From fdbbfa13064304c1b63c5eed53147b5c6c1f039c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:00 +0000 Subject: [PATCH 01/13] Updated dependency 'git' from version 2.52.0 to 2.53.0 --- deps-packaging/git/cfbuild-git.spec | 2 +- deps-packaging/git/distfiles | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deps-packaging/git/cfbuild-git.spec b/deps-packaging/git/cfbuild-git.spec index 6350cb692..22d14614e 100644 --- a/deps-packaging/git/cfbuild-git.spec +++ b/deps-packaging/git/cfbuild-git.spec @@ -1,4 +1,4 @@ -%define git_version 2.52.0 +%define git_version 2.53.0 Summary: CFEngine Build Automation -- git Name: cfbuild-git diff --git a/deps-packaging/git/distfiles b/deps-packaging/git/distfiles index 4f127da0e..f67a1446f 100644 --- a/deps-packaging/git/distfiles +++ b/deps-packaging/git/distfiles @@ -1 +1 @@ -6880cb1e737e26f81cf7db9957ab2b5bb2aa1490d87619480b860816e0c10c32 git-2.52.0.tar.gz +429dc0f5fe5f14109930cdbbb588c5d6ef5b8528910f0d738040744bebdc6275 git-2.53.0.tar.gz From b570b3b90b16635df8d3b7cff3c3f14b6941e79f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:01 +0000 Subject: [PATCH 02/13] Updated dependency 'libcurl' from version 8.17.0 to 8.18.0 --- deps-packaging/libcurl/cfbuild-libcurl.spec | 2 +- deps-packaging/libcurl/distfiles | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deps-packaging/libcurl/cfbuild-libcurl.spec b/deps-packaging/libcurl/cfbuild-libcurl.spec index 634c854b4..7559b9ca4 100644 --- a/deps-packaging/libcurl/cfbuild-libcurl.spec +++ b/deps-packaging/libcurl/cfbuild-libcurl.spec @@ -1,4 +1,4 @@ -%define curl_version 8.17.0 +%define curl_version 8.18.0 Summary: CFEngine Build Automation -- libcurl Name: cfbuild-libcurl diff --git a/deps-packaging/libcurl/distfiles b/deps-packaging/libcurl/distfiles index 06c2470ca..db8118a2c 100644 --- a/deps-packaging/libcurl/distfiles +++ b/deps-packaging/libcurl/distfiles @@ -1 +1 @@ -e8e74cdeefe5fb78b3ae6e90cd542babf788fa9480029cfcee6fd9ced42b7910 curl-8.17.0.tar.gz +e9274a5f8ab5271c0e0e6762d2fce194d5f98acc568e4ce816845b2dcc0cf88f curl-8.18.0.tar.gz From a2a7352f5851a73ad899e7620230deca1d8821df Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:01 +0000 Subject: [PATCH 03/13] Updated dependency 'libcurl-hub' from version 8.17.0 to 8.18.0 --- deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec | 2 +- deps-packaging/libcurl-hub/distfiles | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec b/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec index bc9a1045d..f1472a3eb 100644 --- a/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec +++ b/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec @@ -1,4 +1,4 @@ -%define curl_version 8.17.0 +%define curl_version 8.18.0 Summary: CFEngine Build Automation -- libcurl Name: cfbuild-libcurl-hub diff --git a/deps-packaging/libcurl-hub/distfiles b/deps-packaging/libcurl-hub/distfiles index 06c2470ca..db8118a2c 100644 --- a/deps-packaging/libcurl-hub/distfiles +++ b/deps-packaging/libcurl-hub/distfiles @@ -1 +1 @@ -e8e74cdeefe5fb78b3ae6e90cd542babf788fa9480029cfcee6fd9ced42b7910 curl-8.17.0.tar.gz +e9274a5f8ab5271c0e0e6762d2fce194d5f98acc568e4ce816845b2dcc0cf88f curl-8.18.0.tar.gz From 302d6613d505a1c12fd7cf48731b600c108c03b7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:01 +0000 Subject: [PATCH 04/13] Updated dependency 'libexpat' from version 2.7.3 to 2.7.4 --- deps-packaging/libexpat/cfbuild-libexpat.spec | 2 +- deps-packaging/libexpat/distfiles | 2 +- deps-packaging/libexpat/source | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/libexpat/cfbuild-libexpat.spec b/deps-packaging/libexpat/cfbuild-libexpat.spec index 3f0f699b3..73adfb57d 100644 --- a/deps-packaging/libexpat/cfbuild-libexpat.spec +++ b/deps-packaging/libexpat/cfbuild-libexpat.spec @@ -1,4 +1,4 @@ -%define expat_version 2.7.3 +%define expat_version 2.7.4 Summary: CFEngine Build Automation -- libexpat Name: cfbuild-libexpat diff --git a/deps-packaging/libexpat/distfiles b/deps-packaging/libexpat/distfiles index 8a85f1e49..57a9b1453 100644 --- a/deps-packaging/libexpat/distfiles +++ b/deps-packaging/libexpat/distfiles @@ -1 +1 @@ -71df8f40706a7bb0a80a5367079ea75d91da4f8c65c58ec59bcdfbf7decdab9f expat-2.7.3.tar.xz +9e9cabb457c1e09de91db2706d8365645792638eb3be1f94dbb2149301086ac0 expat-2.7.4.tar.xz diff --git a/deps-packaging/libexpat/source b/deps-packaging/libexpat/source index 937e26214..ca385f88e 100644 --- a/deps-packaging/libexpat/source +++ b/deps-packaging/libexpat/source @@ -1 +1 @@ -https://github.com/libexpat/libexpat/releases/download/R_2_7_3/ +https://github.com/libexpat/libexpat/releases/download/R_2_7_4/ From f1d3f910970f8822165b1071092c1c60283db354 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:02 +0000 Subject: [PATCH 05/13] Updated dependency 'libiconv' from version 1.18 to 1.19 --- deps-packaging/libiconv/cfbuild-libiconv.spec | 4 ++-- deps-packaging/libiconv/distfiles | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/libiconv/cfbuild-libiconv.spec b/deps-packaging/libiconv/cfbuild-libiconv.spec index 4db6247a1..9f1ab797d 100644 --- a/deps-packaging/libiconv/cfbuild-libiconv.spec +++ b/deps-packaging/libiconv/cfbuild-libiconv.spec @@ -2,7 +2,7 @@ Summary: CFEngine Build Automation -- libiconv Name: cfbuild-libiconv Version: %{version} Release: 1 -Source0: libiconv-1.18.tar.gz +Source0: libiconv-1.19.tar.gz License: MIT Group: Other Url: https://cfengine.com @@ -14,7 +14,7 @@ AutoReqProv: no %prep mkdir -p %{_builddir} -%setup -q -n libiconv-1.18 +%setup -q -n libiconv-1.19 ./configure --prefix=%{prefix} --disable-shared --enable-static diff --git a/deps-packaging/libiconv/distfiles b/deps-packaging/libiconv/distfiles index 46b96a89e..6f47ea990 100644 --- a/deps-packaging/libiconv/distfiles +++ b/deps-packaging/libiconv/distfiles @@ -1 +1 @@ -3b08f5f4f9b4eb82f151a7040bfd6fe6c6fb922efe4b1659c66ea933276965e8 libiconv-1.18.tar.gz +88dd96a8c0464eca144fc791ae60cd31cd8ee78321e67397e25fc095c4a19aa6 libiconv-1.19.tar.gz From 1200e466c8d3d483a5232319ceb64a363b0eb3fa Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:03 +0000 Subject: [PATCH 06/13] Updated dependency 'libxml2' from version 2.15.1 to 2.15.2 --- deps-packaging/libxml2/cfbuild-libxml2.spec | 2 +- deps-packaging/libxml2/distfiles | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deps-packaging/libxml2/cfbuild-libxml2.spec b/deps-packaging/libxml2/cfbuild-libxml2.spec index f5443db8b..b064e2575 100644 --- a/deps-packaging/libxml2/cfbuild-libxml2.spec +++ b/deps-packaging/libxml2/cfbuild-libxml2.spec @@ -1,4 +1,4 @@ -%define libxml_version 2.15.1 +%define libxml_version 2.15.2 Summary: CFEngine Build Automation -- libxml2 Name: cfbuild-libxml2 diff --git a/deps-packaging/libxml2/distfiles b/deps-packaging/libxml2/distfiles index e82cd0269..5b301b300 100644 --- a/deps-packaging/libxml2/distfiles +++ b/deps-packaging/libxml2/distfiles @@ -1 +1 @@ -c008bac08fd5c7b4a87f7b8a71f283fa581d80d80ff8d2efd3b26224c39bc54c libxml2-2.15.1.tar.xz +c8b9bc81f8b590c33af8cc6c336dbff2f53409973588a351c95f1c621b13d09d libxml2-2.15.2.tar.xz From 7cdf04d7b699b07ace3ca70248d50d7880d54c2b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:04 +0000 Subject: [PATCH 07/13] Updated dependency 'lmdb' from version 0.9.33 to 0.9.35 --- deps-packaging/lmdb/cfbuild-lmdb.spec | 2 +- deps-packaging/lmdb/distfiles | 2 +- deps-packaging/lmdb/source | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/lmdb/cfbuild-lmdb.spec b/deps-packaging/lmdb/cfbuild-lmdb.spec index 6b8f20873..1fe9dc9e6 100644 --- a/deps-packaging/lmdb/cfbuild-lmdb.spec +++ b/deps-packaging/lmdb/cfbuild-lmdb.spec @@ -1,4 +1,4 @@ -%define lmdb_version 0.9.33 +%define lmdb_version 0.9.35 Summary: CFEngine Build Automation -- lmdb Name: cfbuild-lmdb diff --git a/deps-packaging/lmdb/distfiles b/deps-packaging/lmdb/distfiles index 80ead25f5..0ced69b1f 100644 --- a/deps-packaging/lmdb/distfiles +++ b/deps-packaging/lmdb/distfiles @@ -1 +1 @@ -476801f5239c88c7de61c3390502a5d13965ecedef80105b5fb0fcb8373d1e53 openldap-LMDB_0.9.33.tar.gz +0d090c6a7c85a4f31a2ab0d734554c21097f24752393a190b0e51996b08f48c4 openldap-LMDB_0.9.35.tar.gz diff --git a/deps-packaging/lmdb/source b/deps-packaging/lmdb/source index e3779388d..94726e992 100644 --- a/deps-packaging/lmdb/source +++ b/deps-packaging/lmdb/source @@ -1 +1 @@ -https://git.openldap.org/openldap/openldap/-/archive/LMDB_0.9.33/ +https://git.openldap.org/openldap/openldap/-/archive/LMDB_0.9.35/ From 506d6136d8c8e408d6bd1dc53b434786bdffa488 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:04 +0000 Subject: [PATCH 08/13] Updated dependency 'openldap' from version 2.6.10 to 2.6.12 --- deps-packaging/openldap/cfbuild-openldap-aix.spec | 2 +- deps-packaging/openldap/cfbuild-openldap.spec | 2 +- deps-packaging/openldap/distfiles | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/openldap/cfbuild-openldap-aix.spec b/deps-packaging/openldap/cfbuild-openldap-aix.spec index 296c32989..30d9c8018 100644 --- a/deps-packaging/openldap/cfbuild-openldap-aix.spec +++ b/deps-packaging/openldap/cfbuild-openldap-aix.spec @@ -1,4 +1,4 @@ -%define openldap_version 2.6.10 +%define openldap_version 2.6.12 Summary: CFEngine Build Automation -- openldap Name: cfbuild-openldap diff --git a/deps-packaging/openldap/cfbuild-openldap.spec b/deps-packaging/openldap/cfbuild-openldap.spec index 1ebb49cab..d75fa496d 100644 --- a/deps-packaging/openldap/cfbuild-openldap.spec +++ b/deps-packaging/openldap/cfbuild-openldap.spec @@ -1,4 +1,4 @@ -%define openldap_version 2.6.10 +%define openldap_version 2.6.12 Summary: CFEngine Build Automation -- openldap Name: cfbuild-openldap diff --git a/deps-packaging/openldap/distfiles b/deps-packaging/openldap/distfiles index 2405c564b..c34ddcef5 100644 --- a/deps-packaging/openldap/distfiles +++ b/deps-packaging/openldap/distfiles @@ -1 +1 @@ -c065f04aad42737aebd60b2fe4939704ac844266bc0aeaa1609f0cad987be516 openldap-2.6.10.tgz +1716ad779e85d743694c3e3b05277fb71b6a5eadca43c7a958aa62683b22208e openldap-2.6.12.tgz From c125619f3b0455ac918b334c4e868fc1675ab7e2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:05 +0000 Subject: [PATCH 09/13] Updated dependency 'openssl' from version 3.6.0 to 3.6.1 --- deps-packaging/openssl/cfbuild-openssl.spec | 2 +- deps-packaging/openssl/distfiles | 2 +- deps-packaging/openssl/source | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/openssl/cfbuild-openssl.spec b/deps-packaging/openssl/cfbuild-openssl.spec index 25b818f64..048e72840 100644 --- a/deps-packaging/openssl/cfbuild-openssl.spec +++ b/deps-packaging/openssl/cfbuild-openssl.spec @@ -1,4 +1,4 @@ -%define openssl_version 3.6.0 +%define openssl_version 3.6.1 Summary: CFEngine Build Automation -- openssl Name: cfbuild-openssl diff --git a/deps-packaging/openssl/distfiles b/deps-packaging/openssl/distfiles index b8dcfac59..51bfdf889 100644 --- a/deps-packaging/openssl/distfiles +++ b/deps-packaging/openssl/distfiles @@ -1 +1 @@ -b6a5f44b7eb69e3fa35dbf15524405b44837a481d43d81daddde3ff21fcbb8e9 openssl-3.6.0.tar.gz +b1bfedcd5b289ff22aee87c9d600f515767ebf45f77168cb6d64f231f518a82e openssl-3.6.1.tar.gz diff --git a/deps-packaging/openssl/source b/deps-packaging/openssl/source index 686c04774..eab874077 100644 --- a/deps-packaging/openssl/source +++ b/deps-packaging/openssl/source @@ -1 +1 @@ -https://github.com/openssl/openssl/releases/download/openssl-3.6.0/ +https://github.com/openssl/openssl/releases/download/openssl-3.6.1/ From e5e518829cdcac0e75de39be0e2cfef0f445992b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:06 +0000 Subject: [PATCH 10/13] Updated dependency 'php' from version 8.3.29 to 8.3.30 --- deps-packaging/php/cfbuild-php.spec | 2 +- deps-packaging/php/distfiles | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deps-packaging/php/cfbuild-php.spec b/deps-packaging/php/cfbuild-php.spec index 06a610389..076402ce0 100644 --- a/deps-packaging/php/cfbuild-php.spec +++ b/deps-packaging/php/cfbuild-php.spec @@ -1,4 +1,4 @@ -%define php_version 8.3.29 +%define php_version 8.3.30 Summary: CFEngine Build Automation -- php Name: cfbuild-php diff --git a/deps-packaging/php/distfiles b/deps-packaging/php/distfiles index fdb501a47..979428beb 100644 --- a/deps-packaging/php/distfiles +++ b/deps-packaging/php/distfiles @@ -1 +1 @@ -8565fa8733c640b60da5ab4944bf2d4081f859915b39e29b3af26cf23443ed97 php-8.3.29.tar.gz +e587dc95fb7f62730299fa7b36b6e4f91e6708aaefa2fff68a0098d320c16386 php-8.3.30.tar.gz From 0d38af9f99b1122a0f3590aaebb5d9e280eda5c0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:13 +0000 Subject: [PATCH 11/13] Updated dependency 'postgresql' from version 16.11 to 16.13 --- deps-packaging/postgresql/cfbuild-postgresql.spec | 2 +- deps-packaging/postgresql/distfiles | 2 +- deps-packaging/postgresql/source | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deps-packaging/postgresql/cfbuild-postgresql.spec b/deps-packaging/postgresql/cfbuild-postgresql.spec index 07828ac7a..9081634ff 100644 --- a/deps-packaging/postgresql/cfbuild-postgresql.spec +++ b/deps-packaging/postgresql/cfbuild-postgresql.spec @@ -1,4 +1,4 @@ -%define postgresql_version 16.11 +%define postgresql_version 16.13 Summary: CFEngine Build Automation -- postgresql Name: cfbuild-postgresql diff --git a/deps-packaging/postgresql/distfiles b/deps-packaging/postgresql/distfiles index 11193b803..017f6bc35 100644 --- a/deps-packaging/postgresql/distfiles +++ b/deps-packaging/postgresql/distfiles @@ -1 +1 @@ -6deb08c23d03d77d8f8bd1c14049eeef64aef8968fd8891df2dfc0b42f178eac postgresql-16.11.tar.bz2 +dc2ddbbd245c0265a689408e3d2f2f3f9ba2da96bd19318214b313cdd9797287 postgresql-16.13.tar.bz2 diff --git a/deps-packaging/postgresql/source b/deps-packaging/postgresql/source index f82a25491..88b0e487c 100644 --- a/deps-packaging/postgresql/source +++ b/deps-packaging/postgresql/source @@ -1 +1 @@ -https://ftp.postgresql.org/pub/source/v16.11/ +https://ftp.postgresql.org/pub/source/v16.13/ From f478fb0def9a40ed8d69f0ed18169e16c1c78749 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 9 Mar 2026 07:24:14 +0000 Subject: [PATCH 12/13] Updated dependency 'zlib' from version 1.3.1 to 1.3.2 --- deps-packaging/zlib/cfbuild-zlib.spec | 6 +++--- deps-packaging/zlib/distfiles | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deps-packaging/zlib/cfbuild-zlib.spec b/deps-packaging/zlib/cfbuild-zlib.spec index 238e7a392..02c023f78 100644 --- a/deps-packaging/zlib/cfbuild-zlib.spec +++ b/deps-packaging/zlib/cfbuild-zlib.spec @@ -2,7 +2,7 @@ Summary: CFEngine Build Automation -- zlib Name: cfbuild-zlib Version: %{version} Release: 1 -Source0: zlib-1.3.1.tar.gz +Source0: zlib-1.3.2.tar.gz Patch0: AIX_LDSHARED.patch License: MIT Group: Other @@ -15,7 +15,7 @@ AutoReqProv: no %prep mkdir -p %{_builddir} -%setup -q -n zlib-1.3.1 +%setup -q -n zlib-1.3.2 %patch0 -p1 @@ -65,7 +65,7 @@ CFEngine Build Automation -- zlib -- development files %dir %{prefix}/lib %{prefix}/lib/libz.so %{prefix}/lib/libz.so.1 -%{prefix}/lib/libz.so.1.3.1 +%{prefix}/lib/libz.so.1.3.2 %files devel %defattr(-,root,root) diff --git a/deps-packaging/zlib/distfiles b/deps-packaging/zlib/distfiles index e03ea2c28..b45e5f757 100644 --- a/deps-packaging/zlib/distfiles +++ b/deps-packaging/zlib/distfiles @@ -1 +1 @@ -9a93b2b7dfdac77ceba5a558a580e74667dd6fede4585b91eefb60f03b72df23 zlib-1.3.1.tar.gz +bb329a0a2cd0274d05519d61c667c062e06990d72e125ee2dfa8de64f0119d16 zlib-1.3.2.tar.gz From 7278e23917b7cec5d40826cc756c6359566aa2f2 Mon Sep 17 00:00:00 2001 From: Craig Comstock Date: Mon, 16 Feb 2026 16:01:21 -0600 Subject: [PATCH 13/13] fix: Use vendored openssl on redhat platforms to enable bump of libcurl which requires openssl 3.0.0 Previously