rpms/libgcrypt/F-9 hobble-libgcrypt, NONE, 1.1 libgcrypt-1.4.4-fips-no-access.patch, NONE, 1.1 .cvsignore, 1.9, 1.10 libgcrypt.spec, 1.28, 1.29 sources, 1.9, 1.10 libgcrypt-1.2.2-lib64.patch, 1.1, NONE libgcrypt-1.4.0-randinit.patch, 1.1, NONE
Tomáš Mráz
tmraz at fedoraproject.org
Fri Jan 30 15:58:08 UTC 2009
- Previous message: rpms/wsdl4j/devel wsdl4j-MANIFEST.MF, NONE, 1.1 wsdl4j.spec, 1.18, 1.19
- Next message: rpms/sugar-calculator/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 sugar-calculator.spec, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/libgcrypt/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24419
Modified Files:
.cvsignore libgcrypt.spec sources
Added Files:
hobble-libgcrypt libgcrypt-1.4.4-fips-no-access.patch
Removed Files:
libgcrypt-1.2.2-lib64.patch libgcrypt-1.4.0-randinit.patch
Log Message:
* Fri Jan 30 2009 Tomas Mraz <tmraz at redhat.com> 1.4.4-1
- update to 1.4.4
- do not abort when the fips mode kernel flag is inaccessible
due to permissions (#470219)
- hobble the library to drop the ECC support
--- NEW FILE hobble-libgcrypt ---
#!/bin/sh
# Quit out if anything fails.
set -e -x
# Clean out patent-or-otherwise-encumbered code.
# EC: ????????? ??/??/2015
rm -f cipher/ecc.c
libgcrypt-1.4.4-fips-no-access.patch:
--- NEW FILE libgcrypt-1.4.4-fips-no-access.patch ---
Do not abort when the fips mode flag is simply inaccessible because of
insufficient permissions.
diff -up libgcrypt-1.4.4/src/fips.c.no-access libgcrypt-1.4.4/src/fips.c
--- libgcrypt-1.4.4/src/fips.c.no-access 2009-01-29 17:37:12.000000000 +0100
+++ libgcrypt-1.4.4/src/fips.c 2009-01-29 17:37:15.000000000 +0100
@@ -155,6 +155,7 @@ _gcry_initialize_fips_mode (int force)
fclose (fp);
}
else if ((saved_errno = errno) != ENOENT
+ && saved_errno != EACCES
&& !access ("/proc/version", F_OK) )
{
/* Problem reading the fips file despite that we have the proc
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-9/.cvsignore,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- .cvsignore 10 Dec 2007 21:10:52 -0000 1.9
+++ .cvsignore 30 Jan 2009 15:57:37 -0000 1.10
@@ -1,11 +1 @@
-libgcrypt-1.2.0.tar.gz
-libgcrypt-1.2.1.tar.bz2
-libgcrypt-1.2.1.tar.bz2.sig
-libgcrypt-1.2.2.tar.bz2
-libgcrypt-1.2.2.tar.bz2.sig
-libgcrypt-1.2.3.tar.bz2
-libgcrypt-1.2.3.tar.bz2.sig
-libgcrypt-1.2.4.tar.bz2
-libgcrypt-1.2.4.tar.bz2.sig
-libgcrypt-1.4.0.tar.bz2
-libgcrypt-1.4.0.tar.bz2.sig
+libgcrypt-1.4.4-hobbled.tar.bz2
Index: libgcrypt.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-9/libgcrypt.spec,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- libgcrypt.spec 21 Oct 2008 04:48:26 -0000 1.28
+++ libgcrypt.spec 30 Jan 2009 15:57:37 -0000 1.29
@@ -1,14 +1,21 @@
Name: libgcrypt
-Version: 1.4.0
-Release: 4
-Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
-Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2.sig
+Version: 1.4.4
+Release: 1%{?dist}
+Source0: libgcrypt-%{version}-hobbled.tar.bz2
+# The original libgcrypt sources now contain potentially patented ECC
+# cipher support. We have to remove it in the tarball we ship with
+# the hobble-libgcrypt script.
+#Source0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2
+#Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-%{version}.tar.bz2.sig
Source2: wk at g10code.com
-Patch0: libgcrypt-1.4.0-randinit.patch
+Source3: hobble-libgcrypt
+Patch1: libgcrypt-1.4.4-fips-no-access.patch
+
+# Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction.
License: LGPLv2+
-Summary: A general-purpose cryptography library.
+Summary: A general-purpose cryptography library
BuildRoot: %{_tmppath}/%{name}-%{version}-root
-BuildRequires: gawk libgpg-error-devel pkgconfig
+BuildRequires: gawk, libgpg-error-devel >= 1.4, pkgconfig
Group: System Environment/Libraries
%package devel
@@ -29,15 +36,17 @@
%prep
%setup -q
-%patch0 -p0 -b .randinit
+%{SOURCE3}
+%patch1 -p1 -b .no-access
%build
%configure --disable-static \
%ifarch sparc64
--disable-asm \
%endif
- --enable-noexecstack
-make
+ --enable-noexecstack \
+ --enable-pubkey-ciphers='dsa elgamal rsa'
+make %{?_smp_mflags}
%check
make check
@@ -84,6 +93,10 @@
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}/
rm -f $RPM_BUILD_ROOT/root_marker
+# Create /etc/gcrypt (hardwired, not dependent on the configure invocation) so
+# that _someone_ owns it.
+mkdir -p -m 755 $RPM_BUILD_ROOT/etc/gcrypt
+
%clean
rm -fr $RPM_BUILD_ROOT
@@ -103,6 +116,7 @@
%files
%defattr(-,root,root)
+%dir /etc/gcrypt
/%{_lib}/*.so.*
#%{_libdir}/%{name}
@@ -110,6 +124,7 @@
%defattr(-,root,root)
%{_bindir}/%{name}-config
%{_bindir}/dumpsexp
+%{_bindir}/hmac256
%{_includedir}/*
%{_libdir}/*.so
%{_datadir}/aclocal/*
@@ -118,9 +133,31 @@
%{_infodir}/gcrypt.info*
%changelog
-* Tue Oct 14 2008 Dennis Gilmore <dennis at ausil.us> 1.4.0-4
+* Fri Jan 30 2009 Tomas Mraz <tmraz at redhat.com> 1.4.4-1
+- update to 1.4.4
+- do not abort when the fips mode kernel flag is inaccessible
+ due to permissions (#470219)
+- hobble the library to drop the ECC support
+
+* Mon Oct 20 2008 Dennis Gilmore <dennis at ausil.us> 1.4.3-2
- disable asm on sparc64
+* Thu Sep 18 2008 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-1
+- update to 1.4.3
+- own /etc/gcrypt
+
+* Mon Sep 15 2008 Nalin Dahyabhai <nalin at redhat.com>
+- invoke make with %%{?_smp_mflags} to build faster on multi-processor
+ systems (Steve Grubb)
+
+* Mon Sep 8 2008 Nalin Dahyabhai <nalin at redhat.com> 1.4.2-1
+- update to 1.4.2
+
+* Tue Apr 29 2008 Nalin Dahyabhai <nalin at redhat.com> 1.4.1-1
+- update to 1.4.1
+- bump libgpgerror-devel requirement to 1.4, matching the requirement enforced
+ by the configure script
+
* Thu Apr 3 2008 Joe Orton <jorton at redhat.com> 1.4.0-3
- add patch from upstream to fix severe performance regression
in entropy gathering
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/libgcrypt/F-9/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 10 Dec 2007 21:10:52 -0000 1.9
+++ sources 30 Jan 2009 15:57:38 -0000 1.10
@@ -1,2 +1 @@
-b013f798a1088afb07336bce5a9c24c5 libgcrypt-1.4.0.tar.bz2
-43e1b54d34732709bbec024512224450 libgcrypt-1.4.0.tar.bz2.sig
+12d3fec91c663b541d63e34eabddacc5 libgcrypt-1.4.4-hobbled.tar.bz2
--- libgcrypt-1.2.2-lib64.patch DELETED ---
--- libgcrypt-1.4.0-randinit.patch DELETED ---
- Previous message: rpms/wsdl4j/devel wsdl4j-MANIFEST.MF, NONE, 1.1 wsdl4j.spec, 1.18, 1.19
- Next message: rpms/sugar-calculator/devel .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 sugar-calculator.spec, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list