rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix regression in EVP_PBE_scrypt() (#1688284) 

fix incorrect help message in ca app (#1553206)
This commit is contained in:
Tomas Mraz 2019-03-15 16:05:02 +01:00
parent e2ea1027fe
commit c99b8bf7f9
3 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openssl-1.1.0-apps-dgst.patch → openssl-1.1.1-apps-dgst.patch
View File

@ -1,12 +1,12 @@
diff -up openssl-1.1.0-pre5/apps/ca.c.dgst openssl-1.1.0-pre5/apps/ca.c
--- openssl-1.1.0-pre5/apps/ca.c.dgst 2016-04-19 16:57:52.000000000 +0200
+++ openssl-1.1.0-pre5/apps/ca.c 2016-07-18 15:58:18.516742682 +0200
@@ -216,7 +216,7 @@ OPTIONS ca_options[] = {
diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c
--- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100
+++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100
@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = {
{"enddate", OPT_ENDDATE, 's',
"YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
{"days", OPT_DAYS, 'p', "Number of days to certify the cert for"},
- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
+ {"md", OPT_MD, 's', "md to use; see openssl dgst -h for list"},
+ {"md", OPT_MD, 's', "md to use; see openssl help for list"},
{"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
{"keyfile", OPT_KEYFILE, 's', "Private key"},
{"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},

6
openssl-1.1.1-evp-kdf.patch
View File

@ -634,7 +634,7 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
/*
* Maximum permitted memory allow this to be overridden with Configuration
* option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
@@ -160,107 +37,39 @@ int EVP_PBE_scrypt(const char *pass, siz
@@ -160,107 +37,43 @@ int EVP_PBE_scrypt(const char *pass, siz
uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
unsigned char *key, size_t keylen)
{
@ -706,6 +706,10 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
+ if (pass == NULL) {
+ pass = empty;
+ passlen = 0;
+ }
+ if (salt == NULL) {
+ salt = (const unsigned char *)empty;
+ saltlen = 0;
}
-
if (maxmem == 0)

8
openssl.spec
View File

@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.1.1b
Release: 2%{?dist}
Release: 3%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -47,7 +47,7 @@ Patch21: openssl-1.1.0-issuer-hash.patch
# Functionality changes
Patch31: openssl-1.1.1-conf-paths.patch
Patch32: openssl-1.1.1-version-add-engines.patch
Patch33: openssl-1.1.0-apps-dgst.patch
Patch33: openssl-1.1.1-apps-dgst.patch
Patch36: openssl-1.1.1-no-brainpool.patch
Patch37: openssl-1.1.1-ec-curves.patch
Patch38: openssl-1.1.1-no-weak-verify.patch
@ -448,6 +448,10 @@ export LD_LIBRARY_PATH
%ldconfig_scriptlets libs
%changelog
* Fri Mar 15 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-3
- fix regression in EVP_PBE_scrypt() (#1688284)
- fix incorrect help message in ca app (#1553206)
* Fri Mar 1 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-2
- use .include = syntax in the config file to allow it
to be parsed by 1.0.2 version (#1668916)