- updated to 2.4.0

author Bartek Szady <bszx@bszx.eu>

Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)

committer Bartek Szady <bszx@bszx.eu>

Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)
author Bartek Szady <bszx@bszx.eu>
Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)
committer Bartek Szady <bszx@bszx.eu>
Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)
diff --git a/oids.patch b/oids.patch

deleted file mode 100644 (file)

index 8d4c6c1..0000000
--- a/oids.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- xca-2.2.1/misc/oids.text.orig      2020-01-30 20:54:31.000000000 +0100
-+++ xca-2.2.1/misc/oids.text   2020-04-25 15:25:30.483255049 +0200
-@@ -2,12 +2,10 @@
- # OID                         short name      long name
- 1.3.6.1.4.1.311.20.2: dom:            Domain Controller
- 1.3.6.1.4.1.311.21.1: MsCaV:          Microsoft CA Version
--1.3.6.1.4.1.311.20.2.3:       msUPN:          Microsoft Universal Principal Name
- 1.3.6.1.4.1.311.10.3.4.1:msEFSFR:     Microsoft EFS File Recovery
- 1.3.6.1.5.5.8.2.2:    iKEIntermediate: IP security end entity
- 1.3.6.1.5.5.7.3.1:      serverAuth:   TLS Web Server Authentication
- 1.3.6.1.5.5.7.3.2:      clientAuth:   TLS Web Client Authentication
--1.3.6.1.4.1.311.20.2.2:       msSmartcardLogin: Microsoft Smartcardlogin
- 2.5.4.44:             generationQualifier: generationQualifier
- 2.5.4.45:             x500UniqueIdentifier: x500UniqueIdentifier
- 2.5.4.65:             pseudonym:      pseudonym
diff --git a/openssl-3.0.patch b/openssl-3.0.patch

new file mode 100644 (file)

index 0000000..a7d4785
--- /dev/null
+++ b/openssl-3.0.patch
@@ -0,0 +1,171 @@
+commit 802a8787cfffe5d944e74ffd9acb87a52f9e2362
+Author: Christian Hohnstaedt <christian@hohnstaedt.de>
+Date:   Wed May 12 08:41:34 2021 +0200
+
+    Adaptions to stay OpenSSL 3.0 alpha16 compatible
+
+diff --git a/lib/pkcs11.cpp b/lib/pkcs11.cpp
+index d64e25a1..251e2b15 100644
+--- a/lib/pkcs11.cpp   2022-01-30 10:07:55.038897422 +0100
++++ b/lib/pkcs11.cpp   2022-01-30 10:11:00.501057931 +0100
+@@ -840,8 +840,7 @@
+ 
+       switch (EVP_PKEY_type(keytype)) {
+       case EVP_PKEY_RSA:
+-              rsa = EVP_PKEY_get0_RSA(pub);
+-              rsa = RSAPublicKey_dup(rsa);
++              rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pub));
+               openssl_error();
+               if (!rsa_meth) {
+ #if OPENSSL_VERSION_NUMBER >= 0x1010000L
+@@ -865,8 +864,7 @@
+               EVP_PKEY_assign_RSA(evp, rsa);
+               break;
+       case EVP_PKEY_DSA:
+-              dsa = EVP_PKEY_get0_DSA(pub);
+-              dsa = DSAparams_dup(dsa);
++              dsa = DSAparams_dup(EVP_PKEY_get0_DSA(pub));
+               openssl_error();
+               if (!dsa_meth) {
+ #if OPENSSL_VERSION_NUMBER >= 0x10100000L
+@@ -889,8 +887,7 @@
+               break;
+ #if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+       case EVP_PKEY_EC:
+-              ec = EVP_PKEY_get0_EC_KEY(pub);
+-              ec = EC_KEY_dup(ec);
++              ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(pub));
+               openssl_error();
+               if (!ec_key_meth) {
+                       ec_key_meth = setup_ec_key_meth();
+diff --git a/lib/pki_evp.cpp b/lib/pki_evp.cpp
+index 685ef4e3..288eea17 100644
+--- a/lib/pki_evp.cpp  2021-05-07 22:40:29.000000000 +0200
++++ b/lib/pki_evp.cpp  2022-01-30 10:15:45.332549957 +0100
+@@ -282,8 +282,8 @@
+ static void search_ec_oid(EVP_PKEY *pkey)
+ {
+ #ifndef OPENSSL_NO_EC
+-      EC_KEY *ec;
+       EC_GROUP *builtin;
++      const EC_KEY *ec;
+       const EC_GROUP *ec_group;
+ 
+       int keytype = EVP_PKEY_id(pkey);
+@@ -621,7 +621,7 @@
+ 
+       pki_openssl_error();
+       if (EVP_PKEY_type(getKeyType()) == EVP_PKEY_RSA) {
+-              RSA *rsa = EVP_PKEY_get0_RSA(tmpkey);
++              RSA *rsa = const_cast<RSA*>(EVP_PKEY_get0_RSA(tmpkey));
+               RSA_blinding_on(rsa, NULL);
+       }
+       myencKey.fill(0);
+@@ -930,7 +930,7 @@
+               EVP_MD_CTX_free(ctx);
+ #endif
+       if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA && EVP_PKEY_isPrivKey(pkey)) {
+-              RSA *rsa = EVP_PKEY_get0_RSA(pkey);
++              const RSA *rsa = EVP_PKEY_get0_RSA(pkey);
+               if (RSA_check_key(rsa) != 1)
+                       verify = false;
+       }
+diff --git a/lib/pki_key.cpp b/lib/pki_key.cpp
+index e959dc23..0315c3ae 100644
+--- a/lib/pki_key.cpp
++++ b/lib/pki_key.cpp
+@@ -197,7 +197,7 @@ QString pki_key::length() const
+ 
+       if (EVP_PKEY_id(key) == EVP_PKEY_DSA) {
+               const BIGNUM *p = NULL;
+-              DSA *dsa = EVP_PKEY_get0_DSA(key);
++              const DSA *dsa = EVP_PKEY_get0_DSA(key);
+               if (dsa)
+                       DSA_get0_pqg(dsa, &p, NULL, NULL);
+               dsa_unset = p == NULL;
+@@ -299,7 +299,7 @@ QString pki_key::modulus() const
+       if (getKeyType() == EVP_PKEY_RSA) {
+               const BIGNUM *n = NULL;
+ 
+-              RSA *rsa = EVP_PKEY_get0_RSA(key);
++              const RSA *rsa = EVP_PKEY_get0_RSA(key);
+               RSA_get0_key(rsa, &n, NULL, NULL);
+               return BN2QString(n);
+       }
+@@ -310,7 +310,7 @@ QString pki_key::pubEx() const
+ {
+       if (getKeyType() == EVP_PKEY_RSA) {
+               const BIGNUM *e = NULL;
+-              RSA *rsa = EVP_PKEY_get0_RSA(key);
++              const RSA *rsa = EVP_PKEY_get0_RSA(key);
+               RSA_get0_key(rsa, NULL, &e, NULL);
+               return BN2QString(e);
+       }
+@@ -321,7 +321,7 @@ QString pki_key::subprime() const
+ {
+       if (getKeyType() == EVP_PKEY_DSA) {
+               const BIGNUM *q = NULL;
+-              DSA *dsa = EVP_PKEY_get0_DSA(key);
++              const DSA *dsa = EVP_PKEY_get0_DSA(key);
+               if (dsa)
+                       DSA_get0_pqg(dsa, NULL, &q, NULL);
+               return BN2QString(q);
+@@ -333,7 +333,7 @@ QString pki_key::pubkey() const
+ {
+       if (getKeyType() == EVP_PKEY_DSA) {
+               const BIGNUM *pubkey = NULL;
+-              DSA *dsa = EVP_PKEY_get0_DSA(key);
++              const DSA *dsa = EVP_PKEY_get0_DSA(key);
+               if (dsa)
+                       DSA_get0_key(dsa, &pubkey, NULL);
+               return BN2QString(pubkey);
+@@ -761,7 +761,7 @@ QByteArray pki_key::SSH2publicQByteArray(bool raw) const
+               txt = "ssh-rsa";
+               ssh_key_QBA2data(txt, &data);
+               {
+-                      RSA *rsa = EVP_PKEY_get0_RSA(key);
++                      const RSA *rsa = EVP_PKEY_get0_RSA(key);
+                       const BIGNUM *n, *e;
+                       RSA_get0_key(rsa, &n, &e, NULL);
+                       ssh_key_bn2data(e, &data);
+@@ -772,7 +772,7 @@ QByteArray pki_key::SSH2publicQByteArray(bool raw) const
+               txt = "ssh-dss";
+               ssh_key_QBA2data(txt, &data);
+               {
+-                      DSA *dsa = EVP_PKEY_get0_DSA(key);
++                      const DSA *dsa = EVP_PKEY_get0_DSA(key);
+                       const BIGNUM *p, *q, *g, *pubkey;
+                       DSA_get0_pqg(dsa, &p, &q, &g);
+                       DSA_get0_key(dsa, &pubkey, NULL);
+diff --git a/lib/pki_scard.cpp b/lib/pki_scard.cpp
+index 25a3ea47..c558a34c 100644
+--- a/lib/pki_scard.cpp
++++ b/lib/pki_scard.cpp
+@@ -290,10 +290,10 @@ void pki_scard::deleteFromToken()
+ pk11_attlist pki_scard::objectAttributesNoId(EVP_PKEY *pk, bool priv) const
+ {
+       QByteArray ba;
+-      RSA *rsa;
+-      DSA *dsa;
++      const RSA *rsa;
++      const DSA *dsa;
+ #ifndef OPENSSL_NO_EC
+-      EC_KEY *ec;
++      const EC_KEY *ec;
+ #endif
+       const BIGNUM *n = NULL;
+       const BIGNUM *e = NULL;
+@@ -398,10 +398,10 @@ int pki_scard::renameOnToken(const slotid &slot, const QString &name)
+ void pki_scard::store_token(const slotid &slot, EVP_PKEY *pkey)
+ {
+       QByteArray ba;
+-      RSA *rsa;
+-      DSA *dsa;
++      const RSA *rsa;
++      const DSA *dsa;
+ #ifndef OPENSSL_NO_EC
+-      EC_KEY *ec;
++      const EC_KEY *ec;
+ #endif
+       pk11_attlist pub_atts;
+       pk11_attlist priv_atts;
diff --git a/opt.patch b/opt.patch

new file mode 100644 (file)

index 0000000..9ca4509
--- /dev/null
+++ b/opt.patch
@@ -0,0 +1,21 @@
+diff -up xca-2.4.0/Local.mak.in._orig xca-2.4.0/Local.mak.in
+--- xca-2.4.0/Local.mak.in._orig       2021-05-07 22:40:29.000000000 +0200
++++ xca-2.4.0/Local.mak.in     2022-01-30 11:47:01.297908758 +0100
+@@ -7,7 +7,7 @@ export VERSION=@XCA_VERSION@
+ export HOST=@HOST@
+ 
+ CPPFLAGS+=-Wall -Wextra -DXCA_PREFIX=\"${xca_prefix}\" -DETC=\"@sysconfdir@\" -DDOCDIR=\"@docdir@\"
+-CFLAGS+=-O2 -ggdb -std=c++11 @CXXFLAGS@
++CFLAGS+=-std=c++11 @CXXFLAGS@
+ LIBS=@LIBS@
+ EXTRA_VERSION=@EXTRA_VERSION@
+ 
+@@ -19,7 +19,7 @@
+ HELPCOLL=@QT_HELPCOLL@
+ 
+ CC=@CXX@
+-STRIP=@STRIP@
++STRIP=:
+ WINDRES=@WINDRES@
+ DOCTOOL=@DOCTOOL@
+ MACDEPLOYQT=@MACDEPLOYQT@
diff --git a/xca.spec b/xca.spec

