openSUSE Commits
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
January 2018
- 1 participants
- 2007 discussions
Hello community,
here is the log from the commit of package supportutils for openSUSE:Factory checked in at 2018-01-30 15:44:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/supportutils (Old)
and /work/SRC/openSUSE:Factory/.supportutils.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "supportutils"
Tue Jan 30 15:44:16 2018 rev:6 rq:570789 version:3.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/supportutils/supportutils.changes 2018-01-28 20:33:32.878540414 +0100
+++ /work/SRC/openSUSE:Factory/.supportutils.new/supportutils.changes 2018-01-30 15:44:30.610306626 +0100
@@ -1,0 +2,7 @@
+Mon Jan 29 22:44:52 UTC 2018 - jason.record(a)suse.com
+
+- Includes X without display issue (bsc#1077813)
+- Fixes for Infiniband (bsc#1071294)
+- Using chrony for NTP (bsc#1077818)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ supportutils-3.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/supportutils-3.1/bin/supportconfig new/supportutils-3.1/bin/supportconfig
--- old/supportutils-3.1/bin/supportconfig 2018-01-26 18:25:27.973315708 +0100
+++ new/supportutils-3.1/bin/supportconfig 2018-01-29 23:45:44.588258134 +0100
@@ -1,7 +1,7 @@
#!/bin/bash
-SVER='3.1-4.2'
-SDATE='2018 01 26'
+SVER='3.1-4.5'
+SDATE='2018 01 29'
##############################################################################
# supportconfig - Gathers system troubleshooting information for SUSE Support
@@ -2214,6 +2214,61 @@
echolog Skipped
fi
;;
+ 15*)
+ if rpm_verify $OF chrony
+ then
+ NTP_DAEMON=1
+ NTP_CRON=''
+ CONFFILE="/etc/chrony.conf"
+ log_cmd $OF "systemctl status chronyd.service"
+ FILES="$CONFFILE /etc/chrony.keys"
+ conf_files $OF $FILES
+ if log_cmd $OF "chronyc sources -v"
+ then
+ log_cmd $OF "chronyc sourcestats -v"
+ log_cmd $OF "chronyc tracking"
+ log_cmd $OF "chronyc activity"
+ else
+ NTP_DAEMON=0
+ fi
+ if [[ -d /etc/cron.d ]]; then
+ NTP_CRON=$(grep -i chronyd /etc/cron.d/* | cut -d\: -f1)
+ if [[ -n $NTP_CRON ]]; then
+ conf_files $OF $NTP_CRON
+ NTP_CRON=$(basename $NTP_CRON)
+ fi
+ fi
+ log_cmd $OF "timedatectl"
+ IPADDRS=$(egrep "^pool |^peer |^server " $CONFFILE | awk '{print $2}' | sort | uniq)
+ for IPADDR in $IPADDRS
+ do
+ ping_addr $OF 'NTP Server' $IPADDR
+ done
+ if [ -f $CONFFILE ]; then
+ log_write $OF "#___________________________________________________________#"
+ log_write $OF "#____[ Files Included in $CONFFILE ]____________________#"
+ log_write $OF
+ for KEYNAME in driftfile
+ do
+ FILES=$(grep ^${KEYNAME} $CONFFILE | awk '{print $2}')
+ conf_files $OF $FILES
+ done
+ KEYNAME=logdir
+ LOGDIR=$(grep ^${KEYNAME} $CONFFILE | awk '{print $2}')
+ [[ -z "$LOGDIR" ]] && LOGDIR='/var/log/chrony/'
+ FILES=$(find -L $LOGDIR -type f)
+ test $ADD_OPTION_LOGS -gt 0 && log_files $OF 0 $FILES || log_files $OF $VAR_OPTION_LINE_COUNT $FILES
+ FILES="/var/log/messages"
+ test $ADD_OPTION_LOGS -gt 0 && grep_log_files chrony $OF 0 $FILES || grep_log_files chrony $OF $VAR_OPTION_LINE_COUNT $FILES
+ if [[ -n $NTP_CRON ]]; then
+ test $ADD_OPTION_LOGS -gt 0 && grep_log_files $NTP_CRON $OF 0 $FILES || grep_log_files $NTP_CRON $OF $VAR_OPTION_LINE_COUNT $FILES
+ fi
+ fi
+ echolog Done
+ else
+ echolog Skipped
+ fi
+ ;;
esac
}
@@ -3411,7 +3466,7 @@
echolog Skipped
fi
;;
- 12*)
+ 12*|15*)
MESA="Mesa Mesa-32bit Mesa-demo-x Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL1 \
Mesa-libGL1-32bit Mesa-libGLESv2-2 Mesa-libGLESv2-2-32bit Mesa-libglapi0 \
Mesa-libglapi0-32bit"
@@ -3847,15 +3902,107 @@
fi
;;
12*)
- if rpm_verify $OF rdma-core; then
+ CHK_UTILS=0
+ CHK_SRP=0
+ CHK_DIAG=0
+ CHK_ACM=0
+ CHK_OPENSM=0
+ IBRPM='rdma'
+ (( SLES_VER >= 123 )) && IBRPM='rdma-core'
+ if rpm_verify $OF $IBRPM; then
+ rpm_verify $OF ibutils && CHK_UTILS=1
+ rpm_verify $OF srp_daemon && CHK_SRP=1
+ rpm_verify $OF infiniband-diags && CHK_DIAG=1
+ rpm_verify $OF opensm && CHK_OPENSM=1
+ rpm_verify $OF ibacm && CHK_ACM=1
+
log_cmd $OF "systemctl status rdma.service"
- conf_files $OF "/etc/rdma/* /etc/infiniband/*"
+ (( CHK_SRP )) && log_cmd $OF "systemctl status srp_daemon.service"
+ (( CHK_OPENSM )) && check_service $OF opensmd
+ if (( CHK_ACM )); then
+ (( SLES_VER >= 123 )) && log_cmd $OF "systemctl status ibacm.service"
+ fi
+
+ # Get configuration files
+ FILES=$(find -L /etc/rdma/ -type f)
+ [[ -d /etc/infiniband ]] && FILES="$FILES $(find -L /etc/infiniband/ -type f)"
+ (( CHK_SRP )) && FILES="$FILES /etc/srp_daemon.conf"
+ (( CHK_DIAG )) && FILES="$FILES $(find -L /etc/infiniband-diags/ -type f)"
+ (( CHK_OPENSM )) && FILES="$FILES /etc/opensm.conf /etc/sysconfig/opensm"
+ conf_files $OF $FILES
+
+ if (( CHK_UTILS )); then
+ log_cmd $OF 'ibdiagnet'
+ log_cmd $OF 'ibdmchk'
+ fi
+ if (( CHK_DIAG )); then
+ log_cmd $OF 'ibaddr'
+ log_cmd $OF 'ibstat'
+ fi
+ if (( CHK_ACM )); then
+ log_cmd $OF 'ib_acme -e'
+ fi
log_cmd $OF 'lspci -b'
log_cmd $OF 'lspci -nn'
log_cmd $OF 'lsmod'
- log_cmd $OF 'ibv_devinfo -v'
- log_cmd $OF 'ibdiagnet'
- FILES=$(find -L /tmp/ -type f | grep ibdiagnet)
+
+ FILES=''
+ (( CHK_DIAG )) && FILES="$FILES $(find -L /tmp/ -type f | grep ibdiagnet)"
+ (( CHK_OPENSM )) && FILES="$FILES /var/log/osm.log"
+ (( CHK_ACM )) && FILES="$FILES /var/log/ibacm.log"
+ test $ADD_OPTION_LOGS -gt 0 && log_files $OF 0 $FILES || log_files $OF $VAR_OPTION_LINE_COUNT $FILES
+ echolog Done
+ else
+ echolog Skipped
+ fi
+ ;;
+ 15*)
+ CHK_UTILS=0
+ CHK_SRP=0
+ CHK_DIAG=0
+ CHK_ACM=0
+ CHK_OPENSM=0
+ IBRPM='rdma-core'
+ if rpm_verify $OF $IBRPM; then
+ rpm_verify $OF ibutils && CHK_UTILS=1
+ rpm_verify $OF srp_daemon && CHK_SRP=1
+ rpm_verify $OF infiniband-diags && CHK_DIAG=1
+ rpm_verify $OF opensm && CHK_OPENSM=1
+ rpm_verify $OF ibacm && CHK_ACM=1
+
+ log_cmd $OF "systemctl status rdma-hw.target"
+ log_cmd $OF "systemctl status rdma-sriov.service"
+ (( CHK_SRP )) && log_cmd $OF "systemctl status srp_daemon.service"
+ (( CHK_OPENSM )) && log_cmd $OF "systemctl status opensm.service"
+ (( CHK_ACM )) && log_cmd $OF "systemctl status ibacm.service"
+
+ # Get configuration files
+ FILES=$(find -L /etc/rdma/ -type f)
+ [[ -d /etc/infiniband ]] && FILES="$FILES $(find -L /etc/infiniband/ -type f)"
+ (( CHK_SRP )) && FILES="$FILES /etc/srp_daemon.conf"
+ (( CHK_DIAG )) && FILES="$FILES $(find -L /etc/infiniband-diags/ -type f)"
+ (( CHK_OPENSM )) && FILES="$FILES /etc/opensm.conf /etc/sysconfig/opensm"
+ conf_files $OF $FILES
+
+ if (( CHK_UTILS )); then
+ log_cmd $OF 'ibdiagnet'
+ log_cmd $OF 'ibdmchk'
+ fi
+ if (( CHK_DIAG )); then
+ log_cmd $OF 'ibaddr'
+ log_cmd $OF 'ibstat'
+ fi
+ if (( CHK_ACM )); then
+ log_cmd $OF 'ib_acme -e'
+ fi
+ log_cmd $OF 'lspci -b'
+ log_cmd $OF 'lspci -nn'
+ log_cmd $OF 'lsmod'
+
+ FILES=''
+ (( CHK_DIAG )) && FILES="$FILES $(find -L /tmp/ -type f | grep ibdiagnet)"
+ (( CHK_OPENSM )) && FILES="$FILES /var/log/opensm.log"
+ (( CHK_ACM )) && FILES="$FILES /var/log/ibacm.log"
test $ADD_OPTION_LOGS -gt 0 && log_files $OF 0 $FILES || log_files $OF $VAR_OPTION_LINE_COUNT $FILES
echolog Done
else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/supportutils-3.1/bin/supportconfig.rc new/supportutils-3.1/bin/supportconfig.rc
--- old/supportutils-3.1/bin/supportconfig.rc 2018-01-26 18:24:39.818707280 +0100
+++ new/supportutils-3.1/bin/supportconfig.rc 2018-01-29 22:09:21.246048097 +0100
@@ -1333,33 +1333,20 @@
}
get_sles_ver() {
- KERNMAJ=$(uname -r | cut -d- -f1)
- KERNREL=$(uname -r | cut -d- -f2)
- KERNCNT=$(echo $KERNMAJ | sed -e 's/\./ /g' | wc -w)
- test $KERNCNT -lt 4 && KERNMAJ="${KERNMAJ}.0"
- KERNCNT=$(echo $KERNREL | sed -e 's/\./ /g' | wc -w)
- if [ $KERNCNT -eq 2 ]; then
- KERNREL="${KERNREL}.0"
- elif [ $KERNCNT -eq 1 ]; then
- KERNREL="${KERNREL}.0.0"
- fi
- KERNBASE="${KERNMAJ}.${KERNREL}"
- KERNVER=$(echo $KERNBASE | awk -F\. '{printf "%g%02g%03g%02g%03g%03g%03g\n", $1, $2, $3, $4, $5, $6, $7}')
- if [[ $KERNVER -ge 41201400009001000 ]]; then SLES_VER=150;
- elif [[ $KERNVER -ge 31200900001000000 ]]; then SLES_VER=120;
-# elif [[ $KERNVER -ge 30010100054002000 ]]; then SLES_VER=114;
- elif [[ $KERNVER -ge 30007600000011000 ]]; then SLES_VER=113;
- elif [[ $KERNVER -ge 30001300000027000 ]]; then SLES_VER=112;
- elif [[ $KERNVER -ge 20603212000007000 ]]; then SLES_VER=111;
- elif [[ $KERNVER -ge 20602719005000000 ]]; then SLES_VER=110;
- elif [[ $KERNVER -ge 20601660000085001 ]]; then SLES_VER=104;
- elif [[ $KERNVER -ge 20601660000054005 ]]; then SLES_VER=103;
- elif [[ $KERNVER -ge 20601660000021000 ]]; then SLES_VER=102;
- elif [[ $KERNVER -ge 20601646000012000 ]]; then SLES_VER=101;
- elif [[ $KERNVER -ge 20601621000008000 ]]; then SLES_VER=100;
- elif [[ $KERNVER -ge 20600500007097000 ]]; then SLES_VER=90;
- elif [[ $KERNVER -ge 20401900120000000 ]]; then SLES_VER=80;
- else SLES_VER=90;
+ if [[ -s /etc/os-release ]]; then
+ VID=$(grep VERSION_ID /etc/os-release | cut -d\= -f2)
+ echo "VID=$VID"
+ VID=${VID//\"/}
+ SLES_VER=${VID//\./}
+ if (( ${#SLES_VER} < 3 )); then
+ SLES_VER=${SLES_VER}0
+ fi
+ elif [[ -s /etc/SuSE-release ]]; then
+ VMAJOR=$(grep VERSION /etc/SuSE-release | awk '{print $NF}')
+ VMINOR=$(grep PATCHLEVEL /etc/SuSE-release | awk '{print $NF}')
+ SLES_VER=${VMAJOR}${VMINOR}
+ else
+ SLES_VER=123
fi
grep -i "open enterprise server" /etc/*release* &>/dev/null
OESFOUND=$?
