From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id AA40B1382C5 for ; Sat, 1 May 2021 18:07:15 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 020DFE0D19; Sat, 1 May 2021 18:07:15 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A45BEE0D19 for ; Sat, 1 May 2021 18:07:14 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 8BADE33BF55 for ; Sat, 1 May 2021 18:07:13 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 486D1729 for ; Sat, 1 May 2021 18:07:12 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1619892381.180ca9f16a555d6e4b66f13411c12fe3eea5eb5b.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/mit-krb5/files/, app-crypt/mit-krb5/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild X-VCS-Directories: app-crypt/mit-krb5/files/ app-crypt/mit-krb5/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 180ca9f16a555d6e4b66f13411c12fe3eea5eb5b X-VCS-Branch: master Date: Sat, 1 May 2021 18:07:12 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: f862b3fe-06e5-41c4-8dbf-8d1ab35f8b5e X-Archives-Hash: 41d3eeeebc5f3b0bd9586ee60b09ee82 commit: 180ca9f16a555d6e4b66f13411c12fe3eea5eb5b Author: Sam James gentoo org> AuthorDate: Sat May 1 17:20:13 2021 +0000 Commit: Sam James gentoo org> CommitDate: Sat May 1 18:06:21 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=180ca9f1 app-crypt/mit-krb5: drop obsolete LibreSSL patches Signed-off-by: Sam James gentoo.org> .../files/mit-krb5-1.16.3-libressl-r1.patch | 101 --------------------- .../mit-krb5/files/mit-krb5-1.18-libressl.patch | 42 --------- app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild | 2 - app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild | 2 - 4 files changed, 147 deletions(-) diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch b/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch deleted file mode 100644 index ca74b88bb0f..00000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 58263cbf3106f4c9c9a2252794093014a2f9c01f Mon Sep 17 00:00:00 2001 -From: Stefan Strogin -Date: Thu, 25 Apr 2019 03:48:10 +0300 -Subject: [PATCH] Fix build for LibreSSL 2.9.x - -asn1_mac.h is removed from LibreSSL 2.9.0, but static_ASN1_*() methods -are not defined. Define them. - -Upstream-Status: Pending -[Needs to be amended if -https://github.com/libressl-portable/openbsd/pull/109 is accepted] -Signed-off-by: Stefan Strogin ---- - .../preauth/pkinit/pkinit_crypto_openssl.c | 13 ++++++++---- - .../preauth/pkinit/pkinit_crypto_openssl.h | 20 ++++++++++++++++++- - 2 files changed, 28 insertions(+), 5 deletions(-) - -diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c -index 2064eb7bd..81d5d3cf2 100644 ---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.c -+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.c -@@ -188,14 +188,16 @@ pkinit_pkcs11_code_to_text(int err); - (*_x509_pp) = PKCS7_cert_from_signer_info(_p7,_si) - #endif - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - --/* 1.1 standardizes constructor and destructor names, renaming -- * EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */ -+/* 1.1 (and LibreSSL 2.7) standardizes constructor and destructor names, -+ * renaming EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */ - -+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL - #define EVP_MD_CTX_new EVP_MD_CTX_create - #define EVP_MD_CTX_free EVP_MD_CTX_destroy - #define ASN1_STRING_get0_data ASN1_STRING_data -+#endif - - /* 1.1 makes many handle types opaque and adds accessors. Add compatibility - * versions of the new accessors we use for pre-1.1. */ -@@ -203,6 +205,7 @@ pkinit_pkcs11_code_to_text(int err); - #define OBJ_get0_data(o) ((o)->data) - #define OBJ_length(o) ((o)->length) - -+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL - #define DH_set0_pqg compat_dh_set0_pqg - static int compat_dh_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) - { -@@ -235,6 +238,7 @@ static void compat_dh_get0_key(const DH *dh, const BIGNUM **pub, - if (priv != NULL) - *priv = dh->priv_key; - } -+#endif /* LIBRESSL_VERSION_NUMBER */ - - /* Return true if the cert c includes a key usage which doesn't include u. - * Define using direct member access for pre-1.1. */ -@@ -3040,7 +3044,8 @@ cleanup: - return retval; - } - --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \ -+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL - - /* - * We need to decode DomainParameters from RFC 3279 section 2.3.3. We would -diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h -index 7411348fa..ac91408c4 100644 ---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.h -+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.h -@@ -46,7 +46,25 @@ - #include - #include - --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \ -+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL -+ -+#ifndef static_ASN1_SEQUENCE_END_name -+#define static_ASN1_ITEM_start(itname) \ -+ static const ASN1_ITEM itname##_it = { -+#define static_ASN1_SEQUENCE_END_name(stname, tname) \ -+ ;\ -+ static_ASN1_ITEM_start(tname) \ -+ ASN1_ITYPE_SEQUENCE,\ -+ V_ASN1_SEQUENCE,\ -+ tname##_seq_tt,\ -+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ -+ NULL,\ -+ sizeof(stname),\ -+ #stname \ -+ ASN1_ITEM_end(tname) -+#endif /* !defined(static_ASN1_SEQUENCE_END_name) */ -+ - #include - #else - #include --- -2.21.0 - diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch b/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch deleted file mode 100644 index 1522d42a730..00000000000 --- a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch +++ /dev/null @@ -1,42 +0,0 @@ -From e3e3bc2a20795becda6e130d511fe59f04635624 Mon Sep 17 00:00:00 2001 -From: Stefan Strogin -Date: Sat, 15 Feb 2020 10:27:20 +0200 -Subject: [PATCH] Fix compilation for LibreSSL 3.0.2 - -RSA_PKCS1_OpenSSL() is provided in LibreSSL the master branch, -expected to be in the next release. -See: https://github.com/libressl-portable/openbsd/commit/3a8c41f3a84868337fde01ec1122198ec60bdc8e - -Bug: https://bugs.gentoo.org/709640 -Signed-off-by: Stefan Strogin ---- - tests/softpkcs11/main.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/tests/softpkcs11/main.c b/tests/softpkcs11/main.c -index 1cccdfb43..a5099fbe4 100644 ---- a/tests/softpkcs11/main.c -+++ b/tests/softpkcs11/main.c -@@ -47,7 +47,6 @@ - - #if OPENSSL_VERSION_NUMBER < 0x10100000L - #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa) --#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay - #define RSA_get0_key compat_rsa_get0_key - static void - compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, -@@ -62,6 +61,11 @@ compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, - } - #endif - -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \ -+ defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER <= 0x3000200fL) -+#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay -+#endif -+ - #define OPENSSL_ASN1_MALLOC_ENCODE(T, B, BL, S, R) \ - { \ - unsigned char *p; \ --- -2.25.0 - diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild index 3b7ff7d91e9..a80fe2ba685 100644 --- a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild +++ b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild @@ -59,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src PATCHES=( "${FILESDIR}/${PN}-1.12_warn_cflags.patch" "${FILESDIR}/${PN}-config_LDFLAGS-r1.patch" - "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch" "${FILESDIR}/${PN}_dont_create_run.patch" - "${FILESDIR}/${PN}-1.18-libressl.patch" "${FILESDIR}/CVE-2020-28196.patch" "${FILESDIR}/${PN}-1.18.2-krb5-config.patch" "${FILESDIR}/${PN}-1.18.2-autoconf-2.70.patch" diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild index 901b431b246..a20eb9604cb 100644 --- a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild +++ b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild @@ -59,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src PATCHES=( "${FILESDIR}/${PN}-1.12_warn_cflags.patch" "${FILESDIR}/${PN}-config_LDFLAGS-r1.patch" - "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch" "${FILESDIR}/${PN}_dont_create_run.patch" - "${FILESDIR}/${PN}-1.18-libressl.patch" "${FILESDIR}/${PN}-1.18.2-krb5-config.patch" )