public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: app-crypt/sbsigntools/files/, app-crypt/sbsigntools/
@ 2022-06-11  6:03 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2022-06-11  6:03 UTC (permalink / raw
  To: gentoo-commits

commit:     3f80775fd1204bf44e4ecd41202b591e1d953e63
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 11 06:01:26 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Jun 11 06:03:18 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f80775f

app-crypt/sbsigntools: drop Werror

Closes: https://bugs.gentoo.org/832212
Bug: https://bugs.gentoo.org/845372
Bug: https://bugs.gentoo.org/828947
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../sbsigntools/files/sbsigntools-0.9.4-no-werror.patch     | 13 +++++++++++++
 app-crypt/sbsigntools/sbsigntools-0.9.4.ebuild              |  4 ++++
 2 files changed, 17 insertions(+)

diff --git a/app-crypt/sbsigntools/files/sbsigntools-0.9.4-no-werror.patch b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-no-werror.patch
new file mode 100644
index 000000000000..42650929b87c
--- /dev/null
+++ b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-no-werror.patch
@@ -0,0 +1,13 @@
+https://bugs.gentoo.org/832212
+https://bugs.gentoo.org/845372
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -7,7 +7,7 @@ AM_CFLAGS = -Wall -Wextra --std=gnu99
+ common_SOURCES = idc.c idc.h image.c image.h fileio.c fileio.h \
+ 	efivars.h $(coff_headers)
+ common_LDADD = ../lib/ccan/libccan.a $(libcrypto_LIBS)
+-common_CFLAGS = -I$(top_srcdir)/lib/ccan/ -Werror
++common_CFLAGS = -I$(top_srcdir)/lib/ccan/
+ 
+ sbsign_SOURCES = sbsign.c $(common_SOURCES)
+ sbsign_LDADD = $(common_LDADD)

diff --git a/app-crypt/sbsigntools/sbsigntools-0.9.4.ebuild b/app-crypt/sbsigntools/sbsigntools-0.9.4.ebuild
index b8865b50a89d..ba90949d3bc3 100644
--- a/app-crypt/sbsigntools/sbsigntools-0.9.4.ebuild
+++ b/app-crypt/sbsigntools/sbsigntools-0.9.4.ebuild
@@ -26,6 +26,10 @@ DEPEND="${RDEPEND}
 	sys-libs/binutils-libs
 	virtual/pkgconfig"
 
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.9.4-no-werror.patch
+)
+
 src_prepare() {
 	mv "${WORKDIR}"/lib/ccan "${S}"/lib || die "mv failed"
 	rmdir "${WORKDIR}"/lib || die "rmdir failed"


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: app-crypt/sbsigntools/files/, app-crypt/sbsigntools/
@ 2022-12-15  4:36 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2022-12-15  4:36 UTC (permalink / raw
  To: gentoo-commits

commit:     9631d4aa77291cf8617737566aabd0a9d6a203c3
Author:     Kai-Chun Ning <kaichun.ning <AT> gmail <DOT> com>
AuthorDate: Wed Dec 14 10:15:43 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Dec 15 04:35:45 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9631d4aa

app-crypt/sbsigntools: fix segmentation fault w/ openssl 3

Closes: https://bugs.gentoo.org/805512
Signed-off-by: Kai-Chun Ning <kaichun.ning <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/28662
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/sbsigntools-0.9.4-openssl3.patch         | 35 ++++++++++++++
 app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild  | 53 ++++++++++++++++++++++
 2 files changed, 88 insertions(+)

diff --git a/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch
new file mode 100644
index 000000000000..3fffe9b668eb
--- /dev/null
+++ b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch
@@ -0,0 +1,35 @@
+Subject: [PATCH] Fix openssl-3.0 issue involving ASN1 xxx_it
+From: Jeremi Piotrowski <jeremi.piotrowski@microsoft.com>
+Origin: https://groups.io/g/sbsigntools/message/54
+
+Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.
+
+openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it` to
+`const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
+OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
+available. This change should have been transparent to the application, but
+only if the `ASN1_ITEM_rptr()` macro is used.
+
+This change passes `make check` with both openssl 1.1 and 3.0.
+
+Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
+---
+ src/idc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/idc.c b/src/idc.c
+index 6d87bd4..0a82218 100644
+--- a/src/idc.c
++++ b/src/idc.c
+@@ -189,7 +189,7 @@ int IDC_set(PKCS7 *p7, PKCS7_SIGNER_INFO *si, struct image *image)
+
+ 	idc->data->type = OBJ_nid2obj(peid_nid);
+ 	idc->data->value = ASN1_TYPE_new();
+-	type_set_sequence(image, idc->data->value, peid, &IDC_PEID_it);
++	type_set_sequence(image, idc->data->value, peid, ASN1_ITEM_rptr(IDC_PEID));
+
+         idc->digest->alg->parameter = ASN1_TYPE_new();
+         idc->digest->alg->algorithm = OBJ_nid2obj(NID_sha256);
+-- 
+2.25.1
+

diff --git a/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild b/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild
new file mode 100644
index 000000000000..5a78ca4edd5a
--- /dev/null
+++ b/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MY_PN="${PN::-1}"
+
+inherit autotools toolchain-funcs
+
+DESCRIPTION="Utilities for signing and verifying files for UEFI Secure Boot"
+HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/sbsigntools.git/"
+SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/${PN}.git/snapshot/${P}.tar.gz
+	https://dev.gentoo.org/~tamiko/distfiles/${MY_PN}-0.8-ccan.tar.gz"
+
+LICENSE="GPL-3 LGPL-3 LGPL-2.1 CC0-1.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~riscv ~x86"
+IUSE=""
+
+RDEPEND="
+	dev-libs/openssl:0=
+	sys-apps/util-linux"
+DEPEND="${RDEPEND}
+	sys-apps/help2man
+	sys-boot/gnu-efi
+	sys-libs/binutils-libs
+	virtual/pkgconfig"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.9.4-no-werror.patch
+	"${FILESDIR}"/${PN}-0.9.4-openssl3.patch
+)
+
+src_prepare() {
+	mv "${WORKDIR}"/lib/ccan "${S}"/lib || die "mv failed"
+	rmdir "${WORKDIR}"/lib || die "rmdir failed"
+
+	local iarch
+	case ${ARCH} in
+		amd64) iarch=x86_64 ;;
+		arm64) iarch=aarch64 ;;
+		ia64)  iarch=ia64 ;;
+		riscv) iarch=riscv64 ;;
+		x86)   iarch=ia32 ;;
+		*)     die "unsupported architecture: ${ARCH}" ;;
+	esac
+	sed -i "/^EFI_ARCH=/s:=.*:=${iarch}:" configure.ac || die
+	sed -i 's/-m64$/& -march=x86-64/' tests/Makefile.am || die
+	sed -i "/^AR /s:=.*:= $(tc-getAR):" lib/ccan/Makefile.in || die #481480
+
+	default
+	eautoreconf
+}


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-12-15  4:36 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-12-15  4:36 [gentoo-commits] repo/gentoo:master commit in: app-crypt/sbsigntools/files/, app-crypt/sbsigntools/ Sam James
  -- strict thread matches above, loose matches on Subject: below --
2022-06-11  6:03 Sam James

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox