pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/yafic yafic: Unbreak with OpenSSL 1.1. Patch ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/e52b43b290f7
branches:  trunk
changeset: 428133:e52b43b290f7
user:      nia <nia%pkgsrc.org@localhost>
date:      Sat Apr 25 13:57:47 2020 +0000

description:
yafic: Unbreak with OpenSSL 1.1. Patch taken from FreeBSD Ports.

diffstat:

 security/yafic/Makefile               |    4 +-
 security/yafic/distinfo               |    3 +-
 security/yafic/patches/patch-crypto.c |  194 ++++++++++++++++++++++++++++++++++
 3 files changed, 197 insertions(+), 4 deletions(-)

diffs (229 lines):

diff -r f32de243b80b -r e52b43b290f7 security/yafic/Makefile
--- a/security/yafic/Makefile   Sat Apr 25 13:47:31 2020 +0000
+++ b/security/yafic/Makefile   Sat Apr 25 13:57:47 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.12 2020/04/24 11:41:38 nia Exp $
+# $NetBSD: Makefile,v 1.13 2020/04/25 13:57:47 nia Exp $
 
 DISTNAME=      yafic-1.2.2
 PKGREVISION=   2
@@ -10,8 +10,6 @@
 COMMENT=       File integrity checker
 LICENSE=       modified-bsd
 
-BROKEN=                "Fails to build with OpenSSL 1.1"
-
 GNU_CONFIGURE= YES
 
 .include "../../security/openssl/buildlink3.mk"
diff -r f32de243b80b -r e52b43b290f7 security/yafic/distinfo
--- a/security/yafic/distinfo   Sat Apr 25 13:47:31 2020 +0000
+++ b/security/yafic/distinfo   Sat Apr 25 13:57:47 2020 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.3 2015/11/04 01:18:12 agc Exp $
+$NetBSD: distinfo,v 1.4 2020/04/25 13:57:47 nia Exp $
 
 SHA1 (yafic-1.2.2.tar.gz) = 0592df76f87a6b5b972c1e8c1c08c771e3ffdf7f
 RMD160 (yafic-1.2.2.tar.gz) = 976cb8a75bb9cdf75961a60929c5e778049a97b4
 SHA512 (yafic-1.2.2.tar.gz) = 8e05a0838fc2063f1c6bb69d660e9ff5c9fbdc4199e1396232327498c04d037b35307c348d64d928e561875f5cf0ad40c24fd097680cd814b2308608cf738957
 Size (yafic-1.2.2.tar.gz) = 96893 bytes
 SHA1 (patch-aa) = 288f5793947fbd844e0cdf7706cabd9b9f37abcc
+SHA1 (patch-crypto.c) = 91912dcdfcabc285deea64914bdf9e81e47de359
diff -r f32de243b80b -r e52b43b290f7 security/yafic/patches/patch-crypto.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/yafic/patches/patch-crypto.c     Sat Apr 25 13:57:47 2020 +0000
@@ -0,0 +1,194 @@
+$NetBSD: patch-crypto.c,v 1.1 2020/04/25 13:57:48 nia Exp $
+
+Fix build with OpenSSL >=1.1.
+
+From FreeBSD Ports.
+
+--- crypto.c.orig      2004-03-21 12:02:32.000000000 +0000
++++ crypto.c
+@@ -56,6 +56,30 @@ static const char rcsid[] =
+ 
+ static EVP_PKEY *pkey;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++static void *OPENSSL_zalloc (size_t num)
++{
++  void *ret = OPENSSL_malloc (num);
++
++  if (ret != NULL)
++    memset (ret, 0, num);
++  return ret;
++}
++
++EVP_MD_CTX *EVP_MD_CTX_new (void)
++{
++  return OPENSSL_zalloc (sizeof (EVP_MD_CTX));
++}
++
++void EVP_MD_CTX_free (EVP_MD_CTX *ctx)
++{
++  EVP_MD_CTX_cleanup (ctx);
++  OPENSSL_free (ctx);
++}
++
++#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
++
+ static void
+ opensslError (const char *what)
+ {
+@@ -100,7 +124,7 @@ void
+ SignFile (int fd, const char *filename, const char *sigfile)
+ {
+   const EVP_MD *mdType;
+-  EVP_MD_CTX ctx;
++  EVP_MD_CTX *ctx;
+   ssize_t len;
+   unsigned char *sig = NULL;
+   unsigned int sigLen;
+@@ -111,8 +135,12 @@ SignFile (int fd, const char *filename, 
+   if (!pkey)
+     return;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+   mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
+     EVP_sha1 ();
++#else
++  mdType = EVP_sha1 ();
++#endif
+ 
+   if (!sigfile) {
+     int tlen = strlen (filename) + 4 + 1;
+@@ -122,21 +150,23 @@ SignFile (int fd, const char *filename, 
+     sigfile = tsigfile;
+   }
+ 
++  if ((ctx = EVP_MD_CTX_new ()) == NULL)
++    opensslError ("EVP_MD_CTX_new");
+ #ifdef HAVE_EVP_MD_CTX_INIT
+-  EVP_MD_CTX_init (&ctx);
++  EVP_MD_CTX_init (ctx);
+ #endif
+ #ifdef EVP_DIGESTINIT_VOID
+-  EVP_SignInit (&ctx, mdType);
++  EVP_SignInit (ctx, mdType);
+ #else
+-  if (!EVP_SignInit (&ctx, mdType))
++  if (!EVP_SignInit (ctx, mdType))
+     opensslError ("EVP_SignInit");
+ #endif
+ 
+   while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
+ #ifdef EVP_DIGESTINIT_VOID
+-    EVP_SignUpdate (&ctx, HashBuffer, len);
++    EVP_SignUpdate (ctx, HashBuffer, len);
+ #else
+-    if (!EVP_SignUpdate (&ctx, HashBuffer, len))
++    if (!EVP_SignUpdate (ctx, HashBuffer, len))
+       opensslError ("EVP_SignUpdate");
+ #endif
+   }
+@@ -146,7 +176,7 @@ SignFile (int fd, const char *filename, 
+ 
+   sig = mymalloc (EVP_PKEY_size (pkey));
+ 
+-  if (EVP_SignFinal (&ctx, sig, &sigLen, pkey)) {
++  if (EVP_SignFinal (ctx, sig, &sigLen, pkey)) {
+     if ((f = open (sigfile, O_CREAT|O_WRONLY|O_TRUNC, 0600)) != -1) {
+       if (write (f, sig, sigLen) != sigLen)
+       yaficError (sigfile);
+@@ -162,15 +192,16 @@ SignFile (int fd, const char *filename, 
+   if (sig) free (sig);
+   if (tsigfile) free (tsigfile);
+ #ifdef HAVE_EVP_MD_CTX_CLEANUP
+-  EVP_MD_CTX_cleanup (&ctx);
++  EVP_MD_CTX_cleanup (ctx);
+ #endif
++  EVP_MD_CTX_free (ctx);
+ }
+ 
+ void
+ VerifyFile (int fd, const char *filename, const char *sigfile)
+ {
+   const EVP_MD *mdType;
+-  EVP_MD_CTX ctx;
++  EVP_MD_CTX *ctx;
+   ssize_t len;
+   unsigned char *sig = NULL;
+   int f;
+@@ -181,8 +212,12 @@ VerifyFile (int fd, const char *filename
+   if (!pkey)
+     return;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+   mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
+     EVP_sha1 ();
++#else
++  mdType = EVP_sha1 ();
++#endif
+ 
+   if (!sigfile) {
+     int tlen = strlen (filename) + 4 + 1;
+@@ -195,13 +230,15 @@ VerifyFile (int fd, const char *filename
+   fprintf (stderr, "Verifying %s: ", filename);
+   fflush (stderr);
+ 
++  if ((ctx = EVP_MD_CTX_new ()) == NULL)
++    opensslError ("EVP_MD_CTX_new");
+ #ifdef HAVE_EVP_MD_CTX_INIT
+-  EVP_MD_CTX_init (&ctx);
++  EVP_MD_CTX_init (ctx);
+ #endif
+ #ifdef EVP_DIGESTINIT_VOID
+-  EVP_VerifyInit (&ctx, mdType);
++  EVP_VerifyInit (ctx, mdType);
+ #else
+-  if (!EVP_VerifyInit (&ctx, mdType)) {
++  if (!EVP_VerifyInit (ctx, mdType)) {
+     fprintf (stderr, "Error\n");
+     opensslError ("EVP_VerifyInit");
+   }
+@@ -209,9 +246,9 @@ VerifyFile (int fd, const char *filename
+ 
+   while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
+ #ifdef EVP_DIGESTINIT_VOID
+-    EVP_VerifyUpdate (&ctx, HashBuffer, len);
++    EVP_VerifyUpdate (ctx, HashBuffer, len);
+ #else
+-    if (!EVP_VerifyUpdate (&ctx, HashBuffer, len)) {
++    if (!EVP_VerifyUpdate (ctx, HashBuffer, len)) {
+       fprintf (stderr, "Error\n");
+       opensslError ("EVP_SignUpdate");
+     }
+@@ -233,7 +270,7 @@ VerifyFile (int fd, const char *filename
+ 
+     close (f);
+ 
+-    ret = EVP_VerifyFinal (&ctx, sig, len, pkey);
++    ret = EVP_VerifyFinal (ctx, sig, len, pkey);
+     if (ret < 0) {
+       fprintf (stderr, "Error\n");
+       opensslError ("EVP_VerifyFinal");
+@@ -254,8 +291,9 @@ VerifyFile (int fd, const char *filename
+   if (sig) free (sig);
+   if (tsigfile) free (tsigfile);
+ #ifdef HAVE_EVP_MD_CTX_CLEANUP
+-  EVP_MD_CTX_cleanup (&ctx);
++  EVP_MD_CTX_cleanup (ctx);
+ #endif
++  EVP_MD_CTX_free (ctx);
+ }
+ 
+ const char *
+@@ -265,7 +303,11 @@ KeyTypeStr (void)
+ 
+   if (pkey) {
+     int bits = EVP_PKEY_bits (pkey);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     int type = EVP_PKEY_type (pkey->type);
++#else
++    int type = EVP_PKEY_base_id (pkey);
++#endif
+ 
+     switch (type) {
+     case EVP_PKEY_RSA:



Home | Main Index | Thread Index | Old Index