From 9afaa3d1f44b269f9ab98cb1163e6c459fc0aff1 Mon Sep 17 00:00:00 2001 From: Clemens Lang Date: Thu, 28 Apr 2022 13:38:34 +0200 Subject: [PATCH] Fix regression in evp_pkey_name2type caused by tr_TR locale fix Resolves: rhbz#2071631 Signed-off-by: Clemens Lang --- 0057-strcasecmp-fix.patch | 104 ++++++++++++++++++++++++++++++++++++++ openssl.spec | 8 ++- 2 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 0057-strcasecmp-fix.patch diff --git a/0057-strcasecmp-fix.patch b/0057-strcasecmp-fix.patch new file mode 100644 index 0000000..f5c59b5 --- /dev/null +++ b/0057-strcasecmp-fix.patch @@ -0,0 +1,104 @@ +From 68f23e3725d9639f5b27d868fee291cabb516677 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Fri, 22 Apr 2022 18:16:56 +0200 +Subject: [PATCH 1/2] Ensure we initialized the locale before + evp_pkey_name2type + +Fixes #18158 +--- + crypto/evp/pmeth_lib.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c +index 2b9c6c2351da..92d25de44532 100644 +--- a/crypto/evp/pmeth_lib.c ++++ b/crypto/evp/pmeth_lib.c +@@ -27,6 +27,7 @@ + #ifndef FIPS_MODULE + # include "crypto/asn1.h" + #endif ++#include "crypto/ctype.h" + #include "crypto/evp.h" + #include "crypto/dh.h" + #include "crypto/ec.h" +@@ -199,6 +200,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, + } + #ifndef FIPS_MODULE + if (keytype != NULL) { ++ ossl_init_casecmp(); + id = evp_pkey_name2type(keytype); + if (id == NID_undef) + id = -1; + +From 51c7b2d9c30b72aeb7e8eb69799dc039d5b23e58 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Fri, 22 Apr 2022 19:26:08 +0200 +Subject: [PATCH 2/2] Testing the EVP_PKEY_CTX_new_from_name without + preliminary init + +--- + test/build.info | 6 +++++- + test/evp_pkey_ctx_new_from_name.c | 14 ++++++++++++++ + test/recipes/02-test_localetest.t | 4 +++- + 3 files changed, 22 insertions(+), 2 deletions(-) + create mode 100644 test/evp_pkey_ctx_new_from_name.c + +diff --git a/test/build.info b/test/build.info +index 14a84f00a258..ee059973d31a 100644 +--- a/test/build.info ++++ b/test/build.info +@@ -37,7 +37,7 @@ IF[{- !$disabled{tests} -}] + sanitytest rsa_complex exdatatest bntest \ + ecstresstest gmdifftest pbelutest \ + destest mdc2test sha_test \ +- exptest pbetest localetest \ ++ exptest pbetest localetest evp_pkey_ctx_new_from_name\ + evp_pkey_provided_test evp_test evp_extra_test evp_extra_test2 \ + evp_fetch_prov_test evp_libctx_test ossl_store_test \ + v3nametest v3ext \ +@@ -139,6 +139,10 @@ IF[{- !$disabled{tests} -}] + INCLUDE[localetest]=../include ../apps/include + DEPEND[localetest]=../libcrypto libtestutil.a + ++ SOURCE[evp_pkey_ctx_new_from_name]=evp_pkey_ctx_new_from_name.c ++ INCLUDE[evp_pkey_ctx_new_from_name]=../include ../apps/include ++ DEPEND[evp_pkey_ctx_new_from_name]=../libcrypto ++ + SOURCE[pbetest]=pbetest.c + INCLUDE[pbetest]=../include ../apps/include + DEPEND[pbetest]=../libcrypto libtestutil.a +diff --git a/test/evp_pkey_ctx_new_from_name.c b/test/evp_pkey_ctx_new_from_name.c +new file mode 100644 +index 000000000000..24063ea05ea5 +--- /dev/null ++++ b/test/evp_pkey_ctx_new_from_name.c +@@ -0,0 +1,14 @@ ++#include ++#include ++#include ++#include ++ ++int main(int argc, char *argv[]) ++{ ++ EVP_PKEY_CTX *pctx = NULL; ++ ++ pctx = EVP_PKEY_CTX_new_from_name(NULL, "NO_SUCH_ALGORITHM", NULL); ++ EVP_PKEY_CTX_free(pctx); ++ ++ return 0; ++} +diff --git a/test/recipes/02-test_localetest.t b/test/recipes/02-test_localetest.t +index 1bccd57d4c63..77fba7d819ab 100644 +--- a/test/recipes/02-test_localetest.t ++++ b/test/recipes/02-test_localetest.t +@@ -15,7 +15,9 @@ setup("locale tests"); + plan skip_all => "Locale tests not available on Windows or VMS" + if $^O =~ /^(VMS|MSWin32)$/; + +-plan tests => 2; ++plan tests => 3; ++ ++ok(run(test(["evp_pkey_ctx_new_from_name"])), "running evp_pkey_ctx_new_from_name without explicit context init"); + + $ENV{LANG} = "C"; + ok(run(test(["localetest"])), "running localetest"); diff --git a/openssl.spec b/openssl.spec index 8364eb9..00a31d1 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.1 -Release: 23%{?dist} +Release: 24%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -92,6 +92,8 @@ Patch54: 0054-Replace-size-check-with-more-meaningful-pubkey-check.patch Patch55: 0055-nonlegacy-fetch-null-deref.patch # https://github.com/openssl/openssl/pull/18103 Patch56: 0056-strcasecmp.patch +# https://github.com/openssl/openssl/pull/18175 +Patch57: 0057-strcasecmp-fix.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -422,6 +424,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu Apr 28 2022 Clemens Lang - 1:3.0.1-24 +- Fix regression in evp_pkey_name2type caused by tr_TR locale fix + Resolves: rhbz#2071631 + * Wed Apr 20 2022 Dmitry Belyavskiy - 1:3.0.1-23 - Fix openssl curl error with LANG=tr_TR.utf8 - Resolves: rhbz#2071631