From 2a9322cfb09d6e91f93fe9b084a2097fc36d9c8b Mon Sep 17 00:00:00 2001 From: Thomas Moschny Date: Thu, 19 Nov 2009 21:20:43 +0000 Subject: [PATCH 1/8] Update to 1.8.8. --- .cvsignore | 2 +- botan-1.8.8-binutils_lea_offset.patch | 28 +++++++++++++++++++++++++++ botan.spec | 13 +++++++++++-- import.log | 1 + sources | 2 +- 5 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 botan-1.8.8-binutils_lea_offset.patch diff --git a/.cvsignore b/.cvsignore index 55db4c0..9c8172c 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -Botan-1.8.7.tbz +Botan-1.8.8.tbz diff --git a/botan-1.8.8-binutils_lea_offset.patch b/botan-1.8.8-binutils_lea_offset.patch new file mode 100644 index 0000000..2028a6f --- /dev/null +++ b/botan-1.8.8-binutils_lea_offset.patch @@ -0,0 +1,28 @@ +# +# +# patch "src/hash/sha1_amd64/sha1_amd64_imp.S" +# from [dd263db10309950dec501dd9257a8df43cf6c6aa] +# to [ab1db7a394b41a1d3b9a63a6e8e1571e4671b962] +# +============================================================ +--- src/hash/sha1_amd64/sha1_amd64_imp.S dd263db10309950dec501dd9257a8df43cf6c6aa ++++ src/hash/sha1_amd64/sha1_amd64_imp.S ab1db7a394b41a1d3b9a63a6e8e1571e4671b962 +@@ -103,10 +103,16 @@ ALIGN; + + subq $320, W + ++/* ++* Using negative values for SHA-1 constants > 2^31 to work around ++* a bug in binutils not accepting large lea displacements. ++* -0x70E44324 == 0x8F1BBCDC ++* -0x359D3E2A == 0xCA62C1D6 ++*/ + #define MAGIC1 0x5A827999 + #define MAGIC2 0x6ED9EBA1 +-#define MAGIC3 0x8F1BBCDC +-#define MAGIC4 0xCA62C1D6 ++#define MAGIC3 -0x70E44324 ++#define MAGIC4 -0x359D3E2A + + #define T %esi + #define T2 %eax diff --git a/botan.spec b/botan.spec index 419c12d..476abd4 100644 --- a/botan.spec +++ b/botan.spec @@ -1,12 +1,13 @@ Name: botan -Version: 1.8.7 -Release: 1%{?dist} +Version: 1.8.8 +Release: 2%{?dist} Summary: Crypto library written in C++ Group: System Environment/Libraries License: BSD URL: http://botan.randombit.net/ Source0: http://files.randombit.net/botan/Botan-%{version}.tbz +Patch0: botan-1.8.8-binutils_lea_offset.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gcc-c++ @@ -45,6 +46,7 @@ developing applications that use %{name}. %prep %setup -q -n Botan-%{version} +%patch0 -p0 %build @@ -110,6 +112,13 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./check --validate %changelog +* Thu Nov 19 2009 Thomas Moschny - 1.8.8-2 +- Add patch from upstream to build with binutils-2.20.51.0.2. + Fixes bz 538949 (ftbfs). + +* Thu Nov 5 2009 Thomas Moschny - 1.8.8-1 +- Update to 1.8.8, a bugfix release. + * Thu Sep 10 2009 Thomas Moschny - 1.8.7-1 - Update to 1.8.7. This is mainly a bugfix release. diff --git a/import.log b/import.log index ab1d9cd..eda575b 100644 --- a/import.log +++ b/import.log @@ -6,3 +6,4 @@ botan-1_8_5-1_fc11:HEAD:botan-1.8.5-1.fc11.src.rpm:1250098169 botan-1_8_5-2_fc11:HEAD:botan-1.8.5-2.fc11.src.rpm:1250099364 botan-1_8_6-1_fc11:HEAD:botan-1.8.6-1.fc11.src.rpm:1250178270 botan-1_8_7-1_fc11:HEAD:botan-1.8.7-1.fc11.src.rpm:1252614441 +botan-1_8_8-2_fc12:F-12:botan-1.8.8-2.fc12.src.rpm:1258665588 diff --git a/sources b/sources index ec98c68..fddfa1e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c607e31b012d9839fd0a1da24ff85e3d