rpms/openswan/devel openswan-2.6.21-nss.patch,1.2,1.3
avesh agarwal
avesh at fedoraproject.org
Tue Apr 14 20:29:09 UTC 2009
- Previous message (by thread): rpms/gnome-user-docs/devel .cvsignore, 1.27, 1.28 gnome-user-docs.spec, 1.40, 1.41 sources, 1.27, 1.28
- Next message (by thread): rpms/vdr-skinsoppalusikka/F-9 .cvsignore, 1.8, 1.9 sources, 1.8, 1.9 vdr-skinsoppalusikka.spec, 1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: avesh
Update of /cvs/pkgs/rpms/openswan/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv13344
Modified Files:
openswan-2.6.21-nss.patch
Log Message:
* Tue Apr 14 2009 Avesh Agarwal <avagarwa at redhat.com> - 2.6.21-4
- Updated the Openswan-NSS porting to enable nss and fipscheck by default
- fipscheck requires fipscheck-devel library
openswan-2.6.21-nss.patch:
Index: openswan-2.6.21-nss.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openswan/devel/openswan-2.6.21-nss.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- openswan-2.6.21-nss.patch 14 Apr 2009 19:47:16 -0000 1.2
+++ openswan-2.6.21-nss.patch 14 Apr 2009 20:29:09 -0000 1.3
@@ -4601,20 +4601,19 @@
, wire_chunk_t *new
diff -urNp openswan-2.6.21-orig/programs/pluto/plutomain.c openswan-2.6.21/programs/pluto/plutomain.c
--- openswan-2.6.21-orig/programs/pluto/plutomain.c 2009-03-30 09:11:28.000000000 -0400
-+++ openswan-2.6.21/programs/pluto/plutomain.c 2009-04-14 13:05:03.000000000 -0400
-@@ -93,6 +93,11 @@
++++ openswan-2.6.21/programs/pluto/plutomain.c 2009-04-14 16:20:09.000000000 -0400
+@@ -93,6 +93,10 @@
#ifdef HAVE_LIBNSS
#include <nss.h>
+#include <nspr.h>
+#ifdef FIPS_CHECK
-+#include <openssl/fips.h>
+#include <fipscheck.h>
+#endif
#endif
const char *ctlbase = "/var/run/pluto";
-@@ -752,11 +757,43 @@ main(int argc, char **argv)
+@@ -752,11 +756,43 @@ main(int argc, char **argv)
init_constants();
pluto_init_log();
@@ -4658,7 +4657,7 @@
const char *v = init_pluto_vendorid();
const char *vc = ipsec_version_code();
-@@ -781,6 +818,11 @@ main(int argc, char **argv)
+@@ -781,6 +817,11 @@ main(int argc, char **argv)
*/
openswan_log("@(#) built on "__DATE__":" __TIME__ " by " BUILDER);
}
@@ -4670,7 +4669,7 @@
#if defined(USE_1DES)
openswan_log("WARNING: 1DES is enabled");
-@@ -797,16 +839,6 @@ main(int argc, char **argv)
+@@ -797,16 +838,6 @@ main(int argc, char **argv)
init_nat_traversal(nat_traversal, keep_alive, force_keepalive, nat_t_spf);
#endif
@@ -4687,7 +4686,7 @@
init_virtual_ip(virtual_private);
init_rnd_pool();
init_timer();
-@@ -843,6 +875,11 @@ main(int argc, char **argv)
+@@ -843,6 +874,11 @@ main(int argc, char **argv)
/* loading attribute certificates (experimental) */
load_acerts();
@@ -4973,8 +4972,8 @@
<citerefentry><refentrytitle>gethostname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
diff -urNp openswan-2.6.21-orig/programs/rsasigkey/rsasigkey.c openswan-2.6.21/programs/rsasigkey/rsasigkey.c
--- openswan-2.6.21-orig/programs/rsasigkey/rsasigkey.c 2009-03-30 09:11:28.000000000 -0400
-+++ openswan-2.6.21/programs/rsasigkey/rsasigkey.c 2009-04-02 14:49:47.000000000 -0400
-@@ -29,9 +29,35 @@
++++ openswan-2.6.21/programs/rsasigkey/rsasigkey.c 2009-04-14 16:20:24.000000000 -0400
+@@ -29,9 +29,34 @@
#include <getopt.h>
#include <openswan.h>
#include <gmp.h>
@@ -4999,7 +4998,6 @@
+#include "oswconf.h"
+
+#ifdef FIPS_CHECK
-+#include <openssl/fips.h>
+#include <fipscheck.h>
+#endif
+
@@ -5011,7 +5009,7 @@
* /dev/random device is ONLY used for generating long term keys, which
* should NEVER be done with /dev/urandom. If people use X.509, PSK or
* even raw RSA keys generated on other systems, changing this will have
-@@ -47,8 +73,13 @@
+@@ -47,8 +72,13 @@
/* the code in getoldkey() knows about this */
#define E 3 /* standard public exponent */
@@ -5025,7 +5023,7 @@
struct option opts[] = {
{"verbose", 0, NULL, 'v',},
{"random", 1, NULL, 'r',},
-@@ -58,6 +89,10 @@ struct option opts[] = {
+@@ -58,6 +88,10 @@ struct option opts[] = {
{"noopt", 0, NULL, 'n',},
{"help", 0, NULL, 'h',},
{"version", 0, NULL, 'V',},
@@ -5036,7 +5034,7 @@
{0, 0, NULL, 0,}
};
int verbose = 0; /* narrate the action? */
-@@ -72,7 +107,11 @@ char me[] = "ipsec rsasigkey"; /* for me
+@@ -72,7 +106,11 @@ char me[] = "ipsec rsasigkey"; /* for me
/* forwards */
int getoldkey(char *filename);
@@ -5048,7 +5046,7 @@
void initprime(mpz_t var, int nbits, int eval);
void initrandom(mpz_t var, int nbits);
void getrandom(size_t nbytes, unsigned char *buf);
-@@ -81,6 +120,192 @@ char *conv(unsigned char *bits, size_t n
+@@ -81,6 +119,192 @@ char *conv(unsigned char *bits, size_t n
char *hexout(mpz_t var);
void report(char *msg);
@@ -5241,7 +5239,7 @@
/*
- main - mostly argument parsing
*/
-@@ -93,6 +318,10 @@ int main(int argc, char *argv[])
+@@ -93,6 +317,10 @@ int main(int argc, char *argv[])
int i;
int nbits;
char *oldkeyfile = NULL;
@@ -5252,7 +5250,7 @@
while ((opt = getopt_long(argc, argv, "", opts, NULL)) != EOF)
switch (opt) {
-@@ -120,25 +349,42 @@ int main(int argc, char *argv[])
+@@ -120,25 +348,42 @@ int main(int argc, char *argv[])
break;
case 'h': /* help */
printf("Usage:\t%s\n", usage);
@@ -5295,7 +5293,7 @@
if (outputhostname[0] == '\0') {
i = gethostname(outputhostname, sizeof(outputhostname));
-@@ -169,7 +415,11 @@ int main(int argc, char *argv[])
+@@ -169,7 +414,11 @@ int main(int argc, char *argv[])
exit(1);
}
@@ -5307,7 +5305,7 @@
exit(0);
}
-@@ -280,6 +530,145 @@ char *filename;
+@@ -280,6 +529,145 @@ char *filename;
* keys were to be used for encryption, but for signatures there are some
* real speed advantages.
*/
@@ -5453,7 +5451,7 @@
void
rsasigkey(nbits, useoldkey)
int nbits;
-@@ -376,6 +765,9 @@ int useoldkey; /* take primes from old
+@@ -376,6 +764,9 @@ int useoldkey; /* take primes from old
printf("\tCoefficient: %s\n", hexout(coeff));
}
@@ -5463,7 +5461,7 @@
/*
- initprime - initialize an mpz_t to a random prime of specified size
* Efficiency tweak: we reject candidates that are 1 higher than a multiple
-@@ -442,6 +834,7 @@ int nbits; /* known to be a multiple o
+@@ -442,6 +833,7 @@ int nbits; /* known to be a multiple o
exit(1);
}
}
- Previous message (by thread): rpms/gnome-user-docs/devel .cvsignore, 1.27, 1.28 gnome-user-docs.spec, 1.40, 1.41 sources, 1.27, 1.28
- Next message (by thread): rpms/vdr-skinsoppalusikka/F-9 .cvsignore, 1.8, 1.9 sources, 1.8, 1.9 vdr-skinsoppalusikka.spec, 1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list