02427a3414
* All the minor versions of the 1.1.x openssl branch have the same
sonum and keep ABI compatibility
- Remove bit obsolete syntax
- Use %license macro
- Don't disable afalgeng on aarch64
- Add support for s390x CPACF enhancements (fate#321518)
patches taken from https://github.com/openssl/openssl/pull/2859:
* 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
* 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
* 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
* 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
* 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
* 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
* 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
* 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
* 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
- Do not filter pkgconfig() provides/requires.
- Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a
clean upgrade path as an aid to zypp (boo#1070003).
- Update to 1.1.0g
OpenSSL Security Advisory [02 Nov 2017]
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2
50 lines
1.4 KiB
Diff
50 lines
1.4 KiB
Diff
From c5ac41de1511f898301c298b2b28d05372cba817 Mon Sep 17 00:00:00 2001
|
|
From: Vitezslav Cizek <vcizek@suse.com>
|
|
Date: Thu, 8 Dec 2016 13:10:33 +0100
|
|
Subject: [PATCH] Resume reading from randfile when interrupted by a signal.
|
|
|
|
It was regularly observed with openssh:
|
|
sshd: fatal: cannot read from /dev/urandom, Interrupted system call
|
|
---
|
|
crypto/rand/randfile.c | 15 ++++++++++++++-
|
|
1 file changed, 14 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
|
|
index c96383a..6e39e86 100644
|
|
--- a/crypto/rand/randfile.c
|
|
+++ b/crypto/rand/randfile.c
|
|
@@ -104,6 +104,12 @@ static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) =
|
|
|
|
#define RFILE ".rnd"
|
|
|
|
+#ifdef EINTR
|
|
+# define INTERRUPTED(in) (ferror(in) && errno == EINTR)
|
|
+#else
|
|
+# define INTERRUPTED (0)
|
|
+#endif
|
|
+
|
|
/*
|
|
* Note that these functions are intended for seed files only. Entropy
|
|
* devices and EGD sockets are handled in rand_unix.c
|
|
@@ -162,9 +168,16 @@ int RAND_load_file(const char *file, long bytes)
|
|
n = (bytes < BUFSIZE) ? (int)bytes : BUFSIZE;
|
|
else
|
|
n = BUFSIZE;
|
|
+
|
|
i = fread(buf, 1, n, in);
|
|
- if (i <= 0)
|
|
+ if (i <= 0) {
|
|
+ if (INTERRUPTED(in)) {
|
|
+ /* Interrupted by a signal, resume reading */
|
|
+ clearerr(in);
|
|
+ continue;
|
|
+ }
|
|
break;
|
|
+ }
|
|
|
|
RAND_add(buf, i, (double)i);
|
|
ret += i;
|
|
--
|
|
2.10.2
|
|
|