we had stopped vendoring openssl due to conflicts with libpam for user management. Now we will try disabling the use of libpam on redhat platforms in preference for upgrading libcurl. Ticket: ENT-13750 --- build-scripts/compile-options | 13 ----------- build-scripts/configure | 14 +++++++++++- .../libcurl-hub/cfbuild-libcurl-hub.spec | 8 +++---- deps-packaging/openldap/cfbuild-openldap.spec | 10 ++++----- ...8-Define-_XOPEN_SOURCE_EXTENDED-as-1.patch | 6 ++--- deps-packaging/zlib/AIX_LDSHARED.patch | 21 ------------------ deps-packaging/zlib/cfbuild-zlib.spec | 2 -- .../cfengine-nova-hub.spec.in | 22 ------------------- packaging/cfengine-nova/cfengine-nova.spec.in | 15 ------------- 9 files changed, 25 insertions(+), 86 deletions(-) delete mode 100644 deps-packaging/zlib/AIX_LDSHARED.patch diff --git a/build-scripts/compile-options b/build-scripts/compile-options index 39a3f20cb..d6248d273 100644 --- a/build-scripts/compile-options +++ b/build-scripts/compile-options @@ -38,19 +38,6 @@ if [ x"$SYSTEM_SSL" = x ] then # default to using cfengine openssl SYSTEM_SSL=0 - # We don't bundle OpenSSL on some redhat-derived systems due to incompatability with libpam and our openssl. - _OS_MAJOR_VERSION="$(echo "$OS_VERSION" | cut -d. -f1)" - if [ "$OS" = "rhel" ] && expr "$_OS_MAJOR_VERSION" ">=" "8" >/dev/null - then - SYSTEM_SSL=1 - fi - if [ "$OS" = "opensuse" ] || [ "$OS" = "sles" ] - then - if expr "$_OS_MAJOR_VERSION" ">=" "15" - then - SYSTEM_SSL=1 - fi - fi # Detect using system ssl when running a Jenkins job if expr x"$label" ":" ".*systemssl" >/dev/null then diff --git a/build-scripts/configure b/build-scripts/configure index e113aac0d..f06421577 100755 --- a/build-scripts/configure +++ b/build-scripts/configure @@ -63,10 +63,22 @@ case "$WITH_SYSTEMD" in *) var_append ARGS "--without-systemd-service" ;; esac -# RHEL 8 requires an SELinux policy +# RHEL 8+ requires an SELinux policy and --without-pam to use vendored openssl if [ "x$OS" = "xrhel" ] && [ "${VER%\.*}" -gt "7" ]; then var_append ARGS "--with-selinux-policy" fi +# rhel >= 7 or opensuse >= 15 need --without-pam in order to use vendored openssl +if [ "$OS" = "rhel" ] && expr "$_OS_MAJOR_VERSION" ">=" "8" >/dev/null +then + var_append ARGS "--without-pam" +fi +if [ "$OS" = "opensuse" ] || [ "$OS" = "sles" ] +then + if expr "$_OS_MAJOR_VERSION" ">=" "15" + then + var_append ARGS "--without-pam" + fi +fi # Cross-compiling Windows? case "$ARCH-${OS_FAMILY}" in diff --git a/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec b/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec index f1472a3eb..dd229618f 100644 --- a/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec +++ b/deps-packaging/libcurl-hub/cfbuild-libcurl-hub.spec @@ -19,11 +19,11 @@ mkdir -p %{_builddir} %setup -q -n curl-%{curl_version} # we don't bundle OpenSSL on RHEL 8 (and newer in the future) -%if %{?rhel}%{!?rhel:0} > 7 -%define ssl_prefix /usr -%else +#%if %{?rhel}%{!?rhel:0} > 7 +#%define ssl_prefix /usr +#%else %define ssl_prefix %{prefix} -%endif +#%endif ./configure \ --with-sysroot=%{prefix} \ diff --git a/deps-packaging/openldap/cfbuild-openldap.spec