pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
libgcrypt: Update to 1.9.1
Module Name: pkgsrc-wip
Committed By: Michael Baeuerle <micha%NetBSD.org@localhost>
Pushed By: micha
Date: Fri Jan 29 12:51:44 2021 +0100
Changeset: a61c420e2cc9aef5e9321c79a9ed4fbb07a1a886
Modified Files:
Makefile
Added Files:
libgcrypt/DESCR
libgcrypt/Makefile
libgcrypt/PLIST
libgcrypt/TODO
libgcrypt/buildlink3.mk
libgcrypt/distinfo
libgcrypt/hacks.mk
libgcrypt/options.mk
libgcrypt/patches/patch-cipher_rijndael-arm.S
libgcrypt/patches/patch-configure
libgcrypt/patches/patch-random_jitterentropy-base.c
libgcrypt/patches/patch-src_libgcrypt-config.in
libgcrypt/patches/patch-src_visibility.h
Log Message:
libgcrypt: Update to 1.9.1
Noteworthy changes in Libgcrypt 1.9.1
=====================================
* Bug fixes:
- *Fix exploitable bug* in hash functions introduced with 1.9.0.
[#5275]
- Return an error if a negative MPI is used with sexp scan
functions. [#4964]
- Check for operational FIPS in the random and KDF functions.
[#5243]
- Fix compile error on ARMv7 with NEON disabled. [#5251]
- Fix self-test in KDF module. [#5254]
- Improve assembler checks for better LTO support. [#5255]
- Fix assember problem on macOS running on M1. [#5157]
- Support older macOS without posix_spawn. [#5159]
- Fix 32-bit cross build on x86. [#5257]
- Fix non-NEON ARM assembly implementation for SHA512. [#5263]
- Fix build problems with the cipher_bulk_ops_t typedef. [#5264]
- Fix Ed25519 private key handling for preceding ZEROs. [#5267]
- Fix overflow in modular inverse implementation. [#5269]
- Fix register access for AVX/AVX2 implementations of Blake2.
[#5271].
* Performance:
- Add optimized cipher and hash functions for s390x/zSeries.
- Use hardware bit counting functionx when available.
* Internal changes:
- The macOS getentropy syscall is used when available. [#5268]
- Update DSA functions to match FIPS 186-3. [30ed9593f6]
- New self-tests for CMACs and KDFs. [385a89e35b,7a0da24925]
- Add bulk cipher functions for OFB and GCM modes.
[f12b6788f2,f4e63e92dc]
For a list of links to commits and bug numbers
see the release info at https://dev.gnupg.org/T5259
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=a61c420e2cc9aef5e9321c79a9ed4fbb07a1a886
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
Makefile | 1 +
libgcrypt/DESCR | 6 ++
libgcrypt/Makefile | 67 ++++++++++++++++++++++
libgcrypt/PLIST | 11 ++++
libgcrypt/TODO | 6 ++
libgcrypt/buildlink3.mk | 15 +++++
libgcrypt/distinfo | 11 ++++
libgcrypt/hacks.mk | 12 ++++
libgcrypt/options.mk | 26 +++++++++
libgcrypt/patches/patch-cipher_rijndael-arm.S | 15 +++++
libgcrypt/patches/patch-configure | 15 +++++
.../patches/patch-random_jitterentropy-base.c | 26 +++++++++
libgcrypt/patches/patch-src_libgcrypt-config.in | 15 +++++
libgcrypt/patches/patch-src_visibility.h | 28 +++++++++
14 files changed, 254 insertions(+)
diffs:
diff --git a/Makefile b/Makefile
index 1e000bc674..98207308cf 100644
--- a/Makefile
+++ b/Makefile
@@ -2008,6 +2008,7 @@ SUBDIR+= libfplll
SUBDIR+= libftdi1
SUBDIR+= libgamecommon
SUBDIR+= libgamemusic
+SUBDIR+= libgcrypt
SUBDIR+= libgda-bdb
SUBDIR+= libgda-ldap
SUBDIR+= libgda-mdb
diff --git a/libgcrypt/DESCR b/libgcrypt/DESCR
new file mode 100644
index 0000000000..db98ce8fa5
--- /dev/null
+++ b/libgcrypt/DESCR
@@ -0,0 +1,6 @@
+This is a general purpose cryptographic library based on the code from GnuPG.
