Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1072633
Summary: | Enable openssl for ppc64le | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Brent Baude <bbaude> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | gustavold, tmraz |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | ppc64le | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openssl-1.0.1e-43.fc21 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-04-03 14:25:41 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1051573 |
Description
Brent Baude
2014-03-05 00:00:53 UTC
Also, consider adding: %ifnarch ppc64le %patch74 -p1 -b .no-md5-verify %endif For some reason this patch impacts how openssl works, specifically with koji. (In reply to baude from comment #1) > Also, consider adding: > > %ifnarch ppc64le > %patch74 -p1 -b .no-md5-verify > %endif > > For some reason this patch impacts how openssl works, specifically with koji. This does not make any sense. This patch should be architecture agnostic. (In reply to Tomas Mraz from comment #2) > This does not make any sense. This patch should be architecture agnostic. I agree that this is not architecture specific. It is just annoying that users are required to rework their environment because of this. Dropping md5 support seems like a regression to me, specially considering not all users are required high standards security. A warning would be much more friendly than breaking users environment. Note this is not about MD5 support in general. This is just about disabling support to verify certificates and CRLs that use MD5 in signatures. And that is something that no serious certificate authority supports anymore anyway, because it is a real security risk. So we will not revert this patch. And you can also set OPENSSL_ENABLE_MD5_VERIFY environment variable if you really know what you're doing. Tomas, fair enough. Can you commit the other ppc64le related changes to rawhide? |