import glib2-2.56.4-156.el8

2021-07-07 04:08:38 +00:00 · 2021-07-07 04:08:38 +00:00 · ac6698da0f
parent 5e62502673
commit ac6698da0f
2 changed files with 19 additions and 161 deletions
--- a/SOURCES/ghmac-gnutls.patch
+++ b/SOURCES/ghmac-gnutls.patch
@ -1,4 +1,4 @@
-From 7ab93b8205093b4d176e63947039981515af1932 Mon Sep 17 00:00:00 2001
+From c5cc0bb6f2d6e468c7402915a0a4e6799f0febdf Mon Sep 17 00:00:00 2001
 From: Colin Walters <walters@verbum.org>
 Date: Fri, 7 Jun 2019 18:44:43 +0000
 Subject: [PATCH 1/3] ghmac: Split off wrapper functions into ghmac-utils.c
@ -311,7 +311,7 @@ index c81e99f9c..306a67f13 100644
 -- 
 2.31.1

-From 1cc432d6e9080621e1f2822a14589b258f1f813c Mon Sep 17 00:00:00 2001
+From 3befcf1eb31e0fa7a988b22a9c24240218cd4744 Mon Sep 17 00:00:00 2001
 From: Colin Walters <walters@verbum.org>
 Date: Fri, 7 Jun 2019 19:36:54 +0000
 Subject: [PATCH 2/3] Add a gnutls backend for GHmac
@ -774,10 +774,10 @@ index 4504c6858..d18c42a36 100644
 -- 
 2.31.1

-From 20e550351e9914e78a73b4ca0e9866f1a39dca51 Mon Sep 17 00:00:00 2001
+From 87280b23902290dcf843a42d06cedeef571a673f Mon Sep 17 00:00:00 2001
 From: Michael Catanzaro <mcatanzaro@redhat.com>
-Date: Wed, 16 Jun 2021 20:46:24 -0500
-Subject: [PATCH 3/3] Add test for GHmac in FIPS mode
+Date: Thu, 1 Jul 2021 15:51:26 -0500
+Subject: [PATCH 3/3] Add more tests for GHmac

 This will test a few problems that we hit recently:

@ -786,153 +786,29 @@ g_hmac_copy() is broken, https://bugzilla.redhat.com/show_bug.cgi?id=1786538
 Crash in g_hmac_update() in FIPS mode, https://bugzilla.redhat.com/show_bug.cgi?id=1971533

 Crash when passing -1 length to g_hmac_update() (discovered in #1971533)
-
-We'll also test to ensure MD5 fails, and stop compiling the other MD5
-tests.
 ---
- glib/tests/hmac.c | 139 +++++++++++-----------------------------------
- 1 file changed, 32 insertions(+), 107 deletions(-)
+ glib/tests/hmac.c | 22 ++++++++++++++++++++++
+ 1 file changed, 22 insertions(+)

 diff --git a/glib/tests/hmac.c b/glib/tests/hmac.c
-index 3ac3206df..31a1c77d3 100644
+index 3ac3206df..16b2fac9c 100644
 --- a/glib/tests/hmac.c
 +++ b/glib/tests/hmac.c
-@@ -1,87 +1,9 @@
-+#include "config.h"
-+
- #include <glib.h>
- #include <string.h>
- #include <stdlib.h>
- 
-/* HMAC-MD5 test vectors as per RFC 2202 */
-
-/* Test 1 */
-guint8 key_md5_test1[] = {
-    0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-    0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
-guint8 result_md5_test1[] = {
-    0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, 0x13, 0xf4,
-    0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d };
-
-/* Test 2 */
-guint8 result_md5_test2[] = {
-    0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, 0xea, 0xa8,
-    0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 };
-
-/* Test 3 */
-guint8 key_md5_test3[] = {
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
-guint8 data_md5_test3[] = {
-    0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-    0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-    0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-    0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-    0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd };
-guint8 result_md5_test3[] = {
-    0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, 0xdb, 0xb8,
-    0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 };
-
-/* Test 4 */
-guint8 key_md5_test4[] = {
-    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
-    0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
-    0x15, 0x16, 0x17, 0x18, 0x19 };
-guint8 data_md5_test4[] = {
-    0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
-    0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
-    0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
-    0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
-    0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd };
-guint8 result_md5_test4[] = {
-    0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea, 0x3a, 0x75,
-    0x16, 0x47, 0x46, 0xff, 0xaa, 0x79 };
-
-/* Test 5 */
-guint8 key_md5_test5[] = {
-    0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
-    0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c};
-guint8 result_md5_test5[] = {
-    0x56, 0x46, 0x1e, 0xf2, 0x34, 0x2e, 0xdc, 0x00, 0xf9, 0xba,
-    0xb9, 0x95, 0x69, 0x0e, 0xfd, 0x4c };
-
-/* Test 6 */
-guint8 key_md5_test6[] = {
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
-guint8 result_md5_test6[] = {
-    0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f, 0x0b, 0x62,
-    0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd };
-
-/* Test 6 */
-guint8 key_md5_test7[] = {
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-    0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
-guint8 result_md5_test7[] = {
-    0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, 0x1f, 0xb1,
-    0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e };
-
- /* HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512 test vectors
-  * as per RFCs 2202 and 4868.
-  *
-@@ -299,25 +221,6 @@ typedef struct {
-   gconstpointer result;
- } HmacCase;
- 
-HmacCase hmac_md5_tests[] = {
-  { G_CHECKSUM_MD5, key_md5_test1, 16, "Hi There", 8, result_md5_test1 },
-  { G_CHECKSUM_MD5, "Jefe", 4, "what do ya want for nothing?", 28,
-      result_md5_test2 },
-  { G_CHECKSUM_MD5, key_md5_test3, 16, data_md5_test3, 50,
-      result_md5_test3 },
-  { G_CHECKSUM_MD5, key_md5_test4, 25, data_md5_test4, 50,
-      result_md5_test4 },
-  { G_CHECKSUM_MD5, key_md5_test5, 16, "Test With Truncation", 20,
-      result_md5_test5 },
-  { G_CHECKSUM_MD5, key_md5_test6, 80,
-      "Test Using Larger Than Block-Size Key - Hash Key First", 54,
-      result_md5_test6 },
-  { G_CHECKSUM_MD5, key_md5_test7, 80,
-      "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
-      73, result_md5_test7 },
-  { -1, NULL, 0, NULL, 0, NULL },
-};
-
- HmacCase hmac_sha1_tests[] = {
-   { G_CHECKSUM_SHA1, key_sha_test1, 20, "Hi There", 8, result_sha1_test1 },
-   { G_CHECKSUM_SHA1, "Jefe", 4, "what do ya want for nothing?", 28,
-@@ -493,11 +396,40 @@ test_hmac_for_bytes (void)
+@@ -493,6 +493,27 @@ test_hmac_for_bytes (void)
   g_bytes_unref (data);
 }
 
 +static void
-+test_gnutls_fips_mode (void)
+test_ghmac_gnutls_regressions (void)
 +{
 +  GHmac *hmac;
 +  GHmac *copy;
 +
-+  /* No MD5 in FIPS mode. */
-+  hmac = g_hmac_new (G_CHECKSUM_MD5, "abc123", sizeof ("abc123"));
-+  g_assert_null (hmac);
-+
-+  /* SHA-256 should be good. */
-+  hmac = g_hmac_new (G_CHECKSUM_SHA256, "abc123", sizeof ("abc123"));
+  hmac = g_hmac_new (G_CHECKSUM_SHA256, (const guchar *)"abc123", sizeof ("abc123"));
 +  g_assert_nonnull (hmac);
 +
 +  /* Ensure g_hmac_update() does not crash when called with -1. */
-+  g_hmac_update (hmac, "You win again, gravity!", -1);
+  g_hmac_update (hmac, (const guchar *)"You win again, gravity!", -1);
 +
 +  /* Ensure g_hmac_copy() does not crash. */
 +  copy = g_hmac_copy (hmac);
@ -946,35 +822,13 @@ index 3ac3206df..31a1c77d3 100644
 int
 main (int argc,
     char **argv)
- {
-   int i;
-+
-+  g_setenv ("GNUTLS_FORCE_FIPS_MODE", "1", FALSE);
-+
-   g_test_init (&argc, &argv, NULL);
- 
-   for (i = 0 ; hmac_sha1_tests[i].key_len > 0 ; i++)
-@@ -532,19 +464,12 @@ main (int argc,
-       g_free (name);
-     }
- 
-  for (i = 0 ; hmac_md5_tests[i].key_len > 0 ; i++)
-    {
-      gchar *name = g_strdup_printf ("/hmac/md5-%d", i + 1);
-      g_test_add_data_func (name, hmac_md5_tests + i,
-        (void (*)(const void *)) test_hmac);
-      g_free (name);
-    }
-
-   g_test_add_func ("/hmac/ref-unref", test_hmac_ref_unref);
-   g_test_add_func ("/hmac/copy", test_hmac_copy);
+@@ -545,6 +566,7 @@ main (int argc,
   g_test_add_func ("/hmac/for-data", test_hmac_for_data);
   g_test_add_func ("/hmac/for-string", test_hmac_for_string);
   g_test_add_func ("/hmac/for-bytes", test_hmac_for_bytes);
-+  g_test_add_func ("/hmac/gnutls-fips-mode", test_gnutls_fips_mode);
+  g_test_add_func ("/hmac/ghmac-gnutls-regressions", test_ghmac_gnutls_regressions);
 
   return g_test_run ();
 }
 -- 
 2.31.1
-
--- a/SPECS/glib2.spec
+++ b/SPECS/glib2.spec
@ -5,7 +5,7 @@

 Name: glib2
 Version: 2.56.4
-Release: 14%{?dist}
+Release: 156%{?dist}
 Summary: A library of handy utility functions

 License: LGPLv2+
@ -300,6 +300,10 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
 %{_datadir}/installed-tests

 %changelog
+* Thu Jul 01 2021 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.4-15
+- Fix test failure introduced in previous update
+- Related: #1971533
+
 * Wed Jun 23 2021 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.4-14
 - Refresh GHmac patchset
 - Resolves: #1971533