smani pushed to omniORB (master). "Add omniORB-4.2.0-peer-details.patch"
notifications at fedoraproject.org
notifications at fedoraproject.org
Sat Apr 11 09:57:57 UTC 2015
>From 2888e0939f99854aaa9c4cbc23017c9c7bd375ba Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro at gmail.com>
Date: Sat, 11 Apr 2015 11:56:41 +0200
Subject: Add omniORB-4.2.0-peer-details.patch
diff --git a/omniORB-4.2.0-peer-details.patch b/omniORB-4.2.0-peer-details.patch
new file mode 100644
index 0000000..b52cb74
--- /dev/null
+++ b/omniORB-4.2.0-peer-details.patch
@@ -0,0 +1,93 @@
+diff -rupN omniORB-4.2.0/src/lib/omniORB/orbcore/ssl/sslConnection.cc omniORB-4.2.0-new/src/lib/omniORB/orbcore/ssl/sslConnection.cc
+--- omniORB-4.2.0/src/lib/omniORB/orbcore/ssl/sslConnection.cc 2015-04-09 10:39:35.564759309 +0300
++++ omniORB-4.2.0-new/src/lib/omniORB/orbcore/ssl/sslConnection.cc 2015-04-09 10:33:35.000000000 +0300
+@@ -332,6 +332,7 @@ sslConnection::gatekeeperCheckSpecific(g
+ case SSL_ERROR_NONE:
+ tcpSocket::setBlocking(pd_socket);
+ pd_handshake_ok = 1;
++ setPeerDetails() ;
+ return 1;
+
+ case SSL_ERROR_WANT_READ:
+@@ -405,6 +406,39 @@ sslConnection::sslConnection(SocketHandl
+ tcpSocket::setCloseOnExec(sock);
+
+ belong_to->addSocket(this);
++}
++
++/////////////////////////////////////////////////////////////////////////
++sslConnection::~sslConnection() {
++
++ clearSelectable();
++ pd_belong_to->removeSocket(this);
++
++ if (pd_peercert) {
++ X509_free(pd_peercert);
++ pd_peercert = 0;
++ }
++
++ if (pd_ssl != 0) {
++ if (SSL_get_shutdown(pd_ssl) == 0) {
++ SSL_set_shutdown(pd_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
++ SSL_shutdown(pd_ssl);
++ }
++ SSL_free(pd_ssl);
++ pd_ssl = 0;
++ }
++
++ CLOSESOCKET(pd_socket);
++}
++
++/////////////////////////////////////////////////////////////////////////
++void
++sslConnection::setPeerDetails() {
++
++ if (pd_peercert)
++ X509_free (pd_peercert) ;
++
++ pd_peercert = 0 ;
+
+ // Determine our peer identity, if there is one
+ X509 *peer_cert = SSL_get_peer_certificate(pd_ssl);
+@@ -468,29 +502,6 @@ sslConnection::sslConnection(SocketHandl
+ }
+
+ /////////////////////////////////////////////////////////////////////////
+-sslConnection::~sslConnection() {
+-
+- clearSelectable();
+- pd_belong_to->removeSocket(this);
+-
+- if (pd_peercert) {
+- X509_free(pd_peercert);
+- pd_peercert = 0;
+- }
+-
+- if (pd_ssl != 0) {
+- if (SSL_get_shutdown(pd_ssl) == 0) {
+- SSL_set_shutdown(pd_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+- SSL_shutdown(pd_ssl);
+- }
+- SSL_free(pd_ssl);
+- pd_ssl = 0;
+- }
+-
+- CLOSESOCKET(pd_socket);
+-}
+-
+-/////////////////////////////////////////////////////////////////////////
+ void
+ sslConnection::setSelectable(int now,
+ CORBA::Boolean data_in_buffer) {
+diff -rupN omniORB-4.2.0/src/lib/omniORB/orbcore/ssl/sslConnection.h omniORB-4.2.0-new/src/lib/omniORB/orbcore/ssl/sslConnection.h
+--- omniORB-4.2.0/src/lib/omniORB/orbcore/ssl/sslConnection.h 2015-04-09 10:39:35.564759309 +0300
++++ omniORB-4.2.0-new/src/lib/omniORB/orbcore/ssl/sslConnection.h 2015-04-09 10:26:58.000000000 +0300
+@@ -77,6 +77,8 @@ public:
+
+
+ private:
++ void setPeerDetails();
++
+ ::SSL* pd_ssl;
+ CORBA::String_var pd_myaddress;
+ CORBA::String_var pd_peeraddress;
diff --git a/omniORB.spec b/omniORB.spec
index 7ad03f8..9d88588 100644
--- a/omniORB.spec
+++ b/omniORB.spec
@@ -13,7 +13,7 @@
Name: omniORB
Version: 4.2.0
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: A robust high performance CORBA ORB for C++ and Python
Group: System Environment/Libraries
@@ -28,6 +28,8 @@ Source4: omniNames.service
Patch0: omniORB-4.2.0-fsf-address.patch
# fix -Werror=format-security issue
Patch1: omniORB-4.2.0-format-security.patch
+# Bug 1210340 - omniORB loses SSL peer information
+Patch2: omniORB-4.2.0-peer-details.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: python-devel
@@ -101,6 +103,7 @@ developing applications that use %{name}.
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
%build
%configure --disable-static %{?with_openssl:--with-openssl=%{_prefix}}
@@ -247,6 +250,9 @@ fi
%changelog
+* Sat Apr 11 2015 Sandro Mani <manisandro at gmail.com> - 4.2.0-4
+- Add patch for bug #1210340 (omniORB loses SSL peer information), thanks Alexey Kosilin
+
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/omniORB.git/commit/?h=master&id=2888e0939f99854aaa9c4cbc23017c9c7bd375ba
More information about the scm-commits
mailing list