forked from rpms/openssl
We should export 2 versions of OPENSSL_str[n]casecmp to be compatible with upstream
Resolves: rhbz#2133809
This commit is contained in:
parent
0f139ead1a
commit
f2a49ef424
@ -1,14 +1,54 @@
|
||||
diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num
|
||||
--- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200
|
||||
+++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200
|
||||
@@ -5425,8 +5425,8 @@ ASN1_item_d2i_ex
|
||||
ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION:
|
||||
EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION:
|
||||
@@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex
|
||||
EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION:
|
||||
-OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
-OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
+OPENSSL_strcasecmp 5556 3_0_1 EXIST::FUNCTION:
|
||||
+OPENSSL_strncasecmp 5557 3_0_1 EXIST::FUNCTION:
|
||||
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
|
||||
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
|
||||
+OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION:
|
||||
+OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION:
|
||||
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
|
||||
ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
|
||||
ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
|
||||
diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c
|
||||
--- openssl-3.0.7/crypto/o_str.c.cmp 2022-11-25 12:50:22.449760653 +0100
|
||||
+++ openssl-3.0.7/crypto/o_str.c 2022-11-25 12:51:19.416350584 +0100
|
||||
@@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char
|
||||
#endif
|
||||
}
|
||||
|
||||
-int OPENSSL_strcasecmp(const char *s1, const char *s2)
|
||||
+int
|
||||
+#ifndef FIPS_MODULE
|
||||
+__attribute__ ((symver ("OPENSSL_strcasecmp@@OPENSSL_3.0.3"),
|
||||
+ symver ("OPENSSL_strcasecmp@OPENSSL_3.0.1")))
|
||||
+#endif
|
||||
+OPENSSL_strcasecmp(const char *s1, const char *s2)
|
||||
{
|
||||
int t;
|
||||
|
||||
@@ -352,7 +354,12 @@ int OPENSSL_strcasecmp(const char *s1, c
|
||||
return t;
|
||||
}
|
||||
|
||||
-int OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
||||
+int
|
||||
+#ifndef FIPS_MODULE
|
||||
+__attribute__ ((symver ("OPENSSL_strncasecmp@@OPENSSL_3.0.3"),
|
||||
+ symver ("OPENSSL_strncasecmp@OPENSSL_3.0.1")))
|
||||
+#endif
|
||||
+OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
|
||||
{
|
||||
int t;
|
||||
size_t i;
|
||||
diff -up openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp openssl-3.0.7/test/recipes/01-test_symbol_presence.t
|
||||
--- openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp 2022-11-25 18:19:05.669769076 +0100
|
||||
+++ openssl-3.0.7/test/recipes/01-test_symbol_presence.t 2022-11-25 18:31:20.993392678 +0100
|
||||
@@ -77,6 +80,7 @@ foreach my $libname (@libnames) {
|
||||
s| .*||;
|
||||
# Drop OpenSSL dynamic version information if there is any
|
||||
s|\@\@.+$||;
|
||||
+ s|\@.+$||;
|
||||
# Return the result
|
||||
$_
|
||||
}
|
||||
|
11
openssl.spec
11
openssl.spec
@ -96,7 +96,11 @@ Patch50: 0050-FIPS-enable-pkcs12-mac.patch
|
||||
Patch51: 0051-Support-different-R_BITS-lengths-for-KBKDF.patch
|
||||
# Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes
|
||||
Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch
|
||||
# https://github.com/openssl/openssl/pull/18103
|
||||
# Originally from https://github.com/openssl/openssl/pull/18103
|
||||
# As we rebased to 3.0.7 and used the version of the function
|
||||
# not matching the upstream one, we have to use aliasing.
|
||||
# When we eliminate this patch, the `-Wl,--allow-multiple-definition`
|
||||
# should also be removed
|
||||
Patch56: 0056-strcasecmp.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
||||
Patch58: 0058-FIPS-limit-rsa-encrypt.patch
|
||||
@ -288,7 +292,8 @@ export HASHBANGPERL=/usr/bin/perl
|
||||
zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \
|
||||
enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\
|
||||
no-mdc2 no-ec2m no-sm2 no-sm4 enable-buildtest-c++\
|
||||
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'
|
||||
shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'\
|
||||
-Wl,--allow-multiple-definition
|
||||
|
||||
# Do not run this in a production package the FIPS symbols must be patched-in
|
||||
#util/mkdef.pl crypto update
|
||||
@ -478,6 +483,8 @@ install -m644 %{SOURCE9} \
|
||||
* Thu Nov 24 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
|
||||
- Various provider-related imrovements necessary for PKCS#11 provider correct operations
|
||||
Resolves: rhbz#2142517
|
||||
- We should export 2 versions of OPENSSL_str[n]casecmp to be compatible with upstream
|
||||
Resolves: rhbz#2133809
|
||||
|
||||
* Tue Nov 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-1
|
||||
- Rebasing to OpenSSL 3.0.7
|
||||
|
Loading…
Reference in New Issue
Block a user