Commit Graph

39 Commits

Author SHA256 Message Date
Nikolay Gueorguiev
b32f0b33a8 Accepting request 1082895 from home:ngueorguiev:branches:security:tls
- Updated the .spec file as follow:
  * BuildRequires:  libica-devel >= 4.0.0
  * BuildRequires:  libica-tools >= 4.0.0

OBS-URL: https://build.opensuse.org/request/show/1082895
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=46
2023-04-26 07:39:43 +00:00
Nikolay Gueorguiev
98cd51e90c Accepting request 1082458 from home:ngueorguiev:branches:security:tls
- Added dependency on libica4 (bsc#1209038)
  * BuildRequires and Requires statements in .spec file for libica4

OBS-URL: https://build.opensuse.org/request/show/1082458
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=44
2023-04-24 09:37:08 +00:00
Nikolay Gueorguiev
8d6a266310 Accepting request 1080296 from home:ngueorguiev:branches:security:tls
- Applies a patch (bsc#1210359)
  * openssl-ibmca-engine-noregister.patch
- Updated the '#dynamic_path' line, as it was before, with the comment '#'.

OBS-URL: https://build.opensuse.org/request/show/1080296
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=42
2023-04-19 11:08:00 +00:00
Nikolay Gueorguiev
e965f0bc6c Accepting request 1077682 from home:ngueorguiev:branches:security:tls
- Upgraded openssl-ibmca to version 2.4.0(bsc#1210059) 
  * openssl-ibmca 2.4.0
    - Provider: Adjustments for OpenSSL versions 3.1 and 3.2 
    - Provider: Support RSA blinding
    - Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
    - Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
    - Provider: Adjustments in OpenSSL config generator and example configs
    - Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
    - Engine: Enable RSA blinding
- Updated .spec file removed '#' from the line containing
  'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files 
  * /usr/lib64/engines-3/ibmca-provider.la
  * /usr/lib64/engines-3/ibmca-provider.so
- Upgraded to version 2.3.1 (jsc#PED-597)
  * openssl-ibmca 2.3.1
    - Adjustments for libica 4.1.0
  * openssl-ibmca 2.3.0
    - First version including the provider
    - Fix for engine build without OpenSSL 3.0 sources
  * openssl-ibmca 2.2.3
    - Fix PKEY segfault with OpenSSL 3.0
  * openssl-ibmca 2.2.2
    - Fix tests with OpenSSL 3.0
    - Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file
- Completely revamped the postinstall scriptlet so that it doesn't
  need to know or care about how many lines are in either
  /etc/ssl/openssl.cnf, or the sample file at
  /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
  We're now using the ".include" directive for the openssl.cnf
  file, and only modifying that file the minimum necessary to
  implement the change. (bsc#1004463)
- Upgraded to version 2.2.1 (jsc#SLE-18333)
  * openssl-ibmca 2.2.1
    Bug fixes
  * openssl-ibmca 2.2.0
    Implement fallbacks based on OpenSSL
    Disable software fallbacks from libica
    Allow to specify default library (libica vs. libica-cex) to use
    Provide "libica" engine ctrl to switch library at load time
    Update README.md
    Remove libica link dependency
    Generate sample configuration files from system configuration
    Restructure registration global data
  * openssl-ibmca 2.1.3
    Bug fix
  * openssl-ibmca 2.1.2
    Bug fixes
- Modified spec file to
  * Define a global variable enginesdir the same was as IBM does
    instead of _ENGINE_DIR as we had been doing.
  * Implemented %make_build macro according to spec-cleaner
  * Changed the package description to match IBM's.
  * Removed the redundant "autoreconf --force --install"
- Upgrade to version 2.1.1 (jsc#SLE-13709)
  * Bug fixes
- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
  Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448
- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
  * openssl-ibmca 2.0.3
    Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
  linking against the shared library. As a result, if the package
  containing libica.so.3 isn't installed, problems occur. Added
  a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
  from spec-cleaner.
- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
  An Apache HTTP Server was set up with mod_ssl and the openssl
  ibmca engine using libica and a CEX6A card. Whenever a worker
  process is cleaned up a segmentation fault occurs.
  (bsc#1138517)
- Upgraded to version 2.0.2 (Fate#325688)
  * openssl-ibmca 2.0.2
    Fix doing rsa-me, altough rsa-crt would be possible.
