diff --git a/0001-Make-python-version-explitic-DBUILD_PYTHON3-or-DBUIL.patch b/0001-Make-python-version-explitic-DBUILD_PYTHON3-or-DBUIL.patch deleted file mode 100644 index d9c2f0824136d016622b65a808c963cdfa3c5e2e..0000000000000000000000000000000000000000 --- a/0001-Make-python-version-explitic-DBUILD_PYTHON3-or-DBUIL.patch +++ /dev/null @@ -1,273 +0,0 @@ -From d01533ab1750d8b43be7829edef28ecb006d57cf Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= -Date: Mon, 4 Dec 2017 14:33:17 +0100 -Subject: [PATCH] Make python version explitic: -DBUILD_PYTHON3 or - -DBUILD_PYTHON - ---- - CMakeLists.txt | 13 +++++-- - bindings/CMakeLists.txt | 4 +-- - bindings/python/CMakeLists.txt | 6 +++- - bindings/python/tests/CMakeLists.txt | 68 ++++++++++++++++++------------------ - bindings/python/tests/run | 6 ++-- - package/openwsman.spec.in | 29 +++++++++++++++ - 6 files changed, 83 insertions(+), 43 deletions(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 8509fc7..8f7b955 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -101,6 +101,7 @@ ENDMACRO(NO_HEADERS_WARNING) - # the headers: if it was explicitly set then fail, otherwise - # just give a warning message - SET( BUILD_PYTHON_EXPLICIT ${BUILD_PYTHON}) -+SET( BUILD_PYTHON3_EXPLICIT ${BUILD_PYTHON3}) - SET( BUILD_RUBY_EXPLICIT ${BUILD_RUBY}) - SET( BUILD_PERL_EXPLICIT ${BUILD_PERL}) - SET( BUILD_JAVA_EXPLICIT ${BUILD_JAVA}) -@@ -111,7 +112,13 @@ SET( BUILD_SWIG_PLUGIN_EXPLICIT ${BUILD_SWIG_PLUGIN}) - OPTION( BUILD_LIBCIM "Build CIM plugin" YES ) - OPTION( BUILD_EXAMPLES "Build examples" YES ) - OPTION( BUILD_BINDINGS "Build client bindings and swig server plugin" YES ) --OPTION( BUILD_PYTHON "Build Python bindings" YES ) -+OPTION( BUILD_PYTHON3 "Build Python3 bindings" YES ) -+OPTION( BUILD_PYTHON "Build Python2 bindings" YES ) -+IF (BUILD_PYTHON3) -+IF (BUILD_PYTHON) -+MESSAGE(FATAL_ERROR "Can only build for Python2 or Python3, but not both") -+ENDIF (BUILD_PYTHON) -+ENDIF (BUILD_PYTHON3) - OPTION( BUILD_RUBY "Build Ruby bindings" YES ) - IF( BUILD_RUBY ) - OPTION( BUILD_RUBY_GEM "Build Ruby GEM" YES ) -@@ -231,9 +238,9 @@ IF ( NOT SWIG_EXECUTABLE ) - MESSAGE( FATAL "Cannot build SWIG server plugin" ) - ENDIF (BUILD_SWIG_PLUGIN_EXPLICIT) - SET( BUILD_SWIG_PLUGIN NO ) -- IF( BUILD_PYTHON_EXPLICIT OR BUILD_RUBY_EXPLICIT OR BUILD_PERL_EXPLICIT OR BUILD_JAVA_EXPLICIT) -+ IF( BUILD_PYTHON3_EXPLICIT OR BUILD_PYTHON_EXPLICIT OR BUILD_RUBY_EXPLICIT OR BUILD_PERL_EXPLICIT OR BUILD_JAVA_EXPLICIT) - MESSAGE( ERROR "Cannot build client bindings" ) -- ENDIF( BUILD_PYTHON_EXPLICIT OR BUILD_RUBY_EXPLICIT OR BUILD_PERL_EXPLICIT OR BUILD_JAVA_EXPLICIT) -+ ENDIF( BUILD_PYTHON3_EXPLICIT OR BUILD_PYTHON_EXPLICIT OR BUILD_RUBY_EXPLICIT OR BUILD_PERL_EXPLICIT OR BUILD_JAVA_EXPLICIT) - ELSE ( NOT SWIG_EXECUTABLE ) - MESSAGE( STATUS "SWIG ${SWIG_VERSION} found at ${SWIG_EXECUTABLE}" ) - ADD_SUBDIRECTORY(bindings) -diff --git a/bindings/CMakeLists.txt b/bindings/CMakeLists.txt -index 7886d98..66ff472 100644 ---- a/bindings/CMakeLists.txt -+++ b/bindings/CMakeLists.txt -@@ -8,9 +8,9 @@ SET( SWIG_INPUT "${CMAKE_CURRENT_SOURCE_DIR}/openwsman.i" ) - - include_directories(${CMAKE_BINARY_DIR}) - --IF( BUILD_PYTHON ) -+IF( BUILD_PYTHON3 OR BUILD_PYTHON ) - add_subdirectory(python) --ENDIF( BUILD_PYTHON ) -+ENDIF( BUILD_PYTHON3 OR BUILD_PYTHON ) - - IF( BUILD_RUBY ) - add_subdirectory(ruby) -diff --git a/bindings/python/CMakeLists.txt b/bindings/python/CMakeLists.txt -index 305629b..35ae04c 100644 ---- a/bindings/python/CMakeLists.txt -+++ b/bindings/python/CMakeLists.txt -@@ -12,7 +12,11 @@ enable_testing() - - add_subdirectory(tests) - --set(Python_ADDITIONAL_VERSIONS 3.6 3.5 2.7 2.6) -+IF( BUILD_PYTHON3 ) -+set(Python_ADDITIONAL_VERSIONS 3.6 3.5) -+ELSE( BUILD_PYTHON3 ) -+set(Python_ADDITIONAL_VERSIONS 2.7 2.6) -+ENDIF( BUILD_PYTHON3 ) - FIND_PACKAGE(PythonLibs) - IF (PYTHON_LIBRARY) - FIND_PACKAGE(PythonInterp REQUIRED) -diff --git a/bindings/python/tests/CMakeLists.txt b/bindings/python/tests/CMakeLists.txt -index 23711b4..92686ec 100644 ---- a/bindings/python/tests/CMakeLists.txt -+++ b/bindings/python/tests/CMakeLists.txt -@@ -4,55 +4,55 @@ - ENABLE_TESTING() - - # loading wsman --ADD_TEST(bindings_python_loading ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} loading.py ) -+ADD_TEST(bindings_python_loading ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} loading.py ) - - # predefined stuff --# ADD_TEST(bindings_python_constants ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} constants.py ) -+# ADD_TEST(bindings_python_constants ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} constants.py ) - - # Xml bindings --# ADD_TEST(bindings_python_xmldoc ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} xmldoc.py ) --# ADD_TEST(bindings_python_xmlnode ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} xmlnode.py ) --# ADD_TEST(bindings_python_xmlattr ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} xmlattr.py ) -+# ADD_TEST(bindings_python_xmldoc ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} xmldoc.py ) -+# ADD_TEST(bindings_python_xmlnode ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} xmlnode.py ) -+# ADD_TEST(bindings_python_xmlattr ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} xmlattr.py ) - - # Client --# ADD_TEST(bindings_python_client ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} client.py ) --# ADD_TEST(bindings_python_client_bad ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} client_bad.py ) -+# ADD_TEST(bindings_python_client ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} client.py ) -+# ADD_TEST(bindings_python_client_bad ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} client_bad.py ) - - # Transport --# ADD_TEST(bindings_python_transport ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} transport.py ) -+# ADD_TEST(bindings_python_transport ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} transport.py ) - - # ClientOptions --# ADD_TEST(bindings_python_options ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} clientoptions.py ) --# ADD_TEST(bindings_python_debug ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} debug.py ) -+# ADD_TEST(bindings_python_options ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} clientoptions.py ) -+# ADD_TEST(bindings_python_debug ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} debug.py ) - # Identify --ADD_TEST(bindings_python_identify ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} identify.py ) -+ADD_TEST(bindings_python_identify ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} identify.py ) - - # data types --# ADD_TEST(bindings_python_fault ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} fault.py ) -+# ADD_TEST(bindings_python_fault ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} fault.py ) - --ADD_TEST(bindings_python_epr ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} epr.py ) -+ADD_TEST(bindings_python_epr ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} epr.py ) - - # needs a CIMOM --# ADD_TEST(bindings_python_computer_system ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} cim_computer_system.py ) --# ADD_TEST(bindings_python_operating_system ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} cim_operating_system.py ) --# ADD_TEST(bindings_python_cim_process ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} cim_process.py ) --# ADD_TEST(bindings_python_system_configuration ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} cim_system_configuration.py ) --# ADD_TEST(bindings_python_create ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} create.py ) --# ADD_TEST(bindings_python_each_child ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} each_child.py ) --ADD_TEST(bindings_python_enumerate ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} enumerate.py ) --ADD_TEST(bindings_python_add_selector ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} add_selector.py ) --ADD_TEST(bindings_python_add_selector2 ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} add_selector2.py ) --# ADD_TEST(bindings_python_get ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} get.py ) --# ADD_TEST(bindings_python_identify ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} identify.py ) --# ADD_TEST(bindings_python_invoke ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} invoke.py ) --# ADD_TEST(bindings_python_notepad ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} notepad.py ) --# ADD_TEST(bindings_python_nsconsts ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} nsconsts.py ) --# ADD_TEST(bindings_python_processes ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} processes.py ) --# ADD_TEST(bindings_python_pull ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} pull.py ) --# ADD_TEST(bindings_python_put ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} put.py ) --ADD_TEST(bindings_python_release ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} release.py ) -+# ADD_TEST(bindings_python_computer_system ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} cim_computer_system.py ) -+# ADD_TEST(bindings_python_operating_system ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} cim_operating_system.py ) -+# ADD_TEST(bindings_python_cim_process ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} cim_process.py ) -+# ADD_TEST(bindings_python_system_configuration ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} cim_system_configuration.py ) -+# ADD_TEST(bindings_python_create ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} create.py ) -+# ADD_TEST(bindings_python_each_child ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} each_child.py ) -+ADD_TEST(bindings_python_enumerate ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} enumerate.py ) -+ADD_TEST(bindings_python_add_selector ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} add_selector.py ) -+ADD_TEST(bindings_python_add_selector2 ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} add_selector2.py ) -+# ADD_TEST(bindings_python_get ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} get.py ) -+# ADD_TEST(bindings_python_identify ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} identify.py ) -+# ADD_TEST(bindings_python_invoke ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} invoke.py ) -+# ADD_TEST(bindings_python_notepad ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} notepad.py ) -+# ADD_TEST(bindings_python_nsconsts ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} nsconsts.py ) -+# ADD_TEST(bindings_python_processes ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} processes.py ) -+# ADD_TEST(bindings_python_pull ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} pull.py ) -+# ADD_TEST(bindings_python_put ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} put.py ) -+ADD_TEST(bindings_python_release ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} release.py ) - - # needs WinRM system --# ADD_TEST(bindings_python_win32_operatingsystem ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} win32_operatingsystem.py ) --# ADD_TEST(bindings_python_win32_process ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} win32_process.py ) --# ADD_TEST(bindings_python_win32_services ${CMAKE_CURRENT_SOURCE_DIR}/run ${CMAKE_CURRENT_SOURCE_DIR} win32_services.py ) -+# ADD_TEST(bindings_python_win32_operatingsystem ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} win32_operatingsystem.py ) -+# ADD_TEST(bindings_python_win32_process ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} win32_process.py ) -+# ADD_TEST(bindings_python_win32_services ${CMAKE_CURRENT_SOURCE_DIR}/run ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR} win32_services.py ) -diff --git a/bindings/python/tests/run b/bindings/python/tests/run -index 5ddc88d..9ec76a7 100755 ---- a/bindings/python/tests/run -+++ b/bindings/python/tests/run -@@ -2,8 +2,8 @@ - # - # run script for Python tests - # --# Usage: run -+# Usage: run - # --(cd $1; -+(cd $2; - f=`dirname $0`; -- LD_LIBRARY_PATH=$f/../../../build/src/lib python $2) -+ LD_LIBRARY_PATH=$f/../../../build/src/lib $1 $3) -diff --git a/package/openwsman.spec.in b/package/openwsman.spec.in -index 601294a..cbf1ba6 100644 ---- a/package/openwsman.spec.in -+++ b/package/openwsman.spec.in -@@ -31,7 +31,11 @@ BuildRequires: sblim-sfcc-devel - BuildRequires: swig >= 2.0.5 - - BuildRequires: perl -+%if 0%{?have_python3} -+BuildRequires: python3-devel -+%else - BuildRequires: python-devel -+%endif - - %if 0%{?rhel_version} > 0 - BuildRequires: -vim -@@ -214,6 +218,20 @@ This package provides a Openwsman server plugin to write a - WS-Management resource handler in Ruby - - -+%if 0%{?have_python3} -+%package python3 -+Summary: Python3 bindings for openwsman client API -+Group: Development/Libraries/Python -+%{!?python3_sitelib: %global python3_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} -+%{!?python3_sitearch: %global python3_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} -+%{!?py_requires: %define py_requires Requires: python3} -+%{py_requires} -+ -+%description python3 -+This package provides Python3 bindings to access the openwsman client -+API. -+ -+%else - %package python - Summary: Python bindings for openwsman client API - Group: Development/Libraries/Python -@@ -226,6 +244,7 @@ Group: Development/Libraries/Python - This package provides Python bindings to access the openwsman client - API. - -+%endif - - %package ruby - Requires: ruby -@@ -344,6 +363,9 @@ cmake \ - %if 0%{?suse_version} == 1010 - -DBUILD_JAVA=FALSE \ - %endif -+%if 0%{?have_python3} -+ -DBUILD_PYTHON=FALSE \ -+%endif - -DCMAKE_VERBOSE_MAKEFILE=TRUE \ - -DCMAKE_BUILD_TYPE=Release \ - -DCMAKE_C_FLAGS_RELEASE:STRING="$RPM_OPT_FLAGS -fno-strict-aliasing" \ -@@ -458,10 +480,17 @@ rm -f /var/log/wsmand.log - %exclude %{_includedir}/openwsman/cpp/*.h - %exclude %{_libdir}/libwsman_clientpp.so - -+%if 0%{?have_python3} -+%files python3 -+%defattr(-,root,root) -+%{python3_sitearch}/*.so -+%{python3_sitearch}/*.py* -+%else - %files python - %defattr(-,root,root) - %{python_sitearch}/*.so - %{python_sitearch}/*.py* -+%endif - - %files ruby - %defattr(-,root,root) --- -1.8.3.1 - diff --git a/CVE-2019-3833.patch b/CVE-2019-3833.patch deleted file mode 100644 index a0a97cb38109690d7d534c4ddf6c793ec32545b2..0000000000000000000000000000000000000000 --- a/CVE-2019-3833.patch +++ /dev/null @@ -1,169 +0,0 @@ ---- a/src/server/shttpd/shttpd.c -+++ b/src/server/shttpd/shttpd.c -@@ -336,10 +336,12 @@ date_to_epoch(const char *s) - } - - static void --remove_double_dots(char *s) -+remove_all_leading_dots(char *s) - { - char *p = s; - -+ while (*s != '\0' && *s == '.') s++; -+ - while (*s != '\0') { - *p++ = *s++; - if (s[-1] == '/' || s[-1] == '\\') -@@ -546,7 +548,7 @@ decide_what_to_do(struct conn *c) - *c->query++ = '\0'; - - _shttpd_url_decode(c->uri, strlen(c->uri), c->uri, strlen(c->uri) + 1); -- remove_double_dots(c->uri); -+ remove_all_leading_dots(c->uri); - - root = c->ctx->options[OPT_ROOT]; - if (strlen(c->uri) + strlen(root) >= sizeof(path)) { -@@ -556,6 +558,7 @@ decide_what_to_do(struct conn *c) - - (void) _shttpd_snprintf(path, sizeof(path), "%s%s", root, c->uri); - -+ DBG(("decide_what_to_do -> processed path: [%s]", path)); - /* User may use the aliases - check URI for mount point */ - if (is_alias(c->ctx, c->uri, &alias_uri, &alias_path) != NULL) { - (void) _shttpd_snprintf(path, sizeof(path), "%.*s%s", -@@ -572,7 +575,10 @@ decide_what_to_do(struct conn *c) - if ((ruri = _shttpd_is_registered_uri(c->ctx, c->uri)) != NULL) { - _shttpd_setup_embedded_stream(c, - ruri->callback, ruri->callback_data); -- } else -+ } else { -+ _shttpd_send_server_error(c, 403, "Forbidden"); -+ } -+#if 0 - if (strstr(path, HTPASSWD)) { - /* Do not allow to view passwords files */ - _shttpd_send_server_error(c, 403, "Forbidden"); -@@ -656,6 +662,7 @@ decide_what_to_do(struct conn *c) - } else { - _shttpd_send_server_error(c, 500, "Internal Error"); - } -+#endif - } - - static int -@@ -698,11 +705,11 @@ parse_http_request(struct conn *c) - _shttpd_send_server_error(c, 500, "Cannot allocate request"); - } - -+ io_inc_tail(&c->rem.io, req_len); -+ - if (c->loc.flags & FLAG_CLOSED) - return; - -- io_inc_tail(&c->rem.io, req_len); -- - DBG(("Conn %d: parsing request: [%.*s]", c->rem.chan.sock, req_len, s)); - c->rem.flags |= FLAG_HEADERS_PARSED; - -@@ -968,7 +975,7 @@ write_stream(struct stream *from, struct - } - - --static void -+static int - connection_desctructor(struct llhead *lp) - { - struct conn *c = LL_ENTRY(lp, struct conn, link); -@@ -992,7 +999,8 @@ connection_desctructor(struct llhead *lp - * Check the "Connection: " header before we free c->request - * If it its 'keep-alive', then do not close the connection - */ -- do_close = (c->ch.connection.v_vec.len >= vec.len && -+ do_close = c->rem.flags & FLAG_CLOSED || -+ (c->ch.connection.v_vec.len >= vec.len && - !_shttpd_strncasecmp(vec.ptr,c->ch.connection.v_vec.ptr,vec.len)) || - (c->major_version < 1 || - (c->major_version >= 1 && c->minor_version < 1)); -@@ -1014,7 +1022,7 @@ connection_desctructor(struct llhead *lp - io_clear(&c->loc.io); - c->birth_time = _shttpd_current_time; - if (io_data_len(&c->rem.io) > 0) -- process_connection(c, 0, 0); -+ return 1; - } else { - if (c->rem.io_class != NULL) - c->rem.io_class->close(&c->rem); -@@ -1025,6 +1033,8 @@ connection_desctructor(struct llhead *lp - - free(c); - } -+ -+ return 0; - } - - static void -@@ -1032,7 +1042,7 @@ worker_destructor(struct llhead *lp) - { - struct worker *worker = LL_ENTRY(lp, struct worker, link); - -- free_list(&worker->connections, connection_desctructor); -+ free_list(&worker->connections, (void (*)(struct llhead *))connection_desctructor); - free(worker); - } - -@@ -1065,6 +1075,8 @@ add_to_set(int fd, fd_set *set, int *max - static void - process_connection(struct conn *c, int remote_ready, int local_ready) - { -+again: -+ - /* Read from remote end if it is ready */ - if (remote_ready && io_space_len(&c->rem.io)) - read_stream(&c->rem); -@@ -1093,7 +1105,11 @@ process_connection(struct conn *c, int r - if ((_shttpd_current_time > c->expire_time) || - (c->rem.flags & FLAG_CLOSED) || - ((c->loc.flags & FLAG_CLOSED) && !io_data_len(&c->loc.io))) -- connection_desctructor(&c->link); -+ if (connection_desctructor(&c->link)) { -+ remote_ready = 0; -+ local_ready = 0; -+ goto again; -+ } - } - - static int -@@ -1650,7 +1666,7 @@ worker_function(void *param) - while (worker->exit_flag == 0) - poll_worker(worker, 1000 * 10); - -- free_list(&worker->connections, connection_desctructor); -+ free_list(&worker->connections, (void (*)(struct llhead *))connection_desctructor); - free(worker); - } - ---- a/src/server/wsmand.c -+++ b/src/server/wsmand.c -@@ -198,6 +198,11 @@ static void daemonize(void) - int fd; - char *pid; - -+ /* Change our CWD to service_path */ -+ i=chdir("/"); -+ // i=chdir(wsmand_options_get_service_path()); -+ assert(i == 0); -+ - if (wsmand_options_get_foreground_debug() > 0) { - return; - } -@@ -214,10 +219,6 @@ static void daemonize(void) - log_pid = 0; - setsid(); - -- /* Change our CWD to / */ -- i=chdir("/"); -- assert(i == 0); -- - /* Close all file descriptors. */ - for (i = getdtablesize(); i >= 0; --i) - close(i); diff --git a/openwsman-2.4.0-pamsetup.patch b/openwsman-2.4.0-pamsetup.patch index 021ca8875a842506ebce0381549dd48d532ad2a7..466b5df07e96ba01bdb2d506d83155a24ae47868 100644 --- a/openwsman-2.4.0-pamsetup.patch +++ b/openwsman-2.4.0-pamsetup.patch @@ -1,16 +1,13 @@ -diff -up openwsman-2.6.1/etc/pam/openwsman.pamsetup openwsman-2.6.1/etc/pam/openwsman ---- openwsman-2.6.1/etc/pam/openwsman.pamsetup 2015-08-27 15:46:46.000000000 +0200 -+++ openwsman-2.6.1/etc/pam/openwsman 2015-08-31 16:08:28.166913889 +0200 -@@ -1,7 +1,7 @@ - #%PAM-1.0 --auth required pam_unix2.so nullok -+auth required pam_unix.so nullok +diff -up openwsman-2.6.8/etc/pam/openwsman.orig openwsman-2.6.8/etc/pam/openwsman +--- openwsman-2.6.8/etc/pam/openwsman.orig 2018-11-21 13:51:52.776325243 +0100 ++++ openwsman-2.6.8/etc/pam/openwsman 2018-11-21 13:54:17.066351134 +0100 +@@ -2,6 +2,6 @@ + auth required pam_unix.so nullok auth required pam_nologin.so --account required pam_unix2.so --password required pam_pwcheck.so nullok --password required pam_unix2.so nullok use_first_pass use_authtok --session required pam_unix2.so none -+account required pam_unix.so + account required pam_unix.so +-password required pam_cracklib.so nullok +-password required pam_unix.so nullok use_first_pass use_authtok nis shadow +-session required pam_unix.so none +password required pam_pwquality.so -+password required pam_unix.so nullok use_first_pass use_authtok ++password required pam_unix.so nullok use_first_pass use_authtok +session required pam_unix.so diff --git a/openwsman-2.4.12-ruby-binding-build.patch b/openwsman-2.4.12-ruby-binding-build.patch index 7f46996456aed40c5d352537b057797ac859ef49..87c890d8034ca5be83200fea3d21e2b296c5b377 100644 --- a/openwsman-2.4.12-ruby-binding-build.patch +++ b/openwsman-2.4.12-ruby-binding-build.patch @@ -1,12 +1,12 @@ -diff -up openwsman-2.4.12/bindings/ruby/extconf.rb.orig openwsman-2.4.12/bindings/ruby/extconf.rb ---- openwsman-2.4.12/bindings/ruby/extconf.rb.orig 2015-02-09 09:28:58.232581263 +0100 -+++ openwsman-2.4.12/bindings/ruby/extconf.rb 2015-02-09 09:38:22.836772879 +0100 +diff -up openwsman-2.7.2/bindings/ruby/extconf.rb.orig openwsman-2.7.2/bindings/ruby/extconf.rb +--- openwsman-2.7.2/bindings/ruby/extconf.rb.orig 2022-12-28 16:43:03.000000000 +0100 ++++ openwsman-2.7.2/bindings/ruby/extconf.rb 2023-08-09 12:50:21.361216733 +0200 @@ -32,7 +32,7 @@ swig = find_executable("swig") raise "SWIG not found" unless swig major, minor, path = RUBY_VERSION.split(".") -raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -o openwsman_wrap.c openwsman.i") -+raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.6.5/include/ -o openwsman_wrap.c openwsman.i") ++raise "SWIG failed to run" unless system("#{swig} -ruby -autorename -DRUBY_VERSION=#{major}#{minor} -I. -I/usr/include/openwsman -I/builddir/build/BUILD/openwsman-2.7.2/include/ -o openwsman_wrap.c openwsman.i") $CPPFLAGS = "-I/usr/include/openwsman -I.." diff --git a/openwsman-2.6.2-openssl-1.1-fix.patch b/openwsman-2.6.2-openssl-1.1-fix.patch index 1be385d03ad3a0d0fb4cc2fed63de513230c76df..5d64644716e510d34b9e0009b01a528b2b51cfa0 100644 --- a/openwsman-2.6.2-openssl-1.1-fix.patch +++ b/openwsman-2.6.2-openssl-1.1-fix.patch @@ -1,31 +1,6 @@ -diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c ---- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-01-23 13:14:59.357153453 +0100 -@@ -241,12 +241,20 @@ write_handler( void *ptr, size_t size, s - static int ssl_certificate_thumbprint_verify_callback(X509_STORE_CTX *ctx, void *arg) - { - unsigned char *thumbprint = (unsigned char *)arg; -- X509 *cert = ctx->cert; - EVP_MD *tempDigest; - - unsigned char tempFingerprint[EVP_MAX_MD_SIZE]; - unsigned int tempFingerprintLen; - tempDigest = (EVP_MD*)EVP_sha1( ); -+ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ X509 *cert = X509_STORE_CTX_get_current_cert(ctx); -+#else -+ X509 *cert = ctx->cert; -+#endif -+ if(!cert) -+ return 0; -+ - if ( X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen ) <= 0) - return 0; - if(!memcmp(tempFingerprint, thumbprint, tempFingerprintLen)) -diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/src/server/shttpd/compat_unix.h ---- openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/compat_unix.h 2018-01-23 13:14:59.357153453 +0100 +diff -up openwsman-2.7.0/src/server/shttpd/compat_unix.h.orig openwsman-2.7.0/src/server/shttpd/compat_unix.h +--- openwsman-2.7.0/src/server/shttpd/compat_unix.h.orig 2020-05-25 15:16:28.000000000 +0200 ++++ openwsman-2.7.0/src/server/shttpd/compat_unix.h 2021-03-09 09:15:26.750942006 +0100 @@ -27,10 +27,6 @@ pthread_create(&tid, NULL, (void *(*)(void *))a, c); } while (0) #endif /* !NO_THREADS */ @@ -37,10 +12,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/compat_unix.h.orig openwsman-2.6.5/sr #define DIRSEP '/' #define IS_DIRSEP_CHAR(c) ((c) == '/') #define O_BINARY 0 -diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/server/shttpd/io_ssl.c ---- openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/io_ssl.c 2018-01-23 13:14:59.357153453 +0100 -@@ -11,23 +11,6 @@ +diff -up openwsman-2.7.0/src/server/shttpd/io_ssl.c.orig openwsman-2.7.0/src/server/shttpd/io_ssl.c +--- openwsman-2.7.0/src/server/shttpd/io_ssl.c.orig 2020-05-25 15:16:28.000000000 +0200 ++++ openwsman-2.7.0/src/server/shttpd/io_ssl.c 2021-03-09 09:15:26.750942006 +0100 +@@ -11,28 +11,6 @@ #include "defs.h" #if !defined(NO_SSL) @@ -54,8 +29,13 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser - {"SSL_set_fd", {0}}, - {"SSL_new", {0}}, - {"SSL_CTX_new", {0}}, +-#if OPENSSL_VERSION_NUMBER < 0x10100000L - {"SSLv23_server_method", {0}}, - {"SSL_library_init", {0}}, +-#else +- {"TLS_server_method", {0}}, +- {"OPENSSL_init_ssl", {0}}, +-#endif - {"SSL_CTX_use_PrivateKey_file", {0}}, - {"SSL_CTX_use_certificate_file",{0}}, - {NULL, {0}} @@ -64,10 +44,10 @@ diff -up openwsman-2.6.5/src/server/shttpd/io_ssl.c.orig openwsman-2.6.5/src/ser void _shttpd_ssl_handshake(struct stream *stream) { -diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c ---- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-01-23 13:16:13.738228773 +0100 -@@ -1476,20 +1476,14 @@ set_ssl(struct shttpd_ctx *ctx, const ch +diff -up openwsman-2.7.0/src/server/shttpd/shttpd.c.orig openwsman-2.7.0/src/server/shttpd/shttpd.c +--- openwsman-2.7.0/src/server/shttpd/shttpd.c.orig 2020-05-25 15:16:28.000000000 +0200 ++++ openwsman-2.7.0/src/server/shttpd/shttpd.c 2021-03-09 09:16:58.843241510 +0100 +@@ -1489,25 +1489,13 @@ set_ssl(struct shttpd_ctx *ctx, const ch int retval = FALSE; EC_KEY* key; @@ -84,32 +64,20 @@ diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/ser - } - /* Initialize SSL crap */ -+ debug("Initialize SSL"); -+ SSL_load_error_strings(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ OPENSSL_init_ssl(0, NULL); -+#else - SSL_library_init(); -+#endif + #if OPENSSL_VERSION_NUMBER < 0x10100000L + SSL_library_init(); if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL) + #else +- OPENSSL_init_ssl(); ++ OPENSSL_init_ssl(0, NULL); + if ((CTX = SSL_CTX_new(TLS_server_method())) == NULL) + #endif _shttpd_elog(E_LOG, NULL, "SSL_CTX_new error"); -@@ -1532,7 +1526,11 @@ set_ssl(struct shttpd_ctx *ctx, const ch - if (strncasecmp(protocols[idx].name, ssl_disabled_protocols, blank_ptr-ssl_disabled_protocols) == 0) { - //_shttpd_elog(E_LOG, NULL, "SSL: disable %s protocol", protocols[idx].name); - debug("SSL: disable %s protocol", protocols[idx].name); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ SSL_CTX_set_options(CTX, protocols[idx].opt); -+#else - SSL_CTX_ctrl(CTX, SSL_CTRL_OPTIONS, protocols[idx].opt, NULL); -+#endif - break; - } - } -diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server/shttpd/ssl.h ---- openwsman-2.6.5/src/server/shttpd/ssl.h.orig 2017-11-28 09:32:15.000000000 +0100 -+++ openwsman-2.6.5/src/server/shttpd/ssl.h 2018-01-23 13:14:59.358153454 +0100 -@@ -12,50 +12,4 @@ +diff -up openwsman-2.7.0/src/server/shttpd/ssl.h.orig openwsman-2.7.0/src/server/shttpd/ssl.h +--- openwsman-2.7.0/src/server/shttpd/ssl.h.orig 2020-05-25 15:16:28.000000000 +0200 ++++ openwsman-2.7.0/src/server/shttpd/ssl.h 2021-03-09 09:15:26.750942006 +0100 +@@ -12,55 +12,4 @@ #include @@ -130,7 +98,7 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server -#define SSL_ERROR_SYSCALL 5 -#define SSL_FILETYPE_PEM 1 - - #endif +-#endif - -/* - * Dynamically loaded SSL functionality @@ -153,9 +121,14 @@ diff -up openwsman-2.6.5/src/server/shttpd/ssl.h.orig openwsman-2.6.5/src/server -#define SSL_get_error(x,y)(* (int (*)(SSL *, int)) FUNC(5))((x), (y)) -#define SSL_set_fd(x,y) (* (int (*)(SSL *, int)) FUNC(6))((x), (y)) -#define SSL_new(x) (* (SSL * (*)(SSL_CTX *)) FUNC(7))(x) --#define SSL_CTX_new(x) (* (SSL_CTX * (*)(SSL_METHOD *)) FUNC(8))(x) +-#define SSL_CTX_new(x) (* (SSL_CTX * (*)(const SSL_METHOD *)) FUNC(8))(x) +-#if OPENSSL_VERSION_NUMBER < 0x10100000L -#define SSLv23_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))() -#define SSL_library_init() (* (int (*)(void)) FUNC(10))() +-#else +-#define TLS_server_method() (* (SSL_METHOD * (*)(void)) FUNC(9))() +-#define OPENSSL_init_ssl() (* (int (*)(void)) FUNC(10))() + #endif -#define SSL_CTX_use_PrivateKey_file(x,y,z) (* (int (*)(SSL_CTX *, \ - const char *, int)) FUNC(11))((x), (y), (z)) -#define SSL_CTX_use_certificate_file(x,y,z) (* (int (*)(SSL_CTX *, \ diff --git a/openwsman-2.6.5-fix-ruby-bindings-for-swig-41.patch b/openwsman-2.6.5-fix-ruby-bindings-for-swig-41.patch deleted file mode 100644 index de7a199d480581edbcdfb1e73f5608be0016c980..0000000000000000000000000000000000000000 --- a/openwsman-2.6.5-fix-ruby-bindings-for-swig-41.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openwsman-2.7.1/bindings/ruby/helpers.h.orig openwsman-2.7.1/bindings/ruby/helpers.h ---- openwsman-2.7.1/bindings/ruby/helpers.h.orig 2021-04-07 17:25:55.000000000 +0200 -+++ openwsman-2.7.1/bindings/ruby/helpers.h 2022-10-21 08:36:24.901459057 +0200 -@@ -47,7 +47,7 @@ - * - */ - --#if SWIGVERSION > 0x020004 -+#if SWIG_VERSION > 0x020004 - #define KLASS_DECL(k,t) swig_class *k = (swig_class *)(t->clientdata) - #define KLASS_OF(x) x->klass - #else diff --git a/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch b/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch deleted file mode 100644 index dc3e52c1aaef61be7b435c3118e3c12e954bcc76..0000000000000000000000000000000000000000 --- a/openwsman-2.6.5-fix-set-cipher-list-retval-check.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openwsman-2.6.5/src/server/shttpd/shttpd.c.orig openwsman-2.6.5/src/server/shttpd/shttpd.c ---- openwsman-2.6.5/src/server/shttpd/shttpd.c.orig 2018-02-21 10:53:24.964163710 +0100 -+++ openwsman-2.6.5/src/server/shttpd/shttpd.c 2018-02-21 10:53:31.854162875 +0100 -@@ -1541,7 +1541,7 @@ set_ssl(struct shttpd_ctx *ctx, const ch - - if (ssl_cipher_list) { - int rc = SSL_CTX_set_cipher_list(CTX, ssl_cipher_list); -- if (rc != 0) { -+ if (rc != 1) { - _shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list); - } - } diff --git a/openwsman-2.6.5-http-status-line.patch b/openwsman-2.6.5-http-status-line.patch new file mode 100644 index 0000000000000000000000000000000000000000..f5715088dcc8ea2b0868611c043b4961381f5d22 --- /dev/null +++ b/openwsman-2.6.5-http-status-line.patch @@ -0,0 +1,39 @@ +diff -up openwsman-4391e5c68d99c6239e1672d1c8a5a16d7d8c4c2b/src/server/wsmand-listener.c.orig openwsman-4391e5c68d99c6239e1672d1c8a5a16d7d8c4c2b/src/server/wsmand-listener.c +--- openwsman-4391e5c68d99c6239e1672d1c8a5a16d7d8c4c2b/src/server/wsmand-listener.c.orig 2016-07-27 16:03:55.000000000 +0200 ++++ openwsman-4391e5c68d99c6239e1672d1c8a5a16d7d8c4c2b/src/server/wsmand-listener.c 2018-01-22 13:05:04.478923300 +0100 +@@ -344,6 +344,35 @@ DONE: + if (fault_reason == NULL) { + // this is a way to segfault, investigate + //fault_reason = shttpd_reason_phrase(status); ++ // ugly workaround follows... ++ switch (status) { ++ case 200: ++ fault_reason = "OK"; ++ break; ++ case 400: ++ fault_reason = "Bad request"; ++ break; ++ case 401: ++ fault_reason = "Unauthorized"; ++ break; ++ case 403: ++ fault_reason = "Forbidden"; ++ break; ++ case 404: ++ fault_reason = "Not found"; ++ break; ++ case 500: ++ fault_reason = "Internal Error"; ++ break; ++ case 501: ++ fault_reason = "Not implemented"; ++ break; ++ case 415: ++ fault_reason = "Unsupported Media Type"; ++ break; ++ default: ++ fault_reason = ""; ++ } + } + debug("Response status=%d (%s)", status, fault_reason); + diff --git a/openwsman-2.6.5-libcurl-error-codes-update.patch b/openwsman-2.6.5-libcurl-error-codes-update.patch deleted file mode 100644 index 40de8bf2c2ec218382e8e44fc934c1bfa260c38e..0000000000000000000000000000000000000000 --- a/openwsman-2.6.5-libcurl-error-codes-update.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -up openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig openwsman-2.6.5/src/lib/wsman-curl-client-transport.c ---- openwsman-2.6.5/src/lib/wsman-curl-client-transport.c.orig 2018-11-14 13:53:27.442138557 +0100 -+++ openwsman-2.6.5/src/lib/wsman-curl-client-transport.c 2018-11-14 14:11:28.508714204 +0100 -@@ -186,16 +186,23 @@ convert_to_last_error(CURLcode r) - return WS_LASTERR_SSL_CONNECT_ERROR; - case CURLE_BAD_FUNCTION_ARGUMENT: - return WS_LASTERR_CURL_BAD_FUNCTION_ARG; -+#if LIBCURL_VERSION_NUM < 0x073E00 - case CURLE_SSL_PEER_CERTIFICATE: - return WS_LASTERR_SSL_PEER_CERTIFICATE; -+#endif - case CURLE_SSL_ENGINE_NOTFOUND: - return WS_LASTERR_SSL_ENGINE_NOTFOUND; - case CURLE_SSL_ENGINE_SETFAILED: - return WS_LASTERR_SSL_ENGINE_SETFAILED; - case CURLE_SSL_CERTPROBLEM: - return WS_LASTERR_SSL_CERTPROBLEM; -+#if LIBCURL_VERSION_NUM < 0x073E00 - case CURLE_SSL_CACERT: - return WS_LASTERR_SSL_CACERT; -+#else -+ case CURLE_PEER_FAILED_VERIFICATION: -+ return WS_LASTERR_SSL_PEER_CERTIFICATE; -+#endif - #if LIBCURL_VERSION_NUM > 0x70C01 - case CURLE_SSL_ENGINE_INITFAILED: - return WS_LASTERR_SSL_ENGINE_INITFAILED; - diff --git a/openwsman-2.6.8-update-ssleay-conf.patch b/openwsman-2.6.8-update-ssleay-conf.patch new file mode 100644 index 0000000000000000000000000000000000000000..c312af514ad0c880d81fdedf51313de4a41893b6 --- /dev/null +++ b/openwsman-2.6.8-update-ssleay-conf.patch @@ -0,0 +1,12 @@ +diff -up openwsman-2.7.1/etc/ssleay.cnf.orig openwsman-2.7.1/etc/ssleay.cnf +--- openwsman-2.7.1/etc/ssleay.cnf.orig 2021-11-09 08:27:48.577749509 +0100 ++++ openwsman-2.7.1/etc/ssleay.cnf 2021-11-09 08:28:10.499967010 +0100 +@@ -3,7 +3,7 @@ + # + + [ req ] +-default_bits = 1024 ++default_bits = 2048 + default_keyfile = privkey.pem + distinguished_name = req_distinguished_name + diff --git a/openwsman.spec b/openwsman.spec index 87388fa86c1cc60e0676bb5332557dda2d17bdba..50b4f44346a21f96c11aa36dea067546aeca44e4 100644 --- a/openwsman.spec +++ b/openwsman.spec @@ -2,8 +2,8 @@ %global gem_name %{name} Name: openwsman -Version: 2.6.5 -Release: 16 +Version: 2.7.2 +Release: 1 Summary: Opensource Implementation of WS-Management License: BSD-3-Clause and MIT URL: http://www.openwsman.org/ @@ -14,16 +14,13 @@ Source3: owsmantestcert.sh Patch0000: openwsman-2.4.0-pamsetup.patch Patch0001: openwsman-2.4.12-ruby-binding-build.patch Patch0002: openwsman-2.6.2-openssl-1.1-fix.patch -Patch0003: openwsman-2.6.5-fix-set-cipher-list-retval-check.patch -Patch0004: openwsman-2.6.5-libcurl-error-codes-update.patch -Patch0005: openwsman-2.6.5-fix-ruby-bindings-for-swig-41.patch -Patch6000: CVE-2019-3833.patch -Patch6001: 0001-Make-python-version-explitic-DBUILD_PYTHON3-or-DBUIL.patch +Patch0003: openwsman-2.6.5-http-status-line.patch +Patch0004: openwsman-2.6.8-update-ssleay-conf.patch BuildRequires: swig libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel python3 BuildRequires: python3-devel ruby ruby-devel rubygems-devel perl-interpreter BuildRequires: perl-devel perl-generators pkgconfig openssl-devel libwsman-devel -BuildRequires: cmake systemd-units gcc gcc-c++ python3 +BuildRequires: cmake systemd-units gcc gcc-c++ %description Opensource Implementation of WS-Management protocol stack @@ -82,6 +79,7 @@ This package provides Python3 bindings to access the openwsman client API. License: BSD-3-Clause and MIT Summary: Ruby bindings for openwsman client API Obsoletes: %{name}-ruby < %{version}-%{release} +Requires: libwsman1 = %{version}-%{release} %description -n rubygem-%{gem_name} This package provides Ruby bindings to access the openwsman client API. @@ -105,7 +103,7 @@ This package provides Perl bindings to access the openwsman client API. %package winrs Summary: Windows Remote Shell -Requires: rubygem-%{gem_name} = %{version}-%{release} +Requires: rubygem-%{gem_name} = %{version}-%{release} rubygem-rexml %description winrs This is a command line tool for the Windows Remote Shell protocol. @@ -122,9 +120,9 @@ chmod -x src/cpp/WsmanClient.h mkdir build -export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DNO_SSL_CALLBACK" -export CFLAGS="-D_GNU_SOURCE -fPIE -DPIE" -export LDFLAGS="$LDFLAGS -Wl,-z,now -pie" +export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -DFEDORA -DNO_SSL_CALLBACK" +export CFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now" +export CXXFLAGS="$RPM_OPT_FLAGS -fPIC -pie -Wl,-z,relro -Wl,-z,now" cd build cmake \ -DCMAKE_INSTALL_PREFIX=/usr \ @@ -260,6 +258,9 @@ rm -f /var/log/wsmand.log %{_mandir}/man8/* %changelog +* Wed Oct 11 2023 liyanan - 2.7.2-1 +- Update to 2.7.2 + * Thu Aug 24 2023 liyanan - 2.6.5-16 - Fix Ruby bindings for swig 4.1 diff --git a/v2.6.5.tar.gz b/v2.6.5.tar.gz deleted file mode 100644 index 5968b51eaf00916449ee96da653fdeb0dfd9e038..0000000000000000000000000000000000000000 Binary files a/v2.6.5.tar.gz and /dev/null differ diff --git a/v2.7.2.tar.gz b/v2.7.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..917775ae420b740bc4710f56eedad22f172296a6 Binary files /dev/null and b/v2.7.2.tar.gz differ