forked from rpms/openssl
enable RC5 with permission from Legal
This commit is contained in:
parent
8f6be98bf7
commit
589d3ee15b
@ -6,26 +6,21 @@ set -e
|
|||||||
# Clean out patent-or-otherwise-encumbered code.
|
# Clean out patent-or-otherwise-encumbered code.
|
||||||
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
||||||
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
||||||
# RC5: 5,724,428 01/11/2015
|
# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore
|
||||||
# EC: ????????? ??/??/2020
|
# EC: ????????? ??/??/2020
|
||||||
# SRP: ????????? ??/??/20??
|
# SRP: ????????? ??/??/20??
|
||||||
|
|
||||||
# Remove assembler portions of IDEA, MDC2, and RC5.
|
# Remove assembler portions of IDEA, MDC2, and RC5.
|
||||||
(find crypto/rc5/asm -type f | xargs -r rm -fv)
|
# (find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||||
|
|
||||||
# RC5, SRP.
|
# SRP.
|
||||||
for a in rc5 srp; do
|
for a in srp; do
|
||||||
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
for c in `find crypto/evp -name "*_rc5.c"`; do
|
|
||||||
echo Destroying $c
|
|
||||||
> $c
|
|
||||||
done
|
|
||||||
|
|
||||||
for c in `find crypto/bn -name "*gf2m.c"`; do
|
for c in `find crypto/bn -name "*gf2m.c"`; do
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
@ -37,11 +32,10 @@ for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c" -o -name "ecp_nist
|
|||||||
done
|
done
|
||||||
|
|
||||||
for h in `find crypto ssl apps test -name "*.h"` ; do
|
for h in `find crypto ssl apps test -name "*.h"` ; do
|
||||||
echo Removing RC5, SRP and EC2M references from $h
|
echo Removing SRP and EC2M references from $h
|
||||||
cat $h | \
|
cat $h | \
|
||||||
awk 'BEGIN {ech=1;} \
|
awk 'BEGIN {ech=1;} \
|
||||||
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
|
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
|
||||||
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
|
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
|
||||||
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||||
{if(ech>0) {;print $0};} \
|
{if(ech>0) {;print $0};} \
|
||||||
@ -50,4 +44,4 @@ for h in `find crypto ssl apps test -name "*.h"` ; do
|
|||||||
done
|
done
|
||||||
|
|
||||||
# Make the makefiles happy.
|
# Make the makefiles happy.
|
||||||
touch crypto/rc5/asm/rc5-586.pl
|
# touch crypto/rc5/asm/rc5-586.pl
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.2g
|
Version: 1.0.2g
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -288,7 +288,7 @@ sslflags=enable-ec_nistp_64_gcc_128
|
|||||||
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \
|
--system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \
|
||||||
zlib sctp enable-camellia enable-seed enable-tlsext enable-rfc3779 \
|
zlib sctp enable-camellia enable-seed enable-tlsext enable-rfc3779 \
|
||||||
enable-cms enable-md2 enable-ssl2 \
|
enable-cms enable-md2 enable-ssl2 \
|
||||||
no-mdc2 no-rc5 no-ec2m no-gost no-srp \
|
no-mdc2 enable-rc5 no-ec2m no-gost no-srp \
|
||||||
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
|
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
|
||||||
--with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips}
|
--with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips}
|
||||||
|
|
||||||
@ -502,6 +502,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun libs -p /sbin/ldconfig
|
%postun libs -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 7 2016 Tom Callaway <spot@fedoraproject.org> - 1.0.2g-3
|
||||||
|
- enable RC5
|
||||||
|
|
||||||
* Wed Mar 2 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.2g-2
|
* Wed Mar 2 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.2g-2
|
||||||
- reenable SSL2 in the build to avoid ABI break (it does not
|
- reenable SSL2 in the build to avoid ABI break (it does not
|
||||||
make the openssl vulnerable to DROWN attack)
|
make the openssl vulnerable to DROWN attack)
|
||||||
|
Loading…
Reference in New Issue
Block a user