Update to openwsman-2.8.1

Resolves: RHEL-97643

Add libwsman-client.so.4 into libwsman1 and define 'facility'
for backward compatibility.
This commit is contained in:
Vitezslav Crhonek 2025-10-23 08:19:52 +02:00
parent 5cdfb579c0
commit 8652b0b4a3
11 changed files with 182 additions and 292 deletions

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
/openwsmand.8.gz
/v2.6.8.tar.gz
/v2.8.1.tar.gz

View File

@ -1,12 +1,54 @@
diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/bindings/ruby/extconf.rb
--- openwsman-2.4.12/bindings/ruby/extconf.rb.orig 2015-02-09 09:28:58.232581263 +0100
+++ openwsman-2.4.12/bindings/ruby/extconf.rb 2015-02-09 09:38:22.836772879 +0100
@@ -32,7 +32,7 @@ swig = find_executable("swig")
diff -up openwsman-2.8.1/bindings/ruby/extconf.rb.orig openwsman-2.8.1/bindings/ruby/extconf.rb
--- openwsman-2.8.1/bindings/ruby/extconf.rb.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/bindings/ruby/extconf.rb 2025-10-20 12:55:46.327604671 +0200
@@ -5,16 +5,31 @@
require 'mkmf'
# $CFLAGS = "#{$CFLAGS} -Werror"
+# libwsman requires 'int facility' to be defined by the application
+# Add syslog.h for LOG_DAEMON constant
+$CFLAGS = "#{$CFLAGS} -include syslog.h"
+
# requires wsman, wsman_client, and libxml2
+# Add build directory to library search path
+$LDFLAGS = "#{$LDFLAGS} -L/builddir/build/BUILD/openwsman/openwsman-2.8.1/build/src/lib"
+
+# Add BOTH source include roots (and their /u) to compilation flags
+$CPPFLAGS = "#{$CPPFLAGS} " \
+"-I/builddir/build/BUILD/openwsman-2.8.1/include " \
+"-I/builddir/build/BUILD/openwsman-2.8.1/include/u " \
+"-I/builddir/build/BUILD/openwsman/openwsman-2.8.1/include " \
+"-I/builddir/build/BUILD/openwsman/openwsman-2.8.1/include/u"
-unless have_library('wsman', 'wsman_create_doc')
+# Custom test for libwsman that includes facility definition
+unless try_link("#include <syslog.h>\n#include <wsman-xml-api.h>\nint facility = LOG_DAEMON;\nint main(void) { (void)wsman_create_doc(); return 0; }", '-lwsman -lxml2')
STDERR.puts "Cannot find wsman_create_doc() in libwsman"
STDERR.puts "Is openwsman-devel installed ?"
exit 1
end
find_header 'wsman-xml-api.h', '/usr/include/openwsman'
-unless have_library('wsman_client', 'wsmc_create')
+# Custom test for libwsman_client that includes facility definition
+unless try_link("#include <syslog.h>\n#include <wsman-client-api.h>\nint facility = LOG_DAEMON;\nint main(void) { (void)wsmc_create(\"localhost\", 80, \"/wsman\", \"http\", \"u\", \"p\"); return 0; }", '-lwsman_client -lwsman -lxml2')
STDERR.puts "Cannot find wsmc_create() in libwsman_client"
STDERR.puts "Is openwsman-devel installed ?"
exit 1
@@ -32,8 +47,14 @@ swig = find_executable("swig")
raise "SWIG not found" unless swig
major, minor, path = RUBY_VERSION.split(".")
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i")
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} " \
+"-I. -I/usr/include/openwsman " \
+"-I/builddir/build/BUILD/openwsman-2.8.1/include " \
+"-I/builddir/build/BUILD/openwsman-2.8.1/include/u " \
+"-I/builddir/build/BUILD/openwsman/openwsman-2.8.1/include " \
+"-I/builddir/build/BUILD/openwsman/openwsman-2.8.1/include/u " \
+"-o openwsman_wrap.c openwsman.i")
$CPPFLAGS = "-I/usr/include/openwsman -I.."
-$CPPFLAGS = "-I/usr/include/openwsman -I.."
+$CPPFLAGS = "#{$CPPFLAGS} -I/usr/include/openwsman -I.."
create_makefile('_openwsman')

