SHA256
3
0
forked from pool/openssl

Accepting request 229715 from Base:System

- openssl-gcc-attributes.patch 
  * annotate memory allocation wrappers with attribute(alloc_size)
    so the compiler can tell us if it knows they are being misused
  * OPENSSL_showfatal is annotated with attribute printf to detect
    format string problems.
- It is time to try to disable SSLv2 again, it was tried a while
  ago but broke too many things, nowadays Debian, Ubuntu, the BSDs
  all have disabled it, most components are already fixed.
  I will fix the remaining fallout if any. (email me) (forwarded request 229674 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/229715
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=111
This commit is contained in:
Stephan Kulow 2014-04-15 05:34:09 +00:00 committed by Git OBS Bridge
parent d5a92c035d
commit 165c77cea8
3 changed files with 53 additions and 1 deletions

View File

@ -0,0 +1,34 @@
--- openssl-1.0.1g.orig/crypto/cryptlib.h
+++ openssl-1.0.1g/crypto/cryptlib.h
@@ -100,7 +100,7 @@ extern "C" {
void OPENSSL_cpuid_setup(void);
extern unsigned int OPENSSL_ia32cap_P[];
-void OPENSSL_showfatal(const char *fmta,...);
+void OPENSSL_showfatal(const char *fmta,...) __attribute__ ((format (printf, 1, 2)));
void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated;
--- openssl-1.0.1g.orig/crypto/crypto.h
+++ openssl-1.0.1g/crypto/crypto.h
@@ -487,15 +487,15 @@ void CRYPTO_get_mem_debug_functions(void
void (**so)(long),
long (**go)(void));
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
+void *CRYPTO_malloc_locked(int num, const char *file, int line) __attribute__((alloc_size(1)));
void CRYPTO_free_locked(void *ptr);
-void *CRYPTO_malloc(int num, const char *file, int line);
+void *CRYPTO_malloc(int num, const char *file, int line) __attribute__((alloc_size(1)));
char *CRYPTO_strdup(const char *str, const char *file, int line);
void CRYPTO_free(void *ptr);
-void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
+void *CRYPTO_realloc(void *addr,int num, const char *file, int line) __attribute__((alloc_size(2)));
void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
- int line);
-void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
+ int line) __attribute__((alloc_size(2, 3)));
+void *CRYPTO_remalloc(void *addr,int num, const char *file, int line) __attribute__((alloc_size(2)));
void OPENSSL_cleanse(void *ptr, size_t len);

View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Fri Apr 11 02:40:34 UTC 2014 - crrodriguez@opensuse.org
- openssl-gcc-attributes.patch
* annotate memory allocation wrappers with attribute(alloc_size)
so the compiler can tell us if it knows they are being misused
* OPENSSL_showfatal is annotated with attribute printf to detect
format string problems.
- It is time to try to disable SSLv2 again, it was tried a while
ago but broke too many things, nowadays Debian, Ubuntu, the BSDs
all have disabled it, most components are already fixed.
I will fix the remaining fallout if any. (email me)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 8 08:12:38 UTC 2014 - dmueller@suse.com Tue Apr 8 08:12:38 UTC 2014 - dmueller@suse.com

View File

@ -64,6 +64,7 @@ Patch15: openssl-1.0.1e-fips.patch
Patch16: openssl-1.0.1e-fips-ec.patch Patch16: openssl-1.0.1e-fips-ec.patch
Patch17: openssl-1.0.1e-fips-ctor.patch Patch17: openssl-1.0.1e-fips-ctor.patch
Patch18: openssl-1.0.1e-new-fips-reqs.patch Patch18: openssl-1.0.1e-new-fips-reqs.patch
Patch19: openssl-gcc-attributes.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -169,7 +170,7 @@ this package's base documentation.
%patch16 -p1 %patch16 -p1
%patch17 -p1 %patch17 -p1
%patch18 -p1 %patch18 -p1
%patch19 -p1
cp -p %{S:10} . cp -p %{S:10} .
cp -p %{S:11} . cp -p %{S:11} .
echo "adding/overwriting some entries in the 'table' hash in Configure" echo "adding/overwriting some entries in the 'table' hash in Configure"
@ -217,6 +218,9 @@ export MACHINE=armv6l
# #
config_flags="threads shared no-rc5 no-idea \ config_flags="threads shared no-rc5 no-idea \
fips \ fips \
%if 0%{suse_version} > 1310
no-ssl2 \
%endif
%ifarch x86_64 %ifarch x86_64
enable-ec_nistp_64_gcc_128 \ enable-ec_nistp_64_gcc_128 \
%endif %endif