opensc: update to version 0.24.0

Brings security fixes for CVE-2023-40660, CVE-2023-40661 and CVE-2023-4535. See release notes for further details: https://github.com/OpenSC/OpenSC/releases/tag/0.24.0 and https://github.com/OpenSC/OpenSC/releases/tag/0.23.0 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-12-20 03:53:24 +00:00 · 2023-12-20 03:53:24 +00:00 · b67923b334
parent 823a53c4a2
commit b67923b334
2 changed files with 10 additions and 29 deletions
--- a/utils/opensc/Makefile
+++ b/utils/opensc/Makefile
@ -8,9 +8,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=opensc
-PKG_VERSION:=0.22.0
-PKG_RELEASE:=2
-PKG_HASH:=8d4e5347195ebea332be585df61dcc470331c26969e4b0447c851fb0844c7186
+PKG_VERSION:=0.24.0
+PKG_RELEASE:=1
+PKG_HASH:=24d03c69287291da32a30c4c38a304ad827f56cb85d83619e1f5403ab6480ef8

 PKG_LICENSE:=LGPL-2.1-or-later
 PKG_LICENSE_FILES:=COPYING
@ -107,13 +107,17 @@ TOOLS:= \
 	cardos-tool \
 	cryptoflex-tool \
 	dnie-tool \
+	egk-tool \
 	eidenv \
+	gids-tool \
+	goid-tool \
 	iasecc-tool \
 	netkey-tool \
 	openpgp-tool \
 	opensc-tool \
 	opensc-explorer:+libncurses:+libreadline \
 	piv-tool \
+	pkcs11-register \
 	pkcs11-tool \
 	pkcs15-crypt \
 	pkcs15-init \
@ -129,6 +133,7 @@ PROFILES:= \
 	entersafe \
 	epass2003 \
 	flex \
+	gids \
 	gpk \
 	ias_adele_admin1 \
 	ias_adele_admin2 \
@ -138,14 +143,14 @@ PROFILES:= \
 	iasecc_generic_pki \
 	iasecc \
 	incrypto34 \
-	jcop \
-	miocos \
+	isoApplet \
 	muscle \
 	myeid \
 	oberthur \
 	openpgp \
 	pkcs15 \
 	rutoken_ecp \
+	rutoken_lite \
 	rutoken \
 	sc-hsm \
 	setcos \
--- a/utils/opensc/patches/010-openssl-deprecated.patch
+++ b/utils/opensc/patches/010-openssl-deprecated.patch
@ -1,24 +0,0 @@
--- a/src/libopensc/sc-ossl-compat.h
-+++ b/src/libopensc/sc-ossl-compat.h
-@@ -101,6 +101,21 @@ extern "C" {
- #endif
- 
- /*
-+ * 1.1.0 depracated ERR_load_crypto_strings(), SSL_load_error_strings(), ERR_free_strings()
-+ * and ENGINE_load_dynamic.EVP_CIPHER_CTX_cleanup and EVP_CIPHER_CTX_init are replaced
-+ * by EVP_CIPHER_CTX_reset.
-+ * But for compatability with LibreSSL and older OpenSSL. OpenSC uses the older functions
-+ */
-+#if OPENSSL_API_COMPAT >= 0x10100000L  && !defined(LIBRESSL_VERSION_NUMBER)
-+#define ERR_load_crypto_strings(x) {}
-+#define SSL_load_error_strings(x)  {}
-+#define ERR_free_strings(x)        {}
-+#define ENGINE_load_dynamic(x)     {}
-+#define EVP_CIPHER_CTX_cleanup(x) EVP_CIPHER_CTX_reset(x)
-+#define EVP_CIPHER_CTX_init(x) EVP_CIPHER_CTX_reset(x)
-+#endif
-+
-+/*
-  * OpenSSL-1.1.0-pre5 has hidden the RSA and DSA structures
-  * One can no longer use statements like rsa->n = ...
-  * Macros and defines don't work on all systems, so use inline versions