diff --git a/.gitignore b/.gitignore index d3a8c75..9d784f4 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,11 @@ /sscg-3.0.1.tar.gz /sscg-3.0.2.tar.gz /sscg-3.0.3.tar.gz +/sscg-3.0.5.tar.gz +/sscg-3.0.6.tar.gz +/sscg-3.0.7.tar.gz +/sscg-3.0.8.tar.gz +/sscg-4.0.0.tar.gz +/sscg-4.0.1.tar.gz +/sscg-4.0.2.tar.gz +/sscg-4.0.3.tar.gz diff --git a/0001-Avoid-segfault-on-receiving-bad-CLI-arguments.patch b/0001-Avoid-segfault-on-receiving-bad-CLI-arguments.patch new file mode 100644 index 0000000..c80dc87 --- /dev/null +++ b/0001-Avoid-segfault-on-receiving-bad-CLI-arguments.patch @@ -0,0 +1,38 @@ +From 0c37e7ace585cfb550a0ffd9d5c331d059fd687f Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Tue, 2 Dec 2025 12:12:26 -0500 +Subject: [PATCH] Avoid segfault on receiving bad CLI arguments + +Signed-off-by: Stephen Gallagher +--- + src/sscg.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/sscg.c b/src/sscg.c +index b9b191f109300f6447262858f57a3a8321a14966..00e2862c2d6be5c44a4a362fc926e1a07d31d7bf 100644 +--- a/src/sscg.c ++++ b/src/sscg.c +@@ -59,7 +59,7 @@ int + main (int argc, const char **argv) + { + int ret, sret; +- struct sscg_options *options; ++ struct sscg_options *options = NULL; + bool build_client_cert = false; + char *dhparams_file = NULL; + +@@ -342,7 +342,10 @@ main (int argc, const char **argv) + done: + if (ret != EOK) + { +- sscg_io_utils_delete_output_files (options->streams); ++ if (options) ++ { ++ sscg_io_utils_delete_output_files (options->streams); ++ } + } + talloc_zfree (main_ctx); + if (getenv ("SSCG_TALLOC_REPORT")) +-- +2.52.0 + diff --git a/sources b/sources index 261d5bb..ebbdfd3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sscg-3.0.3.tar.gz) = 5820a44deaabf67296bf218485a22a5b58fcf48c6c33e2617946d0edaded3554f1acb2fb170eb189cdf4f8a61bb29bcb0385dc54996f7d0acdc8f45048b8e081 +SHA512 (sscg-4.0.3.tar.gz) = f629cf7e32d4d4e7c1f58c4a53be925b96980e6fb3106e3a36a72f85c723bd79fba6aecdbf092b50f915a8833297bc7c6c1ccbe04fef488db38bbdc1e3a95b96 diff --git a/sscg.spec b/sscg.spec index 791b0c8..4a60e76 100644 --- a/sscg.spec +++ b/sscg.spec @@ -9,23 +9,26 @@ %{!?meson_test: %global meson_test %{__meson} test -C %{_vpath_builddir} --num-processes %{_smp_build_ncpus} --print-errorlogs} Name: sscg -Version: 3.0.3 +Version: 4.0.3 Release: %autorelease -Summary: Simple SSL certificate generator +Summary: Simple Signed Certificate Generator -License: GPLv3+ with exceptions +License: GPL-3.0-or-later WITH cryptsetup-OpenSSL-exception URL: https://%{provider_prefix} -Source0: https://%{provider_prefix}/archive/refs/tags/%{repo}-%{version}.tar.gz +Source0: %{URL}/archive/refs/tags/sscg-%{version}.tar.gz BuildRequires: gcc BuildRequires: libtalloc-devel BuildRequires: openssl BuildRequires: openssl-devel BuildRequires: popt-devel -BuildRequires: libpath_utils-devel BuildRequires: meson BuildRequires: ninja-build BuildRequires: help2man +# Upstream patch to avoid segfaults when receiving bad CLI arguments +# https://github.com/sgallagher/sscg/commit/0c37e7ace585cfb550a0ffd9d5c331d059fd687f +Patch: 0001-Avoid-segfault-on-receiving-bad-CLI-arguments.patch + %description A utility to aid in the creation of more secure "self-signed" @@ -36,7 +39,7 @@ up a full PKI environment and without exposing the machine to a risk of false signatures from the service certificate. %prep -%autosetup -p1 -n %{name}-%{name}-%{version} +%autosetup -p1 -n sscg-sscg-%{version} %build