Update to openwsman-2.6.8
This commit is contained in:
Vitezslav Crhonek
parent
8e7d5b2b9d
commit
8be31c757a
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
||||
/openwsmand.8.gz
|
||||
/v2.6.5.tar.gz
|
||||
/v2.6.8.tar.gz
|
||||
|
||||
@ -1,16 +1,13 @@
|
||||
diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman
|
||||
--- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200
|
||||
+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200
|
||||
@@ -1,7 +1,7 @@
|
||||
#%PAM-1.0
|
||||
-auth required pam_unix2.so nullok
|
||||
+auth required pam_unix.so nullok
|
||||
diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman
|
||||
--- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100
|
||||
+++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100
|
||||
@@ -2,6 +2,6 @@
|
||||
auth required pam_unix.so nullok
|
||||
auth required pam_nologin.so
|
||||
-account required pam_unix2.so
|
||||
-password required pam_pwcheck.so nullok
|
||||
-password required pam_unix2.so nullok use_first_pass use_authtok
|
||||
-session required pam_unix2.so none
|
||||
+account required pam_unix.so
|
||||
account required pam_unix.so
|
||||
-password required pam_cracklib.so nullok
|
||||
-password required pam_unix.so nullok use_first_pass use_authtok nis shadow
|
||||
-session required pam_unix.so none
|
||||
+password required pam_pwquality.so
|
||||
+password required pam_unix.so nullok use_first_pass use_authtok
|
||||
+password required pam_unix.so nullok use_first_pass use_authtok
|
||||
+session required pam_unix.so
|
||||
|
||||
@ -6,7 +6,7 @@ diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/binding
|
||||
|
||||
major, minor, path = RUBY_VERSION.split(".")
|
||||
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
|
||||
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i")
|
||||
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i")
|
||||
|
||||
$CPPFLAGS = "-I/usr/include/openwsman -I.."
|
||||
|
||||
|
||||
@ -1,31 +1,6 @@
|
||||
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
|
||||
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100
|
||||
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100
|
||||
@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s
|
||||
static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg)
|
||||
{
|
||||
unsigned char *thumbprint = (unsigned char *)arg;
|
||||
- X509 *cert = ctx->cert;
|
||||
EVP_MD *tempDigest;
|
||||
|
||||
unsigned char tempFingerprint[EVP_MAX_MD_SIZE];
|
||||
unsigned int tempFingerprintLen;
|
||||
tempDigest = (EVP_MD*)EVP_sha1( );
|
||||
+
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
|
||||
+#else
|
||||
+ X509 *cert = ctx->cert;
|
||||
+#endif
|
||||
+ if(!cert)
|
||||
+ return 0;
|
||||
+
|
||||
if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0)
|
||||
return 0;
|
||||
if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen))
|
||||
diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h
|
||||
--- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100
|
||||
+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100
|
||||
diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h
|
||||
--- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200
|
||||
+++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100
|
||||
@@ -27,10 +27,6 @@
|
||||
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
|
||||
#endif /* !NO_THREADS */
|
||||
@ -37,9 +12,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr
|
||||
#define DIRSEP '/'
|
||||
#define IS_DIRSEP_CHAR(c) ((c) == '/')
|
||||
#define O_BINARY 0
|
||||
diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c
|
||||
--- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100
|
||||
+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100
|
||||
diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c
|
||||
--- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200
|
||||
+++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100
|
||||
@@ -11,23 +11,6 @@
|
||||
#include "defs.h"
|
||||
|
||||
@ -64,9 +39,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser
|
||||
void
|
||||
_shttpd_ssl_handshake(struct stream *stream)
|
||||
{
|
||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100
|
||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100
|
||||
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
|
||||
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200
|
||||
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100
|
||||
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
||||
int retval = FALSE;
|
||||
EC_KEY* key;
|
||||
@ -94,22 +69,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
|
||||
|
||||
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
|
||||
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
|
||||
