wellton/cups
1
0
Fork 0
Código Issues Pull Requests Ações Pacotes Projetos Versões Wiki Atividade

Revert GNU TLS FIPS-140 changes.

Ver Código-Fonte
Esse commit está contido em:
Michael R Sweet
2019-09-03 10:29:07 -04:00
pai bc5060a1dd
commit 998a43a0dd
6 arquivos alterados com 0 adições e 50 exclusões
Baixar Arquivo de Patch Baixar Arquivo de Diff Expandir todos os arquivos Colapsar todos os arquivos
config-scripts/cups-ssl.m4
-1
Ver Arquivo
@@ -58,7 +58,6 @@ if test x$enable_ssl != xno; then
SAVELIBS="$LIBS"
LIBS="$LIBS $SSLLIBS"
AC_CHECK_FUNC(gnutls_fips140_set_mode, AC_DEFINE(HAVE_GNUTLS_FIPS140_SET_MODE))
AC_CHECK_FUNC(gnutls_transport_set_pull_timeout_function, AC_DEFINE(HAVE_GNUTLS_TRANSPORT_SET_PULL_TIMEOUT_FUNCTION))
AC_CHECK_FUNC(gnutls_priority_set_direct, AC_DEFINE(HAVE_GNUTLS_PRIORITY_SET_DIRECT))
LIBS="$SAVELIBS"
config.h.in
-7
Ver Arquivo
@@ -301,13 +301,6 @@
#undef HAVE_SSL
/*
* Do we have the gnutls_fips140_set_mode function?
*/
#undef HAVE_GNUTLS_FIPS140_SET_MODE
/*
* Do we have the gnutls_transport_set_pull_timeout_function function?
*/
configure
externo
-6
Ver Arquivo
@@ -8308,12 +8308,6 @@ fi
SAVELIBS="$LIBS"
LIBS="$LIBS $SSLLIBS"
ac_fn_c_check_func "$LINENO" "gnutls_fips140_set_mode" "ac_cv_func_gnutls_fips140_set_mode"
if test "x$ac_cv_func_gnutls_fips140_set_mode" = xyes; then :
$as_echo "#define HAVE_GNUTLS_FIPS140_SET_MODE 1" >>confdefs.h
fi
ac_fn_c_check_func "$LINENO" "gnutls_transport_set_pull_timeout_function" "ac_cv_func_gnutls_transport_set_pull_timeout_function"
if test "x$ac_cv_func_gnutls_transport_set_pull_timeout_function" = xyes; then :
$as_echo "#define HAVE_GNUTLS_TRANSPORT_SET_PULL_TIMEOUT_FUNCTION 1" >>confdefs.h
cups/hash.c
-22
Ver Arquivo
@@ -186,12 +186,6 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
size_t tempsize = 0; /* Truncate to this size? */
# ifdef HAVE_GNUTLS_FIPS140_SET_MODE
unsigned oldmode = gnutls_fips140_mode_enabled();
gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
# endif /* HAVE_GNUTLS_FIPS140_SET_MODE */
if (!strcmp(algorithm, "md5"))
alg = GNUTLS_DIG_MD5;
else if (!strcmp(algorithm, "sha"))
@@ -229,10 +223,6 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
gnutls_hash_fast(alg, data, datalen, temp);
memcpy(hash, temp, tempsize);
# ifdef HAVE_GNUTLS_FIPS140_SET_MODE
gnutls_fips140_set_mode(oldmode, GNUTLS_FIPS140_SET_MODE_THREAD);
# endif /* HAVE_GNUTLS_FIPS140_SET_MODE */
return ((ssize_t)tempsize);
}
@@ -241,17 +231,9 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
gnutls_hash_fast(alg, data, datalen, hash);
# ifdef HAVE_GNUTLS_FIPS140_SET_MODE
gnutls_fips140_set_mode(oldmode, GNUTLS_FIPS140_SET_MODE_THREAD);
# endif /* HAVE_GNUTLS_FIPS140_SET_MODE */
return ((ssize_t)gnutls_hash_get_len(alg));
}
# ifdef HAVE_GNUTLS_FIPS140_SET_MODE
gnutls_fips140_set_mode(oldmode, GNUTLS_FIPS140_SET_MODE_THREAD);
# endif /* HAVE_GNUTLS_FIPS140_SET_MODE */
#else
/*
* No hash support beyond MD5 without CommonCrypto or GNU TLS...
@@ -285,10 +267,6 @@ cupsHashData(const char *algorithm, /* I - Algorithm name */
too_small:
#ifdef HAVE_GNUTLS_FIPS140_SET_MODE
gnutls_fips140_set_mode(oldmode, GNUTLS_FIPS140_SET_MODE_THREAD);
#endif /* HAVE_GNUTLS_FIPS140_SET_MODE */
_cupsSetError(IPP_STATUS_ERROR_INTERNAL, _("Hash buffer too small."), 1);
return (-1);
}
vcnet/config.h
-7
Ver Arquivo
@@ -375,13 +375,6 @@ typedef unsigned long useconds_t;
#define HAVE_SSL 1
/*
* Do we have the gnutls_fips140_set_mode function?
*/
/* #undef HAVE_GNUTLS_FIPS140_SET_MODE */
/*
* Do we have the gnutls_transport_set_pull_timeout_function function?
*/
xcode/config.h
-7
Ver Arquivo
@@ -305,13 +305,6 @@
#define HAVE_SSL 1
/*
* Do we have the gnutls_fips140_set_mode function?
*/
/* #undef HAVE_GNUTLS_FIPS140_SET_MODE */
/*
* Do we have the gnutls_transport_set_pull_timeout_function function?
*/