+It provides functions for all cryptograhic building blocks: symmetric ciphers
+(AES, DES, Blowfish, CAST5, Twofish, Arcfour), hash algorithms (MD4, MD5,
+RIPE-MD160, SHA-1, TIGER-192), MACs (HMAC for all hash algorithms), public key
+algorithms (RSA, ElGamal, DSA), large integer functions, random numbers and a
+lot of supporting functions.
diff --git a/libgcrypt/Makefile b/libgcrypt/Makefile
new file mode 100644
index 0000000000..49eec934f1
--- /dev/null
+++ b/libgcrypt/Makefile
@@ -0,0 +1,67 @@
+# $NetBSD: Makefile,v 1.100 2021/01/25 09:59:50 wiz Exp $
+
+DISTNAME= libgcrypt-1.9.1
+CATEGORIES= security
+MASTER_SITES= https://gnupg.org/ftp/gcrypt/libgcrypt/
+EXTRACT_SUFX= .tar.bz2
+
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://gnupg.org/software/libgcrypt/
+COMMENT= GNU cryptographic library
+LICENSE= gnu-gpl-v2 AND gnu-lgpl-v2.1
+
+USE_LIBTOOL= yes
+GNU_CONFIGURE= yes
+
+TEST_TARGET= check
+
+TEXINFO_REQD= 4.0
+INFO_FILES= yes
+
+.include "../../mk/bsd.prefs.mk"
+.include "../../mk/compiler.mk"
+
+.if empty(MACHINE_PLATFORM:MNetBSD-*-i386) && \
+ empty(MACHINE_PLATFORM:MNetBSD-*-alpha) && \
+ empty(MACHINE_PLATFORM:MNetBSD-*-sparc) && \
+ empty(MACHINE_PLATFORM:M*-*-hppa)
+CONFIGURE_ARGS+= --disable-asm
+.endif
+CONFIGURE_ARGS+= --disable-aesni-support
+
+.if !empty(MACHINE_PLATFORM:MLinux-*-i386) || \
+ !empty(MACHINE_PLATFORM:MSunOS-*-i386)
+CONFIGURE_ARGS+= --disable-pclmul-support
+.endif
+
+# SCO OpenServer 5.0.7/3.2 has no socklen_t, but it is defined in pthread.h
+# from builtin GNU pth.
+.if ${OS_VARIANT} == "SCOOSR5"
+CONFIGURE_ENV+= ac_cv_type_socklen_t=yes
+CONFIGURE_ENV+= gl_cv_socklen_t_equiv=int
+.endif
+
+.if !empty(PKGSRC_COMPILER:Mclang)
+CFLAGS+= -fheinous-gnu-extensions
+.endif
+
+.if (${MACHINE_ARCH} == "x86_64")
+. if !empty(CC_VERSION:Mgcc-4.[45].*)
+CONFIGURE_ARGS+= --disable-avx2-support
+CONFIGURE_ARGS+= --disable-avx-support
+CONFIGURE_ENV+= gcry_cv_gcc_inline_asm_avx=no
+. endif
+.endif
+
+SUBST_CLASSES+= rpath
+SUBST_FILES.rpath= src/libgcrypt-config.in
+SUBST_STAGE.rpath= pre-configure
+SUBST_MESSAGE.rpath= Fixing rpath flags
+SUBST_VARS.rpath= COMPILER_RPATH_FLAG
+
+.include "options.mk"
+
+BUILDLINK_API_DEPENDS.libgpg-error+= libgpg-error>=1.13
+.include "../../security/libgpg-error/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/libgcrypt/PLIST b/libgcrypt/PLIST
new file mode 100644
index 0000000000..d5bf93ca7a
--- /dev/null
+++ b/libgcrypt/PLIST
@@ -0,0 +1,11 @@
+@comment $NetBSD: PLIST,v 1.12 2019/09/02 12:10:54 nia Exp $