View File

@ -1,6 +1,6 @@
diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h
--- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100
diff -up openwsman-2.8.1/src/server/shttpd/compat_unix.h.orig openwsman-2.8.1/src/server/shttpd/compat_unix.h
--- openwsman-2.8.1/src/server/shttpd/compat_unix.h.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/src/server/shttpd/compat_unix.h 2025-02-03 09:11:35.072818890 +0100
@@ -27,10 +27,6 @@
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
#endif /* !NO_THREADS */
@ -12,10 +12,10 @@ diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/sr
#define DIRSEP '/'
#define IS_DIRSEP_CHAR(c) ((c) == '/')
#define O_BINARY 0
diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c
--- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100
@@ -11,23 +11,6 @@
diff -up openwsman-2.8.1/src/server/shttpd/io_ssl.c.orig openwsman-2.8.1/src/server/shttpd/io_ssl.c
--- openwsman-2.8.1/src/server/shttpd/io_ssl.c.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/src/server/shttpd/io_ssl.c 2025-02-03 09:12:22.387355905 +0100
@@ -11,28 +11,6 @@
#include "defs.h"
#if !defined(NO_SSL)
@ -29,8 +29,13 @@ diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/ser
- {"SSL_set_fd", {0}},
- {"SSL_new", {0}},
- {"SSL_CTX_new", {0}},
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- {"SSLv23_server_method", {0}},
- {"SSL_library_init", {0}},
-#else
- {"TLS_server_method", {0}},
- {"OPENSSL_init_ssl", {0}},
-#endif
- {"SSL_CTX_use_PrivateKey_file", {0}},
- {"SSL_CTX_use_certificate_file",{0}},
- {NULL, {0}}
@ -39,10 +44,10 @@ diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/ser
void
_shttpd_ssl_handshake(struct stream *stream)
{
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
diff -up openwsman-2.8.1/src/server/shttpd/shttpd.c.orig openwsman-2.8.1/src/server/shttpd/shttpd.c
--- openwsman-2.8.1/src/server/shttpd/shttpd.c.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/src/server/shttpd/shttpd.c 2025-02-03 09:13:43.415562784 +0100
@@ -1510,25 +1510,13 @@ set_ssl(struct shttpd_ctx *ctx, const ch
int retval = FALSE;
EC_KEY* key;
@ -59,20 +64,20 @@ diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/ser
- }
-
/* Initialize SSL crap */
+ debug("Initialize SSL");
+ SSL_load_error_strings();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ OPENSSL_init_ssl(0, NULL);
+#else
SSL_library_init();
+#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h
--- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100
@@ -12,52 +12,4 @@
#else
- OPENSSL_init_ssl();
+ OPENSSL_init_ssl(0, NULL);
if ((CTX = SSL_CTX_new(TLS_server_method())) == NULL)
#endif
_shttpd_report_ssl_error("SSL_CTX_new failed", NULL);
diff -up openwsman-2.8.1/src/server/shttpd/ssl.h.orig openwsman-2.8.1/src/server/shttpd/ssl.h
--- openwsman-2.8.1/src/server/shttpd/ssl.h.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/src/server/shttpd/ssl.h 2025-02-03 09:14:43.142975166 +0100
@@ -12,55 +12,4 @@
#include <openssl/ssl.h>
@ -120,6 +125,9 @@ diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
-#else
-#define TLS_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
-#define OPENSSL_init_ssl() (* (int (*)(void)) FUNC(10))()
#endif
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
- const char *, int)) FUNC(11))((x), (y), (z))

View File

@ -1,79 +0,0 @@
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 08:52:06.112090942 +0100
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:01:15.496156789 +0100
@@ -336,10 +336,12 @@ date_to_epoch(const char *s)
}
static void
-remove_double_dots(char *s)
+remove_all_leading_dots(char *s)
{
char *p = s;
+ while (*s != '\0' && *s == '.') s++;
+
while (*s != '\0') {
*p++ = *s++;
if (s[-1] == '/' || s[-1] == '\\')
@@ -546,7 +548,7 @@ decide_what_to_do(struct conn *c)
*c->query++ = '\0';
_shttpd_url_decode(c->uri, strlen(c->uri), c->uri, strlen(c->uri) + 1);
- remove_double_dots(c->uri);
+ remove_all_leading_dots(c->uri);
root = c->ctx->options[OPT_ROOT];
if (strlen(c->uri) + strlen(root) >= sizeof(path)) {
@@ -556,6 +558,7 @@ decide_what_to_do(struct conn *c)
(void) _shttpd_snprintf(path, sizeof(path), "%s%s", root, c->uri);
+ DBG(("decide_what_to_do -> processed path: [%s]", path));
/* User may use the aliases - check URI for mount point */
if (is_alias(c->ctx, c->uri, &alias_uri, &alias_path) != NULL) {
(void) _shttpd_snprintf(path, sizeof(path), "%.*s%s",
@@ -572,7 +575,10 @@ decide_what_to_do(struct conn *c)
if ((ruri = _shttpd_is_registered_uri(c->ctx, c->uri)) != NULL) {
_shttpd_setup_embedded_stream(c,
ruri->callback, ruri->callback_data);
- } else
+ } else {
+ _shttpd_send_server_error(c, 403, "Forbidden");
+ }
+#if 0
if (strstr(path, HTPASSWD)) {
/* Do not allow to view passwords files */
_shttpd_send_server_error(c, 403, "Forbidden");
@@ -656,6 +662,7 @@ decide_what_to_do(struct conn *c)
} else {
_shttpd_send_server_error(c, 500, "Internal Error");
}
+#endif
}
static int
diff -up openwsman-2.6.8/src/server/wsmand.c.orig openwsman-2.6.8/src/server/wsmand.c
--- openwsman-2.6.8/src/server/wsmand.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/wsmand.c 2019-03-13 09:03:25.919181279 +0100
@@ -198,6 +198,10 @@ static void daemonize(void)
int fd;
char *pid;
+ /* Change our CWD to / */
+ i = chdir("/");
+ assert(i == 0);
+
if (wsmand_options_get_foreground_debug() > 0) {
return;
}
@@ -214,10 +218,6 @@ static void daemonize(void)
log_pid = 0;
setsid();
- /* Change our CWD to / */
- i=chdir("/");
- assert(i == 0);
-
/* Close all file descriptors. */
for (i = getdtablesize(); i >= 0; --i)
close(i);

View File

@ -1,94 +0,0 @@
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 09:32:32.417633057 +0100
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:58:04.482486589 +0100
@@ -705,11 +705,11 @@ parse_http_request(struct conn *c)
_shttpd_send_server_error(c, 500, "Cannot allocate request");
}
+ io_inc_tail(&c->rem.io, req_len);
+
if (c->loc.flags & FLAG_CLOSED)
return;
- io_inc_tail(&c->rem.io, req_len);
-
DBG(("Conn %d: parsing request: [%.*s]", c->rem.chan.sock, req_len, s));
c->rem.flags |= FLAG_HEADERS_PARSED;
@@ -975,7 +975,7 @@ write_stream(struct stream *from, struct
}
-static void
+static int
connection_desctructor(struct llhead *lp)
{
struct conn *c = LL_ENTRY(lp, struct conn, link);
@@ -999,7 +999,8 @@ connection_desctructor(struct llhead *lp
* Check the "Connection: " header before we free c->request
* If it its 'keep-alive', then do not close the connection
*/
- do_close = (c->ch.connection.v_vec.len >= vec.len &&
+ do_close = c->rem.flags & FLAG_CLOSED ||
+ (c->ch.connection.v_vec.len >= vec.len &&
!_shttpd_strncasecmp(vec.ptr,c->ch.connection.v_vec.ptr,vec.len)) ||
(c->major_version < 1 ||
(c->major_version >= 1 && c->minor_version < 1));
@@ -1021,7 +1022,7 @@ connection_desctructor(struct llhead *lp
io_clear(&c->loc.io);
c->birth_time = _shttpd_current_time;
if (io_data_len(&c->rem.io) > 0)
- process_connection(c, 0, 0);
+ return 1;
} else {
if (c->rem.io_class != NULL)
c->rem.io_class->close(&c->rem);
@@ -1032,6 +1033,8 @@ connection_desctructor(struct llhead *lp
free(c);
}
+
+ return 0;
}
static void
@@ -1039,7 +1042,7 @@ worker_destructor(struct llhead *lp)
{
struct worker *worker = LL_ENTRY(lp, struct worker, link);
- free_list(&worker->connections, connection_desctructor);
+ free_list(&worker->connections, (void (*)(struct llhead *))connection_desctructor);
free(worker);
}
@@ -1072,6 +1075,8 @@ add_to_set(int fd, fd_set *set, int *max
static void
process_connection(struct conn *c, int remote_ready, int local_ready)
{
+again:
+
/* Read from remote end if it is ready */
if (remote_ready && io_space_len(&c->rem.io))
read_stream(&c->rem);
@@ -1100,7 +1105,11 @@ process_connection(struct conn *c, int r
if ((_shttpd_current_time > c->expire_time) ||
(c->rem.flags & FLAG_CLOSED) ||
((c->loc.flags & FLAG_CLOSED) && !io_data_len(&c->loc.io)))
- connection_desctructor(&c->link);
+ if (connection_desctructor(&c->link)) {
+ remote_ready = 0;
+ local_ready = 0;
+ goto again;
+ }
}
static int
@@ -1642,7 +1651,7 @@ worker_function(void *param)
while (worker->exit_flag == 0)
poll_worker(worker, 1000 * 10);
- free_list(&worker->connections, connection_desctructor);
+ free_list(&worker->connections, (void (*)(struct llhead *))connection_desctructor);
free(worker);
}

