[pkgsrc/trunk]: pkgsrc/security/openssl openssl: Fix KERN_ARND usage on NetBSD.

[nia <nia%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/845afa5016f6
branches:  trunk
changeset: 430362:845afa5016f6
user:      nia <nia%pkgsrc.org@localhost>
date:      Thu Apr 30 11:21:57 2020 +0000

description:
openssl: Fix KERN_ARND usage on NetBSD.

XXX upstream

diffstat:

 security/openssl/Makefile                               |   3 +-
 security/openssl/distinfo                               |   3 +-
 security/openssl/patches/patch-crypto_rand_rand__unix.c |  47 +++++++++++++++++
 3 files changed, 51 insertions(+), 2 deletions(-)

diffs (76 lines):

diff -r 923b4545ea09 -r 845afa5016f6 security/openssl/Makefile
--- a/security/openssl/Makefile Thu Apr 30 09:47:51 2020 +0000
+++ b/security/openssl/Makefile Thu Apr 30 11:21:57 2020 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.257 2020/04/21 13:29:35 sevan Exp $
+# $NetBSD: Makefile,v 1.258 2020/04/30 11:21:57 nia Exp $
 
 DISTNAME=      openssl-1.1.1g
+PKGREVISION=   1
 CATEGORIES=    security
 MASTER_SITES=  https://www.openssl.org/source/
 
diff -r 923b4545ea09 -r 845afa5016f6 security/openssl/distinfo
--- a/security/openssl/distinfo Thu Apr 30 09:47:51 2020 +0000
+++ b/security/openssl/distinfo Thu Apr 30 11:21:57 2020 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.140 2020/04/21 13:29:35 sevan Exp $
+$NetBSD: distinfo,v 1.141 2020/04/30 11:21:57 nia Exp $
 
 SHA1 (openssl-1.1.1g.tar.gz) = b213a293f2127ec3e323fb3cfc0c9807664fd997
 RMD160 (openssl-1.1.1g.tar.gz) = 427b7b12c06715ad1c95d3ff5e38055c6bb66c1d
 SHA512 (openssl-1.1.1g.tar.gz) = 01e3d0b1bceeed8fb066f542ef5480862001556e0f612e017442330bbd7e5faee228b2de3513d7fc347446b7f217e27de1003dc9d7214d5833b97593f3ec25ab
 Size (openssl-1.1.1g.tar.gz) = 9801502 bytes
 SHA1 (patch-Configurations_unix-Makefile.tmpl) = d58376dfc8cbb4c7d98ca64093759f173eac73da
+SHA1 (patch-crypto_rand_rand__unix.c) = 9aa1ff0b0ff1db3fcadacf8707596a7db852f956
diff -r 923b4545ea09 -r 845afa5016f6 security/openssl/patches/patch-crypto_rand_rand__unix.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-crypto_rand_rand__unix.c   Thu Apr 30 11:21:57 2020 +0000
@@ -0,0 +1,47 @@
+$NetBSD: patch-crypto_rand_rand__unix.c,v 1.1 2020/04/30 11:21:57 nia Exp $
+
+Fix usage of KERN_ARND on NetBSD.
+
+First, actually include the correct headers.
+Second, disable a hack for old FreeBSD versions (just in case it gets used).
+Third, ensure that we don't ever request more than 256 bytes (just in case).
+
+--- crypto/rand/rand_unix.c.orig       2020-04-21 12:22:39.000000000 +0000
++++ crypto/rand/rand_unix.c
+@@ -26,12 +26,12 @@
+ #  include <sys/utsname.h>
+ # endif
+ #endif
+-#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI)
++#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI)
+ # include <sys/types.h>
+ # include <sys/sysctl.h>
+ # include <sys/param.h>
+ #endif
+-#if defined(__OpenBSD__) || defined(__NetBSD__)
++#if defined(__OpenBSD__)
+ # include <sys/param.h>
+ #endif
+ 
+@@ -247,10 +247,12 @@ static ssize_t sysctl_random(char *buf, 
+      * when the sysctl returns long and we want to request something not a
+      * multiple of longs, which should never be the case.
+      */
++#if   defined(__FreeBSD__)
+     if (!ossl_assert(buflen % sizeof(long) == 0)) {
+         errno = EINVAL;
+         return -1;
+     }
++#endif
+ 
+     /*
+      * On NetBSD before 4.0 KERN_ARND was an alias for KERN_URND, and only
+@@ -268,7 +270,7 @@ static ssize_t sysctl_random(char *buf, 
+     mib[1] = KERN_ARND;
+ 
+     do {
+-        len = buflen;
++        len = buflen > 256 ? 256 : buflen;
+         if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
+             return done > 0 ? done : -1;
+         done += len;