pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/uacme
Module Name: pkgsrc
Committed By: riastradh
Date: Mon Jan 27 13:37:07 UTC 2025
Modified Files:
pkgsrc/security/uacme: Makefile distinfo
pkgsrc/security/uacme/patches: patch-uacme.c
Added Files:
pkgsrc/security/uacme/patches: patch-configure.ac
Log Message:
security/uacme: Fix cross-build and ctype(3) abuse.
1. TOOL_DEPENDS, not BUILD_DEPENDS, for asciidoc -- we run this at
build-time, we don't link against it.
2. Use AC_CACHE_CHECK around AC_RUN_IFELSE to allow overriding
run-time tests at build-time with pre-determined outputs. On
NetBSD, mmap(MAP_ANON|MAP_SHARED) works (for that matter, I have
no idea on what broken systems this fails).
3. Patch away ctype(3) abuse while here.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/uacme/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/uacme/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/uacme/patches/patch-configure.ac
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/uacme/patches/patch-uacme.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/uacme/Makefile
diff -u pkgsrc/security/uacme/Makefile:1.8 pkgsrc/security/uacme/Makefile:1.9
--- pkgsrc/security/uacme/Makefile:1.8 Wed Dec 18 16:22:57 2024
+++ pkgsrc/security/uacme/Makefile Mon Jan 27 13:37:06 2025
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2024/12/18 16:22:57 hauke Exp $
+# $NetBSD: Makefile,v 1.9 2025/01/27 13:37:06 riastradh Exp $
PKGNAME= uacme-${PKGVER}
-PKGREVISION= 5
+PKGREVISION= 6
DISTNAME= v${PKGVER}
PKGVER= 1.7.5
CATEGORIES= security
@@ -12,7 +12,7 @@ COMMENT= Lightweight C ACMEv2 client whi
HOMEPAGE= https://github.com/ndilieto/uacme
LICENSE= gnu-gpl-v3
-BUILD_DEPENDS+= asciidoc-[0-9]*:../../textproc/asciidoc
+TOOL_DEPENDS+= asciidoc-[0-9]*:../../textproc/asciidoc
USE_TOOLS+= gmake pkg-config autoconf autoreconf automake
@@ -30,6 +30,12 @@ UACME_CHALLENGE_PATH= ${UACME_CONFDIR}/c
CFLAGS.SunOS+= -D__EXTENSIONS__
LDFLAGS.SunOS+= -lsocket
+.include "../../mk/bsd.prefs.mk"
+
+.if ${USE_CROSS_COMPILE:tl} == "yes"
+CONFIGURE_ENV.NetBSD+= uacme_cv_mmap_anonshared_works=yes
+.endif
+
CONFIGURE_ARGS= --datadir=${PREFIX}/${HOOKDIR}
CONFIGURE_ARGS+= --disable-maintainer-mode
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
Index: pkgsrc/security/uacme/distinfo
diff -u pkgsrc/security/uacme/distinfo:1.1 pkgsrc/security/uacme/distinfo:1.2
--- pkgsrc/security/uacme/distinfo:1.1 Thu May 2 13:34:56 2024
+++ pkgsrc/security/uacme/distinfo Mon Jan 27 13:37:06 2025
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.1 2024/05/02 13:34:56 hauke Exp $
+$NetBSD: distinfo,v 1.2 2025/01/27 13:37:06 riastradh Exp $
BLAKE2s (v1.7.5.tar.gz) = 1947951f05e8b61a896394d1f67367446969dc14205440514ad679e1951bf208
SHA512 (v1.7.5.tar.gz) = c219e3ade3a81e3088cc95ecc6422022d18bffd11f26aa1618d7e4bdbf492034ae886ad6d4428ba9bbe64dbe6e6576945f50ea8ae9d6f85098758a20ff82051c
Size (v1.7.5.tar.gz) = 258398 bytes
SHA1 (patch-Makefile.am) = 562ca9e346d95771798c8fab146f59aaefb57b52
-SHA1 (patch-uacme.c) = ef74f682f7a4336da4b3686aa50678298608f67e
+SHA1 (patch-configure.ac) = da767baba9ddac9548d9790c16580c99931acd9d
+SHA1 (patch-uacme.c) = da6815cfd867637703501660109b05599c6b708d
SHA1 (patch-uacme.sh) = 24da3e33aac08634d61287d1fb971f0b4095de8e
Index: pkgsrc/security/uacme/patches/patch-uacme.c
diff -u pkgsrc/security/uacme/patches/patch-uacme.c:1.1 pkgsrc/security/uacme/patches/patch-uacme.c:1.2
--- pkgsrc/security/uacme/patches/patch-uacme.c:1.1 Thu May 2 13:34:56 2024
+++ pkgsrc/security/uacme/patches/patch-uacme.c Mon Jan 27 13:37:07 2025
@@ -1,8 +1,10 @@
-$NetBSD: patch-uacme.c,v 1.1 2024/05/02 13:34:56 hauke Exp $
+$NetBSD: patch-uacme.c,v 1.2 2025/01/27 13:37:07 riastradh Exp $
-Set CONFDIR default - we prefer not to write under /etc
+1. Set CONFDIR default - we prefer not to write under /etc
---- uacme.c.orig 2024-04-24 20:06:00.457609312 +0000
+2. Fix ctype(3) abuse.
