[rpms/openssl] rebase_40beta: correct openssl cms help output (#636266)

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/openssl] rebase_40beta: correct openssl cms help output (#636266)
@ 2026-06-09 12:42 Tomas Mraz
  0 siblings, 0 replies; only message in thread
From: Tomas Mraz @ 2026-06-09 12:42 UTC (permalink / raw)
  To: git-commits

            A new commit has been pushed.

            Repo   : rpms/openssl
            Branch : rebase_40beta
            Commit : 0ed17c065246e0f0e33ce311790c7329b5e42a74
            Author : Tomas Mraz <tmraz@fedoraproject.org>
            Date   : 2011-07-26T13:02:17+02:00
            Stats  : +33/-1 in 3 file(s)
            URL    : https://src.fedoraproject.org/rpms/openssl/c/0ed17c065246e0f0e33ce311790c7329b5e42a74?branch=rebase_40beta

            Log:
            correct openssl cms help output (#636266)
more tolerant starttls detection in XMPP protocol (#608239)

---
diff --git a/openssl-1.0.0d-cms-keyid.patch b/openssl-1.0.0d-cms-keyid.patch
new file mode 100644
index 0000000..9fe9358
--- /dev/null
+++ b/openssl-1.0.0d-cms-keyid.patch
@@ -0,0 +1,12 @@
+diff -up openssl-1.0.0d/apps/cms.c.keyid openssl-1.0.0d/apps/cms.c
+--- openssl-1.0.0d/apps/cms.c.keyid	2009-10-18 16:42:26.000000000 +0200
++++ openssl-1.0.0d/apps/cms.c	2011-07-26 12:56:48.000000000 +0200
+@@ -618,7 +618,7 @@ int MAIN(int argc, char **argv)
+ 		BIO_printf (bio_err, "-certsout file certificate output file\n");
+ 		BIO_printf (bio_err, "-signer file   signer certificate file\n");
+ 		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
+-		BIO_printf (bio_err, "-skeyid        use subject key identifier\n");
++		BIO_printf (bio_err, "-keyid         use subject key identifier\n");
+ 		BIO_printf (bio_err, "-in file       input file\n");
+ 		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
+ 		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");

diff --git a/openssl-1.0.0d-xmpp-starttls.patch b/openssl-1.0.0d-xmpp-starttls.patch
new file mode 100644
index 0000000..b3999cc
--- /dev/null
+++ b/openssl-1.0.0d-xmpp-starttls.patch
@@ -0,0 +1,12 @@
+diff -ru openssl-1.0.0d.old/apps/s_client.c openssl-1.0.0d/apps/s_client.c
+--- openssl-1.0.0d.old/apps/s_client.c	2011-07-17 21:05:19.934181169 +0200
++++ openssl-1.0.0d/apps/s_client.c	2011-07-17 21:11:42.747824990 +0200
+@@ -1186,7 +1186,7 @@
+ 		    "xmlns='jabber:client' to='%s' version='1.0'>", host);
+ 		seen = BIO_read(sbio,mbuf,BUFSIZZ);
+ 		mbuf[seen] = 0;
+-		while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
++		while (!strcasestr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && !strcasestr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\""))
+ 			{
+ 			if (strstr(mbuf, "/stream:features>"))
+ 				goto shut;

diff --git a/openssl.spec b/openssl.spec
index 7f9d669..cb550c8 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0d
-Release: 6%{?dist}
+Release: 7%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-usa.tar.bz2
@@ -48,6 +48,7 @@ Patch23: openssl-1.0.0-beta4-default-paths.patch
 Patch24: openssl-0.9.8j-bad-mime.patch
 Patch25: openssl-1.0.0a-manfix.patch
 Patch26: openssl-1.0.0a-load-certs.patch
+Patch27: openssl-1.0.0d-cms-keyid.patch
 # Functionality changes
 Patch32: openssl-0.9.8g-ia64.patch
 Patch33: openssl-1.0.0-beta4-ca-dir.patch
@@ -75,6 +76,7 @@ Patch59: openssl-1.0.0c-pkcs12-fips-default.patch
 Patch60: openssl-1.0.0d-apps-dgst.patch
 Patch61: openssl-1.0.0d-cavs.patch
 Patch62: openssl-1.0.0-fips-aesni.patch
+Patch63: openssl-1.0.0d-xmpp-starttls.patch
 # Backported fixes including security fixes
 Patch81: openssl-1.0.0d-padlock64.patch
 
@@ -144,6 +146,7 @@ popd
 %patch24 -p1 -b .bad-mime
 %patch25 -p1 -b .manfix
 %patch26 -p1 -b .load-certs
+%patch27 -p1 -b .keyid
 
 %patch32 -p1 -b .ia64
 %patch33 -p1 -b .ca-dir
@@ -171,6 +174,7 @@ popd
 %patch60 -p1 -b .dgst
 %patch61 -p1 -b .cavs
 %patch62 -p1 -b .fips-aesni
+%patch63 -p1 -b .starttls
 
 %patch81 -p1 -b .padlock64
 
@@ -434,6 +438,10 @@ popd
 %postun -p /sbin/ldconfig
 
 %changelog
+* Tue Jul 26 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-7
+- correct openssl cms help output (#636266)
+- more tolerant starttls detection in XMPP protocol (#608239)
+
 * Wed Jul 20 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-6
 - add support for newest Intel acceleration improvements backported
   from upstream by Intel in form of a separate engine

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-09 12:42 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-09 12:42 [rpms/openssl] rebase_40beta: correct openssl cms help output (#636266) Tomas Mraz

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox