From e943d0dfe6accd9dd4cf84dbf5549e608294f599 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Wed, 31 Mar 2021 16:30:44 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/evolution-data-server.git#13e9285e31f52358eff0a59a0715cc13ade3ae45 --- ...server-3.40.0-ssl-trust-sha1-fallback.patch | 18 ++++++++++++++++++ evolution-data-server.spec | 7 ++++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 evolution-data-server-3.40.0-ssl-trust-sha1-fallback.patch diff --git a/evolution-data-server-3.40.0-ssl-trust-sha1-fallback.patch b/evolution-data-server-3.40.0-ssl-trust-sha1-fallback.patch new file mode 100644 index 0000000..92d91b9 --- /dev/null +++ b/evolution-data-server-3.40.0-ssl-trust-sha1-fallback.patch @@ -0,0 +1,18 @@ +diff --git a/src/libedataserver/e-source-webdav.c b/src/libedataserver/e-source-webdav.c +index 657d41da2..c4762895e 100644 +--- a/src/libedataserver/e-source-webdav.c ++++ b/src/libedataserver/e-source-webdav.c +@@ -1520,7 +1520,12 @@ e_source_webdav_verify_ssl_trust (ESourceWebdav *extension, + if (decode_ssl_trust (extension, &response, &old_host, &old_hash)) { + gchar *hash; + +- hash = g_compute_checksum_for_data (G_CHECKSUM_SHA256, bytes->data, bytes->len); ++ /* This is required for Flatpak, which can be built with eds before the 3.40, where ++ had been changed to use SHA256. */ ++ if (old_hash && strlen (old_hash) == g_checksum_type_get_length (G_CHECKSUM_SHA1) * 2) ++ hash = g_compute_checksum_for_data (G_CHECKSUM_SHA1, bytes->data, bytes->len); ++ else ++ hash = g_compute_checksum_for_data (G_CHECKSUM_SHA256, bytes->data, bytes->len); + + if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN && + g_strcmp0 (old_host, host) == 0 && diff --git a/evolution-data-server.spec b/evolution-data-server.spec index 436e846..78dadde 100644 --- a/evolution-data-server.spec +++ b/evolution-data-server.spec @@ -54,12 +54,14 @@ Name: evolution-data-server Version: 3.40.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Backend data server for Evolution License: LGPLv2+ URL: https://wiki.gnome.org/Apps/Evolution Source: http://download.gnome.org/sources/%{name}/3.40/%{name}-%{version}.tar.xz +Patch01: evolution-data-server-3.40.0-ssl-trust-sha1-fallback.patch + Provides: evolution-webcal = %{version} Obsoletes: evolution-webcal < 2.24.0 @@ -475,6 +477,9 @@ find $RPM_BUILD_ROOT -name '*.so.*' -exec chmod +x {} \; %{_datadir}/installed-tests %changelog +* Mon Mar 29 2021 Milan Crha - 3.40.0-3 +- Resolves: #1943818 (ESourceWebDAV: Fallback to SHA1 on SSL trust verification if needed) + * Fri Mar 26 2021 Kalev Lember - 3.40.0-2 - Drop unnecessary requires on dconf