+
+--- uacme.c.orig 2024-01-28 20:03:31.000000000 +0000
+++ uacme.c
@@ -46,7 +46,7 @@
@@ -13,3 +15,30 @@ Set CONFDIR default - we prefer not to w
typedef struct acme {
privkey_t key;
+@@ -866,7 +866,7 @@ bool authorize(acme_t *a)
+ goto out;
+ }
+ for (const char *t = token; *t; t++)
+- if (!isalnum(*t) && *t != '-' && *t != '_') {
++ if (!isalnum((unsigned char)*t) && *t != '-' && *t != '_') {
+ warnx("failed to validate token");
+ goto out;
+ }
+@@ -1301,7 +1301,7 @@ bool validate_identifier_str(const char
+ }
+ break;
+ default:
+- if (!isupper(s[j]) && !islower(s[j]) && !isdigit(s[j])) {
++ if (!isupper((unsigned char)s[j]) && !islower((unsigned char)s[j]) && !isdigit((unsigned char)s[j])) {
+ warnx("invalid character '%c' in %s", s[j], s);
+ return false;
+ }
+@@ -1359,7 +1359,7 @@ bool alt_parse(acme_t *a, char *alt)
+ size_t len = 0;
+ char *tok = strtok(alt, ":");
+ while (tok && len < sizeof(a->alt_fp)) {
+- if (strlen(tok) != 2 || !isxdigit(tok[0]) || !isxdigit(tok[1]))
++ if (strlen(tok) != 2 || !isxdigit((unsigned char)tok[0]) || !isxdigit((unsigned char)tok[1]))
+ break;
+ a->alt_fp[len++] = strtol(tok, NULL, 16);
+ tok = strtok(NULL, ":");
Added files:
Index: pkgsrc/security/uacme/patches/patch-configure.ac
diff -u /dev/null pkgsrc/security/uacme/patches/patch-configure.ac:1.1
--- /dev/null Mon Jan 27 13:37:07 2025
+++ pkgsrc/security/uacme/patches/patch-configure.ac Mon Jan 27 13:37:07 2025
@@ -0,0 +1,62 @@
+$NetBSD: patch-configure.ac,v 1.1 2025/01/27 13:37:07 riastradh Exp $
+
+Wrap autoconf runtime test (AC_RUN_IFELSE) in AC_CACHE_CHECK so we can
+override it on the command-line when cross-compiling.
+
+--- configure.ac.orig 2024-01-28 20:03:31.000000000 +0000
++++ configure.ac
+@@ -336,26 +336,35 @@ if test "x$OPT_UALPN" != "xno"; then
+ AC_MSG_ERROR([ualpn requires sys/un.h]))
+ AC_CHECK_FUNCS([mmap],[],
+ AC_MSG_ERROR([ualpn requires mmap]))
+- AC_MSG_CHECKING([if mmap(MAP_ANON|MAP_SHARED) works])
++ AC_CACHE_CHECK([if mmap(MAP_ANON|MAP_SHARED) works],
++ [uacme_cv_mmap_anonshared_works], [
+ AC_RUN_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h>
+ int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE,
+ MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])],
+- [
++ [uacme_cv_mmap_anonshared_works=yes],
++ [uacme_cv_mmap_anonshared_works=no])
++ ])
++ case $uacme_cv_mmap_anonshared_works in
++ yes)
+ AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works])
+- AC_MSG_RESULT([yes])
+- ], [
+- AC_MSG_RESULT([no])
+- AC_MSG_CHECKING([if mmap("/dev/zero", MAP_SHARED) works])
++ ;;
++ *)
++ AC_CACHE_CHECK([if mmap("/dev/zero", MAP_SHARED) works],
++ [uacme_cv_mmap_devzero_shared_works], [
+ AC_RUN_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+ int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE,
+ MAP_ANON|MAP_SHARED, open("/dev/zero", O_RDWR), 0) ==
+ MAP_FAILED;}])],
++ [uacme_cv_mmap_devzero_shared_works=yes],
++ [uacme_cv_mmap_devzero_shared_works=no])
++ ])
++ if test "x$uacme_cv_mmap_devzero_shared_works" = xyes; then
+ AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works])
+- AC_MSG_RESULT([yes]),
+- AC_MSG_RESULT([no])
+- AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])),
++ else
++ AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])
++ fi
+ AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include <sys/mman.h>
+ int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE,
+ MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])],
+@@ -364,7 +373,8 @@ if test "x$OPT_UALPN" != "xno"; then
+ AC_MSG_RESULT([no])
+ AC_MSG_NOTICE([falling back to mmap("/dev/zero", MAP_SHARED)])
+ AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]))
+- ])
++ ;;
++ esac
+ AC_ARG_ENABLE(splice, AS_HELP_STRING([--disable-splice], [disable splice]))
+ if test "x$enable_splice" != "xno"; then
+ AC_CHECK_FUNCS([splice])
Home |
Main Index |
Thread Index |
Old Index