forked from rpms/openssl
		
	update to upstream version 1.1.0h
Add Recommends for openssl-pkcs11
This commit is contained in:
		
							parent
							
								
									6d92af0099
								
							
						
					
					
						commit
						6eb8f62027
					
				
							
								
								
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -37,3 +37,4 @@ openssl-1.0.0a-usa.tar.bz2 | ||||
| /openssl-1.1.0e-hobbled.tar.xz | ||||
| /openssl-1.1.0f-hobbled.tar.xz | ||||
| /openssl-1.1.0g-hobbled.tar.xz | ||||
| /openssl-1.1.0h-hobbled.tar.xz | ||||
|  | ||||
							
								
								
									
										2
									
								
								ectest.c
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								ectest.c
									
									
									
									
									
								
							| @ -962,7 +962,7 @@ int main(int argc, char *argv[]) | ||||
|         CRYPTO_set_mem_debug(1); | ||||
|     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||||
| 
 | ||||
|     RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ | ||||
|     RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */ | ||||
| 
 | ||||
|     prime_field_tests(); | ||||
|     puts(""); | ||||
|  | ||||
| @ -1,7 +1,7 @@ | ||||
| diff -up openssl-1.1.0f/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.1.0f/crypto/rsa/rsa_gen.c
 | ||||
| --- openssl-1.1.0f/crypto/rsa/rsa_gen.c.cc-reqs	2017-05-25 14:46:19.000000000 +0200
 | ||||
| +++ openssl-1.1.0f/crypto/rsa/rsa_gen.c	2017-06-02 14:13:45.352475862 +0200
 | ||||
| @@ -85,6 +85,12 @@ static int rsa_builtin_keygen(RSA *rsa,
 | ||||
| diff -up openssl-1.1.0h/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.1.0h/crypto/rsa/rsa_gen.c
 | ||||
| --- openssl-1.1.0h/crypto/rsa/rsa_gen.c.cc-reqs	2018-03-27 15:50:39.000000000 +0200
 | ||||
| +++ openssl-1.1.0h/crypto/rsa/rsa_gen.c	2018-03-29 14:37:53.405048562 +0200
 | ||||
| @@ -86,6 +86,12 @@ static int rsa_builtin_keygen(RSA *rsa,
 | ||||
|      if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) == NULL)) | ||||
|          goto err; | ||||
|   | ||||
| @ -14,7 +14,7 @@ diff -up openssl-1.1.0f/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.1.0f/crypto/rsa/r | ||||
|      if (BN_copy(rsa->e, e_value) == NULL) | ||||
|          goto err; | ||||
|   | ||||
| @@ -107,7 +113,9 @@ static int rsa_builtin_keygen(RSA *rsa,
 | ||||
| @@ -118,7 +124,9 @@ static int rsa_builtin_keygen(RSA *rsa,
 | ||||
|          do { | ||||
|              if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) | ||||
|                  goto err; | ||||
| @ -24,4 +24,4 @@ diff -up openssl-1.1.0f/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.1.0f/crypto/rsa/r | ||||
| +        } while (BN_ucmp(r2, r3) <= 0);
 | ||||
|          if (!BN_sub(r2, rsa->q, BN_value_one())) | ||||
|              goto err; | ||||
|          if (!BN_gcd(r1, r2, rsa->e, ctx)) | ||||
|          ERR_set_mark(); | ||||
|  | ||||
| @ -1,9 +1,9 @@ | ||||
| diff -up openssl-1.1.0f/apps/s_client.c.disable-ssl3 openssl-1.1.0f/apps/s_client.c
 | ||||
| --- openssl-1.1.0f/apps/s_client.c.disable-ssl3	2017-06-05 15:42:44.838853312 +0200
 | ||||
| +++ openssl-1.1.0f/apps/s_client.c	2017-07-17 14:50:06.468821871 +0200
 | ||||
| @@ -1486,6 +1486,9 @@ int s_client_main(int argc, char **argv)
 | ||||
|      if (sdebug) | ||||
|          ssl_ctx_security_debug(ctx, sdebug); | ||||
| diff -up openssl-1.1.0h/apps/s_client.c.disable-ssl3 openssl-1.1.0h/apps/s_client.c
 | ||||
| --- openssl-1.1.0h/apps/s_client.c.disable-ssl3	2018-03-29 14:38:39.612133765 +0200
 | ||||
| +++ openssl-1.1.0h/apps/s_client.c	2018-03-29 14:41:51.309635904 +0200
 | ||||
| @@ -1489,6 +1489,9 @@ int s_client_main(int argc, char **argv)
 | ||||
|      if (!config_ctx(cctx, ssl_args, ctx)) | ||||
|          goto end; | ||||
|   | ||||
| +    if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
 | ||||
| +        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
 | ||||
| @ -11,24 +11,23 @@ diff -up openssl-1.1.0f/apps/s_client.c.disable-ssl3 openssl-1.1.0f/apps/s_clien | ||||
|      if (ssl_config) { | ||||
|          if (SSL_CTX_config(ctx, ssl_config) == 0) { | ||||
|              BIO_printf(bio_err, "Error using configuration \"%s\"\n", | ||||
| diff -up openssl-1.1.0f/apps/s_server.c.disable-ssl3 openssl-1.1.0f/apps/s_server.c
 | ||||
| --- openssl-1.1.0f/apps/s_server.c.disable-ssl3	2017-05-25 14:46:18.000000000 +0200
 | ||||
| +++ openssl-1.1.0f/apps/s_server.c	2017-07-17 14:49:50.434447583 +0200
 | ||||
| @@ -1614,6 +1614,10 @@ int s_server_main(int argc, char *argv[]
 | ||||
|      } | ||||
|      if (sdebug) | ||||
|          ssl_ctx_security_debug(ctx, sdebug); | ||||
| +
 | ||||
| diff -up openssl-1.1.0h/apps/s_server.c.disable-ssl3 openssl-1.1.0h/apps/s_server.c
 | ||||
| --- openssl-1.1.0h/apps/s_server.c.disable-ssl3	2018-03-29 14:38:39.613133788 +0200
 | ||||
| +++ openssl-1.1.0h/apps/s_server.c	2018-03-29 14:42:27.313481477 +0200
 | ||||
| @@ -1619,6 +1619,9 @@ int s_server_main(int argc, char *argv[]
 | ||||
|      if (!config_ctx(cctx, ssl_args, ctx)) | ||||
|          goto end; | ||||
|   | ||||
| +    if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
 | ||||
| +        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
 | ||||
| +
 | ||||
|      if (ssl_config) { | ||||
|          if (SSL_CTX_config(ctx, ssl_config) == 0) { | ||||
|              BIO_printf(bio_err, "Error using configuration \"%s\"\n", | ||||
| diff -up openssl-1.1.0/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.0/ssl/ssl_lib.c
 | ||||
| --- openssl-1.1.0/ssl/ssl_lib.c.disable-ssl3	2016-08-25 17:29:22.000000000 +0200
 | ||||
| +++ openssl-1.1.0/ssl/ssl_lib.c	2016-09-08 11:08:05.252082263 +0200
 | ||||
| @@ -2470,6 +2470,13 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
 | ||||
| diff -up openssl-1.1.0h/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.0h/ssl/ssl_lib.c
 | ||||
| --- openssl-1.1.0h/ssl/ssl_lib.c.disable-ssl3	2018-03-27 15:50:40.000000000 +0200
 | ||||
| +++ openssl-1.1.0h/ssl/ssl_lib.c	2018-03-29 14:38:39.614133811 +0200
 | ||||
| @@ -2653,6 +2653,13 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
 | ||||
|       * or by using the SSL_CONF library. | ||||
|       */ | ||||
|      ret->options |= SSL_OP_NO_COMPRESSION; | ||||
| @ -42,19 +41,19 @@ diff -up openssl-1.1.0/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.0/ssl/ssl_lib.c | ||||
|   | ||||
|      ret->tlsext_status_type = -1; | ||||
|   | ||||
| diff -up openssl-1.1.0/test/ssl_test.c.disable-ssl3 openssl-1.1.0/test/ssl_test.c
 | ||||
| --- openssl-1.1.0/test/ssl_test.c.disable-ssl3	2016-09-08 11:08:05.252082263 +0200
 | ||||
| +++ openssl-1.1.0/test/ssl_test.c	2016-09-08 11:11:44.802005886 +0200
 | ||||
| @@ -258,6 +258,7 @@ static int execute_test(SSL_TEST_FIXTURE
 | ||||
| diff -up openssl-1.1.0h/test/ssl_test.c.disable-ssl3 openssl-1.1.0h/test/ssl_test.c
 | ||||
| --- openssl-1.1.0h/test/ssl_test.c.disable-ssl3	2018-03-29 14:38:39.615133835 +0200
 | ||||
| +++ openssl-1.1.0h/test/ssl_test.c	2018-03-29 14:43:37.893139086 +0200
 | ||||
| @@ -277,6 +277,7 @@ static int execute_test(SSL_TEST_FIXTURE
 | ||||
|              SSL_TEST_SERVERNAME_CB_NONE) { | ||||
|              server2_ctx = SSL_CTX_new(TLS_server_method()); | ||||
|              TEST_check(server2_ctx != NULL); | ||||
| +            SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3);
 | ||||
|          } | ||||
|          client_ctx = SSL_CTX_new(TLS_client_method()); | ||||
|   | ||||
| @@ -266,11 +267,15 @@ static int execute_test(SSL_TEST_FIXTURE
 | ||||
|              resume_client_ctx = SSL_CTX_new(TLS_client_method()); | ||||
|          TEST_check(SSL_CTX_set_max_proto_version(client_ctx, TLS_MAX_VERSION)); | ||||
| @@ -290,11 +291,15 @@ static int execute_test(SSL_TEST_FIXTURE
 | ||||
|                                                       TLS_MAX_VERSION)); | ||||
|              TEST_check(resume_server_ctx != NULL); | ||||
|              TEST_check(resume_client_ctx != NULL); | ||||
| +            SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3);
 | ||||
| @ -69,10 +68,10 @@ diff -up openssl-1.1.0/test/ssl_test.c.disable-ssl3 openssl-1.1.0/test/ssl_test. | ||||
|   | ||||
|      TEST_check(CONF_modules_load(conf, fixture.test_app, 0) > 0); | ||||
|   | ||||
| diff -up openssl-1.1.0/test/ssltest_old.c.disable-ssl3 openssl-1.1.0/test/ssltest_old.c
 | ||||
| --- openssl-1.1.0/test/ssltest_old.c.disable-ssl3	2016-08-25 17:29:23.000000000 +0200
 | ||||
| +++ openssl-1.1.0/test/ssltest_old.c	2016-09-08 11:08:05.253082286 +0200
 | ||||
| @@ -1456,6 +1456,11 @@ int main(int argc, char *argv[])
 | ||||
| diff -up openssl-1.1.0h/test/ssltest_old.c.disable-ssl3 openssl-1.1.0h/test/ssltest_old.c
 | ||||
| --- openssl-1.1.0h/test/ssltest_old.c.disable-ssl3	2018-03-27 15:50:41.000000000 +0200
 | ||||
| +++ openssl-1.1.0h/test/ssltest_old.c	2018-03-29 14:38:39.615133835 +0200
 | ||||
| @@ -1460,6 +1460,11 @@ int main(int argc, char *argv[])
 | ||||
|          ERR_print_errors(bio_err); | ||||
|          goto end; | ||||
|      } | ||||
|  | ||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @ -1,6 +1,6 @@ | ||||
| diff -up openssl-1.1.0g/apps/app_rand.c.silent-rnd-write openssl-1.1.0g/apps/app_rand.c
 | ||||
| --- openssl-1.1.0g/apps/app_rand.c.silent-rnd-write	2017-05-25 14:46:17.000000000 +0200
 | ||||
| +++ openssl-1.1.0g/apps/app_rand.c	2018-01-11 18:05:32.332703425 +0100
 | ||||
| diff -up openssl-1.1.0h/apps/app_rand.c.silent-rnd-write openssl-1.1.0h/apps/app_rand.c
 | ||||
| --- openssl-1.1.0h/apps/app_rand.c.silent-rnd-write	2018-03-27 15:50:37.000000000 +0200
 | ||||
| +++ openssl-1.1.0h/apps/app_rand.c	2018-03-29 15:27:24.597891091 +0200
 | ||||
| @@ -91,6 +91,7 @@ long app_RAND_load_files(char *name)
 | ||||
|  int app_RAND_write_file(const char *file) | ||||
|  { | ||||
| @ -11,7 +11,7 @@ diff -up openssl-1.1.0g/apps/app_rand.c.silent-rnd-write openssl-1.1.0g/apps/app | ||||
|          /* | ||||
| @@ -103,8 +104,10 @@ int app_RAND_write_file(const char *file
 | ||||
|      if (file == NULL) | ||||
|          file = RAND_file_name(buffer, sizeof buffer); | ||||
|          file = RAND_file_name(buffer, sizeof(buffer)); | ||||
|      if (file == NULL || !RAND_write_file(file)) { | ||||
| -        BIO_printf(bio_err, "unable to write 'random state'\n");
 | ||||
| -        return 0;
 | ||||
|  | ||||
| @ -1,7 +1,7 @@ | ||||
| diff -up openssl-1.1.0-pre5/apps/version.c.version-add-engines openssl-1.1.0-pre5/apps/version.c
 | ||||
| --- openssl-1.1.0-pre5/apps/version.c.version-add-engines	2016-07-18 15:25:52.694531409 +0200
 | ||||
| +++ openssl-1.1.0-pre5/apps/version.c	2016-07-18 15:32:53.943062181 +0200
 | ||||
| @@ -153,7 +153,7 @@ int version_main(int argc, char **argv)
