378 additions and 0 deletions
--- a/gpgkey-01F3D14D.gpg
+++ b/gpgkey-01F3D14D.gpg
--- a/libu2f-server-1.0.1.tar.xz
+++ b/libu2f-server-1.0.1.tar.xz
--- a/libu2f-server-1.0.1.tar.xz.sig
+++ b/libu2f-server-1.0.1.tar.xz.sig
--- a/libu2f-server-1.0.1_add_support_for_upcoming_json_c_0_14_0.patch
+++ b/libu2f-server-1.0.1_add_support_for_upcoming_json_c_0_14_0.patch
@ -0,0 +1,37 @@
+From f7c4983b31909299c47bf9b2627c84b6bfe225de Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
+Date: Mon, 13 Apr 2020 14:16:20 +0200
+Subject: [PATCH] Add support for upcoming json-c 0.14.0.
+
+TRUE/FALSE are not defined anymore.  1 and 0 are used instead.
+---
+ u2f-server/core.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/u2f-server/core.c b/u2f-server/core.c
+index 2fb325e..895c004 100644
+--- a/u2f-server/core.c
+++ b/u2f-server/core.c
+@@ -44,6 +44,19 @@ typedef int json_bool;
+ #define u2fs_json_object_object_get(obj, key, value) (value = json_object_object_get(obj, key)) == NULL ? (json_bool)FALSE : (json_bool)TRUE
+ #endif
+ 
+/* json-c 0.13.99 does not define TRUE/FALSE anymore
+ * the json-c maintainers replaced them with pure 1/0
+ * https://github.com/json-c/json-c/commit/0992aac61f8b
+ */
+#if defined JSON_C_VERSION_NUM && JSON_C_VERSION_NUM >= ((13 << 8) | 99)
+#ifndef FALSE
+#define FALSE 0
+#endif
+#ifndef TRUE
+#define TRUE  1
+#endif
+#endif
+
+ static u2fs_rc encode_b64u(const char *data, size_t data_len, char *output)
+ {
+   base64_encodestate b64;
+-- 
+2.26.0
+
--- a/libu2f-server-1.0.1_check_result_json_object.patch
+++ b/libu2f-server-1.0.1_check_result_json_object.patch
@ -0,0 +1,58 @@
+From 72997944d5ee7f165fe04f1ac451d115e97d75e9 Mon Sep 17 00:00:00 2001
+From: Joe Watkins <krakjoe@php.net>
+Date: Sat, 10 Dec 2016 13:34:08 +0000
+Subject: [PATCH] Check the result of the call to serialize json object before
+ calling strdup
+
+---
+ u2f-server/core.c | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+Index: libu2f-server-1.0.1/u2f-server/core.c
+===================================================================
+--- libu2f-server-1.0.1.orig/u2f-server/core.c
+++ libu2f-server-1.0.1/u2f-server/core.c
+@@ -381,6 +381,7 @@ static int registration_challenge_json(c
+   struct json_object *json_version = NULL;
+   struct json_object *json_appid = NULL;
+   struct json_object *json_output = NULL;
+  const char *json_string = NULL;
+ 
+   rc = U2FS_JSON_ERROR;
+ 
+@@ -402,8 +403,11 @@ static int registration_challenge_json(c
+   json_object_object_add(json_output, "version", json_version);
+   json_object_object_add(json_output, "appId", json_appid);
+ 
+-  *output = strdup(json_object_to_json_string(json_output));
+-  if (*output == NULL)
+  json_string = json_object_to_json_string(json_output);
+
+  if (json_string == NULL)
+    rc = U2FS_JSON_ERROR;
+  else if ((*output = strdup(json_string)) == NULL)
+     rc = U2FS_MEMORY_ERROR;
+   else
+     rc = U2FS_OK;
+@@ -951,6 +955,7 @@ static int authentication_challenge_json
+   struct json_object *json_version = NULL;
+   struct json_object *json_appid = NULL;
+   struct json_object *json_output = NULL;
+  const char *json_string = NULL;
+ 
+   rc = U2FS_JSON_ERROR;
+ 
+@@ -976,8 +981,11 @@ static int authentication_challenge_json
+   json_object_object_add(json_output, "challenge", json_challenge);
+   json_object_object_add(json_output, "appId", json_appid);
+ 
+-  *output = strdup(json_object_to_json_string(json_output));
+-  if (*output == NULL)
+  json_string = json_object_to_json_string(json_output);
+
+  if (json_string == NULL)
+    rc = U2FS_JSON_ERROR;
+  else if ((*output = strdup(json_string)) == NULL)
+     rc = U2FS_MEMORY_ERROR;
+   else
+     rc = U2FS_OK;
--- a/libu2f-server-1.0.1_fix_memory_errors.patch
+++ b/libu2f-server-1.0.1_fix_memory_errors.patch
@ -0,0 +1,52 @@
+From 5d74f88b278ca1df6c69d7328be2a8035ca7976c Mon Sep 17 00:00:00 2001
+From: Joe Watkins <krakjoe@php.net>
+Date: Fri, 9 Dec 2016 14:26:51 +0000
+Subject: [PATCH] valgrind shows memory errors around this code, because the
+ reference counts of objects are not managed properly
+
+---