View File

@ -1,56 +0,0 @@
diff -up openwsman-2.6.8/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.8/src/lib/wsman-curl-client-transport.c
--- openwsman-2.6.8/src/lib/wsman-curl-client-transport.c.orig 2022-11-24 10:02:08.114053046 +0100
+++ openwsman-2.6.8/src/lib/wsman-curl-client-transport.c 2022-11-24 10:02:08.119053046 +0100
@@ -455,6 +455,7 @@ wsmc_handler( WsManClient *cl,
long http_code;
long auth_avail = 0;
char *_user = NULL, *_pass = NULL;
+ int _no_auth = 0; /* 0 if authentication is used, 1 if no authentication was used */
u_buf_t *response = NULL;
//char *soapaction;
char *tmp_str = NULL;
@@ -554,6 +555,7 @@ wsmc_handler( WsManClient *cl,
_user = wsmc_get_user(cl);
_pass = wsmc_get_password(cl);
if (_user && _pass && cl->data.auth_set) {
+ _no_auth = 0;
r = curl_easy_setopt(curl, CURLOPT_HTTPAUTH, cl->data.auth_set);
if (r != CURLE_OK) {
cl->fault_string = u_strdup(curl_easy_strerror(r));
@@ -574,6 +576,11 @@ wsmc_handler( WsManClient *cl,
curl_err("curl_easy_setopt(curl, CURLOPT_USERPWD, ..) failed");
goto DONE;
}
+ } else {
+ /* request without user credentials, remember this for
+ * later use when it might become necessary to print an error message
+ */
+ _no_auth = 1;
}
if (wsman_debug_level_debugged(DEBUG_LEVEL_MESSAGE)) {
@@ -606,6 +613,24 @@ wsmc_handler( WsManClient *cl,
break;
case 401:
// The server requires authentication.
+ /* RFC 2616 states:
+ *
+ * If the request already included Authorization credentials, then the 401
+ * response indicates that authorization has been refused for those
+ * credentials. If the 401 response contains the same challenge as the
+ * prior response, and the user agent has already attempted
+ * authentication at least once, then the user SHOULD be presented the
+ * entity that was given in the response, since that entity might
+ * include relevant diagnostic information.
+ */
+ if (_no_auth == 0) {
+ /* no authentication credentials were used. It is only
+ * possible to write a message about the current situation. There
+ * is no information about the last attempt to access the resource.
+ * Maybe at a later point in time I will implement more state information.
+ */
+ fprintf(stdout,"Authentication failed, please retry\n");
+ }
break;
default:
// The status code does not indicate success.