+bin/dumpsexp
+bin/hmac256
+bin/libgcrypt-config
+bin/mpicalc
+include/gcrypt.h
+info/gcrypt.info
+lib/libgcrypt.la
+lib/pkgconfig/libgcrypt.pc
+man/man1/hmac256.1
+share/aclocal/libgcrypt.m4
diff --git a/libgcrypt/TODO b/libgcrypt/TODO
new file mode 100644
index 0000000000..9d05370178
--- /dev/null
+++ b/libgcrypt/TODO
@@ -0,0 +1,6 @@
+Fix buid error:
+
+keccak.c: In function 'keccak_init':
+keccak.c:907:23: error: 'HWF_INTEL_FAST_SHLD' undeclared (first use in this function)
+ else if (features & HWF_INTEL_FAST_SHLD)
+ ^~~~~~~~~~~~~~~~~~~
diff --git a/libgcrypt/buildlink3.mk b/libgcrypt/buildlink3.mk
new file mode 100644
index 0000000000..950f95d179
--- /dev/null
+++ b/libgcrypt/buildlink3.mk
@@ -0,0 +1,15 @@
+# $NetBSD: buildlink3.mk,v 1.18 2016/08/17 23:13:11 maya Exp $
+
+BUILDLINK_TREE+= libgcrypt
+
+.if !defined(LIBGCRYPT_BUILDLINK3_MK)
+LIBGCRYPT_BUILDLINK3_MK:=
+
+BUILDLINK_API_DEPENDS.libgcrypt+= libgcrypt>=1.2.0
+BUILDLINK_ABI_DEPENDS.libgcrypt+= libgcrypt>=1.6.0
+BUILDLINK_PKGSRCDIR.libgcrypt?= ../../security/libgcrypt
+
+.include "../../security/libgpg-error/buildlink3.mk"
+.endif # LIBGCRYPT_BUILDLINK3_MK
+
+BUILDLINK_TREE+= -libgcrypt
diff --git a/libgcrypt/distinfo b/libgcrypt/distinfo
new file mode 100644
index 0000000000..4bd8b2bb17
--- /dev/null
+++ b/libgcrypt/distinfo
@@ -0,0 +1,11 @@
+$NetBSD: distinfo,v 1.85 2021/01/25 09:59:50 wiz Exp $
+
+SHA1 (libgcrypt-1.9.1.tar.bz2) = a15ce7355b028f28a33428eaa0147154861b29d4
+RMD160 (libgcrypt-1.9.1.tar.bz2) = f9bbd9ed747f21e5c66e7287102975f2cb04f4e5
+SHA512 (libgcrypt-1.9.1.tar.bz2) = e8a028724cf5476fff0ca82c5c279a64b3bc5d1fd1472b784df4084b185266825baffc49e27b90db7453c8faef68cd0b8264f379abacee629bbdf6b11f2a28d6
+Size (libgcrypt-1.9.1.tar.bz2) = 3202683 bytes
+SHA1 (patch-cipher_rijndael-arm.S) = ef3cb7f481022440780eb48ae31cbfad0a3ec115
+SHA1 (patch-configure) = 6c7c1867993240ac099e80fb8dda3b667c2642d5
+SHA1 (patch-random_jitterentropy-base.c) = 5a14676aae7ad5d12f9f0bed366af5183aaf22ad
+SHA1 (patch-src_libgcrypt-config.in) = 2b426fd3577828d9a083f2150368590a14d0ce85
+SHA1 (patch-src_visibility.h) = 8cbbf6803ab34b4b7dda832aa8ee18247aa89518
diff --git a/libgcrypt/hacks.mk b/libgcrypt/hacks.mk
new file mode 100644
index 0000000000..4419a7bf18
--- /dev/null
+++ b/libgcrypt/hacks.mk
@@ -0,0 +1,12 @@
+# $NetBSD: hacks.mk,v 1.4 2008/03/26 20:09:43 tron Exp $
+
+# config.h #defines socklen_t if it is not defined, but libgcrypt does
+# not propogate this to the installed gcrypt.h, so packages using it
+# subsequently fail.
