[rpms/openssl] rebase_40beta: new upstream version

[Tomas Mraz <tmraz@fedoraproject.org>]

A new commit has been pushed.

Repo   : rpms/openssl
Branch : rebase_40beta
Commit : 651215c12b083c52655fb7a4437b39901077b05e
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date   : 2012-05-15T19:37:55+02:00
Stats  : +112/-3 in 5 file(s)
URL    : https://src.fedoraproject.org/rpms/openssl/c/651215c12b083c52655fb7a4437b39901077b05e?branch=rebase_40beta

Log:
new upstream version

---
diff --git a/.gitignore b/.gitignore
index 7d1f2c1..c95d3b0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@ openssl-1.0.0a-usa.tar.bz2
 /openssl-1.0.1-usa.tar.xz
 /openssl-1.0.1a-usa.tar.xz
 /openssl-1.0.1b-usa.tar.xz
+/openssl-1.0.1c-usa.tar.xz

diff --git a/openssl-1.0.1-version.patch b/openssl-1.0.1-version.patch
index 8acd0ae..4b8f584 100644
--- a/openssl-1.0.1-version.patch
+++ b/openssl-1.0.1-version.patch
@@ -26,7 +26,7 @@ diff -up openssl-1.0.1/crypto/opensslv.h.version openssl-1.0.1/crypto/opensslv.h
   */
  #define SHLIB_VERSION_HISTORY ""
 -#define SHLIB_VERSION_NUMBER "1.0.0"
-+#define SHLIB_VERSION_NUMBER "1.0.1b"
++#define SHLIB_VERSION_NUMBER "1.0.1c"
  
  
  #endif /* HEADER_OPENSSLV_H */

diff --git a/openssl-1.0.1c-backports.patch b/openssl-1.0.1c-backports.patch
new file mode 100644
index 0000000..cc3c3ec
--- /dev/null
+++ b/openssl-1.0.1c-backports.patch
@@ -0,0 +1,106 @@
+diff -up openssl-1.0.1c/crypto/asn1/x_pubkey.c.backports openssl-1.0.1c/crypto/asn1/x_pubkey.c
+--- openssl-1.0.1c/crypto/asn1/x_pubkey.c.backports	2012-02-28 15:47:16.000000000 +0100
++++ openssl-1.0.1c/crypto/asn1/x_pubkey.c	2012-05-15 17:44:14.584128501 +0200
+@@ -175,12 +175,15 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *k
+ 	CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ 	if (key->pkey)
+ 		{
++		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ 		EVP_PKEY_free(ret);
+ 		ret = key->pkey;
+ 		}
+ 	else
++		{
+ 		key->pkey = ret;
+-	CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
++		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
++		}
+ 	CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ 
+ 	return ret;
+diff -up openssl-1.0.1c/ssl/s3_lib.c.backports openssl-1.0.1c/ssl/s3_lib.c
+--- openssl-1.0.1c/ssl/s3_lib.c.backports	2012-04-17 17:20:17.000000000 +0200
++++ openssl-1.0.1c/ssl/s3_lib.c	2012-05-15 17:42:43.880139566 +0200
+@@ -1125,7 +1125,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	0, /* not implemented (non-ephemeral DH) */
+ 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+ 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+-	SSL_kDHr,
++	SSL_kDHd,
+ 	SSL_aDH,
+ 	SSL_AES128,
+ 	SSL_SHA256,
+@@ -1407,7 +1407,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	0, /* not implemented (non-ephemeral DH) */
+ 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+ 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+-	SSL_kDHr,
++	SSL_kDHd,
+ 	SSL_aDH,
+ 	SSL_AES256,
+ 	SSL_SHA256,
+@@ -1958,7 +1958,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	0,
+ 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+ 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+-	SSL_kDHr,
++	SSL_kDHd,
+ 	SSL_aDH,
+ 	SSL_AES128GCM,
+ 	SSL_AEAD,
+@@ -1974,7 +1974,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	0,
+ 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+ 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+-	SSL_kDHr,
++	SSL_kDHd,
+ 	SSL_aDH,
+ 	SSL_AES256GCM,
+ 	SSL_AEAD,
+@@ -2669,7 +2669,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	1,
+ 	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+ 	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+-	SSL_kECDHe,
++	SSL_kECDHr,
+ 	SSL_aECDH,
+ 	SSL_AES128,
+ 	SSL_SHA256,
+@@ -2685,7 +2685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	1,
+ 	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+ 	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+-	SSL_kECDHe,
++	SSL_kECDHr,
+ 	SSL_aECDH,
+ 	SSL_AES256,
+ 	SSL_SHA384,
+@@ -2799,7 +2799,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	1,
+ 	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ 	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+-	SSL_kECDHe,
++	SSL_kECDHr,
+ 	SSL_aECDH,
+ 	SSL_AES128GCM,
+ 	SSL_AEAD,
+@@ -2815,7 +2815,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
+ 	1,
+ 	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ 	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+-	SSL_kECDHe,
++	SSL_kECDHr,
+ 	SSL_aECDH,
+ 	SSL_AES256GCM,
+ 	SSL_AEAD,
+diff -up openssl-1.0.1c/ssl/s3_pkt.c.backports openssl-1.0.1c/ssl/s3_pkt.c
+--- openssl-1.0.1c/ssl/s3_pkt.c.backports	2012-04-17 15:20:19.000000000 +0200
++++ openssl-1.0.1c/ssl/s3_pkt.c	2012-05-15 17:43:48.470555889 +0200
+@@ -744,6 +744,7 @@ static int do_ssl3_write(SSL *s, int typ
+ 	 * bytes and record version number > TLS 1.0
+ 	 */
+ 	if (s->state == SSL3_ST_CW_CLNT_HELLO_B
++				&& !s->renegotiate
+ 				&& TLS1_get_version(s) > TLS1_VERSION)
+ 		*(p++) = 0x1;
+ 	else

diff --git a/openssl.spec b/openssl.spec
index e1e8669..ae3e006 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -20,7 +20,7 @@
 
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
-Version: 1.0.1b
+Version: 1.0.1c
 # Do not forget to bump SHLIB_VERSION on version upgrades
 Release: 1%{?dist}
 Epoch: 1
@@ -66,6 +66,7 @@ Patch66: openssl-1.0.1-pkgconfig-krb5.patch
 Patch67: openssl-1.0.0-fips-pkcs8.patch
 # Backported fixes including security fixes
 Patch81: openssl-1.0.1-beta2-padlock64.patch
+Patch82: openssl-1.0.1c-backports.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -164,6 +165,7 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch67 -p1 -b .pkcs8
 
 %patch81 -p1 -b .padlock64
+%patch82 -p1 -b .backports
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`

diff --git a/sources b/sources
index 93e0fff..ed53453 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-c8778627718f332f91c0041eb23fa251  openssl-1.0.1b-usa.tar.xz
+3b75bb21452767ed1779fbce32625b95  openssl-1.0.1c-usa.tar.xz