* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2017-03-15 6:27 Alon Bar-Lev
0 siblings, 0 replies; 9+ messages in thread
From: Alon Bar-Lev @ 2017-03-15 6:27 UTC (permalink / raw
To: gentoo-commits
commit: 1266680a192f79847de24d775c8c7d8056760521
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Tue Mar 14 23:32:19 2017 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Wed Mar 15 06:26:53 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1266680a
dev-libs/opensc: cleanup
Bug: 611512
Package-Manager: Portage-2.3.3, Repoman-2.3.1
dev-libs/opensc/Manifest | 1 -
.../opensc/files/opensc-0.12.1-crossbuild.patch | 38 -----------
dev-libs/opensc/files/opensc-0.12.2-dl.patch | 42 -------------
.../files/opensc-0.12.2-parallelinstall.patch | 67 --------------------
dev-libs/opensc/metadata.xml | 4 --
dev-libs/opensc/opensc-0.12.2-r2.ebuild | 73 ----------------------
6 files changed, 225 deletions(-)
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest
index a1601c2cc3f..c55f52e15fd 100644
--- a/dev-libs/opensc/Manifest
+++ b/dev-libs/opensc/Manifest
@@ -1,2 +1 @@
-DIST opensc-0.12.2.tar.gz 1738553 SHA256 50e7371c0f45a3ed887098b712554905e3ef639d4dfca5ac90b8af5f69f1e675 SHA512 544971f2c79723f618806c7043f0f1ffc25332752cbcaec97ffb1c99f9a2dff2237a6e5f5e020a4b9878921fec3a5234ca7e4fe9c8175c3f6142b169fcc65334 WHIRLPOOL 4969811d68d72e82c3a2b0297d5ff9aaca083b6ef8e66223d4385dce35cd9560cdda7cca8ccd38b52eb55465dbd6f8704485778b21d2a88bb548a5bbd87071e2
DIST opensc-0.16.0.tar.gz 1760418 SHA256 3ac8c29542bb48179e7086d35a1b8907a4e86aca3de3323c2f48bd74eaaf5729 SHA512 15f7d62388dde6dad226acab3cd54f8e2f2f53684dc0cb976c6fc6fbdb4487be931ca69bf965ab07c51efd16be64d5411f10bacea11a07fc823c92dd7bb25139 WHIRLPOOL 8207606e4994d7744fc93cc6aef1b0cde8a2073e791aebf71e82669013d261f82abc6e41ddf971fb136d4580c21ea475bb2e36bbdec600b354f5e1decec4b02a
diff --git a/dev-libs/opensc/files/opensc-0.12.1-crossbuild.patch b/dev-libs/opensc/files/opensc-0.12.1-crossbuild.patch
deleted file mode 100644
index 008fd3c3570..00000000000
--- a/dev-libs/opensc/files/opensc-0.12.1-crossbuild.patch
+++ /dev/null
@@ -1,38 +0,0 @@
---- src/pkcs11/Makefile.am 2011-05-17 13:07:00.000000000 -0400
-+++ Makefile.am.new 2011-07-07 10:03:28.399185928 -0400
-@@ -14,9 +14,10 @@
- mechanism.c openssl.c framework-pkcs15.c \
- framework-pkcs15init.c debug.c opensc-pkcs11.exports \
- pkcs11-display.c pkcs11-display.h
--OPENSC_PKCS11_LIBS = $(OPTIONAL_OPENSSL_LIBS) $(PTHREAD_LIBS) $(LTLIB_LIBS) \
-+OPENSC_PKCS11_LIBS = \
- $(top_builddir)/src/common/libcompat.la \
-- $(top_builddir)/src/libopensc/libopensc.la
-+ $(top_builddir)/src/libopensc/libopensc.la \
-+ $(OPTIONAL_OPENSSL_LIBS) $(PTHREAD_LIBS) $(LTLIB_LIBS)
-
- opensc_pkcs11_la_SOURCES = $(OPENSC_PKCS11_SRC) $(OPENSC_PKCS11_INC) hack-disabled.c
- opensc_pkcs11_la_LIBADD = $(OPENSC_PKCS11_LIBS)
-@@ -31,7 +32,7 @@
- -module -shared -avoid-version -no-undefined
-
- pkcs11_spy_la_SOURCES = pkcs11-spy.c pkcs11-display.c pkcs11-display.h pkcs11-spy.exports
--pkcs11_spy_la_LIBADD = $(OPTIONAL_OPENSSL_LIBS) $(LTLIB_LIBS) $(top_builddir)/src/common/libpkcs11.la
-+pkcs11_spy_la_LIBADD = $(top_builddir)/src/common/libpkcs11.la $(OPTIONAL_OPENSSL_LIBS) $(LTLIB_LIBS)
- pkcs11_spy_la_LDFLAGS = $(AM_LDFLAGS) \
- -export-symbols "$(srcdir)/pkcs11-spy.exports" \
- -module -shared -avoid-version -no-undefined
---- src/tools/Makefile.am 2011-05-17 13:07:00.000000000 -0400
-+++ Makefile.am.new 2011-07-07 10:06:08.710185925 -0400
-@@ -24,8 +24,9 @@
- pkcs15_tool_SOURCES = pkcs15-tool.c util.c
- pkcs15_tool_LDADD = $(OPTIONAL_OPENSSL_LIBS)
- pkcs11_tool_SOURCES = pkcs11-tool.c util.c
--pkcs11_tool_LDADD = $(OPTIONAL_OPENSSL_LIBS) $(LTLIB_LIBS) \
-- $(top_builddir)/src/common/libpkcs11.la
-+pkcs11_tool_LDADD = \
-+ $(top_builddir)/src/common/libpkcs11.la \
-+ $(OPTIONAL_OPENSSL_LIBS) $(LTLIB_LIBS)
- pkcs15_crypt_SOURCES = pkcs15-crypt.c util.c
- pkcs15_crypt_LDADD = $(OPTIONAL_OPENSSL_LIBS)
- cryptoflex_tool_SOURCES = cryptoflex-tool.c util.c
diff --git a/dev-libs/opensc/files/opensc-0.12.2-dl.patch b/dev-libs/opensc/files/opensc-0.12.2-dl.patch
deleted file mode 100644
index 526ef8161a8..00000000000
--- a/dev-libs/opensc/files/opensc-0.12.2-dl.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 1b896582a0cd74854f99e08854554807a8f1f764 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Tue, 22 May 2012 14:12:23 -0400
-Subject: [PATCH] link against -ldl when -lltdl is not available
-
-If ltdl isn't found, the code will use dlopen if it's available.
-But it won't link to -ldl which can cause link errors like so:
-
- CCLD opensc-tool
-../../src/libopensc/.libs/libopensc.so: error: undefined reference to 'dlopen'
-../../src/libopensc/.libs/libopensc.so: error: undefined reference to 'dlsym'
-../../src/libopensc/.libs/libopensc.so: error: undefined reference to 'dlerror'
-../../src/libopensc/.libs/libopensc.so: error: undefined reference to 'dlclose'
-collect2: ld returned 1 exit status
-make[3]: *** [opensc-tool] Error 1
-
-Signed-off-by: Mike Frysinger <vapier@gentoo.org>
----
- configure.ac | 7 +++++++
- 1 files changed, 7 insertions(+), 0 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 2751f0f..123aeb1 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -277,6 +277,13 @@ if test -z "${LTLIB_LIBS}"; then
- [LTLIB_LIBS="-lltdl"]
- )
- fi
-+if test -z "${LTLIB_LIBS}"; then
-+ AC_CHECK_LIB(
-+ [dl],
-+ [dlopen],
-+ [LTLIB_LIBS="-ldl"]
-+ )
-+fi
-
- saved_CFLAGS="${CFLAGS}"
- CFLAGS="${CFLAGS} ${LTLIB_CFLAGS}"
---
-1.7.8.6
-
diff --git a/dev-libs/opensc/files/opensc-0.12.2-parallelinstall.patch b/dev-libs/opensc/files/opensc-0.12.2-parallelinstall.patch
deleted file mode 100644
index 3ef24ec3d25..00000000000
--- a/dev-libs/opensc/files/opensc-0.12.2-parallelinstall.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From 4ede74dd803ddbc4d0686bec0749459f54854495 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Diego=20Elio=20Petten=C3=B2?= <flameeyes@flameeyes.eu>
-Date: Sun, 13 May 2012 14:55:35 -0700
-Subject: [PATCH] build: fix parallel install by creating directory in the
- rule
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Relying on the rule that creates the directory is a bad idea to be
-parallel safe.
-
-(Patch modified to use autoconf's MKDIR_P instead of automake's
-deprecated mkdir_p, allowing use of automake 1.12).
-
-Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
----
- etc/Makefile.am | 4 ++--
- src/pkcs11/Makefile.am | 7 ++++---
- 2 files changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/etc/Makefile.am b/etc/Makefile.am
-index 0ef546f..3b75995 100644
---- a/etc/Makefile.am
-+++ b/etc/Makefile.am
-@@ -18,8 +18,8 @@ opensc.conf: opensc.conf.in force
- -e 's|@DEFAULT_PCSC_PROVIDER[@]|$(DEFAULT_PCSC_PROVIDER)|g' \
- < $< > $@
-
--sysconf_DATA=#required in order to create dir
--install-exec-hook: install-sysconfDATA opensc.conf
-+install-exec-hook: opensc.conf
-+ $(MKDIR_P) "$(DESTDIR)$(sysconfdir)"
- if [ -f "$(DESTDIR)$(sysconfdir)/opensc.conf" ]; then \
- $(INSTALL_DATA) opensc.conf "$(DESTDIR)$(sysconfdir)/opensc.conf.new"; \
- else \
-diff --git a/src/pkcs11/Makefile.am b/src/pkcs11/Makefile.am
-index 8ff9abc..211055b 100644
---- a/src/pkcs11/Makefile.am
-+++ b/src/pkcs11/Makefile.am
-@@ -53,19 +53,20 @@ pkcs11-jar: jar-dir
- -k"testcert" jar-dir
-
- if WIN32
--install-exec-hook: install-pkcs11DATA
-+install-exec-hook:
-+ $(MKDIR_P) "$(DESTDIR)$(libdir)"
- for l in opensc-pkcs11.dll onepin-opensc-pkcs11.dll pkcs11-spy.dll; do \
- mv "$(DESTDIR)$(libdir)/$$l" "$(DESTDIR)$(bindir)/$$l"; \
- done
- else
- # see http://wiki.cacert.org/wiki/Pkcs11TaskForce
--pkcs11_DATA = #This will create the directory
- if CYGWIN
- PKCS11_SUFFIX=.dll
- else
- PKCS11_SUFFIX=.so
- endif
--install-exec-hook: install-pkcs11DATA
-+install-exec-hook:
-+ $(MKDIR_P) "$(DESTDIR)$(pkcs11dir)"
- for l in opensc-pkcs11$(PKCS11_SUFFIX) onepin-opensc-pkcs11$(PKCS11_SUFFIX) pkcs11-spy$(PKCS11_SUFFIX); do \
- rm -f "$(DESTDIR)$(pkcs11dir)/$$l"; \
- $(LN_S) ../$$l "$(DESTDIR)$(pkcs11dir)/$$l"; \
---
-1.7.8.6
-
diff --git a/dev-libs/opensc/metadata.xml b/dev-libs/opensc/metadata.xml
index ddf27490bc2..709cad6d774 100644
--- a/dev-libs/opensc/metadata.xml
+++ b/dev-libs/opensc/metadata.xml
@@ -16,10 +16,6 @@
card.
</longdescription>
<use>
- <flag name="libtool">
- Use <pkg>sys-devel/libtool</pkg> for dynamically loading libraries
- rather than the host libdl/dlopen helpers.
- </flag>
<flag name="openct">
Use <pkg>dev-libs/openct</pkg> (and CT-API) for accessing
Smartcard hardware.
diff --git a/dev-libs/opensc/opensc-0.12.2-r2.ebuild b/dev-libs/opensc/opensc-0.12.2-r2.ebuild
deleted file mode 100644
index cf0270b74fd..00000000000
--- a/dev-libs/opensc/opensc-0.12.2-r2.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=4
-
-inherit eutils autotools
-
-DESCRIPTION="Libraries and applications to access smartcards"
-HOMEPAGE="http://www.opensc-project.org/opensc/"
-SRC_URI="http://www.opensc-project.org/files/${PN}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
-IUSE="doc libtool +pcsc-lite openct readline ssl zlib"
-
-# Drop the libtool dep once libltdl goes stable.
-RDEPEND="libtool? ( || ( dev-libs/libltdl:0 <sys-devel/libtool-2.4.3-r2:2 ) )
- zlib? ( sys-libs/zlib )
- readline? ( sys-libs/readline:0 )
- ssl? ( dev-libs/openssl:0 )
- openct? ( >=dev-libs/openct-0.5.0 )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt"
-
-REQUIRED_USE="
- pcsc-lite? ( !openct )
- openct? ( !pcsc-lite )"
-
-src_prepare() {
- epatch "${FILESDIR}"/${PN}-0.12.1-crossbuild.patch
- epatch "${FILESDIR}"/${P}-parallelinstall.patch
- epatch "${FILESDIR}"/${P}-dl.patch
- eautoreconf
-}
-
-src_configure() {
- # disable everything, enable selectively
- local myconf="--disable-pcsc --disable-openct --disable-ctapi"
-
- if use pcsc-lite; then
- myconf+=" --enable-pcsc"
- elif use openct; then
- myconf+=" --enable-openct"
- else
- myconf+=" --enable-ctapi"
- fi
-
- # the configure script prefers libtool's libltdl over
- # the native system's dlopen ... so we have to manually
- # control the behavior to something a bit more sane
- export ac_cv_header_ltdl_h=$(usex libtool) \
- ac_cv_lib_ltdl_lt_dlopen=$(usex libtool)
-
- econf \
- --docdir="/usr/share/doc/${PF}" \
- --htmldir='$(docdir)/html' \
- --disable-static \
- $(use_enable doc) \
- $(use_enable openct) \
- $(use_enable readline) \
- $(use_enable zlib) \
- $(use_enable ssl openssl) \
- ${myconf}
-}
-
-src_install() {
- default
- find "${ED}"/usr -name '*.la' -delete
-}
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2018-09-15 14:52 Alon Bar-Lev
0 siblings, 0 replies; 9+ messages in thread
From: Alon Bar-Lev @ 2018-09-15 14:52 UTC (permalink / raw
To: gentoo-commits
commit: 1ea198753e1e74d6627ef6412abb2990a851426b
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 15 08:28:04 2018 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Sat Sep 15 08:28:49 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ea19875
dev-libs/opensc: fix implicit invocation
fix implicit test, add missing upstream include.
add notify USE.
Closes: https://bugs.gentoo.org/show_bug.cgi?id=666268
Thanks: Toralf Förster
Package-Manager: Portage-2.3.40, Repoman-2.3.9
.../files/opensc-0.19.0-p11test_common.h.patch | 108 +++++++++++++++++++++
dev-libs/opensc/metadata.xml | 3 +-
...pensc-0.19.0.ebuild => opensc-0.19.0-r1.ebuild} | 25 +++--
3 files changed, 127 insertions(+), 9 deletions(-)
diff --git a/dev-libs/opensc/files/opensc-0.19.0-p11test_common.h.patch b/dev-libs/opensc/files/opensc-0.19.0-p11test_common.h.patch
new file mode 100644
index 00000000000..ca27c70245d
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.19.0-p11test_common.h.patch
@@ -0,0 +1,108 @@
+From d1e4f4879b8d0a7423afc1c9a3632da4763ee31c Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 15 Sep 2018 11:04:13 +0300
+Subject: [PATCH] missing include
+
+---
+ src/tests/p11test/p11test_common.h | 89 ++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 89 insertions(+)
+ create mode 100644 src/tests/p11test/p11test_common.h
+
+diff --git a/src/tests/p11test/p11test_common.h b/src/tests/p11test/p11test_common.h
+new file mode 100644
+index 0000000..d3ca304
+--- /dev/null
++++ b/src/tests/p11test/p11test_common.h
+@@ -0,0 +1,89 @@
++/*
++ * p11test_common.h: Test suite shared declarations for PKCS#11 API
++ *
++ * Copyright (C) 2016 Martin Strhársky <strharsky.martin@gmail.com>
++ * Copyright (C) 2016, 2017 Red Hat, Inc.
++ *
++ * Author: Jakub Jelen <jjelen@redhat.com>
++ *
++ * This library is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU Lesser General Public
++ * License as published by the Free Software Foundation; either
++ * version 2.1 of the License, or (at your option) any later version.
++ *
++ * This library is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program. If not, see <http://www.gnu.org/licenses/>.
++ */
++
++#ifndef P11TEST_COMMON_H
++#define P11TEST_COMMON_H
++#include "config.h"
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <setjmp.h>
++#include <cmocka.h>
++#include "pkcs11/pkcs11.h"
++#include "libopensc/sc-ossl-compat.h"
++
++#define MAX_MECHS 200
++
++#ifndef NDEBUG
++ #define debug_print(fmt, ...) \
++ { fprintf(stderr, fmt "\n", ##__VA_ARGS__); } while (0)
++#else
++ #define debug_print(fmt, ...)
++#endif
++
++#define FLAGS_SIGN 0x01
++#define FLAGS_SIGN_OPENSSL 0x02
++#define FLAGS_SIGN_ANY ( FLAGS_SIGN | FLAGS_SIGN_OPENSSL )
++#define FLAGS_DECRYPT 0x04
++#define FLAGS_DECRYPT_OPENSSL 0x08
++#define FLAGS_DECRYPT_ANY ( FLAGS_DECRYPT | FLAGS_DECRYPT_OPENSSL )
++
++typedef struct {
++ char *outfile;
++ FILE *fd;
++ int in_test;
++ int first;
++ int in_data;
++ int first_data;
++} log_context_t;
++
++typedef struct {
++ CK_MECHANISM_TYPE mech;
++ CK_MECHANISM_TYPE hash;
++ CK_RSA_PKCS_MGF_TYPE mgf;
++ int salt;
++ int usage_flags;
++ int result_flags;
++} test_mech_t;
++
++typedef struct {
++ CK_FUNCTION_LIST_PTR function_pointer;
++ CK_SLOT_ID slot_id;
++ CK_SESSION_HANDLE session_handle;
++ CK_UTF8CHAR* pin;
++ size_t pin_length;
++ char *library_path;
++ unsigned int interactive;
++ log_context_t log;
++
++ test_mech_t rsa_mechs[MAX_MECHS];
++ size_t num_rsa_mechs;
++ test_mech_t ec_mechs[MAX_MECHS];
++ size_t num_ec_mechs;
++ test_mech_t keygen_mechs[MAX_MECHS];
++ size_t num_keygen_mechs;
++} token_info_t;
++
++token_info_t token;
++
++#endif /* P11TEST_COMMON_H */
++
+--
+2.16.4
+
diff --git a/dev-libs/opensc/metadata.xml b/dev-libs/opensc/metadata.xml
index 52bf7f8f7bb..7c8bf05b0e8 100644
--- a/dev-libs/opensc/metadata.xml
+++ b/dev-libs/opensc/metadata.xml
@@ -16,8 +16,9 @@
card.
</longdescription>
<use>
- <flag name="openct">Use <pkg>dev-libs/openct</pkg> (and CT-API) for accessing Smartcard hardware</flag>
<flag name="ctapi">Use CT-API for accessing Smartcard hardware</flag>
+ <flag name="notify">Enable notifications</flag>
+ <flag name="openct">Use <pkg>dev-libs/openct</pkg> (and CT-API) for accessing Smartcard hardware</flag>
<flag name="pcsc-lite">Use <pkg>sys-apps/pcsc-lite</pkg> (and PC/SC API) for accessing Smartcard hardware</flag>
<flag name="secure-messaging">Enable secure messaging</flag>
</use>
diff --git a/dev-libs/opensc/opensc-0.19.0.ebuild b/dev-libs/opensc/opensc-0.19.0-r1.ebuild
similarity index 75%
rename from dev-libs/opensc/opensc-0.19.0.ebuild
rename to dev-libs/opensc/opensc-0.19.0-r1.ebuild
index ed42b0d921d..10b9ad5a8db 100644
--- a/dev-libs/opensc/opensc-0.19.0.ebuild
+++ b/dev-libs/opensc/opensc-0.19.0-r1.ebuild
@@ -12,7 +12,7 @@ SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
LICENSE="LGPL-2.1"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="doc +pcsc-lite secure-messaging openct ctapi readline libressl ssl zlib"
+IUSE="ctapi doc libressl openct notify +pcsc-lite readline secure-messaging ssl test zlib"
RDEPEND="zlib? ( sys-libs/zlib )
readline? ( sys-libs/readline:0= )
@@ -21,11 +21,13 @@ RDEPEND="zlib? ( sys-libs/zlib )
libressl? ( >=dev-libs/libressl-2.7.0:0= )
)
openct? ( >=dev-libs/openct-0.5.0 )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )"
+ pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )
+ notify? ( dev-libs/glib:2= )"
DEPEND="${RDEPEND}
virtual/pkgconfig
app-text/docbook-xsl-stylesheets
- dev-libs/libxslt"
+ dev-libs/libxslt
+ test? ( dev-util/cmocka )"
REQUIRED_USE="
pcsc-lite? ( !openct !ctapi )
@@ -33,19 +35,26 @@ REQUIRED_USE="
ctapi? ( !pcsc-lite !openct )
|| ( pcsc-lite openct ctapi )"
+PATCHES=(
+ "${FILESDIR}/${P}-p11test_common.h.patch"
+)
+
src_configure() {
econf \
- --disable-static \
--disable-openpace \
+ --disable-static \
+ --enable-man \
+ $(use_enable ctapi) \
$(use_enable doc) \
+ $(use_enable notify ) \
+ $(use_enable openct) \
$(use_enable openct) \
+ $(use_enable pcsc-lite pcsc) \
$(use_enable readline) \
- $(use_enable zlib) \
$(use_enable secure-messaging sm) \
$(use_enable ssl openssl) \
- $(use_enable pcsc-lite pcsc) \
- $(use_enable openct) \
- $(use_enable ctapi)
+ $(use_enable test tests) \
+ $(use_enable zlib)
}
src_install() {
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2019-04-02 18:10 Alon Bar-Lev
0 siblings, 0 replies; 9+ messages in thread
From: Alon Bar-Lev @ 2019-04-02 18:10 UTC (permalink / raw
To: gentoo-commits
commit: 3e84ac178222a92c3bf3cc3ed1dbca0fc64a0d95
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 2 18:04:28 2019 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Tue Apr 2 18:04:28 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e84ac17
dev-libs/opensc: cleanup old
Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
dev-libs/opensc/Manifest | 2 -
dev-libs/opensc/files/opensc-0.17.0-build.patch | 100 ------------------------
dev-libs/opensc/opensc-0.16.0.ebuild | 55 -------------
dev-libs/opensc/opensc-0.17.0.ebuild | 60 --------------
4 files changed, 217 deletions(-)
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest
index 6ebb2d0a9e6..ebe4b6b70a0 100644
--- a/dev-libs/opensc/Manifest
+++ b/dev-libs/opensc/Manifest
@@ -1,4 +1,2 @@
-DIST opensc-0.16.0.tar.gz 1760418 BLAKE2B 7f5799445e285010392f315fa57919c7f0b038170a19e83dbda664d5d73898f075cccad4304275402c900b9fc50564ed5515a10d31156a6c76a68f170ca3e439 SHA512 15f7d62388dde6dad226acab3cd54f8e2f2f53684dc0cb976c6fc6fbdb4487be931ca69bf965ab07c51efd16be64d5411f10bacea11a07fc823c92dd7bb25139
-DIST opensc-0.17.0.tar.gz 1950547 BLAKE2B 861dbb60e211d503332228c9d75d667f70cb9e15883c571821bb2f7703ca62dd4ce56c5ea7965e2d5e8c6a81b5063fc689013670294426baf1bfaec88282e20e SHA512 8991c1724d187d3c34a2ed591b21f0085f767c0d866edc2decfda85a2b3dedf717838f4937d1dda3e1bbc17f02e6eca6740299660128bc448a29e8bfc2962922
DIST opensc-0.18.0.tar.gz 2037073 BLAKE2B f2b339d1f9c616f6f706acb3c55289deb5b1749a8b5561142c69db4ed1c7dee554ce1f8d820e6e69bb9e462ca460379badf3017ed35fa6cd395702c995326c3e SHA512 dc90cff3e0e639c14bfb11d1d0455964d24d08aa27728592ab0d8b487a1ffee1ca71cb9bbf5d0f101b2ebd85cf9478988f686d45effa72315e6ffc843d398768
DIST opensc-0.19.0.tar.gz 2080320 BLAKE2B c07df317f26562107680ed586e9a1ea83252c10a7dd227cffe51de709d9c888874963f6835a68f83f212d83f264b0231ea7428ed8d3ecce74cb9265d8191040a SHA512 90659133fb593cbf82ed6502e3858f34119bff051e3090489b7622659dcb1c26d389a4715892aa60a5606bc0ce115bd6c504521abfb965de9ad46441e4ed2b8e
diff --git a/dev-libs/opensc/files/opensc-0.17.0-build.patch b/dev-libs/opensc/files/opensc-0.17.0-build.patch
deleted file mode 100644
index 8a51d7ac445..00000000000
--- a/dev-libs/opensc/files/opensc-0.17.0-build.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 65b302e33b710833d4d14bf8eaf00acdaa436c39 Mon Sep 17 00:00:00 2001
-From: Frank Morgner <frankmorgner@gmail.com>
-Date: Wed, 19 Jul 2017 00:09:36 +0200
-Subject: [PATCH] sc-hsm: fixed building with --disable-sm
-
-Closes https://github.com/OpenSC/OpenSC/pull/1103
----
- src/libopensc/card-sc-hsm.c | 21 ++++++++++++++++++++-
- 1 file changed, 20 insertions(+), 1 deletion(-)
-
-diff --git a/src/libopensc/card-sc-hsm.c b/src/libopensc/card-sc-hsm.c
-index cfa084a06..1f61e0138 100644
---- a/src/libopensc/card-sc-hsm.c
-+++ b/src/libopensc/card-sc-hsm.c
-@@ -284,7 +284,9 @@ static int sc_hsm_soc_select_minbioclient(sc_card_t *card)
- };
-
- /* Select MinBioClient */
-+#ifdef ENABLE_SM
- sc_sm_stop(card);
-+#endif
- sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0xA4, 0x04, 0x0C);
- apdu.data = minBioClient_aid.value;
- apdu.datalen = minBioClient_aid.len;
-@@ -533,7 +535,9 @@ static int sc_hsm_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data,
- sc_hsm_private_data_t *priv = (sc_hsm_private_data_t *) card->drv_data;
- sc_apdu_t apdu;
- u8 cmdbuff[16];
-+#ifdef ENABLE_SM
- u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
-+#endif
- int r;
- int cmd = data->cmd;
- size_t pin2_len = data->pin2.len;
-@@ -563,7 +567,10 @@ static int sc_hsm_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data,
- if ((card->type == SC_CARD_TYPE_SC_HSM_SOC || card->reader->uid.len
- || cmd == SC_PIN_CMD_GET_SESSION_PIN)
- && (data->cmd != SC_PIN_CMD_GET_INFO)
-- && card->sm_ctx.sm_mode != SM_MODE_TRANSMIT) {
-+#ifdef ENABLE_SM
-+ && card->sm_ctx.sm_mode != SM_MODE_TRANSMIT
-+#endif
-+ ) {
- LOG_TEST_RET(card->ctx,
- sc_hsm_perform_chip_authentication(card),
- "Could not perform chip authentication");
-@@ -604,6 +611,7 @@ static int sc_hsm_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data,
- data->apdu = &apdu;
- }
-
-+#ifdef ENABLE_SM
- if ((data->cmd == SC_PIN_CMD_GET_INFO)
- && (card->sm_ctx.sm_mode == SM_MODE_TRANSMIT)) {
- /* JCOP's SM accelerator is incapable of using case 1 APDU in SM */
-@@ -612,6 +620,7 @@ static int sc_hsm_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data,
- apdu.resplen = sizeof rbuf;
- data->apdu = &apdu;
- }
-+#endif
-
- data->pin1.offset = 5;
- data->pin1.length_offset = 4;
-@@ -627,11 +636,17 @@ static int sc_hsm_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data,
- data->cmd = SC_PIN_CMD_GET_SESSION_PIN;
- if (data->pin_reference == 0x81) {
- u8 recvbuf[SC_MAX_APDU_BUFFER_SIZE];
-+#ifdef ENABLE_SM
- if (card->sm_ctx.sm_mode != SM_MODE_TRANSMIT) {
- sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
- "Session PIN generation only supported in SM");
- LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
- }
-+#else
-+ sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
-+ "Session PIN generation only supported in SM");
-+ LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
-+#endif
- sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x5A, 0x01, data->pin_reference);
- apdu.cla = 0x80;
- apdu.resp = recvbuf;
-@@ -669,7 +684,9 @@ static int sc_hsm_logout(sc_card_t * card)
- sc_path_t path;
- sc_hsm_private_data_t *priv = (sc_hsm_private_data_t *) card->drv_data;
- memset(priv->sopin, 0, sizeof(priv->sopin));
-+#ifdef ENABLE_SM
- sc_sm_stop(card);
-+#endif
-
- sc_path_set(&path, SC_PATH_TYPE_DF_NAME, sc_hsm_aid.value, sc_hsm_aid.len, 0, 0);
-
-@@ -1586,7 +1603,9 @@ static int sc_hsm_init(struct sc_card *card)
- static int sc_hsm_finish(sc_card_t * card)
- {
- sc_hsm_private_data_t *priv = (sc_hsm_private_data_t *) card->drv_data;
-+#ifdef ENABLE_SM
- sc_sm_stop(card);
-+#endif
- if (priv->serialno) {
- free(priv->serialno);
- }
diff --git a/dev-libs/opensc/opensc-0.16.0.ebuild b/dev-libs/opensc/opensc-0.16.0.ebuild
deleted file mode 100644
index df55b1ce24b..00000000000
--- a/dev-libs/opensc/opensc-0.16.0.ebuild
+++ /dev/null
@@ -1,55 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit ltprune
-
-DESCRIPTION="Libraries and applications to access smartcards"
-HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
-SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~m68k ppc ppc64 ~s390 ~sh sparc x86"
-IUSE="doc +pcsc-lite secure-messaging openct ctapi readline libressl ssl zlib"
-
-RDEPEND="zlib? ( sys-libs/zlib )
- readline? ( sys-libs/readline:0= )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- )
- openct? ( >=dev-libs/openct-0.5.0 )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt"
-
-REQUIRED_USE="
- pcsc-lite? ( !openct !ctapi )
- openct? ( !pcsc-lite !ctapi )
- ctapi? ( !pcsc-lite !openct )
- || ( pcsc-lite openct ctapi )"
-
-src_configure() {
- econf \
- --docdir="/usr/share/doc/${PF}" \
- --htmldir='$(docdir)/html' \
- --disable-static \
- $(use_enable doc) \
- $(use_enable openct) \
- $(use_enable readline) \
- $(use_enable zlib) \
- $(use_enable secure-messaging sm) \
- $(use_enable ssl openssl) \
- $(use_enable pcsc-lite pcsc) \
- $(use_enable openct) \
- $(use_enable ctapi)
-}
-
-src_install() {
- default
- prune_libtool_files --all
-}
diff --git a/dev-libs/opensc/opensc-0.17.0.ebuild b/dev-libs/opensc/opensc-0.17.0.ebuild
deleted file mode 100644
index 0612c40f2bb..00000000000
--- a/dev-libs/opensc/opensc-0.17.0.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit ltprune
-
-DESCRIPTION="Libraries and applications to access smartcards"
-HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
-SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="doc +pcsc-lite secure-messaging openct ctapi readline libressl ssl zlib"
-
-RDEPEND="zlib? ( sys-libs/zlib )
- readline? ( sys-libs/readline:0= )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- )
- openct? ( >=dev-libs/openct-0.5.0 )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt"
-
-REQUIRED_USE="
- pcsc-lite? ( !openct !ctapi )
- openct? ( !pcsc-lite !ctapi )
- ctapi? ( !pcsc-lite !openct )
- || ( pcsc-lite openct ctapi )"
-
-PATCHES=(
- "${FILESDIR}/${P}-build.patch"
-)
-
-src_configure() {
- econf \
- --docdir="/usr/share/doc/${PF}" \
- --htmldir='$(docdir)/html' \
- --disable-static \
- --disable-openpace \
- $(use_enable doc) \
- $(use_enable openct) \
- $(use_enable readline) \
- $(use_enable zlib) \
- $(use_enable secure-messaging sm) \
- $(use_enable ssl openssl) \
- $(use_enable pcsc-lite pcsc) \
- $(use_enable openct) \
- $(use_enable ctapi)
-}
-
-src_install() {
- default
- prune_libtool_files --all
-}
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2019-05-19 16:03 Alon Bar-Lev
0 siblings, 0 replies; 9+ messages in thread
From: Alon Bar-Lev @ 2019-05-19 16:03 UTC (permalink / raw
To: gentoo-commits
commit: a91c516026b868da71fdd187beb8ca6a6f104161
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
AuthorDate: Sun May 19 16:03:11 2019 +0000
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
CommitDate: Sun May 19 16:03:11 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a91c5160
dev-libs/opensc: cleanup old
Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
dev-libs/opensc/Manifest | 1 -
dev-libs/opensc/files/opensc-0.18.0-build.patch | 100 ---------------------
dev-libs/opensc/files/opensc-0.18.0-libressl.patch | 79 ----------------
dev-libs/opensc/opensc-0.18.0.ebuild | 61 -------------
4 files changed, 241 deletions(-)
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest
index ebe4b6b70a0..0ac21a4400f 100644
--- a/dev-libs/opensc/Manifest
+++ b/dev-libs/opensc/Manifest
@@ -1,2 +1 @@
-DIST opensc-0.18.0.tar.gz 2037073 BLAKE2B f2b339d1f9c616f6f706acb3c55289deb5b1749a8b5561142c69db4ed1c7dee554ce1f8d820e6e69bb9e462ca460379badf3017ed35fa6cd395702c995326c3e SHA512 dc90cff3e0e639c14bfb11d1d0455964d24d08aa27728592ab0d8b487a1ffee1ca71cb9bbf5d0f101b2ebd85cf9478988f686d45effa72315e6ffc843d398768
DIST opensc-0.19.0.tar.gz 2080320 BLAKE2B c07df317f26562107680ed586e9a1ea83252c10a7dd227cffe51de709d9c888874963f6835a68f83f212d83f264b0231ea7428ed8d3ecce74cb9265d8191040a SHA512 90659133fb593cbf82ed6502e3858f34119bff051e3090489b7622659dcb1c26d389a4715892aa60a5606bc0ce115bd6c504521abfb965de9ad46441e4ed2b8e
diff --git a/dev-libs/opensc/files/opensc-0.18.0-build.patch b/dev-libs/opensc/files/opensc-0.18.0-build.patch
deleted file mode 100644
index 1db749ca654..00000000000
--- a/dev-libs/opensc/files/opensc-0.18.0-build.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 1f1de5ae9a43e845431dc43af96ec61e910ad789 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Wed, 16 May 2018 21:30:15 +0300
-Subject: [PATCH] build: fix --disable-sm
-
----
- src/libopensc/card-sc-hsm.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/libopensc/card-sc-hsm.c b/src/libopensc/card-sc-hsm.c
-index e2af52b9..a609f612 100644
---- a/src/libopensc/card-sc-hsm.c
-+++ b/src/libopensc/card-sc-hsm.c
-@@ -451,6 +451,7 @@ static int sc_hsm_soc_biomatch(sc_card_t *card, struct sc_pin_cmd_data *data,
-
-
-
-+#ifdef ENABLE_SM
- #ifdef ENABLE_OPENPACE
- #include "sm/sm-eac.h"
- #include <eac/cv_cert.h>
-@@ -573,6 +574,7 @@ static int sc_hsm_perform_chip_authentication(sc_card_t *card)
- return SC_ERROR_NOT_SUPPORTED;
- }
- #endif
-+#endif
-
-
-
---
-2.16.1
-
-From a6b4605b863d45978ebd681c4bbaa3aaf0ab90e7 Mon Sep 17 00:00:00 2001
-From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
-Date: Tue, 10 Jul 2018 14:49:42 +0200
-Subject: [PATCH] card-piv.c: initialize variable to fix a ppc64el build
- failure
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This fixes a build failure with optimized ppc64el and new gcc builds
-card-piv.c: In function ‘piv_validate_general_authentication.isra.3’:
-card-piv.c:2390:9: error: ‘rbuflen’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
- body = sc_asn1_find_tag(card->ctx, rbuf, rbuflen, 0x7c, &bodylen);
- ~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----
- src/libopensc/card-piv.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c
-index e85dfc45..13b0cc21 100644
---- a/src/libopensc/card-piv.c
-+++ b/src/libopensc/card-piv.c
-@@ -2334,7 +2334,7 @@ static int piv_validate_general_authentication(sc_card_t *card,
-
- u8 sbuf[4096]; /* needs work. for 3072 keys, needs 384+10 or so */
- u8 *rbuf = NULL;
-- size_t rbuflen;
-+ size_t rbuflen = 0;
-
- SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
-
---
-2.16.4
-
-From 0f7af8a647a8fca6b1f1ee2327c3d26bed38c8f6 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Sat, 8 Sep 2018 00:16:57 +0300
-Subject: [PATCH] reader-ctapi: ctapi_connect: remove unused variable
-
-from day 1 return value of _sc_parse_atr was ignored.
----
- src/libopensc/reader-ctapi.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/src/libopensc/reader-ctapi.c b/src/libopensc/reader-ctapi.c
-index 8d4c1c24..4b94337f 100644
---- a/src/libopensc/reader-ctapi.c
-+++ b/src/libopensc/reader-ctapi.c
-@@ -239,7 +239,6 @@ static int ctapi_connect(sc_reader_t *reader)
- char rv;
- u8 cmd[9], rbuf[256], sad, dad;
- unsigned short lr;
-- int r;
-
- if (reader->ctx->flags & SC_CTX_FLAG_TERMINATE)
- return SC_ERROR_NOT_ALLOWED;
-@@ -265,7 +264,7 @@ static int ctapi_connect(sc_reader_t *reader)
- return SC_ERROR_INTERNAL;
- reader->atr.len = lr;
- memcpy(reader->atr.value, rbuf, lr);
-- r = _sc_parse_atr(reader);
-+ _sc_parse_atr(reader);
-
- return 0;
- }
---
-2.16.4
-
diff --git a/dev-libs/opensc/files/opensc-0.18.0-libressl.patch b/dev-libs/opensc/files/opensc-0.18.0-libressl.patch
deleted file mode 100644
index f6f3d772e07..00000000000
--- a/dev-libs/opensc/files/opensc-0.18.0-libressl.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 226cd96bfd384a40b3ab6b6dafb97f6e399524f4 Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Fri, 22 Jun 2018 22:21:03 +0300
-Subject: [PATCH] build: support >=libressl-2.7
-
-https://github.com/OpenSC/OpenSC/pull/1406
-
----
- src/libopensc/sc-ossl-compat.h | 19 +++++++++++++------
- src/tools/sc-hsm-tool.c | 2 +-
- 2 files changed, 14 insertions(+), 7 deletions(-)
-
-diff --git a/src/libopensc/sc-ossl-compat.h b/src/libopensc/sc-ossl-compat.h
-index a94d9564..d9e087a3 100644
---- a/src/libopensc/sc-ossl-compat.h
-+++ b/src/libopensc/sc-ossl-compat.h
-@@ -90,17 +90,24 @@ extern "C" {
-
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay
--#define OPENSSL_malloc_init CRYPTO_malloc_init
-
--#define EVP_PKEY_get0_RSA(x) (x->pkey.rsa)
--#define EVP_PKEY_get0_DSA(x) (x->pkey.dsa)
- #define X509_get_extension_flags(x) (x->ex_flags)
- #define X509_get_key_usage(x) (x->ex_kusage)
- #define X509_get_extended_key_usage(x) (x->ex_xkusage)
--#define EVP_PKEY_up_ref(user_key) CRYPTO_add(&user_key->references, 1, CRYPTO_LOCK_EVP_PKEY)
- #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2050300fL
- #define X509_up_ref(cert) CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509)
- #endif
-+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x20700000L
-+#define OPENSSL_malloc_init CRYPTO_malloc_init
-+#define EVP_PKEY_get0_RSA(x) (x->pkey.rsa)
-+#define EVP_PKEY_get0_DSA(x) (x->pkey.dsa)
-+#define EVP_PKEY_up_ref(user_key) CRYPTO_add(&user_key->references, 1, CRYPTO_LOCK_EVP_PKEY)
-+#endif
-+#endif
-+
-+/* workaround unused value warning for a macro that does nothing */
-+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L
-+#define OPENSSL_malloc_init()
- #endif
-
- /*
-@@ -110,7 +117,7 @@ extern "C" {
- * If that is not good enough, versions could be added to libopensc
- */
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
- /* based on OpenSSL-1.1.0 e_os2.h */
- /* sc_ossl_inline: portable inline definition usable in public headers */
- # if !defined(inline) && !defined(__cplusplus)
-@@ -129,7 +136,7 @@ extern "C" {
- # endif
- #endif
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2050300fL)
-
- #define RSA_bits(R) (BN_num_bits(R->n))
-
-diff --git a/src/tools/sc-hsm-tool.c b/src/tools/sc-hsm-tool.c
-index 823eb217..307bad25 100644
---- a/src/tools/sc-hsm-tool.c
-+++ b/src/tools/sc-hsm-tool.c
-@@ -1761,7 +1761,7 @@ int main(int argc, char *argv[])
- }
- }
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !(defined LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L)
- OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS
- | OPENSSL_INIT_ADD_ALL_CIPHERS
- | OPENSSL_INIT_ADD_ALL_DIGESTS,
---
-2.16.4
-
diff --git a/dev-libs/opensc/opensc-0.18.0.ebuild b/dev-libs/opensc/opensc-0.18.0.ebuild
deleted file mode 100644
index 5ecdcca6ed0..00000000000
--- a/dev-libs/opensc/opensc-0.18.0.ebuild
+++ /dev/null
@@ -1,61 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit ltprune
-
-DESCRIPTION="Libraries and applications to access smartcards"
-HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
-SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~m68k ppc ppc64 ~s390 ~sh ~sparc x86"
-IUSE="doc +pcsc-lite secure-messaging openct ctapi readline libressl ssl zlib"
-
-RDEPEND="zlib? ( sys-libs/zlib )
- readline? ( sys-libs/readline:0= )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( >=dev-libs/libressl-2.7.0:0= )
- )
- openct? ( >=dev-libs/openct-0.5.0 )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt"
