Hello community, here is the log from the commit of package scamper for openSUSE:Factory checked in at 2017-12-01 15:54:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/scamper (Old) and /work/SRC/openSUSE:Factory/.scamper.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "scamper" Fri Dec 1 15:54:16 2017 rev:3 rq:546902 version:20170822 Changes: -------- --- /work/SRC/openSUSE:Factory/scamper/scamper.changes 2017-08-24 18:56:52.175650495 +0200 +++ /work/SRC/openSUSE:Factory/.scamper.new/scamper.changes 2017-12-01 15:54:33.910035510 +0100 @@ -1,0 +2,5 @@ +Thu Nov 30 21:22:24 UTC 2017 - sebix+novell....@sebix.at + +- add patch new-openssl.patch to compile with new openssl versions + +------------------------------------------------------------------- New: ---- new-openssl.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ scamper.spec ++++++ --- /var/tmp/diff_new_pack.ge9Qog/_old 2017-12-01 15:54:34.606010465 +0100 +++ /var/tmp/diff_new_pack.ge9Qog/_new 2017-12-01 15:54:34.610010321 +0100 @@ -25,6 +25,8 @@ Group: Productivity/Networking/Diagnostic Url: https://www.caida.org/tools/measurement/scamper/ Source: https://www.caida.org/tools/measurement/%{name}/code/%{name}-cvs-%{version}.tar.gz +# PATCH-FIX-UPSTREAM new-openssl.patch -- from developer, new release will come soon +Patch0: new-openssl.patch BuildRequires: libopenssl-devel BuildRequires: pkgconfig @@ -73,6 +75,7 @@ %prep %setup -q -n %{name}-cvs-%{version} +%patch0 %build %configure --disable-static ++++++ new-openssl.patch ++++++ Index: scamper/scamper_control.c =================================================================== RCS file: /home/mjl/cvsroot/scamper/scamper/scamper_control.c,v retrieving revision 1.194 diff -u -p -r1.194 scamper_control.c --- scamper/scamper_control.c 12 Jul 2017 07:23:15 -0000 1.194 +++ scamper/scamper_control.c 30 Nov 2017 21:01:56 -0000 @@ -2495,6 +2495,7 @@ static int remote_sock_ssl_init(control_ * it is based on post_connection_check in "Network Security with * OpenSSL" by John Viega, Matt Messier, and Pravir Chandra. */ +#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L static int remote_sock_is_valid_cert(control_remote_t *rm) { X509 *cert = NULL; @@ -2562,6 +2563,7 @@ static int remote_sock_is_valid_cert(con if(cert != NULL) X509_free(cert); return rc; } +#endif /* OpenSSL version < 1.1.0 */ #endif /* @@ -2963,8 +2965,10 @@ static int remote_read_sock(control_remo if(SSL_is_init_finished(rm->ssl) != 0 || (rc = SSL_do_handshake(rm->ssl)) > 0) { +#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L if(remote_sock_is_valid_cert(rm) == 0) return -1; +#endif rm->mode = SSL_MODE_ESTABLISHED; } if(remote_sock_ssl_want_read(rm) < 0) @@ -3296,6 +3300,11 @@ int scamper_control_add_remote(const cha { uint32_t u32; +#if defined(HAVE_OPENSSL) && \ + defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_VERIFY_PARAM *param = NULL; +#endif + if((ctrl_rem = malloc_zero(sizeof(control_remote_t))) == NULL || (ctrl_rem->list = dlist_alloc()) == NULL || (ctrl_rem->sq = scamper_queue_alloc(NULL)) == NULL) @@ -3316,6 +3325,14 @@ int scamper_control_add_remote(const cha } SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1); + +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L + param = SSL_CTX_get0_param(tls_ctx); + X509_VERIFY_PARAM_set_hostflags(param, + X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + X509_VERIFY_PARAM_set1_host(param, name, 0); +#endif + SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_PEER, NULL); /* load the default set of certs into the SSL context */