- Upgraded to version 2.0.1 (Fate#325688)
  * openssl-ibmca 2.0.1
    Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.
- Upgraded to version 2.0.0 (Fate#325688)
  * openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Upgraded to version 1.4.0
  * Re-license to Apache License v2.0
  * Fix aes_gcm initialization.
  * Update man page.
  * Add macros for OpenSSL 0.9.8 compat.
  * Remove AC_FUNC_MALLOC from configure.ac
  * Add compat macro for OpenSSL 1.0.1e-fips.
  * Setting 'foreign' strictness for automake.
  * Add AES-GCM support.
  * Rework EVP_aes macros.
  * Remove dependency of old local OpenSSL headers.
  * Fix engine initialization to set function pointers only once.
  * Remove blank COPYING and NEWS files.
  * Remove INSTALL and move its content to README.md
  * Update README.md file to make use of markdown.
  * Rename README file to README.md to use markdown
  * Add CONTRIBUTING guidelines.
  * Adding coding style documentation.
  * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
  * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
  * Fix SHA512 EVP digest struct to use 
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
  * Fix wrong parenthesis
  * convert libica loading to dlopen() and friends
  * Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1
- Now that the openSSL engines directory is versioned:
  * Modified the spec file to query the libcrypto package
    for which directory to install the engine into.
  * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
    with a sed command so that it will provide the correct
    versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
  be needed any longer.
- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
  same reason.
- Tweaked a comment to get rid of an rpmlint warning message.
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path
- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner
- Upgraded to version 1.3.0 (fate#319941)
  - Updated openssl-ibmca-configure.patch to apply cleanly
  - Removed obsolete patches
    - openssl-ibmca-README.patch
    - openssl-ibmca-sha256-digest-length.patch
    - openssl-pkey.patch
    - openssl-des-ede.patch
- Did some spec file cleanup.
- Fixed %post script to update library path (the only dynamic part
  of the ibmca configuration) every time the package is installed.
  (bsc#966139)
- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)
- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
- Remove dependency on fillup anf insserv; the package provides 
  neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch
- the openssl engines moved to /%_lib/engines bnc#905480
- Forced requirement of libica-2_3_0 (bnc#890824)
- openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922) 
- openssl-pkey.patch: defer HMAC signing to pkey framework, fixes
  fips self-test during EC key creation (bnc#879922)
- spec file cleaned up a bit
- openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message
  digest length definition in sha256 template (bnc#868275)
- update to 1.2.0
- removed patches:
  ibmca-configure.patch
  ibmca-segfault.fix.patch
  ibmca-sw-fix.patch
  openssl-ibmca-1.0.0.rc2-memset-fix.patch
- make it exclusivearch for s390/s390x as the required libica
  is only available for s390/s390x
- Made required libica-2_1_0 s390 specific
- Added x86_64 to ExclusiveArch as %ix86 doesn't do it
- Removed libica requirement - allowing build process to find it
- Added COPYING to %files
- Requiring libica 2.1.0 or greater
- enable ppc64le 
- fix build (add autoconf automake libtool to BuildRequires) 
- disable libtool --finish call
- own engines directory
- package baselibs.conf
- obsolete old -XXbit packages (bnc#437293)
- added baselibs.conf file to build xxbit packages
  for multilib support
- added fixes by IBM (bug #243801):
  ibmca-segfault.fix: rewrite ibmca_mod_expto remove improper use of BIGNUM
  object
  ibmca-sw-fix: rewrite ibmca_mod_exp_crtto remove improper use of BIGNUM
  object
  openssl-ibmca-1.0.0.rc2-memset-fix.patch: fix memory initialization problem
- updated README (bug #185508)
- Fixed configure.in to build correctly
- Fixed spec file
- Initial version from Mike Halcrow

OBS-URL: https://build.opensuse.org/request/show/1077682
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=40
2023-04-06 08:28:45 +00:00
Nikolay Gueorguiev
51e8b73820 Accepting request 1077150 from home:ngueorguiev:branches:security:tls
- Upgraded openssl-ibmca to version 2.4.0(bsc#1210058 and bsc#1210059)

