From 11b0eddfc3c09f82c9d8c968544c90da3bf329ae7bd24a705db5c7cdae2384da Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Wed, 24 Jan 2024 12:36:49 +0000 Subject: [PATCH] Accepting request 1141235 from home:ohollmann:branches:security:tls - Because OpenSSL 1.1.1 is no longer default, let's rename engine directories to contain version of OpenSSL and let unversioned for the default OpenSSL. [bsc#1194187, bsc#1207472, bsc#1218933] * /etc/ssl/engines.d -> /etc/ssl/engines1_1.d * /etc/ssl/engdef.d -> /etc/ssl/engdef1_1.d * Update patches: - openssl-1_1-ossl-sli-002-ran-make-update.patch - openssl-1_1-use-include-directive.patch OBS-URL: https://build.opensuse.org/request/show/1141235 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=154 --- openssl-1_1-ossl-sli-002-ran-make-update.patch | 4 ++-- openssl-1_1-use-include-directive.patch | 4 ++-- openssl-1_1.changes | 12 ++++++++++++ openssl-1_1.spec | 12 +++++++----- 4 files changed, 23 insertions(+), 9 deletions(-) diff --git a/openssl-1_1-ossl-sli-002-ran-make-update.patch b/openssl-1_1-ossl-sli-002-ran-make-update.patch index ccb5bba..45a240a 100644 --- a/openssl-1_1-ossl-sli-002-ran-make-update.patch +++ b/openssl-1_1-ossl-sli-002-ran-make-update.patch @@ -30,11 +30,11 @@ + +# This include will look through the directory that will contain the +# engine declarations for any engines provided by other packages. -+.include /etc/ssl/engines.d ++.include /etc/ssl/engines1_1.d + +# This include will look through the directory that will contain the +# definitions of the engines declared in the engine section. -+.include /etc/ssl/engdef.d ++.include /etc/ssl/engdef1_1.d + +[ oid_section ] + diff --git a/openssl-1_1-use-include-directive.patch b/openssl-1_1-use-include-directive.patch index a026e67..4e4bc73 100644 --- a/openssl-1_1-use-include-directive.patch +++ b/openssl-1_1-use-include-directive.patch @@ -16,11 +16,11 @@ Index: openssl-1.1.1m/apps/openssl.cnf + +# This include will look through the directory that will contain the +# engine declarations for any engines provided by other packages. -+.include /etc/ssl/engines.d ++.include /etc/ssl/engines1_1.d + +# This include will look through the directory that will contain the +# definitions of the engines declared in the engine section. -+.include /etc/ssl/engdef.d ++.include /etc/ssl/engdef1_1.d + +[ oid_section ] + diff --git a/openssl-1_1.changes b/openssl-1_1.changes index 5bf3ff8..98dc60e 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Mon Jan 22 09:34:28 UTC 2024 - Otto Hollmann + +- Because OpenSSL 1.1.1 is no longer default, let's rename engine + directories to contain version of OpenSSL and let unversioned for + the default OpenSSL. [bsc#1194187, bsc#1207472, bsc#1218933] + * /etc/ssl/engines.d -> /etc/ssl/engines1_1.d + * /etc/ssl/engdef.d -> /etc/ssl/engdef1_1.d + * Update patches: + - openssl-1_1-ossl-sli-002-ran-make-update.patch + - openssl-1_1-use-include-directive.patch + ------------------------------------------------------------------- Thu Nov 23 09:43:39 UTC 2023 - Otto Hollmann diff --git a/openssl-1_1.spec b/openssl-1_1.spec index 99df9ab..9d98b7d 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -1,7 +1,7 @@ # # spec file for package openssl-1_1 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,6 +19,8 @@ %define ssletcdir %{_sysconfdir}/ssl %define maj_min 1.1 %define _rname openssl +%global sslengcnf %{ssletcdir}/engines1_1.d +%global sslengdef %{ssletcdir}/engdef1_1.d %if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550 # Enable livepatching support for SLE15-SP4 onwards. It requires # compiler support introduced there. @@ -389,8 +391,8 @@ mkdir %{buildroot}/%{_datadir}/ssl mv %{buildroot}/%{ssletcdir}/misc %{buildroot}/%{_datadir}/ssl/ # Create the two directories into which packages will drop their configuration # files. -mkdir %{buildroot}/%{ssletcdir}/engines.d/ -mkdir %{buildroot}/%{ssletcdir}/engdef.d/ +mkdir %{buildroot}/%{sslengcnf} +mkdir %{buildroot}/%{sslengdef} # avoid file conflicts with man pages from other packages # @@ -486,8 +488,8 @@ unset LD_LIBRARY_PATH %dir %{ssletcdir} %config (noreplace) %{ssletcdir}/openssl-1_1.cnf %attr(700,root,root) %{ssletcdir}/private -%dir %{ssletcdir}/engines.d -%dir %{ssletcdir}/engdef.d +%dir %{sslengcnf} +%dir %{sslengdef} %dir %{_datadir}/ssl %{_datadir}/ssl/misc %{_bindir}/c_rehash-1_1