jonathan/openssl
1
0
Fork 0
forked from rpms/openssl
Code Pull Requests Activity

- set UTC timezone on pod2man run (#578842)

Browse Source 
- make X509_NAME_hash_old work in FIPS mode
This commit is contained in:
Tomáš Mráz 2010-04-06 14:49:34 +00:00
parent c2fc1058b4
commit 7325c65a3e
2 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
openssl-1.0.0-name-hash.patch Normal file
View File

@ -0,0 +1,22 @@
diff -up openssl-1.0.0/crypto/x509/x509_cmp.c.name-hash openssl-1.0.0/crypto/x509/x509_cmp.c
--- openssl-1.0.0/crypto/x509/x509_cmp.c.name-hash 2010-01-12 18:27:10.000000000 +0100
+++ openssl-1.0.0/crypto/x509/x509_cmp.c 2010-04-06 16:44:52.000000000 +0200
@@ -236,10 +236,17 @@ unsigned long X509_NAME_hash_old(X509_NA
{
unsigned long ret=0;
unsigned char md[16];
+ EVP_MD_CTX ctx;
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x,NULL);
- EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
+
+ EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)
+ && EVP_DigestUpdate(&ctx, x->bytes->data, x->bytes->length)
+ && EVP_DigestFinal_ex(&ctx, md, NULL);
+ EVP_MD_CTX_cleanup(&ctx);
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)

3
openssl.spec
View File

@ -60,6 +60,7 @@ Patch49: openssl-1.0.0-beta4-algo-doc.patch
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
Patch51: openssl-1.0.0-version.patch Patch51: openssl-1.0.0-version.patch
Patch52: openssl-1.0.0-beta4-aesni.patch Patch52: openssl-1.0.0-beta4-aesni.patch
Patch53: openssl-1.0.0-name-hash.patch
# Backported fixes including security fixes # Backported fixes including security fixes
License: OpenSSL License: OpenSSL
@ -140,6 +141,7 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch50 -p1 -b .dtls1-abi %patch50 -p1 -b .dtls1-abi
%patch51 -p1 -b .version %patch51 -p1 -b .version
%patch52 -p1 -b .aesni %patch52 -p1 -b .aesni
%patch53 -p1 -b .name-hash
# Modify the various perl scripts to reference perl in the right location. # Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}` perl util/perlpath.pl `dirname %{__perl}`
@ -387,6 +389,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%changelog %changelog
* Tue Apr 6 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-2 * Tue Apr 6 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-2
- set UTC timezone on pod2man run (#578842) - set UTC timezone on pod2man run (#578842)
- make X509_NAME_hash_old work in FIPS mode
* Tue Mar 30 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-1 * Tue Mar 30 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-1
- update to final 1.0.0 upstream release - update to final 1.0.0 upstream release