View File

@ -1,6 +1,6 @@
diff -up openwsman-2.6.8/etc/owsmangencert.sh.cmake.orig openwsman-2.6.8/etc/owsmangencert.sh.cmake
--- openwsman-2.6.8/etc/owsmangencert.sh.cmake.orig 2025-10-14 10:05:22.966137046 +0200
+++ openwsman-2.6.8/etc/owsmangencert.sh.cmake 2025-10-14 10:09:39.142759545 +0200
diff -up openwsman-2.8.1/etc/owsmangencert.sh.cmake.orig openwsman-2.8.1/etc/owsmangencert.sh.cmake
--- openwsman-2.8.1/etc/owsmangencert.sh.cmake.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/etc/owsmangencert.sh.cmake 2025-10-17 10:16:34.482996406 +0200
@@ -1,10 +1,74 @@
-#!/bin/sh
-
@ -78,7 +78,7 @@ diff -up openwsman-2.6.8/etc/owsmangencert.sh.cmake.orig openwsman-2.6.8/etc/ows
if [ "$1" != "--force" -a -f $KEYFILE ]; then
echo "$KEYFILE exists! Use \"$0 --force.\""
@@ -15,19 +79,7 @@ if [ "$1" = "--force" ]; then
@@ -15,18 +79,7 @@ if [ "$1" = "--force" ]; then
shift
fi
@ -92,9 +92,8 @@ diff -up openwsman-2.6.8/etc/owsmangencert.sh.cmake.orig openwsman-2.6.8/etc/ows
-# use special .cnf, because with normal one no valid selfsigned
-# certificate is created
-
-export RANDFILE=/dev/random
-openssl req -days 365 $@ -config $CNFFILE \
- -new -x509 -nodes -out $CERTFILE \
- -newkey rsa:2048 -x509 -nodes -out $CERTFILE \
- -keyout $KEYFILE
-chmod 600 $KEYFILE
+create_ssl_cnf

View File

@ -1,12 +1,9 @@
diff -up openwsman-2.6.8/etc/ssleay.cnf.orig openwsman-2.6.8/etc/ssleay.cnf
--- openwsman-2.6.8/etc/ssleay.cnf.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/etc/ssleay.cnf 2020-09-22 14:27:56.216306882 +0200
@@ -2,10 +2,8 @@
# SSLeay example configuration file.
diff -up openwsman-2.7.1/etc/ssleay.cnf.orig openwsman-2.7.1/etc/ssleay.cnf
--- openwsman-2.7.1/etc/ssleay.cnf.orig 2021-11-09 08:27:48.577749509 +0100
+++ openwsman-2.7.1/etc/ssleay.cnf 2021-11-09 08:28:10.499967010 +0100
@@ -3,7 +3,7 @@
#
-RANDFILE = /dev/random
-
[ req ]
-default_bits = 1024
+default_bits = 2048

View File

@ -0,0 +1,16 @@
diff -up openwsman-2.8.1/src/lib/u/log.c.orig openwsman-2.8.1/src/lib/u/log.c
--- openwsman-2.8.1/src/lib/u/log.c.orig 2025-01-23 10:23:52.000000000 +0100
+++ openwsman-2.8.1/src/lib/u/log.c 2025-10-22 09:22:30.104144805 +0200
@@ -25,8 +25,10 @@
#include <u/syslog.h>
-/* applications that use libu will define their own "int facility" variable */
-extern int facility;
+/* Define facility in the library for backward compatibility with openwsman 2.6.8
+ * Applications can still override this if needed */
+int facility = LOG_DAEMON;
+
/* log hook. if not-zero use this function to write log messages */
static u_log_hook_t hook = NULL;

