p11-kit-32bit-0.23.22-150500.8.3.1<>,Ke:;Yp9|(HRb= JOP[S {\X$T~%~uZS;F=Sl(N5~p-X: $h3?6x f | xR ùUxmrO/-Rt\G8>s\ }H7nXiUG߭%,\F9"mq *ԚPM9F@VcE%kXU&dh>ap[+~CRj;)2>>2?2d % J )JW m    2 4<FPx0(j8t 9 :E >/xG/H/I/X/Y/\/]/^/b0c0d1Ce1Hf1Kl1Mu1`v1hw2x2 y22h2l2r2Cp11-kit-32bit0.23.22150500.8.3.1Library to work with PKCS#11 modulesp11-kit provides a way to load and enumerate PKCS#11 modules, as well as a standard configuration setup for installing PKCS#11 modules in such a way that they're discoverable.e:;Yh01-ch2cwSUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://p11-glue.freedesktop.org/p11-kit.htmllinuxx86_64/sbin/ldconfigwAe:;Ye:;Y9cabf30d83cb0464f04056c5d85d71c1a59ac7d664ebb17e51fde4455582cdd3rootrootrootrootp11-kit-0.23.22-150500.8.3.1.src.rpmp11-kit-32bitp11-kit-32bit(x86-32)@@@@@@@@@@@@@@@@@@@@@    /bin/shld-linux.so.2ld-linux.so.2(GLIBC_2.3)libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.16)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.26)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.6)libc.so.6(GLIBC_2.8)libdl.so.2libdl.so.2(GLIBC_2.0)libpthread.so.0libpthread.so.0(GLIBC_2.0)libtasn1.so.6libtasn1.so.6(LIBTASN1_0_3)p11-kitrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)0.23.223.0.4-14.6.0-14.0-15.2-14.14.3e7ca^@]Γ@ZX43@V@T9T;pmonreal@suse.comlnussel@suse.comscabrero@suse.delnussel@suse.delnussel@suse.dekukuk@suse.desbrabec@suse.commpluskal@suse.comp.drouand@gmail.comlnussel@suse.de- Ensure that programs using can be compiled with CRYPTOKI_GNU. Fixes GnuTLS builds. [jsc#PED-6705] * Add p11-kit-pkcs11-gnu-Enable-testing-with-p11-kit-pkcs11x.h.patch- Backport IBM specific mechanism and attributes (Jira#PED-584) 0001-Add-IBM-specific-mechanism-and-attributes.patch 0002-Add-support-for-serializing-CK_ECDH1_DERIVE_PARAMS-m.patch 0003-client-Allow-zero-part-length-at-C_SignUpdate.patch 0004-Fix-support-of-CKA_DERIVE_TEMPLATE.patch 0005-Add-other-SHA-variants-also-for-RSA-and-EC-signature.patch 0006-Add-support-for-missing-AES-and-DES-DES3-mechanisms.patch 0007-Add-support-for-MAC-and-HMAC-general-mechanisms.patch 0008-Add-support-for-CKM_DH_PKCS_DERIVE.patch 0009-rpc-Handle-special-cases-for-buffer-and-length.patch 0010-Add-support-for-CKM_AES_CTR.patch 0011-Add-support-for-CKM_AES_GCM.patch 0012-common-pkcs11x.h-Support-CRYPTOKI_GNU-for-IBM-vendor.patch- Update to version 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066): * Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook * anchor: Prefer persistent format when storing anchor [PR#329] * common: Fix infloop in p11_path_build [PR#326, PR#327] * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325] * common: Check for a NULL locale before freeing it [PR#321] * Build and test fixes [PR#313, PR#315, PR#317, PR#318, PR#319, PR#323, PR#330, PR#333, PR#334, PR#335, PR#338, PR#339] - Changes for version 0.23.21 * proxy: Do not assign duplicate slot IDs [PR#282] * common: Get program name based on executable path if possible [PR#307] * anchor: Exit with non-zero code, if any error occurs [PR#304] * Build and test fixes [PR#283, PR#290, PR#291, PR#292, PR#296, PR#299, PR#305, PR#306, PR#309, PR#311] - Changes for version 0.23.20: * Revert "Fix RPC when length-s are 0" changes [PR#276] - Changes for version 0.23.19: * common: add Russian PKCS#11 extensions to pkcs11x.h header [PR#255] * Add simple bash completion for provided commands [PR#258] * Unbreak list matching in