rpms/openssl/devel openssl-0.9.8g-bn-mul-bug.patch, NONE, 1.1 openssl-0.9.8g-speed-bug.patch, NONE, 1.1 openssl.spec, 1.98, 1.99
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Mon Dec 3 19:57:44 UTC 2007
- Previous message: rpms/mock/F-7 .cvsignore, 1.28, 1.29 mock.spec, 1.45, 1.46 sources, 1.31, 1.32
- Next message: rpms/kdebase-runtime/F-8 .cvsignore, 1.2, 1.3 kdebase-runtime.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/openssl/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8277
Modified Files:
openssl.spec
Added Files:
openssl-0.9.8g-bn-mul-bug.patch openssl-0.9.8g-speed-bug.patch
Log Message:
* Tue Dec 4 2007 Tomas Mraz <tmraz at redhat.com> 0.9.8g-2
- enable some new crypto algorithms and features
- add some more important bug fixes from openssl CVS
openssl-0.9.8g-bn-mul-bug.patch:
--- NEW FILE openssl-0.9.8g-bn-mul-bug.patch ---
openssl/crypto/bn/bn_mul.c 1.36.2.1 -> 1.36.2.2
--- openssl/crypto/bn/bn_mul.c 2007/07/08 18:54:30 1.36.2.1
+++ openssl/crypto/bn/bn_mul.c 2007/11/03 20:09:29 1.36.2.2
@@ -389,6 +389,7 @@
* a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
* a[1]*b[1]
*/
+/* dnX may not be positive, but n2/2+dnX has to be */
void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
int dna, int dnb, BN_ULONG *t)
{
@@ -398,7 +399,7 @@
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
- fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2);
+ fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb);
# endif
# ifdef BN_MUL_COMBA
# if 0
@@ -545,6 +546,7 @@
/* n+tn is the word length
* t needs to be n*4 is size, as does r */
+/* tnX may not be negative but less than n */
void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
int tna, int tnb, BN_ULONG *t)
{
@@ -553,8 +555,8 @@
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
- fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n",
- tna, n, tnb, n);
+ fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
+ n, tna, n, tnb);
# endif
if (n < 8)
{
@@ -655,16 +657,19 @@
for (;;)
{
i/=2;
- if (i <= tna && tna == tnb)
+ /* these simplified conditions work
+ * exclusively because difference
+ * between tna and tnb is 1 or 0 */
+ if (i < tna || i < tnb)
{
- bn_mul_recursive(&(r[n2]),
+ bn_mul_part_recursive(&(r[n2]),
&(a[n]),&(b[n]),
i,tna-i,tnb-i,p);
break;
}
- else if (i < tna || i < tnb)
+ else if (i == tna || i == tnb)
{
- bn_mul_part_recursive(&(r[n2]),
+ bn_mul_recursive(&(r[n2]),
&(a[n]),&(b[n]),
i,tna-i,tnb-i,p);
break;
openssl-0.9.8g-speed-bug.patch:
--- NEW FILE openssl-0.9.8g-speed-bug.patch ---
openssl/apps/speed.c 1.126.2.8 -> 1.126.2.9
--- openssl/apps/speed.c 2007/05/13 15:04:14 1.126.2.8
+++ openssl/apps/speed.c 2007/11/15 13:33:47 1.126.2.9
@@ -577,7 +577,7 @@
#define MAX_BLOCK_SIZE 64
#endif
unsigned char DES_iv[8];
- unsigned char iv[MAX_BLOCK_SIZE/8];
+ unsigned char iv[2*MAX_BLOCK_SIZE/8];
#ifndef OPENSSL_NO_DES
DES_cblock *buf_as_des_cblock = NULL;
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
Index: openssl.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openssl/devel/openssl.spec,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- openssl.spec 3 Dec 2007 15:26:28 -0000 1.98
+++ openssl.spec 3 Dec 2007 19:57:11 -0000 1.99
@@ -22,7 +22,7 @@
Summary: The OpenSSL toolkit
Name: openssl
Version: 0.9.8g
-Release: 1%{?dist}
+Release: 2%{?dist}
Source: openssl-%{version}-usa.tar.bz2
Source1: hobble-openssl
Source2: Makefile.certificate
@@ -52,7 +52,8 @@
Patch38: openssl-0.9.8a-reuse-cipher-change.patch
Patch39: openssl-0.9.8g-ipv6-apps.patch
# Backported fixes including security fixes
-# None yet
+Patch50: openssl-0.9.8g-speed-bug.patch
+Patch51: openssl-0.9.8g-bn-mul-bug.patch
License: OpenSSL
Group: System Environment/Libraries
@@ -112,6 +113,8 @@
%patch35 -p1 -b .version-add-engines
%patch38 -p1 -b .cipher-change
%patch39 -p1 -b .ipv6-apps
+%patch50 -p1 -b .speed-bug
+%patch51 -p1 -b .bn-mul-bug
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
@@ -153,7 +156,8 @@
# RPM_OPT_FLAGS, so we can skip specifiying them here.
./Configure \
--prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
- zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared \
+ zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
+ no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared \
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
-I%{_prefix}/kerberos/include -L%{_prefix}/kerberos/%{_lib} \
${sslarch}
@@ -352,6 +356,10 @@
%postun -p /sbin/ldconfig
%changelog
+* Tue Dec 4 2007 Tomas Mraz <tmraz at redhat.com> 0.9.8g-2
+- enable some new crypto algorithms and features
+- add some more important bug fixes from openssl CVS
+
* Mon Dec 3 2007 Tomas Mraz <tmraz at redhat.com> 0.9.8g-1
- update to latest upstream release, SONAME bumped to 7
- Previous message: rpms/mock/F-7 .cvsignore, 1.28, 1.29 mock.spec, 1.45, 1.46 sources, 1.31, 1.32
- Next message: rpms/kdebase-runtime/F-8 .cvsignore, 1.2, 1.3 kdebase-runtime.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list