From f1e00819590fe3ad7d9f9061780b5bba9d10d2ec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
 <congdanhqx@gmail.com>
Date: Wed, 4 Jun 2025 10:37:38 +0700
Subject: [PATCH] yubico-piv-tool: update to 2.7.1.

---
 .../patches/use-after-free.patch              | 96 -------------------
 srcpkgs/yubico-piv-tool/template              | 35 ++++---
 2 files changed, 16 insertions(+), 115 deletions(-)
 delete mode 100644 srcpkgs/yubico-piv-tool/patches/use-after-free.patch

diff --git a/srcpkgs/yubico-piv-tool/patches/use-after-free.patch b/srcpkgs/yubico-piv-tool/patches/use-after-free.patch
deleted file mode 100644
index 9f3f0deded8..00000000000
--- a/srcpkgs/yubico-piv-tool/patches/use-after-free.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 855c0a410efe792d24039708612f1525a5e2b7cc Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Veronika=20Hanul=C3=ADkov=C3=A1?=
- <61348757+xhanulik@users.noreply.github.com>
-Date: Thu, 3 Mar 2022 19:03:44 +0100
-Subject: [PATCH] Fix usage of pointer after free (#362)
-
-* Set uninitialized variables
-
-* Fix use after free
-
-Causes errors "may be used after 'free'", since
-`dec` is not allocated again after `free()`.
-Also, removed assigning of `sizeof(dec)`, because
-`dec` is not static array, but allocated.
----
- ykcs11/tests/ykcs11_tests_util.c | 14 ++++++++------
- 1 file changed, 8 insertions(+), 6 deletions(-)
-
-diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c
-index 77270bd3..530d9028 100644
---- a/ykcs11/tests/ykcs11_tests_util.c
-+++ b/ykcs11/tests/ykcs11_tests_util.c
-@@ -281,7 +281,7 @@ void test_digest_func(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
-   CK_BYTE     digest_update[128] = {0};
-   CK_ULONG    digest_update_len;
-   CK_BYTE     hdata[128] = {0};
--  CK_ULONG    hdata_len;
-+  CK_ULONG    hdata_len = 0;
- 
-   CK_MECHANISM mech = {mech_type, NULL, 0};
- 
-@@ -1015,7 +1015,7 @@ void test_rsa_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE sessio
-   EVP_PKEY_CTX *ctx = NULL;
- 
-   CK_BYTE     hdata[512] = {0};
--  CK_ULONG    hdata_len;
-+  CK_ULONG    hdata_len = 0;
- 
-   CK_OBJECT_HANDLE obj_pubkey;
-   CK_MECHANISM mech = {mech_type, NULL, 0};
-@@ -1193,7 +1193,7 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
-   CK_BYTE*  data;
-   CK_BYTE   enc[512] = {0};
-   CK_BYTE*  dec;
--  CK_ULONG  dec_len;
-+  CK_ULONG  dec_len, dec_len_backup;
- 
-   if(padding == RSA_NO_PADDING) {
-     data_len = RSA_size(rsak);
-@@ -1228,12 +1228,14 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
-       // Decrypt Update
-       asrt(funcs->C_DecryptInit(session, &mech, obj_pvtkey[i]), CKR_OK, "DECRYPT INIT");
-       asrt(funcs->C_Login(session, CKU_CONTEXT_SPECIFIC, (CK_CHAR_PTR)"123456", 6), CKR_OK, "Re-Login USER");
--      dec_len = sizeof(dec);
-+      dec = malloc(dec_len);
-+      dec_len_backup = dec_len;
-       asrt(funcs->C_DecryptUpdate(session, enc, 100, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
--      dec_len = sizeof(dec);
-+      dec_len = dec_len_backup;
-       asrt(funcs->C_DecryptUpdate(session, enc+100, 8, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
--      dec_len = sizeof(dec);
-+      dec_len = dec_len_backup;
-       asrt(funcs->C_DecryptUpdate(session, enc+108, 20, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
-+      free(dec);
-       dec_len = 0;
-       asrt(funcs->C_DecryptFinal(session, NULL, &dec_len), CKR_OK, "DECRYPT FINAL");
-       dec = malloc(dec_len);
-From 720afc81f5e034d2a8d3944e4f28463f808998a4 Mon Sep 17 00:00:00 2001
-From: Dan Fuhry <dan@fuhry.com>
-Date: Thu, 16 Jun 2022 15:09:30 -0400
-Subject: [PATCH] [ykcs11/tests] fix use-after-free warning in gcc 12
-
-gcc 12 includes a new `-Wuse-after-free` warning mode that detects use
-of variables after a call to `free()`. While the use of this variable is
-not in fact a use-after-free, it is more correct to not reuse the `dec`
-variable or explicitly set it to `NULL` after calling `free`.
-
-This is not a security bug.
-
-Signed-Off-By: Dan Fuhry <dan@fuhry.com>
----
- ykcs11/tests/ykcs11_tests_util.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c
-index f10c21cd..876d656c 100644
---- a/ykcs11/tests/ykcs11_tests_util.c
-+++ b/ykcs11/tests/ykcs11_tests_util.c
-@@ -1143,6 +1143,7 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
-       asrt(dec_len, data_len, "DECRYPTED DATA LEN");
-       asrt(memcmp(data, dec, dec_len), 0, "DECRYPTED DATA");
-       free(dec);
-+      dec = NULL;
- 
-       // Decrypt Update
-       asrt(funcs->C_DecryptInit(session, &mech, obj_pvtkey[i]), CKR_OK, "DECRYPT INIT");
diff --git a/srcpkgs/yubico-piv-tool/template b/srcpkgs/yubico-piv-tool/template
index 6cb2dcc510f..2e3c6005c31 100644
--- a/srcpkgs/yubico-piv-tool/template
+++ b/srcpkgs/yubico-piv-tool/template
@@ -1,40 +1,37 @@
 # Template file for 'yubico-piv-tool'
-_libpiv_name="libykpiv"
-_libpiv_desc="Yubikey PIV management library"
-_libykcs_name="libykcs11"
-_libykcs_desc="Yubikey PIV pkcs11 library"
-
 pkgname=yubico-piv-tool
-version=2.3.0
-revision=3
+version=2.7.1
+revision=1
 build_style=cmake
 configure_args="-DGENERATE_MAN_PAGES=OFF"
-hostmakedepends="automake libtool gengetopt pkg-config perl"
-makedepends="openssl-devel check-devel pcsclite-devel"
+hostmakedepends="gengetopt pkg-config perl"
+makedepends="openssl-devel check-devel pcsclite-devel zlib-devel"
 short_desc="Yubikey PIV management tool"
+_libpiv_desc="Yubikey PIV management library"
+_libykcs_desc="Yubikey PIV pkcs11 library"
 maintainer="Aloz1 <kno0001@gmail.com>"
 license="BSD-2-Clause"
 homepage="https://developers.yubico.com/yubico-piv-tool"
 distfiles="https://developers.yubico.com/yubico-piv-tool/Releases/$pkgname-${version}.tar.gz"
-checksum=a02a12d9545d1ef7a1b998606d89b7b655a5f5a1437736cf51db083f876f55a9
+checksum=9813190a5c2560ef7fe8018c03614091e911e0596c5853ef25c82cd9283a444b
 replaces="ykpivmgr>=0"
 provides="ykpivmgr-${version}_${revision}"
 