Botan-1.8.7.tbz +cb7cf79c34414cdf1f7a25569d7b82ac Botan-1.8.8.tbz From 3f2968843d74bc9318322fa5397656472d499699 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Thu, 26 Nov 2009 01:23:03 +0000 Subject: [PATCH 2/8] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index c931fe6..d529283 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,10 @@ # Makefile for source rpm: botan -# $Id$ +# $Id: Makefile,v 1.1 2009/01/18 22:29:46 kevin Exp $ NAME := botan SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From f4bd32ef8c2cd968e9c3b790ed4227d3b12e435a Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 8 May 2010 01:44:08 +0000 Subject: [PATCH 3/8] Initialize branch EL-6 for botan --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..46381b9 --- /dev/null +++ b/branch @@ -0,0 +1 @@ +EL-6 From b528da8f623cf1a7f7be0fb9053d88cfa2510686 Mon Sep 17 00:00:00 2001 From: Thomas Moschny Date: Sat, 3 Jul 2010 10:55:01 +0000 Subject: [PATCH 4/8] Update to 1.8.9. --- .cvsignore | 2 +- botan-1.8.8-binutils_lea_offset.patch | 28 --------------------------- botan.spec | 10 ++++++---- import.log | 1 + sources | 2 +- 5 files changed, 9 insertions(+), 34 deletions(-) delete mode 100644 botan-1.8.8-binutils_lea_offset.patch diff --git a/.cvsignore b/.cvsignore index 9c8172c..78fb1c1 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -Botan-1.8.8.tbz +Botan-1.8.9.tbz diff --git a/botan-1.8.8-binutils_lea_offset.patch b/botan-1.8.8-binutils_lea_offset.patch deleted file mode 100644 index 2028a6f..0000000 --- a/botan-1.8.8-binutils_lea_offset.patch +++ /dev/null @@ -1,28 +0,0 @@ -# -# -# patch "src/hash/sha1_amd64/sha1_amd64_imp.S" -# from [dd263db10309950dec501dd9257a8df43cf6c6aa] -# to [ab1db7a394b41a1d3b9a63a6e8e1571e4671b962] -# -============================================================ ---- src/hash/sha1_amd64/sha1_amd64_imp.S dd263db10309950dec501dd9257a8df43cf6c6aa -+++ src/hash/sha1_amd64/sha1_amd64_imp.S ab1db7a394b41a1d3b9a63a6e8e1571e4671b962 -@@ -103,10 +103,16 @@ ALIGN; - - subq $320, W - -+/* -+* Using negative values for SHA-1 constants > 2^31 to work around -+* a bug in binutils not accepting large lea displacements. -+* -0x70E44324 == 0x8F1BBCDC -+* -0x359D3E2A == 0xCA62C1D6 -+*/ - #define MAGIC1 0x5A827999 - #define MAGIC2 0x6ED9EBA1 --#define MAGIC3 0x8F1BBCDC --#define MAGIC4 0xCA62C1D6 -+#define MAGIC3 -0x70E44324 -+#define MAGIC4 -0x359D3E2A - - #define T %esi - #define T2 %eax diff --git a/botan.spec b/botan.spec index 476abd4..e749bfc 100644 --- a/botan.spec +++ b/botan.spec @@ -1,13 +1,12 @@ Name: botan -Version: 1.8.8 -Release: 2%{?dist} +Version: 1.8.9 +Release: 1%{?dist} Summary: Crypto library written in C++ Group: System Environment/Libraries License: BSD URL: http://botan.randombit.net/ Source0: http://files.randombit.net/botan/Botan-%{version}.tbz -Patch0: botan-1.8.8-binutils_lea_offset.