diff --git a/0001-ods-enforcer-backup-has-only-one-subcommand.patch b/0001-ods-enforcer-backup-has-only-one-subcommand.patch new file mode 100644 index 0000000000000000000000000000000000000000..3ed6bdee4f4a640f889a9bc8f1461f6509787dd4 --- /dev/null +++ b/0001-ods-enforcer-backup-has-only-one-subcommand.patch @@ -0,0 +1,26 @@ +From bb2cf225c44012a23258966e4406f57d395a177f Mon Sep 17 00:00:00 2001 +From: Willem Toorop +Date: Fri, 21 Feb 2025 10:34:18 +0100 +Subject: [PATCH] `ods-enforcer backup` has only one subcommand + +The code allowed for more than one argument after the first and only to be processed subcommend. +Those excess arguments would just be ignored. +This fix has that corrected so that only a single subcommand is allowed and any excess arguments will result in an error. +--- + enforcer/src/hsmkey/backup_hsmkeys_cmd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/enforcer/src/hsmkey/backup_hsmkeys_cmd.c b/enforcer/src/hsmkey/backup_hsmkeys_cmd.c +index 153922ea5..d44131901 100644 +--- a/enforcer/src/hsmkey/backup_hsmkeys_cmd.c ++++ b/enforcer/src/hsmkey/backup_hsmkeys_cmd.c +@@ -231,7 +231,7 @@ run(cmdhandler_ctx_type* context, int argc, char* argv[]) + } + + /* Find out what we need to do */ +- if (argc < 2) { ++ if (argc != 2) { + client_printf_err(sockfd, "Usage:\n\nbackup [list|prepare|commit|rollback]\n --repository aka -r\n\n"); + status = -1; + } else if (ods_check_command(argv[1],"prepare")) + diff --git a/softhsm.spec b/softhsm.spec index 3d8677217905fee2ede17ff87c016aa4b36e9cb6..7149ff6fba903c9a4d1b0eef914963605025e895 100644 --- a/softhsm.spec +++ b/softhsm.spec @@ -1,12 +1,14 @@ Name: softhsm Version: 2.6.1 -Release: 4 +Release: 5 Summary: Software version of a PKCS#11 Hardware Security Module License: BSD URL: http://www.opendnssec.org/ Source: http://dist.opendnssec.org/source/%{name}-%{version}.tar.gz Source1: http://dist.opendnssec.org/source/%{name}-%{version}.tar.gz.sig +Patch1: 0001-ods-enforcer-backup-has-only-one-subcommand.patch + BuildRequires: openssl-devel >= 1.0.1k-6, sqlite-devel >= 3.4.2, cppunit-devel BuildRequires: gcc-c++, pkgconfig, p11-kit-devel, nss-devel @@ -97,6 +99,9 @@ if [ -f /var/softhsm/slot0.db ]; then fi %changelog +* Fri Apr 18 2025 maxin - 2.6.1-5 +- ods-enforcer backup has only one subcommand + * Thu Feb 2 2023 zhengxiaoxiao - 2.6.1-4 - Disable the make check to temporarily avoid the build failure issue