diff --git a/.gitignore b/.gitignore index 77b5874..490fdf3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ /openwsmand.8.gz -/v2.6.5.tar.gz +/v2.6.8.tar.gz diff --git a/openwsman-2.4.0-pamsetup.patch b/openwsman-2.4.0-pamsetup.patch index 021ca88..466b5df 100644 --- a/openwsman-2.4.0-pamsetup.patch +++ b/openwsman-2.4.0-pamsetup.patch @@ -1,16 +1,13 @@ -diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman ---- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200 -+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200 -@@ -1,7 +1,7 @@ - #%PAM-1.0 --auth required pam_unix2.so nullok -+auth required pam_unix.so nullok +diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman +--- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100 ++++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100 +@@ -2,6 +2,6 @@ + auth required pam_unix.so nullok auth required pam_nologin.so --account required pam_unix2.so --password required pam_pwcheck.so nullok --password required pam_unix2.so nullok use_first_pass use_authtok --session required pam_unix2.so none -+account required pam_unix.so + account required pam_unix.so +-password required pam_cracklib.so nullok +-password required pam_unix.so nullok use_first_pass use_authtok nis shadow +-session required pam_unix.so none +password required pam_pwquality.so -+password required pam_unix.so nullok use_first_pass use_authtok ++password required pam_unix.so nullok use_first_pass use_authtok +session required pam_unix.so diff --git a/openwsman-2.4.12-ruby-binding-build.patch b/openwsman-2.4.12-ruby-binding-build.patch index 7f46996..1a4e76e 100644 --- a/openwsman-2.4.12-ruby-binding-build.patch +++ b/openwsman-2.4.12-ruby-binding-build.patch @@ -6,7 +6,7 @@ diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/binding major, minor, path = RUBY_VERSION.split(".") -raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i") -+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i") ++raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i") $CPPFLAGS = "-I/usr/include/openwsman -I.." diff --git a/openwsman-2.6.2-openssl-1.1-fix.patch b/openwsman-2.6.2-openssl-1.1-fix.patch index 1be385d..98f6bc2 100644 --- a/openwsman-2.6.2-openssl-1.1-fix.patch +++ b/openwsman-2.6.2-openssl-1.1-fix.patch @@ -1,31 +1,6 @@ -diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c ---- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100 -@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s - static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg) - { - unsigned char *thumbprint = (unsigned char *)arg; -- X509 *cert = ctx->cert; - EVP_MD *tempDigest; - - unsigned char tempFingerprint[EVP_MAX_MD_SIZE]; - unsigned int tempFingerprintLen; - tempDigest = (EVP_MD*)EVP_sha1( ); -+ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx); -+#else -+ X509 *cert = ctx->cert; -+#endif -+ if(!cert) -+ return 0; -+ - if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0) - return 0; - if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen)) -diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h ---- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100 +diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h +--- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200 ++++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100 @@ -27,10 +27,6 @@ pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0) #endif /* !NO_THREADS */ @@ -37,9 +12,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr #define DIRSEP '/' #define IS_DIRSEP_CHAR(c) ((c) == '/') #define O_BINARY 0 -diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c ---- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100 +diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c +--- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200 ++++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100 @@ -11,23 +11,6 @@ #include "defs.h" @@ -64,9 +39,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser void _shttpd_ssl_handshake(struct stream *stream) { -diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c ---- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100 +diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c +--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200 ++++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100 @@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch int retval = FALSE; EC_KEY* key; @@ -94,22 +69,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL) _shttpd_elog(E_LOG, NULL, "SSL_CTX_new error"); -@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch - if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) { - //_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name); - debug("SSL: disable %s protocol", protocols[idx].name); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ SSL_CTX_set_options(CTX, protocols[idx].opt); -+#else - SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL); -+#endif - break; - } - } -diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h ---- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100 -@@ -12,50 +12,4 @@ +diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h +--- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200 ++++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100 +@@ -12,52 +12,4 @@ #include @@ -130,7 +93,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server -#define SSL_ERROR_SYSCALL 5 -#define SSL_FILETYPE_PEM 1 - - #endif +-#endif - -/* - * Dynamically loaded SSL functionality @@ -153,9 +116,11 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server -#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y)) -#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y)) -#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x) --#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x) +-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x) +-#if OPENSSL_VERSION_NUMBER < 0x10100000L -#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))() -#define SSL_library_init() (* (int (*)(void)) FUNC(10))() + #endif -#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \ - const char *, int)) FUNC(11))((x), (y), (z)) -#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \ diff --git a/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch b/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch deleted file mode 100644 index dc3e52c..0000000 --- a/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c ---- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100 -+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100 -@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch - - if (ssl_cipher_list) { - int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list); -- if (rc != 0) { -+ if (rc != 1) { - _shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list); - } - } diff --git a/openwsman.spec b/openwsman.spec index 8603375..845166d 100644 --- a/openwsman.spec +++ b/openwsman.spec @@ -2,8 +2,8 @@ %global gem_name %{name} Name: openwsman -Version: 2.6.5 -Release: 10%{?dist} +Version: 2.6.8 +Release: 1%{?dist} Summary: Open source Implementation of WS-Management License: BSD @@ -19,8 +19,7 @@ Patch1: openwsman-2.4.0-pamsetup.patch Patch2: openwsman-2.4.12-ruby-binding-build.patch Patch3: openwsman-2.6.2-openssl-1.1-fix.patch Patch4: openwsman-2.6.5-http-status-line.patch -Patch5: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch -Patch6: openwsman-2.6.5-libcurl-error-codes-update.patch +Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch BuildRequires: swig BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter @@ -127,8 +126,7 @@ You can use it to send shell commands to a remote Windows hosts. %patch2 -p1 -b .ruby-binding-build %patch3 -p1 -b .openssl-1.1-fix %patch4 -p1 -b .http-status-line -%patch5 -p1 -b .fix-set-cipher-list-retval-check -%patch6 -p1 -b .libcurl-error-codes-update +%patch5 -p1 -b .libcurl-error-codes-update %build # Removing executable permissions on .c and .h files to fix rpmlint warnings. @@ -151,6 +149,7 @@ cmake \ -DPACKAGE_ARCHITECTURE=`uname -m` \ -DLIB=%{_lib} \ -DBUILD_JAVA=no \ + -DBUILD_PYTHON=no \ .. make @@ -285,6 +284,9 @@ rm -f /var/log/wsmand.log %{_bindir}/winrs %changelog +* Thu Nov 22 2018 Vitezslav Crhonek - 2.6.8-1 +- Update to openwsman-2.6.8 + * Wed Nov 14 2018 Vitezslav Crhonek - 2.6.5-10 - Reflect changes in libcurl error codes Resolves: #1649393 diff --git a/sources b/sources index b9ddf41..8128bd2 100644 --- a/sources +++ b/sources @@ -1,2 +1,3 @@ SHA512 (openwsmand.8.gz) = 751c40060781e8b5a847e09aee94833ed1e4fbe966f052e5023cb209361acc312078d0d75c0806bd9990da061d3048566418135d3670dd620c6b809e5d0e594c SHA512 (v2.6.5.tar.gz) = dff103d50ddf974aa90db5be74761dd83944e64e1bab65161ee2941949c46af57c5d53d011ccbf1ef21002c825f4a2be8d6431c83610dd930b5ac4352fd0762b +SHA512 (v2.6.8.tar.gz) = 49e8ac9267602e3bedc5cca78f270798cd16cfb6ddf2fc5f2feb8539bb3eba3bbce09931a18c96cd231c4beeffda5c3ae5bb9e8531662c49ca6fd9681538ea31