public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Tomas Mraz <tmraz@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/openssl] rebase_40beta: fix segfault in openssl speed hmac in the FIPS mode
Date: Tue, 09 Jun 2026 12:43:01 GMT [thread overview]
Message-ID: <178100898171.1.13692306804359445828.rpms-openssl-8c28623e947c@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : 8c28623e947c5366facebc749ec9ac128fab1942
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date : 2013-09-19T15:16:50+02:00
Stats : +12/-1 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/8c28623e947c5366facebc749ec9ac128fab1942?branch=rebase_40beta
Log:
fix segfault in openssl speed hmac in the FIPS mode
---
diff --git a/openssl-1.0.1e-fips.patch b/openssl-1.0.1e-fips.patch
index 09903f4..3e2ff42 100644
--- a/openssl-1.0.1e-fips.patch
+++ b/openssl-1.0.1e-fips.patch
@@ -123,6 +123,14 @@ diff -up openssl-1.0.1e/apps/speed.c.fips openssl-1.0.1e/apps/speed.c
#endif
#ifndef OPENSSL_NO_RSA
memset(rsa_c,0,sizeof(rsa_c));
+@@ -1564,6 +1596,7 @@ int MAIN(int argc, char **argv)
+ HMAC_CTX hctx;
+
+ HMAC_CTX_init(&hctx);
++ HMAC_CTX_set_flags(&hctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...",
+ 16,EVP_md5(), NULL);
+
diff -up openssl-1.0.1e/Configure.fips openssl-1.0.1e/Configure
--- openssl-1.0.1e/Configure.fips 2013-02-19 12:47:33.670117470 +0100
+++ openssl-1.0.1e/Configure 2013-02-19 12:47:33.716118405 +0100
diff --git a/openssl.spec b/openssl.spec
index 6f5c1a4..333e788 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.1e
-Release: 22%{?dist}
+Release: 23%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -473,6 +473,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
prelink -u %{_libdir}/libcrypto.so.%{version} %{_libdir}/libssl.so.%{version} 2>/dev/null || :
%changelog
+* Thu Sep 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-23
+- fix segfault in openssl speed hmac in the FIPS mode
+
* Thu Sep 12 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-22
- document the nextprotoneg option in manual pages
original patch by Hubert Kario
reply other threads:[~2026-06-09 12:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178100898171.1.13692306804359445828.rpms-openssl-8c28623e947c@fedoraproject.org \
--to=tmraz@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox