Browse code
gnutls : Add default_priority.patch (Bug 2038359)
Change-Id: I0558d6a528962884110c95bc6b73107fc968d280
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4761
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
Xiaolin Li authored on 2018/02/10 05:50:37Showing 2 changed files
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: The GnuTLS Transport Layer Security Library |
| 2 | 2 |
Name: gnutls |
| 3 | 3 |
Version: 3.5.15 |
| 4 |
-Release: 1%{?dist}
|
|
| 4 |
+Release: 2%{?dist}
|
|
| 5 | 5 |
License: GPLv3+ and LGPLv2+ |
| 6 | 6 |
URL: http://www.gnutls.org |
| 7 | 7 |
Source0: http://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/gnutls/v3.5/%{name}-%{version}.tar.xz
|
| ... | ... |
@@ -9,6 +9,7 @@ Source0: http://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/gnutls/v3.5/%{
|
| 9 | 9 |
Group: System Environment/Libraries |
| 10 | 10 |
Vendor: VMware, Inc. |
| 11 | 11 |
Distribution: Photon |
| 12 |
+Patch0: gnutls_3.5.15_default_priority.patch |
|
| 12 | 13 |
BuildRequires: nettle-devel |
| 13 | 14 |
BuildRequires: autogen-libopts-devel |
| 14 | 15 |
BuildRequires: libtasn1-devel |
| ... | ... |
@@ -35,6 +36,7 @@ developing applications that use gnutls. |
| 35 | 35 |
|
| 36 | 36 |
%prep |
| 37 | 37 |
%setup -q |
| 38 |
+%patch0 -p1 |
|
| 38 | 39 |
%build |
| 39 | 40 |
# check for trust store file presence |
| 40 | 41 |
[ -f %{_sysconfdir}/pki/tls/certs/ca-bundle.crt ] || exit 1
|
| ... | ... |
@@ -76,6 +78,8 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}
|
| 76 | 76 |
%{_libdir}/*.so
|
| 77 | 77 |
%{_libdir}/pkgconfig/*.pc
|
| 78 | 78 |
%changelog |
| 79 |
+* Fri Feb 09 2018 Xiaolin Li <xiaolinl@vmware.com> 3.5.15-2 |
|
| 80 |
+- Add default_priority.patch. |
|
| 79 | 81 |
* Tue Oct 17 2017 Xiaolin Li <xiaolinl@vmware.com> 3.5.15-1 |
| 80 | 82 |
- Update to 3.5.15. Fixes CVE-2017-7507 |
| 81 | 83 |
* Thu May 04 2017 Xiaolin Li <xiaolinl@vmware.com> 3.4.11-4 |
| ... | ... |
@@ -86,7 +90,7 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}
|
| 86 | 86 |
- GA - Bump release of all rpms |
| 87 | 87 |
* Wed Apr 27 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.11-1 |
| 88 | 88 |
- Updated to version 3.4.11 |
| 89 |
-* Thu Feb 23 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.9-1 |
|
| 89 |
+* Tue Feb 23 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.9-1 |
|
| 90 | 90 |
- Updated to version 3.4.9 |
| 91 | 91 |
* Thu Jan 14 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.8-1 |
| 92 | 92 |
- Updated to version 3.4.8 |
| 93 | 93 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,30 @@ |
| 0 |
+diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c |
|
| 1 |
+index 50d3d09..8c32d1c 100644 |
|
| 2 |
+--- a/lib/priority.c |
|
| 3 |
+@@ -1217,6 +1217,7 @@ gnutls_priority_init(gnutls_priority_t * priority_cache, |
|
| 4 |
+ rmadd_func *fn; |
|
| 5 |
+ bulk_rmadd_func *bulk_fn; |
|
| 6 |
+ bulk_rmadd_func *bulk_given_fn; |
|
| 7 |
++ unsigned int default_set = 0; |
|
| 8 |
+ const cipher_entry_st *centry; |
|
| 9 |
+ |
|
| 10 |
+ if (err_pos) |
|
| 11 |
+@@ -1236,9 +1237,16 @@ gnutls_priority_init(gnutls_priority_t * priority_cache, |
|
| 12 |
+ (*priority_cache)->min_record_version = 1; |
|
| 13 |
+ |
|
| 14 |
+ if (priorities == NULL) |
|
| 15 |
+- priorities = DEFAULT_PRIORITY_STRING; |
|
| 16 |
++ {
|
|
| 17 |
++ priorities = "@SYSTEM"; |
|
| 18 |
++ default_set = 1; |
|
| 19 |
++ } |
|
| 20 |
+ |
|
| 21 |
+ darg = _gnutls_resolve_priorities(priorities); |
|
| 22 |
++ if (darg == NULL && default_set == 1) {
|
|
| 23 |
++ priorities = "NORMAL"; |
|
| 24 |
++ darg = _gnutls_resolve_priorities(priorities); |
|
| 25 |
++ } |
|
| 26 |
+ if (darg == NULL) {
|
|
| 27 |
+ gnutls_assert(); |
|
| 28 |
+ goto error; |