From 3bf752c44c299dc1048688672acdfda512817633 Mon Sep 17 00:00:00 2001 From: Patrick Griffis Date: Dec 10 2016 15:05:18 +0000 Subject: Version bump to 2.12.4 --- diff --git a/fix-openssl-1.1.0.patch b/fix-openssl-1.1.0.patch deleted file mode 100644 index 66cb832..0000000 --- a/fix-openssl-1.1.0.patch +++ /dev/null @@ -1,146 +0,0 @@ -From 1ce8aede0bc4d95195da3edbc7ffcff5d1bf04fb Mon Sep 17 00:00:00 2001 -From: Patrick Griffis -Date: Sun, 23 Oct 2016 00:58:28 -0400 -Subject: [PATCH] ssl: More OpenSSL 1.1.0 fixes - ---- - plugins/fishlim/dh1080.c | 39 ++++++++++++++++++++++++++++++++------- - src/common/ssl.c | 22 ++++++++++++++++------ - 2 files changed, 48 insertions(+), 13 deletions(-) - -diff --git a/plugins/fishlim/dh1080.c b/plugins/fishlim/dh1080.c -index 5afb1c6..56dca13 100644 ---- a/plugins/fishlim/dh1080.c -+++ b/plugins/fishlim/dh1080.c -@@ -64,12 +64,23 @@ dh1080_init (void) - if ((g_dh = DH_new())) - { - int codes; -+ BIGNUM *p, *g; - -- g_dh->p = BN_bin2bn (prime1080, DH1080_PRIME_BYTES, NULL); -- g_dh->g = BN_new (); -+ p = BN_bin2bn (prime1080, DH1080_PRIME_BYTES, NULL); -+ g = BN_new (); - -- g_assert (g_dh->p != NULL && g_dh->g != NULL); -- BN_set_word(g_dh->g, 2); -+ if (p == NULL || g == NULL) -+ return 1; -+ -+ BN_set_word (g, 2); -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ g_dh->p = p; -+ g_dh->g = g; -+#else -+ if (!DH_set0_pqg (g_dh, p, NULL, g)) -+ return 1; -+#endif - - if (DH_check (g_dh, &codes)) - return codes == 0; -@@ -136,6 +147,7 @@ dh1080_generate_key (char **priv_key, char **pub_key) - guchar buf[DH1080_PRIME_BYTES]; - int len; - DH *dh; -+ BIGNUM *dh_priv_key, *dh_pub_key; - - g_assert (priv_key != NULL); - g_assert (pub_key != NULL); -@@ -150,12 +162,19 @@ dh1080_generate_key (char **priv_key, char **pub_key) - return 0; - } - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ dh_pub_key = dh->pub_key; -+ dh_priv_key = dh->priv_key; -+#else -+ DH_get0_key (dh, &dh_pub_key, &dh_priv_key); -+#endif -+ - MEMZERO (buf); -- len = BN_bn2bin (dh->priv_key, buf); -+ len = BN_bn2bin (dh_priv_key, buf); - *priv_key = dh1080_encode_b64 (buf, len); - - MEMZERO (buf); -- len = BN_bn2bin(dh->pub_key, buf); -+ len = BN_bn2bin (dh_pub_key, buf); - *pub_key = dh1080_encode_b64 (buf, len); - - OPENSSL_cleanse (buf, sizeof (buf)); -@@ -190,9 +209,15 @@ dh1080_compute_key (const char *priv_key, const char *pub_key, char **secret_key - char *priv_key_data; - gsize priv_key_len; - int shared_len; -+ BIGNUM *priv_key_num; - - priv_key_data = dh1080_decode_b64 (priv_key, &priv_key_len); -- dh->priv_key = BN_bin2bn(priv_key_data, priv_key_len, NULL); -+ priv_key_num = BN_bin2bn(priv_key_data, priv_key_len, NULL); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ dh->priv_key = priv_key_num; -+#else -+ DH_set0_key (dh, NULL, priv_key_num); -+#endif - - shared_len = DH_compute_key (shared_key, pk, dh); - SHA256(shared_key, shared_len, sha256); -diff --git a/src/common/ssl.c b/src/common/ssl.c -index f4e2366..c232714 100644 ---- a/src/common/ssl.c -+++ b/src/common/ssl.c -@@ -152,9 +152,9 @@ int - _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl) - { - X509 *peer_cert; -+ X509_PUBKEY *key; -+ X509_ALGOR *algor = NULL; - EVP_PKEY *peer_pkey; -- /* EVP_PKEY *ca_pkey; */ -- /* EVP_PKEY *tmp_pkey; */ - char notBefore[64]; - char notAfter[64]; - int alg; -@@ -171,8 +171,12 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl) - broke_oneline (cert_info->subject, cert_info->subject_word); - broke_oneline (cert_info->issuer, cert_info->issuer_word); - -- alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm); -- sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm); -+ key = X509_get_X509_PUBKEY(peer_cert); -+ if (!X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key)) -+ return 1; -+ -+ alg = OBJ_obj2nid (algor->algorithm); -+ sign_alg = X509_get_signature_nid (peer_cert); - ASN1_TIME_snprintf (notBefore, sizeof (notBefore), - X509_get_notBefore (peer_cert)); - ASN1_TIME_snprintf (notAfter, sizeof (notAfter), -@@ -290,14 +294,20 @@ SSL * - _SSL_socket (SSL_CTX *ctx, int sd) - { - SSL *ssl; -- -+ const SSL_METHOD *method; - - if (!(ssl = SSL_new (ctx))) - /* FATAL */ - __SSL_critical_error ("SSL_new"); - - SSL_set_fd (ssl, sd); -- if (ctx->method == SSLv23_client_method()) -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ method = ctx->method; -+#else -+ method = SSL_CTX_get_ssl_method (ctx); -+#endif -+ if (method == SSLv23_client_method()) - SSL_set_connect_state (ssl); - else - SSL_set_accept_state(ssl); --- -2.10.0 - diff --git a/hexchat.spec b/hexchat.spec index 1e6cac9..12f4178 100644 --- a/hexchat.spec +++ b/hexchat.spec @@ -1,15 +1,12 @@ Summary: A popular and easy to use graphical IRC (chat) client Name: hexchat -Version: 2.12.3 +Version: 2.12.4 Release: 1%{?dist} Group: Applications/Internet License: GPLv2+ URL: https://hexchat.github.io Source: https://dl.hexchat.net/hexchat/%{name}-%{version}.tar.xz -# Upstreamed -Patch0: fix-openssl-1.1.0.patch - BuildRequires: intltool, libtool BuildRequires: desktop-file-utils, hicolor-icon-theme, sound-theme-freedesktop BuildRequires: pkgconfig(glib-2.0) @@ -76,7 +73,6 @@ fi %dir %{_libdir}/hexchat %dir %{_libdir}/hexchat/plugins %{_libdir}/hexchat/plugins/checksum.so -%{_libdir}/hexchat/plugins/doat.so %{_libdir}/hexchat/plugins/fishlim.so %{_libdir}/hexchat/plugins/lua.so %{_libdir}/hexchat/plugins/sysinfo.so @@ -93,6 +89,9 @@ fi %{_libdir}/pkgconfig/hexchat-plugin.pc %changelog +* Sat Dec 10 2016 Patrick Griffis - 2.12.4-1 +- Version bump to 2.12.4 + * Sat Oct 22 2016 Patrick Griffis - 2.12.3-1 - Version bump to 2.12.3 - Fix building against OpenSSL 1.1.0