View File

@ -1,9 +1,10 @@
# RubyGems's macros expect gem_name to exist.
%global gem_name %{name}
%global compatver 2.6.8
Name: openwsman
Version: 2.6.8
Release: 24%{?dist}
Version: 2.8.1
Release: 1%{?dist}
Summary: Open source Implementation of WS-Management
License: BSD
@ -15,16 +16,18 @@ Source1: openwsmand.8.gz
Source2: openwsmand.service
# script for testing presence of the certificates in ExecStartPre
Source3: owsmantestcert.sh
# source for libwsman_client lib compatibility
Source4: https://github.com/Openwsman/openwsman/archive/v%{compatver}.tar.gz
Patch1: openwsman-2.4.0-pamsetup.patch
Patch2: openwsman-2.4.12-ruby-binding-build.patch
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
Patch4: openwsman-2.6.5-http-status-line.patch
# Patch5 is just for compat package, not needed in 2.8.1
Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch
Patch6: openwsman-2.6.8-CVE-2019-3816.patch
Patch7: openwsman-2.6.8-CVE-2019-3833.patch
Patch8: openwsman-2.6.8-update-ssleay-conf.patch
Patch9: openwsman-2.6.8-http-unauthorized-improve.patch
Patch10: openwsman-2.6.8-ssl-certs-gen-changes.patch
# Patch11 is just for compat
Patch11: openwsman-2.8.1-facility-definition.patch
BuildRequires: make
BuildRequires: swig
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
@ -127,21 +130,26 @@ This is a command line tool for the Windows Remote Shell protocol.
You can use it to send shell commands to a remote Windows hosts.
%prep
%setup -q
%setup -q -c -n %{name} -a 4
# apply patches for regular source
cd %{name}-%{version}
%patch -P1 -p1 -b .pamsetup
%patch -P2 -p1 -b .ruby-binding-build
%patch -P3 -p1 -b .openssl-1.1-fix
%patch -P4 -p1 -b .http-status-line
%patch -P5 -p1 -b .libcurl-error-codes-update
%patch -P6 -p1 -b .CVE-2019-3816
%patch -P7 -p1 -b .CVE-2019-3833
%patch -P8 -p1 -b .update-ssleay-conf
%patch -P9 -p1 -b .http-unauthorized-improve
%patch -P10 -p1 -b .ssl-certs-gen-changes
%patch -P11 -p1 -b .facility-definition
# apply patches for compatibility source
cd ../%{name}-%{compatver}
%patch -P5 -p1 -b .libcurl-error-codes-update
%build
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
# build regular source
cd %{name}-%{version}
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
chmod -x src/cpp/WsmanClient.h
rm -rf build
@ -168,13 +176,45 @@ make
# Make the freshly build openwsman libraries available to build the gem's
# binary extension.
export LIBRARY_PATH=%{_builddir}/%{name}-%{version}/build/src/lib
export CPATH=%{_builddir}/%{name}-%{version}/include/
export LD_LIBRARY_PATH=%{_builddir}/%{name}-%{version}/build/src/lib/
export LIBRARY_PATH=%{_builddir}/%{name}/%{name}-%{version}/build/src/lib
export CPATH=%{_builddir}/%{name/}%{name}-%{version}/include/
export LD_LIBRARY_PATH=%{_builddir}/%{name}/%{name}-%{version}/build/src/lib/
%gem_install -n ./bindings/ruby/%{name}-%{version}.gem
# build compat source
cd ../../%{name}-%{compatver}
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
chmod -x src/cpp/WsmanClient.h
rm -rf build
mkdir build
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DFEDORA -DNO_SSL_CALLBACK"
export CFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
export CXXFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
cd build
cmake \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_VERBOSE_MAKEFILE=TRUE \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_C_FLAGS_RELEASE:STRING="$RPM_OPT_FLAGS -fno-strict-aliasing" \
-DCMAKE_CXX_FLAGS_RELEASE:STRING="$RPM_OPT_FLAGS" \
-DCMAKE_SKIP_RPATH=1 \
-DPACKAGE_ARCHITECTURE=`uname -m` \
-DLIB=%{_lib} \
-DBUILD_JAVA=no \
-DBUILD_PYTHON=no \
