Import from CS git

.gitignore

@@ -1 +1 @@
-SOURCES/openssl-ibmca-2.4.0.tar.gz
+SOURCES/openssl-ibmca-2.4.1.tar.gz

.openssl-ibmca.metadata

@@ -1 +1 @@
-d1361eec709c4b6d1760171ac077fa0d21f5a698 SOURCES/openssl-ibmca-2.4.0.tar.gz
+8e7fc23ec2253da7d2b6e3181c80843253fcb68c SOURCES/openssl-ibmca-2.4.1.tar.gz

SOURCES/openssl-ibmca-2.4.0-engine-defaults.patch

@@ -1,40 +0,0 @@
-From 3ea8f4ed58e075e097856437c0732e11771931d0 Mon Sep 17 00:00:00 2001
-From: Ingo Franzki <ifranzki@linux.ibm.com>
-Date: Wed, 19 Apr 2023 10:07:01 +0200
-Subject: [PATCH] engine: Only register those algos specified with
- default_algorithms
-
-As part of OpenSSL initialization, the engine(s) configured in the OpenSSL
-config file are loaded, and its algorithms (methods) are registered according
-to the default_algorithms setting.
-
-However, later during initialization, ENGINE_register_all_complete() is called
-which unconditionally registered all algorithms (methods) of the loaded engines
-again, unless the engine flag ENGINE_FLAGS_NO_REGISTER_ALL is set.
-
-Set the ENGINE_FLAGS_NO_REGISTER_ALL flag during IBMCA engine initialization
-to avoid unconditional registration of all algorithms. We only want to register
-algorithms specified in the default_algorithms configuration setting.
-
-Note that if the default_algorithms setting is omitted in the OpenSSL config
-file, then no algorithms will be registered.
-
-Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
----
- src/engine/e_ibmca.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/engine/e_ibmca.c b/src/engine/e_ibmca.c
-index fe21897..6cbf745 100644
---- a/src/engine/e_ibmca.c
-+++ b/src/engine/e_ibmca.c
-@@ -642,6 +642,9 @@ static int set_supported_meths(ENGINE *e)
-         if (!ENGINE_set_pkey_meths(e, ibmca_engine_pkey_meths))
-             goto out;
- 
-+    if (!ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL))
-+        goto out;
-+
-     rc = 1;
- out:
-     free(pmech_list);

SPECS/openssl-ibmca.spec

@@ -2,15 +2,12 @@
 
 Summary: A dynamic OpenSSL engine for IBMCA
 Name: openssl-ibmca
-Version: 2.4.0
-Release: 2%{?dist}
+Version: 2.4.1
+Release: 1%{?dist}
 License: ASL 2.0
 Group: System Environment/Libraries
 URL: https://github.com/opencryptoki
 Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
-# https://bugzilla.redhat.com/show_bug.cgi?id=2221891
-# https://github.com/opencryptoki/openssl-ibmca/commit/3ea8f4ed58e075e097856437c0732e11771931d0
-Patch0: %{name}-2.4.0-engine-defaults.patch
 Requires: libica >= 3.8.0
 BuildRequires: gcc
 BuildRequires: libica-devel >= 3.8.0
@@ -58,6 +55,10 @@ make check
 
 
 %changelog
+* Fri Oct 27 2023 Dan Horák <dhorak[at]redhat.com> - 2.4.1-1
+- updated to 2.4.1 (RHEL-11410)
+- Resolves: RHEL-11410
+
 * Wed Jul 12 2023 Dan Horák <dhorak@redhat.com> - 2.4.0-2
 - engine: Only register those algos specified with default_algorithms (#2221891)
 - Resolves: #2221891