From 1e36ec64d6b71859f81ef1e6c517446dde02e0cb Mon Sep 17 00:00:00 2001
From: wang--ge <wang__ge@126.com>
Date: Fri, 6 Dec 2024 16:34:55 +0800
Subject: [PATCH] revert a dose not work feature 12f1671

(cherry picked from commit d217823eeacac1af2e9d824d412cc13bbec451f7)
---
 ...vert-a-dose-not-work-feature-12f1671.patch | 47 +++++++++++++++++++
 pesign.spec                                   |  6 ++-
 2 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 0002-revert-a-dose-not-work-feature-12f1671.patch

diff --git a/0002-revert-a-dose-not-work-feature-12f1671.patch b/0002-revert-a-dose-not-work-feature-12f1671.patch
new file mode 100644
index 0000000..8ac0ab1
--- /dev/null
+++ b/0002-revert-a-dose-not-work-feature-12f1671.patch
@@ -0,0 +1,47 @@
+From 4d2f5853379d2d1f3afe1954df746b075926de88 Mon Sep 17 00:00:00 2001
+From: wang--ge <wang__ge@126.com>
+Date: Fri, 6 Dec 2024 16:14:51 +0800
+Subject: [PATCH] revert a dose not work feature 12f1671
+
+---
+ src/cms_common.c | 17 ++---------------
+ 1 file changed, 2 insertions(+), 15 deletions(-)
+
+diff --git a/src/cms_common.c b/src/cms_common.c
+index 228d0ab..85c9205 100644
+--- a/src/cms_common.c
++++ b/src/cms_common.c
+@@ -406,8 +406,6 @@ static SECStatus
+ is_valid_cert_without_private_key(CERTCertificate *cert, void *data)
+ {
+ 	struct validity_cbdata *cbd = (struct validity_cbdata *)data;
+-	PK11SlotInfo *slot = cbd->slot;
+-	SECKEYPrivateKey *privkey = NULL;
+ 	int errnum;
+ 
+ 	errnum = PORT_GetError();
+@@ -422,19 +420,8 @@ is_valid_cert_without_private_key(CERTCertificate *cert, void *data)
+ 		return SECFailure;
+ 	}
+ 
+-	privkey = PK11_FindPrivateKeyFromCert(slot, cert, cbd->cms);
+-	if (privkey == NULL) {
+-		if (cbd->cert)
+-			CERT_DestroyCertificate(cbd->cert);
+-		PORT_SetError(0);
+-		cbd->cert = CERT_DupCertificate(cert);
+-		CERT_DestroyCertificate(cert);
+-		return SECSuccess;
+-	} else {
+-		SECKEY_DestroyPrivateKey(privkey);
+-		CERT_DestroyCertificate(cert);
+-	}
+-	return SECFailure;
++	cbd->cert = cert;
++	return SECSuccess;
+ }
+ 
+ int
+-- 
+2.43.0
+
diff --git a/pesign.spec b/pesign.spec
index e0bb438..fd7d868 100644
--- a/pesign.spec
+++ b/pesign.spec
@@ -2,7 +2,7 @@
 Name:          pesign
 Summary:       Signing utility for UEFI binaries
 Version:       116
-Release:       4
+Release:       5
 License:       GPLv2
 URL:           https://github.com/rhboot/pesign
 Source0:       https://github.com/rhboot/pesign/archive/refs/tags/116.tar.gz
@@ -18,6 +18,7 @@ BuildRequires: python3-rpm-macros python3 systemd python3-devel gcc mandoc
 
 Patch0001:     Bugfix-cms_common-fix-cert-match-check.patch
 Patch0002:     0001-cms_common-Fixed-Segmentation-fault.patch
+Patch0003:     0002-revert-a-dose-not-work-feature-12f1671.patch
 
 Patch9000:     Feature-pesign-support-SM3-digest-algorithm.patch
 Patch9001:     Feature-pesign-support-SM2-signature-algorithm.patch
@@ -100,6 +101,9 @@ exit 0
 %{_mandir}/man*/*
 
 %changelog
+* Fri Dec 06 2024 Ge Wang <wang__ge@126.com> - 116-5
+- Revert a dose not work feature 12f1671
+
 * Tue May 07 2024 xu_ping <707078654@qq.com> - 116-4
 - Remove unused i option in authvar 
 
-- 
Gitee