Automatic import for version 1.0.0g

2025-02-23 16:22:50 +00:00 · 2012-02-01 18:06:06 +04:00 · 2012-02-01 18:06:06 +04:00 · b147deddcd
commit b147deddcd
parent 4dd1f85383
6 changed files with 54 additions and 180 deletions
--- a/.abf.yml
+++ b/.abf.yml
@ -1,2 +1,2 @@
 sources:
-  "openssl-1.0.0d.tar.gz": 32ca934f380a547061ddab7221b1a34e4e07e8d5
+  "openssl-1.0.0g.tar.gz": 2b517baada2338663c27314cb922f9755e73e07f
--- a/openssl-0.9.6b-mdkconfig.patch
+++ b/openssl-0.9.6b-mdkconfig.patch
@ -1,116 +0,0 @@
--- openssl-0.9.6b/ssl/s3_lib.c.mdkconfig	Fri Mar  9 11:08:04 2001
-+++ openssl-0.9.6b/ssl/s3_lib.c	Tue Dec  4 17:44:27 2001
-@@ -204,6 +204,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 1B */
-+#if 0
- 	{
- 	1,
- 	SSL3_TXT_ADH_DES_192_CBC_SHA,
-@@ -216,6 +217,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- 
- /* RSA again */
- /* Cipher 03 */
-@@ -310,6 +312,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 0A */
-+#if 0
- 	{
- 	1,
- 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
-@@ -322,6 +325,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- 
- /*  The DH ciphers */
- /* Cipher 0B */
-@@ -351,6 +355,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 0D */
-+#if 0
- 	{
- 	0,
- 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-@@ -363,6 +368,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- /* Cipher 0E */
- 	{
- 	0,
-@@ -390,6 +396,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 10 */
-+#if 0
- 	{
- 	0,
- 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-@@ -402,6 +409,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- 
- /* The Ephemeral DH ciphers */
- /* Cipher 11 */
-@@ -431,6 +439,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 13 */
-+#if 0
- 	{
- 	1,
- 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-@@ -443,6 +452,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- /* Cipher 14 */
- 	{
- 	1,
-@@ -470,6 +480,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* Cipher 16 */
-+#if 0
- 	{
- 	1,
- 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-@@ -482,6 +493,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- 
- /* Fortezza */
- /* Cipher 1C */
--- openssl-0.9.6b/ssl/s2_lib.c.mdkconfig	Tue Dec 26 13:06:47 2000
-+++ openssl-0.9.6b/ssl/s2_lib.c	Tue Dec  4 17:54:13 2001
-@@ -162,6 +162,7 @@
- 	SSL_ALL_STRENGTHS,
- 	},
- /* DES_192_EDE3_CBC_WITH_MD5 */
-+#if 0
- 	{
- 	1,
- 	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
-@@ -174,6 +175,7 @@
- 	SSL_ALL_CIPHERS,
- 	SSL_ALL_STRENGTHS,
- 	},
-+#endif
- /* RC4_64_WITH_MD5 */
- #if 1
- 	{
--- a/openssl-1.0.0-defaults.patch
+++ b/openssl-1.0.0-defaults.patch
@ -33,12 +33,3 @@ diff -p -up openssl-1.0.0/apps/openssl.cnf.defaults openssl-1.0.0/apps/openssl.c
 
 # we can do this but it is not needed normally :-)
 #1.organizationName		= Second Organization Name (eg, company)
-@@ -145,7 +147,7 @@ localityName			= Locality Name (eg, city
- organizationalUnitName		= Organizational Unit Name (eg, section)
- #organizationalUnitName_default	=
- 
-commonName			= Common Name (eg, YOUR name)
-+commonName			= Common Name (eg, your name or your server\'s hostname)
- commonName_max			= 64
- 
- emailAddress			= Email Address
--- a/openssl-1.0.0d.tar.gz.asc
+++ b/openssl-1.0.0d.tar.gz.asc
@ -1,9 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQCVAgUATVF6RKpYnaxaapuFAQIIGAP8CpLzaSqIylsrllK6YJwcma+4LHWgt22R
-m0qjHpBUBrVYRvvs05ybLFgyoSfiV5pZ8D0p89bkF/dI8BT8L+gTwAodle6dnple
-6gqZj6kKDzOV8NXAKnyqgtd8G8USj4lOO1bF4s32pdw+qeOuGQ8Zl9nNDUlFbHN+
-NVpKctUbWi4=
-=wNaz
-----END PGP SIGNATURE-----
--- a/openssl-1.0.0g.tar.gz.asc
+++ b/openssl-1.0.0g.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEVAwUATxbMXqLSm3vylcdZAQKxWAf/U5niW1XqDa8P0pYacHVRmpi4B/fZCsuv
+Vse3gC+aizCN3Fq1GgrAaaA3EdECEGXkAg8/l0ovfQNUWEO2EDIcC6oprESCEDSl
+fOuWKMAOcWekFNpLIH3fPLXSNN0aTKZR9B0kTF/NGqkFr0SlQLqkdrrP+6bhhH0e
+hnh0L8TqRpk+zlaGxxrl4L1G0cEug4e5Dolp/Zt7UmWo09fsRSZ4ceR3X5k4EYmu
+Br47U/zWUID/zaAFLut6F7WShMp8vrtkCHes+o6Cy9jEmeN3FfpLJC7NSK1g5K1R
+RAfAlKO0hqCOqWhYdvWHbR2vmOdPniTS528jIWUfJjBnNnRZ8rURRw==
+=h9qf
+-----END PGP SIGNATURE-----
--- a/openssl.spec
+++ b/openssl.spec
@ -4,21 +4,17 @@
 %define develname %mklibname openssl -d
 %define staticname %mklibname openssl -s -d

-%define conflict1 %mklibname openssl 0.9.7
 %define conflict2 %mklibname openssl 0.9.8

 # Number of threads to spawn when testing some threading fixes.
 #define thread_test_threads %{?threads:%{threads}}%{!?threads:1}

-# French policy is to not use ciphers stronger than 128 bits
-%define french_policy 0
-
 %define with_krb5 %{?_with_krb5:1}%{!?_with_krb5:0}

 Summary:	Secure Sockets Layer communications libs & utils
 Name:		openssl
-Version:	%{maj}d
-Release:	%mkrel 2
+Version:	%{maj}g
+Release:	1
 License:	BSD-like
 Group:		System/Libraries
 URL:		http://www.openssl.org/
@ -28,8 +24,6 @@ Source2:	Makefile.certificate
 Source3:	make-dummy-cert
 Source4:	openssl-thread-test.c
 Source5:	README.pkcs11
-# (gb) 0.9.6b-5mdk: Limit available SSL ciphers to 128 bits
-Patch0:		openssl-0.9.6b-mdkconfig.patch
 # (gb) 0.9.7b-4mdk: Handle RPM_OPT_FLAGS in Configure
 Patch2:		openssl-optflags.diff
 # (oe) support Brazilian Government OTHERNAME X509v3 field (#14158)
@ -48,7 +42,7 @@ Patch16:	pkcs11_engine-1.0.0.diff
 Patch300:	openssl-1.0.0-mips.patch
 Patch301:	openssl-1.0.0-arm.patch
 Patch302:	openssl-1.0.0-enginesdir.patch
-Requires:	%{libname} = %{version}-%{release}
+Requires:	%{engines_name} = %{version}-%{release}
 Requires:	perl-base
 Requires:	rootcerts
 %{?_with_krb5:BuildRequires: krb5-devel}
@ -56,7 +50,6 @@ BuildRequires:	chrpath
 BuildRequires:	zlib-devel
 # (tv) for test suite:
 BuildRequires:	bc
-BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-buildroot

 %description
 The openssl certificate management tool and the shared libraries that provide
@ -75,9 +68,7 @@ This package provides engines for openssl.
 %package -n	%{libname}
 Summary:	Secure Sockets Layer communications libs
 Group:		System/Libraries
-Requires:	%{engines_name} >= %{version}-%{release}
 Provides:	%{libname} = %{version}-%{release}
-Conflicts:	openssh < 3.5p1-4mdk

 %description -n	%{libname}
 The libraries files are needed for various cryptographic algorithms
@ -90,9 +81,6 @@ Requires:	%{libname} = %{version}-%{release}
 Provides:	libopenssl-devel
 Provides:	openssl-devel = %{version}-%{release}
 Obsoletes:	openssl-devel
-# temporary opsolete, will be a conflict later. a compat package
-# with openssl-0.9.7 devel libs will be provided soon
-Obsoletes:	%{conflict1}-devel
 Obsoletes:	%{conflict2}-devel
 Obsoletes:	%{mklibname openssl 1.0.0}-devel
 Provides:	%{name}-devel = %{version}-%{release}
@ -108,9 +96,6 @@ Group:		Development/Other
 Requires:	%{develname} = %{version}-%{release}
 Provides:	libopenssl-static-devel
 Provides:	openssl-static-devel = %{version}-%{release}
-# temporary opsolete, will be a conflict later. a compat package
-# with openssl-0.9.7 static-devel libs will be provided soon
-Obsoletes:	%{conflict1}-static-devel
 Obsoletes:	%{conflict2}-static-devel
 Obsoletes:	%{mklibname openssl 1.0.0}-static-devel
 Provides:	%{name}-static-devel = %{version}-%{release}
@ -122,9 +107,6 @@ cryptographic algorithms and protocols, including DES, RC4, RSA and SSL.
 %prep

 %setup -q -n %{name}-%{version}
-%if %{french_policy}
-%patch0 -p1 -b .frenchpolicy
-%endif
 %patch2 -p1 -b .optflags
 %patch6 -p0 -b .icpbrasil
 %patch7 -p1 -b .defaults
@ -173,6 +155,9 @@ sslarch="linux-generic32 -DB_ENDIAN -DNO_ASM"
 %ifarch s390x
 sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
 %endif
+%ifarch %{arm}
+sslarch=linux-generic32
+%endif

 # ia64, x86_64, ppc, ppc64 are OK by default
 # Configure the build tree.  Override OpenSSL defaults with known-good defaults
@ -182,9 +167,8 @@ sslarch="linux-generic64 -DB_ENDIAN -DNO_ASM"
    --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
    --enginesdir=%{_libdir}/openssl-%{version}/engines \
    --prefix=%{_prefix} --libdir=%{_lib}/ %{?_with_krb5:--with-krb5-flavor=MIT -I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib}} \
-     no-idea no-rc5 enable-camellia shared enable-tlsext ${sslarch} --pk11-libname=%{_libdir}/pkcs11/PKCS11_API.so
-
-#    zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared ${sslarch}
+    --pk11-libname=%{_libdir}/pkcs11/PKCS11_API.so \
+    zlib no-idea no-rc5 enable-camellia enable-seed enable-tlsext enable-rfc3779 enable-cms shared ${sslarch} \

 # Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
 # marked as not requiring an executable stack.
@ -245,11 +229,11 @@ ln -snf openssl %{buildroot}%{_bindir}/ssleay
 # The man pages rand.3 and passwd.1 conflict with other packages
 # Rename them to ssl-* and also make a symlink from openssl-* to ssl-*
 mv %{buildroot}%{_mandir}/man1/passwd.1 %{buildroot}%{_mandir}/man1/ssl-passwd.1
-ln -sf ssl-passwd.1.bz2 %{buildroot}%{_mandir}/man1/openssl-passwd.1.bz2
+ln -sf ssl-passwd.1%{_extension} %{buildroot}%{_mandir}/man1/openssl-passwd.1%{_extension}

 for i in rand err; do
    mv %{buildroot}%{_mandir}/man3/$i.3 %{buildroot}%{_mandir}/man3/ssl-$i.3
-    ln -snf ssl-$i.3.bz2 %{buildroot}%{_mandir}/man3/openssl-$i.3.bz2
+    ln -snf ssl-$i.3%{_extension} %{buildroot}%{_mandir}/man3/openssl-$i.3%{_extension}
 done

 rm -rf {main,devel}-doc-info
@ -298,19 +282,7 @@ perl -pi -e "s|^CATOP=.*|CATOP=%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfd
 perl -pi -e "s|^\\\$CATOP\=\".*|\\\$CATOP\=\"%{_sysconfdir}/pki/tls\";|g" %{buildroot}%{_sysconfdir}/pki/tls/misc/CA.pl
 perl -pi -e "s|\./demoCA|%{_sysconfdir}/pki/tls|g" %{buildroot}%{_sysconfdir}/pki/tls/openssl.cnf

-%if %mdkversion < 200900
-%post -n %{libname} -p /sbin/ldconfig
-%endif
-
-%if %mdkversion < 200900
-%postun -n %{libname} -p /sbin/ldconfig
-%endif
-
-%clean
-rm -fr %{buildroot}
-
 %files 
-%defattr(-,root,root)
 %doc FAQ INSTALL LICENSE NEWS PROBLEMS main-doc-info/README*
 %doc README README.ASN1 README.ENGINE README.pkcs11
 %dir %{_sysconfdir}/pki
@ -329,17 +301,14 @@ rm -fr %{buildroot}
 %attr(0644,root,root) %{_mandir}/man[157]/*

 %files -n %{libname}
-%defattr(-,root,root)
 %doc FAQ INSTALL LICENSE NEWS PROBLEMS README*
 %attr(0755,root,root) %{_libdir}/lib*.so.*

 %files -n %{engines_name}
-%defattr(-,root,root)
 %attr(0755,root,root) %dir %{_libdir}/openssl-%{version}/engines
 %attr(0755,root,root) %{_libdir}/openssl-%{version}/engines/*.so

 %files -n %{develname}
-%defattr(-,root,root)
 %doc CHANGES doc/* devel-doc-info/README*
 %attr(0755,root,root) %dir %{_includedir}/openssl
 %{multiarch_includedir}/openssl/opensslconf.h
@ -349,12 +318,40 @@ rm -fr %{buildroot}
 %attr(0644,root,root) %{_libdir}/pkgconfig/*

 %files -n %{staticname}
-%defattr(-,root,root)
 %attr(0644,root,root) %{_libdir}/lib*.a


 %changelog
-* Mon May 02 2011 Oden Eriksson <oeriksson@mandriva.com> 1.0.0d-2mdv2011.0
+* Thu Jan 19 2012 Oden Eriksson <oeriksson@mandriva.com> 1.0.0g-1
+ Revision: 762530
+- 1.0.0g
+
+* Mon Jan 09 2012 Oden Eriksson <oeriksson@mandriva.com> 1.0.0f-1
+ Revision: 758821
+- 1.0.0f
+- enable some new'ish features per default (enable-seed enable-rfc3779 enable-cms)
+
+* Thu Dec 01 2011 Matthew Dawkins <mattydaw@mandriva.org> 1.0.0e-3
+ Revision: 735862
+- rebuild for openssl
+- solves dep LOOP problems
+- removed clean section, mkrel
+
+* Tue Nov 29 2011 Oden Eriksson <oeriksson@mandriva.com> 1.0.0e-2
+ Revision: 735413
+- bump release
+- more fixes to make sure rpm -Fvh works better
+- drop the french fixes patch, it has never been used
+- applied some fixes by Matthew Dawkins
+
+* Tue Sep 06 2011 Oden Eriksson <oeriksson@mandriva.com> 1.0.0e-1
+ Revision: 698456
+- 1.0.0e (fixes CVE-2011-3207, CVE-2011-3210)
+
+  + Matthew Dawkins <mattydaw@mandriva.org>
+    - fix arm build
+
+* Mon May 02 2011 Oden Eriksson <oeriksson@mandriva.com> 1.0.0d-2
 + Revision: 661710
 - multiarch fixes

@ -443,7 +440,7 @@ rm -fr %{buildroot}
 + Revision: 455585
 - P22: fixes a regression with CVE-2009-2409 (#54349)

-* Sun Sep 27 2009 Olivier Blin <oblin@mandriva.com> 0.9.8k-4mdv2010.0
+* Sun Sep 27 2009 Olivier Blin <blino@mandriva.org> 0.9.8k-4mdv2010.0
 + Revision: 450189
 - mips and arm support (from Arnaud Patard)

@ -542,7 +539,7 @@ rm -fr %{buildroot}
 + Revision: 176044
 - fix #38237 (Please include SNI support patch)

-  + Olivier Blin <oblin@mandriva.com>
+  + Olivier Blin <blino@mandriva.org>
    - restore BuildRoot

  + Thierry Vignaud <tv@mandriva.org>