-
-REQUIRED_USE="
- pcsc-lite? ( !openct !ctapi )
- openct? ( !pcsc-lite !ctapi )
- ctapi? ( !pcsc-lite !openct )
- || ( pcsc-lite openct ctapi )"
-
-PATCHES=(
- "${FILESDIR}/${P}-build.patch"
- "${FILESDIR}/${P}-libressl.patch"
-)
-
-src_configure() {
- econf \
- --docdir="/usr/share/doc/${PF}" \
- --htmldir='$(docdir)/html' \
- --disable-static \
- --disable-openpace \
- $(use_enable doc) \
- $(use_enable openct) \
- $(use_enable readline) \
- $(use_enable zlib) \
- $(use_enable secure-messaging sm) \
- $(use_enable ssl openssl) \
- $(use_enable pcsc-lite pcsc) \
- $(use_enable openct) \
- $(use_enable ctapi)
-}
-
-src_install() {
- default
- prune_libtool_files --all
-}
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2020-06-18 21:02 Mikle Kolyada
0 siblings, 0 replies; 9+ messages in thread
From: Mikle Kolyada @ 2020-06-18 21:02 UTC (permalink / raw
To: gentoo-commits
commit: 9aa6947ae348f91a97f301c0f0e76e6955612420
Author: Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Thu Jun 18 19:34:18 2020 +0000
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Thu Jun 18 21:02:48 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9aa6947a
dev-libs/opensc: fix compilation with GCC10
Fix compilation with -fno-commons (see
https://github.com/OpenSC/OpenSC/pull/1939).
Closes: https://bugs.gentoo.org/706912
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/16316
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
dev-libs/opensc/files/opensc-0.20.0-gcc10.patch | 37 +++++++++++++++++++++++++
dev-libs/opensc/opensc-0.20.0.ebuild | 4 +++
2 files changed, 41 insertions(+)
diff --git a/dev-libs/opensc/files/opensc-0.20.0-gcc10.patch b/dev-libs/opensc/files/opensc-0.20.0-gcc10.patch
new file mode 100644
index 00000000000..f96a1140872
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.20.0-gcc10.patch
@@ -0,0 +1,37 @@
+From 5450f61681d0c46c587dbe789bf19f1cb573e794 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Mon, 10 Feb 2020 15:09:17 +0100
+Subject: [PATCH] Unbreak build with -fno-common (default in gcc10)
+
+---
+ src/tests/p11test/p11test.c | 3 +++
+ src/tests/p11test/p11test_common.h | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/tests/p11test/p11test.c b/src/tests/p11test/p11test.c
+index feecf6fb42..a16282cba3 100644
+--- a/src/tests/p11test/p11test.c
++++ b/src/tests/p11test/p11test.c
+@@ -34,6 +34,9 @@
+
+ #define DEFAULT_P11LIB "../../pkcs11/.libs/opensc-pkcs11.so"
+
++/* Global variable keeping information about token we are using */
++token_info_t token;
++
+ void display_usage() {
+ fprintf(stdout,
+ " Usage:\n"
+diff --git a/src/tests/p11test/p11test_common.h b/src/tests/p11test/p11test_common.h
+index 2f3b238de0..9eb5cedecb 100644
+--- a/src/tests/p11test/p11test_common.h
++++ b/src/tests/p11test/p11test_common.h
+@@ -84,7 +84,7 @@ typedef struct {
+ size_t num_keygen_mechs;
+ } token_info_t;
+
+-token_info_t token;
++extern token_info_t token;
+
+ #endif /* P11TEST_COMMON_H */
+
diff --git a/dev-libs/opensc/opensc-0.20.0.ebuild b/dev-libs/opensc/opensc-0.20.0.ebuild
index d32490c9e60..fdfd50b8daa 100644
--- a/dev-libs/opensc/opensc-0.20.0.ebuild
+++ b/dev-libs/opensc/opensc-0.20.0.ebuild
@@ -36,6 +36,10 @@ REQUIRED_USE="
ctapi? ( !pcsc-lite !openct )
|| ( pcsc-lite openct ctapi )"
+PATCHES=(
+ "${FILESDIR}/${P}-gcc10.patch"
+)
+
src_prepare() {
default
elibtoolize
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2023-06-10 19:07 David Seifert
0 siblings, 0 replies; 9+ messages in thread
From: David Seifert @ 2023-06-10 19:07 UTC (permalink / raw
To: gentoo-commits
commit: cc922f70f70016cf7fd197a8f492e654e0556f50
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 10 19:06:40 2023 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sat Jun 10 19:06:40 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc922f70
dev-libs/opensc: add patch for CVE-2023-2977
Bug: https://bugs.gentoo.org/907930
Signed-off-by: David Seifert <soap <AT> gentoo.org>
.../opensc/files/opensc-0.23.0-CVE-2023-2977.patch | 49 +++++++++++++
dev-libs/opensc/opensc-0.23.0-r1.ebuild | 83 ++++++++++++++++++++++
2 files changed, 132 insertions(+)
diff --git a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
new file mode 100644
index 000000000000..ad3bc1fadc93
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
@@ -0,0 +1,49 @@
+From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
+From: fullwaywang <fullwaywang@tencent.com>
+Date: Mon, 29 May 2023 10:38:48 +0800
+Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
+ overrun bug. Fixes #2785
+
+---
+ src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
+index 9715cf390f..f41f73c349 100644
+--- a/src/pkcs15init/pkcs15-cardos.c
++++ b/src/pkcs15init/pkcs15-cardos.c
+@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ sc_apdu_t apdu;
+ u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
+ int r;
+- const u8 *p = rbuf, *q;
++ const u8 *p = rbuf, *q, *pp;
+ size_t len, tlen = 0, ilen = 0;
+
+ sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
+@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ return 0;
+
+ while (len != 0) {
+- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
+- if (p == NULL)
++ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
++ if (pp == NULL)
+ return 0;
+ if (card->type == SC_CARD_TYPE_CARDOS_M4_3) {
+ /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
+ /* and Package Number 0x07 */
+- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
+ if (q == NULL || ilen != 4)
+ return 0;
+ if (q[0] == 0x07)
+@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) {
+ /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */
+ /* and Package Number 0x02 */
+- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
+ if (q == NULL || ilen != 4)
+ return 0;
+ if (q[0] == 0x02)
diff --git a/dev-libs/opensc/opensc-0.23.0-r1.ebuild b/dev-libs/opensc/opensc-0.23.0-r1.ebuild
new file mode 100644
index 000000000000..9162e0939fc4
--- /dev/null
+++ b/dev-libs/opensc/opensc-0.23.0-r1.ebuild
@@ -0,0 +1,83 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit bash-completion-r1 libtool
+
+DESCRIPTION="Libraries and applications to access smartcards"
+HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
+
+if [[ ${PV} == *9999 ]]; then
+ inherit autotools git-r3
+ EGIT_REPO_URI="https://github.com/OpenSC/OpenSC.git"
+else
+ SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
+ KEYWORDS="~amd64 ~ppc64 ~x86"
+fi
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+IUSE="ctapi doc openct notify pace +pcsc-lite readline secure-messaging ssl test zlib"
+RESTRICT="!test? ( test )"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+ readline? ( sys-libs/readline:0= )
+ ssl? ( dev-libs/openssl:0= )
+ openct? ( >=dev-libs/openct-0.5.0 )
+ pace? ( dev-libs/openpace:= )
+ pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )
+ notify? ( dev-libs/glib:2 )"
+DEPEND="${RDEPEND}
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt
+ test? ( dev-util/cmocka )"
+BDEPEND="virtual/pkgconfig"
+
+REQUIRED_USE="
+ pcsc-lite? ( !openct !ctapi )
+ openct? ( !pcsc-lite !ctapi )
+ ctapi? ( !pcsc-lite !openct )
+ || ( pcsc-lite openct ctapi )"
+
+PATCHES=( "${FILESDIR}"/${P}-CVE-2023-2977.patch )
+
+src_prepare() {
+ default
+
+ if [[ ${PV} == *9999 ]]; then
+ eautoreconf
+ else
+ elibtoolize
+ fi
+}
+
+src_configure() {
+ # don't want to run upstream's clang-tidy checks
+ export ac_cv_path_CLANGTIDY=""
+
+ econf \
+ --with-completiondir="$(get_bashcompdir)" \
+ --disable-strict \
+ --enable-man \
+ $(use_enable ctapi) \
+ $(use_enable doc) \
+ $(use_enable notify) \
+ $(use_enable openct) \
+ $(use_enable pace openpace) \
+ $(use_enable pcsc-lite pcsc) \
+ $(use_enable readline) \
+ $(use_enable secure-messaging sm) \
+ $(use_enable ssl openssl) \
+ $(use_enable test cmocka) \
+ $(use_enable zlib)
+}
+
+src_install() {
+ default
+
+ insinto /etc/pkcs11/modules/
+ doins "${FILESDIR}"/opensc.module
+
+ find "${ED}" -name '*.la' -delete || die
+}
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2023-07-17 22:14 Sam James
0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2023-07-17 22:14 UTC (permalink / raw
To: gentoo-commits
commit: 08f134943e605456a2506fbfe688cea0340059e9
Author: Matoro Mahri <matoro <AT> users <DOT> noreply <DOT> github <DOT> com>
AuthorDate: Mon Jul 17 22:06:02 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Jul 17 22:14:32 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08f13494
dev-libs/opensc: backport PR to fix dev-libs/libp11 tests
See: https://github.com/OpenSC/libp11/issues/478
See: https://github.com/OpenSC/OpenSC/pull/2656
Bug: https://bugs.gentoo.org/909781
Signed-off-by: Matoro Mahri <matoro <AT> users.noreply.github.com>
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/opensc-0.23.0-backport-pr2656.patch | 215 +++++++++++++++++++++
dev-libs/opensc/opensc-0.23.0-r2.ebuild | 81 ++++++++
2 files changed, 296 insertions(+)
diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch
new file mode 100644
index 000000000000..f9ce72d31776
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch
@@ -0,0 +1,215 @@
+https://bugs.gentoo.org/909781
+https://github.com/OpenSC/libp11/issues/478
+https://github.com/OpenSC/OpenSC/pull/2656
+
+From 99f7b82f187ca3512ceae6270c391243d018fdac Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Thu, 1 Dec 2022 20:08:53 +0100
+Subject: [PATCH 1/4] pkcs11-tool: Fix private key import
+
+---
+ src/tools/pkcs11-tool.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
+index aae205fe2c..cfee8526d5 100644
+--- a/src/tools/pkcs11-tool.c
++++ b/src/tools/pkcs11-tool.c
+@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
+ RSA_get0_factors(r, &r_p, &r_q);
+ RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
+ #else
+- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 ||
++ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
+- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
+ util_fatal("OpenSSL error during RSA private key parsing");
++ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
+ }
+ #endif
+ RSA_GET_BN(rsa, private_exponent, r_d);
+
+From 4a6e1d1dcd18757502027b1c5d2fb2cbaca28407 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Thu, 1 Dec 2022 20:11:41 +0100
+Subject: [PATCH 2/4] pkcs11-tool: Log more information on OpenSSL errors
+
+---
+ src/tools/pkcs11-tool.c | 15 ++++++---------
+ 1 file changed, 6 insertions(+), 9 deletions(-)
+
+diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
+index cfee8526d5..f2e6b1dd91 100644
+--- a/src/tools/pkcs11-tool.c
++++ b/src/tools/pkcs11-tool.c
+@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
+ const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp;
+ r = EVP_PKEY_get1_RSA(pkey);
+ if (!r) {
+- if (private)
+- util_fatal("OpenSSL error during RSA private key parsing");
+- else
+- util_fatal("OpenSSL error during RSA public key parsing");
++ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
++ ERR_error_string(ERR_peek_last_error(), NULL));
+ }
+
+ RSA_get0_key(r, &r_n, &r_e, NULL);
+@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
+ BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL;
+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
+- if (private)
+- util_fatal("OpenSSL error during RSA private key parsing");
+- else
+- util_fatal("OpenSSL error during RSA public key parsing");
++ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
++ ERR_error_string(ERR_peek_last_error(), NULL));
+ }
+ #endif
+ RSA_GET_BN(rsa, modulus, r_n);
+@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
+- util_fatal("OpenSSL error during RSA private key parsing");
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
++ util_fatal("OpenSSL error during RSA private key parsing: %s",
++ ERR_error_string(ERR_peek_last_error(), NULL));
+ }
+ #endif
+ RSA_GET_BN(rsa, private_exponent, r_d);
+
+From 267da3e81f1fc23a9ccce1462ab5deb1a4d4aec5 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Thu, 1 Dec 2022 20:38:31 +0100
+Subject: [PATCH 3/4] Reproducer for broken pkcs11-tool key import
+
+---
+ tests/Makefile.am | 10 ++++---
+ tests/test-pkcs11-tool-import.sh | 48 ++++++++++++++++++++++++++++++++
+ 2 files changed, 54 insertions(+), 4 deletions(-)
+ create mode 100755 tests/test-pkcs11-tool-import.sh
+
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index d378e2ee00..9d8a24c321 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -14,8 +14,9 @@ dist_noinst_SCRIPTS = common.sh \
+ test-pkcs11-tool-test-threads.sh \
+ test-pkcs11-tool-sign-verify.sh \
+ test-pkcs11-tool-allowed-mechanisms.sh \
+- test-pkcs11-tool-sym-crypt-test.sh\
+- test-pkcs11-tool-unwrap-wrap-test.sh
++ test-pkcs11-tool-sym-crypt-test.sh \
++ test-pkcs11-tool-unwrap-wrap-test.sh \
++ test-pkcs11-tool-import.sh
+
+ .NOTPARALLEL:
+ TESTS = \
+@@ -25,8 +26,9 @@ TESTS = \
+ test-pkcs11-tool-test.sh \
+ test-pkcs11-tool-test-threads.sh \
+ test-pkcs11-tool-allowed-mechanisms.sh \
+- test-pkcs11-tool-sym-crypt-test.sh\
+- test-pkcs11-tool-unwrap-wrap-test.sh
++ test-pkcs11-tool-sym-crypt-test.sh \
++ test-pkcs11-tool-unwrap-wrap-test.sh \
++ test-pkcs11-tool-import.sh
+ XFAIL_TESTS = \
+ test-pkcs11-tool-test-threads.sh \
+ test-pkcs11-tool-test.sh
+diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
+new file mode 100755
+index 0000000000..76ff8e51be
+--- /dev/null
++++ b/tests/test-pkcs11-tool-import.sh
+@@ -0,0 +1,48 @@
++#!/bin/bash
++SOURCE_PATH=${SOURCE_PATH:-..}
++
++source $SOURCE_PATH/tests/common.sh
++
++echo "======================================================="
++echo "Setup SoftHSM"
++echo "======================================================="
++if [[ ! -f $P11LIB ]]; then
++ echo "WARNING: The SoftHSM is not installed. Can not run this test"
++ exit 77;
++fi
++card_setup
++
++ID="0100"
++OPTS=""
++for KEYTYPE in "RSA" "EC"; do
++ echo "======================================================="
++ echo "Generate and import $KEYTYPE keys"
++ echo "======================================================="
++ if [ "$KEYTYPE" == "RSA" ]; then
++ ID="0100"
++ elif [ "$KEYTYPE" == "EC" ]; then
++ ID="0200"
++ OPTS="-pkeyopt ec_paramgen_curve:P-521"
++ fi
++ openssl genpkey -out "${KEYTYPE}_private.der" -outform DER -algorithm $KEYTYPE $OPTS
++ assert $? "Failed to generate private $KEYTYPE key"
++ $PKCS11_TOOL --write-object "${KEYTYPE}_private.der" --id "$ID" --type privkey \
++ --label "$KEYTYPE" -p "$PIN" --module "$P11LIB"
++ assert $? "Failed to write private $KEYTYPE key"
++
++ openssl pkey -in "${KEYTYPE}_private.der" -out "${KEYTYPE}_public.der" -pubout -inform DER -outform DER
++ assert $? "Failed to convert private $KEYTYPE key to public"
++ $PKCS11_TOOL --write-object "${KEYTYPE}_public.der" --id "$ID" --type pubkey --label "$KEYTYPE" \
++ -p $PIN --module $P11LIB
++ assert $? "Failed to write public $KEYTYPE key"
++ # certificate import already tested in all other tests
++
++ rm "${KEYTYPE}_private.der" "${KEYTYPE}_public.der"
++done
++
++echo "======================================================="
++echo "Cleanup"
++echo "======================================================="
++card_cleanup
++
++exit $ERRORS
+
+From 63a7bceeca43ece1eee201ef7a974b20b294ba4e Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jakuje@gmail.com>
+Date: Fri, 2 Dec 2022 18:07:43 +0100
+Subject: [PATCH 4/4] Simplify the new test
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Co-authored-by: Veronika Hanulíková <61348757+xhanulik@users.noreply.github.com>
+---
+ tests/test-pkcs11-tool-import.sh | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
+index 76ff8e51be..c90b3b4926 100755
+--- a/tests/test-pkcs11-tool-import.sh
++++ b/tests/test-pkcs11-tool-import.sh
+@@ -12,15 +12,13 @@ if [[ ! -f $P11LIB ]]; then
+ fi
+ card_setup
+
+-ID="0100"
+-OPTS=""
+ for KEYTYPE in "RSA" "EC"; do
+ echo "======================================================="
+ echo "Generate and import $KEYTYPE keys"
+ echo "======================================================="
+- if [ "$KEYTYPE" == "RSA" ]; then
+- ID="0100"
+- elif [ "$KEYTYPE" == "EC" ]; then
++ ID="0100"
++ OPTS=""
++ if [ "$KEYTYPE" == "EC" ]; then
+ ID="0200"
+ OPTS="-pkeyopt ec_paramgen_curve:P-521"
+ fi
diff --git a/dev-libs/opensc/opensc-0.23.0-r2.ebuild b/dev-libs/opensc/opensc-0.23.0-r2.ebuild
new file mode 100644
index 000000000000..7cbf82823f1a
--- /dev/null
+++ b/dev-libs/opensc/opensc-0.23.0-r2.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools bash-completion-r1
+
+DESCRIPTION="Libraries and applications to access smartcards"
+HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
+
+if [[ ${PV} == *9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/OpenSC/OpenSC.git"
+else
+ SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
+ KEYWORDS="~amd64 ~ppc64 ~riscv ~sparc ~x86"
+fi
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+IUSE="ctapi doc openct notify pace +pcsc-lite readline secure-messaging ssl test zlib"
+RESTRICT="!test? ( test )"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+ readline? ( sys-libs/readline:0= )
+ ssl? ( dev-libs/openssl:0= )
+ openct? ( >=dev-libs/openct-0.5.0 )
+ pace? ( dev-libs/openpace:= )
+ pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )
+ notify? ( dev-libs/glib:2 )"
+DEPEND="${RDEPEND}
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt
+ test? ( dev-util/cmocka )"
+BDEPEND="virtual/pkgconfig"
+
+REQUIRED_USE="
+ pcsc-lite? ( !openct !ctapi )
+ openct? ( !pcsc-lite !ctapi )
+ ctapi? ( !pcsc-lite !openct )
+ || ( pcsc-lite openct ctapi )"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-CVE-2023-2977.patch
+ "${FILESDIR}"/${P}-0.23.0-backport-pr2656.patch
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ # don't want to run upstream's clang-tidy checks
+ export ac_cv_path_CLANGTIDY=""
+
+ econf \
+ --with-completiondir="$(get_bashcompdir)" \
+ --disable-strict \
+ --enable-man \
+ $(use_enable ctapi) \
+ $(use_enable doc) \
+ $(use_enable notify) \
+ $(use_enable openct) \
+ $(use_enable pace openpace) \
+ $(use_enable pcsc-lite pcsc) \
+ $(use_enable readline) \
+ $(use_enable secure-messaging sm) \
+ $(use_enable ssl openssl) \
+ $(use_enable test cmocka) \
+ $(use_enable zlib)
+}
+
+src_install() {
+ default
+
+ insinto /etc/pkcs11/modules/
+ doins "${FILESDIR}"/opensc.module
+
+ find "${ED}" -name '*.la' -delete || die
+}
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2023-11-17 7:47 Sam James
0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2023-11-17 7:47 UTC (permalink / raw
To: gentoo-commits
commit: 43b2c52e2a041032276139853dbf688f1d3fe2a1
Author: Matoro Mahri <matoro_gentoo <AT> matoro <DOT> tk>
AuthorDate: Thu Nov 16 20:46:25 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Nov 17 07:47:02 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=43b2c52e
dev-libs/opensc: backport stack corruption fix
See: https://github.com/OpenSC/OpenSC/pull/2765
Bug: https://bugs.gentoo.org/909781
Signed-off-by: Matoro Mahri <matoro_gentoo <AT> matoro.tk>
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/opensc-0.23.0-backport-pr2765.patch | 39 ++++++++++++++++++++++
dev-libs/opensc/opensc-0.23.0-r2.ebuild | 1 +
2 files changed, 40 insertions(+)
diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch
new file mode 100644
index 000000000000..72572c598ac8
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch
@@ -0,0 +1,39 @@
+https://bugs.gentoo.org/909781
+https://github.com/OpenSC/OpenSC/pull/2765
+
+From 36178c8188521f2627d2eea428a7e53d149eed58 Mon Sep 17 00:00:00 2001
+From: Peter Popovec <popovec.peter@gmail.com>
+Date: Fri, 28 Apr 2023 10:50:25 +0200
+Subject: [PATCH] Fix pkcs11-tool unwrap / incorrect CKA_ID
+
+"object_id[]" and "id_len" must be allocated so that it is not deallocated
+or overwritten (on the stack) at the time of the C_UnwrapKey() call.
