forked from rpms/openssl
resolve bugzilla 319901 (phew! only took 6 years & 9 days)
This commit is contained in:
Tom Callaway
parent
64e30c5369
commit
9a59868619
@ -7,39 +7,30 @@ set -e
|
|||||||
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
||||||
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
||||||
# RC5: 5,724,428 01/11/2015
|
# RC5: 5,724,428 01/11/2015
|
||||||
# EC: ????????? ??/??/2020
|
|
||||||
# SRP: ????????? ??/??/20??
|
# SRP: ????????? ??/??/20??
|
||||||
|
|
||||||
# Remove assembler portions of IDEA, MDC2, and RC5.
|
# Remove assembler portions of IDEA, MDC2, and RC5.
|
||||||
(find crypto/rc5/asm -type f | xargs -r rm -fv)
|
(find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||||
|
|
||||||
# RC5, EC, SRP.
|
# RC5, SRP.
|
||||||
for a in rc5 ec ecdh ecdsa srp; do
|
for a in rc5 srp; do
|
||||||
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
for c in `find crypto/evp -name "*_rc5.c" -o -name "*_ecdsa.c"`; do
|
for c in `find crypto/evp -name "*_rc5.c"`; do
|
||||||
echo Destroying $c
|
|
||||||
> $c
|
|
||||||
done
|
|
||||||
|
|
||||||
for c in `find crypto/bn -name "*gf2m.c"`; do
|
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
done
|
done
|
||||||
|
|
||||||
for h in `find crypto ssl apps test -name "*.h"` ; do
|
for h in `find crypto ssl apps test -name "*.h"` ; do
|
||||||
echo Removing RC5, SRP and EC references from $h
|
echo Removing RC5, SRP references from $h
|
||||||
cat $h | \
|
cat $h | \
|
||||||
awk 'BEGIN {ech=1;} \
|
awk 'BEGIN {ech=1;} \
|
||||||
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
|
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
|
||||||
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
|
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
|
||||||
/^#[ \t]*ifndef.*NO_EC/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_ECDH/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_ECDSA/ {ech--; next;} \
|
|
||||||
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||||
{if(ech>0) {;print $0};} \
|
{if(ech>0) {;print $0};} \
|
||||||
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
||||||
|
|||||||
2052
openssl-1.0.1e-fips-ec.patch
Normal file
2052
openssl-1.0.1e-fips-ec.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -21,7 +21,7 @@
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.1e
|
Version: 1.0.1e
|
||||||
Release: 4%{?dist}
|
Release: 4%{?dist}.1
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -72,6 +72,7 @@ Patch69: openssl-1.0.1c-dh-1024.patch
|
|||||||
Patch81: openssl-1.0.1-beta2-padlock64.patch
|
Patch81: openssl-1.0.1-beta2-padlock64.patch
|
||||||
Patch82: openssl-1.0.1e-backports.patch
|
Patch82: openssl-1.0.1e-backports.patch
|
||||||
Patch83: openssl-1.0.1e-bad-mac.patch
|
Patch83: openssl-1.0.1e-bad-mac.patch
|
||||||
|
Patch84: openssl-1.0.1e-fips-ec.patch
|
||||||
|
|
||||||
License: OpenSSL
|
License: OpenSSL
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -176,6 +177,7 @@ from other formats to the formats used by the OpenSSL toolkit.
|
|||||||
%patch81 -p1 -b .padlock64
|
%patch81 -p1 -b .padlock64
|
||||||
%patch82 -p1 -b .backports
|
%patch82 -p1 -b .backports
|
||||||
%patch83 -p1 -b .bad-mac
|
%patch83 -p1 -b .bad-mac
|
||||||
|
%patch84 -p1 -b .fips-ec
|
||||||
|
|
||||||
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
|
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
|
||||||
|
|
||||||
@ -227,7 +229,7 @@ sslarch=linux-ppc64
|
|||||||
./Configure \
|
./Configure \
|
||||||
--prefix=/usr --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
|
--prefix=/usr --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
|
||||||
zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
|
zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
|
||||||
enable-cms enable-md2 no-mdc2 no-rc5 no-ec no-ec2m no-ecdh no-ecdsa no-srp \
|
enable-cms enable-md2 no-mdc2 no-rc5 no-srp \
|
||||||
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
|
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
|
||||||
--with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips}
|
--with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips}
|
||||||
|
|
||||||
@ -433,6 +435,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun libs -p /sbin/ldconfig
|
%postun libs -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Oct 15 2013 Tom Callaway <spot@fedoraproject.org> 1.0.1e-4.1
|
||||||
|
- resolve bugzilla 319901 (phew! only took 6 years & 9 days)
|
||||||
|
|
||||||
* Mon Mar 18 2013 Tomas Mraz <tmraz@redhat.com> 1.0.1e-4
|
* Mon Mar 18 2013 Tomas Mraz <tmraz@redhat.com> 1.0.1e-4
|
||||||
- fix random bad record mac errors (#918981)
|
- fix random bad record mac errors (#918981)
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user