index 72ac5837751f3db199096383b8df1350f464ea49..d08992253b8bee0646ad70bb6fd15432b88fb62b 100644 (file)
--- a/xca.spec
+++ b/xca.spec
@@ -1,14 +1,15 @@
  Summary:       A GUI for handling X509 certificates, RSA keys, PKCS#10 Requests
  Summary(pl.UTF-8):     GUI do obsługi certyfikatów X509, kluczy RSA, żądań PKCS#10
  Name:          xca
-Version:       2.2.1
+Version:       2.4.0
  Release:       1
  Epoch:         1
  License:       BSD
  Group:         Applications/Communications
  Source0:       https://github.com/chris2511/xca/releases/download/RELEASE.%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: d9564be194d4e1e0b1139670f97a73d2
-Patch0:                oids.patch
+# Source0-md5: c17d65a86134a69001d14c34729f46b5
+Patch0:                openssl-3.0.patch
+Patch1:                opt.patch
  URL:           https://hohnstaedt.de/xca/
  BuildRequires: Qt5Sql-devel >= 5.14.0
  BuildRequires: Qt5Widgets-devel >= 5.14.0
@@ -38,14 +39,28 @@ importowanie i eksportowanie kluczy i certyfikatów PEM DER PKCS8,
  podpisywanie i anulowanie PEM DER PKCS12 oraz wybór rozszerzeń x509v3.
  Pokazywane jest drzewo certyfikatów.
  
+%package -n bash-completion-xca
+Summary:       Bash completion for xca commands
+Summary(pl.UTF-8):     Bashowe uzupełnianie parametrów dla poleceń xca
+Group:         Applications/Shells
+Requires:      %{name} = %{version}-%{release}
+Requires:      bash-completion >= 2.0
+%{?noarchpackage}
+
+%description -n bash-completion-xca
+Bash completion for xca commands.
+
+%description -n bash-completion-xca -l pl.UTF-8
+Bashowe uzupełnianie parametrów dla poleceń xca.
+
  %prep
  %setup -q
  %patch0 -p1
+%patch1 -p1
  
  %build
  
-%configure \
-       --disable-doc
+%configure
  
  %{__make} all
  
@@ -54,10 +69,10 @@ rm -rf $RPM_BUILD_ROOT
  install -d $RPM_BUILD_ROOT{%{_bindir},%{_datadir}/xca,%{_desktopdir},%{_mandir}/man1}
  
  %{__make} install \
-       destdir=$RPM_BUILD_ROOT
+       DESTDIR=$RPM_BUILD_ROOT
  
-%{__make} -C doc ENABLE_DOC="" install \
-       destdir=$RPM_BUILD_ROOT
+%{__make} -C doc install \
+       DESTDIR=$RPM_BUILD_ROOT
  
  gzip -dc doc/xca.1.gz >$RPM_BUILD_ROOT%{_mandir}/man1/xca.1
  %{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/xca.1.gz
@@ -80,4 +95,9 @@ rm -rf $RPM_BUILD_ROOT
  %{_mandir}/man1/xca.1*
  %{_docdir}/xca
  %{_datadir}/mime/packages/xca.xml
+%{_iconsdir}/hicolor/*/*/*.png
  %{_pixmapsdir}/xca-32x32.xpm
+
+%files -n bash-completion-xca
+%defattr(644,root,root,755)
+%{bash_compdir}/xca
author	Bartek Szady <bszx@bszx.eu>
	Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)
committer	Bartek Szady <bszx@bszx.eu>
	Sun, 30 Jan 2022 13:58:29 +0000 (14:58 +0100)
oids.patch	[deleted file]	patch \| blob \| blame \| history
openssl-3.0.patch	[new file with mode: 0644]	patch \| blob
opt.patch	[new file with mode: 0644]	patch \| blob
xca.spec		patch \| blob \| blame \| history