+
+ modified: src/tools/pkcs11-tool.c
+---
+ src/tools/pkcs11-tool.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
+index 890ca27060..f3a01ab4cf 100644
+--- a/src/tools/pkcs11-tool.c
++++ b/src/tools/pkcs11-tool.c
+@@ -3347,6 +3347,8 @@ unwrap_key(CK_SESSION_HANDLE session)
+ {CKA_CLASS, &secret_key_class, sizeof(secret_key_class)},
+ {CKA_TOKEN, &_true, sizeof(_true)},
+ };
++ CK_BYTE object_id[100];
++ size_t id_len;
+ CK_OBJECT_HANDLE hSecretKey;
+ int n_attr = 2;
+ CK_RV rv;
+@@ -3450,9 +3452,6 @@ unwrap_key(CK_SESSION_HANDLE session)
+ }
+
+ if (opt_application_id != NULL) {
+- CK_BYTE object_id[100];
+- size_t id_len;
+-
+ id_len = sizeof(object_id);
+ if (!sc_hex_to_bin(opt_application_id, object_id, &id_len)) {
+ FILL_ATTR(keyTemplate[n_attr], CKA_ID, object_id, id_len);
diff --git a/dev-libs/opensc/opensc-0.23.0-r2.ebuild b/dev-libs/opensc/opensc-0.23.0-r2.ebuild
index f372e3e254a1..3e71af21cb37 100644
--- a/dev-libs/opensc/opensc-0.23.0-r2.ebuild
+++ b/dev-libs/opensc/opensc-0.23.0-r2.ebuild
@@ -43,6 +43,7 @@ REQUIRED_USE="
PATCHES=(
"${FILESDIR}"/${P}-CVE-2023-2977.patch
"${FILESDIR}"/${P}-backport-pr2656.patch
+ "${FILESDIR}"/${P}-backport-pr2765.patch
)
src_prepare() {
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/
@ 2024-03-07 9:25 David Seifert
0 siblings, 0 replies; 9+ messages in thread
From: David Seifert @ 2024-03-07 9:25 UTC (permalink / raw
To: gentoo-commits
commit: a85b54e12c203e216d4d231a54c0d4f142b1da39
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Thu Mar 7 09:25:48 2024 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Thu Mar 7 09:25:48 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a85b54e1
dev-libs/opensc: drop 0.23.0-r3
Signed-off-by: David Seifert <soap <AT> gentoo.org>
dev-libs/opensc/Manifest | 1 -
.../opensc/files/opensc-0.23.0-CVE-2023-2977.patch | 49 -----
.../files/opensc-0.23.0-backport-pr2656.patch | 215 ---------------------
.../files/opensc-0.23.0-backport-pr2765.patch | 39 ----
dev-libs/opensc/opensc-0.23.0-r3.ebuild | 82 --------
5 files changed, 386 deletions(-)
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest
index 9a0b274dd7eb..a8557d421768 100644
--- a/dev-libs/opensc/Manifest
+++ b/dev-libs/opensc/Manifest
@@ -1,2 +1 @@
-DIST opensc-0.23.0.tar.gz 2366469 BLAKE2B c0f74379a70347a58be27684ae2cf833e6f35328b566af2c6daa8276174864406fa176acf7ba84931970fe07e3dd8d6eccf7884f079cb0110c4d6ff9a76792dc SHA512 cd102cd64e719c59153960a4921b7525055045f16e6f6ffa8c9def6ce999a9c5098267b41f8753b41107f626bea20c34561002f5d38eddb4ce6b371913a17a1b
DIST opensc-0.24.0.tar.gz 2440952 BLAKE2B afacdd151d169dd1840ecd6df1cec99a9805598d7b7af81e17b648f146cd1b3ad1d3dcae19ed94cf8ce0dbbd5b4285af9653af5ef5739d53908ce30a49544adb SHA512 0fd2ea858874ae0b85c8fe8c4b920988693a47ca95b26449a1e95f86e17b76000f236c1f75d63ee133306e01a965155da5e14c1b8a59053b85026ecb58fb97bb
diff --git a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
deleted file mode 100644
index ad3bc1fadc93..000000000000
--- a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
-From: fullwaywang <fullwaywang@tencent.com>
-Date: Mon, 29 May 2023 10:38:48 +0800
-Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
- overrun bug. Fixes #2785
-
----
- src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
-index 9715cf390f..f41f73c349 100644
---- a/src/pkcs15init/pkcs15-cardos.c
-+++ b/src/pkcs15init/pkcs15-cardos.c
-@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
- sc_apdu_t apdu;
- u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
- int r;
-- const u8 *p = rbuf, *q;
-+ const u8 *p = rbuf, *q, *pp;
- size_t len, tlen = 0, ilen = 0;
-
- sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
-@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
- return 0;
-
- while (len != 0) {
-- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
-- if (p == NULL)
-+ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
-+ if (pp == NULL)
- return 0;
- if (card->type == SC_CARD_TYPE_CARDOS_M4_3) {
- /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
- /* and Package Number 0x07 */
-- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
-+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
- if (q == NULL || ilen != 4)
- return 0;
- if (q[0] == 0x07)
-@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
- } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) {
- /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */
- /* and Package Number 0x02 */
-- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
-+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
- if (q == NULL || ilen != 4)
- return 0;
- if (q[0] == 0x02)
diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch
deleted file mode 100644
index f9ce72d31776..000000000000
--- a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-https://bugs.gentoo.org/909781
-https://github.com/OpenSC/libp11/issues/478
-https://github.com/OpenSC/OpenSC/pull/2656
-
-From 99f7b82f187ca3512ceae6270c391243d018fdac Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 1 Dec 2022 20:08:53 +0100
-Subject: [PATCH 1/4] pkcs11-tool: Fix private key import
-
----
- src/tools/pkcs11-tool.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index aae205fe2c..cfee8526d5 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
- RSA_get0_factors(r, &r_p, &r_q);
- RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
- #else
-- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 ||
-+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
-- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
- util_fatal("OpenSSL error during RSA private key parsing");
-+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
- }
- #endif
- RSA_GET_BN(rsa, private_exponent, r_d);
-
-From 4a6e1d1dcd18757502027b1c5d2fb2cbaca28407 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 1 Dec 2022 20:11:41 +0100
-Subject: [PATCH 2/4] pkcs11-tool: Log more information on OpenSSL errors
-
----
- src/tools/pkcs11-tool.c | 15 ++++++---------
- 1 file changed, 6 insertions(+), 9 deletions(-)
-
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index cfee8526d5..f2e6b1dd91 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
- const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp;
- r = EVP_PKEY_get1_RSA(pkey);
- if (!r) {
-- if (private)
-- util_fatal("OpenSSL error during RSA private key parsing");
-- else
-- util_fatal("OpenSSL error during RSA public key parsing");
-+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
-+ ERR_error_string(ERR_peek_last_error(), NULL));
- }
-
- RSA_get0_key(r, &r_n, &r_e, NULL);
-@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
- BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL;
- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
-- if (private)
-- util_fatal("OpenSSL error during RSA private key parsing");
-- else
-- util_fatal("OpenSSL error during RSA public key parsing");
-+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
-+ ERR_error_string(ERR_peek_last_error(), NULL));
- }
- #endif
- RSA_GET_BN(rsa, modulus, r_n);
-@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
-- util_fatal("OpenSSL error during RSA private key parsing");
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
-+ util_fatal("OpenSSL error during RSA private key parsing: %s",
-+ ERR_error_string(ERR_peek_last_error(), NULL));
- }
- #endif
- RSA_GET_BN(rsa, private_exponent, r_d);
-
-From 267da3e81f1fc23a9ccce1462ab5deb1a4d4aec5 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 1 Dec 2022 20:38:31 +0100
-Subject: [PATCH 3/4] Reproducer for broken pkcs11-tool key import
-
----
- tests/Makefile.am | 10 ++++---
- tests/test-pkcs11-tool-import.sh | 48 ++++++++++++++++++++++++++++++++
- 2 files changed, 54 insertions(+), 4 deletions(-)
- create mode 100755 tests/test-pkcs11-tool-import.sh
-
-diff --git a/tests/Makefile.am b/tests/Makefile.am
-index d378e2ee00..9d8a24c321 100644
---- a/tests/Makefile.am
-+++ b/tests/Makefile.am
-@@ -14,8 +14,9 @@ dist_noinst_SCRIPTS = common.sh \
- test-pkcs11-tool-test-threads.sh \
- test-pkcs11-tool-sign-verify.sh \
- test-pkcs11-tool-allowed-mechanisms.sh \
-- test-pkcs11-tool-sym-crypt-test.sh\
-- test-pkcs11-tool-unwrap-wrap-test.sh
-+ test-pkcs11-tool-sym-crypt-test.sh \
-+ test-pkcs11-tool-unwrap-wrap-test.sh \
-+ test-pkcs11-tool-import.sh
-
- .NOTPARALLEL:
- TESTS = \
-@@ -25,8 +26,9 @@ TESTS = \
- test-pkcs11-tool-test.sh \
- test-pkcs11-tool-test-threads.sh \
- test-pkcs11-tool-allowed-mechanisms.sh \
-- test-pkcs11-tool-sym-crypt-test.sh\
-- test-pkcs11-tool-unwrap-wrap-test.sh
-+ test-pkcs11-tool-sym-crypt-test.sh \
-+ test-pkcs11-tool-unwrap-wrap-test.sh \
-+ test-pkcs11-tool-import.sh
- XFAIL_TESTS = \
- test-pkcs11-tool-test-threads.sh \
- test-pkcs11-tool-test.sh
-diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
-new file mode 100755
-index 0000000000..76ff8e51be
---- /dev/null
-+++ b/tests/test-pkcs11-tool-import.sh
-@@ -0,0 +1,48 @@
-+#!/bin/bash
-+SOURCE_PATH=${SOURCE_PATH:-..}
-+
-+source $SOURCE_PATH/tests/common.sh
-+
-+echo "======================================================="
-+echo "Setup SoftHSM"
-+echo "======================================================="
-+if [[ ! -f $P11LIB ]]; then
-+ echo "WARNING: The SoftHSM is not installed. Can not run this test"
-+ exit 77;
-+fi
-+card_setup
-+
-+ID="0100"
-+OPTS=""
-+for KEYTYPE in "RSA" "EC"; do
-+ echo "======================================================="
-+ echo "Generate and import $KEYTYPE keys"
-+ echo "======================================================="
-+ if [ "$KEYTYPE" == "RSA" ]; then
-+ ID="0100"
-+ elif [ "$KEYTYPE" == "EC" ]; then
-+ ID="0200"
-+ OPTS="-pkeyopt ec_paramgen_curve:P-521"
-+ fi
-+ openssl genpkey -out "${KEYTYPE}_private.der" -outform DER -algorithm $KEYTYPE $OPTS
-+ assert $? "Failed to generate private $KEYTYPE key"
-+ $PKCS11_TOOL --write-object "${KEYTYPE}_private.der" --id "$ID" --type privkey \
-+ --label "$KEYTYPE" -p "$PIN" --module "$P11LIB"
-+ assert $? "Failed to write private $KEYTYPE key"
-+
-+ openssl pkey -in "${KEYTYPE}_private.der" -out "${KEYTYPE}_public.der" -pubout -inform DER -outform DER
-+ assert $? "Failed to convert private $KEYTYPE key to public"
-+ $PKCS11_TOOL --write-object "${KEYTYPE}_public.der" --id "$ID" --type pubkey --label "$KEYTYPE" \
-+ -p $PIN --module $P11LIB
-+ assert $? "Failed to write public $KEYTYPE key"
-+ # certificate import already tested in all other tests
-+
-+ rm "${KEYTYPE}_private.der" "${KEYTYPE}_public.der"
-+done
-+
-+echo "======================================================="
-+echo "Cleanup"
-+echo "======================================================="
-+card_cleanup
-+
-+exit $ERRORS
-
-From 63a7bceeca43ece1eee201ef7a974b20b294ba4e Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jakuje@gmail.com>
-Date: Fri, 2 Dec 2022 18:07:43 +0100
-Subject: [PATCH 4/4] Simplify the new test
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Co-authored-by: Veronika Hanulíková <61348757+xhanulik@users.noreply.github.com>
----
- tests/test-pkcs11-tool-import.sh | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
-index 76ff8e51be..c90b3b4926 100755
---- a/tests/test-pkcs11-tool-import.sh
-+++ b/tests/test-pkcs11-tool-import.sh
-@@ -12,15 +12,13 @@ if [[ ! -f $P11LIB ]]; then
- fi
- card_setup
-
--ID="0100"
--OPTS=""
- for KEYTYPE in "RSA" "EC"; do
- echo "======================================================="
- echo "Generate and import $KEYTYPE keys"
- echo "======================================================="
-- if [ "$KEYTYPE" == "RSA" ]; then
-- ID="0100"
-- elif [ "$KEYTYPE" == "EC" ]; then
-+ ID="0100"
-+ OPTS=""
-+ if [ "$KEYTYPE" == "EC" ]; then
- ID="0200"
- OPTS="-pkeyopt ec_paramgen_curve:P-521"
- fi
diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch
deleted file mode 100644
index 72572c598ac8..000000000000
--- a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-https://bugs.gentoo.org/909781
-https://github.com/OpenSC/OpenSC/pull/2765
-
-From 36178c8188521f2627d2eea428a7e53d149eed58 Mon Sep 17 00:00:00 2001
-From: Peter Popovec <popovec.peter@gmail.com>
-Date: Fri, 28 Apr 2023 10:50:25 +0200
-Subject: [PATCH] Fix pkcs11-tool unwrap / incorrect CKA_ID
-
-"object_id[]" and "id_len" must be allocated so that it is not deallocated
-or overwritten (on the stack) at the time of the C_UnwrapKey() call.
-
- modified: src/tools/pkcs11-tool.c
----
- src/tools/pkcs11-tool.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index 890ca27060..f3a01ab4cf 100644
---- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -3347,6 +3347,8 @@ unwrap_key(CK_SESSION_HANDLE session)
- {CKA_CLASS, &secret_key_class, sizeof(secret_key_class)},
- {CKA_TOKEN, &_true, sizeof(_true)},
- };
-+ CK_BYTE object_id[100];
-+ size_t id_len;
- CK_OBJECT_HANDLE hSecretKey;
- int n_attr = 2;
- CK_RV rv;
-@@ -3450,9 +3452,6 @@ unwrap_key(CK_SESSION_HANDLE session)
- }
-
- if (opt_application_id != NULL) {
-- CK_BYTE object_id[100];
-- size_t id_len;
--
- id_len = sizeof(object_id);
- if (!sc_hex_to_bin(opt_application_id, object_id, &id_len)) {
- FILL_ATTR(keyTemplate[n_attr], CKA_ID, object_id, id_len);
diff --git a/dev-libs/opensc/opensc-0.23.0-r3.ebuild b/dev-libs/opensc/opensc-0.23.0-r3.ebuild
deleted file mode 100644
index 9808951f0b2b..000000000000
--- a/dev-libs/opensc/opensc-0.23.0-r3.ebuild
+++ /dev/null
@@ -1,82 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools bash-completion-r1
-
-DESCRIPTION="Libraries and applications to access smartcards"
-HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
-
-if [[ ${PV} == *9999 ]]; then
- inherit git-r3
- EGIT_REPO_URI="https://github.com/OpenSC/OpenSC.git"
-else
- SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
- KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86"
-fi
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-IUSE="ctapi doc openct notify pace +pcsc-lite readline secure-messaging ssl test zlib"
-RESTRICT="!test? ( test )"
-
-RDEPEND="zlib? ( sys-libs/zlib )
- readline? ( sys-libs/readline:0= )
- ssl? ( dev-libs/openssl:0= )
- openct? ( >=dev-libs/openct-0.5.0 )
- pace? ( dev-libs/openpace:= )
- pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )
- notify? ( dev-libs/glib:2 )"
-DEPEND="${RDEPEND}
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt
- test? ( dev-util/cmocka )"
-BDEPEND="virtual/pkgconfig"
-
-REQUIRED_USE="
- pcsc-lite? ( !openct !ctapi )
- openct? ( !pcsc-lite !ctapi )
- ctapi? ( !pcsc-lite !openct )
- || ( pcsc-lite openct ctapi )"
-
-PATCHES=(
- "${FILESDIR}"/${P}-CVE-2023-2977.patch
- "${FILESDIR}"/${P}-backport-pr2656.patch
- "${FILESDIR}"/${P}-backport-pr2765.patch
-)
-
-src_prepare() {
- default
- eautoreconf
-}
-
-src_configure() {
- # don't want to run upstream's clang-tidy checks
- export ac_cv_path_CLANGTIDY=""
-
- econf \
- --with-completiondir="$(get_bashcompdir)" \
- --disable-strict \
- --enable-man \
- $(use_enable ctapi) \
- $(use_enable doc) \
- $(use_enable notify) \
- $(use_enable openct) \
- $(use_enable pace openpace) \
- $(use_enable pcsc-lite pcsc) \
- $(use_enable readline) \
- $(use_enable secure-messaging sm) \
- $(use_enable ssl openssl) \
- $(use_enable test cmocka) \
- $(use_enable zlib)
-}
-
-src_install() {
- default
-
- insinto /etc/pkcs11/modules/
- doins "${FILESDIR}"/opensc.module
-
- find "${ED}" -name '*.la' -delete || die
-}
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2024-03-07 9:26 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-05-19 16:03 [gentoo-commits] repo/gentoo:master commit in: dev-libs/opensc/, dev-libs/opensc/files/ Alon Bar-Lev
-- strict thread matches above, loose matches on Subject: below --
2024-03-07 9:25 David Seifert
2023-11-17 7:47 Sam James
2023-07-17 22:14 Sam James
2023-06-10 19:07 David Seifert
2020-06-18 21:02 Mikle Kolyada
2019-04-02 18:10 Alon Bar-Lev
2018-09-15 14:52 Alon Bar-Lev
2017-03-15 6:27 Alon Bar-Lev
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox