Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 26 Apr 2008 18:44:41 GMT
From:      Yarodin <yarodin@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/123116: [UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2
Message-ID:  <200804261844.m3QIifYF050399@www.freebsd.org>
Resent-Message-ID: <200804261850.m3QIo1mD099884@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         123116
>Category:       ports
>Synopsis:       [UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Apr 26 18:50:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Yarodin
>Release:        6.3-p2
>Organization:
>Environment:
>Description:
[UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2
>How-To-Repeat:

>Fix:
How to apply:
1) Put patch-pinentry.txt to /usr/ports/security/

2) cd /usr/ports/security/ && patch -E -p <patch-pinentry.txt && find /usr/ports/security/pinentry/ -type f -name "*.orig" -exec rm -f {} \;

3) Put patch-pinentry-gtk2.txt to /usr/ports/security/

4) cd /usr/ports/security/ && patch -E -p <patch-pinentry-gtk2.txt && find /usr/ports/security/pinentry-gtk2/ -type f -name "*.orig" -exec rm -f {} \;



Patch attached with submission follows:

--- pinentry.orig/Makefile	2008-04-19 23:53:28.000000000 +0600
+++ pinentry/Makefile		2008-04-27 00:24:26.000000000 +0600
@@ -6,14 +6,13 @@
 #
 
 PORTNAME=	pinentry
-PORTVERSION=	0.7.3
-PORTREVISION=	1
+PORTVERSION=	0.7.5
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GNUPG}
 MASTER_SITE_SUBDIR=	pinentry
 
 MAINTAINER=	lofi@freebsd.org
-COMMENT?=	A collection of simple PIN or passphrase entry dialogs
+COMMENT=	A collection of simple PIN or passphrase entry dialogs
 