+ u2f-server/core.c | 24 +++++++++++++++---------
+ 1 file changed, 15 insertions(+), 9 deletions(-)
+
+Index: libu2f-server-1.0.1/u2f-server/core.c
+===================================================================
+--- libu2f-server-1.0.1.orig/u2f-server/core.c
+++ libu2f-server-1.0.1/u2f-server/core.c
+@@ -409,10 +409,13 @@ static int registration_challenge_json(c
+     rc = U2FS_OK;
+ 
+ done:
+-  json_object_put(json_challenge);
+-  json_object_put(json_version);
+-  json_object_put(json_appid);
+-  json_object_put(json_output);
+  if (json_output) {
+    json_object_put(json_output);
+  } else {
+    json_object_put(json_challenge);
+    json_object_put(json_version);
+    json_object_put(json_appid);
+  }
+ 
+   return rc;
+ }
+@@ -980,11 +983,14 @@ static int authentication_challenge_json
+     rc = U2FS_OK;
+ 
+ done:
+-  json_object_put(json_challenge);
+-  json_object_put(json_key);
+-  json_object_put(json_version);
+-  json_object_put(json_appid);
+-  json_object_put(json_output);
+  if (json_output) {
+    json_object_put(json_output);
+  } else {
+    json_object_put(json_challenge);
+    json_object_put(json_key);
+    json_object_put(json_version);
+    json_object_put(json_appid);
+  }
+ 
+   return rc;
+ }
--- a/libu2f-server-1.0.1_fix_refcount_json_object.patch
+++ b/libu2f-server-1.0.1_fix_refcount_json_object.patch
@ -0,0 +1,61 @@
+diff --git a/u2f-server/core.c b/u2f-server/core.c
+index 41af808..da1b286 100644
+--- a/u2f-server/core.c
+++ b/u2f-server/core.c
+@@ -399,9 +399,9 @@ static int registration_challenge_json(const char *challenge,
+   if (json_output == NULL)
+     goto done;
+ 
+-  json_object_object_add(json_output, "challenge", json_challenge);
+-  json_object_object_add(json_output, "version", json_version);
+-  json_object_object_add(json_output, "appId", json_appid);
+  json_object_object_add(json_output, "challenge", json_object_get(json_challenge));
+  json_object_object_add(json_output, "version", json_object_get(json_version));
+  json_object_object_add(json_output, "appId", json_object_get(json_appid));
+ 
+   json_string = json_object_to_json_string(json_output);
+ 
+@@ -413,13 +413,10 @@ static int registration_challenge_json(const char *challenge,
+     rc = U2FS_OK;
+ 
+ done:
+-  if (json_output) {
+     json_object_put(json_output);
+-  } else {
+     json_object_put(json_challenge);
+     json_object_put(json_version);
+     json_object_put(json_appid);
+-  }
+ 
+   return rc;
+ }
+@@ -976,10 +973,10 @@ static int authentication_challenge_json(const char *challenge,
+   if (json_output == NULL)
+     goto done;
+ 
+-  json_object_object_add(json_output, "keyHandle", json_key);
+-  json_object_object_add(json_output, "version", json_version);
+-  json_object_object_add(json_output, "challenge", json_challenge);
+-  json_object_object_add(json_output, "appId", json_appid);
+  json_object_object_add(json_output, "keyHandle", json_object_get(json_key));
+  json_object_object_add(json_output, "version", json_object_get(json_version));
+  json_object_object_add(json_output, "challenge", json_object_get(json_challenge));
+  json_object_object_add(json_output, "appId", json_object_get(json_appid));
+ 
+   json_string = json_object_to_json_string(json_output);
+ 
+@@ -991,14 +988,11 @@ static int authentication_challenge_json(const char *challenge,
+     rc = U2FS_OK;
+ 
+ done:
+-  if (json_output) {
+     json_object_put(json_output);
+-  } else {
+     json_object_put(json_challenge);
+     json_object_put(json_key);
+     json_object_put(json_version);
+     json_object_put(json_appid);
+-  }
+ 
+   return rc;
+ }
--- a/libu2f-server.spec
+++ b/libu2f-server.spec
@ -0,0 +1,167 @@
+Name:		libu2f-server
+Version:	1.0.1
+Release:	24%{?dist}
+Summary:	Yubico Universal 2nd Factor (U2F) Server C Library
+
+License:	BSD
+URL:		https://developers.yubico.com/%{name}
+Source0:	https://developers.yubico.com/%{name}/Releases/%{name}-%{version}.tar.xz
+Source1:	https://developers.yubico.com/%{name}/Releases/%{name}-%{version}.tar.xz.sig
+Source2:	gpgkey-01F3D14D.gpg
+
+# Picked from upstream
+# https://github.com/Yubico/libu2f-server/commit/5d74f88b278ca1df6c69d7328be2a8035ca7976c
+Patch0:		%{name}-1.0.1_fix_memory_errors.patch
+# https://github.com/Yubico/libu2f-server/commit/72997944d5ee7f165fe04f1ac451d115e97d75e9
+Patch1:		%{name}-1.0.1_check_result_json_object.patch
+# https://github.com/Yubico/libu2f-server/pull/31
+Patch2:		%{name}-1.0.1_fix_refcount_json_object.patch
+# https://github.com/Yubico/libu2f-server/pull/42
+Patch3:		%{name}-1.0.1_add_support_for_upcoming_json_c_0_14_0.patch
+
+#BuildRequires:	json-c-devel openssl-devel check-devel gnupg2 systemd
+BuildRequires:  gcc
+BuildRequires:	json-c-devel openssl-devel check-devel systemd
+BuildRequires: make
+
+# Bundled gnulib https://fedorahosted.org/fpc/ticket/174
+Provides:	bundled(gnulib)
+
+%description
+This is a C library that implements the server-side of the U2F protocol. More
+precisely, it provides an API for generating the JSON blobs required by U2F
+devices to perform the U2F Registration and U2F Authentication operations, and
+functionality for verifying the cryptographic operations.
+
+%package -n u2f-server
+Summary:	Server-side command-line tool for U2F devices
+Requires:	%{name}%{?_isa} = %{version}-%{release}
+
+%description -n u2f-server
+u2f-server provides a command line tool that implements the server-side of the
+U2F protocol.
+
+
+%package devel
+Summary:	Development files for %{name}
+Requires:	%{name}%{?_isa} = %{version}-%{release}
+
+%description devel
+This package contains the header files needed to develop applications that
+use libu2f-server.
+
+%global _hardened_build 1
+
+%prep
+# disable signature verficiation due to gpgv2 bug
+# https://bugzilla.redhat.com/show_bug.cgi?id=1292687
+#gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
+%autosetup -p 1
+
+%build
+%configure --disable-rpath --disable-static
+
+# --disable-rpath doesn't work.
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+%make_build
+
+%check
+LD_LIBRARY_PATH="$(pwd)/u2f-server/.libs" make check
+
+%install
+%make_install
+find %{buildroot} -name '*.la' -exec rm -f {} ';'
+
+%ldconfig_scriptlets
+
+%files
+%license COPYING
+%doc README AUTHORS NEWS THANKS
+%{_libdir}/*.so.*
+
+%files -n u2f-server
+%{_bindir}/u2f-server
+%{_mandir}/man1/u2f-server.1*
+
+%files devel
+%doc %{_datadir}/gtk-doc/html/u2f-server
+%{_libdir}/pkgconfig/*.pc
+%{_libdir}/*.so
+%{_includedir}/*
+
+%changelog
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-24
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.0.1-23
+- Rebuilt with OpenSSL 3.0.0
+
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-22
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Sat Jul 10 2021 Björn Esser <besser82@fedoraproject.org> - 1.0.1-21
+- Rebuild for versioned symbols in json-c
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-19
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 1.0.1-18
+- Rebuild (json-c)
+
+* Mon Apr 13 2020 Björn Esser <besser82@fedoraproject.org> - 1.0.1-17
+- Add support for upcoming json-c 0.14.0
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Mar 06 2018 Björn Esser <besser82@fedoraproject.org> - 1.0.1-12
+- Rebuilt for libjson-c.so.4 (json-c v0.13.1)
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Fri Dec 15 2017 Björn Esser <besser82@fedoraproject.org> - 1.0.1-10
+- Add upstreamed patch for proper refcount on json_objects
+
+* Wed Dec 13 2017 Björn Esser <besser82@fedoraproject.org> - 1.0.1-9
+- Add two cherry-picked patches from upstream
+
+* Sun Dec 10 2017 Björn Esser <besser82@fedoraproject.org> - 1.0.1-8
+- Rebuilt for libjson-c.so.3
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Thu Feb 4 2016 Seth Jennings <spartacus06@gmail.com> - 1.0.1-4
+- disable signature verficiation due to gpgv2 bug
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Tue Oct 27 2015 Seth Jennings <spartacus06@gmail.com> - 1.0.1-2
+- Enable _hardened_build
+- Remove redundant license from u2f-server package
+- More specific path for gtk-doc files
+
+* Sat Aug 1 2015 Seth Jennings <spartacus06@gmail.com> - 1.0.1-1
+- Initial package release.