@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
||||
if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) {
|
||||
//_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name);
|
||||
debug("SSL: disable %s protocol", protocols[idx].name);
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
+ SSL_CTX_set_options(CTX, protocols[idx].opt);
|
||||
+#else
|
||||
SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL);
|
||||
+#endif
|
||||
break;
|
||||
}
|
||||
}
|
||||
diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h
|
||||
--- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100
|
||||
+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100
|
||||
@@ -12,50 +12,4 @@
|
||||
diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h
|
||||
--- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200
|
||||
+++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100
|
||||
@@ -12,52 +12,4 @@
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
@ -130,7 +93,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
|
||||
-#define SSL_ERROR_SYSCALL 5
|
||||
-#define SSL_FILETYPE_PEM 1
|
||||
-
|
||||
#endif
|
||||
-#endif
|
||||
-
|
||||
-/*
|
||||
- * Dynamically loaded SSL functionality
|
||||
@ -153,9 +116,11 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
|
||||
-#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y))
|
||||
-#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y))
|
||||
-#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x)
|
||||
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x)
|
||||
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x)
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
|
||||
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
|
||||
#endif
|
||||
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
||||
- const char *, int)) FUNC(11))((x), (y), (z))
|
||||
-#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
||||
|
||||
@ -1,12 +0,0 @@
|
||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100
|
||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100
|
||||
@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
||||
|
||||
if (ssl_cipher_list) {
|
||||
int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list);
|
||||
- if (rc != 0) {
|
||||
+ if (rc != 1) {
|
||||
_shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
|
||||
}
|
||||
}
|
||||
@ -2,8 +2,8 @@
|
||||
%global gem_name %{name}
|
||||
|
||||
Name: openwsman
|
||||
Version: 2.6.5
|
||||
Release: 10%{?dist}
|
||||
Version: 2.6.8
|
||||
Release: 1%{?dist}
|
||||
Summary: Open source Implementation of WS-Management
|
||||
|
||||
License: BSD
|
||||
@ -19,8 +19,7 @@ Patch1: openwsman-2.4.0-pamsetup.patch
|
||||
Patch2: openwsman-2.4.12-ruby-binding-build.patch
|
||||
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
|
||||
Patch4: openwsman-2.6.5-http-status-line.patch
|
||||
Patch5: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch
|
||||
Patch6: openwsman-2.6.5-libcurl-error-codes-update.patch
|
||||
Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch
|
||||
BuildRequires: swig
|
||||
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
|
||||
BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter
|
||||
@ -127,8 +126,7 @@ You can use it to send shell commands to a remote Windows hosts.
|
||||
%patch2 -p1 -b .ruby-binding-build
|
||||
%patch3 -p1 -b .openssl-1.1-fix
|
||||
%patch4 -p1 -b .http-status-line
|
||||
%patch5 -p1 -b .fix-set-cipher-list-retval-check
|
||||
%patch6 -p1 -b .libcurl-error-codes-update
|
||||
%patch5 -p1 -b .libcurl-error-codes-update
|
||||
|
||||
%build
|
||||
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
|
||||
@ -151,6 +149,7 @@ cmake \
|
||||
-DPACKAGE_ARCHITECTURE=`uname -m` \
|
||||
-DLIB=%{_lib} \
|
||||
-DBUILD_JAVA=no \
|
||||
-DBUILD_PYTHON=no \
|
||||
..
|
||||
|
||||
make
|
||||
@ -285,6 +284,9 @@ rm -f /var/log/wsmand.log
|
||||
%{_bindir}/winrs
|
||||
|
||||
%changelog
|
||||
* Thu Nov 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-1
|
||||
- Update to openwsman-2.6.8
|
||||
|
||||
* Wed Nov 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
|
||||
- Reflect changes in libcurl error codes
|
||||
Resolves: #1649393
|
||||
|
||||
1
sources
1
sources
@ -1,2 +1,3 @@
|
||||
SHA512 (openwsmand.8.gz) = 751c40060781e8b5a847e09aee94833ed1e4fbe966f052e5023cb209361acc312078d0d75c0806bd9990da061d3048566418135d3670dd620c6b809e5d0e594c
|
||||
SHA512 (v2.6.5.tar.gz) = dff103d50ddf974aa90db5be74761dd83944e64e1bab65161ee2941949c46af57c5d53d011ccbf1ef21002c825f4a2be8d6431c83610dd930b5ac4352fd0762b
|
||||
SHA512 (v2.6.8.tar.gz) = 49e8ac9267602e3bedc5cca78f270798cd16cfb6ddf2fc5f2feb8539bb3eba3bbce09931a18c96cd231c4beeffda5c3ae5bb9e8531662c49ca6fd9681538ea31
|
||||
|
||||
Loading…
Reference in New Issue
Block a user