 LIB_DEPENDS=	gcrypt.15:${PORTSDIR}/security/libgcrypt \
 		ksba.17:${PORTSDIR}/security/libksba
@@ -37,7 +36,6 @@
 pre-configure:
 	@${REINPLACE_CMD} -e "s@-lpthread@${PTHREAD_LIBS}@g" \
 		${WRKSRC}/acinclude.m4 ${WRKSRC}/configure
-
 .else
 CONFIGURE_ARGS+=--disable-pinentry-qt
 PLIST_SUB+=	WITH_QT="@comment "
@@ -46,7 +44,7 @@
 .if defined(PINENTRY_GTK)
 USE_GNOME+=	gtk12
 PLIST_SUB+=	WITH_GTK=""
-CONFIGURE_ENV+=	CFLAGS=-I${LOCALBASE}/include
+CONFIGURE_ENV+=	CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
 .else
 CONFIGURE_ARGS+=--disable-pinentry-gtk
 PLIST_SUB+=	WITH_GTK="@comment "
@@ -55,7 +53,7 @@
 .if defined(PINENTRY_GTK2)
 USE_GNOME+=	gtk20
 PLIST_SUB+=	WITH_GTK2=""
-CONFIGURE_ENV+=	CFLAGS=-I${LOCALBASE}/include
+CONFIGURE_ENV+=	CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib
 .else
 CONFIGURE_ARGS+=--disable-pinentry-gtk2
 PLIST_SUB+=	WITH_GTK2="@comment "
--- pinentry.orig/distinfo	2007-10-30 13:39:28.000000000 +0500
+++ pinentry/distinfo		2008-04-26 18:22:22.000000000 +0600
@@ -1,3 +1,3 @@
-MD5 (pinentry-0.7.3.tar.gz) = 59282278405a8264b39ea28678c78cf4
-SHA256 (pinentry-0.7.3.tar.gz) = df1d2c47d501031b4c995cee3e464e62578b8959559121a207a8046e2cd9a5bf
-SIZE (pinentry-0.7.3.tar.gz) = 417000
+MD5 (pinentry-0.7.5.tar.gz) = ca492afbbb59cd19f1c875533f18b269
+SHA256 (pinentry-0.7.5.tar.gz) = cb269ac058793b2df343a12a65e3402abc4b68503e105b12e4ca903d8d8e3172
+SIZE (pinentry-0.7.5.tar.gz) = 422801
--- pinentry.orig/files/patch-curses-utf	1970-01-01 05:00:00.000000000 +0500
+++ pinentry/files/patch-curses-utf		2008-02-17 22:30:14.000000000 +0500
@@ -0,0 +1,40 @@
+--- m4/curses.m4.orig	2005-09-08 21:25:01.000000000 +0600
++++ m4/curses.m4	2008-02-17 22:23:32.000000000 +0500
+@@ -28,7 +28,7 @@
+   AC_ARG_ENABLE(ncurses,    [  --disable-ncurses       don't prefer -lncurses over -lcurses],
+               , enable_ncurses=yes)
+   if test "$enable_ncurses" = yes; then
+-    AC_CHECK_LIB(ncurses, initscr, LIBNCURSES="-lncurses")
++    AC_CHECK_LIB(ncurses, initscr, LIBNCURSES="-lncursesw")
+     if test "$LIBNCURSES"; then
+       # Use ncurses header files instead of the ordinary ones, if possible;
+       # is there a better way of doing this, that avoids looking in specific
+--- pinentry/pinentry-curses.c.orig	2007-06-15 17:36:39.000000000 +0600
++++ pinentry/pinentry-curses.c		2008-02-17 22:28:40.000000000 +0500
+@@ -587,6 +587,13 @@
+   SCREEN *screen = 0;
+   int done = 0;
+   char *pin_utf8;
++  char *old_ctype = NULL;
++
++  if (pinentry->lc_ctype)
++    {
++      old_ctype = strdup (setlocale (LC_CTYPE, NULL));
++      setlocale (LC_CTYPE, pinentry->lc_ctype);
++    }
+ 
+   /* Open the desired terminal if necessary.  */
+   if (tty_name)
+@@ -739,6 +746,12 @@
+   if (screen)
+     delscreen (screen);
+ 
++  if (old_ctype)
++    {
++      setlocale (LC_CTYPE, old_ctype);
++      free(old_ctype);
++    }
++
+   if (ttyfi)
+     fclose (ttyfi);
+   if (ttyfo)
--- pinentry.orig/files/patch-glib.2.16	2008-04-05 23:36:26.000000000 +0600
+++ pinentry/files/patch-glib.2.16	1970-01-01 05:00:00.000000000 +0500
@@ -1,58 +0,0 @@
---- gtk+-2/gtksecentry.c-	2008-03-26 17:28:13.000000000 +0200
-+++ gtk+-2/gtksecentry.c	2008-03-26 17:32:51.000000000 +0200
-@@ -270,7 +270,7 @@ gboolean g_use_secure_mem = FALSE;
- 
- 
- gpointer
--g_malloc(gulong size)
-+g_malloc(gsize size)
- {
-     gpointer p;
- 
-@@ -282,13 +282,13 @@ g_malloc(gulong size)
-     else
- 	p = (gpointer) malloc(size);
-     if (!p)
--	g_error("could not allocate %ld bytes", size);
-+	g_error("could not allocate %zd bytes", size);
- 
-     return p;
- }
- 
- gpointer
--g_malloc0(gulong size)
-+g_malloc0(gsize size)
- {
-     gpointer p;
- 
-@@ -302,13 +302,13 @@ g_malloc0(gulong size)
-     } else
- 	p = (gpointer) calloc(size, 1);
-     if (!p)
--	g_error("could not allocate %ld bytes", size);
-+	g_error("could not allocate %zd bytes", size);
- 
-     return p;
- }
- 
- gpointer
--g_realloc(gpointer mem, gulong size)
-+g_realloc(gpointer mem, gsize size)
- {
-     gpointer p;
- 
-@@ -3210,11 +3210,11 @@ static gint
- get_cursor_time(GtkSecureEntry * entry)
- {
-     GtkSettings *settings = gtk_widget_get_settings(GTK_WIDGET(entry));
--    gint time;
-+    gint _time;
- 
--    g_object_get(settings, "gtk-cursor-blink-time", &time, NULL);
-+    g_object_get(settings, "gtk-cursor-blink-time", &_time, NULL);
- 
--    return time;
-+    return _time;
- }
- 
- static void
--- pinentry.orig/files/patch-gtk2-gmem	1970-01-01 05:00:00.000000000 +0500
+++ pinentry/files/patch-gtk2-gmem	2008-04-26 22:53:58.000000000 +0600
@@ -0,0 +1,145 @@
+--- gtk+-2/gtksecentry.c.orig	2007-11-19 16:20:50.000000000 +0500
++++ gtk+-2/gtksecentry.c	2008-04-26 22:52:13.000000000 +0600
+@@ -256,7 +256,7 @@
+ 
+ static GtkWidgetClass *parent_class = NULL;
+ 
+-gboolean g_use_secure_mem = FALSE;
++extern gboolean g_use_secure_mem;
+ 
+ #  define g_sec_new(type, count)	  \
+       ((type *) g_sec_malloc ((unsigned) sizeof (type) * (count)))
+@@ -269,85 +269,6 @@
+ 				} while(0)
+ 
+ 
+-gpointer
+-g_malloc(gulong size)
+-{
+-    gpointer p;
+-
+-    if (size == 0)
+-	return NULL;
+-
+-    if (g_use_secure_mem)
+-	p = (gpointer) secmem_malloc(size);
+-    else
+-	p = (gpointer) malloc(size);
+-    if (!p)
+-	g_error("could not allocate %ld bytes", size);
+-
+-    return p;
+-}
+-
+-gpointer
+-g_malloc0(gulong size)
+-{
+-    gpointer p;
+-
+-    if (size == 0)
+-	return NULL;
+-
+-    if (g_use_secure_mem) {
+-	p = (gpointer) secmem_malloc(size);
+-	if (p)
+-	    memset(p, 0, size);
+-    } else
+-	p = (gpointer) calloc(size, 1);
+-    if (!p)
+-	g_error("could not allocate %ld bytes", size);
+-
+-    return p;
+-}
+-
+-gpointer
+-g_realloc(gpointer mem, gulong size)
+-{
+-    gpointer p;
+-
+-    if (size == 0) {
+-	g_free(mem);
+-
+-	return NULL;
+-    }
+-
+-    if (!mem) {
+-	if (g_use_secure_mem)
+-	    p = (gpointer) secmem_malloc(size);
+-	else
+-	    p = (gpointer) malloc(size);
+-    } else {
+-	if (g_use_secure_mem) {
+-	    g_assert(m_is_secure(mem));
+-	    p = (gpointer) secmem_realloc(mem, size);
+-	} else
+-	    p = (gpointer) realloc(mem, size);
+-    }
+-
+-    if (!p)
+-	g_error("could not reallocate %lu bytes", (gulong) size);
+-
+-    return p;
+-}
+-
+-void
+-g_free(gpointer mem)
+-{
+-    if (mem) {
+-	if (m_is_secure(mem))
+-	    secmem_free(mem);
+-	else
+-	    free(mem);
+-    }
+-}
+-
+ GType
+ gtk_secure_entry_get_type(void)
+ {
+--- gtk+-2/pinentry-gtk-2.c.orig	2007-11-19 16:44:07.000000000 +0500
++++ gtk+-2/pinentry-gtk-2.c		2008-04-26 22:52:13.000000000 +0600
+@@ -39,6 +39,7 @@
+ 
+ #include "gtksecentry.h"
+ #include "pinentry.h"
++#include "memory.h"
+ 
+ #ifdef FALLBACK_CURSES
+ #include "pinentry-curses.h"
+@@ -469,12 +470,36 @@
+ 
+ pinentry_cmd_handler_t pinentry_cmd_handler = gtk_cmd_handler;
+ 
++gboolean g_use_secure_mem = FALSE;
++
++static gpointer
++_malloc(gsize size) {
++  return g_use_secure_mem ? secmem_malloc(size) : malloc(size);
++}
++
++static gpointer
++_realloc(gpointer p, gsize size) {
++  return m_is_secure(p) ? secmem_realloc(p, size) : realloc(p, size);
++}
++
++static void
++_free(gpointer p) {
++  m_is_secure(p) ? secmem_free(p) : free(p);
++}
+ 
+ int
+ main (int argc, char *argv[])
+ {
+   pinentry_init (PGMNAME);
+-    
++
++  GMemVTable mem_vtable = {
++    _malloc,
++    _realloc,
++    _free
++  };
++
++  g_mem_set_vtable (&mem_vtable);
++  
+ #ifdef FALLBACK_CURSES
+   if (pinentry_have_display (argc, argv))
+     gtk_init (&argc, &argv);
--- pinentry.orig/files/patch-more_sec_mem	1970-01-01 05:00:00.000000000 +0500
+++ pinentry/files/patch-more_sec_mem		2008-02-17 22:20:40.000000000 +0500
@@ -0,0 +1,11 @@
+--- secmem/secmem.c.orig	2007-07-03 05:49:48.000000000 +0600
++++ secmem/secmem.c		2008-02-17 22:19:50.000000000 +0500
+@@ -85,7 +85,7 @@
+ #  define MAP_ANONYMOUS MAP_ANON
+ #endif
+ 
+-#define DEFAULT_POOLSIZE 16384
++#define DEFAULT_POOLSIZE 16384*4
+ 
+ typedef struct memblock_struct MEMBLOCK;
+ struct memblock_struct {


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804261844.m3QIifYF050399>