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/supportutils-3.1/spec/supportutils.changes new/supportutils-3.1/spec/supportutils.changes
--- old/supportutils-3.1/spec/supportutils.changes 2018-01-26 18:26:01.924334835 +0100
+++ new/supportutils-3.1/spec/supportutils.changes 2018-01-29 23:45:26.292780588 +0100
@@ -1,4 +1,11 @@
-------------------------------------------------------------------
+Mon Jan 29 22:44:52 UTC 2018 - jason.record(a)suse.com
+
+- Includes X without display issue (bsc#1077813)
+- Fixes for Infiniband (bsc#1071294)
+- Using chrony for NTP (bsc#1077818)
+
+-------------------------------------------------------------------
Fri Jan 26 17:25:50 UTC 2018 - jason.record(a)suse.com
- Added os-release processing (bsc#1077758)
1
0
Hello community,
here is the log from the commit of package easy-rsa for openSUSE:Factory checked in at 2018-01-30 15:44:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/easy-rsa (Old)
and /work/SRC/openSUSE:Factory/.easy-rsa.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "easy-rsa"
Tue Jan 30 15:44:13 2018 rev:8 rq:570787 version:3.0.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/easy-rsa/easy-rsa.changes 2017-10-26 18:44:14.496350296 +0200
+++ /work/SRC/openSUSE:Factory/.easy-rsa.new/easy-rsa.changes 2018-01-30 15:44:29.838342664 +0100
@@ -1,0 +2,8 @@
+Sun Jan 28 19:05:46 UTC 2018 - seroton10(a)gmail.com
+
+- Upgrade to version 3.0.4
+ * Remove use of egrep (#154)
+ * Finally(?) fix the subjectAltName issues (really fixes #168)
+- Improve RPM description
+
+-------------------------------------------------------------------
Old:
----
EasyRSA-3.0.3.tgz
EasyRSA-3.0.3.tgz.sig
New:
----
EasyRSA-3.0.4.tgz
EasyRSA-3.0.4.tgz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ easy-rsa.spec ++++++
--- /var/tmp/diff_new_pack.hj9Ekj/_old 2018-01-30 15:44:30.342319136 +0100
+++ /var/tmp/diff_new_pack.hj9Ekj/_new 2018-01-30 15:44:30.346318950 +0100
@@ -1,7 +1,7 @@
#
# spec file for package easy-rsa
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015 Stefan Jakobs.
#
# All modifications and additions to the file contributed by third parties
@@ -18,7 +18,7 @@
Name: easy-rsa
-Version: 3.0.3
+Version: 3.0.4
Release: 0
Summary: CLI utility to build and manage a PKI CA
License: GPL-2.0
@@ -33,9 +33,9 @@
BuildArch: noarch
%description
-easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
-this means to create a root certificate authority, and request and sign
-certificates, including sub-CAs and certificate revokation lists (CRL).
+easy-rsa is a CLI utility to build and manage a Public Key Infrastructure
+(PKI). Once the Certificate Authority (CA) is created, you can request and sign
+certificates, including sub-CAs, and create Certificate Revokation Lists (CRL).
%prep
%setup -q -n EasyRSA-%{version}
@@ -47,7 +47,7 @@
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/
install -dm0755 %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types
install -Dm0644 vars.example %{buildroot}/%{_sysconfdir}/easy-rsa/
-install -Dm0644 openssl-1.0.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/openssl-1.0.cnf
+install -Dm0644 openssl-easyrsa.cnf %{buildroot}/%{_sysconfdir}/easy-rsa/
install -Dm0644 x509-types/* %{buildroot}/%{_sysconfdir}/easy-rsa/x509-types/
install -Dm0755 easyrsa %{buildroot}/%{_bindir}/easyrsa
++++++ EasyRSA-3.0.3.tgz -> EasyRSA-3.0.4.tgz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/ChangeLog new/EasyRSA-3.0.4/ChangeLog
--- old/EasyRSA-3.0.3/ChangeLog 2015-09-03 01:54:57.000000000 +0200
+++ new/EasyRSA-3.0.4/ChangeLog 2018-01-21 16:37:25.000000000 +0100
@@ -1,5 +1,27 @@
Easy-RSA 3 ChangeLog
+3.0.4 (TBD)
+ * Remove use of egrep (#154)
+ * Integrate with Travis-CI (#165)
+ * Remove "local" from variable assignment (#165)
+ * Other changes related to Travis-CI fixes
+ * Assign values to variables defined previously w/local
+ * Finally(?) fix the subjectAltName issues I presented earlier (really
+ fixes #168
+
+3.0.3 (2017-08-22)
+ * Include mktemp windows binary
+ * copy CSR extensions into signed certificate
+
+
+3.0.2 (2017-08-21)
+ * add missing windows binaries
+
+
+3.0.1 (2015-10-25)
+ * correct some packaging errors
+
+
3.0.0 (2015-09-07)
* cab4a07 Fix typo: Hellman
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/README.md new/EasyRSA-3.0.4/README.md
--- old/EasyRSA-3.0.3/README.md 1970-01-01 01:00:00.000000000 +0100
+++ new/EasyRSA-3.0.4/README.md 2018-01-21 16:37:25.000000000 +0100
@@ -0,0 +1,52 @@
+# Overview
+
+easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms,
+this means to create a root certificate authority, and request and sign
+certificates, including sub-CAs and certificate revocation lists (CRL).
+
+# Downloads
+
+If you are looking for release downloads, please see the releases section on
+GitHub. Releases are also available as source checkouts using named tags.
+
+# Documentation
+
+For 3.x project documentation and usage, see the [README.quickstart.md](README.quickstart.md) file or
+the more detailed docs under the doc/ directory. The .md files are in Markdown
+format and can be converted to html files as desired for release packages, or
+read as-is in plaintext.
+
+# Getting help using easy-rsa
+
+Currently, Easy-RSA development co-exists with OpenVPN even though they are
+separate projects. The following resources are good places as of this writing to
+seek help using Easy-RSA:
+
+The [openvpn-users mailing list](https://lists.sourceforge.net/lists/listinfo/openvpn-users)
+is a good place to post usage or help questions.
+
+You can also try IRC at Freenode/#openvpn
+
+# Branch structure
+
+The easy-rsa master branch is currently tracking development for the 3.x release
+cycle. Please note that, at any given time, master may be broken. Feel free to
+create issues against master, but have patience when using the master branch. It
+is recommended to use a release, and priority will be given to bugs identified in
+the most recent release.
+
+The prior 2.x and 1.x versions are available as release branches for
+tracking and possible back-porting of relevant fixes. Branch layout is:
+
+ master <- 3.x, at present
+ v3.x.x pre-release branches, used for staging branches
+ release/2.x
+ release/1.x
+
+LICENSING info for 3.x is in the [COPYING.md](COPYING.md) file
+
+# Code style, standards
+
+We are attempting to adhere to the POSIX standard, which can be found here:
+
+http://pubs.opengroup.org/onlinepubs/9699919799/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/doc/EasyRSA-Advanced.md new/EasyRSA-3.0.4/doc/EasyRSA-Advanced.md
--- old/EasyRSA-3.0.3/doc/EasyRSA-Advanced.md 2017-08-22 15:03:01.000000000 +0200
+++ new/EasyRSA-3.0.4/doc/EasyRSA-Advanced.md 2018-01-21 16:38:00.000000000 +0100
@@ -31,12 +31,12 @@
The following locations are checked, in this order, for a vars file. Only the
first one found is used:
- 1. File referenced by the --vars CLI option
+ 1. The file referenced by the --vars CLI option
2. The file referenced by the env-var named `EASYRSA_VARS_FILE`
- 3. The `EASYRSA_PKI` directory
- 4. The default PKI directory at $PWD/pki (usually will be the same as above)
- 4. The `EASYRSA` directory
- 5. The location of the easyrsa program (usually will be the same as above)
+ 3. The directory referenced by the `EASYRSA_PKI` env-var
+ 4. The default PKI directory at $PWD/pki
+ 4. The directory referenced by the `EASYRSA` env-var
+ 5. The directory containing the easyrsa program
Defining the env-var `EASYRSA_NO_VARS` will override the sourcing of the vars
file in all cases, including defining it subsequently as a global option.
@@ -52,8 +52,8 @@
1. The env-var `EASYRSA_SSL_CONF`
2. The 'vars' file (see `vars Autodetection` above)
- 3. The `EASYRSA_PKI` directory with a filename of `openssl-1.0.cnf`
- 4. The `EASYRSA` directory with a filename of `openssl-1.0.cnf`
+ 3. The `EASYRSA_PKI` directory with a filename of `openssl-easyrsa.cnf`
+ 4. The `EASYRSA` directory with a filename of `openssl-easyrsa.cnf`
Advanced extension handling
---------------------------
@@ -78,10 +78,10 @@
A list of env-vars, any matching global option (CLI) to set/override it, and a
possible terse description is shown below:
- * `EASYRSA` - should point to the Easy-RSA top-level dir, normally $PWD
+ * `EASYRSA` - should point to the Easy-RSA top-level dir, where the easyrsa script is located.
* `EASYRSA_OPENSSL` - command to invoke openssl
* `EASYRSA_SSL_CONF` - the openssl config file to use
- * `EASYRSA_PKI` (CLI: `--pki-dir`) - dir to use to hold all PKI-specific files, normally $PWD/pki.
+ * `EASYRSA_PKI` (CLI: `--pki-dir`) - dir to use to hold all PKI-specific files, defaults to $PWD/pki.
* `EASYRSA_DN` (CLI: `--dn-mode`) - set to the string `cn_only` or `org` to
alter the fields to include in the req DN
* `EASYRSA_REQ_COUNTRY` (CLI: `--req-c`) - set the DN country with org mode
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/easyrsa new/EasyRSA-3.0.4/easyrsa
--- old/EasyRSA-3.0.3/easyrsa 2017-08-21 23:31:35.000000000 +0200
+++ new/EasyRSA-3.0.4/easyrsa 2018-01-21 16:37:26.000000000 +0100
@@ -46,20 +46,21 @@
"
# collect/show dir status:
- local err_source="Not defined: vars autodetect failed and no value provided"
- local work_dir="${EASYRSA:-$err_source}"
- local pki_dir="${EASYRSA_PKI:-$err_source}"
+ err_source="Not defined: vars autodetect failed and no value provided"
+ work_dir="${EASYRSA:-$err_source}"
+ pki_dir="${EASYRSA_PKI:-$err_source}"
print "\
DIRECTORY STATUS (commands would take effect on these locations)
EASYRSA: $work_dir
- PKI: $pki_dir
+ PKI: $pki_dir
"
} # => usage()
# Detailed command help
# When called with no args, calls usage(), otherwise shows help for a command
cmd_help() {
- local text opts
+ text=""
+ opts=""
case "$1" in
init-pki|clean-all) text="
init-pki [ cmd-opts ]
@@ -199,6 +200,7 @@
./easyrsa help altname
--use-algo=ALG : crypto alg to use: choose rsa (default) or ec
--curve=NAME : for elliptic curve, sets the named curve to use
+--copy-ext : Copy included request X509 extensions (namely subjAltName
Organizational DN options: (only used with the 'org' DN mode)
(values may be blank for org DN options)
@@ -248,7 +250,7 @@
# Returns 0 when input contains yes, 1 for no, 2 for no match
# If both strings are present, returns 1; first matching line returns.
awk_yesno() {
- local awkscript='
+ awkscript='
BEGIN {IGNORECASE=1; r=2}
{ if(match($0,"no")) {r=1; exit}
if(match($0,"yes")) {r=0; exit}
@@ -260,7 +262,10 @@
# returns without prompting in EASYRSA_BATCH
confirm() {
[ $EASYRSA_BATCH ] && return
- local prompt="$1" value="$2" msg="$3" input
+ prompt="$1"
+ value="$2"
+ msg="$3"
+ input=""
print "
$msg
@@ -274,7 +279,7 @@
# remove temp files
clean_temp() {
- for f in "$EASYRSA_TEMP_FILE" "$EASYRSA_TEMP_FILE_2" "$EASYRSA_TEMP_FILE_3"
+ for f in "$EASYRSA_TEMP_CONF" "$EASYRSA_TEMP_EXT" "$EASYRSA_TEMP_FILE_2" "$EASYRSA_TEMP_FILE_3"
do [ -f "$f" ] && rm "$f" 2>/dev/null
done
} # => clean_temp()
@@ -286,7 +291,7 @@
# Verify EASYRSA_OPENSSL command gives expected output
if [ -z "$EASYRSA_SSL_OK" ]; then
- local val="$("$EASYRSA_OPENSSL" version)"
+ val="$("$EASYRSA_OPENSSL" version)"
case "${val%% *}" in
OpenSSL|LibreSSL) ;;
*) die "\
@@ -316,7 +321,7 @@
$EASYRSA_EC_DIR"
# Check that the required ecparams file exists
- local out="$EASYRSA_EC_DIR/${EASYRSA_CURVE}.pem"
+ out="$EASYRSA_EC_DIR/${EASYRSA_CURVE}.pem"
[ -f "$out" ] && return 0
"$EASYRSA_OPENSSL" ecparam -name "$EASYRSA_CURVE" -out "$out" || die "\
Failed to generate ecparam file (permissions?) when writing to:
@@ -328,7 +333,7 @@
# Basic sanity-check of PKI init and complain if missing
verify_pki_init() {
- local help_note="Run easyrsa without commands for usage and command help."
+ help_note="Run easyrsa without commands for usage and command help."
# check that the pki dir exists
vars_source_check
@@ -347,7 +352,7 @@
# Verify core CA files present
verify_ca_init() {
- local help_note="Run without commands for usage and command help."
+ help_note="Run without commands for usage and command help."
# First check the PKI has been initialized
verify_pki_init
@@ -407,7 +412,8 @@
# build-ca backend:
build_ca() {
- local opts= sub_ca=
+ opts=""
+ sub_ca=""
while [ -n "$1" ]; do
case "$1" in
nopass) opts="$opts -nodes" ;;
@@ -421,8 +427,8 @@
[ "$EASYRSA_ALGO" = "ec" ] && verify_curve
# setup for the simpler sub-CA situation and overwrite with root-CA if needed:
- local out_file="$EASYRSA_PKI/reqs/ca.req"
- local out_key="$EASYRSA_PKI/private/ca.key"
+ out_file="$EASYRSA_PKI/reqs/ca.req"
+ out_key="$EASYRSA_PKI/private/ca.key"
if [ ! $sub_ca ]; then
out_file="$EASYRSA_PKI/ca.crt"
opts="$opts -x509 -days $EASYRSA_CA_EXPIRE"
@@ -444,7 +450,7 @@
current CA keypair. If you intended to start a new CA, run init-pki first."
# create necessary files and dirs:
- local err_file="Unable to create necessary PKI files (permissions?)"
+ err_file="Unable to create necessary PKI files (permissions?)"
for i in issued certs_by_serial; do
mkdir -p "$EASYRSA_PKI/$i" || die "$err_file"
done
@@ -454,8 +460,8 @@
# Default CN only when not in global EASYRSA_BATCH mode:
[ $EASYRSA_BATCH ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA"
- out_key_tmp="$(mktemp -u "$out_key.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_key_tmp"
- out_file_tmp="$(mktemp -u "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_file_tmp"
+ out_key_tmp="$(mktemp "$out_key.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_key_tmp"
+ out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_file_tmp"
# create the CA keypair:
"$EASYRSA_OPENSSL" req -utf8 -new -newkey $EASYRSA_ALGO:"$EASYRSA_ALGO_PARAMS" \
-config "$EASYRSA_SSL_CONF" -keyout "$out_key_tmp" -out "$out_file_tmp" $opts || \
@@ -483,7 +489,7 @@
gen_dh() {
verify_pki_init
- local out_file="$EASYRSA_PKI/dh.pem"
+ out_file="$EASYRSA_PKI/dh.pem"
"$EASYRSA_OPENSSL" dhparam -out "$out_file" $EASYRSA_KEY_SIZE || \
die "Failed to build DH params"
notice "\
@@ -498,18 +504,18 @@
[ -n "$1" ] || die "\
Error: gen-req must have a file base as the first argument.
Run easyrsa without commands for usage and commands."
- local key_out="$EASYRSA_PKI/private/$1.key"
- local req_out="$EASYRSA_PKI/reqs/$1.req"
+ key_out="$EASYRSA_PKI/private/$1.key"
+ req_out="$EASYRSA_PKI/reqs/$1.req"
[ ! $EASYRSA_BATCH ] && EASYRSA_REQ_CN="$1"
shift
# function opts support
- local opts=
+ opts=
while [ -n "$1" ]; do
case "$1" in
nopass) opts="$opts -nodes" ;;
# batch flag supports internal callers needing silent operation
- batch) local EASYRSA_BATCH=1 ;;
+ batch) EASYRSA_BATCH=1 ;;
*) warn "Ignoring unknown command option: '$1'" ;;
esac
shift
@@ -529,25 +535,25 @@
# When EASYRSA_EXTRA_EXTS is defined, append it to openssl's [req] section:
if [ -n "$EASYRSA_EXTRA_EXTS" ]; then
# Setup & insert the extra ext data keyed by a magic line
- local extra_exts="
+ extra_exts="
req_extensions = req_extra
[ req_extra ]
$EASYRSA_EXTRA_EXTS"
- local awkscript='
+ awkscript='
{if ( match($0, "^#%EXTRA_EXTS%") )
{ while ( getline<"/dev/stdin" ) {print} next }
{print}
}'
print "$extra_exts" | \
awk "$awkscript" "$EASYRSA_SSL_CONF" \
- > "$EASYRSA_TEMP_FILE" \
+ > "$EASYRSA_TEMP_CONF" \
|| die "Copying SSL config to temp file failed"
# Use this new SSL config for the rest of this function
- local EASYRSA_SSL_CONF="$EASYRSA_TEMP_FILE"
+ EASYRSA_SSL_CONF="$EASYRSA_TEMP_CONF"
fi
- key_out_tmp="$(mktemp -u "$key_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$key_out_tmp"
- req_out_tmp="$(mktemp -u "$req_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$req_out_tmp"
+ key_out_tmp="$(mktemp "$key_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$key_out_tmp"
+ req_out_tmp="$(mktemp "$req_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$req_out_tmp"
# generate request
[ $EASYRSA_BATCH ] && opts="$opts -batch"
"$EASYRSA_OPENSSL" req -utf8 -new -newkey $EASYRSA_ALGO:"$EASYRSA_ALGO_PARAMS" \
@@ -565,14 +571,17 @@
# common signing backend
sign_req() {
- local crt_type="$1" opts=
- local req_in="$EASYRSA_PKI/reqs/$2.req"
- local crt_out="$EASYRSA_PKI/issued/$2.crt"
+ crt_type="$1"
+ opts=""
+ req_in="$EASYRSA_PKI/reqs/$2.req"
+ crt_out="$EASYRSA_PKI/issued/$2.crt"
# Randomize Serial number
- local i= serial= check_serial=
+ i=""
+ serial=""
+ check_serial=""
for i in 1 2 3 4 5; do
- "$EASYRSA_OPENSSL" rand -hex 16 -out "$EASYRSA_PKI/serial"
+ "$EASYRSA_OPENSSL" rand -hex -out "$EASYRSA_PKI/serial" 16
serial="$(cat "$EASYRSA_PKI/serial")"
check_serial="$("$EASYRSA_OPENSSL" ca -config "$EASYRSA_SSL_CONF" -status "$serial" 2>&1)"
case "$check_serial" in
@@ -582,7 +591,7 @@
done
# Support batch by internal caller:
- [ "$3" = "batch" ] && local EASYRSA_BATCH=1
+ [ "$3" = "batch" ] && EASYRSA_BATCH=1
verify_ca_init
@@ -623,6 +632,8 @@
# Append first any COMMON file (if present) then the cert-type extensions
cat "$EASYRSA_EXT_DIR/COMMON"
cat "$EASYRSA_EXT_DIR/$crt_type"
+ # copy req extensions
+ [ $EASYRSA_CP_EXT ] && print "copy_extensions = copy"
# Support a dynamic CA path length when present:
[ "$crt_type" = "ca" ] && [ -n "$EASYRSA_SUBCA_LEN" ] && \
@@ -641,25 +652,26 @@
# If type is server and no subjectAltName was requested,
# add one to the extensions file
- if [[ "$crt_type" == 'server' ]]
+ if [ "$crt_type" = 'server' ];
then
+ sname=$(basename $req_in | cut -d. -f1)
echo "$EASYRSA_EXTRA_EXTS" |
grep -q subjectAltName ||
- print $(default_server_san "$req_in")
+ default_server_san $req_in
fi
# Add any advanced extensions supplied by env-var:
[ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS"
: # needed to keep die from inherting the above test
- } > "$EASYRSA_TEMP_FILE" || die "\
+ } > "$EASYRSA_TEMP_EXT" || die "\
Failed to create temp extension file (bad permissions?) at:
-$EASYRSA_TEMP_FILE"
+$EASYRSA_TEMP_EXT"
# sign request
- crt_out_tmp="$(mktemp -u "$crt_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$crt_out_tmp"
+ crt_out_tmp="$(mktemp "$crt_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$crt_out_tmp"
"$EASYRSA_OPENSSL" ca -utf8 -in "$req_in" -out "$crt_out_tmp" -config "$EASYRSA_SSL_CONF" \
- -extfile "$EASYRSA_TEMP_FILE" -days $EASYRSA_CERT_EXPIRE -batch $opts \
+ -extfile "$EASYRSA_TEMP_EXT" -days $EASYRSA_CERT_EXPIRE -batch $opts \
|| die "signing failed (openssl output above may have more detail)"
mv "$crt_out_tmp" "$crt_out"; EASYRSA_TEMP_FILE_2=
notice "\
@@ -677,14 +689,14 @@
[ -n "$2" ] || die "\
Error: didn't find a file base name as the first argument.
Run easyrsa without commands for usage and commands."
- local crt_type="$1" name="$2"
- local req_out="$EASYRSA_PKI/reqs/$2.req"
- local key_out="$EASYRSA_PKI/private/$2.key"
- local crt_out="$EASYRSA_PKI/issued/$2.crt"
+ crt_type="$1" name="$2"
+ req_out="$EASYRSA_PKI/reqs/$2.req"
+ key_out="$EASYRSA_PKI/private/$2.key"
+ crt_out="$EASYRSA_PKI/issued/$2.crt"
shift 2
# function opts support
- local req_opts=
+ req_opts=
while [ -n "$1" ]; do
case "$1" in
nopass) req_opts="$req_opts nopass" ;;
@@ -694,7 +706,7 @@
done
# abort on existing req/key/crt files
- local err_exists="\
+ err_exists="\
file already exists. Aborting build to avoid overwriting this file.
If you wish to continue, please use a different name or remove the file.
Matching file found at: "
@@ -719,7 +731,7 @@
[ -n "$1" ] || die "\
Error: didn't find a file base name as the first argument.
Run easyrsa without commands for usage and command help."
- local crt_in="$EASYRSA_PKI/issued/$1.crt"
+ crt_in="$EASYRSA_PKI/issued/$1.crt"
verify_file x509 "$crt_in" || die "\
Unable to revoke as the input file is not a valid certificate. Unexpected
@@ -753,8 +765,8 @@
gen_crl() {
verify_ca_init
- local out_file="$EASYRSA_PKI/crl.pem"
- out_file_tmp="$(mktemp -u "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
+ out_file="$EASYRSA_PKI/crl.pem"
+ out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
"$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SSL_CONF" || die "\
CRL Generation failed.