 | ||||
| diff -up openssl-1.1.0h/apps/version.c.version-add-engines openssl-1.1.0h/apps/version.c
 | ||||
| --- openssl-1.1.0h/apps/version.c.version-add-engines	2018-03-27 15:50:37.000000000 +0200
 | ||||
| +++ openssl-1.1.0h/apps/version.c	2018-03-29 14:33:30.732879537 +0200
 | ||||
| @@ -52,7 +52,7 @@ int version_main(int argc, char **argv)
 | ||||
|  { | ||||
|      int ret = 1, dirty = 0; | ||||
|      int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0; | ||||
| @ -10,16 +10,16 @@ diff -up openssl-1.1.0-pre5/apps/version.c.version-add-engines openssl-1.1.0-pre | ||||
|      char *prog; | ||||
|      OPTION_CHOICE o; | ||||
|   | ||||
| @@ -190,7 +190,7 @@ int version_main(int argc, char **argv)
 | ||||
| @@ -90,7 +90,7 @@ opthelp:
 | ||||
|              dirty = version = 1; | ||||
|              break; | ||||
|          case OPT_A: | ||||
| -            cflags = version = date = platform = dir = engdir = 1;
 | ||||
| +            cflags = version = date = platform = dir = engdir = engines = 1;
 | ||||
| -            options = cflags = version = date = platform = dir = engdir = 1;
 | ||||
| +            options = cflags = version = date = platform = dir = engdir = engines = 1;
 | ||||
|              break; | ||||
|          } | ||||
|      } | ||||
| @@ -235,6 +235,16 @@ int version_main(int argc, char **argv)
 | ||||
| @@ -139,6 +139,16 @@ opthelp:
 | ||||
|          printf("%s\n", OpenSSL_version(OPENSSL_DIR)); | ||||
|      if (engdir) | ||||
|          printf("%s\n", OpenSSL_version(OPENSSL_ENGINES_DIR)); | ||||
|  | ||||
| @ -21,8 +21,8 @@ | ||||
| 
 | ||||
| Summary: Utilities from the general purpose cryptography library with TLS implementation | ||||
| Name: openssl | ||||
| Version: 1.1.0g | ||||
| Release: 6%{?dist} | ||||
| Version: 1.1.0h | ||||
| Release: 1%{?dist} | ||||
| Epoch: 1 | ||||
| # We have to remove certain patented algorithms from the openssl source | ||||
| # tarball with the hobble-openssl script which is included below. | ||||
| @ -86,6 +86,7 @@ Summary: A general purpose cryptography library with TLS implementation | ||||
| Group: System Environment/Libraries | ||||
| Requires: ca-certificates >= 2008-5 | ||||
| Requires: crypto-policies | ||||
| Recommends: openssl-pkcs11%{?_isa} | ||||
| # Needed obsoletes due to the base/lib subpackage split | ||||
| Obsoletes: openssl < 1:1.0.1-0.3.beta3 | ||||
| Obsoletes: openssl-fips < 1:1.0.1e-28 | ||||
| @ -429,6 +430,10 @@ export LD_LIBRARY_PATH | ||||
| %postun libs -p /sbin/ldconfig | ||||
| 
 | ||||
| %changelog | ||||
| * Thu Mar 29 2018 Tomáš Mráz <tmraz@redhat.com> 1.1.0h-1 | ||||
| - update to upstream version 1.1.0h | ||||
| - add Recommends for openssl-pkcs11 | ||||
| 
 | ||||
| * Fri Feb 23 2018 Tomáš Mráz <tmraz@redhat.com> 1.1.0g-6 | ||||
| - one more try to apply RPM_LD_FLAGS properly (#1541033) | ||||
| - dropped unneeded starttls xmpp patch (#1417017) | ||||
|  | ||||
							
								
								
									
										2
									
								
								sources
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								sources
									
									
									
									
									
								
							| @ -1 +1 @@ | ||||
| SHA512 (openssl-1.1.0g-hobbled.tar.xz) = 6020086f57a115b7024a0ce320d3a8c95b172c85b8f9825c6190c9974a77be39e2f3c69006f975c466ad419b2217118f887d5973fa6ed4db8254d402cde1d70b | ||||
| SHA512 (openssl-1.1.0h-hobbled.tar.xz) = cba4641956d6593f5cf5164bed12fb3acfaa9c24a69d5642cc0267d0918555450a12ddeac6e02b246afa64e7019f35baa0d9302d1f06e3be5555d8340319c5e4 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user