+#
+# hack around this by using the same #define (if present) in gcrypt.h.
+post-configure:
+ socklen=`${GREP} '^#define socklen_t' ${WRKSRC}/config.h || ${TRUE}`; \
+ ${MV} ${WRKSRC}/src/gcrypt.h ${WRKSRC}/src/gcrypt.h.old; \
+ ${SED} -e "s,^/\* socklen_t \*/,$$socklen," \
+ ${WRKSRC}/src/gcrypt.h.old > ${WRKSRC}/src/gcrypt.h
diff --git a/libgcrypt/options.mk b/libgcrypt/options.mk
new file mode 100644
index 0000000000..bb7fb562cb
--- /dev/null
+++ b/libgcrypt/options.mk
@@ -0,0 +1,26 @@
+# $NetBSD: options.mk,v 1.8 2013/04/21 14:44:53 wiz Exp $
+
+PKG_OPTIONS_VAR= PKG_OPTIONS.libgcrypt
+PKG_SUPPORTED_OPTIONS=
+
+.include "../../mk/bsd.prefs.mk"
+
+.if ${MACHINE_ARCH} == "i386" && ${OPSYS} != "Darwin"
+. include "../../mk/compiler.mk"
+# GCC 3.x (at least 3.3.3 on NetBSD) fails to compile asm() call in
+# cipher/rijndael.c:do_padlock()
+. if empty(CC_VERSION:Mgcc-3.*)
+PKG_SUPPORTED_OPTIONS+= via-padlock
+# With GCC 4.1.3 on NetBSD, do_padlock() crashes with signal 11
+. if ${OPSYS} != "NetBSD"
+PKG_SUGGESTED_OPTIONS+= via-padlock
+. endif
+. endif
+.endif
+
+.include "../../mk/bsd.options.mk"
+
+.if empty(PKG_OPTIONS:Mvia-padlock)
+# Disable VIA Padlock support.
+CONFIGURE_ARGS+= --disable-padlock-support
+.endif
diff --git a/libgcrypt/patches/patch-cipher_rijndael-arm.S b/libgcrypt/patches/patch-cipher_rijndael-arm.S
new file mode 100644
index 0000000000..eb5999f2a0
--- /dev/null
+++ b/libgcrypt/patches/patch-cipher_rijndael-arm.S
@@ -0,0 +1,15 @@
+$NetBSD: patch-cipher_rijndael-arm.S,v 1.1 2016/07/02 13:24:17 wiz Exp $
+
+Fix ARM unaligned access problem.
+https://lists.gnupg.org/pipermail/gcrypt-devel/2016-June/003904.html
+
+--- cipher/rijndael-arm.S.orig 2016-03-23 11:59:34.000000000 +0000
++++ cipher/rijndael-arm.S
+@@ -19,6 +19,7 @@
+ */
+
+ #include <config.h>
++#undef __ARM_FEATURE_UNALIGNED
+
+ #if defined(__ARMEL__)
+ #ifdef HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS
diff --git a/libgcrypt/patches/patch-configure b/libgcrypt/patches/patch-configure
new file mode 100644
index 0000000000..21d763e721
--- /dev/null
+++ b/libgcrypt/patches/patch-configure
@@ -0,0 +1,15 @@
+$NetBSD$
+
+Fix unportable test(1) operator.
+
+--- configure.orig 2021-01-19 12:39:59.000000000 +0000
++++ configure
+@@ -17460,7 +17460,7 @@ CFLAGS="$CFLAGS -maltivec -mvsx -mcrypto
+
+ if test "$gcry_cv_cc_ppc_altivec" = "no" &&
+ test "$mpi_cpu_arch" = "ppc" &&
+- test "$try_asm_modules" == "yes" ; then
++ test "$try_asm_modules" = "yes" ; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compiler supports PowerPC AltiVec/VSX/crypto intrinsics with extra GCC flags" >&5
+ $as_echo_n "checking whether compiler supports PowerPC AltiVec/VSX/crypto intrinsics with extra GCC flags... " >&6; }
+ if ${gcry_cv_cc_ppc_altivec_cflags+:} false; then :
diff --git a/libgcrypt/patches/patch-random_jitterentropy-base.c b/libgcrypt/patches/patch-random_jitterentropy-base.c
new file mode 100644
index 0000000000..fb8b99e4f2
--- /dev/null
+++ b/libgcrypt/patches/patch-random_jitterentropy-base.c
@@ -0,0 +1,26 @@
+$NetBSD: patch-random_jitterentropy-base.c,v 1.1 2018/05/11 19:20:11 kamil Exp $
+
+Port to Clang.
