[pkgsrc/trunk]: pkgsrc/security security: Remove boringssl

To: source-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security security: Remove boringssl
From: nia <nia%pkgsrc.org@localhost>
Date: Wed, 08 Jul 2020 00:36:27 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/cbf52cecd9fd
branches:  trunk
changeset: 435453:cbf52cecd9fd
user:      nia <nia%pkgsrc.org@localhost>
date:      Tue Jul 07 23:47:40 2020 +0000

description:
security: Remove boringssl

This is a really old version that is likely vulnerable.

AFAIK the only consumer of boringssl is Chromium which vendors its
own variant, otherwise the library is just for internal Google use

diffstat:

 security/Makefile                                             |   3 +-
 security/boringssl/DESCR                                      |  19 --
 security/boringssl/Makefile                                   |  48 ------
 security/boringssl/PLIST                                      |  77 -----------
 security/boringssl/distinfo                                   |  13 -
 security/boringssl/patches/patch-crypto__bio__bio_test.cc     |  16 --
 security/boringssl/patches/patch-crypto__bio__internal.h      |  15 --
 security/boringssl/patches/patch-crypto__bio__socket_helper.c |  17 --
 security/boringssl/patches/patch-crypto__lhash__lhash_test.c  |  16 --
 security/boringssl/patches/patch-crypto__mem.c                |  16 --
 security/boringssl/patches/patch-crypto_aes_aes__test.cc      |  15 --
 security/boringssl/patches/patch-include__openssl__thread.h   |  16 --
 12 files changed, 1 insertions(+), 270 deletions(-)

diffs (truncated from 329 to 300 lines):

diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/Makefile
--- a/security/Makefile Tue Jul 07 23:45:08 2020 +0000
+++ b/security/Makefile Tue Jul 07 23:47:40 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.771 2020/07/02 17:59:02 nia Exp $
+# $NetBSD: Makefile,v 1.772 2020/07/07 23:47:40 nia Exp $
 #
 
 COMMENT=       Security tools
@@ -31,7 +31,6 @@
 SUBDIR+=       bearssl
 SUBDIR+=       beecrypt
 SUBDIR+=       bitstir
-SUBDIR+=       boringssl
 SUBDIR+=       botan
 SUBDIR+=       botan-devel
 SUBDIR+=       ca-certificates
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/DESCR
--- a/security/boringssl/DESCR  Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-BoringSSL is a fork of OpenSSL that is designed to meet Google's
-needs.
-
-Although BoringSSL is an open source project, it is not intended for
-general use, as OpenSSL is.  We don't recommend that third parties
-depend upon it.  Doing so is likely to be frustrating because there
-are no guarantees of API or ABI stability.
-
-Programs ship their own copies of BoringSSL when they use it and we
-update everything as needed when deciding to make API changes.  This
-allows us to mostly avoid compromises in the name of compatibility.
-It works for us, but it may not work for you.
-
-BoringSSL arose because Google used OpenSSL for many years in various
-ways and, over time, built up a large number of patches that were
-maintained while tracking upstream OpenSSL.  As Google's product
-portfolio became more complex, more copies of OpenSSL sprung up and
-the effort involved in maintaining all these patches in multiple
-places was growing steadily.
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/Makefile
--- a/security/boringssl/Makefile       Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,48 +0,0 @@
-# $NetBSD: Makefile,v 1.13 2020/04/12 19:40:22 joerg Exp $
-
-DISTNAME=      boringssl-20151230
-PKGREVISION=   9
-CATEGORIES=    security
-MASTER_SITES=  ${MASTER_SITE_LOCAL}
-
-MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE=      https://boringssl.googlesource.com/boringssl/
-COMMENT=       Fork of OpenSSL designed to meet Google's needs
-LICENSE=       openssl
-
-WRKSRC=                ${WRKDIR}/boringssl
-
-.include "../../lang/go/version.mk"
-
-BUILD_DEPENDS+=        ${GO_PACKAGE_DEP}
-
-USE_TOOLS+=    cmake perl
-USE_LANGUAGES+=        c c++
-
-AUTO_MKDIRS=   yes
-
-SUBST_CLASSES+=                go
-SUBST_STAGE.go=                post-patch
-SUBST_FILES.go=                CMakeLists.txt
-SUBST_SED.go=          -e '/find_program.GO_EXECUTABLE/s,go,${GO},'
-
-do-build:
-       mkdir -p ${WRKSRC}/build
-       cd ${WRKSRC}/build && ${SETENV} ${MAKE_ENV} cmake ..
-       cd ${WRKSRC}/build && ${SETENV} ${MAKE_ENV} make
-
-do-install:
-       for d in bssl/bin bssl/lib bssl/include/openssl; do             \
-               mkdir -p ${DESTDIR}${PREFIX}/$$d;                       \
-       done
-       ${INSTALL_LIB} ${WRKSRC}/build/crypto/libcrypto.a ${DESTDIR}${PREFIX}/bssl/lib
-       ${INSTALL_LIB} ${WRKSRC}/build/ssl/libssl.a ${DESTDIR}${PREFIX}/bssl/lib
-       ${INSTALL_PROGRAM} ${WRKSRC}/build/ssl/test/bssl_shim ${DESTDIR}${PREFIX}/bssl/bin/bssl_shim
-       ${INSTALL_PROGRAM} ${WRKSRC}/build/ssl/ssl_test ${DESTDIR}${PREFIX}/bssl/bin/ssl_test
-       ${INSTALL_PROGRAM} ${WRKSRC}/build/tool/bssl ${DESTDIR}${PREFIX}/bssl/bin/bssl
-       (cd ${WRKSRC}/include/openssl &&                                \
-               for f in *.h; do                                        \
-                       ${INSTALL_DATA} $$f ${DESTDIR}${PREFIX}/bssl/include/openssl/$$f; \
-               done)
-
-.include "../../mk/bsd.pkg.mk"
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/PLIST
--- a/security/boringssl/PLIST  Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,77 +0,0 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-bssl/bin/bssl
-bssl/bin/bssl_shim
-bssl/bin/ssl_test
-bssl/include/openssl/aead.h
-bssl/include/openssl/aes.h
-bssl/include/openssl/arm_arch.h
-bssl/include/openssl/asn1.h
-bssl/include/openssl/asn1_mac.h
-bssl/include/openssl/asn1t.h
-bssl/include/openssl/base.h
-bssl/include/openssl/base64.h
-bssl/include/openssl/bio.h
-bssl/include/openssl/blowfish.h
-bssl/include/openssl/bn.h
-bssl/include/openssl/buf.h
-bssl/include/openssl/buffer.h
-bssl/include/openssl/bytestring.h
-bssl/include/openssl/cast.h
-bssl/include/openssl/chacha.h
-bssl/include/openssl/cipher.h
-bssl/include/openssl/cmac.h
-bssl/include/openssl/conf.h
-bssl/include/openssl/cpu.h
-bssl/include/openssl/crypto.h
-bssl/include/openssl/curve25519.h
-bssl/include/openssl/des.h
-bssl/include/openssl/dh.h
-bssl/include/openssl/digest.h
-bssl/include/openssl/dsa.h
-bssl/include/openssl/dtls1.h
-bssl/include/openssl/ec.h
-bssl/include/openssl/ec_key.h
-bssl/include/openssl/ecdh.h
-bssl/include/openssl/ecdsa.h
-bssl/include/openssl/engine.h
-bssl/include/openssl/err.h
-bssl/include/openssl/evp.h
-bssl/include/openssl/ex_data.h
-bssl/include/openssl/hkdf.h
-bssl/include/openssl/hmac.h
-bssl/include/openssl/lhash.h
-bssl/include/openssl/lhash_macros.h
-bssl/include/openssl/md4.h
-bssl/include/openssl/md5.h
-bssl/include/openssl/mem.h
-bssl/include/openssl/obj.h
-bssl/include/openssl/obj_mac.h
-bssl/include/openssl/objects.h
-bssl/include/openssl/opensslfeatures.h
-bssl/include/openssl/opensslv.h
-bssl/include/openssl/ossl_typ.h
-bssl/include/openssl/pem.h
-bssl/include/openssl/pkcs12.h
-bssl/include/openssl/pkcs7.h
-bssl/include/openssl/pkcs8.h
-bssl/include/openssl/poly1305.h
-bssl/include/openssl/pqueue.h
-bssl/include/openssl/rand.h
-bssl/include/openssl/rc4.h
-bssl/include/openssl/rsa.h
-bssl/include/openssl/safestack.h
-bssl/include/openssl/sha.h
-bssl/include/openssl/srtp.h
-bssl/include/openssl/ssl.h
-bssl/include/openssl/ssl3.h
-bssl/include/openssl/stack.h
-bssl/include/openssl/stack_macros.h
-bssl/include/openssl/thread.h
