diff --git a/openssl-1.0.2a-enginesdir.patch b/openssl-1.0.2a-enginesdir.patch deleted file mode 100644 index 10baf5a..0000000 --- a/openssl-1.0.2a-enginesdir.patch +++ /dev/null @@ -1,52 +0,0 @@ -diff -up openssl-1.0.2a/Configure.enginesdir openssl-1.0.2a/Configure ---- openssl-1.0.2a/Configure.enginesdir 2015-04-20 14:37:58.137392222 +0200 -+++ openssl-1.0.2a/Configure 2015-04-20 14:37:58.140392292 +0200 -@@ -702,6 +702,7 @@ my $idx_multilib = $idx++; - my $prefix=""; - my $libdir=""; - my $openssldir=""; -+my $enginesdir=""; - my $exe_ext=""; - my $install_prefix= "$ENV{'INSTALL_PREFIX'}"; - my $cross_compile_prefix=""; -@@ -929,6 +930,10 @@ PROCESS_ARGS: - { - $openssldir=$1; - } -+ elsif (/^--enginesdir=(.*)$/) -+ { -+ $enginesdir=$1; -+ } - elsif (/^--install.prefix=(.*)$/) - { - $install_prefix=$1; -@@ -1185,7 +1190,7 @@ chop $prefix if $prefix =~ /.\/$/; - - $openssldir=$prefix . "/ssl" if $openssldir eq ""; - $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; -- -+$enginesdir="$prefix/lib/engines" if $enginesdir eq ""; - - print "IsMK1MF=$IsMK1MF\n"; - -@@ -1871,7 +1876,7 @@ while () - } - elsif (/^#define\s+ENGINESDIR/) - { -- my $foo = "$prefix/$libdir/engines"; -+ my $foo = "$enginesdir"; - $foo =~ s/\\/\\\\/g; - print OUT "#define ENGINESDIR \"$foo\"\n"; - } -diff -up openssl-1.0.2a/engines/Makefile.enginesdir openssl-1.0.2a/engines/Makefile ---- openssl-1.0.2a/engines/Makefile.enginesdir 2015-04-20 14:37:58.140392292 +0200 -+++ openssl-1.0.2a/engines/Makefile 2015-04-20 14:40:15.570598383 +0200 -@@ -124,7 +124,7 @@ install: - esac; \ - cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ - fi; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ -+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi diff --git a/openssl-1.0.2a-system-cipherlist.patch b/openssl-1.0.2a-system-cipherlist.patch index 482fecc..ea87de2 100644 --- a/openssl-1.0.2a-system-cipherlist.patch +++ b/openssl-1.0.2a-system-cipherlist.patch @@ -47,10 +47,10 @@ diff -up openssl-1.0.2a/Configure.system openssl-1.0.2a/Configure foreach (sort (keys %disabled)) { -@@ -1667,6 +1676,7 @@ while () - s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; +@@ -1668,6 +1677,7 @@ while () s/^MULTILIB=.*$/MULTILIB=$multilib/; s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/; + s/^ENGINESDIR=.*$/ENGINESDIR=$enginesdir/; + s/^SYSTEM_CIPHERS_FILE=.*$/SYSTEM_CIPHERS_FILE=$system_ciphers_file/; s/^LIBDIR=.*$/LIBDIR=$libdir/; s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/; diff --git a/openssl-1.0.2i-enginesdir.patch b/openssl-1.0.2i-enginesdir.patch new file mode 100644 index 0000000..862ef1b --- /dev/null +++ b/openssl-1.0.2i-enginesdir.patch @@ -0,0 +1,83 @@ +diff --git a/Configure b/Configure +index c39f71a..7f3d905 100755 +--- a/Configure ++++ b/Configure +@@ -727,6 +727,7 @@ my $idx_multilib = $idx++; + my $prefix=""; + my $libdir=""; + my $openssldir=""; ++my $enginesdir=""; + my $exe_ext=""; + my $install_prefix= "$ENV{'INSTALL_PREFIX'}"; + my $cross_compile_prefix=""; +@@ -956,6 +957,10 @@ PROCESS_ARGS: + { + $openssldir=$1; + } ++ elsif (/^--enginesdir=(.