summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--failed.txt3
-rw-r--r--php-openssl111.patch29
-rw-r--r--php.spec7
3 files changed, 36 insertions, 3 deletions
diff --git a/failed.txt b/failed.txt
index 9649a96..11f3c0a 100644
--- a/failed.txt
+++ b/failed.txt
@@ -7,11 +7,10 @@ $ grep -r 'Tests failed' /var/lib/mock/scl72*/build.log
/var/lib/mock/scl72el8x/build.log:Tests failed : 18
/var/lib/mock/scl72fc27x/build.log:Tests failed : 0
/var/lib/mock/scl72fc28x/build.log:Tests failed : 0
-/var/lib/mock/scl72fc29x/build.log:Tests failed : 2
+/var/lib/mock/scl72fc29x/build.log:Tests failed : 1
fc29x:
- openssl_decrypt() with CCM cipher algorithm tests [ext/openssl/tests/openssl_decrypt_ccm.phpt]
TLS server rate-limits client-initiated renegotiation [ext/openssl/tests/stream_server_reneg_limit.phpt]
el8x:
buildroot issue under investigation
diff --git a/php-openssl111.patch b/php-openssl111.patch
new file mode 100644
index 0000000..ea43711
--- /dev/null
+++ b/php-openssl111.patch
@@ -0,0 +1,29 @@
+From 19a44ffb7be91344550fa700830b8e62a73031ba Mon Sep 17 00:00:00 2001
+From: Anatol Belski <ab@php.net>
+Date: Thu, 28 Feb 2019 12:48:47 +0100
+Subject: [PATCH] Sync with behavior change in OpenSSL 1.1.1b
+
+A behavior change in revealed by some openssl_decrypt() based test,
+where an encrypt API is used with a decrypt context. The EVP_Cipher*
+functions will automatically choose the right operation depending on the
+context passed.
+---
+ ext/openssl/openssl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index 871a30c..7df5072 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -6494,7 +6494,7 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type,
+ {
+ int i = 0;
+
+- if (mode->is_single_run_aead && !EVP_EncryptUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) {
++ if (mode->is_single_run_aead && !EVP_CipherUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) {
+ php_openssl_store_errors();
+ php_error_docref(NULL, E_WARNING, "Setting of data length failed");
+ return FAILURE;
+--
+2.1.4
+
diff --git a/php.spec b/php.spec
index af1579d..22e0962 100644
--- a/php.spec
+++ b/php.spec
@@ -135,7 +135,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: %{?scl_prefix}php
Version: %{upver}%{?rcver:~%{rcver}}
-Release: 1%{?dist}
+Release: 2%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -192,6 +192,7 @@ Patch49: php-7.2.16-pdooci.patch
Patch91: php-7.2.0-oci8conf.patch
# Upstream fixes (100+)
+Patch100: php-openssl111.patch
# Security fixes (200+)
@@ -936,6 +937,7 @@ low-level PHP extension for the libsodium cryptographic library.
%patch91 -p1 -b .remi-oci8
# upstream patches
+%patch100 -p1 -b .up
# security patches
@@ -1884,6 +1886,9 @@ fi
%changelog
+* Tue Mar 5 2019 Remi Collet <remi@remirepo.net> - 7.2.16-2
+- add upstream patch for OpenSSL 1.1.1b
+
* Tue Mar 5 2019 Remi Collet <remi@remirepo.net> - 7.2.16-1
- Update to 7.2.16 - http://www.php.net/releases/7_2_16.php