+
+--- random/jitterentropy-base.c.orig 2017-11-23 18:16:58.000000000 +0000
++++ random/jitterentropy-base.c
+@@ -50,13 +50,18 @@
+ */
+
+ #undef _FORTIFY_SOURCE
++
++#ifdef __clang__
++#pragma clang optimize off
++#else
+ #pragma GCC optimize ("O0")
++#endif
+
+ #include "jitterentropy.h"
+
+ #ifndef CONFIG_CRYPTO_CPU_JITTERENTROPY_STAT
+ /* only check optimization in a compilation for real work */
+- #ifdef __OPTIMIZE__
++ #if defined(__OPTIMIZE__) && !defined(__clang__)
+ #error "The CPU Jitter random number generator must not be compiled with optimizations. See documentation. Use the compiler switch -O0 for compiling jitterentropy-base.c."
+ #endif
+ #endif
diff --git a/libgcrypt/patches/patch-src_libgcrypt-config.in b/libgcrypt/patches/patch-src_libgcrypt-config.in
new file mode 100644
index 0000000000..c758f2e744
--- /dev/null
+++ b/libgcrypt/patches/patch-src_libgcrypt-config.in
@@ -0,0 +1,15 @@
+$NetBSD$
+
+Add rpath to configure script.
+
+--- src/libgcrypt-config.in.orig 2008-08-19 17:20:04.000000000 +0200
++++ src/libgcrypt-config.in
+@@ -167,7 +167,7 @@ if test "$echo_libs" = "yes"; then
+
+ # Set up `libdirs'.
+ if test "x$libdir" != "x/usr/lib" -a "x$libdir" != "x/lib"; then
+- libdirs="-L$libdir"
++ libdirs="-L$libdir @COMPILER_RPATH_FLAG@@libdir@"
+ fi
+
+ # Set up `libs_final'.
diff --git a/libgcrypt/patches/patch-src_visibility.h b/libgcrypt/patches/patch-src_visibility.h
new file mode 100644
index 0000000000..5e3a4de4bc
--- /dev/null
+++ b/libgcrypt/patches/patch-src_visibility.h
@@ -0,0 +1,28 @@
+$NetBSD: patch-src_visibility.h,v 1.2 2014/08/21 19:55:26 wiz Exp $
+
+GCC on SCO OpenServer 5.0.7/3.2 does not support visibility.
+
+https://bugs.g10code.com/gnupg/issue1704
+
+--- src/visibility.h.orig 2014-01-29 09:48:38.000000000 +0000
++++ src/visibility.h
+@@ -26,7 +26,9 @@
+
+ /* Include the main header here so that public symbols are mapped to
+ the internal underscored ones. */
+-#ifdef _GCRY_INCLUDED_BY_VISIBILITY_C
++/* All available GCC for SCO OpenServer 5.0.7/3.2 does not support
++ visibility. */
++#if defined(_GCRY_INCLUDED_BY_VISIBILITY_C) || defined(_SCO_DS)
+ /* We need to redeclare the deprecated functions without the
+ deprecated attribute. */
+ # define GCRYPT_NO_DEPRECATED
+@@ -48,7 +50,7 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_
+ NOTE: When adding new functions, please make sure to add them to
+ libgcrypt.vers and libgcrypt.def as well. */
+
+-#ifdef _GCRY_INCLUDED_BY_VISIBILITY_C
++#if defined(_GCRY_INCLUDED_BY_VISIBILITY_C) || defined(_SCO_DS)
+
+ /* A macro to flag a function as visible. */
+ #ifdef GCRY_USE_VISIBILITY
Home |
Main Index |
Thread Index |
Old Index