*)$/) ++ { ++ $enginesdir=$1; ++ } + elsif (/^--install.prefix=(.*)$/) + { + $install_prefix=$1; +@@ -1207,7 +1212,7 @@ chop $prefix if $prefix =~ /.\/$/; + + $openssldir=$prefix . "/ssl" if $openssldir eq ""; + $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; +- ++$enginesdir="$prefix/lib/engines" if $enginesdir eq ""; + + print "IsMK1MF=$IsMK1MF\n"; + +@@ -1709,6 +1714,7 @@ while () + s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; + s/^MULTILIB=.*$/MULTILIB=$multilib/; + s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/; ++ s/^ENGINESDIR=.*$/ENGINESDIR=$enginesdir/; + s/^LIBDIR=.*$/LIBDIR=$libdir/; + s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/; + s/^PLATFORM=.*$/PLATFORM=$target/; +@@ -1915,7 +1921,7 @@ while () + } + elsif (/^#define\s+ENGINESDIR/) + { +- my $foo = "$prefix/$libdir/engines"; ++ my $foo = "$enginesdir"; + $foo =~ s/\\/\\\\/g; + print OUT "#define ENGINESDIR \"$foo\"\n"; + } +diff --git a/Makefile.org b/Makefile.org +index 2377f50..fe8d54c 100644 +--- a/Makefile.org ++++ b/Makefile.org +@@ -28,6 +28,7 @@ INSTALLTOP=/usr/local/ssl + + # Do not edit this manually. Use Configure --openssldir=DIR do change this! + OPENSSLDIR=/usr/local/ssl ++ENGINESDIR=$${libdir}/engines + + # NO_IDEA - Define to build without the IDEA algorithm + # NO_RC4 - Define to build without the RC4 algorithm +@@ -368,7 +369,7 @@ libcrypto.pc: Makefile + echo 'exec_prefix=$${prefix}'; \ + echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ + echo 'includedir=$${prefix}/include'; \ +- echo 'enginesdir=$${libdir}/engines'; \ ++ echo 'enginesdir=$(ENGINESDIR)'; \ + echo ''; \ + echo 'Name: OpenSSL-libcrypto'; \ + echo 'Description: OpenSSL cryptography library'; \ +diff --git a/engines/Makefile b/engines/Makefile +index 2058ff4..a2c407b 100644 +--- a/engines/Makefile ++++ b/engines/Makefile +@@ -124,7 +124,7 @@ install: + esac; \ + cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ + fi; \ +- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ ++ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi diff --git a/openssl.spec b/openssl.spec index d4a82eb..ea05480 100644 --- a/openssl.spec +++ b/openssl.spec @@ -23,7 +23,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.0.2i -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -42,7 +42,7 @@ Source13: ectest.c # Build changes Patch1: openssl-1.0.2e-rpmbuild.patch Patch2: openssl-1.0.2a-defaults.patch -Patch4: openssl-1.0.2a-enginesdir.patch +Patch4: openssl-1.0.2i-enginesdir.patch Patch5: openssl-1.0.2a-no-rpath.patch Patch6: openssl-1.0.2a-test-use-localhost.patch Patch7: openssl-1.0.0-timezone.patch @@ -505,6 +505,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun libs -p /sbin/ldconfig %changelog +* Sat Sep 24 2016 David Woodhouse 1.0.2i-2 +- Fix enginesdir in libcrypto.c (#1375361) + * Thu Sep 22 2016 Tomáš Mráz 1.0.2i-1 - minor upstream release 1.0.2i fixing security issues - move man pages for perl based scripts to perl subpackage (#1377617)