forked from rpms/openssl
fix regression in EVP_PBE_scrypt() (#1688284)
fix incorrect help message in ca app (#1553206)
This commit is contained in:
parent
e2ea1027fe
commit
c99b8bf7f9
@ -1,12 +1,12 @@
|
||||
diff -up openssl-1.1.0-pre5/apps/ca.c.dgst openssl-1.1.0-pre5/apps/ca.c
|
||||
--- openssl-1.1.0-pre5/apps/ca.c.dgst 2016-04-19 16:57:52.000000000 +0200
|
||||
+++ openssl-1.1.0-pre5/apps/ca.c 2016-07-18 15:58:18.516742682 +0200
|
||||
@@ -216,7 +216,7 @@ OPTIONS ca_options[] = {
|
||||
diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c
|
||||
--- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100
|
||||
+++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100
|
||||
@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = {
|
||||
{"enddate", OPT_ENDDATE, 's',
|
||||
"YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
|
||||
{"days", OPT_DAYS, 'p', "Number of days to certify the cert for"},
|
||||
- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
|
||||
+ {"md", OPT_MD, 's', "md to use; see openssl dgst -h for list"},
|
||||
+ {"md", OPT_MD, 's', "md to use; see openssl help for list"},
|
||||
{"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
|
||||
{"keyfile", OPT_KEYFILE, 's', "Private key"},
|
||||
{"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
|
@ -634,7 +634,7 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
|
||||
/*
|
||||
* Maximum permitted memory allow this to be overridden with Configuration
|
||||
* option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
|
||||
@@ -160,107 +37,39 @@ int EVP_PBE_scrypt(const char *pass, siz
|
||||
@@ -160,107 +37,43 @@ int EVP_PBE_scrypt(const char *pass, siz
|
||||
uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
|
||||
unsigned char *key, size_t keylen)
|
||||
{
|
||||
@ -706,6 +706,10 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
|
||||
+ if (pass == NULL) {
|
||||
+ pass = empty;
|
||||
+ passlen = 0;
|
||||
+ }
|
||||
+ if (salt == NULL) {
|
||||
+ salt = (const unsigned char *)empty;
|
||||
+ saltlen = 0;
|
||||
}
|
||||
-
|
||||
if (maxmem == 0)
|
||||
|
@ -22,7 +22,7 @@
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.1.1b
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
@ -47,7 +47,7 @@ Patch21: openssl-1.1.0-issuer-hash.patch
|
||||
# Functionality changes
|
||||
Patch31: openssl-1.1.1-conf-paths.patch
|
||||
Patch32: openssl-1.1.1-version-add-engines.patch
|
||||
Patch33: openssl-1.1.0-apps-dgst.patch
|
||||
Patch33: openssl-1.1.1-apps-dgst.patch
|
||||
Patch36: openssl-1.1.1-no-brainpool.patch
|
||||
Patch37: openssl-1.1.1-ec-curves.patch
|
||||
Patch38: openssl-1.1.1-no-weak-verify.patch
|
||||
@ -448,6 +448,10 @@ export LD_LIBRARY_PATH
|
||||
%ldconfig_scriptlets libs
|
||||
|
||||
%changelog
|
||||
* Fri Mar 15 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-3
|
||||
- fix regression in EVP_PBE_scrypt() (#1688284)
|
||||
- fix incorrect help message in ca app (#1553206)
|
||||
|
||||
* Fri Mar 1 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-2
|
||||
- use .include = syntax in the config file to allow it
|
||||
to be parsed by 1.0.2 version (#1668916)
|
||||
|
Loading…
Reference in New Issue
Block a user