enable-in and disable-in [PR#262] * Fix RPC when length-s are 0 [PR#259] * rpc: Add vsock transport support [PR#270] * trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [PR#265] * Build fixes [PR#271, PR#272, PR#273, ...] - Changes for version 0.23.18: * rpc: Allow empty CK_DATE value [PR#253] * build: Meson fixes [PR#245] * build: Adjust feature parity between meson and autotools [PR#247] - Changes for version 0.23.17: * common: Fix uClibc-ng compilation [PR#237] * trust: do not allow daylight to invalidate date validation [PR#236] * build: Port to meson build system [PR#231, PR#234] * rpc: On UNIX wait on condition variable instead of FD if header is for a different thread [PR#232] * doc: Add 'server' command in help [PR#229] * Build and test fixes [PR#230] - Changes for version 0.23.16: * proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specified [PR#225] * conf: Ignore user configuration if the program is running as root [PR#226] * proxy: Refresh slot list on every C_GetSlotList call [PR#224] * modules: Fix index used in call to p11_dict_remove() [PR#219] * Fix Win32 p11_dl_error crash [PR#218] * modules: check gl.modules before iterates on it when freeing [PR#217] * trust: Ignore unreadable content in anchors [PR#215] * extract-jks: Prefer _p11_extract_jks_timestamp to SOURCE_DATE_EPOCH [PR#213] - Changes for version 0.23.15: * trust: Improve error handling if backed trust file is corrupted [PR#206] * url: Prefer upper-case letters in hex characters when encoding [PR#193] * trust/extract-jks.c: also honor SOURCE_DATE_EPOCH time [PR#202] * virtual: Prefer fixed closures to libffi closures [PR#196] * Fix issues spotted by coverity and cppcheck [PR#194, PR#204] * Build and test fixes [PR#164, PR#191, PR#199, PR#201] - Changes for version 0.23.14: * proxy: Avoid invalid memory access when unloading proxy module [PR#180] * Update pkcs11 header to allow SoftHSMv2 to compile [PR#181] * build: Restore libpthread dependency [PR#183] * Build fixes [PR#188] - Changes for version 0.23.13: * server: Enable socket activation through systemd [PR#173] * rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modules [PR#174] * proxy: Fail early if there is no slot mapping [PR#175] * Remove hard dependency on libpthread [PR#177] * Build fixes [PR#170, PR#176] - Changes for version 0.23.12 * Fix compile error when PKCS#11 GNU calling convention is enabled [PR#160] * Fix getauxval() and secure_getenv() emulation on macOS and FreeBSD [PR#167] * Build and test fixes on macOS [PR#162, PR#168] - Changes for version 0.23.11 * trust: Add extractor for edk2/cacerts.bin [PR#139] * modules: Add option to control module visibility from proxy [PR#140] * trust: Prevent trust module being loaded by proxy module [PR#142] * library: Use dedicated locale object for printing error [PR#148] * Treat CKR_CRYPTOKI_ALREADY_INITIALIZED correctly [PR#134] * Improve const correctness for P11KitUri [PR#152] * PKCS#11 URI scheme comparison is now case insensitive [PR#156] * Build and test fixes [PR#151, PR#149, PR#141, PR#138, PR#135] - Changes for version 0.23.10 * filter: Respect "write-protected" vendor-specific attribute in PKCS#11 URI [PR#129] * server: Improve shell integration and documentation [PR#107, PR#108] * proxy: Reuse existing slot ID mapping in after fork() [PR#120] * trust: Forcibly mark "Default Trust" read-only [PR#123] * New function p11_kit_override_system_files() which