"
@@ -772,8 +784,8 @@
verify_pki_init
# pull passed paths
- local in_req="$1" short_name="$2"
- local out_req="$EASYRSA_PKI/reqs/$2.req"
+ in_req="$1" short_name="$2"
+ out_req="$EASYRSA_PKI/reqs/$2.req"
[ -n "$short_name" ] || die "\
Unable to import: incorrect command syntax.
@@ -801,24 +813,24 @@
# export pkcs#12 or pkcs#7
export_pkcs() {
- local pkcs_type="$1"
+ pkcs_type="$1"
shift
[ -n "$1" ] || die "\
Unable to export p12: incorrect command syntax.
Run easyrsa without commands for usage and command help."
- local short_name="$1"
- local crt_in="$EASYRSA_PKI/issued/$1.crt"
- local key_in="$EASYRSA_PKI/private/$1.key"
- local crt_ca="$EASYRSA_PKI/ca.crt"
+ short_name="$1"
+ crt_in="$EASYRSA_PKI/issued/$1.crt"
+ key_in="$EASYRSA_PKI/private/$1.key"
+ crt_ca="$EASYRSA_PKI/ca.crt"
shift
verify_pki_init
# opts support
- local want_ca=1
- local want_key=1
+ want_ca=1
+ want_key=1
while [ -n "$1" ]; do
case "$1" in
noca) want_ca= ;;
@@ -828,7 +840,7 @@
shift
done
- local pkcs_opts=
+ pkcs_opts=
if [ $want_ca ]; then
verify_file x509 "$crt_ca" || die "\
Unable to include CA cert in the $pkcs_type output (missing file, or use noca option.)
@@ -843,7 +855,7 @@
case "$pkcs_type" in
p12)
- local pkcs_out="$EASYRSA_PKI/private/$short_name.p12"
+ pkcs_out="$EASYRSA_PKI/private/$short_name.p12"
if [ $want_key ]; then
[ -f "$key_in" ] || die "\
@@ -860,7 +872,7 @@
Export of p12 failed: see above for related openssl errors."
;;
p7)
- local pkcs_out="$EASYRSA_PKI/issued/$short_name.p7b"
+ pkcs_out="$EASYRSA_PKI/issued/$short_name.p7b"
# export the p7:
"$EASYRSA_OPENSSL" crl2pkcs7 -nocrl -certfile "$crt_in" \
@@ -881,18 +893,18 @@
verify_pki_init
# key type, supplied internally from frontend command call (rsa/ec)
- local key_type="$1"
+ key_type="$1"
# values supplied by the user:
- local raw_file="$2"
- local file="$EASYRSA_PKI/private/$raw_file.key"
+ raw_file="$2"
+ file="$EASYRSA_PKI/private/$raw_file.key"
[ -n "$raw_file" ] || die "\
Missing argument to 'set-$key_type-pass' command: no name/file supplied.
See help output for usage details."
# parse command options
shift 2
- local crypto="-aes256"
+ crypto="-aes256"
while [ -n "$1" ]; do
case "$1" in
nopass) crypto= ;;
@@ -929,20 +941,19 @@
# display cert DN info on a req/X509, passed by full pathname
display_dn() {
- local format="$1" path="$2"
+ format="$1" path="$2"
print "$("$EASYRSA_OPENSSL" $format -in "$path" -noout -subject -nameopt multiline)"
} # => display_dn()
# generate default SAN from req/X509, passed by full pathname
default_server_san() {
- local path="$1"
- local cn=$(
+ path="$1"
+ cn=$(
"$EASYRSA_OPENSSL" req -in "$path" -noout -subject -nameopt sep_multiline |
awk -F'=' '/^ *CN=/{print $2}'
)
- echo "$cn" | egrep -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
- if [[ $? -eq 0 ]]
- then
+ echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
+ if [ $? -eq 0 ]; then
print "subjectAltName = IP:$cn"
else
print "subjectAltName = DNS:$cn"
@@ -951,7 +962,8 @@
# verify a file seems to be a valid req/X509
verify_file() {
- local format="$1" path="$2"
+ format="$1"
+ path="$2"
"$EASYRSA_OPENSSL" $format -in "$path" -noout 2>/dev/null || return 1
return 0
} # => verify_file()
@@ -959,18 +971,25 @@
# show-* command backend
# Prints req/cert details in a readable format
show() {
- local type="$1" name="$2" in_file format
+ type="$1"
+ name="$2"
+ in_file=""
+ format=""
[ -n "$name" ] || die "\
Missing expected filename_base argument.
Run easyrsa without commands for usage help."
shift 2
# opts support
- local opts="-${type}opt no_pubkey,no_sigdump"
+ opts="-${type}opt no_pubkey,no_sigdump"
while [ -n "$1" ]; do
case "$1" in
- full) opts= ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
+ full)
+ opts=""
+ ;;
+ *)
+ warn "Ignoring unknown command option: '$1'"
+ ;;
esac
shift
done
@@ -1011,12 +1030,12 @@
vars_setup() {
# Try to locate a 'vars' file in order of location preference.
# If one is found, source it
- local vars=
+ vars=
# set up program path
- local prog_vars="${0%/*}/vars"
+ prog_vars="${0%/*}/vars"
# set up PKI path
- local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
+ pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
# command-line path:
if [ -f "$EASYRSA_VARS_FILE" ]; then
@@ -1060,16 +1079,17 @@
set_var EASYRSA_CRL_DAYS 180
set_var EASYRSA_NS_SUPPORT no
set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate"
- set_var EASYRSA_TEMP_FILE "$EASYRSA_PKI/extensions.temp"
+ set_var EASYRSA_TEMP_CONF "$EASYRSA_PKI/openssl-easyrsa.temp"
+ set_var EASYRSA_TEMP_EXT "$EASYRSA_PKI/extensions.temp"
set_var EASYRSA_TEMP_FILE_2 ""
set_var EASYRSA_TEMP_FILE_3 ""
set_var EASYRSA_REQ_CN ChangeMe
set_var EASYRSA_DIGEST sha256
# Detect openssl config, preferring EASYRSA_PKI over EASYRSA
- if [ -f "$EASYRSA_PKI/openssl-1.0.cnf" ]; then
- set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-1.0.cnf"
- else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf"
+ if [ -f "$EASYRSA_PKI/openssl-easyrsa.cnf" ]; then
+ set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
+ else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf"
fi
# Same as above for the x509-types extensions dir
@@ -1095,9 +1115,9 @@
# the variable when it is already defined (even if currently null)
# Sets $1 as the value contained in $2 and exports (may be blank)
set_var() {
- local var=$1
+ var=$1
shift
- local value="$*"
+ value="$*"
eval "export $var=\"\${$var-$value}\""
} #=> set_var()
@@ -1167,6 +1187,9 @@
export EASYRSA_SUBCA_LEN="$val" ;;
--vars)
export EASYRSA_VARS_FILE="$val" ;;
+ --copy-ext)
+ empty_ok=1
+ export EASYRSA_CP_EXT=1 ;;
--subject-alt-name)
export EASYRSA_EXTRA_EXTS="\
$EASYRSA_EXTRA_EXTS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/mktemp.txt new/EasyRSA-3.0.4/mktemp.txt
--- old/EasyRSA-3.0.3/mktemp.txt 1970-01-01 01:00:00.000000000 +0100
+++ new/EasyRSA-3.0.4/mktemp.txt 2018-01-21 16:37:25.000000000 +0100
@@ -0,0 +1,20 @@
+Mktemp is distributed under the following ISC-style license:
+
+ Copyright (c) 1996-1997, 2000-2001, 2008, 2010
+ Todd C. Miller <Todd.Miller(a)courtesan.com>
+ Copyright (c) 1996, David Mazieres <dm(a)uun.org>
+ Copyright (c) 2008, Damien Miller <djm(a)openbsd.org>
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+From https://www.mktemp.org/mktemp/license.html
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/openssl-1.0.cnf new/EasyRSA-3.0.4/openssl-1.0.cnf
--- old/EasyRSA-3.0.3/openssl-1.0.cnf 2015-09-03 01:10:26.000000000 +0200
+++ new/EasyRSA-3.0.4/openssl-1.0.cnf 1970-01-01 01:00:00.000000000 +0100
@@ -1,137 +0,0 @@
-# For use with Easy-RSA 3.0 and OpenSSL 1.0.*
-
-RANDFILE = $ENV::EASYRSA_PKI/.rnd
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = $ENV::EASYRSA_PKI # Where everything is kept
-certs = $dir # Where the issued certs are kept
-crl_dir = $dir # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-new_certs_dir = $dir/certs_by_serial # default place for new certs.
-
-certificate = $dir/ca.crt # The CA certificate
-serial = $dir/serial # The current serial number
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/ca.key # The private key
-RANDFILE = $dir/.rand # private random number file
-
-x509_extensions = basic_exts # The extentions to add to the cert
-
-# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
-# is designed for will. In return, we get the Issuer attached to CRLs.
-crl_extensions = crl_ext
-
-default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for
-default_crl_days= $ENV::EASYRSA_CRL_DAYS # how long before next CRL
-default_md = $ENV::EASYRSA_DIGEST # use public key default MD
-preserve = no # keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_anything
-
-# For the 'anything' policy, which defines allowed DN fields
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-name = optional
-emailAddress = optional
-
-####################################################################
-# Easy-RSA request handling
-# We key off $DN_MODE to determine how to format the DN
-[ req ]
-default_bits = $ENV::EASYRSA_KEY_SIZE
-default_keyfile = privkey.pem
-default_md = $ENV::EASYRSA_DIGEST
-distinguished_name = $ENV::EASYRSA_DN
-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
-
-# A placeholder to handle the $EXTRA_EXTS feature:
-#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
-
-####################################################################
-# Easy-RSA DN (Subject) handling
-
-# Easy-RSA DN for cn_only support:
-[ cn_only ]
-commonName = Common Name (eg: your user, host, or server name)
-commonName_max = 64
-commonName_default = $ENV::EASYRSA_REQ_CN
-
-# Easy-RSA DN for org support:
-[ org ]
-countryName = Country Name (2 letter code)
-countryName_default = $ENV::EASYRSA_REQ_COUNTRY
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE
-
-localityName = Locality Name (eg, city)
-localityName_default = $ENV::EASYRSA_REQ_CITY
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = $ENV::EASYRSA_REQ_ORG
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-organizationalUnitName_default = $ENV::EASYRSA_REQ_OU
-
-commonName = Common Name (eg: your user, host, or server name)
-commonName_max = 64
-commonName_default = $ENV::EASYRSA_REQ_CN
-
-emailAddress = Email Address
-emailAddress_default = $ENV::EASYRSA_REQ_EMAIL
-emailAddress_max = 64
-
-####################################################################
-# Easy-RSA cert extension handling
-
-# This section is effectively unused as the main script sets extensions
-# dynamically. This core section is left to support the odd usecase where
-# a user calls openssl directly.
-[ basic_exts ]
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-
-# The Easy-RSA CA extensions
-[ easyrsa_ca ]
-
-# PKIX recommendations:
-
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This could be marked critical, but it's nice to support reading by any
-# broken clients who attempt to do so.
-basicConstraints = CA:true
-
-# Limit key usage to CA tasks. If you really want to use the generated pair as
-# a self-signed cert, comment this out.
-keyUsage = cRLSign, keyCertSign
-
-# nsCertType omitted by default. Let's try to let the deprecated stuff die.
-# nsCertType = sslCA
-
-# CRL extensions.
-[ crl_ext ]
-
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/openssl-easyrsa.cnf new/EasyRSA-3.0.4/openssl-easyrsa.cnf
--- old/EasyRSA-3.0.3/openssl-easyrsa.cnf 1970-01-01 01:00:00.000000000 +0100
+++ new/EasyRSA-3.0.4/openssl-easyrsa.cnf 2018-01-21 16:37:26.000000000 +0100
@@ -0,0 +1,137 @@
+# For use with Easy-RSA 3.0 and OpenSSL 1.0.*
+
+RANDFILE = $ENV::EASYRSA_PKI/.rnd
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = $ENV::EASYRSA_PKI # Where everything is kept
+certs = $dir # Where the issued certs are kept
+crl_dir = $dir # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/certs_by_serial # default place for new certs.
+
+certificate = $dir/ca.crt # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/ca.key # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = basic_exts # The extentions to add to the cert
+
+# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
+# is designed for will. In return, we get the Issuer attached to CRLs.
+crl_extensions = crl_ext
+
+default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for
+default_crl_days= $ENV::EASYRSA_CRL_DAYS # how long before next CRL
+default_md = $ENV::EASYRSA_DIGEST # use public key default MD
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_anything
+
+# For the 'anything' policy, which defines allowed DN fields
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+name = optional
+emailAddress = optional
+
+####################################################################
+# Easy-RSA request handling
+# We key off $DN_MODE to determine how to format the DN
+[ req ]
+default_bits = $ENV::EASYRSA_KEY_SIZE
+default_keyfile = privkey.pem
+default_md = $ENV::EASYRSA_DIGEST
+distinguished_name = $ENV::EASYRSA_DN
+x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
+
+# A placeholder to handle the $EXTRA_EXTS feature:
+#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
+
+####################################################################
+# Easy-RSA DN (Subject) handling
+
+# Easy-RSA DN for cn_only support:
+[ cn_only ]
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = $ENV::EASYRSA_REQ_CN
+
+# Easy-RSA DN for org support:
+[ org ]
+countryName = Country Name (2 letter code)
+countryName_default = $ENV::EASYRSA_REQ_COUNTRY
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE
+
+localityName = Locality Name (eg, city)
+localityName_default = $ENV::EASYRSA_REQ_CITY
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = $ENV::EASYRSA_REQ_ORG
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default = $ENV::EASYRSA_REQ_OU
+
+commonName = Common Name (eg: your user, host, or server name)
+commonName_max = 64
+commonName_default = $ENV::EASYRSA_REQ_CN
+
+emailAddress = Email Address
+emailAddress_default = $ENV::EASYRSA_REQ_EMAIL
+emailAddress_max = 64
+
+####################################################################
+# Easy-RSA cert extension handling
+
+# This section is effectively unused as the main script sets extensions
+# dynamically. This core section is left to support the odd usecase where
+# a user calls openssl directly.
+[ basic_exts ]
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+
+# The Easy-RSA CA extensions
+[ easyrsa_ca ]
+
+# PKIX recommendations:
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This could be marked critical, but it's nice to support reading by any
+# broken clients who attempt to do so.
+basicConstraints = CA:true
+
+# Limit key usage to CA tasks. If you really want to use the generated pair as
+# a self-signed cert, comment this out.
+keyUsage = cRLSign, keyCertSign
+
+# nsCertType omitted by default. Let's try to let the deprecated stuff die.
+# nsCertType = sslCA
+
+# CRL extensions.
+[ crl_ext ]
+
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/vars.example new/EasyRSA-3.0.4/vars.example
--- old/EasyRSA-3.0.3/vars.example 2015-09-03 01:10:26.000000000 +0200
+++ new/EasyRSA-3.0.4/vars.example 2018-01-21 16:37:26.000000000 +0100
@@ -39,10 +39,15 @@
# DO YOUR EDITS BELOW THIS POINT
-# This variable should point to the top level of the easy-rsa tree. By default,
-# this is taken to be the directory you are currently in.
+# This variable is used as the base location of configuration files needed by
+# easyrsa. More specific variables for specific files (e.g., EASYRSA_SSL_CONF)
+# may override this default.
+#
+# The default value of this variable is the location of the easyrsa script
+# itself, which is also where the configuration files are located in the
+# easy-rsa tree.
-#set_var EASYRSA "$PWD"
+#set_var EASYRSA "${0%/*}"
# If your OpenSSL command is not in the system PATH, you will need to define the
# path to it here. Normally this means a full path to the executable, otherwise
@@ -57,12 +62,14 @@
# This sample is in Windows syntax -- edit it for your path if not using PATH:
#set_var EASYRSA_OPENSSL "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"
-# Edit this variable to point to your soon-to-be-created key directory.
+# Edit this variable to point to your soon-to-be-created key directory. By
+# default, this will be "$PWD/pki" (i.e. the "pki" subdirectory of the
+# directory you are currently in).
#
# WARNING: init-pki will do a rm -rf on this directory so make sure you define
# it correctly! (Interactive mode will prompt before acting.)
-#set_var EASYRSA_PKI "$EASYRSA/pki"
+#set_var EASYRSA_PKI "$PWD/pki"
# Define X509 DN mode.
# This is used to adjust what elements are included in the Subject field as the DN
@@ -172,12 +179,12 @@
# OpenSSL config file:
# If you need to use a specific openssl config file, you can reference it here.
-# Normally this file is auto-detected from a file named openssl-1.0.cnf from the
+# Normally this file is auto-detected from a file named openssl-easyrsa.cnf from the
# EASYRSA_PKI or EASYRSA dir (in that order.) NOTE that this file is Easy-RSA
# specific and you cannot just use a standard config file, so this is an
# advanced feature.
-#set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf"
+#set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf"
# Default CN:
# This is best left alone. Interactively you will set this manually, and BATCH
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/x509-types/code-signing new/EasyRSA-3.0.4/x509-types/code-signing
--- old/EasyRSA-3.0.3/x509-types/code-signing 1970-01-01 01:00:00.000000000 +0100
+++ new/EasyRSA-3.0.4/x509-types/code-signing 2018-01-21 16:37:26.000000000 +0100
@@ -0,0 +1,8 @@
+# X509 extensions for a client
+
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+extendedKeyUsage = codeSigning
+keyUsage = digitalSignature
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/EasyRSA-3.0.3/x509-types/san new/EasyRSA-3.0.4/x509-types/san
--- old/EasyRSA-3.0.3/x509-types/san 2017-08-22 00:55:16.000000000 +0200
+++ new/EasyRSA-3.0.4/x509-types/san 1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-[ san ]
-subjectAltName=${ENV::SAN}
++++++ suse-packaging.patch ++++++
--- /var/tmp/diff_new_pack.hj9Ekj/_old 2018-01-30 15:44:30.498311853 +0100
+++ /var/tmp/diff_new_pack.hj9Ekj/_new 2018-01-30 15:44:30.502311667 +0100
@@ -2,20 +2,20 @@
--- easyrsa3/easyrsa 2017-07-19 05:24:59.583924924 +0200
***************
*** 1014,1020 ****
- local vars=
+ vars=
# set up program path
-! local prog_vars="${0%/*}/vars"
+! prog_vars="${0%/*}/vars"
# set up PKI path
- local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
+ pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
--- 1014,1020 ----
- local vars=
+ vars=
# set up program path
-! local prog_vars="/etc/easy-rsa/vars"
+! prog_vars="/etc/easy-rsa/vars"
# set up PKI path
- local pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
+ pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
***************
*** 1041,1047 ****
1
0
Hello community,
here is the log from the commit of package lyx for openSUSE:Factory checked in at 2018-01-30 15:44:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lyx (Old)
and /work/SRC/openSUSE:Factory/.lyx.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lyx"
Tue Jan 30 15:44:09 2018 rev:85 rq:570784 version:2.3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/lyx/lyx.changes 2017-05-17 17:20:10.525664641 +0200
+++ /work/SRC/openSUSE:Factory/.lyx.new/lyx.changes 2018-01-30 15:44:28.842389159 +0100
@@ -1,0 +2,14 @@
+Mon Jan 29 20:56:16 UTC 2018 - cornelis(a)solcon.nl
+
+- Update to 2.3..0rc2:
+ This is a major feature release, with as major features:
+ * biblatex support
+ * improved quotation marks handling
+ * for more see: https://wiki.lyx.org/LyX/NewInLyX23
+- Make texlive-biber and texlive-bibtex8 recommends (because of
+ added biblatex support)
+- Clean up spec file: remove all references to older versions.
+ Because of the required automake version only Tumbleweed and 15
+ are supported.
+
+-------------------------------------------------------------------
Old:
----
lyx-2.2.3.tar.xz
lyx-2.2.3.tar.xz.sig
New:
----
lyx-2.3.0rc2.tar.xz
lyx-2.3.0rc2.tar.xz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lyx.spec ++++++
--- /var/tmp/diff_new_pack.hKD60k/_old 2018-01-30 15:44:29.642351814 +0100
+++ /var/tmp/diff_new_pack.hKD60k/_new 2018-01-30 15:44:29.646351627 +0100
@@ -1,7 +1,7 @@
#
# spec file for package lyx
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,16 +17,17 @@
Name: lyx
-Version: 2.2.3
+Version: 2.3.0
Release: 0
+%define rversion 2.3.0rc2
Summary: WYSIWYM (What You See Is What You Mean) document processor
License: GPL-2.0+
Group: Productivity/Publishing/TeX/Frontends
Url: http://www.lyx.org/
-Source: ftp://ftp.lyx.org/pub/lyx/stable/2.2.x/lyx-%{version}.tar.xz
+Source: ftp://ftp.lyx.org/pub/lyx/devel/lyx-2.3/lyx-2.3.0rc2/lyx-%{rversion}.tar.xz
Source1: lyxrc.dist
Source2: lyx.keyring
-Source3: ftp://ftp.lyx.org/pub/lyx/stable/2.2.x/lyx-%{version}.tar.xz.sig
+Source3: ftp://ftp.lyx.org/pub/lyx/devel/lyx-2.3/lyx-2.3.0rc2/lyx-%{rversion}.tar.xz…
#!BuildIgnore: lyx
BuildRequires: autoconf
BuildRequires: automake
@@ -43,12 +44,7 @@
Requires: ImageMagick
Requires: ghostscript
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-%if 0%{?suse_version} > 1325
BuildRequires: libboost_signals-devel
-%else
-BuildRequires: boost-devel
-%endif
-%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315 && 0%{?is_opensuse}
BuildRequires: pkgconfig(Qt5Concurrent)
BuildRequires: pkgconfig(Qt5Core)
BuildRequires: pkgconfig(Qt5DBus)
@@ -59,14 +55,6 @@
BuildRequires: pkgconfig(Qt5Svg)
BuildRequires: pkgconfig(Qt5Widgets)
BuildRequires: pkgconfig(Qt5Xml)
-%else
-BuildRequires: libqt4-devel
-%endif
-%if 0%{?suse_version} < 1230
-Requires: texlive-latex
-Recommends: texlive-xetex
-Recommends: xindy
-%else
# Goal is to require/recommends (roughly) everything that is supported in the GUI of LyX
# LyX can supoort everything of LaTeX in the preamble, but not everything is supported in the GUI
# I have ingored extra fonts and document classes
@@ -74,6 +62,8 @@
Recommends: texlive-algorithms
Recommends: texlive-arabi
Recommends: texlive-bezos
+Recommends: texlive-biber
+Recommends: texlive-bibtex8
Recommends: texlive-bibtopic
Recommends: texlive-braille
Recommends: texlive-collection-fontsrecommended
@@ -110,11 +100,6 @@
Recommends: texlive-picinpar
Recommends: texlive-shapepar
Recommends: texlive-sidecap
-# Only suggest biblatex/biber, because only the engine (biber) is supported in the GUI,
-# not biblatex itself (the only one that can use biber)
-Suggests: texlive-biber
-Suggests: texlive-bibtex8
-%endif
%description
LyX is a document processor that encourages an approach to writing
@@ -127,15 +112,14 @@
document under "Help" on the menubar.
%prep
-%setup -q
+%setup -q -n %{name}-%{rversion}
%build
#./autogen.sh
TEXMF=%{_datadir}/texmf
%configure \
-%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315 && 0%{?is_opensuse}
+ --enable-build-type=rel \
--enable-qt5 \
-%endif
--without-included-boost \
--without-aspell \
--with-hunspell \
1
0
Hello community,
here is the log from the commit of package tryton for openSUSE:Factory checked in at 2018-01-30 15:44:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tryton (Old)
and /work/SRC/openSUSE:Factory/.tryton.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tryton"
Tue Jan 30 15:44:06 2018 rev:14 rq:570779 version:4.2.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/tryton/tryton.changes 2017-12-14 11:01:41.635418739 +0100
+++ /work/SRC/openSUSE:Factory/.tryton.new/tryton.changes 2018-01-30 15:44:17.338926191 +0100
@@ -1,0 +2,6 @@
+Mon Jan 29 09:19:28 UTC 2018 - tchvatal(a)suse.com
+
+- Do not pull in python-gnome-desktop package
+- Add null build phase to make rpmlint happy
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ tryton.spec ++++++
--- /var/tmp/diff_new_pack.Lr76Rt/_old 2018-01-30 15:44:18.150888285 +0100
+++ /var/tmp/diff_new_pack.Lr76Rt/_new 2018-01-30 15:44:18.154888098 +0100
@@ -1,7 +1,7 @@
#
# spec file for package tryton
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015-2016 Dr. Axel Braun
#
# All modifications and additions to the file contributed by third parties
@@ -36,7 +36,6 @@
BuildRequires: python-devel
BuildRequires: python-gtk
BuildRequires: python-python-dateutil
-BuildRequires: python-rsvg
BuildRequires: python-setuptools
BuildRequires: python-simplejson
BuildRequires: update-desktop-files
@@ -51,11 +50,9 @@
Requires: python-gtk
Requires: python-opencv
Requires: python-pytz
-Requires: python-rsvg
Requires: python-setuptools
Requires: python-simplejson
Requires: python-xml
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
%description
@@ -72,8 +69,10 @@
cd %{name}/plugins/
tar --strip-components 1 -xzvf %{SOURCE1}
-%install
+%build
+:
+%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}
# menu-entry
@@ -95,7 +94,6 @@
%icon_theme_cache_postun
%files
-%defattr(-,root,root)
%{_bindir}/%{name}
%{_datadir}/applications/%{name}.desktop
%doc COPYRIGHT LICENSE README CHANGELOG
1
0
Hello community,
here is the log from the commit of package gnuhealth-client for openSUSE:Factory checked in at 2018-01-30 15:44:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnuhealth-client (Old)
and /work/SRC/openSUSE:Factory/.gnuhealth-client.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnuhealth-client"
Tue Jan 30 15:44:03 2018 rev:2 rq:570778 version:3.2.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/gnuhealth-client/gnuhealth-client.changes 2018-01-06 18:55:43.708895231 +0100
+++ /work/SRC/openSUSE:Factory/.gnuhealth-client.new/gnuhealth-client.changes 2018-01-30 15:44:16.634959055 +0100
@@ -1,0 +2,6 @@
+Mon Jan 29 09:22:30 UTC 2018 - tchvatal(a)suse.com
+
+- Add emptly build phase to silence rpmlint
+- Drop python-rsvg require, the code does not include it
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gnuhealth-client.spec ++++++
--- /var/tmp/diff_new_pack.54v6sh/_old 2018-01-30 15:44:17.130935901 +0100
+++ /var/tmp/diff_new_pack.54v6sh/_new 2018-01-30 15:44:17.134935714 +0100
@@ -1,7 +1,7 @@
#
# spec file for package gnuhealth-client
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015-2017 Dr. Axel Braun
#
# All modifications and additions to the file contributed by third parties
@@ -16,9 +16,9 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
%define majorver 3.2
Name: gnuhealth-client
-
Version: %{majorver}.5
Release: 0
Summary: The client of the GNU Health Hospital system
@@ -36,7 +36,6 @@
BuildRequires: python-devel
BuildRequires: python-gtk
BuildRequires: python-python-dateutil
-BuildRequires: python-rsvg
BuildRequires: python-setuptools
BuildRequires: python-simplejson
BuildRequires: update-desktop-files
@@ -51,27 +50,28 @@
Requires: python-gtk
Requires: python-opencv
Requires: python-pytz
-Requires: python-rsvg
Requires: python-setuptools
Requires: python-simplejson
Requires: python-xml
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildArch: noarch
#install Tryton or GNU Health Client
Conflicts: tryton
+BuildArch: noarch
%description
The client of the GNU Health Hospital application
%prep
-%setup -q -n %{name}-%{version}
+%setup -q
%patch0 -p1
-cp %{S:2} .
+cp %{SOURCE2} .
pwd
cd %{name}/plugins/
tar --strip-components 1 -xzvf %{SOURCE1}
+%build
+:
+
%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}
@@ -94,7 +94,6 @@
%icon_theme_cache_postun
%files
-%defattr(-,root,root)
%{_bindir}/%{name}
%{_datadir}/applications/%{name}.desktop
%doc COPYRIGHT COPYING COPYRIGHT Changelog
1
0
Hello community,
here is the log from the commit of package zimg for openSUSE:Factory checked in at 2018-01-30 15:43:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/zimg (Old)
and /work/SRC/openSUSE:Factory/.zimg.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "zimg"
Tue Jan 30 15:43:54 2018 rev:24 rq:570773 version:2.7.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/zimg/zimg.changes 2018-01-16 09:42:52.868255182 +0100
+++ /work/SRC/openSUSE:Factory/.zimg.new/zimg.changes 2018-01-30 15:44:13.515104704 +0100
@@ -1,0 +2,9 @@
+Mon Jan 29 20:40:37 UTC 2018 - 9+suse(a)cirno.systems
+
+- Update to 2.7.2
+ * graph: fix image corruption in certain conversions
+ (introduced in 2.7)
+ * resize: fix AVX-512 horizontal resize with certain widths
+ (introduced in 2.6)
+
+-------------------------------------------------------------------
Old:
----
release-2.7.1.tar.gz
New:
----
release-2.7.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ zimg.spec ++++++
--- /var/tmp/diff_new_pack.la8WaX/_old 2018-01-30 15:44:14.351065677 +0100
+++ /var/tmp/diff_new_pack.la8WaX/_new 2018-01-30 15:44:14.351065677 +0100
@@ -18,7 +18,7 @@
%define sover 2
Name: zimg
-Version: 2.7.1
+Version: 2.7.2
Release: 0
Summary: Scaling, colorspace conversion, and dithering library
License: WTFPL
++++++ release-2.7.1.tar.gz -> release-2.7.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/zimg-release-2.7.1/ChangeLog new/zimg-release-2.7.2/ChangeLog
--- old/zimg-release-2.7.1/ChangeLog 2018-01-14 00:39:46.000000000 +0100
+++ new/zimg-release-2.7.2/ChangeLog 2018-01-20 03:58:48.000000000 +0100
@@ -1,3 +1,7 @@
+2.7.2
+graph: fix image corruption in certain conversions (introduced in 2.7)
+resize: fix AVX-512 horizontal resize with certain widths (introduced in 2.6)
+
2.7.1
colorspace: fix incorrect ST.428 primaries (introduced in 2.7)
colorspace: preserve BTB/WTW when approximate_gamma is set
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/zimg-release-2.7.1/configure.ac new/zimg-release-2.7.2/configure.ac
--- old/zimg-release-2.7.1/configure.ac 2018-01-14 00:39:46.000000000 +0100
+++ new/zimg-release-2.7.2/configure.ac 2018-01-20 03:58:48.000000000 +0100
@@ -1,4 +1,4 @@
-AC_INIT([zimg], [2.7.1], [https://github.com/sekrit-twc/zimg/pulls], [zimg], [https://github.com/sekrit-twc/zimg])
+AC_INIT([zimg], [2.7.2], [https://github.com/sekrit-twc/zimg/pulls], [zimg], [https://github.com/sekrit-twc/zimg])
AC_CONFIG_MACRO_DIR([m4])
: ${CFLAGS=""}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/zimg-release-2.7.1/src/zimg/api/zimg.cpp new/zimg-release-2.7.2/src/zimg/api/zimg.cpp
--- old/zimg-release-2.7.1/src/zimg/api/zimg.cpp 2018-01-14 00:39:46.000000000 +0100
+++ new/zimg-release-2.7.2/src/zimg/api/zimg.cpp 2018-01-20 03:58:48.000000000 +0100
@@ -36,7 +36,7 @@
thread_local zimg_error_code_e g_last_error = ZIMG_ERROR_SUCCESS;
thread_local std::string g_last_error_msg;
-constexpr unsigned VERSION_INFO[] = { 2, 7, 1 };
+constexpr unsigned VERSION_INFO[] = { 2, 7, 2 };
template <class T, class U>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/zimg-release-2.7.1/src/zimg/graph/filtergraph.cpp new/zimg-release-2.7.2/src/zimg/graph/filtergraph.cpp
--- old/zimg-release-2.7.1/src/zimg/graph/filtergraph.cpp 2018-01-14 00:39:46.000000000 +0100
+++ new/zimg-release-2.7.2/src/zimg/graph/filtergraph.cpp 2018-01-20 03:58:48.000000000 +0100
@@ -123,6 +123,7 @@
struct SimulationState {
unsigned pos;
+ unsigned cache_pos;
unsigned lines;
bool hit;
};
@@ -297,8 +298,10 @@
m_cache_id = id;
}
- void update_cache_state(SimulationState *state, unsigned n) const
+ void update_cache_state(SimulationState *state, unsigned first, unsigned last) const
{
+ unsigned n = std::max(state[get_cache_id()].cache_pos, last) - first;
+
if (n > state[get_cache_id()].lines) {
unsigned height = get_image_attributes().height;
unsigned mask = select_zimg_buffer_mask(n);
@@ -308,6 +311,8 @@
else
state[get_cache_id()].lines = mask + 1;
}
+
+ state[get_cache_id()].cache_pos = std::max(state[get_cache_id()].cache_pos, last);
}
void init_cache_context(ExecutionState::node_cache_state *ctx) const
@@ -430,7 +435,7 @@
state[get_id()].pos = pos;
state[get_id()].hit = true;
- update_cache_state(state, pos - first);
+ update_cache_state(state, first, pos);
}
size_t get_context_size(ExecutionStrategy) const override { return 0; }
@@ -546,7 +551,7 @@
state[get_id()].pos = pos;
state[get_id()].hit = true;
- update_cache_state(state, pos - first);
+ update_cache_state(state, first, pos);
}
size_t get_tmp_size(unsigned left, unsigned right) const override
@@ -787,7 +792,7 @@
state[get_id()].hit = true;
state[get_id()].pos = pos;
- update_cache_state(state, pos - first);
+ update_cache_state(state, first, pos);
}
size_t get_context_size(ExecutionStrategy strategy) const override
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/zimg-release-2.7.1/src/zimg/resize/x86/resize_impl_avx512.cpp new/zimg-release-2.7.2/src/zimg/resize/x86/resize_impl_avx512.cpp
--- old/zimg-release-2.7.1/src/zimg/resize/x86/resize_impl_avx512.cpp 2018-01-14 00:39:46.000000000 +0100
+++ new/zimg-release-2.7.2/src/zimg/resize/x86/resize_impl_avx512.cpp 2018-01-20 03:58:48.000000000 +0100
@@ -462,8 +462,8 @@
void resize_line16_h_u16_avx512(const unsigned *filter_left, const int16_t * RESTRICT filter_data, unsigned filter_stride, unsigned filter_width,
const uint16_t * RESTRICT src_ptr, uint16_t * const *dst_ptr, unsigned src_base, unsigned left, unsigned right, uint16_t limit)
{
- unsigned vec_left = ceil_n(left, 16);
- unsigned vec_right = floor_n(right, 16);
+ unsigned vec_left = ceil_n(left, 32);
+ unsigned vec_right = floor_n(right, 32);
#define XITER resize_line16_h_u16_avx512_xiter<DoLoop, Tail>
#define XARGS filter_left, filter_data, filter_stride, filter_width, src_ptr, src_base, limit
@@ -1555,7 +1555,7 @@
context.left.resize(ceil_n(filter.filter_rows, 16) / 16);
context.permute.resize(ceil_n(filter.filter_rows, 16) * 2);
context.data.resize(ceil_n(filter.filter_rows, 16) * filter_width);
- context.filter_rows = ceil_n(filter.filter_rows, 2);
+ context.filter_rows = filter.filter_rows;
context.filter_width = filter_width;
context.input_width = filter.input_width;
1
0
Hello community,
here is the log from the commit of package rosegarden for openSUSE:Factory checked in at 2018-01-30 15:43:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rosegarden (Old)
and /work/SRC/openSUSE:Factory/.rosegarden.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rosegarden"
Tue Jan 30 15:43:52 2018 rev:31 rq:570645 version:17.12
Changes:
--------
--- /work/SRC/openSUSE:Factory/rosegarden/rosegarden.changes 2018-01-20 11:28:07.684400406 +0100
+++ /work/SRC/openSUSE:Factory/.rosegarden.new/rosegarden.changes 2018-01-30 15:44:12.303161283 +0100
@@ -1,0 +2,5 @@
+Mon Jan 29 14:35:23 UTC 2018 - sndirsch(a)suse.com
+
+- removed unneeded 'BuildRequires: xorg-x11-util-devel' (bsc#1077489)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rosegarden.spec ++++++
--- /var/tmp/diff_new_pack.0JXnBL/_old 2018-01-30 15:44:13.091124497 +0100
+++ /var/tmp/diff_new_pack.0JXnBL/_new 2018-01-30 15:44:13.095124311 +0100
@@ -56,7 +56,6 @@
#BuildRequires: pkgconfig(libxml++-2.6)
BuildRequires: shared-mime-info
BuildRequires: update-desktop-files
-BuildRequires: xorg-x11-util-devel
BuildRequires: pkgconfig(libxml-2.0)
Requires: dssi
Requires: xsynth-dssi
1
0
Hello community,
here is the log from the commit of package whois for openSUSE:Factory checked in at 2018-01-30 15:43:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/whois (Old)
and /work/SRC/openSUSE:Factory/.whois.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "whois"
Tue Jan 30 15:43:47 2018 rev:67 rq:570634 version:5.3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/whois/whois.changes 2018-01-13 21:47:00.715852567 +0100
+++ /work/SRC/openSUSE:Factory/.whois.new/whois.changes 2018-01-30 15:44:09.183306932 +0100
@@ -1,0 +2,8 @@
+Mon Jan 29 13:08:43 UTC 2018 - astieger(a)suse.com
+
+- whois 5.3.0:
+ * Implement querying for ip6.arpa domains
+ * Updat the .pr TLD servers
+ * Update the list of new gTLDs
+
+-------------------------------------------------------------------
Old:
----
whois_5.2.20.tar.xz
New:
----
whois_5.3.0.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ whois.spec ++++++
--- /var/tmp/diff_new_pack.iZdjy5/_old 2018-01-30 15:44:10.043266785 +0100
+++ /var/tmp/diff_new_pack.iZdjy5/_new 2018-01-30 15:44:10.047266598 +0100
@@ -17,7 +17,7 @@
Name: whois
-Version: 5.2.20
+Version: 5.3.0
Release: 0
Summary: Intelligent WHOIS client
License: GPL-2.0+
++++++ whois.asc ++++++
--- /var/tmp/diff_new_pack.iZdjy5/_old 2018-01-30 15:44:10.087264731 +0100
+++ /var/tmp/diff_new_pack.iZdjy5/_new 2018-01-30 15:44:10.091264544 +0100
@@ -5,7 +5,7 @@
Source: whois
Binary: whois
Architecture: any
-Version: 5.2.20
+Version: 5.3.0
Maintainer: Marco d'Itri <md(a)linux.it>
Standards-Version: 4.1.2
Vcs-Browser: https://github.com/rfc1036/whois
@@ -14,23 +14,23 @@
Package-List:
whois deb net standard arch=any
Checksums-Sha1:
- a8f233158282fd99652b0db18dcef59578da69e4 82336 whois_5.2.20.tar.xz
+ d560013dc360134e34071e0f2c46b86b546b82af 82728 whois_5.3.0.tar.xz
Checksums-Sha256:
- 6848ab671750ab3782fe4ab2a47910fe4e25aa93894e4d0f3f67b5fcee06c009 82336 whois_5.2.20.tar.xz
+ 4d789c403bfb5833c8ae168a5f31be70e34b045bd5d95a54c82a27b0ff135723 82728 whois_5.3.0.tar.xz
Files:
- fb2ef193fb8a1f7c29271ee15e14c752 82336 whois_5.2.20.tar.xz
+ 2355e5f4d9b91d4ec5ab608c1ea37a9e 82728 whois_5.3.0.tar.xz
-----BEGIN PGP SIGNATURE-----
-iQGzBAEBCgAdFiEEGBsIcS5ipP0URKfyK/WlwSLE96QFAlpDBPgACgkQK/WlwSLE
-96Safwv/Z+xTVxZAPxKlXSiU5BPhokSH7/8Gq1wsSqM7ducvpfcC6rnK6HZ1rsDf
-ohMD/wXDRttRe6YkubpTDhIKyHsOsIp6G1nuZ90jTKvs6pXZS8LcWFsU1vvWyW08
-jYvRCct28rQykkPKCkgtM8EvmRzMGj3lfVxt+ma1nYnislKrgOoficbLTn09TBK6
-768oC9fgrClGMRoOpKrmqnAcBcbEKzLROCZzDxPZX2kIL1UH7NYRDyAROo9P29Gy
-nA5t/h7u/3iJkwWaASqW5qNwaiAyEFjNlTxTlRXfuJxPL1P9k8DlQJ/fALav1H1B
-Q8IM8aS8gWe56fSVbktNDxfmqfKoGLPWAFFZOtDpWOjr4EYSh8fmGVoCA9PejFwN
-GnnUwc1FOM+tF+PQroQnFTx99m5JkOUcF52sVtiYgIZQlzulEOACnQamO9PXpmDj
-zKQQVuYdRegpCQJu3KfMgQe1d654O/j58XQZXFzOaWuiSOpc/Vf0lRGE0MfblVHc
-Swj734ss
-=bb8h
+iQGzBAEBCgAdFiEEGBsIcS5ipP0URKfyK/WlwSLE96QFAlpj3eUACgkQK/WlwSLE
+96QERgwAsN9vFqrHI34jyPF6wFqxMQ8mgOS+/qGF8W/0HVqXPNike1pQptam6wlj
+wvSFV0I0EdpfDsLYVgSPfo1EjLarqoCIy/yhX+RWVz/MfBhEhlHiKD0YOm9Y8ZsT
+Ni5GMR1wHotakUELg7Pm10EjVMvy8+ezz1KxAYPQoMfVdFRuN6tV83ik4B5AdZIz
+UM3obUy6UBYvlKQUYDP4qhA+9hJ+lkJ2kI7HV3MLI9LrdVyiAVVjWdAIzwubjeHg
+QmMkeP8W9XE8cZ0VkyIcCYJ5/n1mxF+0QfjvNcjJlC/iI2YKAQZqpkKnXTRZdmMv
+IaAxFOT/OfA1aTF4hx1m4yfPtnRtSU2rAqZu1UkKskjxz4gUT5swJyXGp0xWdEFc
+xkYmhgiHjiOqpM46JGSdHLPd5jSyYeT/rSIC+77ZdtmRKbzLy3RPDPmInw30CDG9
+WlwilBa/0RHIDlDeWZ60voIlbtTpjjzEeHZy6it5pNQaLeHbZ2H/ujzLxlU/aEgh
+j3CB/fe5
+=c3HB
-----END PGP SIGNATURE-----
++++++ whois_5.2.20.tar.xz -> whois_5.3.0.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/Makefile new/whois-5.3.0/Makefile
--- old/whois-5.2.20/Makefile 2017-12-27 03:09:58.000000000 +0100
+++ new/whois-5.3.0/Makefile 2018-01-21 01:23:45.000000000 +0100
@@ -33,6 +33,11 @@
DEFS += -DLOCALEDIR=\"$(BASEDIR)$(prefix)/share/locale\"
endif
+# libidn support has been autodetected since 5.2.18
+ifdef HAVE_LIBIDN
+$(error Please fix your build system to stop defining HAVE_LIBIDN!)
+endif
+
ifeq ($(shell $(PKG_CONFIG) --exists 'libidn2 >= 2.0.3' || echo NO),)
whois_LDADD += $(shell $(PKG_CONFIG) --libs libidn2)
DEFS += -DHAVE_LIBIDN2 $(shell $(PKG_CONFIG) --cflags libidn2)
@@ -102,13 +107,8 @@
##############################################################################
afl:
- $(MAKE) whois \
- CC=afl-gcc AFL_HARDEN=1 \
- HAVE_LIBIDN=1 HAVE_ICONV=1 DEFS=-DAFL_MODE=1
-
-afl2:
- $(MAKE) whois \
- HAVE_LIBIDN=1 HAVE_ICONV=1 DEFS=-DAFL_MODE=1
+ -rm -f Makefile.depend
+ DEFS=-DAFL_MODE=1 AFL_HARDEN=1 $(MAKE) whois CC=afl-gcc HAVE_ICONV=1
afl-run:
nice afl-fuzz -i ../afl_in -o ../afl_out -- ./whois
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/data.h new/whois-5.3.0/data.h
--- old/whois-5.2.20/data.h 2017-07-27 17:44:55.000000000 +0200
+++ new/whois-5.3.0/data.h 2018-01-21 01:23:45.000000000 +0100
@@ -78,6 +78,7 @@
"% The WHOIS service offered by DNS Belgium", "", /* be */
"% (c) 2015 NIC Costa Rica", "", /* cr */
"% The WHOIS service offered by EURid", "% of the database", /* eu */
+ "Access to .IN WHOIS information", "", /* in */
"% WHOIS LEGAL STATEMENT AND TERMS & CONDITIONS", NULL, /* sx */
"; The data in the WHOIS database of KSregistry GmbH", "", /* vg */
"NeuStar, Inc., the Registry Administrator for .US", NULL,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/debian/changelog new/whois-5.3.0/debian/changelog
--- old/whois-5.2.20/debian/changelog 2017-12-27 03:15:27.000000000 +0100
+++ new/whois-5.3.0/debian/changelog 2018-01-21 01:23:45.000000000 +0100
@@ -1,3 +1,11 @@
+whois (5.3.0) unstable; urgency=medium
+
+ * Implemented querying for ip6.arpa domains.
+ * Updated the .pr TLD servers.
+ * Updated the list of new gTLDs.
+
+ -- Marco d'Itri <md(a)linux.it> Sun, 21 Jan 2018 01:23:45 +0100
+
whois (5.2.20) unstable; urgency=medium
* Added the .mr TLD server.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/ip6_del_list new/whois-5.3.0/ip6_del_list
--- old/whois-5.2.20/ip6_del_list 2013-03-30 02:31:35.000000000 +0100
+++ new/whois-5.3.0/ip6_del_list 2018-01-21 01:23:45.000000000 +0100
@@ -43,5 +43,3 @@
2A00:0000::/12 ripe
2C00:0000::/12 afrinic
-3FFE:0000::/16 6bone
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/make_tld_serv.pl new/whois-5.3.0/make_tld_serv.pl
--- old/whois-5.2.20/make_tld_serv.pl 2017-07-27 17:44:55.000000000 +0200
+++ new/whois-5.3.0/make_tld_serv.pl 2018-01-21 01:23:45.000000000 +0100
@@ -17,6 +17,7 @@
$b = "\\x03" if $b eq 'NONE';
$b = "\\x08" if $b eq 'AFILIAS';
$b = "\\x0C" if $b eq 'ARPA';
+ $b = "\\x0D" if $b eq 'IP6';
print qq| "$a",\t"$b",\n|;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/mkpasswd.c new/whois-5.3.0/mkpasswd.c
--- old/whois-5.2.20/mkpasswd.c 2017-12-27 03:09:58.000000000 +0100
+++ new/whois-5.3.0/mkpasswd.c 2018-01-21 01:23:45.000000000 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2001-2008 Marco d'Itri
+ * Copyright (C) 2001-2018 Marco d'Itri <md(a)linux.it>.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/new_gtlds_list new/whois-5.3.0/new_gtlds_list
--- old/whois-5.2.20/new_gtlds_list 2017-07-27 17:44:55.000000000 +0200
+++ new/whois-5.3.0/new_gtlds_list 2018-01-21 01:23:45.000000000 +0100
@@ -949,6 +949,7 @@
soy
space
spiegel
+sport
spot
spreadbetting
srl
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/tld_serv_list new/whois-5.3.0/tld_serv_list
--- old/whois-5.2.20/tld_serv_list 2017-12-27 03:15:27.000000000 +0100
+++ new/whois-5.3.0/tld_serv_list 2018-01-21 01:23:45.000000000 +0100
@@ -44,6 +44,7 @@
.e164.arpa whois.ripe.net
.in-addr.arpa ARPA
+.ip6.arpa IP6
.arpa whois.iana.org
.aero whois.aero
@@ -252,7 +253,7 @@
.pl whois.dns.pl
.pm whois.nic.pm
.pn WEB http://www.pitcairn.pn/PnRegistry/
-.pr whois.nic.pr
+.pr whois.afilias-srs.net
.ps whois.pnina.ps
.pt whois.dns.pt
.pw whois.nic.pw
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/version.h new/whois-5.3.0/version.h
--- old/whois-5.2.20/version.h 2017-12-27 03:15:27.000000000 +0100
+++ new/whois-5.3.0/version.h 2018-01-13 01:39:11.000000000 +0100
@@ -1 +1 @@
-#define VERSION "5.2.20"
+#define VERSION "5.3.0"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/whois.1 new/whois-5.3.0/whois.1
--- old/whois-5.2.20/whois.1 2017-08-22 18:37:55.000000000 +0200
+++ new/whois-5.3.0/whois.1 2018-01-21 01:23:45.000000000 +0100
@@ -207,8 +207,6 @@
This program closely tracks the user interface of the whois client
developed at RIPE by Ambrose Magee and others on the base of the
original BSD client.
