Add patch for openssl-1.1

2017-07-17 15:54:01 +01:00 · 2017-07-17 15:54:01 +01:00 · 298f77bbbb
commit 298f77bbbb
parent 055ee19149
2 changed files with 88 additions and 9 deletions
--- a/clamav.spec
+++ b/clamav.spec
@ -58,7 +58,7 @@ Requires(postun):	 /bin/systemctl\
 Summary:	End-user tools for the Clam Antivirus scanner
 Name:		clamav
 Version:	0.99.2
-Release:	8%{?dist}
+Release:	9%{?dist}
 License:	%{?with_unrar:proprietary}%{!?with_unrar:GPLv2}
 Group:		Applications/File
 URL:		http://www.clamav.net
@ -85,9 +85,9 @@ Patch29:	clamav-0.99.1-jitoff.patch
 # https://llvm.org/viewvc/llvm-project/llvm/trunk/lib/ExecutionEngine/JIT/Intercept.cpp?r1=128086&r2=137567
 Patch30:	llvm-glibc.patch
 Patch31:	clamav-0.99.1-setsebool.patch
-BuildRoot:	%_tmppath/%name-%version-%release-root
-Requires:	clamav-lib = %version-%release
-Requires:	data(clamav)
+Patch32:	fa15aa98c7d5e1d8fc22e818ebd089f2e53ebe1d.diff
+
+BuildRequires:	autoconf automake gettext-devel libtool libtool-ltdl-devel
 BuildRequires:	zlib-devel bzip2-devel gmp-devel curl-devel
 BuildRequires:	ncurses-devel openssl-devel libxml2-devel
 BuildRequires:	%_includedir/tcpd.h
@ -96,6 +96,9 @@ BuildRequires:	%_includedir/tcpd.h
 %{?with_bytecode:BuildRequires:	ocaml}
 %endif

+Requires:	clamav-lib = %version-%release
+Requires:	data(clamav)
+
 %package filesystem
 Summary:	Filesystem structure for clamav
 Group:		Applications/File
@ -413,6 +416,7 @@ The systemd initscripts for clamav-scanner.
 %apply -n29 -p1 -b .jitoff
 %apply -n30 -p1
 %apply -n31 -p1 -b .setsebool
+%apply -n32 -p1 -b .openssl_1.1.0
 %{?apply_end}

 install -p -m0644 %SOURCE300 clamav-milter/
@ -446,6 +450,8 @@ export LDFLAGS='%{?__global_ldflags} -Wl,--as-needed'
 export FRESHCLAM_LIBS='-lz'
 # IPv6 check is buggy and does not work when there are no IPv6 interface on build machine
 export have_cv_ipv6=yes
+
+autoreconf -ivf
 %configure \
 	--disable-static \
 	--disable-rpath \
@ -457,6 +463,7 @@ export have_cv_ipv6=yes
 	--with-dbdir=/var/lib/clamav \
 	--enable-milter \
 	--enable-clamdtop \
+    --disable-zlib-vcheck \
 	%{!?with_bytecode:--disable-llvm} \
 	%{!?with_unrar:--disable-unrar}

@ -620,11 +627,6 @@ make check

 ## ------------------------------------------------------------

-%clean
-rm -rf "$RPM_BUILD_ROOT"
-
-## ------------------------------------------------------------
-
 %pre filesystem
 getent group %{updateuser} >/dev/null || groupadd -r %{updateuser}
 getent passwd %{updateuser} >/dev/null || \
@ -897,6 +899,9 @@ test "$1" != "0" || /sbin/initctl -q stop clamav-milter || :


 %changelog
+* Mon Jul 17 2017 Sérgio Basto <sergio@serjux.com> - 0.99.2-9
+- Add patch for openssl-1.1
+
 * Mon Mar 27 2017 Orion Poplawski <orion@cora.nwra.com> - 0.99.2-8
 - Create virusgroup group and add the various clam* users to it

--- a/fa15aa98c7d5e1d8fc22e818ebd089f2e53ebe1d.diff
+++ b/fa15aa98c7d5e1d8fc22e818ebd089f2e53ebe1d.diff
@ -0,0 +1,74 @@
+diff --git a/libclamav/crypto.c b/libclamav/crypto.c
+index c62c65a6b..4be900f38 100644
+--- a/libclamav/crypto.c
+++ b/libclamav/crypto.c
+@@ -1096,7 +1096,6 @@ X509_CRL *cl_load_crl(const char *file)
+ {
+     X509_CRL *x=NULL;
+     FILE *fp;
+-    struct tm *tm;
+ 
+     if (!(file))
+         return NULL;
+@@ -1110,21 +1109,13 @@ X509_CRL *cl_load_crl(const char *file)
+     fclose(fp);
+ 
+     if ((x)) {
+-        tm = cl_ASN1_GetTimeT(x->crl->nextUpdate);
+-        if (!(tm)) {
+-            X509_CRL_free(x);
+-            return NULL;
+-        }
+-
+-#if !defined(_WIN32)
+-        if (timegm(tm) < time(NULL)) {
+-            X509_CRL_free(x);
+-            free(tm);
+-            return NULL;
+-        }
+-#endif
+	ASN1_TIME *tme;
+ 
+-        free(tm);
+	tme = X509_CRL_get_nextUpdate(x);
+	if (!tme || X509_cmp_current_time(tme) < 0) {
+		X509_CRL_free(x);
+		return NULL;
+	}
+     }
+ 
+     return x;
+diff --git a/m4/reorganization/libs/openssl.m4 b/m4/reorganization/libs/openssl.m4
+index 78e2c2343..45ee02df9 100644
+--- a/m4/reorganization/libs/openssl.m4
+++ b/m4/reorganization/libs/openssl.m4
+@@ -26,12 +26,13 @@ save_LDFLAGS="$LDFLAGS"
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ 
+-SSL_LIBS="-lssl -lcrypto -lz"
+SSL_LIBS="$LIBS -lssl -lcrypto -lz"
+LIBS="$LIBS $SSL_LIBS"
+ 
+ if test "$LIBSSL_HOME" != "/usr"; then
+     SSL_LDFLAGS="-L$LIBSSL_HOME/lib"
+     SSL_CPPFLAGS="-I$LIBSSL_HOME/include"
+-    LDFLAGS="-L$LIBSSL_HOME/lib $SSL_LIBS"
+    LDFLAGS="-L$LIBSSL_HOME/lib"
+     CFLAGS="$SSL_CPPFLAGS"
+ else
+     SSL_LDFLAGS=""
+@@ -41,7 +42,12 @@ fi
+ have_ssl="no"
+ have_crypto="no"
+ 
+-AC_CHECK_LIB([ssl], [SSL_library_init], [have_ssl="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz])
+AC_LINK_IFELSE(
+	       [AC_LANG_PROGRAM([[#include <openssl/ssl.h>]],
+				[[SSL_library_init();]])],
+	       [have_ssl="yes";],
+	       [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])])
+
+ 
+ AC_CHECK_LIB([crypto], [EVP_EncryptInit], [have_crypto="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz])
+