- update to final 1.0.0 upstream release

This commit is contained in:
Tomáš Mráz 2010-03-30 09:57:36 +00:00
parent 129cd80b24
commit f07ff38d38
7 changed files with 439 additions and 611 deletions

View File

@ -1 +1 @@
openssl-1.0.0-beta5-usa.tar.bz2
openssl-1.0.0-usa.tar.bz2

View File

@ -1,109 +0,0 @@
Gracefully handle zero length in assembler implementations of OPENSSL_cleanse.
diff -up openssl-1.0.0-beta5/crypto/ia64cpuid.S.cleanse openssl-1.0.0-beta5/crypto/ia64cpuid.S
--- openssl-1.0.0-beta5/crypto/ia64cpuid.S.cleanse 2007-07-27 20:03:27.000000000 +0200
+++ openssl-1.0.0-beta5/crypto/ia64cpuid.S 2010-02-12 18:13:52.000000000 +0100
@@ -130,9 +130,11 @@ OPENSSL_wipe_cpu:
.global OPENSSL_cleanse#
.proc OPENSSL_cleanse#
OPENSSL_cleanse:
+{ .mib; cmp.eq p6,p0=0,r33 // len==0
#if defined(_HPUX_SOURCE) && !defined(_LP64)
-{ .mmi; addp4 r32=0,r32 };;
+ addp4 r32=0,r32
#endif
+(p6) br.ret.spnt b0 };;
{ .mib; and r2=7,r32
cmp.leu p6,p0=15,r33 // len>=15
(p6) br.cond.dptk .Lot };;
diff -up openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl.cleanse openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl
--- openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl.cleanse 2008-01-13 23:01:29.000000000 +0100
+++ openssl-1.0.0-beta5/crypto/perlasm/ppc-xlate.pl 2010-02-12 18:13:52.000000000 +0100
@@ -101,6 +101,13 @@ my $bnelr = sub {
" .long ".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
" bclr $bo,2";
};
+my $beqlr = sub {
+ my $f = shift;
+ my $bo = $f=~/-/ ? 12+2 : 12; # optional "not to be taken" hint
+ ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints
+ " .long ".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
+ " bclr $bo,2";
+};
# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
# arguments is 64, with "operand out of range" error.
my $extrdi = sub {
diff -up openssl-1.0.0-beta5/crypto/ppccpuid.pl.cleanse openssl-1.0.0-beta5/crypto/ppccpuid.pl
--- openssl-1.0.0-beta5/crypto/ppccpuid.pl.cleanse 2008-09-12 16:45:53.000000000 +0200
+++ openssl-1.0.0-beta5/crypto/ppccpuid.pl 2010-02-12 18:13:52.000000000 +0100
@@ -67,6 +67,8 @@ Loop: lwarx r5,0,r3
$CMPLI r4,7
li r0,0
bge Lot
+ $CMPLI r4,0
+ beqlr-
Little: mtctr r4
stb r0,0(r3)
addi r3,r3,1
diff -up openssl-1.0.0-beta5/crypto/sparccpuid.S.cleanse openssl-1.0.0-beta5/crypto/sparccpuid.S
--- openssl-1.0.0-beta5/crypto/sparccpuid.S.cleanse 2007-05-19 19:26:48.000000000 +0200
+++ openssl-1.0.0-beta5/crypto/sparccpuid.S 2010-02-12 18:13:52.000000000 +0100
@@ -242,6 +242,10 @@ OPENSSL_cleanse:
#else
bgu .Lot
#endif
+ cmp %o1,0
+ bne .Little
+ nop
+ retl
nop
.Little:
diff -up openssl-1.0.0-beta5/crypto/s390xcpuid.S.cleanse openssl-1.0.0-beta5/crypto/s390xcpuid.S
--- openssl-1.0.0-beta5/crypto/s390xcpuid.S.cleanse 2010-01-19 22:40:56.000000000 +0100
+++ openssl-1.0.0-beta5/crypto/s390xcpuid.S 2010-02-12 18:13:52.000000000 +0100
@@ -62,6 +62,8 @@ OPENSSL_cleanse:
lghi %r0,0
clgr %r3,%r4
jh .Lot
+ clgr %r3,%r0
+ bcr 8,%r14
.Little:
stc %r0,0(%r2)
la %r2,1(%r2)
diff -up openssl-1.0.0-beta5/crypto/x86cpuid.pl.cleanse openssl-1.0.0-beta5/crypto/x86cpuid.pl
--- openssl-1.0.0-beta5/crypto/x86cpuid.pl.cleanse 2009-05-14 20:25:29.000000000 +0200
+++ openssl-1.0.0-beta5/crypto/x86cpuid.pl 2010-02-12 18:13:52.000000000 +0100
@@ -279,11 +279,14 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
&xor ("eax","eax");
&cmp ("ecx",7);
&jae (&label("lot"));
+ &cmp ("ecx",0);
+ &je (&label("ret"));
&set_label("little");
&mov (&BP(0,"edx"),"al");
&sub ("ecx",1);
&lea ("edx",&DWP(1,"edx"));
&jnz (&label("little"));
+&set_label("ret");
&ret ();
&set_label("lot",16);
diff -up openssl-1.0.0-beta5/crypto/x86_64cpuid.pl.cleanse openssl-1.0.0-beta5/crypto/x86_64cpuid.pl
--- openssl-1.0.0-beta5/crypto/x86_64cpuid.pl.cleanse 2009-05-14 20:25:29.000000000 +0200
+++ openssl-1.0.0-beta5/crypto/x86_64cpuid.pl 2010-02-12 18:13:52.000000000 +0100
@@ -145,12 +145,14 @@ OPENSSL_cleanse:
xor %rax,%rax
cmp \$15,$arg2
jae .Lot
+ cmp \$0,$arg2
+ je .Lret
.Little:
mov %al,($arg1)
sub \$1,$arg2
lea 1($arg1),$arg1
jnz .Little
- ret
+.Lret: ret
.align 16
.Lot:
test \$7,$arg1

View File

@ -1,14 +0,0 @@
We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
on having the same beta status of OpenSSL library as they were built against.
diff -up openssl-1.0.0-beta5/crypto/opensslv.h.version openssl-1.0.0-beta5/crypto/opensslv.h
--- openssl-1.0.0-beta5/crypto/opensslv.h.version 2010-01-20 18:16:43.000000000 +0100
+++ openssl-1.0.0-beta5/crypto/opensslv.h 2010-01-20 20:20:23.000000000 +0100
@@ -25,7 +25,7 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x10000005L
+#define OPENSSL_VERSION_NUMBER 0x10000003L
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips-beta5 20 Jan 2010"
#else

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,13 @@
diff -up openssl-1.0.0/crypto/opensslv.h.version openssl-1.0.0/crypto/opensslv.h
--- openssl-1.0.0/crypto/opensslv.h.version 2010-03-30 10:59:26.000000000 +0200
+++ openssl-1.0.0/crypto/opensslv.h 2010-03-30 11:00:52.000000000 +0200
@@ -25,7 +25,8 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000000fL
+/* we have to keep the version number to not break the abi */
+#define OPENSSL_VERSION_NUMBER 0x10000003L
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips 29 Mar 2010"
#else

View File

@ -11,8 +11,6 @@
# 1.0.0 soversion = 10
%define soversion 10
%define beta beta5
# Number of threads to spawn when testing some threading fixes.
%define thread_test_threads %{?threads:%{threads}}%{!?threads:1}
@ -23,10 +21,10 @@
Summary: A general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.0
Release: 0.22.%{beta}%{?dist}
Release: 1%{?dist}
# We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below.
Source: openssl-%{version}-%{beta}-usa.tar.bz2
Source: openssl-%{version}-usa.tar.bz2
Source1: hobble-openssl
Source2: Makefile.certificate
Source6: make-dummy-cert
@ -51,7 +49,7 @@ Patch34: openssl-0.9.6-x509.patch
Patch35: openssl-0.9.8j-version-add-engines.patch
Patch38: openssl-1.0.0-beta5-cipher-change.patch
Patch39: openssl-1.0.0-beta5-ipv6-apps.patch
Patch40: openssl-1.0.0-beta5-fips.patch
Patch40: openssl-1.0.0-fips.patch
Patch41: openssl-1.0.0-beta3-fipscheck.patch
Patch43: openssl-1.0.0-beta3-fipsmode.patch
Patch44: openssl-1.0.0-beta3-fipsrng.patch
@ -59,10 +57,9 @@ Patch45: openssl-0.9.8j-env-nozlib.patch
Patch47: openssl-1.0.0-beta5-readme-warning.patch
Patch49: openssl-1.0.0-beta4-algo-doc.patch
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
Patch51: openssl-1.0.0-beta5-version.patch
Patch51: openssl-1.0.0-version.patch
Patch52: openssl-1.0.0-beta4-aesni.patch
# Backported fixes including security fixes
Patch53: openssl-1.0.0-beta5-cleanse.patch
License: OpenSSL
Group: System Environment/Libraries
@ -112,7 +109,7 @@ package provides Perl scripts for converting certificates and keys
from other formats to the formats used by the OpenSSL toolkit.
%prep
%setup -q -n %{name}-%{version}-%{beta}
%setup -q -n %{name}-%{version}
%{SOURCE1} > /dev/null
%patch0 -p1 -b .redhat
@ -141,7 +138,6 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch50 -p1 -b .dtls1-abi
%patch51 -p1 -b .version
%patch52 -p1 -b .aesni
%patch53 -p1 -b .cleanse
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
@ -387,6 +383,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig
%changelog
* Tue Mar 30 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-1
- update to final 1.0.0 upstream release
* Tue Feb 16 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.22.beta5
- make TLS work in the FIPS mode

View File

@ -1 +1 @@
531160d84017cb52e3c23b52cca0d5cf openssl-1.0.0-beta5-usa.tar.bz2
f1d0d73327d74b302f503763bddf1cf8 openssl-1.0.0-usa.tar.bz2