Hello community, here is the log from the commit of package tls for openSUSE:Factory checked in at 2015-01-20 19:04:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tls (Old) and /work/SRC/openSUSE:Factory/.tls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tls" Changes: -------- --- /work/SRC/openSUSE:Factory/tls/tls.changes 2014-11-26 10:33:53.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.tls.new/tls.changes 2015-01-20 19:04:05.000000000 +0100 @@ -1,0 +2,17 @@ +Wed Nov 26 15:27:21 UTC 2014 - [email protected] + +- update to version 1.6.3 (from CVS): + * tls.c (MiscObjCmd): Fixed non-static string array used in call + of Tcl_GetIndexFromObj(). Memory smash waiting to happen. + Thanks to Brian Griffin for alerting us all to the problem. + * tls.c: Applied Jeff's patch from + http://www.mail-archive.com/[email protected]/msg12356.html + * tls.c (StatusObjCmd): memleak: free peer if loaded. + [Bug 3041925] + * tls.tcl (tls::socket): some socket implementations have a -type + support (e.g. for inet6). +- rebased tls-fix-ciphers.patch +- modified tls-enable-tls1.patch to only enable tls1 by default + and to update the documentation + +------------------------------------------------------------------- Old: ---- tls1.6-src.tar.bz2 New: ---- tls1.6.3-src.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tls.spec ++++++ --- /var/tmp/diff_new_pack.nhPX1w/_old 2015-01-20 19:04:06.000000000 +0100 +++ /var/tmp/diff_new_pack.nhPX1w/_new 2015-01-20 19:04:06.000000000 +0100 @@ -23,7 +23,7 @@ Summary: Tcl Binding for the OpenSSL Library License: BSD-3-Clause Group: Development/Libraries/Tcl -Version: 1.6 +Version: 1.6.3 Release: 0 Url: http://tls.sourceforge.net Source0: %name%version-src.tar.bz2 ++++++ tls-ciphers.patch ++++++ --- /var/tmp/diff_new_pack.nhPX1w/_old 2015-01-20 19:04:06.000000000 +0100 +++ /var/tmp/diff_new_pack.nhPX1w/_new 2015-01-20 19:04:06.000000000 +0100 @@ -1,56 +1,21 @@ ---- tests/ciphers.test +Index: tests/ciphers.test +=================================================================== +--- tests/ciphers.test.orig +++ tests/ciphers.test -@@ -48,36 +48,6 @@ - EXP-RC4-MD5 - } - --set ::EXPECTEDCIPHERS(openssl) { -- AES128-SHA -- AES256-SHA -- DES-CBC-SHA -- DES-CBC3-SHA -- DHE-DSS-AES128-SHA -- DHE-DSS-AES256-SHA -- DHE-DSS-RC4-SHA -- DHE-RSA-AES128-SHA -- DHE-RSA-AES256-SHA -- EDH-DSS-DES-CBC-SHA -- EDH-DSS-DES-CBC3-SHA -- EDH-RSA-DES-CBC-SHA -- EDH-RSA-DES-CBC3-SHA -- EXP-DES-CBC-SHA -- EXP-EDH-DSS-DES-CBC-SHA -- EXP-EDH-RSA-DES-CBC-SHA -- EXP-RC2-CBC-MD5 -- EXP-RC4-MD5 -- EXP1024-DES-CBC-SHA -- EXP1024-DHE-DSS-DES-CBC-SHA -- EXP1024-DHE-DSS-RC4-SHA -- EXP1024-RC2-CBC-MD5 -- EXP1024-RC4-MD5 -- EXP1024-RC4-SHA -- IDEA-CBC-SHA -- RC4-MD5 -- RC4-SHA --} -- - proc listcompare {wants haves} { - array set want {} - array set have {} -@@ -109,7 +79,7 @@ +@@ -140,7 +140,7 @@ test ciphers-1.3 {Tls::ciphers for ssl3} # This will fail if you compiled against RSA bsafe or with a # different set of defines than the default. # Change the constraint setting above. -- listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers ssl3] +- listcompare $::EXPECTEDCIPHERS(openssl$version) [tls::ciphers ssl3] + listcompare [split [exec openssl ciphers -ssl3] :] [tls::ciphers ssl3] } {} # This version of the test is correct for OpenSSL only. -@@ -119,7 +89,7 @@ +@@ -150,7 +150,7 @@ test ciphers-1.4 {Tls::ciphers for tls1} # This will fail if you compiled against RSA bsafe or with a # different set of defines than the default. # Change the constraint setting in all.tcl -- listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers tls1] +- listcompare $::EXPECTEDCIPHERS(openssl$version) [tls::ciphers tls1] + listcompare [split [exec openssl ciphers -tls1] :] [tls::ciphers tls1] } {} ++++++ tls-enable-tls1.patch ++++++ --- /var/tmp/diff_new_pack.nhPX1w/_old 2015-01-20 19:04:06.000000000 +0100 +++ /var/tmp/diff_new_pack.nhPX1w/_new 2015-01-20 19:04:06.000000000 +0100 @@ -1,18 +1,46 @@ Index: tls.c =================================================================== ---- tls.c 2008-03-19 23:06:13.000000000 +0100 -+++ tls.c 2014-06-25 18:38:15.981235622 +0200 -@@ -683,10 +683,10 @@ - #else - int ssl3 = 1; - #endif +--- tls.c.orig ++++ tls.c +@@ -716,21 +716,9 @@ ImportObjCmd(clientData, interp, objc, o + char *CAfile = NULL; + char *CAdir = NULL; + char *model = NULL; +-#if defined(NO_SSL2) + int ssl2 = 0; +-#else +- int ssl2 = 1; +-#endif +-#if defined(NO_SSL3) + int ssl3 = 0; +-#else +- int ssl3 = 1; +-#endif -#if defined(NO_SSL2) && defined(NO_SSL3) -- int tls1 = 1; + int tls1 = 1; -#else -+#if defined(NO_TLS1) - int tls1 = 0; -+#else -+ int tls1 = 1; - #endif +- int tls1 = 0; +-#endif int proto = 0; int verify = 0, require = 0, request = 1; + +Index: tls.htm +=================================================================== +--- tls.htm.orig ++++ tls.htm +@@ -201,12 +201,12 @@ used directly.</p> + <dd>Handshake as server if true, else handshake as + client.(<strong>default</strong>: <em>false</em>)</dd> + <dt><strong>-ssl2</strong> <em>bool</em></dt> +- <dd>Enable use of SSL v2. (<strong>default</strong>: <em>true</em> ++ <dd>Enable use of SSL v2. (<strong>default</strong>: <em>false</em> + unless -DNO_PATENTS was specified in build)</dd> + <dt><strong>-ssl3 </strong><em>bool</em></dt> +- <dd>Enable use of SSL v3. (<strong>default</strong>: <em>true</em>)</dd> ++ <dd>Enable use of SSL v3. (<strong>default</strong>: <em>false</em>)</dd> + <dt>-<strong>tls1</strong> <em>bool</em></dt> +- <dd>Enable use of TLS v1. (<strong>default</strong>: <em>false</em>)</dd> ++ <dd>Enable use of TLS v1. (<strong>default</strong>: <em>true</em>)</dd> + </dl> + </blockquote> + ++++++ tls1.6-src.tar.bz2 -> tls1.6.3-src.tar.bz2 ++++++ ++++ 6259 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
