Accepting request 731327 from security
OBS-URL: https://build.opensuse.org/request/show/731327 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fipscheck?expand=0&rev=9
This commit is contained in:
commit
45369da7e0
@ -1,7 +1,7 @@
|
||||
Index: fipscheck-1.5.0/man/Makefile.in
|
||||
===================================================================
|
||||
--- fipscheck-1.5.0.orig/man/Makefile.in 2017-02-23 15:49:16.000000000 +0100
|
||||
+++ fipscheck-1.5.0/man/Makefile.in 2019-01-03 12:03:26.003429620 +0100
|
||||
+++ fipscheck-1.5.0/man/Makefile.in 2019-09-16 12:46:20.335487000 +0200
|
||||
@@ -567,7 +567,7 @@ uninstall-man: uninstall-man3 uninstall-
|
||||
|
||||
|
||||
|
12
fipscheck-fips.h_not_needed.patch
Normal file
12
fipscheck-fips.h_not_needed.patch
Normal file
@ -0,0 +1,12 @@
|
||||
Index: fipscheck-1.5.0/src/filehmac.c
|
||||
===================================================================
|
||||
--- fipscheck-1.5.0.orig/src/filehmac.c 2019-09-16 12:47:15.843827233 +0200
|
||||
+++ fipscheck-1.5.0/src/filehmac.c 2019-09-16 12:47:20.847857908 +0200
|
||||
@@ -41,7 +41,6 @@
|
||||
#include <sys/wait.h>
|
||||
|
||||
#if defined(WITH_OPENSSL)
|
||||
-#include <openssl/fips.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/hmac.h>
|
||||
#elif defined(WITH_NSS)
|
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 16 10:48:51 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Remove #include of unused fips.h to fix build with OpenSSL 1.1.1
|
||||
(bsc#1149792)
|
||||
* add fipscheck-fips.h_not_needed.patch
|
||||
- Drop obsolete openssl-1_1-port.patch (upstream)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 3 11:08:27 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
|
@ -26,20 +26,14 @@ Summary: A library for integrity verification of FIPS validated modules
|
||||
License: BSD-2-Clause
|
||||
Group: Development/Libraries/C and C++
|
||||
URL: https://releases.pagure.org/%{name}/
|
||||
# Source0 is a local file because current version is 1.5.0,
|
||||
# but the latest in the official release folder is 1.4.1
|
||||
Source0: https://releases.pagure.org/fipscheck/%{name}-%{version}.tar.bz2
|
||||
Source1: baselibs.conf
|
||||
Patch0: openssl-1_1-port.patch
|
||||
Patch1: fipscheck-dont_generate_manpages.patch
|
||||
Patch2: fipscheck-fips.h_not_needed.patch
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
%if 0%{?suse_version} >= 1500
|
||||
BuildRequires: libopenssl-1_0_0-devel
|
||||
%else
|
||||
BuildRequires: libopenssl-devel
|
||||
%endif
|
||||
BuildRequires: libtool
|
||||
BuildRequires: pkgconfig(openssl)
|
||||
Requires: %{lname} = %{version}
|
||||
|
||||
%description
|
||||
@ -65,10 +59,8 @@ This package contains development files for %{name}.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
if pkg-config --atleast-version=1.1 openssl; then
|
||||
%patch0 -p1
|
||||
fi
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
%configure --disable-static --libdir=/%{_lib}
|
||||
|
@ -1,50 +0,0 @@
|
||||
Index: fipscheck-1.4.1/src/filehmac.c
|
||||
===================================================================
|
||||
--- fipscheck-1.4.1.orig/src/filehmac.c
|
||||
+++ fipscheck-1.4.1/src/filehmac.c
|
||||
@@ -166,7 +166,7 @@ compute_file_hmac(const char *path, void
|
||||
int prelink = 0;
|
||||
#endif
|
||||
int rv = -1;
|
||||
- HMAC_CTX c;
|
||||
+ HMAC_CTX *c;
|
||||
unsigned char rbuf[READ_BUFFER_LENGTH];
|
||||
size_t len;
|
||||
unsigned int hlen;
|
||||
@@ -178,7 +178,7 @@ compute_file_hmac(const char *path, void
|
||||
}
|
||||
}
|
||||
|
||||
- HMAC_CTX_init(&c);
|
||||
+ c = HMAC_CTX_new();
|
||||
|
||||
#ifdef CALL_PRELINK
|
||||
if (access(PATH_PRELINK, X_OK) == 0) {
|
||||
@@ -197,15 +197,15 @@ compute_file_hmac(const char *path, void
|
||||
goto end;
|
||||
}
|
||||
|
||||
- HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
|
||||
+ HMAC_Init_ex(c, hmackey, sizeof(hmackey)-1, EVP_sha256(), NULL);
|
||||
|
||||
while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
|
||||
- HMAC_Update(&c, rbuf, len);
|
||||
+ HMAC_Update(c, rbuf, len);
|
||||
}
|
||||
|
||||
len = sizeof(rbuf);
|
||||
/* reuse rbuf for hmac */
|
||||
- HMAC_Final(&c, rbuf, &hlen);
|
||||
+ HMAC_Final(c, rbuf, &hlen);
|
||||
|
||||
*buf = malloc(hlen);
|
||||
if (*buf == NULL) {
|
||||
@@ -219,7 +219,7 @@ compute_file_hmac(const char *path, void
|
||||
|
||||
rv = 0;
|
||||
end:
|
||||
- HMAC_CTX_cleanup(&c);
|
||||
+ HMAC_CTX_free(c);
|
||||
|
||||
if (f)
|
||||
fclose(f);
|
Loading…
Reference in New Issue
Block a user