rpms/libgcrypt/F-10 hobble-libgcrypt, NONE, 1.1 libgcrypt-1.4.4-fips-no-access.patch, NONE, 1.1 .cvsignore, 1.12, 1.13 libgcrypt.spec, 1.32, 1.33 sources, 1.12, 1.13 libgcrypt-1.2.2-lib64.patch, 1.1, NONE
Tomáš Mráz
tmraz at fedoraproject.org
Fri Jan 30 15:50:50 UTC 2009
- Previous message: rpms/allgeyer-fonts/devel allgeyer-fonts.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/sugar-chat/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 sugar-chat.spec, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/libgcrypt/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22344
Modified Files:
.cvsignore libgcrypt.spec sources
Added Files:
hobble-libgcrypt libgcrypt-1.4.4-fips-no-access.patch
Removed Files:
libgcrypt-1.2.2-lib64.patch
Log Message:
* Fri Jan 30 2009 Tomas Mraz <tmraz at redhat.com> 1.4.4-1
- update to 1.4.4
- do not abort when the fips mode kernel flag is inaccessible
due to permissions (#470219)
- hobble the library to drop the ECC support
--- NEW FILE hobble-libgcrypt ---
#!/bin/sh
# Quit out if anything fails.
set -e -x
# Clean out patent-or-otherwise-encumbered code.
# EC: ????????? ??/??/2015
rm -f cipher/ecc.c
libgcrypt-1.4.4-fips-no-access.patch:
--- NEW FILE libgcrypt-1.4.4-fips-no-access.patch ---
Do not abort when the fips mode flag is simply inaccessible because of
insufficient permissions.
diff -up libgcrypt-1.4.4/src/fips.c.no-access libgcrypt-1.4.4/src/fips.c
--- libgcrypt-1.4.4/src/fips.c.no-access 2009-01-29 17:37:12.000000000 +0100
+++ libgcrypt-1.4.4/src/fips.c 2009-01-29 17:37:15.000000000 +0100
@@ -155,6 +155,7 @@ _gcry_initialize_fips_mode (int force)
fclose (fp);
}
else if ((saved_errno = errno) != ENOENT
+ && saved_errno != EACCES
&& !access ("/proc/version", F_OK) )
{
/* Problem reading the fips file despite that we have the proc
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-10/.cvsignore,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- .cvsignore 18 Sep 2008 15:50:08 -0000 1.12
+++ .cvsignore 30 Jan 2009 15:50:19 -0000 1.13
@@ -1,17 +1 @@
-libgcrypt-1.2.0.tar.gz
-libgcrypt-1.2.1.tar.bz2
-libgcrypt-1.2.1.tar.bz2.sig
-libgcrypt-1.2.2.tar.bz2
-libgcrypt-1.2.2.tar.bz2.sig
-libgcrypt-1.2.3.tar.bz2
-libgcrypt-1.2.3.tar.bz2.sig
-libgcrypt-1.2.4.tar.bz2
-libgcrypt-1.2.4.tar.bz2.sig
-libgcrypt-1.4.0.tar.bz2
-libgcrypt-1.4.0.tar.bz2.sig
-libgcrypt-1.4.1.tar.bz2
-libgcrypt-1.4.1.tar.bz2.sig
-libgcrypt-1.4.2.tar.bz2
-libgcrypt-1.4.2.tar.bz2.sig
-libgcrypt-1.4.3.tar.bz2
-libgcrypt-1.4.3.tar.bz2.sig
+libgcrypt-1.4.4-hobbled.tar.bz2
Index: libgcrypt.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-10/libgcrypt.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- libgcrypt.spec 21 Oct 2008 04:51:58 -0000 1.32
+++ libgcrypt.spec 30 Jan 2009 15:50:19 -0000 1.33
@@ -1,9 +1,16 @@
Name: libgcrypt
-Version: 1.4.3
-Release: 2%{?dist}
-Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
-Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2.sig
+Version: 1.4.4
+Release: 1%{?dist}
+Source0: libgcrypt-%{version}-hobbled.tar.bz2
+# The original libgcrypt sources now contain potentially patented ECC
+# cipher support. We have to remove it in the tarball we ship with
+# the hobble-libgcrypt script.
+#Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
+#Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2.sig
Source2: wk at g10code.com
+Source3: hobble-libgcrypt
+Patch1: libgcrypt-1.4.4-fips-no-access.patch
+
# Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction.
License: LGPLv2+
Summary: A general-purpose cryptography library
@@ -29,13 +36,16 @@
%prep
%setup -q
+%{SOURCE3}
+%patch1 -p1 -b .no-access
%build
%configure --disable-static \
%ifarch sparc64
--disable-asm \
%endif
- --enable-noexecstack
+ --enable-noexecstack \
+ --enable-pubkey-ciphers='dsa elgamal rsa'
make %{?_smp_mflags}
%check
@@ -123,6 +133,12 @@
%{_infodir}/gcrypt.info*
%changelog
+* Fri Jan 30 2009 Tomas Mraz <tmraz at redhat.com> 1.4.4-1
+- update to 1.4.4
+- do not abort when the fips mode kernel flag is inaccessible
+ due to permissions (#470219)
+- hobble the library to drop the ECC support
+
* Mon Oct 20 2008 Dennis Gilmore <dennis at ausil.us> 1.4.3-2
- disable asm on sparc64
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-10/sources,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- sources 18 Sep 2008 15:50:08 -0000 1.12
+++ sources 30 Jan 2009 15:50:19 -0000 1.13
@@ -1,2 +1 @@
-46e50e811ed51f1e0e8dd677dded967d libgcrypt-1.4.3.tar.bz2
-b6c8495eaeb912aa612196a849039e74 libgcrypt-1.4.3.tar.bz2.sig
+12d3fec91c663b541d63e34eabddacc5 libgcrypt-1.4.4-hobbled.tar.bz2
--- libgcrypt-1.2.2-lib64.patch DELETED ---
- Previous message: rpms/allgeyer-fonts/devel allgeyer-fonts.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/sugar-chat/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 sugar-chat.spec, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list