OBS-URL: https://build.opensuse.org/request/show/1077150
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=38
2023-04-04 08:12:08 +00:00
Nikolay Gueorguiev
b511c86cb2 Accepting request 1071487 from home:ngueorguiev:branches:security:tls
- Updated .spec file removed '#' from the line containing
  'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files 
  * /usr/lib64/engines-3/ibmca-provider.la
  * /usr/lib64/engines-3/ibmca-provider.so

OBS-URL: https://build.opensuse.org/request/show/1071487
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=36
2023-03-14 11:41:40 +00:00
Mark Post
a906fc4547 Accepting request 1008263 from home:markkp:branches:security:tls
- Upgraded to version 2.3.1 (jsc#PED-597)
  * openssl-ibmca 2.3.1
    - Adjustments for libica 4.1.0
  * openssl-ibmca 2.3.0
    - First version including the provider
    - Fix for engine build without OpenSSL 3.0 sources
  * openssl-ibmca 2.2.3
    - Fix PKEY segfault with OpenSSL 3.0
  * openssl-ibmca 2.2.2
    - Fix tests with OpenSSL 3.0
    - Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file

OBS-URL: https://build.opensuse.org/request/show/1008263
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=34
2022-10-05 16:22:33 +00:00
Mark Post
39c822489c Accepting request 962257 from home:markkp:branches:security:tls
- Completely revamped the postinstall scriptlet so that it doesn't
  need to know or care about how many lines are in either
  /etc/ssl/openssl.cnf, or the sample file at
  /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
  We're now using the ".include" directive for the openssl.cnf
  file, and only modifying that file the minimum necessary to
  implement the change. (bsc#1004463)
- Upgraded to version 2.2.1 (jsc#SLE-18333)
  * openssl-ibmca 2.2.1
    Bug fixes
  * openssl-ibmca 2.2.0
    Implement fallbacks based on OpenSSL
    Disable software fallbacks from libica
    Allow to specify default library (libica vs. libica-cex) to use
    Provide "libica" engine ctrl to switch library at load time
    Update README.md
    Remove libica link dependency
    Generate sample configuration files from system configuration
    Restructure registration global data
  * openssl-ibmca 2.1.3
    Bug fix
  * openssl-ibmca 2.1.2
    Bug fixes
- Modified spec file to
  * Define a global variable enginesdir the same was as IBM does
    instead of _ENGINE_DIR as we had been doing.
  * Implemented %make_build macro according to spec-cleaner
  * Changed the package description to match IBM's.
  * Removed the redundant "autoreconf --force --install"
- Upgrade to version 2.1.1 (jsc#SLE-13709)
  * Bug fixes
- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
  Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448
- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
  * openssl-ibmca 2.0.3
    Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
  linking against the shared library. As a result, if the package
  containing libica.so.3 isn't installed, problems occur. Added
  a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
  from spec-cleaner.
- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
  An Apache HTTP Server was set up with mod_ssl and the openssl
  ibmca engine using libica and a CEX6A card. Whenever a worker
  process is cleaned up a segmentation fault occurs.
  (bsc#1138517)
- Upgraded to version 2.0.2 (Fate#325688)
  * openssl-ibmca 2.0.2
    Fix doing rsa-me, altough rsa-crt would be possible.
- Upgraded to version 2.0.1 (Fate#325688)
  * openssl-ibmca 2.0.1
    Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.
- Upgraded to version 2.0.0 (Fate#325688)
  * openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Upgraded to version 1.4.0
  * Re-license to Apache License v2.0
  * Fix aes_gcm initialization.
  * Update man page.
  * Add macros for OpenSSL 0.9.8 compat.
