hobbes1069 pushed to trustedqsl (f20). "Add patch to work around SSL MD5 certification verification being disabled in (..more)"

notifications at fedoraproject.org notifications at fedoraproject.org
Thu Apr 2 03:22:09 UTC 2015 

>From f5433cfe45c344c7b9aa962a11b3b0db81f74b03 Mon Sep 17 00:00:00 2001
From: "Richard M. Shaw" <hobbes1069 at gmail.com>
Date: Wed, 1 Apr 2015 22:11:44 -0500
Subject: Add patch to work around SSL MD5 certification verification being
 disabled in

  F21+, see https://bugzilla.redhat.com/show_bug.cgi?id=1202157

diff --git a/tqsl-ssl-md5.patch b/tqsl-ssl-md5.patch
new file mode 100644
index 0000000..82000de
--- /dev/null
+++ b/tqsl-ssl-md5.patch
@@ -0,0 +1,17 @@
+Workaround for F21+ disabling MD5 certificate verification.
+https://bugzilla.redhat.com/show_bug.cgi?id=1202157
+
+diff -Naur tqsl-2.0.3.orig/src/tqsllib.cpp tqsl-2.0.3/src/tqsllib.cpp
+--- tqsl-2.0.3.orig/src/tqsllib.cpp	2014-07-27 09:18:58.000000000 -0500
++++ tqsl-2.0.3/src/tqsllib.cpp	2015-03-18 07:40:56.110923223 -0500
+@@ -156,6 +156,10 @@
+ 	int wval;
+ #endif
+ 
++#if !defined(_WIN32) && !defined(__APPLE__)
++   setenv("OPENSSL_ENABLE_MD5_VERIFY", "1", 0);
++#endif
++
+ 	/* OpenSSL API tends to change between minor version numbers, so make sure
+ 	 * we're using the right version */
+ 	long SSLver = SSLeay();
diff --git a/trustedqsl.spec b/trustedqsl.spec
index e332617..4752182 100644
--- a/trustedqsl.spec
+++ b/trustedqsl.spec
@@ -8,13 +8,12 @@
 # The tsql library needs to maintain it's own release version otherwise it 
 # would not be "newer" than the installed version when the application release
 # resets to 1.
-%global libtqslrel 7%{?dist}
+%global libtqslrel 8%{?dist}
 
-%{?rhel: %global cmake %{cmake28}}
 
 Name:           trustedqsl
 Version:        %{tqslver}
-Release:        6%{?dist}
+Release:        7%{?dist}
 Summary:        TrustedQSL ham-radio applications
 License:        BSD
 URL:            http://sourceforge.net/projects/trustedqsl/
@@ -24,12 +23,12 @@ Source0:        http://downloads.sourceforge.net/%{name}/%{srcname}-%{version}.t
 Patch0:         tqsl-2.0-rpath.patch
 Patch1:         tqsl-tqsllib.patch
 Patch2:         tqsl-2.0.1-gcc44_pragma.patch
+Patch3:         tqsl-ssl-md5.patch
 
+BuildRequires:  cmake
 %if 0%{?rhel}
-BuildRequires:  cmake28
 BuildRequires:  db4-devel
 %else
-BuildRequires:  cmake
 BuildRequires:  libdb-devel
 %endif
 BuildRequires:  openssl-devel
@@ -76,6 +75,7 @@ contains the to develop with tqsllib.
 %if 0%{?rhel}
 %patch2 -p1 -b .pragma
 %endif
+%patch3 -p1
 
 
 %build
@@ -138,6 +138,10 @@ fi
 
 
 %changelog
+* Wed Mar 18 2015 Richard Shaw <hobbes1069 at gmail.com> - 2.0.3-7
+- Add patch to work around SSL MD5 certification verification being disabled in
+  F21+, see https://bugzilla.redhat.com/show_bug.cgi?id=1202157
+
 * Mon Sep  8 2014 Richard Shaw <hobbes1069 at gmail.com> - 2.0.3-6
 - Update to latest upstream release.
 - Add dist tag to libtqsl release and clean up the mess I made.
-- 
cgit v0.10.2


	http://pkgs.fedoraproject.org/cgit/trustedqsl.git/commit/?h=f20&id=f5433cfe45c344c7b9aa962a11b3b0db81f74b03

More information about the scm-commits mailing list