Hello community,

here is the log from the commit of package socat for openSUSE:Factory checked 
in at 2017-08-22 11:05:40
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/socat (Old)
 and      /work/SRC/openSUSE:Factory/.socat.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "socat"

Tue Aug 22 11:05:40 2017 rev:34 rq:517414 version:1.7.3.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/socat/socat.changes      2017-04-20 
20:47:24.174057172 +0200
+++ /work/SRC/openSUSE:Factory/.socat.new/socat.changes 2017-08-22 
11:05:45.825033998 +0200
@@ -1,0 +2,5 @@
+Thu Aug 17 13:42:49 UTC 2017 - meiss...@suse.com
+
+- socat-openssl-1.1-tests.patch: make tests work on openssl1. (bsc#1042674)
+
+-------------------------------------------------------------------

New:
----
  socat-openssl-1.1-tests.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ socat.spec ++++++
--- /var/tmp/diff_new_pack.wnJMY2/_old  2017-08-22 11:05:47.752762487 +0200
+++ /var/tmp/diff_new_pack.wnJMY2/_new  2017-08-22 11:05:47.756761924 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package socat
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2010 Pascal Bleser <pascal.ble...@opensuse.org>
 #
 # All modifications and additions to the file contributed by third parties
@@ -42,6 +42,7 @@
 License:        SUSE-GPL-2.0-with-openssl-exception and MIT
 Group:          Productivity/Networking/Other
 Source:         
http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.bz2
+Patch0:         socat-openssl-1.1-tests.patch
 Source1:        %{name}.changes
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
@@ -55,6 +56,10 @@
 
 %prep
 %setup
+if pkg-config --atleast-version=1.1 openssl 
+then
+%patch0 -p1
+fi
 
 %build
 # export deterministic BUILD_DATE, format like "__DATE__ __TIME__"

++++++ socat-openssl-1.1-tests.patch ++++++
OpenSSL 1.1 introduces the concept of security levels, in attempt to prevent
users from accidently setting insecure ciphers.
aNULL ciphers are considered insecure and are only allowed in Security Level 0.
The default Security Level is 1.
Unfortunately a cipher string featuring @SECLEVEL=0 is not accepted in older
OpenSSL versions, thus this patch should be applied to newer distributions only.

Index: socat-1.7.3.2/test.sh
===================================================================
--- socat-1.7.3.2.orig/test.sh  2017-01-22 19:07:10.000000000 +0100
+++ socat-1.7.3.2/test.sh       2017-08-17 12:36:50.809352091 +0200
@@ -11227,8 +11227,8 @@ tf="$td/test$N.stdout"
 te="$td/test$N.stderr"
 tdiff="$td/test$N.diff"
 da="test$N $(date) $RANDOM"
-CMD2="$TRACE $SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,$SOCAT_EGD,ciphers=aNULL,verify=0 pipe"
-CMD="$TRACE $SOCAT $opts - 
openssl:$LOCALHOST:$PORT,ciphers=aNULL,verify=0,$SOCAT_EGD"
+CMD2="$TRACE $SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,$SOCAT_EGD,ciphers=aNULL:@SECLEVEL=0,verify=0 
pipe"
+CMD="$TRACE $SOCAT $opts - 
openssl:$LOCALHOST:$PORT,ciphers=aNULL:@SECLEVEL=0,verify=0,$SOCAT_EGD"
 printf "test $F_n $TEST... " $N
 eval "$CMD2 2>\"${te}1\" &"
 pid=$! # background process id
@@ -11632,8 +11632,8 @@ tf1="$td/test$N.1.stdout"
 te1="$td/test$N.1.stderr"
 tdiff="$td/test$N.diff"
 da="test$N $(date) $RANDOM"
-CMD0="$TRACE $SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,ciphers=aNULL,verify=0, PIPE"
-CMD1="$TRACE $SOCAT $opts - 
OPENSSL-CONNECT:$LOCALHOST:$PORT,bind=$LOCALHOST,ciphers=aNULL,verify=0"
+CMD0="$TRACE $SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,ciphers=aNULL:@SECLEVEL=0,verify=0, PIPE"
+CMD1="$TRACE $SOCAT $opts - 
OPENSSL-CONNECT:$LOCALHOST:$PORT,bind=$LOCALHOST,ciphers=aNULL:@SECLEVEL=0,verify=0"
 printf "test $F_n $TEST... " $N
 $CMD0 >/dev/null 2>"$te0" &
 pid0=$!
@@ -12191,8 +12191,8 @@ tf="$td/test$N.stdout"
 te="$td/test$N.stderr"
 tdiff="$td/test$N.diff"
 da="test$N $(date) $RANDOM"
-CMD0="$SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,cipher=aNULL,verify=0 
SYSTEM:cat"
-CMD1="$SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,cipher=aNULL,verify=0"
+CMD0="$SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,cipher=aNULL:@SECLEVEL=0,verify=0 SYSTEM:cat"
+CMD1="$SOCAT $opts - 
OPENSSL-CONNECT:$LOCALHOST:$PORT,cipher=aNULL:@SECLEVEL=0,verify=0"
 printf "test $F_n $TEST... " $N
 $CMD0 >/dev/null 2>"${te}0" &
 pid0=$!
@@ -12302,8 +12302,8 @@ tf="$td/test$N.stdout"
 te="$td/test$N.stderr"
 tdiff="$td/test$N.diff"
 da="test$N $(date) $RANDOM"
-CMD0="$SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,method=$method,cipher=aNULL,verify=0 PIPE"
-CMD1="$SOCAT $opts - 
OPENSSL-CONNECT:$LOCALHOST:$PORT,method=$method,cipher=aNULL,verify=0"
+CMD0="$SOCAT $opts 
OPENSSL-LISTEN:$PORT,reuseaddr,method=$method,cipher=aNULL:@SECLEVEL=0,verify=0 
PIPE"
+CMD1="$SOCAT $opts - 
OPENSSL-CONNECT:$LOCALHOST:$PORT,method=$method,cipher=aNULL:@SECLEVEL=0,verify=0"
 printf "test $F_n $TEST... " $N
 if [ "$method" = DTLS1 -a "$(echo -e "$OPENSSL_VERSION\n1.0.2" |sort -V |tail 
-n 1)" = "$OPENSSL_VERSION_GOOD" ]; then
     $PRINTF "${YELLOW}might hang, skipping${NORMAL}\n"

Reply via email to