  * Remove AC_FUNC_MALLOC from configure.ac
  * Add compat macro for OpenSSL 1.0.1e-fips.
  * Setting 'foreign' strictness for automake.
  * Add AES-GCM support.
  * Rework EVP_aes macros.
  * Remove dependency of old local OpenSSL headers.
  * Fix engine initialization to set function pointers only once.
  * Remove blank COPYING and NEWS files.
  * Remove INSTALL and move its content to README.md
  * Update README.md file to make use of markdown.
  * Rename README file to README.md to use markdown
  * Add CONTRIBUTING guidelines.
  * Adding coding style documentation.
  * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
  * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
  * Fix SHA512 EVP digest struct to use 
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
  * Fix wrong parenthesis
  * convert libica loading to dlopen() and friends
  * Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1
- Now that the openSSL engines directory is versioned:
  * Modified the spec file to query the libcrypto package
    for which directory to install the engine into.
  * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
    with a sed command so that it will provide the correct
    versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
  be needed any longer.
- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
  same reason.
- Tweaked a comment to get rid of an rpmlint warning message.
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path
- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner
- Upgraded to version 1.3.0 (fate#319941)
  - Updated openssl-ibmca-configure.patch to apply cleanly
  - Removed obsolete patches
    - openssl-ibmca-README.patch
    - openssl-ibmca-sha256-digest-length.patch
    - openssl-pkey.patch
    - openssl-des-ede.patch
- Did some spec file cleanup.
- Fixed %post script to update library path (the only dynamic part
  of the ibmca configuration) every time the package is installed.
  (bsc#966139)
- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)
- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
- Remove dependency on fillup anf insserv; the package provides 
  neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch
- the openssl engines moved to /%_lib/engines bnc#905480
- Forced requirement of libica-2_3_0 (bnc#890824)
- openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922) 
- openssl-pkey.patch: defer HMAC signing to pkey framework, fixes
  fips self-test during EC key creation (bnc#879922)
- spec file cleaned up a bit
- openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message
  digest length definition in sha256 template (bnc#868275)
- update to 1.2.0
- removed patches:
  ibmca-configure.patch
  ibmca-segfault.fix.patch
  ibmca-sw-fix.patch
  openssl-ibmca-1.0.0.rc2-memset-fix.patch
- make it exclusivearch for s390/s390x as the required libica
  is only available for s390/s390x
- Made required libica-2_1_0 s390 specific
- Added x86_64 to ExclusiveArch as %ix86 doesn't do it
- Removed libica requirement - allowing build process to find it
- Added COPYING to %files
- Requiring libica 2.1.0 or greater
- enable ppc64le 
- fix build (add autoconf automake libtool to BuildRequires) 
- disable libtool --finish call
- own engines directory
- package baselibs.conf
- obsolete old -XXbit packages (bnc#437293)
- added baselibs.conf file to build xxbit packages
  for multilib support
- added fixes by IBM (bug #243801):
  ibmca-segfault.fix: rewrite ibmca_mod_expto remove improper use of BIGNUM
  object
  ibmca-sw-fix: rewrite ibmca_mod_exp_crtto remove improper use of BIGNUM
  object
  openssl-ibmca-1.0.0.rc2-memset-fix.patch: fix memory initialization problem
- updated README (bug #185508)
- Fixed configure.in to build correctly
- Fixed spec file
- Initial version from Mike Halcrow

OBS-URL: https://build.opensuse.org/request/show/962257
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=32
2022-03-16 17:58:14 +00:00
Mark Post
1d544502b1 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=30 2021-09-17 20:01:53 +00:00
Mark Post
52066f802c OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=29 2021-09-17 19:56:34 +00:00
Mark Post
0e4a3b4ec5 - Upgraded to version 2.2.1
* openssl-ibmca 2.2.1
    Bug fixes
  * openssl-ibmca 2.2.0
    Implement fallbacks based on OpenSSL
    Disable software fallbacks from libica
    Allow to specify default library (libica vs. libica-cex) to use
    Provide "libica" engine ctrl to switch library at load time
    Update README.md
    Remove libica link dependency
    Generate sample configuration files from system configuration
    Restructure registration global data
  * openssl-ibmca 2.1.3
    Bug fix
  * openssl-ibmca 2.1.2
    Bug fixes
- Modified spec file to
  * Define a global variable enginedir the same was as IBM does
    instead of _ENGINE_DIR as we had been doing.
  * Implemented %make_build macro according to spec-cleaner
  * Changed the package description to match IBM's.
  * Removed the redundant "autoreconf --force --install"

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=27
2021-09-17 19:51:08 +00:00
Mark Post
0ce31e27e9 - Upgrade to version 2.1.1 (jsc#SLE-13709)
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=24
2020-09-23 21:24:00 +00:00
Mark Post
f33928057b Accepting request 835921 from home:markkp:branches:security:tls
- Upgrade to version 2.1.1 (jsc#SLE-14468)
  * Bug fixes
- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
  Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448
- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
  * openssl-ibmca 2.0.3
    Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
  linking against the shared library. As a result, if the package
  containing libica.so.3 isn't installed, problems occur. Added
  a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
  from spec-cleaner.
- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
  An Apache HTTP Server was set up with mod_ssl and the openssl
  ibmca engine using libica and a CEX6A card. Whenever a worker
  process is cleaned up a segmentation fault occurs.
  (bsc#1138517)
- Upgraded to version 2.0.2 (Fate#325688)
  * openssl-ibmca 2.0.2
    Fix doing rsa-me, altough rsa-crt would be possible.
- Upgraded to version 2.0.1 (Fate#325688)
  * openssl-ibmca 2.0.1
    Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.
- Upgraded to version 2.0.0 (Fate#325688)
  * openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Upgraded to version 1.4.0
  * Re-license to Apache License v2.0
  * Fix aes_gcm initialization.
  * Update man page.
  * Add macros for OpenSSL 0.9.8 compat.
  * Remove AC_FUNC_MALLOC from configure.ac
  * Add compat macro for OpenSSL 1.0.1e-fips.
  * Setting 'foreign' strictness for automake.
  * Add AES-GCM support.
  * Rework EVP_aes macros.
  * Remove dependency of old local OpenSSL headers.
  * Fix engine initialization to set function pointers only once.
  * Remove blank COPYING and NEWS files.
  * Remove INSTALL and move its content to README.md
  * Update README.md file to make use of markdown.
  * Rename README file to README.md to use markdown
  * Add CONTRIBUTING guidelines.
  * Adding coding style documentation.
  * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
  * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
  * Fix SHA512 EVP digest struct to use 
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
  * Fix wrong parenthesis
  * convert libica loading to dlopen() and friends
  * Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1
- Now that the openSSL engines directory is versioned:
  * Modified the spec file to query the libcrypto package
    for which directory to install the engine into.
  * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
    with a sed command so that it will provide the correct
    versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
  be needed any longer.
- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
  same reason.
- Tweaked a comment to get rid of an rpmlint warning message.
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path
- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner
- Upgraded to version 1.3.0 (fate#319941)
  - Updated openssl-ibmca-configure.patch to apply cleanly
  - Removed obsolete patches
    - openssl-ibmca-README.patch
    - openssl-ibmca-sha256-digest-length.patch
    - openssl-pkey.patch
    - openssl-des-ede.patch
- Did some spec file cleanup.
- Fixed %post script to update library path (the only dynamic part
  of the ibmca configuration) every time the package is installed.
  (bsc#966139)
- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)
- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
- Remove dependency on fillup anf insserv; the package provides 
  neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch
- the openssl engines moved to /%_lib/engines bnc#905480
- Forced requirement of libica-2_3_0 (bnc#890824)
- openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922) 
- openssl-pkey.patch: defer HMAC signing to pkey framework, fixes
  fips self-test during EC key creation (bnc#879922)
- spec file cleaned up a bit
- openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message
  digest length definition in sha256 template (bnc#868275)
- update to 1.2.0
- removed patches:
  ibmca-configure.patch
  ibmca-segfault.fix.patch
  ibmca-sw-fix.patch
  openssl-ibmca-1.0.0.rc2-memset-fix.patch
- make it exclusivearch for s390/s390x as the required libica
  is only available for s390/s390x
- Made required libica-2_1_0 s390 specific
- Added x86_64 to ExclusiveArch as %ix86 doesn't do it
- Removed libica requirement - allowing build process to find it
- Added COPYING to %files
- Requiring libica 2.1.0 or greater
- enable ppc64le 
- fix build (add autoconf automake libtool to BuildRequires) 
- disable libtool --finish call
- own engines directory
- package baselibs.conf
- obsolete old -XXbit packages (bnc#437293)
- added baselibs.conf file to build xxbit packages
  for multilib support
- added fixes by IBM (bug #243801):
  ibmca-segfault.fix: rewrite ibmca_mod_expto remove improper use of BIGNUM
  object
  ibmca-sw-fix: rewrite ibmca_mod_exp_crtto remove improper use of BIGNUM
  object
  openssl-ibmca-1.0.0.rc2-memset-fix.patch: fix memory initialization problem
- updated README (bug #185508)
- Fixed configure.in to build correctly
- Fixed spec file
- Initial version from Mike Halcrow

OBS-URL: https://build.opensuse.org/request/show/835921
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=22
2020-09-21 20:06:08 +00:00
Mark Post
87e4d6d354 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=19 2019-10-15 21:16:11 +00:00
Mark Post
bae90aecf6 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=18 2019-10-15 21:14:48 +00:00
Mark Post
aae4a9699c OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=16 2019-10-15 21:13:45 +00:00
Mark Post
bf26757305 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=15 2019-10-15 21:11:57 +00:00
Mark Post
758cc23745 Accepting request 738683 from home:markkp:branches:security:tls
Upgrade to version 2.1.0.

OBS-URL: https://build.opensuse.org/request/show/738683
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=14
2019-10-15 19:56:26 +00:00
Mark Post
d48bdddc18 Accepting request 729040 from home:markkp:branches:security:tls
Upgrade to 2.0.3

OBS-URL: https://build.opensuse.org/request/show/729040
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=11
2019-09-06 22:24:57 +00:00
Mark Post
271d8d12e2 Accepting request 652213 from home:markkp:branches:security:tls
- Upgraded to version 2.0.2 (Fate#325688)
  * openssl-ibmca 2.0.2
    Fix doing rsa-me, altough rsa-crt would be possible.

OBS-URL: https://build.opensuse.org/request/show/652213
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=9
2018-11-27 18:05:19 +00:00
Mark Post
8ae8b2b764 Accepting request 650566 from home:markkp:branches:security:tls
- Upgraded to version 2.0.1 (Fate#325688)
  * openssl-ibmca 2.0.1
    Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.

OBS-URL: https://build.opensuse.org/request/show/650566
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=7
2018-11-20 23:36:22 +00:00
Mark Post
20a31e680e Accepting request 649102 from home:markkp:branches:security:tls
- Upgraded to version 2.0.0 (Fate#325688)
  * openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
- Upgraded to version 1.4.0
  * Re-license to Apache License v2.0
  * Fix aes_gcm initialization.
  * Update man page.
  * Add macros for OpenSSL 0.9.8 compat.
  * Remove AC_FUNC_MALLOC from configure.ac
  * Add compat macro for OpenSSL 1.0.1e-fips.
  * Setting 'foreign' strictness for automake.
  * Add AES-GCM support.
  * Rework EVP_aes macros.
  * Remove dependency of old local OpenSSL headers.
  * Fix engine initialization to set function pointers only once.
  * Remove blank COPYING and NEWS files.
  * Remove INSTALL and move its content to README.md
  * Update README.md file to make use of markdown.
  * Rename README file to README.md to use markdown
  * Add CONTRIBUTING guidelines.
  * Adding coding style documentation.
  * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
  * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
  * Fix SHA512 EVP digest struct to use 
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
  * Fix wrong parenthesis
  * convert libica loading to dlopen() and friends
  * Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1
- Now that the openSSL engines directory is versioned:
  * Modified the spec file to query the libcrypto package
    for which directory to install the engine into.
  * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
    with a sed command so that it will provide the correct
    versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
  be needed any longer.
- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
  same reason.
- Tweaked a comment to get rid of an rpmlint warning message.
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path
- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner
- Upgraded to version 1.3.0 (fate#319941)
  - Updated openssl-ibmca-configure.patch to apply cleanly
  - Removed obsolete patches
    - openssl-ibmca-README.patch
    - openssl-ibmca-sha256-digest-length.patch
    - openssl-pkey.patch
    - openssl-des-ede.patch
- Did some spec file cleanup.
- Fixed %post script to update library path (the only dynamic part
  of the ibmca configuration) every time the package is installed.
  (bsc#966139)
- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)
- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
- Remove dependency on fillup anf insserv; the package provides 
  neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch
- the openssl engines moved to /%_lib/engines bnc#905480
- Forced requirement of libica-2_3_0 (bnc#890824)
- openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922) 
- openssl-pkey.patch: defer HMAC signing to pkey framework, fixes
  fips self-test during EC key creation (bnc#879922)
- spec file cleaned up a bit
- openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message
  digest length definition in sha256 template (bnc#868275)
- update to 1.2.0
- removed patches:
  ibmca-configure.patch
  ibmca-segfault.fix.patch
  ibmca-sw-fix.patch
  openssl-ibmca-1.0.0.rc2-memset-fix.patch
- make it exclusivearch for s390/s390x as the required libica
  is only available for s390/s390x
- Made required libica-2_1_0 s390 specific
- Added x86_64 to ExclusiveArch as %ix86 doesn't do it
- Removed libica requirement - allowing build process to find it
- Added COPYING to %files
- Requiring libica 2.1.0 or greater
- enable ppc64le 
- fix build (add autoconf automake libtool to BuildRequires) 
- disable libtool --finish call
- own engines directory
- package baselibs.conf
- obsolete old -XXbit packages (bnc#437293)
- added baselibs.conf file to build xxbit packages
  for multilib support
- added fixes by IBM (bug #243801):
  ibmca-segfault.fix: rewrite ibmca_mod_expto remove improper use of BIGNUM
  object
  ibmca-sw-fix: rewrite ibmca_mod_exp_crtto remove improper use of BIGNUM
  object
  openssl-ibmca-1.0.0.rc2-memset-fix.patch: fix memory initialization problem
- updated README (bug #185508)
- Fixed configure.in to build correctly
- Fixed spec file
- Initial version from Mike Halcrow

OBS-URL: https://build.opensuse.org/request/show/649102
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=5
2018-11-14 22:44:10 +00:00
Mark Post
81b951bb3f - Upgraded to version 2.0.0 (Fate#325688)
* openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-ibmca?expand=0&rev=4
2018-11-14 20:37:20 +00:00
Dominique Leuenberger
7df611aa44 Accepting request 632587 from security:tls
- Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch

OBS-URL: https://build.opensuse.org/request/show/632587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=29
2018-09-03 08:35:56 +00:00
Dominique Leuenberger
3ad348f09a Accepting request 530008 from security
1

OBS-URL: https://build.opensuse.org/request/show/530008
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=28
2017-10-02 14:53:42 +00:00
Dominique Leuenberger
a4aa0336da Accepting request 528233 from security
1

OBS-URL: https://build.opensuse.org/request/show/528233
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=27
2017-09-23 19:36:11 +00:00
Yuchen Lin
06e03e382b Accepting request 487432 from security
1

OBS-URL: https://build.opensuse.org/request/show/487432
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=26
2017-04-14 11:41:49 +00:00
Dominique Leuenberger
fbceffe006 Accepting request 434703 from security
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path

- Use macro for configure (fate#319941)

OBS-URL: https://build.opensuse.org/request/show/434703
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=25
2016-10-18 08:41:29 +00:00
Dominique Leuenberger
e49ce50354 Accepting request 390328 from security
1

OBS-URL: https://build.opensuse.org/request/show/390328
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=24
2016-04-28 14:54:31 +00:00
Dominique Leuenberger
ca089ef5ad Accepting request 291316 from security
1

OBS-URL: https://build.opensuse.org/request/show/291316
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=23
2015-03-27 08:39:56 +00:00
Stephan Kulow
c1b4002565 Accepting request 210668 from security
- enable ppc64le (forwarded request 210450 from k0da)

OBS-URL: https://build.opensuse.org/request/show/210668
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=21
2013-12-13 10:59:53 +00:00
Stephan Kulow
4d6c9172d7 Accepting request 110824 from security
- fix build (add autoconf automake libtool to BuildRequires) (forwarded request 110787 from k0da)

OBS-URL: https://build.opensuse.org/request/show/110824
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=17
2012-03-26 09:04:01 +00:00
Sascha Peilicke
896122905f Accepting request 65532 from security
Copy from security/openssl-ibmca based on submit request 65532 from user coolo

OBS-URL: https://build.opensuse.org/request/show/65532
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=14
2011-03-30 09:49:22 +00:00
1e2ce3d37f Accepting request 56271 from security
Accepted submit request 56271 from user elvigia

OBS-URL: https://build.opensuse.org/request/show/56271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=11
2010-12-20 15:24:49 +00:00
OBS User autobuild
7d910a222d Accepting request 31698 from security
Copy from security/openssl-ibmca based on submit request 31698 from user msmeissn

OBS-URL: https://build.opensuse.org/request/show/31698
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=7
2010-02-09 21:41:12 +00:00
OBS User unknown
a6748d32a9 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=5 2009-01-09 00:43:14 +00:00
OBS User unknown
da01215410 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=3 2008-04-10 13:18:46 +00:00
OBS User unknown
f2ce89538e OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=2 2007-02-13 13:31:49 +00:00
OBS User unknown
201887ba84 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-ibmca?expand=0&rev=1 2007-01-15 23:28:17 +00:00