rpms/libica
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- updated to 4.1.1 (#2110374)

Browse Source 
- Resolves: #2110374
This commit is contained in:
Dan Horák 2022-10-24 14:17:22 +02:00
parent 458b5f69b5
commit 7d32966f82
3 changed files with 11 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
libica-no-fips-config.patch
View File

@ -1,33 +0,0 @@
From 56b6ca219ecd37ba2c7e520ddac83eb801ce76ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Mon, 16 May 2022 15:44:06 +0200
Subject: [libica PATCH] FIPS specific openssl config is not required in
RHEL/Fedora
---
src/fips.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/fips.c b/src/fips.c
index 129a1a7..6466133 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -235,12 +235,15 @@ fips_init(void)
FIPS_mode_set(1);
#else
fips = 0;
+ /* FIPS specific openssl config is not required in RHEL/Fedora */
+#if 0
if (!OSSL_LIB_CTX_load_config(openssl_libctx, LIBICA_FIPS_CONFIG)) {
syslog(LOG_ERR, "Libica failed to load openssl fips config %s\n",
LIBICA_FIPS_CONFIG);
fips |= ICA_FIPS_INTEGRITY;
return;
}
+#endif
openssl_provider = OSSL_PROVIDER_load(openssl_libctx, "fips");
if (openssl_provider == NULL) {
--
2.34.3

14
libica.spec
View File

@ -2,7 +2,7 @@
Summary: Library for accessing ICA hardware crypto on IBM z Systems Summary: Library for accessing ICA hardware crypto on IBM z Systems
Name: libica Name: libica
Version: 4.0.2 Version: 4.1.1
Release: 1%{?dist} Release: 1%{?dist}
License: CPL License: CPL
URL: https://github.com/opencryptoki/ URL: https://github.com/opencryptoki/
@ -11,9 +11,6 @@ Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{v
# https://bugzilla.redhat.com/show_bug.cgi?id=1630582 # https://bugzilla.redhat.com/show_bug.cgi?id=1630582
# https://github.com/opencryptoki/libica/pull/24 # https://github.com/opencryptoki/libica/pull/24
Patch0: %{name}-4.0.0-annotate.patch Patch0: %{name}-4.0.0-annotate.patch
# FIPS openssl config is not needed on RHEL/Fedora
# https://bugzilla.redhat.com/show_bug.cgi?id=2084097
Patch1: %{name}-no-fips-config.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: openssl BuildRequires: openssl
@ -49,6 +46,11 @@ sh ./bootstrap.sh
%build %build
# FIPS openssl config is not needed on RHEL/Fedora
# https://bugzilla.redhat.com/show_bug.cgi?id=2084097
CPPFLAGS=-DNO_FIPS_CONFIG_LOAD
export CPPFLAGS
%configure --disable-static \ %configure --disable-static \
%if %{with_fips} %if %{with_fips}
--enable-fips --enable-fips
@ -105,6 +107,10 @@ fi
%changelog %changelog
* Mon Oct 24 2022 Dan Horák <dhorak@redhat.com> - 4.1.1-1
- updated to 4.1.1 (#2110374)
- Resolves: #2110374
* Thu Jun 30 2022 Dan Horák <dhorak@redhat.com> - 4.0.2-1 * Thu Jun 30 2022 Dan Horák <dhorak@redhat.com> - 4.0.2-1
- updated to 4.0.2 (#2101767) - updated to 4.0.2 (#2101767)
- Resolves: #2101767 - Resolves: #2101767

2
sources
View File

@ -1 +1 @@
SHA512 (libica-4.0.2.tar.gz) = 98f52d64baeedef9c35822c60e852913eb60e92671f127301e14959cc8d1b9cfdef3186371a6256b0c04000ddd1f571627f6e0df3d2719b56370f40948bc9b58 SHA512 (libica-4.1.1.tar.gz) = 49b9bc106e83ec8336339c783a14b8599a93b9b1061efea7354f954e59aeeb18371946a013f7aecdaf1286d77b48644ca4894c8099809753e2f21286acdf3ef5