1. photon
  2. Commit be8605feeb63ed827664a93a1ce521b5dd1f4f92
Browse code

gnutls : Add default_priority.patch (Bug 2038359)

Change-Id: I36a5f46ce926d257e6ec13c11492e9d92dd7a13e
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4763
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George

Xiaolin Li authored on 2018/02/10 08:02:51
Showing 2 changed files
SPECS/gnutls/gnutls.spec
History View file @ be8605f
... ... 
@@ -1,7 +1,7 @@
1 1 
 Summary:        The GnuTLS Transport Layer Security Library
2 2 
 Name:           gnutls
3 3 
 Version:        3.5.15
4 
-Release:        1%{?dist}
4 
+Release:        2%{?dist}
5 5 
 License:        GPLv3+ and LGPLv2+
6 6 
 URL:            http://www.gnutls.org
7 7 
 Source0:        https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5/%{name}-%{version}.tar.xz
... ... 
@@ -9,6 +9,7 @@ Source0:        https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5/%{name}-%{version}.
9 9 
 Group:          System Environment/Libraries
10 10 
 Vendor:         VMware, Inc.
11 11 
 Distribution:   Photon
12 
+Patch0:         gnutls_3.5.15_default_priority.patch
12 13 
 BuildRequires:  nettle-devel
13 14 
 BuildRequires:  autogen-libopts-devel
14 15 
 BuildRequires:  libtasn1-devel
... ... 
@@ -36,7 +37,7 @@ developing applications that use gnutls.
36 36
37 37 
 %prep
38 38 
 %setup -q
39 
-
39 
+%patch0 -p1
40 40 
 %build
41 41 
 # check for trust store file presence
42 42 
 [ -f %{_sysconfdir}/pki/tls/certs/ca-bundle.crt ] || exit 1
... ... 
@@ -80,6 +81,8 @@ make %{?_smp_mflags} check
80 80 
 %{_mandir}/man3/*
81 81
82 82 
 %changelog
83 
+*   Fri Feb 09 2018 Xiaolin Li <xiaolinl@vmware.com> 3.5.15-2
84 
+-   Add default_priority.patch.
83 85 
 *   Tue Oct 10 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 3.5.15-1
84 86 
 -   Update to 3.5.15. Fixes CVE-2017-7507
85 87 
 *   Thu Apr 13 2017 Danut Moraru <dmoraru@vmware.com> 3.5.10-1
... ... 
@@ -92,7 +95,7 @@ make %{?_smp_mflags} check
92 92 
 -   GA - Bump release of all rpms
93 93 
 *   Wed Apr 27 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.11-1
94 94 
 -   Updated to version 3.4.11
95 
-*   Thu Feb 23 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.9-1
95 
+*   Tue Feb 23 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.9-1
96 96 
 -   Updated to version 3.4.9
97 97 
 *   Thu Jan 14 2016 Xiaolin Li <xiaolinl@vmware.com> 3.4.8-1
98 98 
 -   Updated to version 3.4.8
SPECS/gnutls/gnutls_3.5.15_default_priority.patch
History View file @ be8605f
99 99 
new file mode 100644
... ... 
@@ -0,0 +1,30 @@
0 
+diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
1 
+index 50d3d09..8c32d1c 100644
2 
+--- a/lib/priority.c
3 
+@@ -1217,6 +1217,7 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,
4 
+ 	rmadd_func *fn;
5 
+ 	bulk_rmadd_func *bulk_fn;
6 
+ 	bulk_rmadd_func *bulk_given_fn;
7 
++	unsigned int default_set = 0;
8 
+ 	const cipher_entry_st *centry;
9 
+
10 
+ 	if (err_pos)
11 
+@@ -1236,9 +1237,16 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,
12 
+ 	(*priority_cache)->min_record_version = 1;
13 
+
14 
+ 	if (priorities == NULL)
15 
+-		priorities = DEFAULT_PRIORITY_STRING;
16 
++	{
17 
++		priorities = "@SYSTEM";
18 
++		default_set = 1;
19 
++	}
20 
+
21 
+ 	darg = _gnutls_resolve_priorities(priorities);
22 
++	if (darg == NULL && default_set == 1) {
23 
++		priorities = "NORMAL";
24 
++		darg = _gnutls_resolve_priorities(priorities);
25 
++	}
26 
+ 	if (darg == NULL) {
27 
+ 		gnutls_assert();
28 
+ 		goto error;