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gcc-c++ @@ -46,7 +45,6 @@ developing applications that use %{name}. %prep %setup -q -n Botan-%{version} -%patch0 -p0 %build @@ -112,6 +110,10 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./check --validate %changelog +* Wed Jun 16 2010 Thomas Moschny - 1.8.9-1 +- Update to 1.8.9. +- Drop patch applied upstream. + * Thu Nov 19 2009 Thomas Moschny - 1.8.8-2 - Add patch from upstream to build with binutils-2.20.51.0.2. Fixes bz 538949 (ftbfs). diff --git a/import.log b/import.log index eda575b..f0d0a0f 100644 --- a/import.log +++ b/import.log @@ -7,3 +7,4 @@ botan-1_8_5-2_fc11:HEAD:botan-1.8.5-2.fc11.src.rpm:1250099364 botan-1_8_6-1_fc11:HEAD:botan-1.8.6-1.fc11.src.rpm:1250178270 botan-1_8_7-1_fc11:HEAD:botan-1.8.7-1.fc11.src.rpm:1252614441 botan-1_8_8-2_fc12:F-12:botan-1.8.8-2.fc12.src.rpm:1258665588 +botan-1_8_9-1_fc13:EL-6:botan-1.8.9-1.fc13.src.rpm:1278154446 diff --git a/sources b/sources index fddfa1e..c781008 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -cb7cf79c34414cdf1f7a25569d7b82ac Botan-1.8.8.tbz +2c1c55ae4f5bae9f6ad516e1ada2100f Botan-1.8.9.tbz From 2862ade78751f55d28346342e2147e4e51636dd1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 11:13:33 +0000 Subject: [PATCH 5/8] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- branch | 1 - import.log | 10 ---------- 4 files changed, 32 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch delete mode 100644 import.log diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index d529283..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: botan -# $Id: Makefile,v 1.1 2009/01/18 22:29:46 kevin Exp $ -NAME := botan -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/branch b/branch deleted file mode 100644 index 46381b9..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -EL-6 diff --git a/import.log b/import.log deleted file mode 100644 index f0d0a0f..0000000 --- a/import.log +++ /dev/null @@ -1,10 +0,0 @@ -botan-1_8_0-2_fc10:HEAD:botan-1.8.0-2.fc10.src.rpm:1232354502 -botan-1_8_1-1_fc10:HEAD:botan-1.8.1-1.fc10.src.rpm:1232633562 -botan-1_8_1-4_fc10:HEAD:botan-1.8.1-4.fc10.src.rpm:1237195036 -botan-1_8_2-1_fc10:HEAD:botan-1.8.2-1.fc10.src.rpm:1240683730 -botan-1_8_5-1_fc11:HEAD:botan-1.8.5-1.fc11.src.rpm:1250098169 -botan-1_8_5-2_fc11:HEAD:botan-1.8.5-2.fc11.src.rpm:1250099364 -botan-1_8_6-1_fc11:HEAD:botan-1.8.6-1.fc11.src.rpm:1250178270 -botan-1_8_7-1_fc11:HEAD:botan-1.8.7-1.fc11.src.rpm:1252614441 -botan-1_8_8-2_fc12:F-12:botan-1.8.8-2.fc12.src.rpm:1258665588 -botan-1_8_9-1_fc13:EL-6:botan-1.8.9-1.fc13.src.rpm:1278154446 From b512a893c498ab2ae9d0a6a86f1a3f165125eeef Mon Sep 17 00:00:00 2001 From: Thomas Moschny Date: Sat, 10 May 2014 16:16:59 +0200 Subject: [PATCH 6/8] Add patch to fix prime testing. --- botan-1.8.14-fix_prime_testing.patch | 14 ++++++++++++++ botan.spec | 9 ++++++++- 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 botan-1.8.14-fix_prime_testing.patch diff --git a/botan-1.8.14-fix_prime_testing.patch b/botan-1.8.14-fix_prime_testing.patch new file mode 100644 index 0000000..5698c6a --- /dev/null +++ b/botan-1.8.14-fix_prime_testing.patch @@ -0,0 +1,14 @@ +============================================================ +--- src/math/numbertheory/numthry.cpp e810b1dace1f2f07c3fceabddb59844a8807d58f ++++ src/math/numbertheory/numthry.cpp 03df310d0075893ff7b86ca57867fa0f0293c22e +@@ -285,9 +285,9 @@ bool passes_mr_tests(RandomNumberGenerat + + u32bit tests = miller_rabin_test_iterations(n.bits(), verify); + +- BigInt nonce; + for(u32bit i = 0; i != tests; ++i) + { ++ BigInt nonce; + if(!verify && PRIMES[i] < (n-1)) + nonce = PRIMES[i]; + else diff --git a/botan.spec b/botan.spec index cb1aebf..5a051b4 100644 --- a/botan.spec +++ b/botan.spec @@ -1,6 +1,6 @@ Name: botan Version: 1.8.14 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Crypto library written in C++ Group: System Environment/Libraries @@ -12,6 +12,9 @@ Source0: Botan-%{version}.stripped.tbz Source1: README.fedora # soname was changed unintentionally upstream, revert it. Patch0: botan-1.8.14-soname.patch +# patch to fix prime testing, see also +# http://botan.randombit.net/relnotes/1_10_8.html +Patch1: botan-1.8.14-fix_prime_testing.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gcc-c++ @@ -51,6 +54,7 @@ developing applications that use %{name}. %prep %setup -q -n Botan-%{version} %patch0 -p0 +%patch1 -p0 cp -av %{SOURCE1} . %build @@ -122,6 +126,9 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./check --validate %changelog +* Sat May 10 2014 Thomas Moschny - 1.8.14-2 +- Add patch to fix prime testing. + * Sat Aug 25 2012 Thomas Moschny - 1.8.14-1 - Update to 1.8.14. From b4fa4c98ecbb43df3274f4453511ca1bf1b11e74 Mon Sep 17 00:00:00 2001 From: Thomas Moschny Date: Mon, 15 Feb 2016 19:04:11 +0100 Subject: [PATCH 7/8] Update to 1.8.15. - Remove patch applied upstream. - Remove %defattr directives. --- .gitignore | 1 + botan-1.8.14-fix_prime_testing.patch | 14 ------------ botan-1.8.14-soname.patch | 19 ---------------- botan-1.8.15-soname.patch | 12 ++++++++++ botan.spec | 23 +++++++++---------- repack.sh | 34 ++++++++++++++-------------- sources | 2 +- 7 files changed, 42 insertions(+), 63 deletions(-) delete mode 100644 botan-1.8.14-fix_prime_testing.patch delete mode 100644 botan-1.8.14-soname.patch create mode 100644 botan-1.8.15-soname.patch diff --git a/.gitignore b/.gitignore index c755cb4..970128b 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ /Botan-1.8.12.stripped.tbz /Botan-1.8.13.stripped.tbz /Botan-1.8.14.stripped.tbz +/Botan-1.8.15.stripped.tar.gz diff --git a/botan-1.8.14-fix_prime_testing.patch b/botan-1.8.14-fix_prime_testing.patch deleted file mode 100644 index 5698c6a..0000000 --- a/botan-1.8.14-fix_prime_testing.patch +++ /dev/null @@ -1,14 +0,0 @@ -============================================================ ---- src/math/numbertheory/numthry.cpp e810b1dace1f2f07c3fceabddb59844a8807d58f -+++ src/math/numbertheory/numthry.cpp 03df310d0075893ff7b86ca57867fa0f0293c22e -@@ -285,9 +285,9 @@ bool passes_mr_tests(RandomNumberGenerat - - u32bit tests = miller_rabin_test_iterations(n.bits(), verify); - -- BigInt nonce; - for(u32bit i = 0; i != tests; ++i) - { -+ BigInt nonce; - if(!verify && PRIMES[i] < (n-1)) - nonce = PRIMES[i]; - else diff --git a/botan-1.8.14-soname.patch b/botan-1.8.14-soname.patch deleted file mode 100644 index 6976728..0000000 --- a/botan-1.8.14-soname.patch +++ /dev/null @@ -1,19 +0,0 @@ -# -# old_revision [adcf24b7e258c125f78aaff4ef2d3557f1183c3e] -# -# patch "configure.py" -# from [b43917e0e74e7ef1ff0024542da0dabe104a1582] -# to [ba82e657a585f31e9ba20056a57c5f597c0f0297] -# -============================================================ ---- configure.py b43917e0e74e7ef1ff0024542da0dabe104a1582 -+++ configure.py ba82e657a585f31e9ba20056a57c5f597c0f0297 -@@ -38,7 +38,7 @@ class BuildConfigurationInformation(obje - version_major = 1 - version_minor = 8 - version_patch = 14 -- version_so_patch = 13 -+ version_so_patch = 2 - version_suffix = '' - - version_string = '%d.