From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1467161-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id C26F8158020
	for <garchives@archives.gentoo.org>; Thu, 15 Dec 2022 04:36:53 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id F0821E07EA;
	Thu, 15 Dec 2022 04:36:52 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D7652E07EA
	for <gentoo-commits@lists.gentoo.org>; Thu, 15 Dec 2022 04:36:52 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 1A26C33BEF2
	for <gentoo-commits@lists.gentoo.org>; Thu, 15 Dec 2022 04:36:52 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 67EF0780
	for <gentoo-commits@lists.gentoo.org>; Thu, 15 Dec 2022 04:36:50 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1671078945.9631d4aa77291cf8617737566aabd0a9d6a203c3.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/sbsigntools/files/, app-crypt/sbsigntools/
X-VCS-Repository: repo/gentoo
X-VCS-Files: app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild
X-VCS-Directories: app-crypt/sbsigntools/files/ app-crypt/sbsigntools/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: 9631d4aa77291cf8617737566aabd0a9d6a203c3
X-VCS-Branch: master
Date: Thu, 15 Dec 2022 04:36:50 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: c019ffee-3cb6-493b-b5e0-7f97c30621e6
X-Archives-Hash: 0d09551839625b54fb1c920e90682b6c

commit:     9631d4aa77291cf8617737566aabd0a9d6a203c3
Author:     Kai-Chun Ning <kaichun.ning <AT> gmail <DOT> com>
AuthorDate: Wed Dec 14 10:15:43 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Dec 15 04:35:45 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9631d4aa

app-crypt/sbsigntools: fix segmentation fault w/ openssl 3

Closes: https://bugs.gentoo.org/805512
Signed-off-by: Kai-Chun Ning <kaichun.ning <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/28662
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/sbsigntools-0.9.4-openssl3.patch         | 35 ++++++++++++++
 app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild  | 53 ++++++++++++++++++++++
 2 files changed, 88 insertions(+)

diff --git a/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch
new file mode 100644
index 000000000000..3fffe9b668eb
--- /dev/null
+++ b/app-crypt/sbsigntools/files/sbsigntools-0.9.4-openssl3.patch
@@ -0,0 +1,35 @@
+Subject: [PATCH] Fix openssl-3.0 issue involving ASN1 xxx_it
+From: Jeremi Piotrowski <jeremi.piotrowski@microsoft.com>
+Origin: https://groups.io/g/sbsigntools/message/54
+
+Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.
+
+openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it` to
+`const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
+OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
+available. This change should have been transparent to the application, but
+only if the `ASN1_ITEM_rptr()` macro is used.
+
+This change passes `make check` with both openssl 1.1 and 3.0.
+
+Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
+---
+ src/idc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/idc.c b/src/idc.c
+index 6d87bd4..0a82218 100644
+--- a/src/idc.c
++++ b/src/idc.c
+@@ -189,7 +189,7 @@ int IDC_set(PKCS7 *p7, PKCS7_SIGNER_INFO *si, struct image *image)
+
+ 	idc->data->type = OBJ_nid2obj(peid_nid);
+ 	idc->data->value = ASN1_TYPE_new();
+-	type_set_sequence(image, idc->data->value, peid, &IDC_PEID_it);
++	type_set_sequence(image, idc->data->value, peid, ASN1_ITEM_rptr(IDC_PEID));
+
+         idc->digest->alg->parameter = ASN1_TYPE_new();
+         idc->digest->alg->algorithm = OBJ_nid2obj(NID_sha256);
+-- 
+2.25.1
+

diff --git a/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild b/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild
new file mode 100644
index 000000000000..5a78ca4edd5a
--- /dev/null
+++ b/app-crypt/sbsigntools/sbsigntools-0.9.4-r1.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MY_PN="${PN::-1}"
+
+inherit autotools toolchain-funcs
+
+DESCRIPTION="Utilities for signing and verifying files for UEFI Secure Boot"
+HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/sbsigntools.git/"
+SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/${PN}.git/snapshot/${P}.tar.gz
+	https://dev.gentoo.org/~tamiko/distfiles/${MY_PN}-0.8-ccan.tar.gz"
+
+LICENSE="GPL-3 LGPL-3 LGPL-2.1 CC0-1.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~riscv ~x86"
+IUSE=""
+
+RDEPEND="
+	dev-libs/openssl:0=
+	sys-apps/util-linux"
+DEPEND="${RDEPEND}
+	sys-apps/help2man
+	sys-boot/gnu-efi
+	sys-libs/binutils-libs
+	virtual/pkgconfig"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.9.4-no-werror.patch
+	"${FILESDIR}"/${PN}-0.9.4-openssl3.patch
+)
+
+src_prepare() {
+	mv "${WORKDIR}"/lib/ccan "${S}"/lib || die "mv failed"
+	rmdir "${WORKDIR}"/lib || die "rmdir failed"
+
+	local iarch
+	case ${ARCH} in
+		amd64) iarch=x86_64 ;;
+		arm64) iarch=aarch64 ;;
+		ia64)  iarch=ia64 ;;
+		riscv) iarch=riscv64 ;;
+		x86)   iarch=ia32 ;;
+		*)     die "unsupported architecture: ${ARCH}" ;;
+	esac
+	sed -i "/^EFI_ARCH=/s:=.*:=${iarch}:" configure.ac || die
+	sed -i 's/-m64$/& -march=x86-64/' tests/Makefile.am || die
+	sed -i "/^AR /s:=.*:= $(tc-getAR):" lib/ccan/Makefile.in || die #481480
+
+	default
+	eautoreconf
+}