From e3b8fd109f9a0384a283c0a9e76a72f8981dce5c Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 10 Apr 2024 22:34:21 +0300 Subject: [PATCH] Import from CS git --- .gitignore | 2 +- .openssl-ibmca.metadata | 2 +- .../openssl-ibmca-2.4.0-engine-defaults.patch | 40 ------------------- SPECS/openssl-ibmca.spec | 11 ++--- 4 files changed, 8 insertions(+), 47 deletions(-) delete mode 100644 SOURCES/openssl-ibmca-2.4.0-engine-defaults.patch diff --git a/.gitignore b/.gitignore index 0d89bbd..c7a08b9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/openssl-ibmca-2.4.0.tar.gz +SOURCES/openssl-ibmca-2.4.1.tar.gz diff --git a/.openssl-ibmca.metadata b/.openssl-ibmca.metadata index 888dcd4..bbaf4cc 100644 --- a/.openssl-ibmca.metadata +++ b/.openssl-ibmca.metadata @@ -1 +1 @@ -d1361eec709c4b6d1760171ac077fa0d21f5a698 SOURCES/openssl-ibmca-2.4.0.tar.gz +8e7fc23ec2253da7d2b6e3181c80843253fcb68c SOURCES/openssl-ibmca-2.4.1.tar.gz diff --git a/SOURCES/openssl-ibmca-2.4.0-engine-defaults.patch b/SOURCES/openssl-ibmca-2.4.0-engine-defaults.patch deleted file mode 100644 index 40785b6..0000000 --- a/SOURCES/openssl-ibmca-2.4.0-engine-defaults.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 3ea8f4ed58e075e097856437c0732e11771931d0 Mon Sep 17 00:00:00 2001 -From: Ingo Franzki -Date: Wed, 19 Apr 2023 10:07:01 +0200 -Subject: [PATCH] engine: Only register those algos specified with - default_algorithms - -As part of OpenSSL initialization, the engine(s) configured in the OpenSSL -config file are loaded, and its algorithms (methods) are registered according -to the default_algorithms setting. - -However, later during initialization, ENGINE_register_all_complete() is called -which unconditionally registered all algorithms (methods) of the loaded engines -again, unless the engine flag ENGINE_FLAGS_NO_REGISTER_ALL is set. - -Set the ENGINE_FLAGS_NO_REGISTER_ALL flag during IBMCA engine initialization -to avoid unconditional registration of all algorithms. We only want to register -algorithms specified in the default_algorithms configuration setting. - -Note that if the default_algorithms setting is omitted in the OpenSSL config -file, then no algorithms will be registered. - -Signed-off-by: Ingo Franzki ---- - src/engine/e_ibmca.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/engine/e_ibmca.c b/src/engine/e_ibmca.c -index fe21897..6cbf745 100644 ---- a/src/engine/e_ibmca.c -+++ b/src/engine/e_ibmca.c -@@ -642,6 +642,9 @@ static int set_supported_meths(ENGINE *e) - if (!ENGINE_set_pkey_meths(e, ibmca_engine_pkey_meths)) - goto out; - -+ if (!ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)) -+ goto out; -+ - rc = 1; - out: - free(pmech_list); diff --git a/SPECS/openssl-ibmca.spec b/SPECS/openssl-ibmca.spec index ab290d1..2009dbf 100644 --- a/SPECS/openssl-ibmca.spec +++ b/SPECS/openssl-ibmca.spec @@ -2,15 +2,12 @@ Summary: A dynamic OpenSSL engine for IBMCA Name: openssl-ibmca -Version: 2.4.0 -Release: 2%{?dist} +Version: 2.4.1 +Release: 1%{?dist} License: ASL 2.0 Group: System Environment/Libraries URL: https://github.com/opencryptoki Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz -# https://bugzilla.redhat.com/show_bug.cgi?id=2221891 -# https://github.com/opencryptoki/openssl-ibmca/commit/3ea8f4ed58e075e097856437c0732e11771931d0 -Patch0: %{name}-2.4.0-engine-defaults.patch Requires: libica >= 3.8.0 BuildRequires: gcc BuildRequires: libica-devel >= 3.8.0 @@ -58,6 +55,10 @@ make check %changelog +* Fri Oct 27 2023 Dan Horák - 2.4.1-1 +- updated to 2.4.1 (RHEL-11410) +- Resolves: RHEL-11410 + * Wed Jul 12 2023 Dan Horák - 2.4.0-2 - engine: Only register those algos specified with default_algorithms (#2221891) - Resolves: #2221891