%d.%d%s' % ( diff --git a/botan-1.8.15-soname.patch b/botan-1.8.15-soname.patch new file mode 100644 index 0000000..92621f0 --- /dev/null +++ b/botan-1.8.15-soname.patch @@ -0,0 +1,12 @@ +diff -up Botan-1.8.15/configure.py.orig Botan-1.8.15/configure.py +--- Botan-1.8.15/configure.py.orig 2016-02-13 17:52:52.000000000 +0100 ++++ Botan-1.8.15/configure.py 2016-02-13 19:42:13.768986406 +0100 +@@ -38,7 +38,7 @@ class BuildConfigurationInformation(obje + version_major = 1 + version_minor = 8 + version_patch = 15 +- version_so_patch = 13 ++ version_so_patch = 2 + version_suffix = '' + + version_string = '%d.%d.%d%s' % ( diff --git a/botan.spec b/botan.spec index 5a051b4..6f43c6c 100644 --- a/botan.spec +++ b/botan.spec @@ -1,20 +1,17 @@ Name: botan -Version: 1.8.14 -Release: 2%{?dist} +Version: 1.8.15 +Release: 1%{?dist} Summary: Crypto library written in C++ Group: System Environment/Libraries License: BSD URL: http://botan.randombit.net/ # tarfile is stripped using repack.sh. original tarfile to be found -# here: http://files.randombit.net/botan/Botan-%%{version}.tbz -Source0: Botan-%{version}.stripped.tbz +# here: http://botan.randombit.net/releases/Botan-%%{version}.tgz +Source0: Botan-%{version}.stripped.tar.gz Source1: README.fedora # soname was changed unintentionally upstream, revert it. -Patch0: botan-1.8.14-soname.patch -# patch to fix prime testing, see also -# http://botan.randombit.net/relnotes/1_10_8.html -Patch1: botan-1.8.14-fix_prime_testing.patch +Patch0: botan-1.8.15-soname.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gcc-c++ @@ -53,8 +50,7 @@ developing applications that use %{name}. %prep %setup -q -n Botan-%{version} -%patch0 -p0 -%patch1 -p0 +%patch0 -p1 cp -av %{SOURCE1} . %build @@ -97,7 +93,6 @@ rm -rf %{buildroot} %files -%defattr(-,root,root,-) %{_libdir}/libbotan*-*.so %doc _doc/readme.txt _doc/log.txt _doc/thanks.txt _doc/credits.txt %doc _doc/license.txt _doc/fips140.tex _doc/pgpkeys.asc @@ -105,7 +100,6 @@ rm -rf %{buildroot} %files devel -%defattr(-,root,root,-) %doc doc/examples %doc _doc/api* _doc/tutorial* %{_bindir}/botan-config @@ -126,6 +120,11 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./check --validate %changelog +* Sat Feb 13 2016 Thomas Moschny - 1.8.15-1 +- Update to 1.8.15. +- Remove patch applied upstream. +- Remove %%defattr directives. + * Sat May 10 2014 Thomas Moschny - 1.8.14-2 - Add patch to fix prime testing. diff --git a/repack.sh b/repack.sh index 9bd4162..475c8b7 100755 --- a/repack.sh +++ b/repack.sh @@ -1,23 +1,23 @@ #! /bin/bash -version=1.8.14 -name=Botan-${version} -suffix=.tbz -newsuffix=.stripped.tbz -compr=bzip2 +name=Botan-1.8.15 +src=${name}.tgz +dst=${name}.stripped.tar.gz -trap '${tmpfile:+rm ${tmpfile}}' EXIT -tmpfile=$(mktemp) +rm -f ${dst} ${dst%.gz} +cp -av ${src} ${dst} -${compr} -cd ${name}${suffix} > ${tmpfile} +gzip -d ${dst} -tar --delete --file=${tmpfile} ./Botan-${version}/src/block/idea -tar --delete --file=${tmpfile} ./Botan-${version}/src/block/rc6 -tar --delete --file=${tmpfile} ./Botan-${version}/src/block/rc5 -tar --delete --file=${tmpfile} ./Botan-${version}/src/math/gfpmath -tar --delete --file=${tmpfile} ./Botan-${version}/src/pubkey/ec_dompar -tar --delete --file=${tmpfile} ./Botan-${version}/src/pubkey/ecc_key -tar --delete --file=${tmpfile} ./Botan-${version}/src/pubkey/ecdsa -tar --delete --file=${tmpfile} ./Botan-${version}/src/pubkey/eckaeg +tar --delete --file=${dst%.gz} \ + ${name}/src/block/idea \ + ${name}/src/block/rc6 \ + ${name}/src/block/rc5 \ + ${name}/src/math/gfpmath \ + ${name}/src/pubkey/ec_dompar \ + ${name}/src/pubkey/ecc_key \ + ${name}/src/pubkey/ecdsa \ + ${name}/src/pubkey/eckaeg +touch -m -r ${src} ${dst%.gz} -${compr} -c ${tmpfile} > ${name}${newsuffix} +gzip ${dst%.gz} diff --git a/sources b/sources index 219b46d..cdf2878 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4b5ce78b1cfc0735eb7ec4f6903068ca Botan-1.8.14.stripped.tbz +9206a5cb467cd9c8f81be72a52a2d4f8 Botan-1.8.15.stripped.tar.gz From 81fbf5cda0934db2206b0d245dd35f592bbc92e1 Mon Sep 17 00:00:00 2001 From: Thomas Moschny Date: Tue, 3 Oct 2017 10:35:42 +0200 Subject: [PATCH 8/8] Patch to fix X509 DN comparisons. --- botan-1.8.15-fix-x509-dn-cmp.patch | 13 +++++++++++++ botan.spec | 8 +++++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 botan-1.8.15-fix-x509-dn-cmp.patch diff --git a/botan-1.8.15-fix-x509-dn-cmp.patch b/botan-1.8.15-fix-x509-dn-cmp.patch new file mode 100644 index 0000000..1757d23 --- /dev/null +++ b/botan-1.8.15-fix-x509-dn-cmp.patch @@ -0,0 +1,13 @@ +diff --git a/src/utils/parsing.cpp b/src/utils/parsing.cpp +index bdb9e79..3f56d12 100644 +--- a/src/utils/parsing.cpp ++++ b/src/utils/parsing.cpp +@@ -227,6 +227,8 @@ bool x500_name_cmp(const std::string& name1, const std::string& name2) + + if(p1 == name1.end() && p2 == name2.end()) + return true; ++ if(p1 == name1.end() || p2 == name2.end()) ++ return false; + } + + if(!Charset::caseless_cmp(*p1, *p2)) diff --git a/botan.spec b/botan.spec index 6f43c6c..52f393e 100644 --- a/botan.spec +++ b/botan.spec @@ -1,6 +1,6 @@ Name: botan Version: 1.8.15 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Crypto library written in C++ Group: System Environment/Libraries @@ -12,6 +12,8 @@ Source0: Botan-%{version}.stripped.tar.gz Source1: README.fedora # soname was changed unintentionally upstream, revert it. Patch0: botan-1.8.15-soname.patch +# cherry-pick commit c9271016 from 1.10 branch: fix for CVE-2017-2801 +Patch1: botan-1.8.15-fix-x509-dn-cmp.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gcc-c++ @@ -51,6 +53,7 @@ developing applications that use %{name}. %prep %setup -q -n Botan-%{version} %patch0 -p1 +%patch1 -p1 cp -av %{SOURCE1} . %build @@ -120,6 +123,9 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./check --validate %changelog +* Tue Oct 3 2017 Thomas Moschny - 1.8.15-2 +- Patch to fix X509 DN comparisons. + * Sat Feb 13 2016 Thomas Moschny - 1.8.15-1 - Update to 1.8.15. - Remove patch applied upstream.