Pedro Monreal Gonzalez
c3d5c867a1
OBS-URL: https://build.opensuse.org/request/show/949760 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=33
143 lines
6.5 KiB
Diff
143 lines
6.5 KiB
Diff
From 300d2b56166aee85d9ce4c1275da1ad79c876e31 Mon Sep 17 00:00:00 2001
|
|
From: Sahana Prasad <sahana@redhat.com>
|
|
Date: Tue, 5 Oct 2021 12:10:42 +0200
|
|
Subject: [PATCH] Updates the conf file to openssl11.cnf Resolves:
|
|
rhbz#1947584, rhbz#2003123 Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|
|
|
Refactored for SUSE by Simon Lees sflees@suse.de
|
|
|
|
Index: openssl-3.0.1/include/internal/cryptlib.h
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/include/internal/cryptlib.h
|
|
+++ openssl-3.0.1/include/internal/cryptlib.h
|
|
@@ -61,7 +61,7 @@ DEFINE_STACK_OF(EX_CALLBACK)
|
|
typedef struct mem_st MEM;
|
|
DEFINE_LHASH_OF(MEM);
|
|
|
|
-# define OPENSSL_CONF "openssl.cnf"
|
|
+# define OPENSSL_CONF "openssl3.cnf"
|
|
|
|
# ifndef OPENSSL_SYS_VMS
|
|
# define X509_CERT_AREA OPENSSLDIR
|
|
Index: openssl-3.0.1/Configurations/unix-Makefile.tmpl
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/Configurations/unix-Makefile.tmpl
|
|
+++ openssl-3.0.1/Configurations/unix-Makefile.tmpl
|
|
@@ -129,7 +129,7 @@ GENERATED_PODS={- # common0.tmpl provide
|
|
fill_lines(" ", $COLUMNS - 15,
|
|
map { my $x = $_;
|
|
(
|
|
- grep {
|
|
+ grep {
|
|
$unified_info{attributes}->{depends}
|
|
->{$x}->{$_}->{pod} // 0
|
|
}
|
|
@@ -675,14 +675,14 @@ install_ssldirs:
|
|
: {- output_on() if windowsdll(); "" -}; \
|
|
fi; \
|
|
done
|
|
- @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist"
|
|
- @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new
|
|
- @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new
|
|
- @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist
|
|
- @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/openssl.cnf" ]; then \
|
|
- $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf"; \
|
|
- cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \
|
|
- chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \
|
|
+ @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.dist"
|
|
+ @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new
|
|
+ @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new
|
|
+ @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.dist
|
|
+ @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/openssl3.cnf" ]; then \
|
|
+ $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf"; \
|
|
+ cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf; \
|
|
+ chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf; \
|
|
fi
|
|
@$(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.dist"
|
|
@cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.new
|
|
@@ -1136,7 +1136,7 @@ lint:
|
|
|
|
generate_apps:
|
|
( cd $(SRCDIR); $(PERL) VMS/VMSify-conf.pl \
|
|
- < apps/openssl.cnf > apps/openssl-vms.cnf )
|
|
+ < apps/openssl3.cnf > apps/openssl-vms.cnf )
|
|
|
|
generate_crypto_bn:
|
|
( cd $(SRCDIR); $(PERL) crypto/bn/bn_prime.pl > crypto/bn/bn_prime.h )
|
|
@@ -1374,7 +1374,7 @@ tar:
|
|
|
|
# Helper targets #####################################################
|
|
|
|
-link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/apps/openssl.cnf
|
|
+link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/apps/openssl3.cnf
|
|
|
|
$(BLDDIR)/util/opensslwrap.sh: configdata.pm
|
|
@if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \
|
|
@@ -1382,7 +1382,7 @@ $(BLDDIR)/util/opensslwrap.sh: configdat
|
|
ln -sf "../$(SRCDIR)/util/`basename "$@"`" "$(BLDDIR)/util"; \
|
|
fi
|
|
|
|
-$(BLDDIR)/apps/openssl.cnf: configdata.pm
|
|
+$(BLDDIR)/apps/openssl3.cnf: configdata.pm
|
|
@if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \
|
|
mkdir -p "$(BLDDIR)/apps"; \
|
|
ln -sf "../$(SRCDIR)/apps/`basename "$@"`" "$(BLDDIR)/apps"; \
|
|
Index: openssl-3.0.1/Configure
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/Configure
|
|
+++ openssl-3.0.1/Configure
|
|
@@ -56,7 +56,7 @@ EOF
|
|
# directories bin, lib, include, share/man, share/doc/openssl
|
|
# This becomes the value of INSTALLTOP in Makefile
|
|
# (Default: /usr/local)
|
|
-# --openssldir OpenSSL data area, such as openssl.cnf, certificates and keys.
|
|
+# --openssldir OpenSSL data area, such as openssl3.cnf, certificates and keys.
|
|
# If it's a relative directory, it will be added on the directory
|
|
# given with --prefix.
|
|
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
|
Index: openssl-3.0.1/doc/HOWTO/certificates.txt
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/doc/HOWTO/certificates.txt
|
|
+++ openssl-3.0.1/doc/HOWTO/certificates.txt
|
|
@@ -16,7 +16,7 @@ Certificate authorities should read http
|
|
In all the cases shown below, the standard configuration file, as
|
|
compiled into openssl, will be used. You may find it in /etc/,
|
|
/usr/local/ssl/ or somewhere else. By default the file is named
|
|
-openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html.
|
|
+openssl3.cnf and is described at https://www.openssl.org/docs/apps/config.html.
|
|
You can specify a different configuration file using the
|
|
'-config {file}' argument with the commands shown below.
|
|
|
|
Index: openssl-3.0.1/doc/man3/OPENSSL_config.pod
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/doc/man3/OPENSSL_config.pod
|
|
+++ openssl-3.0.1/doc/man3/OPENSSL_config.pod
|
|
@@ -17,7 +17,7 @@ see L<openssl_user_macros(7)>:
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
-OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf> and
|
|
+OPENSSL_config() configures OpenSSL using the standard B<openssl3.cnf> and
|
|
reads from the application section B<appname>. If B<appname> is NULL then
|
|
the default section, B<openssl_conf>, will be used.
|
|
Errors are silently ignored.
|
|
Index: openssl-3.0.1/INSTALL.md
|
|
===================================================================
|
|
--- openssl-3.0.1.orig/INSTALL.md
|
|
+++ openssl-3.0.1/INSTALL.md
|
|
@@ -1,4 +1,4 @@
|
|
-Build and Install
|
|
+fBuild and Install
|
|
=================
|
|
|
|
This document describes installation on all supported operating
|
|
@@ -567,7 +567,7 @@ is an objective.
|
|
|
|
### no-autoload-config
|
|
|
|
-Don't automatically load the default `openssl.cnf` file.
|
|
+Don't automatically load the default `openssl3.cnf` file.
|
|
|
|
Typically OpenSSL will automatically load a system config file which configures
|
|
default SSL options.
|