Compare commits

..

1 commit

Author SHA1 Message Date
Packit Service
f764878e4a [packit] 3.0.1 upstream release
Upstream tag: sscg-3.0.1
Upstream commit: cba79c9a

Signed-off-by: Packit Service <user-cont-team+packit-service@redhat.com>
2021-10-29 16:58:08 +00:00
13 changed files with 20 additions and 381 deletions

View file

@ -1 +0,0 @@
1

11
.gitignore vendored
View file

@ -22,15 +22,4 @@
/sscg-2.6.0.tar.xz
/sscg-2.6.1.tar.xz
/sscg-2.6.2.tar.xz
/sscg-3.0.0.tar.xz
/sscg-3.0.1.tar.gz
/sscg-3.0.2.tar.gz
/sscg-3.0.3.tar.gz
/sscg-3.0.5.tar.gz
/sscg-3.0.6.tar.gz
/sscg-3.0.7.tar.gz
/sscg-3.0.8.tar.gz
/sscg-4.0.0.tar.gz
/sscg-4.0.1.tar.gz
/sscg-4.0.2.tar.gz
/sscg-4.0.3.tar.gz

View file

@ -1,51 +1,38 @@
# See the documentation for more information:
# https://packit.dev/docs/configuration/
specfile_path: .distro/sscg.spec
files_to_sync:
- src: .distro/sscg.spec
dest: sscg.spec
- src: .packit.yaml
dest: .packit.yaml
- src: get_current_version.sh
dest: get_current_version.sh
specfile_path: packaging/fedora/sscg.spec
sync_changelog: true
upstream_package_name: sscg
downstream_package_name: sscg
upstream_tag_template: sscg-{version}
archive_root_dir_template: "{upstream_pkg_name}-{upstream_pkg_name}-{version}"
downstream_package_name: sscg
notifications:
pull_request:
successful_build: true
srpm_build_deps:
- meson
- jq
actions:
get-current-version:
- ./get_current_version.sh
jobs:
- job: copr_build
trigger: pull_request
targets:
metadata:
targets:
- fedora-all
- centos-stream-8
- centos-stream-9
- epel-8
- job: tests
trigger: pull_request
targets:
metadata:
targets:
- fedora-all
- centos-stream-8
- centos-stream-9
- epel-8
- job: propose_downstream
trigger: release
dist_git_branches:
- fedora-all
metadata:
dist_git_branches:
- fedora-all

View file

@ -1,38 +0,0 @@
From 0c37e7ace585cfb550a0ffd9d5c331d059fd687f Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Tue, 2 Dec 2025 12:12:26 -0500
Subject: [PATCH] Avoid segfault on receiving bad CLI arguments
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
---
src/sscg.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/sscg.c b/src/sscg.c
index b9b191f109300f6447262858f57a3a8321a14966..00e2862c2d6be5c44a4a362fc926e1a07d31d7bf 100644
--- a/src/sscg.c
+++ b/src/sscg.c
@@ -59,7 +59,7 @@ int
main (int argc, const char **argv)
{
int ret, sret;
- struct sscg_options *options;
+ struct sscg_options *options = NULL;
bool build_client_cert = false;
char *dhparams_file = NULL;
@@ -342,7 +342,10 @@ main (int argc, const char **argv)
done:
if (ret != EOK)
{
- sscg_io_utils_delete_output_files (options->streams);
+ if (options)
+ {
+ sscg_io_utils_delete_output_files (options->streams);
+ }
}
talloc_zfree (main_ctx);
if (getenv ("SSCG_TALLOC_REPORT"))
--
2.52.0

View file

@ -1,3 +1,3 @@
This repository is maintained by packit.
https://packit.dev/
The file was generated using packit 0.76.0.
The file was generated using packit 0.39.1.dev13+g8f037f5.

215
changelog
View file

@ -1,215 +0,0 @@
* Wed Jul 21 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-1
- Release 3.0.0
- Support for OpenSSL 3.0
- Support for outputting named Diffie-Hellman parameter groups
- Support for CentOS Stream 9
* Wed Mar 17 2021 Stephen Gallagher <sgallagh@redhat.com> - 2.6.2-5
- Fixing incorrect license declaration
* Wed Mar 17 2021 Stephen Gallagher <sgallagh@redhat.com> - 2.6.2-4
- Updating to rebuild against the latest glibc
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 23 2020 Stephen Gallagher <sgallagh@redhat.com> - 2.6.2-1
- Update to 2.6.2
- Handle very short and very long passphrases properly (fixes rhbz#1850183)
- Drop upstreamed patch
* Thu Apr 30 2020 Stephen Gallagher <sgallagh@redhat.com> - 2.6.1-4
- Rebuild with corrected ELN macro definitions
* Thu Apr 30 2020 Stephen Gallagher <sgallagh@redhat.com> - 2.6.1-3
- Don't bother running clang-format in the RPM build
- Lengthen the test timeout so ARM tests pass
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jan 09 2020 Stephen Gallagher <sgallagh@redhat.com> - 2.6.1-1
- Bugfixes from upstream
* Fri Dec 13 2019 Stephen Gallagher <sgallagh@redhat.com> - 2.6.0-2
- Fix incorrect help description for --client-key-file
* Fri Dec 13 2019 Stephen Gallagher <sgallagh@redhat.com> - 2.6.0-1
- Update to 2.6.0
- Can now generate an empty CRL file.
- Can now create and store a Diffie-Hellman parameters (dhparams) file.
- Support for setting a password on private keys.
- Support for generating a client authentication certificate and key.
- Better support for OpenSSL 1.0
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Nov 28 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.5.1-1
- Update to 2.5.1
- Fixes discovered by automated testing.
* Wed Nov 28 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.5.0-1
- Update to 2.5.0
- Auto-detect the hash algorithm to use by default.
* Tue Nov 27 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.4.0-1
- Update to 2.4.0
- Autodetect the minimum key strength from the system security level.
- Disallow setting a key strength below the system minimum.
- Drop upstreamed patches
* Mon Sep 17 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.3.3-4
- Add a manpage.
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Feb 02 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.3.3-1
- Update to 2.3.3
- Do not overwrite destination files without --force
* Thu Jan 25 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.3.2-1
- Update to 2.3.2
- Properly support hostnames up to 64 characters
- Resolves: rhbz#1535537
* Tue Jan 02 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.3.1-2
- Skip tests on 32-bit ARM for now
* Tue Jan 02 2018 Stephen Gallagher <sgallagh@redhat.com> - 2.3.1-1
- Update to 2.3.1
- Bundle popt 1.16 on older releases like EPEL.
* Mon Dec 18 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.3.0-1
- Update to 2.3.0
- Switch to meson build system
- Add support for non-DNS subjectAlternativeName values (issue #4)
* Thu Sep 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.2.0-1
- Reorder combined PEM file
- Resolves: RHBZ#1494208
* Wed Sep 20 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.1.0-1
- Add --email argument for setting emailAddress in the issuer
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Apr 03 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.4-2
- Bump release to perform taskotron tests
* Tue Mar 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.4-1
- Update to 2.0.4
- Addresses a potential race-condition when the key and certificate share the
same file.
* Wed Mar 08 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.3-1
- Update to 2.0.3
- Adds support for setting the file mode on the output certificates
and keys.
* Fri Mar 03 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.2-1
- Update to 2.0.2
- Always run with umask(077)
* Fri Mar 03 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.1-1
- Update to 2.0.1
- Fix an issue with passing certificate lifetime explicitly
* Thu Feb 16 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.0.0-1
- Update to 2.0.0
* Thu Feb 16 2017 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-6
- Exclude PPC64 from the build since it doesn't support linking to OpenSSL
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Nov 23 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-4
- Use compat-openssl10-devel on F26+
* Thu Jul 21 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-3
- https://fedoraproject.org/wiki/Changes/golang1.7
* Tue May 31 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-2
- Debundle spacelog
* Wed May 25 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-1
- Update to 1.1.0
- Add support for signing service keys with an existing CA
* Wed May 25 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.0.4-1
- Add support for exporting the CA private key
- Fix incorrect output from -version
- Add README.md
* Tue May 24 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.0.3-1
- Only sign certificates after all extensions have been added
* Mon May 23 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.0.2-1
- Generate x509v3 certificates
* Mon May 23 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.0.1-1
- Fix issue with temporary file creation
* Mon May 23 2016 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-1
- New upstream release 1.0.0
- Rewritten in Go
- Runtime depends only on OpenSSL, no more Python
- Support for writing certificate and key in a single file
* Wed May 18 2016 Stephen Gallagher <sgallagh@redhat.com> - 0.4.1-4
- Add requirement on python-setuptools
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Mar 30 2015 Stephen Gallagher <sgallagh@redhat.com> 0.4.1-1
- Change default CA location to match service certificate
- Improve error handling
* Tue Mar 24 2015 Stephen Gallagher <sgallagh@redhat.com> 0.4.0-1
- Spec file cleanups
- PEP8 Cleanups
- Make location arguments optional
* Mon Mar 23 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.0-1
- Rename to sscg
- Only build with default python interpreter
* Tue Mar 17 2015 Stephen Gallagher <sgallagh@redhat.com> 0.2.1-1
- Include the LICENSE file in the tarball
* Tue Mar 17 2015 Stephen Gallagher <sgallagh@redhat.com> 0.2-2
- Include the license in the build RPMs
* Tue Mar 17 2015 Stephen Gallagher <sgallagh@redhat.com> 0.2-1
- Add support for namedConstraints
- Add support for subjectAltNames
- Fix packaging issues from Fedora package review
* Mon Mar 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.1-2
- Update BuildRequires
* Mon Mar 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.1-1
- First packaging

1
ci.fmf
View file

@ -1 +0,0 @@
resultsdb-testcase: separate

View file

@ -1,18 +0,0 @@
--- !Policy
product_versions:
- fedora-*
decision_contexts: [bodhi_update_push_testing]
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier2-public.functional}
#gating rawhide
--- !Policy
product_versions:
- fedora-*
decision_contexts: [bodhi_update_push_stable]
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier2-public.functional}

View file

@ -1,46 +0,0 @@
#!/usr/bin/bash
# This file is part of sscg.
#
# sscg is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# sscg is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with sscg. If not, see <http://www.gnu.org/licenses/>.
#
# In addition, as a special exception, the copyright holders give
# permission to link the code of portions of this program with the
# OpenSSL library under certain conditions as described in each
# individual source file, and distribute linked combinations
# including the two.
# You must obey the GNU General Public License in all respects
# for all of the code used other than OpenSSL. If you modify
# file(s) with this exception, you may extend this exception to your
# version of the file(s), but you are not obligated to do so. If you
# do not wish to do so, delete this exception statement from your
# version. If you delete this exception statement from all source
# files in the program, then also delete it here.
#
# Copyright 2023 by Stephen Gallagher <sgallagh@redhat.com>
set -e
tmpdir=$(mktemp -d)
function common_finalize {
exitcode=$?
rm -Rf "$tmpdir"
return $exitcode
}
trap common_finalize EXIT
meson setup ${tmpdir}/getcurrentversion 2>&1 > /dev/null
meson introspect ${tmpdir}/getcurrentversion --projectinfo | jq -r .version

View file

@ -1,7 +0,0 @@
summary: Public (Fedora) Tier1 beakerlib tests
discover:
how: fmf
url: https://src.fedoraproject.org/tests/sscg.git
filter: 'tier: 1'
execute:
how: tmt

View file

@ -1,7 +0,0 @@
summary: Public (Fedora) Tier2 beakerlib tests
discover:
how: fmf
url: https://src.fedoraproject.org/tests/sscg.git
filter: 'tier: 2'
execute:
how: tmt

View file

@ -1 +1 @@
SHA512 (sscg-4.0.3.tar.gz) = f629cf7e32d4d4e7c1f58c4a53be925b96980e6fb3106e3a36a72f85c723bd79fba6aecdbf092b50f915a8833297bc7c6c1ccbe04fef488db38bbdc1e3a95b96
SHA512 (sscg-3.0.1.tar.gz) = 3a4d656b5e709675730de50e68adb0e7bac61d818eb99627ef763c78c1604b7d407d01e3d5bb96e6830d05cfc19276cb0da820f6dd74c54374fd1bdb5e680393

View file

@ -9,26 +9,22 @@
%{!?meson_test: %global meson_test %{__meson} test -C %{_vpath_builddir} --num-processes %{_smp_build_ncpus} --print-errorlogs}
Name: sscg
Version: 4.0.3
Version: 3.0.1
Release: %autorelease
Summary: Simple Signed Certificate Generator
Summary: Simple SSL certificate generator
License: GPL-3.0-or-later WITH cryptsetup-OpenSSL-exception
License: GPLv3+ with exceptions
URL: https://%{provider_prefix}
Source0: %{URL}/archive/refs/tags/sscg-%{version}.tar.gz
Source0: https://%{provider_prefix}/archive/refs/tags/%{repo}-%{version}.tar.gz
BuildRequires: gcc
BuildRequires: libtalloc-devel
BuildRequires: openssl
BuildRequires: openssl-devel
BuildRequires: popt-devel
BuildRequires: libpath_utils-devel
BuildRequires: meson
BuildRequires: ninja-build
BuildRequires: help2man
# Upstream patch to avoid segfaults when receiving bad CLI arguments
# https://github.com/sgallagher/sscg/commit/0c37e7ace585cfb550a0ffd9d5c331d059fd687f
Patch: 0001-Avoid-segfault-on-receiving-bad-CLI-arguments.patch
%description
A utility to aid in the creation of more secure "self-signed"
@ -39,7 +35,7 @@ up a full PKI environment and without exposing the machine to a risk of
false signatures from the service certificate.
%prep
%autosetup -p1 -n sscg-sscg-%{version}
%autosetup -p1 -n %{name}-%{name}-%{version}
%build