pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/tlswrapper Apply upstream commit 0cb7bb4 to f...
details: https://anonhg.NetBSD.org/pkgsrc/rev/c5d81c2c29af
branches: trunk
changeset: 384306:c5d81c2c29af
user: schmonz <schmonz%pkgsrc.org@localhost>
date: Tue Aug 30 17:55:31 2022 +0000
description:
Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
where getentropy() is not present. Bump PKGREVISION.
diffstat:
security/tlswrapper/Makefile | 7 +-
security/tlswrapper/distinfo | 10 +-
security/tlswrapper/patches/patch-Makefile | 28 +++-
security/tlswrapper/patches/patch-makefilegen.sh | 78 ++++++++++++
security/tlswrapper/patches/patch-randombytes.c | 44 ++++++
security/tlswrapper/patches/patch-randombytes.c-01getentropy | 38 +++++
security/tlswrapper/patches/patch-randombytes.c-02devurandom | 51 +++++++
security/tlswrapper/patches/patch-randombytes.h-01getentropy | 14 ++
security/tlswrapper/patches/patch-randombytes.h-02devurandom | 15 ++
9 files changed, 279 insertions(+), 6 deletions(-)
diffs (truncated from 349 to 300 lines):
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/Makefile
--- a/security/tlswrapper/Makefile Tue Aug 30 17:47:50 2022 +0000
+++ b/security/tlswrapper/Makefile Tue Aug 30 17:55:31 2022 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.4 2022/08/25 18:05:37 schmonz Exp $
+# $NetBSD: Makefile,v 1.5 2022/08/30 17:55:31 schmonz Exp $
DISTNAME= ${GITHUB_PROJECT}
PKGNAME= ${GITHUB_PROJECT}-${GITHUB_TAG}
+PKGREVISION= 1
CATEGORIES= security net
MASTER_SITES= ${MASTER_SITE_GITHUB:=janmojzis/}
GITHUB_PROJECT= tlswrapper
@@ -22,6 +23,10 @@
INSTALLATION_DIRS= bin man/man1 share/examples/${PKGBASE}
+post-extract:
+ cd ${WRKSRC}; \
+ ${MV} -f randombytes.h randombytes.h-01getentropy
+
do-install:
cd ${WRKSRC}; \
${INSTALL_DATA} examples.md \
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/distinfo
--- a/security/tlswrapper/distinfo Tue Aug 30 17:47:50 2022 +0000
+++ b/security/tlswrapper/distinfo Tue Aug 30 17:55:31 2022 +0000
@@ -1,6 +1,12 @@
-$NetBSD: distinfo,v 1.4 2022/08/25 18:05:37 schmonz Exp $
+$NetBSD: distinfo,v 1.5 2022/08/30 17:55:31 schmonz Exp $
BLAKE2s (tlswrapper-20220814.tar.gz) = 5ce956397f0639bd400643b74d809f2e074c60511f02dd376dbabafbb66f561f
SHA512 (tlswrapper-20220814.tar.gz) = f9c0e1b368a634390b6e2fe1092084ebecbe5c4f3892a4ef1dfaf40fce7058b60bfd513ac94693c1eb82cd859b52c84935520770cbf48b195d408bd0e8c4b58e
Size (tlswrapper-20220814.tar.gz) = 248914 bytes
-SHA1 (patch-Makefile) = 72fb81a5224e3c363d7a61dec17ea61d7d99879b
+SHA1 (patch-Makefile) = 8c531e8b0a42b43b3555e5b95caeec53d3326ef5
+SHA1 (patch-makefilegen.sh) = dfa45f414f0f22e58a39d7bf4a0c32b104876f23
+SHA1 (patch-randombytes.c) = b6d945c69bf67a2040028b3d654582dda4ac7965
+SHA1 (patch-randombytes.c-01getentropy) = b3518de0561393ef6b0f3c820a7142c233689d65
+SHA1 (patch-randombytes.c-02devurandom) = ec8fcff0d126ff794958e29716cf2b2312ac604d
+SHA1 (patch-randombytes.h-01getentropy) = ad16c4556bf3b32f82314b6dd93eb6bf3e65a67a
+SHA1 (patch-randombytes.h-02devurandom) = 96fd1ab08f0e999e718962466009784e1137cfc1
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/patches/patch-Makefile
--- a/security/tlswrapper/patches/patch-Makefile Tue Aug 30 17:47:50 2022 +0000
+++ b/security/tlswrapper/patches/patch-Makefile Tue Aug 30 17:55:31 2022 +0000
@@ -1,10 +1,26 @@
-$NetBSD: patch-Makefile,v 1.1 2022/01/04 22:10:37 schmonz Exp $
+$NetBSD: patch-Makefile,v 1.2 2022/08/30 17:55:31 schmonz Exp $
Do not consider building a local copy of BearSSL.
+Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
+where getentropy() is not present.
---- Makefile.orig 2021-12-28 05:36:39.000000000 +0000
+--- Makefile.orig 2022-08-14 12:18:16.000000000 +0000
+++ Makefile
-@@ -227,9 +227,6 @@ tlswrapper-test: tlswrapper-test.o $(OBJ
+@@ -10,6 +10,13 @@ BINARIES+=tlswrapper-test
+
+ all: bearssl $(BINARIES) tlswrapper-tcp tlswrapper-smtp
+
++randombytes.h:
++ (grep -v "randombytes.h" "randombytes.c-01getentropy"; echo "int main() {}";) > try.c
++ [ ! -f randombytes.h ] && $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o try try.c && cat randombytes.h-01getentropy > randombytes.h || :
++ (grep -v "randombytes.h" "randombytes.c-02devurandom"; echo "int main() {}";) > try.c
++ [ ! -f randombytes.h ] && $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o try try.c && cat randombytes.h-02devurandom > randombytes.h || :
++ rm try.c try
++
+ alloc.o: alloc.c log.h alloc.h
+ $(CC) $(CFLAGS) $(CPPFLAGS) -c alloc.c
+
+@@ -267,9 +274,6 @@ tlswrapper-test: tlswrapper-test.o $(OBJ
bearssl:
@@ -14,3 +30,9 @@
mkdir -p bearssl/inc
tlswrapper-tcp: tlswrapper
+@@ -296,4 +300,5 @@ test: bearssl $(BINARIES) tlswrapper-tcp
+
+ clean:
+ rm -f *.o *.out $(BINARIES) tlswrapper-tcp tlswrapper-smtp
++ rm -f randombytes.h
+
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/patches/patch-makefilegen.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tlswrapper/patches/patch-makefilegen.sh Tue Aug 30 17:55:31 2022 +0000
@@ -0,0 +1,78 @@
+$NetBSD: patch-makefilegen.sh,v 1.1 2022/08/30 17:55:31 schmonz Exp $
+
+Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
+where getentropy() is not present.
+
+--- makefilegen.sh.orig 2022-08-14 12:18:16.000000000 +0000
++++ makefilegen.sh
+@@ -9,6 +9,7 @@
+ echo "DESTDIR?="
+ echo
+
++ # binaries
+ i=0
+ for file in `ls *.c`; do
+ if grep '^int main(' "${file}" >/dev/null; then
+@@ -23,18 +24,40 @@
+ done
+ echo
+
++ # portable
++ headers=`ls *.c-* | sed 's/\.c-.*/.h/' | sort -u`
++
+ echo "all: bearssl \$(BINARIES) tlswrapper-tcp tlswrapper-smtp"
+ echo
+
++ for hfile in "${headers}"; do
++ echo "${hfile}:"
++ ls "${hfile}-"* \
++ | sort \
++ | while read hhfile
++ do
++ ccfile=`echo ${hhfile} | sed 's/\.h-/.c-/'`
++ echo " (grep -v \"${hfile}\" \"${ccfile}\"; echo \"int main() {}\";) > try.c"
++ echo " [ ! -f ${hfile} ] && \$(CC) \$(CFLAGS) \$(CPPFLAGS) \$(LDFLAGS) -o try try.c && cat ${hhfile} > ${hfile} || :"
++ done
++ echo " rm try.c try"
++ touch "${hfile}"
++ done
++ echo
++
++
+ for file in `ls *.c`; do
+ (
+- #gcc -I/usr/include/bearssl -MM "${file}"
+ gcc -MM "${file}"
+ echo " \$(CC) \$(CFLAGS) \$(CPPFLAGS) -c ${file}"
+ echo
+ )
+ done
+
++ for hfile in "${headers}"; do
++ rm -f "${hfile}"
++ done
++
+ i=0
+ for file in `ls *.c`; do
+ if ! grep '^int main(' "${file}" >/dev/null; then
+@@ -61,8 +84,8 @@
+
+ echo "bearssl:"
+ echo " echo 'int main(){}' > try.c"
+- echo " \$(CC) \$(CFLAGS) \$(CPPFLAGS) -o try.o \$(LDFLAGS) try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )"
+- echo " rm -f try.o try.c"
++ echo " \$(CC) \$(CFLAGS) \$(CPPFLAGS) \$(LDFLAGS) -o try try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )"
++ echo " rm -f try.c try"
+ echo " mkdir -p bearssl/inc"
+ echo
+
+@@ -94,6 +117,9 @@
+
+ echo "clean:"
+ echo " rm -f *.o *.out \$(BINARIES) tlswrapper-tcp tlswrapper-smtp"
++ for hfile in "${headers}"; do
++ echo " rm -f ${hfile}"
++ done
+ echo
+
+ ) > Makefile
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/patches/patch-randombytes.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tlswrapper/patches/patch-randombytes.c Tue Aug 30 17:55:31 2022 +0000
@@ -0,0 +1,44 @@
+$NetBSD: patch-randombytes.c,v 1.1 2022/08/30 17:55:31 schmonz Exp $
+
+Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
+where getentropy() is not present.
+
+--- randombytes.c.orig 2022-08-14 12:18:16.000000000 +0000
++++ randombytes.c
+@@ -1,30 +1,9 @@
+-/*
+-version 20220222
+-*/
+-
+-#include <unistd.h>
+-#ifdef __APPLE__
+-#include <sys/random.h>
+-#endif
+ #include "randombytes.h"
+
+-void randombytes(void *xv, long long xlen) {
+-
+- long long i;
+- unsigned char *x = (unsigned char *) xv;
+-
+- while (xlen > 0) {
+- if (xlen < 256)
+- i = xlen;
+- else
+- i = 256;
++#ifdef randombytes_getentropy
++#include "randombytes.c-01getentropy"
++#endif
+
+- if (getentropy(x, i) == -1) {
+- sleep(1);
+- continue;
+- }
+- x += i;
+- xlen -= i;
+- }
+- __asm__ __volatile__("" : : "r"(xv) : "memory");
+-}
++#ifdef randombytes_devurandom
++#include "randombytes.c-02devurandom"
++#endif
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/patches/patch-randombytes.c-01getentropy
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tlswrapper/patches/patch-randombytes.c-01getentropy Tue Aug 30 17:55:31 2022 +0000
@@ -0,0 +1,38 @@
+$NetBSD: patch-randombytes.c-01getentropy,v 1.1 2022/08/30 17:55:31 schmonz Exp $
+
+Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
+where getentropy() is not present.
+
+--- randombytes.c-01getentropy.orig 2022-08-30 17:47:01.000000000 +0000
++++ randombytes.c-01getentropy
+@@ -0,0 +1,30 @@
++/*
++version 20220222
++*/
++
++#include <unistd.h>
++#ifdef __APPLE__
++#include <sys/random.h>
++#endif
++#include "randombytes.h"
++
++void randombytes(void *xv, long long xlen) {
++
++ long long i;
++ unsigned char *x = (unsigned char *) xv;
++
++ while (xlen > 0) {
++ if (xlen < 256)
++ i = xlen;
++ else
++ i = 256;
++
++ if (getentropy(x, i) == -1) {
++ sleep(1);
++ continue;
++ }
++ x += i;
++ xlen -= i;
++ }
++ __asm__ __volatile__("" : : "r"(xv) : "memory");
++}
diff -r c4c52be08e9b -r c5d81c2c29af security/tlswrapper/patches/patch-randombytes.c-02devurandom
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/tlswrapper/patches/patch-randombytes.c-02devurandom Tue Aug 30 17:55:31 2022 +0000
@@ -0,0 +1,51 @@
+$NetBSD: patch-randombytes.c-02devurandom,v 1.1 2022/08/30 17:55:31 schmonz Exp $
+
+Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
+where getentropy() is not present.
+
+--- randombytes.c-02devurandom.orig 2022-08-30 17:47:01.000000000 +0000
++++ randombytes.c-02devurandom
+@@ -0,0 +1,43 @@
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <fcntl.h>
++#include <unistd.h>
++#include "randombytes.h"
++
++static int fd = -1;
++
++void randombytes(void *xv, long long xlen) {
++
++ long long i;
++ unsigned char *x = xv;
++
++ if (fd == -1) {
++ for (;;) {
++#ifdef O_CLOEXEC
++ fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
++#else
++ fd = open("/dev/urandom", O_RDONLY);
++ fcntl(fd, F_SETFD, 1);
++#endif
++ if (fd != -1) break;
++ sleep(1);
++ }
++ }
++
++ while (xlen > 0) {
++ if (xlen < 1048576)
++ i = xlen;
++ else
++ i = 1048576;
Home |
Main Index |
Thread Index |
Old Index