b/deps-packaging/openldap/cfbuild-openldap.spec index d75fa496d..49b79f261 100644 --- a/deps-packaging/openldap/cfbuild-openldap.spec +++ b/deps-packaging/openldap/cfbuild-openldap.spec @@ -21,12 +21,12 @@ mkdir -p %{_builddir} %patch0 -p0 -# we don't bundle OpenSSL on RHEL 8 (and newer in the future) -%if %{?rhel}%{!?rhel:0} > 7 -CPPFLAGS=-I%{buildprefix}/include:/usr/include -%else +## we don't bundle OpenSSL on RHEL 8 (and newer in the future) +#%if %{?rhel}%{!?rhel:0} > 7 +#CPPFLAGS=-I%{buildprefix}/include:/usr/include +#%else CPPFLAGS=-I%{buildprefix}/include -%endif +#%endif # # glibc-2.8 errorneously hides peercred(3) under #ifdef __USE_GNU. diff --git a/deps-packaging/openssl/0008-Define-_XOPEN_SOURCE_EXTENDED-as-1.patch b/deps-packaging/openssl/0008-Define-_XOPEN_SOURCE_EXTENDED-as-1.patch index 9433b3e0e..ef68002e5 100644 --- a/deps-packaging/openssl/0008-Define-_XOPEN_SOURCE_EXTENDED-as-1.patch +++ b/deps-packaging/openssl/0008-Define-_XOPEN_SOURCE_EXTENDED-as-1.patch @@ -25,9 +25,9 @@ index 97454a4b81..299323390c 100644 @@ -11,7 +11,7 @@ #ifdef OPENSSL_SYS_VMS - /* So fd_set and friends get properly defined on OpenVMS */ --# define _XOPEN_SOURCE_EXTENDED -+# define _XOPEN_SOURCE_EXTENDED 1 + /* So fd_set and friends get properly defined on OpenVMS */ +-#define _XOPEN_SOURCE_EXTENDED ++#define _XOPEN_SOURCE_EXTENDED 1 #endif #include diff --git a/deps-packaging/zlib/AIX_LDSHARED.patch b/deps-packaging/zlib/AIX_LDSHARED.patch deleted file mode 100644 index 4b0902331..000000000 --- a/deps-packaging/zlib/AIX_LDSHARED.patch +++ /dev/null @@ -1,21 +0,0 @@ -From 78b8127be5921fe30c738c3176a2c0040838e1f6 Mon Sep 17 00:00:00 2001 -From: Aleksei Shpakovskii -Date: Wed, 26 Oct 2022 17:34:20 +0200 -Subject: [PATCH] Add LDSHARED to AIX - ---- - configure | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/configure b/configure -index fa4d5daab..f5e146a96 100755 ---- a/configure -+++ b/configure -@@ -253,6 +253,7 @@ if test "$gcc" -eq 1 && ($cc -c $test.c) >> configure.log 2>&1; then - SHAREDLIB='libz.sl' ;; - esac ;; - AIX*) -+ LDSHARED=${LDSHARED-"$cc -shared"} - LDFLAGS="${LDFLAGS} -Wl,-brtl" ;; - Darwin* | darwin* | *-darwin*) - shared_ext='.dylib' diff --git a/deps-packaging/zlib/cfbuild-zlib.spec b/deps-packaging/zlib/cfbuild-zlib.spec index 02c023f78..217c2a3b0 100644 --- a/deps-packaging/zlib/cfbuild-zlib.spec +++ b/deps-packaging/zlib/cfbuild-zlib.spec @@ -3,7 +3,6 @@ Name: cfbuild-zlib Version: %{version} Release: 1 Source0: zlib-1.3.2.tar.gz -Patch0: AIX_LDSHARED.patch License: MIT Group: Other Url: https://cfengine.com @@ -17,7 +16,6 @@ AutoReqProv: no mkdir -p %{_builddir} %setup -q -n zlib-1.3.2 -%patch0 -p1 %build diff --git a/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in b/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in index 76601f4b1..c5af88bc4 100644 --- a/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in +++ b/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in @@ -27,21 +27,6 @@ Requires(post): /usr/sbin/usermod, /bin/sed Requires: selinux-policy >= @@SELINUX_POLICY_VERSION@@ %endif -# we don't bundle