Compare commits

..

No commits in common. "c8" and "imports/c9-beta/openwsman-2.6.8-22.el9" have entirely different histories.

12 changed files with 179 additions and 190 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/openwsmand.8.gz
SOURCES/v2.6.5.tar.gz
SOURCES/v2.6.8.tar.gz

2
.openwsman.metadata Normal file
View File

@ -0,0 +1,2 @@
a6a8bbbfa71ce04bedae55f2f06ce97089b6c5e1 SOURCES/openwsmand.8.gz
e061a41b3d5f5fa4ee284726d283e15f4a0e8c46 SOURCES/v2.6.8.tar.gz

View File

@ -1,16 +1,13 @@
diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman
--- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200
+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200
@@ -1,7 +1,7 @@
#%PAM-1.0
-auth required pam_unix2.so nullok
+auth required pam_unix.so nullok
diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman
--- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100
+++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100
@@ -2,6 +2,6 @@
auth required pam_unix.so nullok
auth required pam_nologin.so
-account required pam_unix2.so
-password required pam_pwcheck.so nullok
-password required pam_unix2.so nullok use_first_pass use_authtok
-session required pam_unix2.so none
+account required pam_unix.so
account required pam_unix.so
-password required pam_cracklib.so nullok
-password required pam_unix.so nullok use_first_pass use_authtok nis shadow
-session required pam_unix.so none
+password required pam_pwquality.so
+password required pam_unix.so nullok use_first_pass use_authtok
+session required pam_unix.so

View File

@ -6,7 +6,7 @@ diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/binding
major, minor, path = RUBY_VERSION.split(".")
-raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i")
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i")
+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.8/include/ -o openwsman_wrap.c openwsman.i")
$CPPFLAGS = "-I/usr/include/openwsman -I.."

View File

@ -1,31 +1,6 @@
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100
@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s
static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg)
{
unsigned char *thumbprint = (unsigned char *)arg;
- X509 *cert = ctx->cert;
EVP_MD *tempDigest;
unsigned char tempFingerprint[EVP_MAX_MD_SIZE];
unsigned int tempFingerprintLen;
tempDigest = (EVP_MD*)EVP_sha1( );
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
+#else
+ X509 *cert = ctx->cert;
+#endif
+ if(!cert)
+ return 0;
+
if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0)
return 0;
if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen))
diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h
--- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100
diff -up openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig openwsman-2.6.8/src/server/shttpd/compat_unix.h
--- openwsman-2.6.8/src/server/shttpd/compat_unix.h.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/compat_unix.h 2018-11-22 13:30:10.756423510 +0100
@@ -27,10 +27,6 @@
pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0)
#endif /* !NO_THREADS */
@ -37,9 +12,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr
#define DIRSEP '/'
#define IS_DIRSEP_CHAR(c) ((c) == '/')
#define O_BINARY 0
diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c
--- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100
diff -up openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig openwsman-2.6.8/src/server/shttpd/io_ssl.c
--- openwsman-2.6.8/src/server/shttpd/io_ssl.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/io_ssl.c 2018-11-22 13:30:10.757423510 +0100
@@ -11,23 +11,6 @@
#include "defs.h"
@ -64,9 +39,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser
void
_shttpd_ssl_handshake(struct stream *stream)
{
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2018-11-22 13:30:41.314416695 +0100
@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch
int retval = FALSE;
EC_KEY* key;
@ -94,22 +69,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch
if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) {
//_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name);
debug("SSL: disable %s protocol", protocols[idx].name);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ SSL_CTX_set_options(CTX, protocols[idx].opt);
+#else
SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL);
+#endif
break;
}
}
diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h
--- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100
@@ -12,50 +12,4 @@
diff -up openwsman-2.6.8/src/server/shttpd/ssl.h.orig openwsman-2.6.8/src/server/shttpd/ssl.h
--- openwsman-2.6.8/src/server/shttpd/ssl.h.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/shttpd/ssl.h 2018-11-22 13:30:10.757423510 +0100
@@ -12,52 +12,4 @@
#include <openssl/ssl.h>
@ -130,7 +93,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
-#define SSL_ERROR_SYSCALL 5
-#define SSL_FILETYPE_PEM 1
-
#endif
-#endif
-
-/*
- * Dynamically loaded SSL functionality
@ -153,9 +116,11 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server
-#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y))
-#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y))
-#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x)
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x)
-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x)
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))()
-#define SSL_library_init() (* (int (*)(void)) FUNC(10))()
#endif
-#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \
- const char *, int)) FUNC(11))((x), (y), (z))
-#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \

View File

@ -1,12 +0,0 @@
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100
@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch
if (ssl_cipher_list) {
int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list);
- if (rc != 0) {
+ if (rc != 1) {
_shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
}
}

View File

@ -1,56 +0,0 @@
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2022-09-08 10:36:46.265107915 +0200
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2022-09-08 10:36:46.273107919 +0200
@@ -452,6 +452,7 @@ wsmc_handler( WsManClient *cl,
long http_code;
long auth_avail = 0;
char *_user = NULL, *_pass = NULL;
+ int _no_auth = 0; /* 0 if authentication is used, 1 if no authentication was used */
u_buf_t *response = NULL;
//char *soapaction;
char *tmp_str = NULL;
@@ -551,6 +552,7 @@ wsmc_handler( WsManClient *cl,
_user = wsmc_get_user(cl);
_pass = wsmc_get_password(cl);
if (_user && _pass && cl->data.auth_set) {
+ _no_auth = 0;
r = curl_easy_setopt(curl, CURLOPT_HTTPAUTH, cl->data.auth_set);
if (r != CURLE_OK) {
cl->fault_string = u_strdup(curl_easy_strerror(r));
@@ -571,6 +573,11 @@ wsmc_handler( WsManClient *cl,
curl_err("curl_easy_setopt(curl, CURLOPT_USERPWD, ..) failed");
goto DONE;
}
+ } else {
+ /* request without user credentials, remember this for
+ * later use when it might become necessary to print an error message
+ */
+ _no_auth = 1;
}
if (wsman_debug_level_debugged(DEBUG_LEVEL_MESSAGE)) {
@@ -603,6 +610,24 @@ wsmc_handler( WsManClient *cl,
break;
case 401:
// The server requires authentication.
+ /* RFC 2616 states:
+ *
+ * If the request already included Authorization credentials, then the 401
+ * response indicates that authorization has been refused for those
+ * credentials. If the 401 response contains the same challenge as the
+ * prior response, and the user agent has already attempted
+ * authentication at least once, then the user SHOULD be presented the
+ * entity that was given in the response, since that entity might
+ * include relevant diagnostic information.
+ */
+ if (_no_auth == 0) {
+ /* no authentication credentials were used. It is only
+ * possible to write a message about the current situation. There
+ * is no information about the last attempt to access the resource.
+ * Maybe at a later point in time I will implement more state information.
+ */
+ fprintf(stdout,"Authentication failed, please retry\n");
+ }
break;
default:
// The status code does not indicate success.

View File

@ -0,0 +1,27 @@
diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c
--- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2018-11-14 13:53:27.442138557 +0100
+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-11-14 14:11:28.508714204 +0100
@@ -186,16 +186,23 @@ convert_to_last_error(CURLcode r)
return WS_LASTERR_SSL_CONNECT_ERROR;
case CURLE_BAD_FUNCTION_ARGUMENT:
return WS_LASTERR_CURL_BAD_FUNCTION_ARG;
+#if LIBCURL_VERSION_NUM < 0x073E00
case CURLE_SSL_PEER_CERTIFICATE:
return WS_LASTERR_SSL_PEER_CERTIFICATE;
+#endif
case CURLE_SSL_ENGINE_NOTFOUND:
return WS_LASTERR_SSL_ENGINE_NOTFOUND;
case CURLE_SSL_ENGINE_SETFAILED:
return WS_LASTERR_SSL_ENGINE_SETFAILED;
case CURLE_SSL_CERTPROBLEM:
return WS_LASTERR_SSL_CERTPROBLEM;
+#if LIBCURL_VERSION_NUM < 0x073E00
case CURLE_SSL_CACERT:
return WS_LASTERR_SSL_CACERT;
+#else
+ case CURLE_PEER_FAILED_VERIFICATION:
+ return WS_LASTERR_SSL_PEER_CERTIFICATE;
+#endif
#if LIBCURL_VERSION_NUM > 0x70C01
case CURLE_SSL_ENGINE_INITFAILED:
return WS_LASTERR_SSL_ENGINE_INITFAILED;

View File

@ -1,6 +1,6 @@
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2019-03-13 10:20:07.376527798 +0100
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2019-03-13 10:20:07.380527801 +0100
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 08:52:06.112090942 +0100
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:01:15.496156789 +0100
@@ -336,10 +336,12 @@ date_to_epoch(const char *s)
}
@ -52,9 +52,9 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
}
static int
diff -up openwsman-2.6.5/src/server/wsmand.c.orig openwsman-2.6.5/src/server/wsmand.c
--- openwsman-2.6.5/src/server/wsmand.c.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/src/server/wsmand.c 2019-03-13 10:20:07.380527801 +0100
diff -up openwsman-2.6.8/src/server/wsmand.c.orig openwsman-2.6.8/src/server/wsmand.c
--- openwsman-2.6.8/src/server/wsmand.c.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/wsmand.c 2019-03-13 09:03:25.919181279 +0100
@@ -198,6 +198,10 @@ static void daemonize(void)
int fd;
char *pid;

View File

@ -1,6 +1,6 @@
diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c
--- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2020-05-11 11:10:04.783971915 +0200
+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2020-05-11 11:10:04.786971932 +0200
diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 09:32:32.417633057 +0100
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:58:04.482486589 +0100
@@ -705,11 +705,11 @@ parse_http_request(struct conn *c)
_shttpd_send_server_error(c, 500, "Cannot allocate request");
}
@ -83,7 +83,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser
}
static int
@@ -1640,7 +1649,7 @@ worker_function(void *param)
@@ -1642,7 +1651,7 @@ worker_function(void *param)
while (worker->exit_flag == 0)
poll_worker(worker, 1000 * 10);

View File

@ -1,6 +1,6 @@
diff -up openwsman-2.6.5/etc/ssleay.cnf.orig openwsman-2.6.5/etc/ssleay.cnf
--- openwsman-2.6.5/etc/ssleay.cnf.orig 2017-11-28 09:32:15.000000000 +0100
+++ openwsman-2.6.5/etc/ssleay.cnf 2023-07-10 10:00:44.713426317 +0200
diff -up openwsman-2.6.8/etc/ssleay.cnf.orig openwsman-2.6.8/etc/ssleay.cnf
--- openwsman-2.6.8/etc/ssleay.cnf.orig 2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/etc/ssleay.cnf 2020-09-22 14:27:56.216306882 +0200
@@ -2,10 +2,8 @@
# SSLeay example configuration file.
#

View File

@ -2,8 +2,8 @@
%global gem_name %{name}
Name: openwsman
Version: 2.6.5
Release: 10%{?dist}
Version: 2.6.8
Release: 22%{?dist}
Summary: Open source Implementation of WS-Management
License: BSD
@ -19,19 +19,18 @@ Patch1: openwsman-2.4.0-pamsetup.patch
Patch2: openwsman-2.4.12-ruby-binding-build.patch
Patch3: openwsman-2.6.2-openssl-1.1-fix.patch
Patch4: openwsman-2.6.5-http-status-line.patch
Patch5: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch
Patch6: openwsman-2.6.5-CVE-2019-3816.patch
# Patch7: fixes CVE-2019-3833, rhbz#1687865
Patch7: openwsman-2.6.5-CVE-2019-3833.patch
Patch8: openwsman-2.6.5-http-unauthorized-improve.patch
# Patch9: fixes cert issue, rhbz#2220821
Patch9: openwsman-2.6.5-update-ssleay-conf.patch
Patch5: openwsman-2.6.5-libcurl-error-codes-update.patch
Patch6: openwsman-2.6.8-CVE-2019-3816.patch
Patch7: openwsman-2.6.8-CVE-2019-3833.patch
Patch8: openwsman-2.6.8-update-ssleay-conf.patch
BuildRequires: make
BuildRequires: swig
BuildRequires: libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
BuildRequires: python3 python3-devel ruby ruby-devel rubygems-devel perl-interpreter
BuildRequires: perl-devel perl-generators pkgconfig openssl-devel
BuildRequires: cmake
BuildRequires: systemd-units
BuildRequires: gcc gcc-c++
%description
Openwsman is a project intended to provide an open-source
@ -94,6 +93,7 @@ This package provides Python3 bindings to access the openwsman client API.
License: BSD
Summary: Ruby client bindings for Openwsman
Obsoletes: %{name}-ruby < %{version}-%{release}
Requires: libwsman1 = %{version}-%{release}
%description -n rubygem-%{gem_name}
The openwsman gem provides a Ruby API to manage systems using
@ -131,11 +131,10 @@ You can use it to send shell commands to a remote Windows hosts.
%patch2 -p1 -b .ruby-binding-build
%patch3 -p1 -b .openssl-1.1-fix
%patch4 -p1 -b .http-status-line
%patch5 -p1 -b .fix-set-cipher-list-retval-check
%patch5 -p1 -b .libcurl-error-codes-update
%patch6 -p1 -b .CVE-2019-3816
%patch7 -p1 -b .CVE-2019-3833
%patch8 -p1 -b .http-unauthorized-improve
%patch9 -p1 -b .update-ssleay-conf
%patch8 -p1 -b .update-ssleay-conf
%build
# Removing executable permissions on .c and .h files to fix rpmlint warnings.
@ -145,8 +144,8 @@ rm -rf build
mkdir build
export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DFEDORA -DNO_SSL_CALLBACK"
export CFLAGS="-D_GNU_SOURCE -fPIE -DPIE"
export LDFLAGS="$LDFLAGS -Wl,-z,now -pie"
export CFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
export CXXFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now"
cd build
cmake \
-DCMAKE_INSTALL_PREFIX=/usr \
@ -158,6 +157,7 @@ cmake \
-DPACKAGE_ARCHITECTURE=`uname -m` \
-DLIB=%{_lib} \
-DBUILD_JAVA=no \
-DBUILD_PYTHON=no \
..
make
@ -176,7 +176,7 @@ cd build
# Do not install the ruby extension, we are proviging the rubygem- instead.
echo -n > bindings/ruby/cmake_install.cmake
make DESTDIR=%{buildroot} install
%make_install
cd ..
rm -f %{buildroot}/%{_libdir}/*.la
rm -f %{buildroot}/%{_libdir}/openwsman/plugins/*.la
@ -207,12 +207,10 @@ rm -rf %{buildroot}%{gem_instdir}/ext
mkdir -p %{buildroot}%{gem_extdir_mri}
cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdir_mri}/
%post -n libwsman1 -p /sbin/ldconfig
%postun -n libwsman1 -p /sbin/ldconfig
%ldconfig_scriptlets -n libwsman1
%post server
/sbin/ldconfig
%{?ldconfig}
%systemd_post openwsmand.service
%preun server
@ -221,11 +219,9 @@ cp -a ./build%{gem_extdir_mri}/{gem.build_complete,*.so} %{buildroot}%{gem_extdi
%postun server
rm -f /var/log/wsmand.log
%systemd_postun_with_restart openwsmand.service
/sbin/ldconfig
%{?ldconfig}
%post client -p /sbin/ldconfig
%postun client -p /sbin/ldconfig
%ldconfig_scriptlets client
%files -n libwsman1
%doc AUTHORS COPYING ChangeLog README.md TODO
@ -292,36 +288,106 @@ rm -f /var/log/wsmand.log
%{_bindir}/winrs
%changelog
* Thu Jul 27 2023 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-22
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-21
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.8-20
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jan 06 2021 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-18
- F-34: rebuild against ruby 3.0
* Tue Sep 22 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-17
- Use make macros, patch by Tom Stellard <tstellar@redhat.com>
(https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro)
- Update flags, enable LTO
- Remove RANDFILE and increase default bits in ssleay.conf
Resolves: #2220821
* Tue Feb 14 2023 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-9
- Add rpminspect.yaml
Related: #2105315
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Sep 08 2022 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-8
- Improve handling of HTTP 401 Unauthorized
Resolves: #2105315
* Wed Jul 08 2020 Jeff Law <law@redhat.com> - 2.6.8-15
- Disable LTO
* Mon May 11 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-7
- Fix CVE-2019-3833
Resolves: #1687865
* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.8-14
- Perl 5.32 rebuild
* Wed Jul 17 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-6
- Fix name of Patch6
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-13
- Rebuilt for Python 3.9
* Wed Mar 13 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-5
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jan 18 2020 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-11
- F-32: rebuild against ruby27
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-10
- Rebuilt for Python 3.8.0rc1 (#1748018)
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 2.6.8-9
- Rebuilt for Python 3.8
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.8-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.8-7
- Perl 5.30 rebuild
* Mon Apr 01 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-6
- Add requires libwsman1 for rubygem-openwsman
* Wed Mar 13 2019 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-5
- Fix CVE-2019-3816
Resolves: #1687864
Resolves: #1687760
- Fix CVE-2019-3833
Resolves: #1687762
- Remove Dist Tag from the oldest changelog entry
* Thu Sep 20 2018 Tomas Orsava <torsava@redhat.com> - 2.6.5-4
- Require the Python interpreter directly instead of using the package name
- Related: rhbz#1619153
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org>
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Feb 21 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-3
* Mon Jan 21 2019 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.6.8-3
- F-30: rebuild against ruby26
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 2.6.8-2
- Rebuilt for libcrypt.so.2 (#1666033)
* Thu Nov 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.8-1
- Update to openwsman-2.6.8
* Wed Nov 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-10
- Reflect changes in libcurl error codes
Resolves: #1649393
* Mon Oct 01 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-9
- Require the Python interpreter directly instead of using the package name
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.5-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 03 2018 Petr Pisar <ppisar@redhat.com> - 2.6.5-7
- Perl 5.28 rebuild
* Thu Jun 28 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.6.5-6
- Perl 5.28 rebuild
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 2.6.5-5
- Rebuilt for Python 3.7
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 2.6.5-4
- Rebuilt for Python 3.7
* Thu Feb 22 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.5-3
- Fix wrong SSL_CTX_set_cipher_list() retval check
- Add BuildRequires gcc and gcc-c++
- Explicitly disable build of java bindings (build fails if java-devel is installed)
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.5-2