Compare commits
No commits in common. "c8" and "imports/c9-beta/openwsman-2.6.8-22.el9" have entirely different histories.
c8
...
imports/c9
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
|||||||
SOURCES/openwsmand.8.gz
|
SOURCES/openwsmand.8.gz
|
||||||
SOURCES/v2.6.5.tar.gz
|
SOURCES/v2.6.8.tar.gz
|
||||||
|
2
.openwsman.metadata
Normal file
2
.openwsman.metadata
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
a6a8bbbfa71ce04bedae55f2f06ce97089b6c5e1 SOURCES/openwsmand.8.gz
|
||||||
|
e061a41b3d5f5fa4ee284726d283e15f4a0e8c46 SOURCES/v2.6.8.tar.gz
|
@ -1,16 +1,13 @@
|
|||||||
diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman
|
diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman
|
||||||
--- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200
|
--- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100
|
||||||
+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200
|
+++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100
|
||||||
@@ -1,7 +1,7 @@
|
@@ -2,6 +2,6 @@
|
||||||
#%PAM-1.0
|
auth required pam_unix.so nullok
|
||||||
-auth required pam_unix2.so nullok
|
|
||||||
+auth required pam_unix.so nullok
|
|
||||||
auth required pam_nologin.so
|
auth required pam_nologin.so
|
||||||
-account required pam_unix2.so
|
account required pam_unix.so
|
||||||
-password required pam_pwcheck.so nullok
|
-password required pam_cracklib.so nullok
|
||||||
-password required pam_unix2.so nullok use_first_pass use_authtok
|
-password required pam_unix.so nullok use_first_pass use_authtok nis shadow
|
||||||
-session required pam_unix2.so none
|
-session required pam_unix.so none
|
||||||
+account required pam_unix.so
|
|
||||||
+password required pam_pwquality.so
|
+password required pam_pwquality.so
|
||||||
+password required pam_unix.so nullok use_first_pass use_authtok
|
+password required pam_unix.so nullok use_first_pass use_authtok
|
||||||
+session required pam_unix.so
|
+session required pam_unix.so
|
||||||
|
@ -6,7 +6,7 @@ diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/binding
|
|||||||
|
|
||||||
major, minor, path = RUBY_VERSION.split(".")
|
major, minor, path = RUBY_VERSION.split(".")
|
||||||
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
|
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
|
||||||
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i")
|
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i")
|
||||||
|
|
||||||
$CPPFLAGS = "-I/usr/include/openwsman -I.."
|
$CPPFLAGS = "-I/usr/include/openwsman -I.."
|
||||||
|
|
||||||
|
@ -1,31 +1,6 @@
|
|||||||
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
|
diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h
|
||||||
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100
|
--- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100
|
+++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100
|
||||||
@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s
|
|
||||||
static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg)
|
|
||||||
{
|
|
||||||
unsigned char *thumbprint = (unsigned char *)arg;
|
|
||||||
- X509 *cert = ctx->cert;
|
|
||||||
EVP_MD *tempDigest;
|
|
||||||
|
|
||||||
unsigned char tempFingerprint[EVP_MAX_MD_SIZE];
|
|
||||||
unsigned int tempFingerprintLen;
|
|
||||||
tempDigest = (EVP_MD*)EVP_sha1( );
|
|
||||||
+
|
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
|
|
||||||
+#else
|
|
||||||
+ X509 *cert = ctx->cert;
|
|
||||||
+#endif
|
|
||||||
+ if(!cert)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0)
|
|
||||||
return 0;
|
|
||||||
if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen))
|
|
||||||
diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h
|
|
||||||
--- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100
|
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100
|
|
||||||
@@ -27,10 +27,6 @@
|
@@ -27,10 +27,6 @@
|
||||||
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
|
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
|
||||||
#endif /* !NO_THREADS */
|
#endif /* !NO_THREADS */
|
||||||
@ -37,9 +12,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr
|
|||||||
#define DIRSEP '/'
|
#define DIRSEP '/'
|
||||||
#define IS_DIRSEP_CHAR(c) ((c) == '/')
|
#define IS_DIRSEP_CHAR(c) ((c) == '/')
|
||||||
#define O_BINARY 0
|
#define O_BINARY 0
|
||||||
diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c
|
diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c
|
||||||
--- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100
|
--- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100
|
+++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100
|
||||||
@@ -11,23 +11,6 @@
|
@@ -11,23 +11,6 @@
|
||||||
#include "defs.h"
|
#include "defs.h"
|
||||||
|
|
||||||
@ -64,9 +39,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser
|
|||||||
void
|
void
|
||||||
_shttpd_ssl_handshake(struct stream *stream)
|
_shttpd_ssl_handshake(struct stream *stream)
|
||||||
{
|
{
|
||||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
|
||||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100
|
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100
|
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100
|
||||||
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
||||||
int retval = FALSE;
|
int retval = FALSE;
|
||||||
EC_KEY* key;
|
EC_KEY* key;
|
||||||
@ -94,22 +69,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
|
|||||||
|
|
||||||
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
|
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
|
||||||
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
|
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
|
||||||
@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h
|
||||||
if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) {
|
--- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
//_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name);
|
+++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100
|
||||||
debug("SSL: disable %s protocol", protocols[idx].name);
|
@@ -12,52 +12,4 @@
|
||||||
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
||||||
+ SSL_CTX_set_options(CTX, protocols[idx].opt);
|
|
||||||
+#else
|
|
||||||
SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL);
|
|
||||||
+#endif
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h
|
|
||||||
--- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100
|
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100
|
|
||||||
@@ -12,50 +12,4 @@
|
|
||||||
|
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
@ -130,7 +93,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
|
|||||||
-#define SSL_ERROR_SYSCALL 5
|
-#define SSL_ERROR_SYSCALL 5
|
||||||
-#define SSL_FILETYPE_PEM 1
|
-#define SSL_FILETYPE_PEM 1
|
||||||
-
|
-
|
||||||
#endif
|
-#endif
|
||||||
-
|
-
|
||||||
-/*
|
-/*
|
||||||
- * Dynamically loaded SSL functionality
|
- * Dynamically loaded SSL functionality
|
||||||
@ -153,9 +116,11 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
|
|||||||
-#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y))
|
-#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y))
|
||||||
-#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y))
|
-#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y))
|
||||||
-#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x)
|
-#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x)
|
||||||
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x)
|
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x)
|
||||||
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
|
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
|
||||||
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
|
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
|
||||||
|
#endif
|
||||||
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
||||||
- const char *, int)) FUNC(11))((x), (y), (z))
|
- const char *, int)) FUNC(11))((x), (y), (z))
|
||||||
-#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
-#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
|
||||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100
|
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100
|
|
||||||
@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch
|
|
||||||
|
|
||||||
if (ssl_cipher_list) {
|
|
||||||
int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list);
|
|
||||||
- if (rc != 0) {
|
|
||||||
+ if (rc != 1) {
|
|
||||||
_shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,56 +0,0 @@
|
|||||||
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
|
|
||||||
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2022-09-08 10:36:46.265107915 +0200
|
|
||||||
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2022-09-08 10:36:46.273107919 +0200
|
|
||||||
@@ -452,6 +452,7 @@ wsmc_handler( WsManClient *cl,
|
|
||||||
long http_code;
|
|
||||||
long auth_avail = 0;
|
|
||||||
char *_user = NULL, *_pass = NULL;
|
|
||||||
+ int _no_auth = 0; /* 0 if authentication is used, 1 if no authentication was used */
|
|
||||||
u_buf_t *response = NULL;
|
|
||||||
//char *soapaction;
|
|
||||||
char *tmp_str = NULL;
|
|
||||||
@@ -551,6 +552,7 @@ wsmc_handler( WsManClient *cl,
|
|
||||||
_user = wsmc_get_user(cl);
|
|
||||||
_pass = wsmc_get_password(cl);
|
|
||||||
if (_user && _pass && cl->data.auth_set) {
|
|
||||||
+ _no_auth = 0;
|
|
||||||
r = curl_easy_setopt(curl, CURLOPT_HTTPAUTH, cl->data.auth_set);
|
|
||||||
if (r != CURLE_OK) {
|
|
||||||
cl->fault_string = u_strdup(curl_easy_strerror(r));
|
|
||||||
@@ -571,6 +573,11 @@ wsmc_handler( WsManClient *cl,
|
|
||||||
curl_err("curl_easy_setopt(curl, CURLOPT_USERPWD, ..) failed");
|
|
||||||
goto DONE;
|
|
||||||
}
|
|
||||||
+ } else {
|
|
||||||
+ /* request without user credentials, remember this for
|
|
||||||
+ * later use when it might become necessary to print an error message
|
|
||||||
+ */
|
|
||||||
+ _no_auth = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (wsman_debug_level_debugged(DEBUG_LEVEL_MESSAGE)) {
|
|
||||||
@@ -603,6 +610,24 @@ wsmc_handler( WsManClient *cl,
|
|
||||||
break;
|
|
||||||
case 401:
|
|
||||||
// The server requires authentication.
|
|
||||||
+ /* RFC 2616 states:
|
|
||||||
+ *
|
|
||||||
+ * If the request already included Authorization credentials, then the 401
|
|
||||||
+ * response indicates that authorization has been refused for those
|
|
||||||
+ * credentials. If the 401 response contains the same challenge as the
|
|
||||||
+ * prior response, and the user agent has already attempted
|
|
||||||
+ * authentication at least once, then the user SHOULD be presented the
|
|
||||||
+ * entity that was given in the response, since that entity might
|
|
||||||
+ * include relevant diagnostic information.
|
|
||||||
+ */
|
|
||||||
+ if (_no_auth == 0) {
|
|
||||||
+ /* no authentication credentials were used. It is only
|
|
||||||
+ * possible to write a message about the current situation. There
|
|
||||||
+ * is no information about the last attempt to access the resource.
|
|
||||||
+ * Maybe at a later point in time I will implement more state information.
|
|
||||||
+ */
|
|
||||||
+ fprintf(stdout,"Authentication failed, please retry\n");
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
// The status code does not indicate success.
|
|
27
SOURCES/openwsman-2.6.5-libcurl-error-codes-update.patch
Normal file
27
SOURCES/openwsman-2.6.5-libcurl-error-codes-update.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
|
||||||
|
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2018-11-14 13:53:27.442138557 +0100
|
||||||
|
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-11-14 14:11:28.508714204 +0100
|
||||||
|
@@ -186,16 +186,23 @@ convert_to_last_error(CURLcode r)
|
||||||
|
return WS_LASTERR_SSL_CONNECT_ERROR;
|
||||||
|
case CURLE_BAD_FUNCTION_ARGUMENT:
|
||||||
|
return WS_LASTERR_CURL_BAD_FUNCTION_ARG;
|
||||||
|
+#if LIBCURL_VERSION_NUM < 0x073E00
|
||||||
|
case CURLE_SSL_PEER_CERTIFICATE:
|
||||||
|
return WS_LASTERR_SSL_PEER_CERTIFICATE;
|
||||||
|
+#endif
|
||||||
|
case CURLE_SSL_ENGINE_NOTFOUND:
|
||||||
|
return WS_LASTERR_SSL_ENGINE_NOTFOUND;
|
||||||
|
case CURLE_SSL_ENGINE_SETFAILED:
|
||||||
|
return WS_LASTERR_SSL_ENGINE_SETFAILED;
|
||||||
|
case CURLE_SSL_CERTPROBLEM:
|
||||||
|
return WS_LASTERR_SSL_CERTPROBLEM;
|
||||||
|
+#if LIBCURL_VERSION_NUM < 0x073E00
|
||||||
|
case CURLE_SSL_CACERT:
|
||||||
|
return WS_LASTERR_SSL_CACERT;
|
||||||
|
+#else
|
||||||
|
+ case CURLE_PEER_FAILED_VERIFICATION:
|
||||||
|
+ return WS_LASTERR_SSL_PEER_CERTIFICATE;
|
||||||
|
+#endif
|
||||||
|
#if LIBCURL_VERSION_NUM > 0x70C01
|
||||||
|
case CURLE_SSL_ENGINE_INITFAILED:
|
||||||
|
return WS_LASTERR_SSL_ENGINE_INITFAILED;
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
|
||||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2019-03-13 10:20:07.376527798 +0100
|
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 08:52:06.112090942 +0100
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2019-03-13 10:20:07.380527801 +0100
|
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:01:15.496156789 +0100
|
||||||
@@ -336,10 +336,12 @@ date_to_epoch(const char *s)
|
@@ -336,10 +336,12 @@ date_to_epoch(const char *s)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,9 +52,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
diff -up openwsman-2.6.5/src/server/wsmand.c.orig openwsman-2.6.5/src/server/wsmand.c
|
diff -up openwsman-2.6.8/src/server/wsmand.c.orig openwsman-2.6.8/src/server/wsmand.c
|
||||||
--- openwsman-2.6.5/src/server/wsmand.c.orig 2017-11-28 09:32:15.000000000 +0100
|
--- openwsman-2.6.8/src/server/wsmand.c.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
+++ openwsman-2.6.5/src/server/wsmand.c 2019-03-13 10:20:07.380527801 +0100
|
+++ openwsman-2.6.8/src/server/wsmand.c 2019-03-13 09:03:25.919181279 +0100
|
||||||
@@ -198,6 +198,10 @@ static void daemonize(void)
|
@@ -198,6 +198,10 @@ static void daemonize(void)
|
||||||
int fd;
|
int fd;
|
||||||
char *pid;
|
char *pid;
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
|
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
|
||||||
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2020-05-11 11:10:04.783971915 +0200
|
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 09:32:32.417633057 +0100
|
||||||
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2020-05-11 11:10:04.786971932 +0200
|
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:58:04.482486589 +0100
|
||||||
@@ -705,11 +705,11 @@ parse_http_request(struct conn *c)
|
@@ -705,11 +705,11 @@ parse_http_request(struct conn *c)
|
||||||
_shttpd_send_server_error(c, 500, "Cannot allocate request");
|
_shttpd_send_server_error(c, 500, "Cannot allocate request");
|
||||||
}
|
}
|
||||||
@ -83,7 +83,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
@@ -1640,7 +1649,7 @@ worker_function(void *param)
|
@@ -1642,7 +1651,7 @@ worker_function(void *param)
|
||||||
while (worker->exit_flag == 0)
|
while (worker->exit_flag == 0)
|
||||||
poll_worker(worker, 1000 * 10);
|
poll_worker(worker, 1000 * 10);
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openwsman-2.6.5/etc/ssleay.cnf.orig openwsman-2.6.5/etc/ssleay.cnf
|
diff -up openwsman-2.6.8/etc/ssleay.cnf.orig openwsman-2.6.8/etc/ssleay.cnf
|
||||||
--- openwsman-2.6.5/etc/ssleay.cnf.orig 2017-11-28 09:32:15.000000000 +0100
|
--- openwsman-2.6.8/etc/ssleay.cnf.orig 2018-10-12 12:06:26.000000000 +0200
|
||||||
+++ openwsman-2.6.5/etc/ssleay.cnf 2023-07-10 10:00:44.713426317 +0200
|
+++ openwsman-2.6.8/etc/ssleay.cnf 2020-09-22 14:27:56.216306882 +0200
|
||||||
@@ -2,10 +2,8 @@
|
@@ -2,10 +2,8 @@
|
||||||
# SSLeay example configuration file.
|
# SSLeay example configuration file.
|
||||||
#
|
#
|
@ -2,8 +2,8 @@
|
|||||||
%global gem_name %{name}
|
%global gem_name %{name}
|
||||||
|
|
||||||
Name: openwsman
|
Name: openwsman
|
||||||
Version: 2.6.5
|
Version: 2.6.8
|
||||||
Release: 10%{?dist}
|
Release: 22%{?dist}
|
||||||
Summary: Open source Implementation of WS-Management
|
Summary: Open source Implementation of WS-Management
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -19,19 +19,18 @@ Patch1: openwsman-2.4.0-pamsetup.patch
|
|||||||
Patch2: openwsman-2.4.12-ruby-binding-build.patch
|
Patch2: openwsman-2.4.12-ruby-binding-build.patch
|
||||||
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
|
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
|
||||||
Patch4: openwsman-2.6.5-http-status-line.patch
|
Patch4: openwsman-2.6.5-http-status-line.patch
|
||||||
Patch5: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch
|
Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch
|
||||||
Patch6: openwsman-2.6.5-CVE-2019-3816.patch
|
Patch6: openwsman-2.6.8-CVE-2019-3816.patch
|
||||||
# Patch7: fixes CVE-2019-3833, rhbz#1687865
|
Patch7: openwsman-2.6.8-CVE-2019-3833.patch
|
||||||
Patch7: openwsman-2.6.5-CVE-2019-3833.patch
|
Patch8: openwsman-2.6.8-update-ssleay-conf.patch
|
||||||
Patch8: openwsman-2.6.5-http-unauthorized-improve.patch
|
BuildRequires: make
|
||||||
# Patch9: fixes cert issue, rhbz#2220821
|
|
||||||
Patch9: openwsman-2.6.5-update-ssleay-conf.patch
|
|
||||||
BuildRequires: swig
|
BuildRequires: swig
|
||||||
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
|
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
|
||||||
BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter
|
BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter
|
||||||
BuildRequires: perl-devel perl-generators pkgconfig openssl-devel
|
BuildRequires: perl-devel perl-generators pkgconfig openssl-devel
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: systemd-units
|
BuildRequires: systemd-units
|
||||||
|
BuildRequires: gcc gcc-c++
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Openwsman is a project intended to provide an open-source
|
Openwsman is a project intended to provide an open-source
|
||||||
@ -94,6 +93,7 @@ This package provides Python3 bindings to access the openwsman client API.
|
|||||||
License: BSD
|
License: BSD
|
||||||
Summary: Ruby client bindings for Openwsman
|
Summary: Ruby client bindings for Openwsman
|
||||||
Obsoletes: %{name}-ruby < %{version}-%{release}
|
Obsoletes: %{name}-ruby < %{version}-%{release}
|
||||||
|
Requires: libwsman1 = %{version}-%{release}
|
||||||
|
|
||||||
%description -n rubygem-%{gem_name}
|
%description -n rubygem-%{gem_name}
|
||||||
The openwsman gem provides a Ruby API to manage systems using
|
The openwsman gem provides a Ruby API to manage systems using
|
||||||
@ -131,11 +131,10 @@ You can use it to send shell commands to a remote Windows hosts.
|
|||||||
%patch2 -p1 -b .ruby-binding-build
|
%patch2 -p1 -b .ruby-binding-build
|
||||||
%patch3 -p1 -b .openssl-1.1-fix
|
%patch3 -p1 -b .openssl-1.1-fix
|
||||||
%patch4 -p1 -b .http-status-line
|
%patch4 -p1 -b .http-status-line
|
||||||
%patch5 -p1 -b .fix-set-cipher-list-retval-check
|
%patch5 -p1 -b .libcurl-error-codes-update
|
||||||
%patch6 -p1 -b .CVE-2019-3816
|
%patch6 -p1 -b .CVE-2019-3816
|
||||||
%patch7 -p1 -b .CVE-2019-3833
|
%patch7 -p1 -b .CVE-2019-3833
|
||||||
%patch8 -p1 -b .http-unauthorized-improve
|
%patch8 -p1 -b .update-ssleay-conf
|
||||||
%patch9 -p1 -b .update-ssleay-conf
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
|
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
|
||||||
@ -145,8 +144,8 @@ rm -rf build
|
|||||||
mkdir build
|
mkdir build
|
||||||
|
|
||||||
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DFEDORA -DNO_SSL_CALLBACK"
|
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DFEDORA -DNO_SSL_CALLBACK"
|
||||||
export CFLAGS="-D_GNU_SOURCE -fPIE -DPIE"
|
export CFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
|
||||||
export LDFLAGS="$LDFLAGS -Wl,-z,now -pie"
|
export CXXFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
|
||||||
cd build
|
cd build
|
||||||
cmake \
|
cmake \
|
||||||
-DCMAKE_INSTALL_PREFIX=/usr \
|
-DCMAKE_INSTALL_PREFIX=/usr \
|
||||||
@ -158,6 +157,7 @@ cmake \
|
|||||||
-DPACKAGE_ARCHITECTURE=`uname -m` \
|
-DPACKAGE_ARCHITECTURE=`uname -m` \
|
||||||
-DLIB=%{_lib} \
|
-DLIB=%{_lib} \
|
||||||
-DBUILD_JAVA=no \
|
-DBUILD_JAVA=no \
|
||||||
|
-DBUILD_PYTHON=no \
|
||||||
..
|
..
|
||||||
|
|
||||||
make
|
make
|
||||||
@ -176,7 +176,7 @@ cd build
|
|||||||
# Do not install the ruby extension, we are proviging the rubygem- instead.
|
# Do not install the ruby extension, we are proviging the rubygem- instead.
|
||||||
echo -n > bindings/ruby/cmake_install.cmake
|
echo -n > bindings/ruby/cmake_install.cmake
|
||||||
|
|
||||||
make DESTDIR=%{buildroot} install
|
%make_install
|
||||||
cd ..
|
cd ..
|
||||||
rm -f %{buildroot}/%{_libdir}/*.la
|
rm -f %{buildroot}/%{_libdir}/*.la
|
||||||
rm -f %{buildroot}/%{_libdir}/openwsman/plugins/*.la
|
rm -f %{buildroot}/%{_libdir}/openwsman/plugins/*.la
|
||||||
@ -207,12 +207,10 @@ rm -rf %{buildroot}%{gem_instdir}/ext
|
|||||||
mkdir -p %{buildroot}%{gem_extdir_mri}
|
mkdir -p %{buildroot}%{gem_extdir_mri}
|
||||||
cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdir_mri}/
|
cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdir_mri}/
|
||||||
|
|
||||||
%post -n libwsman1 -p /sbin/ldconfig
|
%ldconfig_scriptlets -n libwsman1
|
||||||
|
|
||||||
%postun -n libwsman1 -p /sbin/ldconfig
|
|
||||||
|
|
||||||
%post server
|
%post server
|
||||||
/sbin/ldconfig
|
%{?ldconfig}
|
||||||
%systemd_post openwsmand.service
|
%systemd_post openwsmand.service
|
||||||
|
|
||||||
%preun server
|
%preun server
|
||||||
@ -221,11 +219,9 @@ cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdi
|
|||||||
%postun server
|
%postun server
|
||||||
rm -f /var/log/wsmand.log
|
rm -f /var/log/wsmand.log
|
||||||
%systemd_postun_with_restart openwsmand.service
|
%systemd_postun_with_restart openwsmand.service
|
||||||
/sbin/ldconfig
|
%{?ldconfig}
|
||||||
|
|
||||||
%post client -p /sbin/ldconfig
|
%ldconfig_scriptlets client
|
||||||
|
|
||||||
%postun client -p /sbin/ldconfig
|
|
||||||
|
|
||||||
%files -n libwsman1
|
%files -n libwsman1
|
||||||
%doc AUTHORS COPYING ChangeLog README.md TODO
|
%doc AUTHORS COPYING ChangeLog README.md TODO
|
||||||
@ -292,36 +288,106 @@ rm -f /var/log/wsmand.log
|
|||||||
%{_bindir}/winrs
|
%{_bindir}/winrs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Jul 27 2023 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-22
|
||||||
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
|
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-21
|
||||||
|
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
||||||
|
Related: rhbz#1971065
|
||||||
|
|
||||||
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-20
|
||||||
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-19
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jan 06 2021 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-18
|
||||||
|
- F-34: rebuild against ruby 3.0
|
||||||
|
|
||||||
|
* Tue Sep 22 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-17
|
||||||
|
- Use make macros, patch by Tom Stellard <tstellar@redhat.com>
|
||||||
|
(https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro)
|
||||||
|
- Update flags, enable LTO
|
||||||
- Remove RANDFILE and increase default bits in ssleay.conf
|
- Remove RANDFILE and increase default bits in ssleay.conf
|
||||||
Resolves: #2220821
|
|
||||||
|
|
||||||
* Tue Feb 14 2023 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-9
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-16
|
||||||
- Add rpminspect.yaml
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
Related: #2105315
|
|
||||||
|
|
||||||
* Thu Sep 08 2022 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-8
|
* Wed Jul 08 2020 Jeff Law <law@redhat.com> - 2.6.8-15
|
||||||
- Improve handling of HTTP 401 Unauthorized
|
- Disable LTO
|
||||||
Resolves: #2105315
|
|
||||||
|
|
||||||
* Mon May 11 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-7
|
* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.8-14
|
||||||
- Fix CVE-2019-3833
|
- Perl 5.32 rebuild
|
||||||
Resolves: #1687865
|
|
||||||
|
|
||||||
* Wed Jul 17 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-6
|
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-13
|
||||||
- Fix name of Patch6
|
- Rebuilt for Python 3.9
|
||||||
|
|
||||||
* Wed Mar 13 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-5
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-12
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Jan 18 2020 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-11
|
||||||
|
- F-32: rebuild against ruby27
|
||||||
|
|
||||||
|
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-10
|
||||||
|
- Rebuilt for Python 3.8.0rc1 (#1748018)
|
||||||
|
|
||||||
|
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-9
|
||||||
|
- Rebuilt for Python 3.8
|
||||||
|
|
||||||
|
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.8-7
|
||||||
|
- Perl 5.30 rebuild
|
||||||
|
|
||||||
|
* Mon Apr 01 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-6
|
||||||
|
- Add requires libwsman1 for rubygem-openwsman
|
||||||
|
|
||||||
|
* Wed Mar 13 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-5
|
||||||
- Fix CVE-2019-3816
|
- Fix CVE-2019-3816
|
||||||
Resolves: #1687864
|
Resolves: #1687760
|
||||||
|
- Fix CVE-2019-3833
|
||||||
|
Resolves: #1687762
|
||||||
- Remove Dist Tag from the oldest changelog entry
|
- Remove Dist Tag from the oldest changelog entry
|
||||||
|
|
||||||
* Thu Sep 20 2018 Tomas Orsava <torsava@redhat.com> - 2.6.5-4
|
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org>
|
||||||
- Require the Python interpreter directly instead of using the package name
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
- Related: rhbz#1619153
|
|
||||||
|
|
||||||
* Wed Feb 21 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-3
|
* Mon Jan 21 2019 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-3
|
||||||
|
- F-30: rebuild against ruby26
|
||||||
|
|
||||||
|
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 2.6.8-2
|
||||||
|
- Rebuilt for libcrypt.so.2 (#1666033)
|
||||||
|
|
||||||
|
* Thu Nov 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-1
|
||||||
|
- Update to openwsman-2.6.8
|
||||||
|
|
||||||
|
* Wed Nov 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
|
||||||
|
- Reflect changes in libcurl error codes
|
||||||
|
Resolves: #1649393
|
||||||
|
|
||||||
|
* Mon Oct 01 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-9
|
||||||
|
- Require the Python interpreter directly instead of using the package name
|
||||||
|
|
||||||
|
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.5-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jul 03 2018 Petr Pisar <ppisar@redhat.com> - 2.6.5-7
|
||||||
|
- Perl 5.28 rebuild
|
||||||
|
|
||||||
|
* Thu Jun 28 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.5-6
|
||||||
|
- Perl 5.28 rebuild
|
||||||
|
|
||||||
|
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 2.6.5-5
|
||||||
|
- Rebuilt for Python 3.7
|
||||||
|
|
||||||
|
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 2.6.5-4
|
||||||
|
- Rebuilt for Python 3.7
|
||||||
|
|
||||||
|
* Thu Feb 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-3
|
||||||
- Fix wrong SSL_CTX_set_cipher_list() retval check
|
- Fix wrong SSL_CTX_set_cipher_list() retval check
|
||||||
|
- Add BuildRequires gcc and gcc-c++
|
||||||
- Explicitly disable build of java bindings (build fails if java-devel is installed)
|
- Explicitly disable build of java bindings (build fails if java-devel is installed)
|
||||||
|
|
||||||
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.5-2
|
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.5-2
|
||||||
|
Loading…
Reference in New Issue
Block a user