-DBUILD_PYTHON3=no \
-DBUILD_PERL=no \
-DBUILD_RUBY=no \
..
make
%install
# install regular source
cd %{name}-%{version}
cd build
# Do not install the ruby extension, we are proviging the rubygem- instead.
@ -186,6 +226,7 @@ rm -f %{buildroot}/%{_libdir}/*.la
rm -f %{buildroot}/%{_libdir}/openwsman/plugins/*.la
rm -f %{buildroot}/%{_libdir}/openwsman/authenticators/*.la
[ -d %{buildroot}/%{ruby_vendorlibdir} ] && rm -f %{buildroot}/%{ruby_vendorlibdir}/openwsmanplugin.rb
[ -d %{buildroot}/%{ruby_sitelibdir} ] && rm -f %{buildroot}%{ruby_sitelibdir}/openwsmanplugin.rb
[ -d %{buildroot}/%{ruby_vendorlibdir} ] && rm -f %{buildroot}/%{ruby_vendorlibdir}/openwsman.rb
mkdir -p %{buildroot}%{_sysconfdir}/init.d
install -m 644 etc/openwsman.conf %{buildroot}/%{_sysconfdir}/openwsman
@ -211,6 +252,14 @@ rm -rf %{buildroot}%{gem_instdir}/ext
mkdir -p %{buildroot}%{gem_extdir_mri}
cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdir_mri}/
# install compat library
cd ../%{name}-%{compatver}
install build/src/lib/libwsman_client.so.4.0.0 %{buildroot}/%{_libdir}
# create symlink
pushd %{buildroot}/%{_libdir}
ln -s libwsman_client.so.4.0.0 libwsman_client.so.4
popd
%ldconfig_scriptlets -n libwsman1
%post server
@ -228,25 +277,25 @@ rm -f /var/log/wsmand.log
%ldconfig_scriptlets client
%files -n libwsman1
%doc AUTHORS COPYING ChangeLog README.md TODO
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md %{name}-%{version}/TODO
%{_libdir}/libwsman.so.*
%{_libdir}/libwsman_client.so.*
%{_libdir}/libwsman_curl_client_transport.so.*
%files -n libwsman-devel
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
%{_includedir}/*
%{_libdir}/pkgconfig/*
%{_libdir}/*.so
%files python3
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
%{python3_sitearch}/*.so
%{python3_sitearch}/*.py
%{python3_sitearch}/__pycache__/*
%files -n rubygem-%{gem_name}
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
%dir %{gem_instdir}
%{gem_libdir}
%{gem_extdir_mri}
@ -257,12 +306,12 @@ rm -f /var/log/wsmand.log
%doc %{gem_docdir}
%files perl
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
%{perl_vendorarch}/openwsman.so
%{perl_vendorlib}/openwsman.pm
%files server
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
# Don't remove *.so files from the server package.
# the server fails to start without these files.
%dir %{_sysconfdir}/openwsman
@ -284,7 +333,7 @@ rm -f /var/log/wsmand.log
%{_mandir}/man8/*
%files client
%doc AUTHORS COPYING ChangeLog README.md
%doc %{name}-%{version}/AUTHORS %{name}-%{version}/COPYING %{name}-%{version}/ChangeLog %{name}-%{version}/README.md
%{_libdir}/libwsman_clientpp.so.*
%config(noreplace) %{_sysconfdir}/openwsman/openwsman_client.conf
@ -292,6 +341,12 @@ rm -f /var/log/wsmand.log
%{_bindir}/winrs
%changelog
* Thu Oct 23 2025 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.8.1-1
- Update to openwsman-2.8.1
Resolves: RHEL-97643
- Add libwsman-client.so.4 for backward compatibility
Related: RHEL-97643
* Tue Oct 14 2025 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-24
- Update OpenSSL certificates set up
Resolves: RHEL-118292

View File

@ -1,2 +1,3 @@
SHA512 (openwsmand.8.gz) = 751c40060781e8b5a847e09aee94833ed1e4fbe966f052e5023cb209361acc312078d0d75c0806bd9990da061d3048566418135d3670dd620c6b809e5d0e594c
SHA512 (v2.6.8.tar.gz) = 49e8ac9267602e3bedc5cca78f270798cd16cfb6ddf2fc5f2feb8539bb3eba3bbce09931a18c96cd231c4beeffda5c3ae5bb9e8531662c49ca6fd9681538ea31
SHA512 (v2.8.1.tar.gz) = 3c72b6778269186108e48203a9c37f1e4ea8ff532013a80be6af3c6e8d2bf89343233287bc4eb2e955b8db4b7cf6d20818f77423781f6fdb52a6317a7e8bc972