OpenSSL on RHEL 8 (and newer in the future) -%if %{?rhel}%{!?rhel:0} == 8 -Requires: libssl.so.1.1()(64bit) libssl.so.1.1(OPENSSL_1_1_0)(64bit) libssl.so.1.1(OPENSSL_1_1_1)(64bit) -Requires: libcrypto.so.1.1()(64bit) libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) -%endif - -# We build against systems with the latest available dependencies such as OpenSSL. -# We use rpm -q --provides to determine the highest API present in OpenSSL and then use that as a Requires. -# OPENSSL_VERSION is determined in build-scripts/package script. -# This should ensure that when packages are installed with yum/dnf any required OpenSSL package upgrades will be performed or the installation will fail. -%if %{?rhel}%{!?rhel:0} > 8 -Requires: libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_@@OPENSSL_VERSION@@)(64bit) -Requires: libssl.so.3()(64bit) libssl.so.3(OPENSSL_@@OPENSSL_VERSION@@)(64bit) -%endif - # cfbs/Build requires Python 3.5+ (not available on RHEL 6) %if %{?rhel}%{!?rhel:0} == 7 Requires: python3 >= 3.5 @@ -98,11 +83,6 @@ rm -f %{prefix}/ssl/misc/tsget rm -f %{prefix}/ssl/openssl.cnf.dist rm -f %{prefix}/ssl/misc/tsget.pl -# Add an openssl symlink if openssl binary doesn't exist -if ! [ -f $RPM_BUILD_ROOT%{prefix}/bin/openssl ]; then - ln -s `which openssl` $RPM_BUILD_ROOT%{prefix}/bin/openssl -fi - # Hub does not need cf-upgrade, it is only present in host packages rm -f $RPM_BUILD_ROOT%{prefix}/bin/cf-upgrade @@ -239,12 +219,10 @@ exit 0 # Note that prefix/bin/openssl is outside of `if`, since # on RHEL8 it's a symlink to a system-wide openssl binary %{prefix}/bin/openssl -%if %{?rhel}%{!?rhel:0} <= 7 %dir %{prefix}/ssl %{prefix}/ssl/openssl.cnf %{prefix}/ssl/ct_log_list.cnf %{prefix}/ssl/ct_log_list.cnf.dist -%endif %prefix/bin/git %prefix/bin/gitk diff --git a/packaging/cfengine-nova/cfengine-nova.spec.in b/packaging/cfengine-nova/cfengine-nova.spec.in index 3f5e417c2..21a788e6e 100644 --- a/packaging/cfengine-nova/cfengine-nova.spec.in +++ b/packaging/cfengine-nova/cfengine-nova.spec.in @@ -23,21 +23,6 @@ Recommends: gzip Requires: selinux-policy >= @@SELINUX_POLICY_VERSION@@ %endif -# we don't bundle OpenSSL on RHEL 8 (and newer in the future) -%if %{?rhel}%{!?rhel:0} == 8 -Requires: libssl.so.1.1()(64bit) libssl.so.1.1(OPENSSL_1_1_0)(64bit) libssl.so.1.1(OPENSSL_1_1_1)(64bit) -Requires: libcrypto.so.1.1()(64bit) libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) -%endif - -# We build against systems with the latest available dependencies such as OpenSSL. -# We use rpm -q --provides to determine the highest API present in OpenSSL and then use that as a Requires. -# OPENSSL_VERSION is determined in build-scripts/package script. -# This should ensure that when packages are installed with yum/dnf any required OpenSSL package upgrades will be performed or the installation will fail. -%if %{?rhel}%{!?rhel:0} > 8 -Requires: libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_@@OPENSSL_VERSION@@)(64bit) -Requires: libssl.so.3()(64bit) libssl.so.3(OPENSSL_@@OPENSSL_VERSION@@)(64bit) -%endif - AutoReqProv: no %if %{?with_debugsym}%{!?with_debugsym:0}