Update to upstream 0.79.20
Resolves: RHEL-40922
This commit is contained in:
Rob Crittenden
parent
0331d63399
commit
549bc83a16
1
.gitignore
vendored
1
.gitignore
vendored
@ -136,3 +136,4 @@ certmonger-0.28.tar.gz
|
||||
/certmonger-0.79.17.tar.gz
|
||||
/certmonger-0.79.18.tar.gz
|
||||
/certmonger-0.79.19.tar.gz
|
||||
/certmonger-0.79.20.tar.gz
|
||||
|
||||
@ -1,47 +0,0 @@
|
||||
From bba83217f9c6d9804b4707b3ef05e7386a4c48f5 Mon Sep 17 00:00:00 2001
|
||||
From: Otto Hollmann <otto.hollmann@suse.com>
|
||||
Date: Wed, 13 Dec 2023 10:23:39 +0100
|
||||
Subject: [PATCH] Update tests to be compatible with OpenSSL 3.2
|
||||
|
||||
In test 003-csrgen-ec OpenSSL 3.2 shows warning when reading from stdin, so
|
||||
specify an input file to get rid of this warning.
|
||||
In test 038-ms-v2-template openssl asn1parse shows ':Microsoft certificate
|
||||
template' instead of ':1.3.6.1.4.1.311.21.7' so we have to check both versions.
|
||||
See https://github.com/openssl/openssl/pull/20986
|
||||
---
|
||||
tests/003-csrgen-ec/run.sh | 4 ++--
|
||||
tests/038-ms-v2-template/extract-extdata.py | 3 ++-
|
||||
2 files changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/tests/003-csrgen-ec/run.sh b/tests/003-csrgen-ec/run.sh
|
||||
index cd9f9422..196b6d02 100755
|
||||
--- a/tests/003-csrgen-ec/run.sh
|
||||
+++ b/tests/003-csrgen-ec/run.sh
|
||||
@@ -42,8 +42,8 @@ grep ^minicert= entry.nss.$size | sed s,^minicert=,, | base64 -d > minicert.nss.
|
||||
openssl x509 -out minicert.nss.$size.pem -in minicert.nss.$size -inform der
|
||||
# The RSA tests already verify the contents of the requests, so we really only
|
||||
# need to care about the signatures passing verification.
|
||||
-openssl req -verify -noout < csr.nss.$size 2>&1 | sed 's/Certificate request self-signature //'
|
||||
-openssl req -verify -noout < csr.openssl.$size 2>&1 | sed 's/Certificate request self-signature //'
|
||||
+openssl req -verify -noout -in csr.nss.$size 2>&1 | sed 's/Certificate request self-signature //'
|
||||
+openssl req -verify -noout -in csr.openssl.$size 2>&1 | sed 's/Certificate request self-signature //'
|
||||
openssl spkac -verify -noout < spkac.nss.$size 2>&1
|
||||
openssl spkac -verify -noout < spkac.openssl.$size 2>&1
|
||||
openssl verify -CAfile minicert.openssl.$size.pem minicert.openssl.$size.pem 2>&1
|
||||
diff --git a/tests/038-ms-v2-template/extract-extdata.py b/tests/038-ms-v2-template/extract-extdata.py
|
||||
index 8b6b14ff..e2f84a10 100755
|
||||
--- a/tests/038-ms-v2-template/extract-extdata.py
|
||||
+++ b/tests/038-ms-v2-template/extract-extdata.py
|
||||
@@ -13,7 +13,8 @@ STATE_SEARCH, STATE_FOUND, STATE_DONE = range(3)
|
||||
state = STATE_SEARCH
|
||||
|
||||
for line in sys.stdin:
|
||||
- if state == STATE_SEARCH and ':1.3.6.1.4.1.311.21.7' in line:
|
||||
+ if state == STATE_SEARCH and (':Microsoft certificate template' in line
|
||||
+ or ':1.3.6.1.4.1.311.21.7' in line):
|
||||
state = STATE_FOUND
|
||||
continue
|
||||
|
||||
--
|
||||
2.42.0
|
||||
|
||||
@ -1,20 +0,0 @@
|
||||
Adjust parameter type for util_EVP_PKEY_id
|
||||
|
||||
The function pointer needs to match the prototype for i2d_PublicKey
|
||||
and i2d_PrivateKey.
|
||||
|
||||
Submitted upstream: <https://pagure.io/certmonger/pull-request/265>
|
||||
|
||||
diff --git a/src/util-o.c b/src/util-o.c
|
||||
index c05872ceb1495cee..7feecb9d6a2adf23 100644
|
||||
--- a/src/util-o.c
|
||||
+++ b/src/util-o.c
|
||||
@@ -551,7 +551,7 @@ util_NETSCAPE_SPKI_set_sig_alg(NETSCAPE_SPKI *spki, const X509_ALGOR *sig_alg)
|
||||
|
||||
static EVP_PKEY *
|
||||
util_EVP_PKEY_dup(EVP_PKEY *pkey,
|
||||
- int (*i2d)(EVP_PKEY *, unsigned char **),
|
||||
+ int (*i2d)(const EVP_PKEY *, unsigned char **),
|
||||
EVP_PKEY *(*d2i)(int, EVP_PKEY **, const unsigned char **, long))
|
||||
{
|
||||
EVP_PKEY *k;
|
||||
@ -1,19 +0,0 @@
|
||||
Fix type error in cm_tdbusm_get_vn
|
||||
|
||||
This fixes an out-of-bounds stack write on 32-bit architectures.
|
||||
|
||||
Submitted upstream: <https://pagure.io/certmonger/pull-request/265>
|
||||
|
||||
diff --git a/src/tdbusm.c b/src/tdbusm.c
|
||||
index 5e3341172398051d..8f2383dc62bef75e 100644
|
||||
--- a/src/tdbusm.c
|
||||
+++ b/src/tdbusm.c
|
||||
@@ -223,7 +223,7 @@ cm_tdbusm_get_vn(DBusMessage *msg, void *parent, long *n)
|
||||
{
|
||||
DBusError err;
|
||||
DBusMessageIter iter, sub_iter;
|
||||
- int64_t *i64;
|
||||
+ int64_t i64;
|
||||
|
||||
dbus_error_init(&err);
|
||||
|
||||
@ -27,16 +27,13 @@
|
||||
%bcond_with xmlrpc
|
||||
|
||||
Name: certmonger
|
||||
Version: 0.79.19
|
||||
Release: 5%{?dist}
|
||||
Version: 0.79.20
|
||||
Release: 1%{?dist}
|
||||
Summary: Certificate status monitor and PKI enrollment client
|
||||
|
||||
License: GPL-3.0-or-later
|
||||
URL: http://pagure.io/certmonger/
|
||||
Source0: http://releases.pagure.org/certmonger/certmonger-%{version}.tar.gz
|
||||
Patch0: certmonger-c99.patch
|
||||
Patch1: certmonger-c99-2.patch
|
||||
Patch2: 0001-Update-tests-to-be-compatible-with-OpenSSL-3.2.patch
|
||||
#Source1: http://releases.pagure.org/certmonger/certmonger-%%{version}.tar.gz.sig
|
||||
|
||||
BuildRequires: autoconf
|
||||
@ -267,6 +264,9 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Jun 10 2024 Rob Crittenden <rcritten@redhat.com> - 0.79.20-1
|
||||
- Update to upstream 0.79.20
|
||||
|
||||
* Tue Feb 20 2024 Rob Crittenden <rcritten@redhat.com> - 0.79.19-5
|
||||
- Update tests to be compatible with OpenSSL 3.2
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (certmonger-0.79.19.tar.gz) = 0dea762b62213d74e31390cda2cacc2cbaad988ab6ba5a8d6376a0620a1337c85cef95f1efee95c4f569db9fa3056899c65ced675220f1799456ee18aad3eb4a
|
||||
SHA512 (certmonger-0.79.20.tar.gz) = 76685185172bbf2c766c477c399ce0b14c9fd2d81637b44b8da80ae045ebf6c650ae3d525a87dccd755a6c92d4a5916bb62f8ea1d8520c47ae64770be6a5d2be
|
||||
|
||||
Loading…
Reference in New Issue
Block a user