Commit Graph

2 Commits

Author SHA1 Message Date
Clemens Lang
eca3c22e53 Fix stunnel in FIPS mode (w/upcoming OpenSSL changes)
Related: rhbz#2050617
Signed-off-by: Clemens Lang <cllang@redhat.com>
2022-02-04 15:44:22 +01:00
Clemens Lang
1c02cd025e New upstream release 5.61
Fixes #1887204.

Update the default TLS version patch to no longer include a large amount
of whitespace in its "Using the default TLS version as specified in its
OpenSSL crypto policies. Not setting explicitly." message. The
whitespace was caused by a line continuation, which is now replaced by
string literal concatenation.

Patch the FIPS tests to be skipped when stunnel is compiled against an
OpenSSL 3.x configured with enable-fips, but without the required
configuration that would be installed by a system administrator using
openssl fipsinstall. This matches the behavior when compiled against
OpenSSL 3.x configured without enable-fips.

Switch to package URL to https. Upstream has done the same in the spec
file in the tarball.

Add build dependencies for python3 and the openssl command line tool.
Both are used in tests now.

Drop a sed expression applied to the configure script that no longer
does anything and remove environment variables from testing that are no
longer required to make the tests pass.
2022-01-12 12:14:18 +01:00