From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/mit-krb5/files/, app-crypt/mit-krb5/
Date: Sat, 1 May 2021 18:07:12 +0000 (UTC) [thread overview]
Message-ID: <1619892381.180ca9f16a555d6e4b66f13411c12fe3eea5eb5b.sam@gentoo> (raw)
commit: 180ca9f16a555d6e4b66f13411c12fe3eea5eb5b
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat May 1 17:20:13 2021 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat May 1 18:06:21 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=180ca9f1
app-crypt/mit-krb5: drop obsolete LibreSSL patches
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/mit-krb5-1.16.3-libressl-r1.patch | 101 ---------------------
.../mit-krb5/files/mit-krb5-1.18-libressl.patch | 42 ---------
app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild | 2 -
app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild | 2 -
4 files changed, 147 deletions(-)
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch b/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch
deleted file mode 100644
index ca74b88bb0f..00000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From 58263cbf3106f4c9c9a2252794093014a2f9c01f Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <stefan.strogin@gmail.com>
-Date: Thu, 25 Apr 2019 03:48:10 +0300
-Subject: [PATCH] Fix build for LibreSSL 2.9.x
-
-asn1_mac.h is removed from LibreSSL 2.9.0, but static_ASN1_*() methods
-are not defined. Define them.
-
-Upstream-Status: Pending
-[Needs to be amended if
-https://github.com/libressl-portable/openbsd/pull/109 is accepted]
-Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
----
- .../preauth/pkinit/pkinit_crypto_openssl.c | 13 ++++++++----
- .../preauth/pkinit/pkinit_crypto_openssl.h | 20 ++++++++++++++++++-
- 2 files changed, 28 insertions(+), 5 deletions(-)
-
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index 2064eb7bd..81d5d3cf2 100644
---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -188,14 +188,16 @@ pkinit_pkcs11_code_to_text(int err);
- (*_x509_pp) = PKCS7_cert_from_signer_info(_p7,_si)
- #endif
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-
--/* 1.1 standardizes constructor and destructor names, renaming
-- * EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
-+/* 1.1 (and LibreSSL 2.7) standardizes constructor and destructor names,
-+ * renaming EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
- #define EVP_MD_CTX_new EVP_MD_CTX_create
- #define EVP_MD_CTX_free EVP_MD_CTX_destroy
- #define ASN1_STRING_get0_data ASN1_STRING_data
-+#endif
-
- /* 1.1 makes many handle types opaque and adds accessors. Add compatibility
- * versions of the new accessors we use for pre-1.1. */
-@@ -203,6 +205,7 @@ pkinit_pkcs11_code_to_text(int err);
- #define OBJ_get0_data(o) ((o)->data)
- #define OBJ_length(o) ((o)->length)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
- #define DH_set0_pqg compat_dh_set0_pqg
- static int compat_dh_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
- {
-@@ -235,6 +238,7 @@ static void compat_dh_get0_key(const DH *dh, const BIGNUM **pub,
- if (priv != NULL)
- *priv = dh->priv_key;
- }
-+#endif /* LIBRESSL_VERSION_NUMBER */
-
- /* Return true if the cert c includes a key usage which doesn't include u.
- * Define using direct member access for pre-1.1. */
-@@ -3040,7 +3044,8 @@ cleanup:
- return retval;
- }
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
-+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL
-
- /*
- * We need to decode DomainParameters from RFC 3279 section 2.3.3. We would
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-index 7411348fa..ac91408c4 100644
---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-@@ -46,7 +46,25 @@
- #include <openssl/asn1.h>
- #include <openssl/pem.h>
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
-+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL
-+
-+#ifndef static_ASN1_SEQUENCE_END_name
-+#define static_ASN1_ITEM_start(itname) \
-+ static const ASN1_ITEM itname##_it = {
-+#define static_ASN1_SEQUENCE_END_name(stname, tname) \
-+ ;\
-+ static_ASN1_ITEM_start(tname) \
-+ ASN1_ITYPE_SEQUENCE,\
-+ V_ASN1_SEQUENCE,\
-+ tname##_seq_tt,\
-+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-+ NULL,\
-+ sizeof(stname),\
-+ #stname \
-+ ASN1_ITEM_end(tname)
-+#endif /* !defined(static_ASN1_SEQUENCE_END_name) */
-+
- #include <openssl/asn1t.h>
- #else
- #include <openssl/asn1_mac.h>
---
-2.21.0
-
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch b/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch
deleted file mode 100644
index 1522d42a730..00000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From e3e3bc2a20795becda6e130d511fe59f04635624 Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <steils@gentoo.org>
-Date: Sat, 15 Feb 2020 10:27:20 +0200
-Subject: [PATCH] Fix compilation for LibreSSL 3.0.2
-
-RSA_PKCS1_OpenSSL() is provided in LibreSSL the master branch,
-expected to be in the next release.
-See: https://github.com/libressl-portable/openbsd/commit/3a8c41f3a84868337fde01ec1122198ec60bdc8e
-
-Bug: https://bugs.gentoo.org/709640
-Signed-off-by: Stefan Strogin <steils@gentoo.org>
----
- tests/softpkcs11/main.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/tests/softpkcs11/main.c b/tests/softpkcs11/main.c
-index 1cccdfb43..a5099fbe4 100644
---- a/tests/softpkcs11/main.c
-+++ b/tests/softpkcs11/main.c
-@@ -47,7 +47,6 @@
-
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa)
--#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay
- #define RSA_get0_key compat_rsa_get0_key
- static void
- compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
-@@ -62,6 +61,11 @@ compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
- }
- #endif
-
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
-+ defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER <= 0x3000200fL)
-+#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay
-+#endif
-+
- #define OPENSSL_ASN1_MALLOC_ENCODE(T, B, BL, S, R) \
- { \
- unsigned char *p; \
---
-2.25.0
-
diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
index 3b7ff7d91e9..a80fe2ba685 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
@@ -59,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src
PATCHES=(
"${FILESDIR}/${PN}-1.12_warn_cflags.patch"
"${FILESDIR}/${PN}-config_LDFLAGS-r1.patch"
- "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch"
"${FILESDIR}/${PN}_dont_create_run.patch"
- "${FILESDIR}/${PN}-1.18-libressl.patch"
"${FILESDIR}/CVE-2020-28196.patch"
"${FILESDIR}/${PN}-1.18.2-krb5-config.patch"
"${FILESDIR}/${PN}-1.18.2-autoconf-2.70.patch"
diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
index 901b431b246..a20eb9604cb 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
@@ -59,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src
PATCHES=(
"${FILESDIR}/${PN}-1.12_warn_cflags.patch"
"${FILESDIR}/${PN}-config_LDFLAGS-r1.patch"
- "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch"
"${FILESDIR}/${PN}_dont_create_run.patch"
- "${FILESDIR}/${PN}-1.18-libressl.patch"
"${FILESDIR}/${PN}-1.18.2-krb5-config.patch"
)
next reply other threads:[~2021-05-01 18:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-01 18:07 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-11-22 4:44 [gentoo-commits] repo/gentoo:master commit in: app-crypt/mit-krb5/files/, app-crypt/mit-krb5/ Sam James
2022-11-07 10:43 Eray Aslan
2021-08-02 10:36 Eray Aslan
2020-02-15 8:56 Stefan Strogin
2019-12-12 7:46 Eray Aslan
2019-04-25 3:31 Aaron Bauman
2018-05-10 6:41 Eray Aslan
2018-04-13 7:02 Eray Aslan
2018-04-12 21:26 Aaron Bauman
2018-01-26 21:07 Thomas Deutschmann
2017-12-05 10:00 Eray Aslan
2016-04-21 16:07 Eray Aslan
2015-10-29 4:37 Eray Aslan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1619892381.180ca9f16a555d6e4b66f13411c12fe3eea5eb5b.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox