Comply with Fedora crypto policy
This commit is contained in:
parent
a8b5a04978
commit
8adfcbb8aa
24
pegasus-2.14.1-crypto-policy-compliance.patch
Normal file
24
pegasus-2.14.1-crypto-policy-compliance.patch
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
diff -up pegasus/rpm/manLinux/man8.Z/cimconfig.8.orig pegasus/rpm/manLinux/man8.Z/cimconfig.8
|
||||||
|
--- pegasus/rpm/manLinux/man8.Z/cimconfig.8.orig 2020-06-25 14:03:32.211892328 +0200
|
||||||
|
+++ pegasus/rpm/manLinux/man8.Z/cimconfig.8 2020-06-25 14:11:31.687821336 +0200
|
||||||
|
@@ -463,7 +463,7 @@ mentioned between single quotes since it
|
||||||
|
like .+, !, -.
|
||||||
|
.PD 0
|
||||||
|
.IP
|
||||||
|
-.BR "Default Value: " DEFAULT\ (The\ default\ cipher\ list\ of\ OpenSSL)
|
||||||
|
+.BR "Default Value: " PROFILE=SYSTEM\ (Protocols\ enforced\ by\ system-wide\ crypto\ policy)
|
||||||
|
.IP
|
||||||
|
.BR Dynamic: \0No
|
||||||
|
.PD
|
||||||
|
diff -up pegasus/src/Pegasus/Config/SecurityPropertyOwner.cpp.orig pegasus/src/Pegasus/Config/SecurityPropertyOwner.cpp
|
||||||
|
--- pegasus/src/Pegasus/Config/SecurityPropertyOwner.cpp.orig 2020-06-25 14:02:19.104445704 +0200
|
||||||
|
+++ pegasus/src/Pegasus/Config/SecurityPropertyOwner.cpp 2020-06-25 14:02:54.695663130 +0200
|
||||||
|
@@ -140,7 +140,7 @@ static struct ConfigPropertyRow properti
|
||||||
|
#ifdef PEGASUS_ENABLE_USERGROUP_AUTHORIZATION
|
||||||
|
{"authorizedUserGroups", "", IS_STATIC, IS_VISIBLE},
|
||||||
|
#endif
|
||||||
|
- {"sslCipherSuite", "DEFAULT", IS_STATIC, IS_VISIBLE}
|
||||||
|
+ {"sslCipherSuite", "PROFILE=SYSTEM", IS_STATIC, IS_VISIBLE}
|
||||||
|
#ifdef PEGASUS_ENABLE_SESSION_COOKIES
|
||||||
|
,{"httpSessionTimeout", "0", IS_DYNAMIC, IS_VISIBLE}
|
||||||
|
#endif
|
@ -8,7 +8,7 @@
|
|||||||
|
|
||||||
Name: tog-pegasus
|
Name: tog-pegasus
|
||||||
Version: %{major_ver}.1
|
Version: %{major_ver}.1
|
||||||
Release: 52%{?dist}
|
Release: 53%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
Summary: OpenPegasus WBEM Services for Linux
|
Summary: OpenPegasus WBEM Services for Linux
|
||||||
|
|
||||||
@ -99,6 +99,9 @@ Patch41: pegasus-2.14.1-ssl-cert-path.patch
|
|||||||
Patch42: pegasus-2.14.1-openssl-1.1-fix.patch
|
Patch42: pegasus-2.14.1-openssl-1.1-fix.patch
|
||||||
# 43: fix -Wreserved-user-defined-literal warnings which prevents building with clang
|
# 43: fix -Wreserved-user-defined-literal warnings which prevents building with clang
|
||||||
Patch43: pegasus-2.14.1-fix-Wreserved-user-defined-literal.patch
|
Patch43: pegasus-2.14.1-fix-Wreserved-user-defined-literal.patch
|
||||||
|
# 44: comply with Fedora crypto policy
|
||||||
|
# (use 'PROFILE=SYSTEM' instead of 'DEFAULT' in SSL_CTX_set_cipher_list calls)
|
||||||
|
Patch44: pegasus-2.14.1-crypto-policy-compliance.patch
|
||||||
|
|
||||||
BuildRequires: procps, libstdc++, pam-devel
|
BuildRequires: procps, libstdc++, pam-devel
|
||||||
BuildRequires: openssl, openssl-devel
|
BuildRequires: openssl, openssl-devel
|
||||||
@ -250,6 +253,7 @@ yes | mak/CreateDmtfSchema 238 %{SOURCE9} cim_schema_2.38.0
|
|||||||
%patch41 -p1 -b .ssl-cert-path
|
%patch41 -p1 -b .ssl-cert-path
|
||||||
%patch42 -p1 -b .openssl-1.1-fix
|
%patch42 -p1 -b .openssl-1.1-fix
|
||||||
%patch43 -p1 -b .Wreserved-user-defined-literal-fix
|
%patch43 -p1 -b .Wreserved-user-defined-literal-fix
|
||||||
|
%patch44 -p1 -b .crypto-policy-compliance
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -551,6 +555,9 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jun 25 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 2:2.14.1-53
|
||||||
|
- Comply with Fedora crypto policy
|
||||||
|
|
||||||
* Wed Mar 25 2020 Tom Stellard <tstellar@redhat.com> - 2:2.14.1-52
|
* Wed Mar 25 2020 Tom Stellard <tstellar@redhat.com> - 2:2.14.1-52
|
||||||
- Fix -Wreserved-user-defined-literal warnings
|
- Fix -Wreserved-user-defined-literal warnings
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user