 libykpiv_package() {
 	short_desc="${_libpiv_desc}"
 	pkg_install() {
-		vmove "usr/lib/${_libpiv_name}.so.*"
+		vmove "usr/lib/${pkgname%-devel}.so.*"
 		vlicense COPYING
 	}
 }
 
 libykpiv-devel_package() {
-	short_desc="${_libpiv_desc} - Development files"
-	depends="${_libpiv_name}>=${version}_${revision}"
+	short_desc="${_libpiv_desc} - development files"
+	depends="${pkgname%-devel}>=${version}_${revision}"
 	pkg_install() {
 		vmove "usr/include"
-		vmove "usr/lib/${_libpiv_name}.so"
-		vmove "usr/lib/${_libpiv_name}.a"
+		vmove "usr/lib/${pkgname%-devel}.so"
+		vmove "usr/lib/${pkgname%-devel}.a"
 		vmove "usr/lib/pkgconfig/ykpiv.pc"
 	}
 }
@@ -42,16 +39,16 @@ libykpiv-devel_package() {
 libykcs11_package() {
 	short_desc="${_libykcs_desc}"
 	pkg_install() {
-		vmove "usr/lib/${_libykcs_name}.so.*"
+		vmove "usr/lib/${pkgname%-devel}.so.*"
 	}
 }
 
 libykcs11-devel_package() {
 	short_desc="${_libykcs_desc} - Development files"
-	depends="${_libykcs_name}>=${version}_${revision}"
+	depends="${pkgname%-devel}>=${version}_${revision}"
 	pkg_install() {
-		vmove "usr/lib/${_libykcs_name}.a"
-		vmove "usr/lib/${_libykcs_name}.so"
+		vmove "usr/lib/${pkgname%-devel}.a"
+		vmove "usr/lib/${pkgname%-devel}.so"
 		vmove "usr/lib/pkgconfig/ykcs11.pc"
 	}
 }