[packages/openssl] up to 1.1.1f

Sun Apr 5 01:29:55 CEST 2020

commit 0f941342df87aa4a42e6708a1ee8d54fbab8fd0f
Author: Jan Palus <atler at pld-linux.org>
Date:   Sun Apr 5 01:29:38 2020 +0200

    up to 1.1.1f

 bug-11378.patch | 123 --------------------------------------------------------
 openssl.spec    |   6 +--
 2 files changed, 2 insertions(+), 127 deletions(-)
---

diff --git a/openssl.spec b/openssl.spec
index 948b2bd..93db123 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -16,19 +16,18 @@ Summary(uk.UTF-8):	Бібліотеки та утиліти для з'єднан
 Name:		openssl
 # Version 1.1.1 is LTS, supported until 2023-09-11.
 # https://www.openssl.org/about/releasestrat.html
-Version:	1.1.1e
+Version:	1.1.1f
 Release:	1
 License:	Apache-like
 Group:		Libraries
 Source0:	https://www.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5:	baeff2a64d2f3d7e0a69b677c9977b57
+# Source0-md5:	3f486f2f4435ef14b81814dbbc7b48bb
 Source2:	%{name}.1.pl
 Source3:	%{name}-ssl-certificate.sh
 Source4:	%{name}-c_rehash.sh
 Patch1:		%{name}-optflags.patch
 
 Patch3:		%{name}-man-namespace.patch
-Patch4:		bug-11378.patch
 Patch5:		%{name}-ca-certificates.patch
 Patch6:		%{name}-no-win32.patch
 Patch7:		%{name}-find.patch
@@ -258,7 +257,6 @@ RC4, RSA и SSL. Включает статические библиотеки д
 %patch1 -p1
 
 %patch3 -p1
-%patch4 -p1
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
diff --git a/bug-11378.patch b/bug-11378.patch
deleted file mode 100644
index 9d2138a..0000000
--- a/bug-11378.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-From 30d190caf311d534867df97e26b552e628cb7d85 Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tmraz at fedoraproject.org>
-Date: Wed, 25 Mar 2020 14:15:31 +0100
-Subject: [PATCH] Partially revert "Detect EOF while reading in libssl"
-
-This partially reverts commit db943f43a60d1b5b1277e4b5317e8f288e7a0a3a.
-
-Reviewed-by: Matt Caswell <matt at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/11400)
----
- crypto/err/openssl.txt    | 1 -
- include/openssl/sslerr.h  | 3 +--
- ssl/record/rec_layer_s3.c | 6 ------
- ssl/ssl_err.c             | 4 +---
- 4 files changed, 2 insertions(+), 12 deletions(-)
-
-diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
-index f5324c6819d8..35512f9caf96 100644
---- a/crypto/err/openssl.txt
-+++ b/crypto/err/openssl.txt
-@@ -2852,7 +2852,6 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
- SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
- SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
- SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
--SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
- SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
- SSL_R_UNEXPECTED_RECORD:245:unexpected record
- SSL_R_UNINITIALIZED:276:uninitialized
-diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
-index 0ef684f3c131..ba4c4ae5fbd3 100644
---- a/include/openssl/sslerr.h
-+++ b/include/openssl/sslerr.h
-@@ -1,6 +1,6 @@
- /*
-  * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
-  *
-  * Licensed under the OpenSSL license (the "License").  You may not use
-  * this file except in compliance with the License.  You can obtain a copy
-@@ -734,7 +734,6 @@ int ERR_load_SSL_strings(void);
- # define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
- # define SSL_R_UNEXPECTED_CCS_MESSAGE                     262
- # define SSL_R_UNEXPECTED_END_OF_EARLY_DATA               178
--# define SSL_R_UNEXPECTED_EOF_WHILE_READING               294
- # define SSL_R_UNEXPECTED_MESSAGE                         244
- # define SSL_R_UNEXPECTED_RECORD                          245
- # define SSL_R_UNINITIALIZED                              276
-diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
-index 1c885a664f35..b2a7a47eb075 100644
---- a/ssl/record/rec_layer_s3.c
-+++ b/ssl/record/rec_layer_s3.c
-@@ -296,12 +296,6 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
-             ret = BIO_read(s->rbio, pkt + len + left, max - left);
-             if (ret >= 0)
-                 bioread = ret;
--            if (ret <= 0
--                    && !BIO_should_retry(s->rbio)
--                    && BIO_eof(s->rbio)) {
--                SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_READ_N,
--                         SSL_R_UNEXPECTED_EOF_WHILE_READING);
--            }
-         } else {
-             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N,
-                      SSL_R_READ_BIO_NOT_SET);
-diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
-index a0c7b79659d4..4b12ed1485d9 100644
---- a/ssl/ssl_err.c
-+++ b/ssl/ssl_err.c
-@@ -1,6 +1,6 @@
- /*
-  * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
-  *
-  * Licensed under the OpenSSL license (the "License").  You may not use
-  * this file except in compliance with the License.  You can obtain a copy
-@@ -1205,8 +1205,6 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
-     "unexpected ccs message"},
-     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
-     "unexpected end of early data"},
--    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_EOF_WHILE_READING),
--    "unexpected eof while reading"},
-     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
-     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_RECORD), "unexpected record"},
-     {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
-From 0cd2ee64bffcdece599c3e4b5fac3830a55dc0fa Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tmraz at fedoraproject.org>
-Date: Wed, 25 Mar 2020 14:18:13 +0100
-Subject: [PATCH] Document the revert of the proper reporting of an unexpected
- EOF
-
-Reviewed-by: Matt Caswell <matt at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/11400)
----
- CHANGES                    |  7 +++++++
- NEWS                       |  4 +++-
- doc/man3/SSL_get_error.pod | 12 ++++++++++++
- 3 files changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/doc/man3/SSL_get_error.pod b/doc/man3/SSL_get_error.pod
-index 97320a6c153f..6ef6f7d4c5cb 100644
---- a/doc/man3/SSL_get_error.pod
-+++ b/doc/man3/SSL_get_error.pod
-@@ -155,6 +155,18 @@ connection and SSL_shutdown() must not be called.
- 
- =back
- 
-+=head1 BUGS
-+
-+The B<SSL_ERROR_SYSCALL> with B<errno> value of 0 indicates unexpected EOF from
-+the peer. This will be properly reported as B<SSL_ERROR_SSL> with reason
-+code B<SSL_R_UNEXPECTED_EOF_WHILE_READING> in the OpenSSL 3.0 release because
-+it is truly a TLS protocol error to terminate the connection without
-+a SSL_shutdown().
-+
-+The issue is kept unfixed in OpenSSL 1.1.1 releases because many applications
-+which choose to ignore this protocol error depend on the existing way of
-+reporting the error.
-+
- =head1 SEE ALSO
- 
- L<ssl(7)>
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/openssl.git/commitdiff/0f941342df87aa4a42e6708a1ee8d54fbab8fd0f

