Publishing details
Changelog
opencryptoki (3.21.0+dfsg-0ubuntu1) mantic; urgency=medium
* New upstream release (LP: #2026732), incl. support for:
- concurrent MK rotation for ep11 token (LP: #2025917)
- concurrent MK rotation for cca token (LP: #2025926)
- cca token: protected key support (LP: #2025923)
- pkcsslotd hardening (LP: #2025922)
Required modifications:
- add libcap-dev to Build-Depends
- adjust and refresh d/p/01-disable-testcases.patch due to changed context
- adjust and refresh d/p/04-pkcsslotd-cmdline-args.patch due to changed
context and fuzz
- adjust, expand and refresh
d/p/lp-1982842-move-pkcs11-group-assigment-from-makefile-to-postinst.patch
due to changed context and changes around pkcsslotd, which req. folders
added to d/opencryptoki.dirs and modifications in d/opencryptoki.postinst
and d/opencryptoki.postrm to work properly.
Fix selected issues on top of v3.21 and add:
- d/p/lp-2026732-common-Correctly-set-default-attributes-for-certific.patch
- d/p/lp-2026732-p11sak-Fix-user-confirmation-prompt-behavior-when-st.patch
- d/p/lp-2026732-pkcsstats-Fix-handling-of-user-name.patch
- d/p/lp-2026732-p11sak-fix-length-handling-when-importing-and-export.patch
- d/p/lp-2026732-p11sak-Fix-listing-of-key-objects-when-other-object-.patch
- d/p/lp-2026732-p11sak-Fix-parsing-of-slot-number-0.patch
* According to LP: #2022088 comment #4, revert d/rules, d/triggers
d/libopencryptoki0.{install,links} back, but do not instead add
d/p/lp-2022088-fix-p11sak-failure-to-find-libopencryptoki.so.patch
to fix 'failure that p11sak is not able to find libopencryptoki',
since the p11sak code was refactored and changed significantly in v3.21.
To fix this now expand d/p/03-dlopen-soname.patch with hunks for
usr/sbin/p11sak/p11sak.h, usr/sbin/pkcshsm_mk_change/pkcshsm_mk_change.c,
usr/sbin/pkcsstats/pkcsstats.c, testcases/common/common.c and
testcases/policy/policytest.c
* d/libopencryptoki0.links{.s390x} Merge files, since the content of the
s390x version of this file applies to all platforms.
* d/*: changes due to wrap-and-sort run
-- Frank Heimes <email address hidden> Fri, 07 Jul 2023 12:15:35 +0200
Builds
Built packages
-
libopencryptoki-dev
PKCS#11 implementation (development)
-
libopencryptoki0
PKCS#11 implementation (library)
-
libopencryptoki0-dbgsym
debug symbols for libopencryptoki0
-
opencryptoki
PKCS#11 implementation (daemon)
-
opencryptoki-dbgsym
debug symbols for opencryptoki
Package files