Accepting request 824882 from home:gmbr3:openssl

OBS-URL: https://build.opensuse.org/request/show/824882
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=16

openssl-3.0.0-alpha5.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:09ad89af04cbf36dbbce1fc7063e18fcc333fcaaf3eccecf22c4a99bac83e139
-size 13919931

openssl-3.changes

@@ -1,25 +1,23 @@
 -------------------------------------------------------------------
-Thu Aug 13 09:21:33 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
+Fri Aug  7 14:42:42 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
 
+- Removed 0001-Fix-typo-for-SSL_get_peer_certificate.patch:
+  contained in upstream. 
 - Update to 3.0.0 Alpha 6
-  * Allow SSL_set1_host() and SSL_add1_host() to take IP literal
-    addresses as well as actual hostnames. (David Woodhouse)
-  * The 'MinProtocol' and 'MaxProtocol' configuration commands now
-    silently ignore TLS protocol version bounds when configuring
-    DTLS-based contexts, and conversely, silently ignore DTLS protocol
-    version bounds when configuring TLS-based contexts. The commands
-    can be repeated to set bounds of both types. The same applies with
-    the corresponding 'min_protocol' and 'max_protocol' command-line
-    switches, in case some application uses both TLS and DTLS.
-  * SSL_CTX instances that are created for a fixed protocol version
-    (e.g. TLSv1_server_method()) also silently ignore version bounds.
-    Previously attempts to apply bounds to these protocol versions
-    would result in an error. Now only the 'version-flexible' SSL_CTX
-    instances are subject to limits in configuration files in
-    command-line options. (Viktor Dukhovni)
-- Add lsof dependency during build to fix tests failures
-- Enable test 81-test_cmp_cli.t fixed upstream
-- Remove 0001-Fix-typo-for-SSL_get_peer_certificate.patch
+  * Added util/check-format.pl for checking adherence to the coding guidelines.
+  * Allow SSL_set1_host() and SSL_add1_host() to take IP literal addresses
+   as well as actual hostnames.
+  * The 'MinProtocol' and 'MaxProtocol' configuration commands now silently
+   ignore TLS protocol version bounds when configuring DTLS-based contexts, and
+   conversely, silently ignore DTLS protocol version bounds when configuring
+   TLS-based contexts.  The commands can be repeated to set bounds of both
+   types.  The same applies with the corresponding "min_protocol" and
+   "max_protocol" command-line switches, in case some application uses both TLS
+   and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g.
+   TLSv1_server_method()) also silently ignore version bounds.  Previously
+   attempts to apply bounds to these protocol versions would result in an
+   error.  Now only the "version-flexible" SSL_CTX instances are subject to
+   limits in configuration files in command-line options.
 
 -------------------------------------------------------------------
 Mon Jul 20 08:40:26 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>

openssl-3.spec

@@ -46,7 +46,6 @@ Patch4:         openssl-DEFAULT_SUSE_cipher.patch
 Patch5:         openssl-ppc64-config.patch
 Patch6:         openssl-no-date.patch
 BuildRequires:  pkgconfig
-BuildRequires:  lsof
 Conflicts:      ssl
 Provides:       ssl
 Provides:       openssl(cli)
@@ -146,6 +145,8 @@ perl configdata.pm --dump
 %check
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+# Disable broken test (needs lsof) https://github.com/openssl/openssl/issues/12324
+rm test/recipes/81-test_cmp_cli.t
 LD_LIBRARY_PATH="$PWD" make test -j1
 # show cyphers
 gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto