Resolves: RHEL-33655
This commit is contained in:
parent
5cbb944b12
commit
073eca963a
|
@ -23,7 +23,7 @@ index 0000000000..5a06918832
|
|||
+
|
||||
+package boring
|
||||
+
|
||||
+// #include "openssl_pbkdf2.h"
|
||||
+// #include "/usr/lib/golang/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h"
|
||||
+// #cgo LDFLAGS: -ldl
|
||||
+import "C"
|
||||
+import (
|
||||
|
@ -39,14 +39,14 @@ index 0000000000..5a06918832
|
|||
+ emptySha256 = sha256.Sum256([]byte{})
|
||||
+)
|
||||
+
|
||||
+func hashToMD(h hash.Hash) *C.GO_EVP_MD {
|
||||
+func hashToMD(h hash.Hash) C.GO_EVP_MD_PTR {
|
||||
+ emptyHash := h.Sum([]byte{})
|
||||
+
|
||||
+ switch {
|
||||
+ case bytes.Equal(emptyHash, emptySha1[:]):
|
||||
+ return C._goboringcrypto_EVP_sha1()
|
||||
+ return C.go_openssl_EVP_sha1()
|
||||
+ case bytes.Equal(emptyHash, emptySha256[:]):
|
||||
+ return C._goboringcrypto_EVP_sha256()
|
||||
+ return C.go_openssl_EVP_sha256()
|
||||
+ }
|
||||
+ return nil
|
||||
+}
|
||||
|
@ -78,7 +78,7 @@ index 0000000000..5a06918832
|
|||
+ }
|
||||
+
|
||||
+ out := make([]byte, keyLen)
|
||||
+ ok := C._goboringcrypto_PKCS5_PBKDF2_HMAC(charptr(password), C.int(len(password)), ucharptr(salt), C.int(len(salt)), C.int(iter), md, C.int(keyLen), ucharptr(out))
|
||||
+ ok := C.go_openssl_PKCS5_PBKDF2_HMAC(charptr(password), C.int(len(password)), ucharptr(salt), C.int(len(salt)), C.int(iter), md, C.int(keyLen), ucharptr(out))
|
||||
+ if ok != 1 {
|
||||
+ panic("boringcrypto: PKCS5_PBKDF2_HMAC failed")
|
||||
+ }
|
||||
|
@ -106,17 +106,6 @@ index 0000000000..e244fb5663
|
|||
+func Pbkdf2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
|
||||
+ panic("boringcrypto: not available")
|
||||
+}
|
||||
diff --git a/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h b/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h
|
||||
new file mode 100644
|
||||
index 0000000000..6dfdf10424
|
||||
--- /dev/null
|
||||
+++ b/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h
|
||||
@@ -0,0 +1,5 @@
|
||||
+#include "/usr/lib/golang/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h"
|
||||
+
|
||||
+DEFINEFUNC(int, PKCS5_PBKDF2_HMAC,
|
||||
+ (const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, EVP_MD *digest, int keylen, unsigned char *out),
|
||||
+ (pass, passlen, salt, saltlen, iter, digest, keylen, out))
|
||||
diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
||||
index 593f653008..799a611f94 100644
|
||||
--- a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
||||
|
|
|
@ -49,6 +49,9 @@ rm -r vendor/golang.org/x/crypto/salsa20
|
|||
rm -r vendor/golang.org/x/crypto/scrypt
|
||||
rm -r vendor/golang.org/x/crypto/sha3
|
||||
|
||||
# Remove unused code under apsl licenses
|
||||
rm -r vendor/modernc.org/libc
|
||||
rm -r vendor/modernc.org/sqlite
|
||||
|
||||
# List bundled dependencies
|
||||
awk '$2 ~ /^v/ && $4 != "indirect" {print "Provides: bundled(golang(" $1 ")) = " substr($2, 2)}' go.mod | \
|
||||
|
|
11
grafana.spec
11
grafana.spec
|
@ -25,7 +25,7 @@ end}
|
|||
|
||||
Name: grafana
|
||||
Version: 10.2.6
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Summary: Metrics dashboard and graph editor
|
||||
License: AGPL-3.0-only
|
||||
URL: https://grafana.org
|
||||
|
@ -36,13 +36,13 @@ Source0: https://github.com/grafana/grafana/archive/v%{version}/%{name}
|
|||
# Source1 contains the bundled Go and Node.js dependencies
|
||||
# Note: In case there were no changes to this tarball, the NVR of this tarball
|
||||
# lags behind the NVR of this package.
|
||||
Source1: grafana-vendor-%{version}-1.tar.xz
|
||||
Source1: grafana-vendor-%{version}-2.tar.xz
|
||||
|
||||
%if %{compile_frontend} == 0
|
||||
# Source2 contains the precompiled frontend
|
||||
# Note: In case there were no changes to this tarball, the NVR of this tarball
|
||||
# lags behind the NVR of this package.
|
||||
Source2: grafana-webpack-%{version}-1.tar.gz
|
||||
Source2: grafana-webpack-%{version}-2.tar.gz
|
||||
%endif
|
||||
|
||||
# Source3 contains the systemd-sysusers configuration
|
||||
|
@ -1024,6 +1024,11 @@ fi
|
|||
%{_datadir}/selinux/*/grafana.pp
|
||||
|
||||
%changelog
|
||||
* Fri May 3 2024 Sam Feifer <sfeifer@redhat.com> 10.2.6-2
|
||||
- Fixes patch 1002 for update to golang-fips
|
||||
- Remove unused code under apsl-1.1 and apsl-1.2 licenses
|
||||
- Resolves RHEL-33655
|
||||
|
||||
* Tue Apr 2 2024 Sam Feifer <sfeifer@redhat.com> 10.2.6-1
|
||||
- Rebase to grafana 10.2.6
|
||||
|
||||
|
|
4
sources
4
sources
|
@ -1,3 +1,3 @@
|
|||
SHA512 (grafana-vendor-10.2.6-2.tar.xz) = 683989009af377daca58f9cb4c6c0898b9e750b4e3bf1a0308fb633e6401fb224e6f471aceae01aa814e9bd8940c943565f6f634356b0f0f6b6e80eae65b3c53
|
||||
SHA512 (grafana-webpack-10.2.6-2.tar.gz) = 928adef2bd13a1499d2b8834d6f9797d71bf7f595ba85514ad422e5fa9e3f846ddda6bd5462b216f4fcda622cda0e25e7eb272ebd3e11e3882de361c636f7266
|
||||
SHA512 (grafana-10.2.6.tar.gz) = 7244f4cb6572fe0403e6224f7247fbb273bbd1f359ee706a82001f0d409fb375d113f1cb24a657e845b93eb55ee98e1d7ae713e767c219f4d3b00eaf5c73d28e
|
||||
SHA512 (grafana-webpack-10.2.6-1.tar.gz) = 1ac6486f5d7743ddc8448482881bef9b3f11334335d2c0f39012eeddec9b9ce5d1e59801459ac6a1752ca24b0b200732aeffd9d23003e5f17ce957e436955c70
|
||||
SHA512 (grafana-vendor-10.2.6-1.tar.xz) = 4902e47ec5b1c85d5c94f0719df7df0ce5bada0fb0d48791556c9465d61c5324812acae9369ded0259add6c73623a5e4d9b69e907f30985c38ac3103f48ad09c
|
||||
|
|
Loading…
Reference in New Issue