can be used for testing [PR#110] * trust: Filter out duplicate extensions [PR#69] * Update translations [PR#128] * Bug fixes [PR#125, PR#126] - Changes for version 0.23.9 * Fix p11-kit server regressions [PR#103, PR#104] * trust: Respect anyExtendedKeyUsage in CA certificates [PR#99] * Build fixes related to reallocarray [PR#96, PR#98, PR#100] - Changes for version 0.23.8 * Improve vendor query attributes handling in PKCS#11 URI [PR#92] * Add OTP and GOST mechanisms to pkcs11.h [PR#90, PR#91] * New envvar P11_KIT_NO_USER_CONFIG to stop looking at user configurations [PR#87] * Build fixes for Solaris and 32-bit big-endian platforms [PR#81, PR#86] - Changes for version 0.23.7 * Fix memory issues with "p11-kit server" [PR#78] * Build fixes [PR#77 ...] - Changes for version 0.23.6 * Port "p11-kit server" to Windows and portability fixes of the RPC protocol [PR#67, PR#72, PR#74] * Recover the old behavior of "trust anchor --remove" [PR#70, PR#71] * Build fixes [PR#63 ...] - Changes for version 0.23.5 * Fix license notice of common/unix-peer.c [PR#58] * Remove systemd unit files for now [PR#60] * Build fixes for FreeBSD [PR#56] - Changes for version 0.23.4 * Recognize query attributes defined in PKCS#11 URI (RFC7512) [PR#31, PR#37, PR#52] * The trust policy module now recognizes CKA_NSS_MOZILLA_CA_POLICY attribute, used by Firefox [#99453, PR#46] * Add 'trust dump' command to dump all PKCS#11 objects in the persistence format [PR#44] * New experimental 'p11-kit server' command that allows PKCS#11 forwarding through a Unix domain socket. A client-side module p11-kit-client.so is also provided [PR#15] * Add systemd unit files for exporting the proxy module through a Unix domain socket [PR#35] * New P11KitIter API to iterate over slots, tokens, and modules in addition to objects [PR#28] * libffi dependency is now optional [PR#9] * Build fixes for FreeBSD, macOS, and Windows [PR#32, PR#39, PR#45] - Changes for version 0.23.3 * Install private executables in libexecdir [fdo#98817] * Fix link error of proxy module on macOS [fdo#98022] * Use new PKCS#11 URI specification for URIs [fdo#97245] * Support x-init-reserved argument of C_Initialize() in remote modules [fdo#80519] * Incorporate changes from PKCS#11 2.40 specification * Bump libtool library version * Documentation fixes * Build fixes [fdo#87192 ...] - Move RPM macros to %_rpmmacrodir. - New server subpackage - Change keyring to new maintainer Daiki Ueno - Avoid bareword to fix build failure - Remove obsolete patches: * p11-kit-biarch.patch * 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch * 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch- Also build documentation (boo#1013125)- support loading NSS attribute CKA_NSS_MOZILLA_CA_POLICY so Firefox detects built in certificates (boo#1154871, 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch, 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch)- Use %license instead of %doc [bsc#1082318]- 32-bit compatibility fixes: * Add PKCS11 module to p11-kit-32bit (bsc#996047#c39) * Add p11-kit-nss-trust-32bit NSS module * Fix potential bi-arch issue with private binaries (fdo#98817, p11-kit-biarch.patch)- Update to 0.23.2 * Fix forking issues with libffi * Fix various crashes in corner cases * Updated translations * Build fixes - Make building more verbose - Enable tests - Small spec file cleanup with spec-cleaner- Update to version 0.23.1 (stable) * Use new PKCS#11 URI draft fields for URIs [fdo#86474 fdo#87582] * Add pem-directory-hash extract format * Build fixes - Remove 0001-trust-allow-to-also-add-openssl-style-hashes-to-pem-d.diff; fixed on upstream release - Remove autoconf, automake and libtool require; unneeded dependencies - Add gtk-doc require; needed to build html documentation - Remove redundant %clean section- remove patches: * trust-Print-label-of-certificate-when-complaining-.patch * trust-Dont-use-invalid-public-keys-for-looking-up-.patch - new version 0.20.7 (stable) * New public pkcs11x.h header containing extensions [fdo#83495] * Export necessary defines to lookup attached extensions [fdo#83495] * Build fixes - new version 0.20.6 (stable) * Make the p11-kit-proxy.so module respect critical = no [fdo#83651] * Build fix for FreeBSD [fdo#75674] - new version 0.20.5 (stable) * Don't use invalid keys for looking up stapled extensions [fdo#82328] * Better error messages when invalid certificate extensions * Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files * Fix some leaks, and memory issues * Silence some clang scanner warnings - new version 0.20.4 (stable) * Don't complain about C_Finalize after a fork * Fix typo/bin/sh0.23.22-150500.8.3.10.23.22-150500.8.3.1pkcs11p11-kit-trust.so/usr/lib//usr/lib/pkcs11/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31290/SUSE_SLE-15-SP5_Update/d2461017bafa557a22e90431a0c28c1a-p11-kit.SUSE_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linuxdirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f9be3fa03d80c646cec44be08cdfd5b14406572b, strippedRRRRRRRR RRR R R RR RRRRRRutf-8806d984b01820df6f8014aed2371353f5342e8d9f50c9948db45f8bcea8c07ff? 7zXZ !t/'T]"k%$P`GwqO|6uH0&brhҲI~ouM8-W-~B! k-` vw'p ZI“[хQS扢Jp̀D"n=-wqZ 6a,r6E(rzK+7LpX'~Tˆ{8.+=M27yo{s*<_7tdJEФ ' jNB@G!E2$ ޤc}xu0hFɌ(q J/|y05 O4ηs:z UVOHfWe .8gܳ:v,pht \h#?Qk?;BɮB\fȑJB 6R8.lJ"?-NrK~HiȨ!U9#Ҥh_bN, vPWHV۵e; 7 &oDyldY4$9@ 㝔MB2[MjhH RZA<#gmXxEUdQ)ǚI8oPhV> Oz.ݳӰ1s$z A;dZl|WNǨ> Ղ؞PkuQ,f)/`* pP_[vӸqie8uQ*8EЍE%ސ:unnA(tףk>%$]M4Hebenn g2q2R*QpH5l;ҿV?jy4\2ao~z甒 qtLPL`EķG6z8„,*uͪ)%|{G$>*[B1wkx:NS.# Jdpƥg6_DvVKpB韯Gh*d8vd PzCWqQ-iOZҫ(IEbeHAA1No̕y%":myܑ*?:u/a6t3^Z]h󡭜_pעΑ&-{_$}[ۯesa0EO) p{NX\Ʀq {Rz)TV;^R?iEwkYIcŰQMĥB 2QYBvd%@tX; HD۔8nB%;R!jE%þH +FUuO4DX oȬ\-e=XJ{IHkPoClu.*Ќ wN~J:V?OK3iܑtU-HEz]]h` T.5^([,yb8)W^ DDj=Y ^.R;6:a"׳ 78#UԛIQq.5>{x-{ePf5x|R ?wKMRp 'lය5{bDd( ,׾I r(cK^lyp'f8ܨuIr]lC@slo$b!S~Qs:!6$g{aH6;AP^(F X)~42O>2eҟQ]%p"Yɲ 2FI+I94tXKid@c{豌€%km6Y{Yu6)sgaoB0$dTGoc)?6T$dcl|Ȝ K@Q0C(u;<Օߵo&8uT]7¯h@HxIlDyII,3z6ˏ,ScьLU\:e r~D&L'\H f"Hc V`n64d{A8S=tǗ<[ǫ԰ ~74^+&BYxK{ߨC[{N2Ƽ) AbRC+?n@$KV  1 Au;H[UCjiA gyJ=Z^FI,"8~2[f~ Z9Ѵ_,@ybb>LXC)"֋+OgEU.CŧXi=?e-zlfp]L&6} 5`(VtP7 )YQ` wqn ׏--7?zɰ%7q8v|AU `?|j PY?M+,C`]2^MvM)+'gaFz^|!076`n?8h435భy94 距1] ZJcM[ jdCVTZZ:.D!X:o(MףLNI5bquPp7R~xL, T. l CDv+c҈:s(5܊:ͣ?Anc8h29Wӎ:|T 2ts o4:1EXp9uX2#Y!q:䷯nQOZiKeѶt|$/Τ3KLUGé1hU^*{ys¯)Ƃd9ީA!$b7,o$ #H׋.ׇq NjpE53@Y.pm0zq}5-(Z~3I4r'flaKnӱ1PG֬vV^z/~;{R07֭İJ_h BȐ.A爠nۤVd_ISdj$[>1QP(F`,Z$Ea֙s)A< >g|qսj_FJU`ac~鼊c cԓ4-}UDRמWŀ7.Z>+ٞn:V/Uڿs*/k`hVdoL.Ua_PLU V +?o:.F#%wc׻[^{bB:zQ~uvʷ%A,A)8>9^_#CNC _=ߧ\G pi\| :"L o앹떎qثymbqhsН2bKUrD2K<KPq`} b1W+iG]_ԩf!/&Q3f YfmI09lЍKYts~[ƢܧT7Bd>M/SQw@.nEF&(եW~ia(;1l2@*}.,G %77@횧 y5Lꚝo*`Цܢz"$M=ޘ|ny@xF4 !^qM*6GΦjX5 گ~1V5p5KRE]ܚ[0+Ey.}b"w5SccŲgտa)Xe-OzL?s6gR,jK֤a[}w+I7AJ1e74AEк'-E{ oƛ8uSM!EM-zrLSH˛|7^:!sDrJ3(nK)e3Fy+Ap\` 'v5dug=˝y[^MQ,"h9+] ~R:ƒŢDk>;\.H1(?v8-9_iLjk_ LԸӦwkO5vXPO7`GKj'8b7@ԉn1JHν.Yml_>I)Nl4v YZ