Accepting request 729046 from security:tls

OBS-URL: https://build.opensuse.org/request/show/729046
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=33

openssl-ibmca-2.0.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7239ad1cbecdb3daff40b5af5eb17e789c9ab262f87c8bcfc06bdd7980e66f85
-size 42661

openssl-ibmca-2.0.3.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:38222b84b7a79c5c48d5597af4dca4be429c68d1985421fe3e269e865ed4bf31
+size 42542

openssl-ibmca.changes

@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed Aug 28 20:56:08 UTC 2019 - Mark Post <mpost@suse.com>
+
+- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
+  * openssl-ibmca 2.0.3
+    Add MSA9 CPACF support for ECDSA sign/verify
+- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
+- Changed the ExclusiveArch directive to include s390x only.
+- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
+  linking against the shared library. As a result, if the package
+  containing libica.so.3 isn't installed, problems occur. Added
+  a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
+- Made a couple of changes to the spec file based on the output
+  from spec-cleaner.
+
+-------------------------------------------------------------------
+Fri Jun 28 18:10:29 UTC 2019 - Mark Post <mpost@suse.com>
+
+- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
+  An Apache HTTP Server was set up with mod_ssl and the openssl
+  ibmca engine using libica and a CEX6A card. Whenever a worker
+  process is cleaned up a segmentation fault occurs.
+  (bsc#1138517)
+
 -------------------------------------------------------------------
 Tue Nov 27 17:55:19 UTC 2018 - mpost@suse.com
 

openssl-ibmca.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package openssl-ibmca
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018, 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,29 +17,32 @@
 
 
 Name:           openssl-ibmca
-Version:        2.0.2
+Version:        2.0.3
 Release:        0
 Summary:        The IBMCA OpenSSL dynamic engine
-License:        Apache-2.0
+License:        IPL-1.0
 Group:          Hardware/Other
-URL:            https://github.com/opencryptoki/openssl-ibmca/
-Source:         openssl-ibmca-%{version}.tar.gz
+URL:            https://github.com/opencryptoki/openssl-ibmca
+Source:         https://github.com/opencryptoki/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
+
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libica-devel >= 3.1.1
 BuildRequires:  libica-tools >= 2.4.0
 BuildRequires:  libtool
 BuildRequires:  openssl-devel
+Requires:       libica3
 Requires:       openssl
-ExclusiveArch:  s390 s390x
+ExclusiveArch:  s390x
 
 %description
 This package contains a shared object OpenSSL dynamic engine for the
 IBM eServer Cryptographic Accelerator (ICA).
 
 %prep
-%setup -q
+%autosetup
+./bootstrap.sh
 
 %build
 # The directory where crypto engines are located is owned by the libcrypto package.
@@ -110,7 +113,6 @@ if [ $1 -eq 0 ]; then # last uninstall, modify %%{_sysconfdir}/openssl.cnf (bsc#
 fi
 
 %files
-%defattr(-, root, root)
 %license LICENSE
 %doc README.md
 %doc src/openssl.cnf.sample