-I also added support for the protocol extensions developed by David
-Kessens of QWest for the 6bone server.
.SH "AUTHOR"
.B Whois
and this man page were written by Marco d'Itri <\fImd(a)linux.it\fP>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/whois.c new/whois-5.3.0/whois.c
--- old/whois-5.2.20/whois.c 2017-12-27 03:09:58.000000000 +0100
+++ new/whois-5.3.0/whois.c 2018-01-21 01:23:45.000000000 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2010 by Marco d'Itri <md(a)linux.it>.
+ * Copyright (C) 1999-2018 Marco d'Itri <md(a)linux.it>.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -368,6 +368,12 @@
server = guess_server(p);
free(p);
goto retry;
+ case 0x0D:
+ p = convert_in6arpa(query);
+ free(server);
+ server = guess_server(p);
+ free(p);
+ goto retry;
default:
break;
}
@@ -555,7 +561,7 @@
char *server = malloc(strlen("whois.nic.") + strlen(tld) + 1);
strcpy(server, "whois.nic.");
strcat(server, tld);
- return(server);
+ return server;
}
/* no dot but hyphen */
@@ -935,7 +941,7 @@
* instead of connecting to the actual whois server.
*/
if (AFL_MODE)
- return (dup(0));
+ return dup(0);
alarm(60);
@@ -1001,7 +1007,7 @@
struct timeval tv;
if (timeout <= 0)
- return (connect(fd, addr, addrlen));
+ return connect(fd, addr, addrlen);
if ((savedflags = fcntl(fd, F_GETFL, 0)) < 0)
return -1;
@@ -1065,7 +1071,8 @@
err_quit(_("Interrupted by signal %d..."), signum);
}
-int japanese_locale(void) {
+int japanese_locale(void)
+{
char *lang;
lang = getenv("LC_MESSAGE");
@@ -1212,7 +1219,8 @@
/* server and port have to be freed by the caller */
void split_server_port(const char *const input,
- char **server, char **port) {
+ char **server, char **port)
+{
char *p;
if (*input == '[' && (p = strchr(input, ']'))) { /* IPv6 */
@@ -1326,6 +1334,69 @@
return new;
}
+char *convert_in6arpa(const char *s)
+{
+ char *ip, *p;
+ int character = 0;
+ int digits = 1;
+
+ ip = malloc(40);
+
+ p = strstr(s, ".ip6.arpa");
+ if (!p || p == s) {
+ ip[character] = '\0';
+ return ip;
+ }
+
+ /* start from the first character before ".ip6.arpa" */
+ p--;
+
+ while (1) {
+ /* check that this is a valid digit for an IPv6 address */
+ if (!((*p >= '0' && *p <= '9') || (*p >= 'a' && *p <= 'f') ||
+ (*p >= 'A' && *p <= 'F'))) {
+ free(ip);
+ ip[character] = '\0';
+ return ip;
+ }
+
+ /* copy the digit to the IP address */
+ ip[character++] = *p;
+
+ /* stop if we have reached the beginning of the string */
+ if (p == s)
+ break;
+
+ /* stop if we have parsed a complete address */
+ if (character == 39)
+ break;
+
+ /* add the colon separator every four digits */
+ if ((digits++ % 4) == 0)
+ ip[character++] = ':';
+
+ /* go to the precedent character and abort if it is not a dot */
+ p--;
+ if (*p != '.') {
+ ip[character] = '\0';
+ return ip;
+ }
+
+ /* abort if the string starts with the dot */
+ if (p == s) {
+ ip[character] = '\0';
+ return ip;
+ }
+
+ /* go to the precedent character and continue */
+ p--;
+ }
+
+ /* terminate the string */
+ ip[character] = '\0';
+ return ip;
+}
+
unsigned long myinet_aton(const char *s)
{
unsigned long a, b, c, d;
@@ -1356,7 +1427,8 @@
return (a << 16) + b;
}
-int isasciidigit(const char c) {
+int isasciidigit(const char c)
+{
return (c >= '0' && c <= '9') ? 1 : 0;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/whois-5.2.20/whois.h new/whois-5.3.0/whois.h
--- old/whois-5.2.20/whois.h 2017-07-27 17:44:55.000000000 +0200
+++ new/whois-5.3.0/whois.h 2018-01-21 01:23:45.000000000 +0100
@@ -38,6 +38,7 @@
char *convert_6to4(const char *);
char *convert_teredo(const char *);
char *convert_inaddr(const char *);
+char *convert_in6arpa(const char *);
int handle_query(const char *server, const char *port,
const char *qstring, const char *fstring);
void split_server_port(const char *const input, char **server, char **port);
1
0
Hello community,
here is the log from the commit of package hackrf for openSUSE:Factory checked in at 2018-01-30 15:43:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/hackrf (Old)
and /work/SRC/openSUSE:Factory/.hackrf.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hackrf"
Tue Jan 30 15:43:43 2018 rev:2 rq:570631 version:2018.01.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/hackrf/hackrf.changes 2017-11-08 15:10:32.369159087 +0100
+++ /work/SRC/openSUSE:Factory/.hackrf.new/hackrf.changes 2018-01-30 15:44:05.723468453 +0100
@@ -1,0 +2,8 @@
+Mon Jan 29 13:22:57 UTC 2018 - mardnh(a)gmx.de
+
+- Update to version 2017.01.01
+ * This is a firmware maintenance release that improves
+ reliability of HackRF One when booting from the DFU bootloader.
+- Run spec-cleaner
+
+-------------------------------------------------------------------
Old:
----
hackrf-2017.02.1.tar.xz
New:
----
hackrf-2018.01.1.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ hackrf.spec ++++++
--- /var/tmp/diff_new_pack.8s49ic/_old 2018-01-30 15:44:07.367391707 +0100
+++ /var/tmp/diff_new_pack.8s49ic/_new 2018-01-30 15:44:07.375391334 +0100
@@ -1,7 +1,7 @@
#
# spec file for package hackrf
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define libname lib%{name}%{sover}
%define hackrf_group hackrf
Name: hackrf
-Version: 2017.02.1
+Version: 2018.01.1
Release: 0
Summary: Support programs for the open source SDR hardware
License: GPL-2.0
@@ -34,7 +34,6 @@
BuildRequires: pkgconfig(fftw3)
BuildRequires: pkgconfig(libusb-1.0)
BuildRequires: pkgconfig(udev)
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Tools for HackRF, an open source hardware project to build a Software
@@ -106,7 +105,6 @@
%postun -n %{libname} -p /sbin/ldconfig
%files
-%defattr(-,root,root)
%doc ../COPYING ../RELEASENOTES ../Readme.md ../TRADEMARK
%{_bindir}/hackrf_cpldjtag
%{_bindir}/hackrf_debug
@@ -116,21 +114,17 @@
%{_bindir}/hackrf_transfer
%files -n %{libname}
-%defattr(-,root,root)
%{_libdir}/libhackrf.so.%{sover}*
%files udev
-%defattr(-,root,root)
%{_udevrulesdir}/53-hackrf.rules
%files devel
-%defattr(-,root,root)
%{_libdir}/libhackrf.so
%{_includedir}/libhackrf
%{_libdir}/pkgconfig/libhackrf.pc
%files firmware
-%defattr(-,root,root)
%dir %{_datadir}/hackrf
%{_datadir}/hackrf/firmware
++++++ hackrf-2017.02.1.tar.xz -> hackrf-2018.01.1.tar.xz ++++++
/work/SRC/openSUSE:Factory/hackrf/hackrf-2017.02.1.tar.xz /work/SRC/openSUSE:Factory/.hackrf.new/hackrf-2018.01.1.tar.xz differ: char 25, line 1
1
0
Hello community,
here is the log from the commit of package openCOLLADA for openSUSE:Factory checked in at 2018-01-30 15:43:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openCOLLADA (Old)
and /work/SRC/openSUSE:Factory/.openCOLLADA.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openCOLLADA"
Tue Jan 30 15:43:35 2018 rev:27 rq:570622 version:1.6.62
Changes:
--------
--- /work/SRC/openSUSE:Factory/openCOLLADA/openCOLLADA.changes 2017-06-16 10:53:46.404029632 +0200
+++ /work/SRC/openSUSE:Factory/.openCOLLADA.new/openCOLLADA.changes 2018-01-30 15:43:43.820490985 +0100
@@ -1,0 +2,17 @@
+Mon Jan 29 13:14:01 UTC 2018 - davejplater(a)gmail.com
+
+- Update to version 1.6.62, removed incorporated
+ openCOLLADA-signed-char.patch.
+- Upstream changes:
+ *Add signed char keyword
+ *Expose COLLADASaxFWL::Loader string ID -> UniqueId map
+ *Export "Force to sleep" attribute.
+ *Consistent use of std::abs
+
+-------------------------------------------------------------------
+Sun Jan 28 09:13:48 UTC 2018 - davejplater(a)gmail.com
+
+- Remove conflicts with old libOpenCOLLADA0 to allow parallel
+ installation of different so versions.
+
+-------------------------------------------------------------------
Old:
----
OpenCOLLADA-1.6.51.tar.gz
openCOLLADA-signed-char.patch
New:
----
OpenCOLLADA-1.6.62.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openCOLLADA.spec ++++++
--- /var/tmp/diff_new_pack.8Klm0O/_old 2018-01-30 15:43:44.968437394 +0100
+++ /var/tmp/diff_new_pack.8Klm0O/_new 2018-01-30 15:43:44.980436834 +0100
@@ -1,7 +1,7 @@
#
# spec file for package openCOLLADA
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,7 +23,7 @@
%global upname OpenCOLLADA
%global libname libopenCOLLADA
Name: openCOLLADA
-Version: 1.6.51
+Version: 1.6.62
Release: 0
#1_%%{shortcommit}
Summary: Collada 3D import and export libraries
@@ -40,7 +40,7 @@
# PATCH-FIX-UPSTREAM link to required libraries
# fixed in 1.6.51 Patch2: opencollada-no-undefined.patch
# PATCH-FIX-UPSTREAM openCOLLADA-signed-char.patch gh#KhronosGroup/OpenCOLLADA#439 dimstar(a)opensuse.org -- Use signed char; 'char' by itself depends on arch implementation
-Patch3: openCOLLADA-signed-char.patch
+#included openCOLLADA-signed-char.patch
# PATCH-FIX-OPENSUSE openCOLLADA-no-daevalidator.patch davejplater(a)gmail.com - Don't build DAEvalidator app.
Patch4: openCOLLADA-no-daevalidator.patch
BuildRequires: cmake
@@ -69,7 +69,6 @@
%package -n libftoa%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libftoa%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -79,7 +78,6 @@
%package -n libbuffer%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libbuffer%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -89,7 +87,6 @@
%package -n libGeneratedSaxParser%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libGeneratedSaxParser%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -102,7 +99,6 @@
%package -n libMathMLSolver%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libMathMLSolver%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -112,7 +108,6 @@
%package -n libOpenCOLLADABaseUtils%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libOpenCOLLADABaseUtils%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -125,7 +120,6 @@
%package -n libOpenCOLLADAFramework%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libOpenCOLLADAFramework%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -137,7 +131,6 @@
%package -n libOpenCOLLADASaxFrameworkLoader%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libOpenCOLLADASaxFrameworkLoader%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -151,7 +144,6 @@
%package -n libOpenCOLLADAStreamWriter%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libOpenCOLLADAStreamWriter%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -163,7 +155,6 @@
%package -n libUTF%{sfx}
Summary: Collada 3D import and export libraries
Group: System/Libraries
-Conflicts: libOpenCOLLADA0
%description -n libUTF%{sfx}
COLLADA is a XML schema that enables digital asset exchange within
@@ -213,7 +204,6 @@
%setup -q -n %{upname}-%{version}
%patch0 -p0 -b .cmake
%patch1 -p0 -b .includes
-%patch3 -p0
%patch4
# Remove unused bundled libraries
++++++ OpenCOLLADA-1.6.51.tar.gz -> OpenCOLLADA-1.6.62.tar.gz ++++++
/work/SRC/openSUSE:Factory/openCOLLADA/OpenCOLLADA-1.6.51.tar.gz /work/SRC/openSUSE:Factory/.openCOLLADA.new/OpenCOLLADA-1.6.62.tar.gz differ: char 13, line 1
1
0