apply new bugfixes from upstream 1.1.1 branch

This commit is contained in:
Tomas Mraz 2019-05-03 11:15:37 +02:00
parent 648a3cb985
commit 5c7382cd79
3 changed files with 2318 additions and 3 deletions

View File

@ -5580,3 +5580,33 @@ index 285c4311a6..7f2dcd2291 100644
+Ctrl.type = type:A +Ctrl.type = type:A
+Output = FF +Output = FF
+Result = KDF_MISMATCH +Result = KDF_MISMATCH
From 148cc5ee246e108b1e7332035037bab53574b0a9 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Thu, 18 Apr 2019 08:26:29 -0400
Subject: [PATCH] Change the digest string from "md" to "digest"
Conform to other modules which were changed at the last minute and this
discrepancy was not noticed.
Retain "md" as an alias so not to break 3rd party backports/tests scripts.
Signed-off-by: Simo Sorce <simo@redhat.com>
---
crypto/kdf/sshkdf.c | 3 +++
test/recipes/20-test_kdf.t | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
mode change 100644 => 100755 test/recipes/20-test_kdf.t
diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c
index 300e1adbb23..f585e8a0d6d 100644
--- a/crypto/kdf/sshkdf.c
+++ b/crypto/kdf/sshkdf.c
@@ -125,6 +125,9 @@ static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type,
return 0;
}
+ if (strcmp(type, "digest") == 0)
+ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value);
+ /* alias, for historical reasons */
if (strcmp(type, "md") == 0)
return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value);

File diff suppressed because it is too large Load Diff

View File

@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl Name: openssl
Version: 1.1.1b Version: 1.1.1b
Release: 5%{?dist} Release: 6%{?dist}
Epoch: 1 Epoch: 1
# We have to remove certain patented algorithms from the openssl source # We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below. # tarball with the hobble-openssl script which is included below.
@ -62,7 +62,7 @@ Patch48: openssl-1.1.1-fips-post-rand.patch
Patch49: openssl-1.1.1-evp-kdf.patch Patch49: openssl-1.1.1-evp-kdf.patch
Patch50: openssl-1.1.1-ssh-kdf.patch Patch50: openssl-1.1.1-ssh-kdf.patch
# Backported fixes including security fixes # Backported fixes including security fixes
Patch51: openssl-1.1.1-bio-mem-ptr.patch Patch51: openssl-1.1.1-upstream-sync.patch
License: OpenSSL License: OpenSSL
URL: http://www.openssl.org/ URL: http://www.openssl.org/
@ -159,7 +159,7 @@ cp %{SOURCE13} test/
%patch48 -p1 -b .fips-post-rand %patch48 -p1 -b .fips-post-rand
%patch49 -p1 -b .evp-kdf %patch49 -p1 -b .evp-kdf
%patch50 -p1 -b .ssh-kdf %patch50 -p1 -b .ssh-kdf
%patch51 -p1 -b .bio-mem-ptr %patch51 -p1 -b .upstream-sync
%build %build
@ -446,6 +446,9 @@ export LD_LIBRARY_PATH
%ldconfig_scriptlets libs %ldconfig_scriptlets libs
%changelog %changelog
* Fri May 3 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-6
- apply new bugfixes from upstream 1.1.1 branch
* Tue Apr 16 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-5 * Tue Apr 16 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-5
- fix for BIO_get_mem_ptr() regression in 1.1.1b (#1691853) - fix for BIO_get_mem_ptr() regression in 1.1.1b (#1691853)