rpms/openwsman
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to openwsman-2.6.8

Browse Source
This commit is contained in:
Vitezslav Crhonek 2018-11-22 13:37:08 +01:00
parent 8e7d5b2b9d
commit 8be31c757a
7 changed files with 38 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
/openwsmand.8.gz /openwsmand.8.gz
/v2.6.5.tar.gz /v2.6.8.tar.gz

21
openwsman-2.4.0-pamsetup.patch
View File

@ -1,16 +1,13 @@
diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman
--- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200 --- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100
+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200 +++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100
@@ -1,7 +1,7 @@ @@ -2,6 +2,6 @@
#%PAM-1.0 auth required pam_unix.so nullok
-auth required pam_unix2.so nullok
+auth required pam_unix.so nullok
auth required pam_nologin.so auth required pam_nologin.so
-account required pam_unix2.so account required pam_unix.so
-password required pam_pwcheck.so nullok -password required pam_cracklib.so nullok
-password required pam_unix2.so nullok use_first_pass use_authtok -password required pam_unix.so nullok use_first_pass use_authtok nis shadow
-session required pam_unix2.so none -session required pam_unix.so none
+account required pam_unix.so
+password required pam_pwquality.so +password required pam_pwquality.so
+password required pam_unix.so nullok use_first_pass use_authtok +password required pam_unix.so nullok use_first_pass use_authtok
+session required pam_unix.so +session required pam_unix.so

2
openwsman-2.4.12-ruby-binding-build.patch
View File

@ -6,7 +6,7 @@ diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/binding
major, minor, path = RUBY_VERSION.split(".") major, minor, path = RUBY_VERSION.split(".")
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i") -raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i") +raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i")
$CPPFLAGS = "-I/usr/include/openwsman -I.." $CPPFLAGS = "-I/usr/include/openwsman -I.."

69
openwsman-2.6.2-openssl-1.1-fix.patch
View File

@ -1,31 +1,6 @@
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100 --- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100 +++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100
@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s
static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg)
{
unsigned char *thumbprint = (unsigned char *)arg;
- X509 *cert = ctx->cert;
EVP_MD *tempDigest;
unsigned char tempFingerprint[EVP_MAX_MD_SIZE];
unsigned int tempFingerprintLen;
tempDigest = (EVP_MD*)EVP_sha1( );
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
+#else
+ X509 *cert = ctx->cert;
+#endif
+ if(!cert)
+ return 0;
+
if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0)
return 0;
if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen))
diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h
--- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100
@@ -27,10 +27,6 @@ @@ -27,10 +27,6 @@
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0) pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
#endif /* !NO_THREADS */ #endif /* !NO_THREADS */
@ -37,9 +12,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr
#define DIRSEP '/' #define DIRSEP '/'
#define IS_DIRSEP_CHAR(c) ((c) == '/') #define IS_DIRSEP_CHAR(c) ((c) == '/')
#define O_BINARY 0 #define O_BINARY 0
diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c
--- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100 --- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100 +++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100
@@ -11,23 +11,6 @@ @@ -11,23 +11,6 @@
#include "defs.h" #include "defs.h"
@ -64,9 +39,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser
void void
_shttpd_ssl_handshake(struct stream *stream) _shttpd_ssl_handshake(struct stream *stream)
{ {
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100 --- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100 +++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch @@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
int retval = FALSE; int retval = FALSE;
EC_KEY* key; EC_KEY* key;
@ -94,22 +69,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL) if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error"); _shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h
if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) { --- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200
//_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name); +++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100
debug("SSL: disable %s protocol", protocols[idx].name); @@ -12,52 +12,4 @@
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ SSL_CTX_set_options(CTX, protocols[idx].opt);
+#else
SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL);
+#endif
break;
}
}
diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h
--- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100
@@ -12,50 +12,4 @@
#include <openssl/ssl.h> #include <openssl/ssl.h>
@ -130,7 +93,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
-#define SSL_ERROR_SYSCALL 5 -#define SSL_ERROR_SYSCALL 5
-#define SSL_FILETYPE_PEM 1 -#define SSL_FILETYPE_PEM 1
- -
#endif -#endif
- -
-/* -/*
- * Dynamically loaded SSL functionality - * Dynamically loaded SSL functionality
@ -153,9 +116,11 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
-#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y)) -#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y))
-#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y)) -#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y))
-#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x) -#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x)
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x) -#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x)
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))() -#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))() -#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
#endif
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \ -#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
- const char *, int)) FUNC(11))((x), (y), (z)) - const char *, int)) FUNC(11))((x), (y), (z))
-#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \ -#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \

12
openwsman-2.6.5-fix-set-cipher-list-retval-check.patch
View File

@ -1,12 +0,0 @@
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100
@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch
if (ssl_cipher_list) {
int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list);
- if (rc != 0) {
+ if (rc != 1) {
_shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
}
}

14
openwsman.spec
View File

@ -2,8 +2,8 @@
%global gem_name %{name} %global gem_name %{name}
Name: openwsman Name: openwsman
Version: 2.6.5 Version: 2.6.8
Release: 10%{?dist} Release: 1%{?dist}
Summary: Open source Implementation of WS-Management Summary: Open source Implementation of WS-Management
License: BSD License: BSD
@ -19,8 +19,7 @@ Patch1: openwsman-2.4.0-pamsetup.patch
Patch2: openwsman-2.4.12-ruby-binding-build.patch Patch2: openwsman-2.4.12-ruby-binding-build.patch
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
Patch4: openwsman-2.6.5-http-status-line.patch Patch4: openwsman-2.6.5-http-status-line.patch
Patch5: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch
Patch6: openwsman-2.6.5-libcurl-error-codes-update.patch
BuildRequires: swig BuildRequires: swig
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter
@ -127,8 +126,7 @@ You can use it to send shell commands to a remote Windows hosts.
%patch2 -p1 -b .ruby-binding-build %patch2 -p1 -b .ruby-binding-build
%patch3 -p1 -b .openssl-1.1-fix %patch3 -p1 -b .openssl-1.1-fix
%patch4 -p1 -b .http-status-line %patch4 -p1 -b .http-status-line
%patch5 -p1 -b .fix-set-cipher-list-retval-check %patch5 -p1 -b .libcurl-error-codes-update
%patch6 -p1 -b .libcurl-error-codes-update
%build %build
# Removing executable permissions on .c and .h files to fix rpmlint warnings. # Removing executable permissions on .c and .h files to fix rpmlint warnings.
@ -151,6 +149,7 @@ cmake \
-DPACKAGE_ARCHITECTURE=`uname -m` \ -DPACKAGE_ARCHITECTURE=`uname -m` \
-DLIB=%{_lib} \ -DLIB=%{_lib} \
-DBUILD_JAVA=no \ -DBUILD_JAVA=no \
-DBUILD_PYTHON=no \
.. ..
make make
@ -285,6 +284,9 @@ rm -f /var/log/wsmand.log
%{_bindir}/winrs %{_bindir}/winrs
%changelog %changelog
* Thu Nov 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-1
- Update to openwsman-2.6.8
* Wed Nov 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10 * Wed Nov 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
- Reflect changes in libcurl error codes - Reflect changes in libcurl error codes
Resolves: #1649393 Resolves: #1649393

1
sources
View File

@ -1,2 +1,3 @@
SHA512 (openwsmand.8.gz) = 751c40060781e8b5a847e09aee94833ed1e4fbe966f052e5023cb209361acc312078d0d75c0806bd9990da061d3048566418135d3670dd620c6b809e5d0e594c SHA512 (openwsmand.8.gz) = 751c40060781e8b5a847e09aee94833ed1e4fbe966f052e5023cb209361acc312078d0d75c0806bd9990da061d3048566418135d3670dd620c6b809e5d0e594c
SHA512 (v2.6.5.tar.gz) = dff103d50ddf974aa90db5be74761dd83944e64e1bab65161ee2941949c46af57c5d53d011ccbf1ef21002c825f4a2be8d6431c83610dd930b5ac4352fd0762b SHA512 (v2.6.5.tar.gz) = dff103d50ddf974aa90db5be74761dd83944e64e1bab65161ee2941949c46af57c5d53d011ccbf1ef21002c825f4a2be8d6431c83610dd930b5ac4352fd0762b
SHA512 (v2.6.8.tar.gz) = 49e8ac9267602e3bedc5cca78f270798cd16cfb6ddf2fc5f2feb8539bb3eba3bbce09931a18c96cd231c4beeffda5c3ae5bb9e8531662c49ca6fd9681538ea31