-bssl/include/openssl/time_support.h
-bssl/include/openssl/tls1.h
-bssl/include/openssl/type_check.h
-bssl/include/openssl/x509.h
-bssl/include/openssl/x509_vfy.h
-bssl/include/openssl/x509v3.h
-bssl/lib/libcrypto.a
-bssl/lib/libssl.a
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/distinfo
--- a/security/boringssl/distinfo       Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: distinfo,v 1.2 2016/12/21 13:38:16 joerg Exp $
-
-SHA1 (boringssl-20151230.tar.gz) = eb3681358044990bc54c9ab58a3ce8d951edd022
-RMD160 (boringssl-20151230.tar.gz) = cf2b15e5dc261efcba44cb493947e9c48d346c36
-SHA512 (boringssl-20151230.tar.gz) = 868e53f5cc695c115b261cae67855f95bc017278aecb86b57941a8f0bfa553cb01ebc8cef65d82c18c65cf34b36fbd33a663805b1fcde37f40a88a11c30d7b73
-Size (boringssl-20151230.tar.gz) = 21984504 bytes
-SHA1 (patch-crypto__bio__bio_test.cc) = 441f14b565c566528d175d56fec34b905c1400cf
-SHA1 (patch-crypto__bio__internal.h) = ca998dc82f208fcc46144c932154c456474a9e88
-SHA1 (patch-crypto__bio__socket_helper.c) = 6ac17f5899817522d3ba883a88d87b5d8541213e
-SHA1 (patch-crypto__lhash__lhash_test.c) = 9f411a45fcb8d861911f8ef69651f591a70211b2
-SHA1 (patch-crypto__mem.c) = 186c7f7af8b28defc80266a351456328df0976cc
-SHA1 (patch-crypto_aes_aes__test.cc) = d5c442101a42ca46456cb42b6e4cea053f7a98cb
-SHA1 (patch-include__openssl__thread.h) = 0faf11db8591026c10ae3271936b1ef6381d977a
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto__bio__bio_test.cc
--- a/security/boringssl/patches/patch-crypto__bio__bio_test.cc Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-crypto__bio__bio_test.cc,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-
-NetBSD portability patches
-
---- crypto/bio/bio_test.cc.orig        2015-12-30 15:55:50.000000000 -0800
-+++ crypto/bio/bio_test.cc     2015-12-30 18:06:05.000000000 -0800
-@@ -13,7 +13,9 @@
-  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
- 
- #if !defined(_POSIX_C_SOURCE)
-+#  if !defined(__NetBSD__)
- #define _POSIX_C_SOURCE 201410L
-+#  endif
- #endif
- 
- #include <openssl/base.h>
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto__bio__internal.h
--- a/security/boringssl/patches/patch-crypto__bio__internal.h  Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-crypto__bio__internal.h,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-
-NetBSD portability patches
-
---- crypto/bio/internal.h.orig 2015-12-30 15:55:50.000000000 -0800
-+++ crypto/bio/internal.h      2015-12-30 18:06:05.000000000 -0800
-@@ -59,6 +59,8 @@
- 
- #include <openssl/base.h>
- 
-+#include <netdb.h>
-+
- #if !defined(OPENSSL_WINDOWS)
- #if defined(OPENSSL_PNACL)
- /* newlib uses u_short in socket.h without defining it. */
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto__bio__socket_helper.c
--- a/security/boringssl/patches/patch-crypto__bio__socket_helper.c     Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-$NetBSD: patch-crypto__bio__socket_helper.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-
-NetBSD portability patches
-
---- crypto/bio/socket_helper.c.orig    2015-12-30 15:55:50.000000000 -0800
-+++ crypto/bio/socket_helper.c 2015-12-30 18:06:05.000000000 -0800
-@@ -12,8 +12,10 @@
-  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
-  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
- 
-+#if !defined(__NetBSD__)
- #undef _POSIX_C_SOURCE
- #define _POSIX_C_SOURCE 200112L
-+#endif
- 
- #include <openssl/bio.h>
- #include <openssl/err.h>
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto__lhash__lhash_test.c
--- a/security/boringssl/patches/patch-crypto__lhash__lhash_test.c      Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-crypto__lhash__lhash_test.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-
-NetBSD portability patches
-
---- crypto/lhash/lhash_test.c.orig     2015-12-30 15:55:51.000000000 -0800
-+++ crypto/lhash/lhash_test.c  2015-12-30 18:06:05.000000000 -0800
-@@ -13,7 +13,9 @@
-  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
- 
- #if !defined(_POSIX_C_SOURCE)
-+#  if !defined(__NetBSD__)
- #define _POSIX_C_SOURCE 201410L
-+#  endif
- #endif
- 
- #include <openssl/crypto.h>
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto__mem.c
--- a/security/boringssl/patches/patch-crypto__mem.c    Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-crypto__mem.c,v 1.1.1.1 2015/12/31 02:57:35 agc Exp $
-
-NetBSD portability patches
-
---- crypto/mem.c.orig  2015-12-30 15:55:51.000000000 -0800
-+++ crypto/mem.c       2015-12-30 18:06:05.000000000 -0800
-@@ -55,7 +55,9 @@
-  * [including the GNU Public Licence.] */
- 
- #if !defined(_POSIX_C_SOURCE)
-+#  if !defined(__NetBSD__)
- #define _POSIX_C_SOURCE 201410L  /* needed for strdup, snprintf, vprintf etc */
-+#  endif
- #endif
- 
- #include <openssl/mem.h>
diff -r 1f44f3bfe2f6 -r cbf52cecd9fd security/boringssl/patches/patch-crypto_aes_aes__test.cc
--- a/security/boringssl/patches/patch-crypto_aes_aes__test.cc  Tue Jul 07 23:45:08 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-crypto_aes_aes__test.cc,v 1.1 2016/12/21 13:38:16 joerg Exp $
-
-main() does not return bool.
-
---- crypto/aes/aes_test.cc.orig        2016-12-21 00:28:18.783846441 +0000
-+++ crypto/aes/aes_test.cc
Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Removed security/boringssl
Next by Date: [src/trunk]: src/usr.bin/sys_info Remove -a from example
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Removed security/boringssl
Next by Thread: [src/trunk]: src/usr.bin/sys_info Remove -a from example
Indexes:
Home | Main Index | Thread Index | Old Index