Date: Sat, 26 Apr 2008 18:44:41 GMT From: Yarodin <yarodin@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/123116: [UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2 Message-ID: <200804261844.m3QIifYF050399@www.freebsd.org> Resent-Message-ID: <200804261850.m3QIo1mD099884@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 123116 >Category: ports >Synopsis: [UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sat Apr 26 18:50:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Yarodin >Release: 6.3-p2 >Organization: >Environment: >Description: [UPDATE] security/pinentry to 0.7.5 and fix security/pinentry-gtk2 >How-To-Repeat: >Fix: How to apply: 1) Put patch-pinentry.txt to /usr/ports/security/ 2) cd /usr/ports/security/ && patch -E -p <patch-pinentry.txt && find /usr/ports/security/pinentry/ -type f -name "*.orig" -exec rm -f {} \; 3) Put patch-pinentry-gtk2.txt to /usr/ports/security/ 4) cd /usr/ports/security/ && patch -E -p <patch-pinentry-gtk2.txt && find /usr/ports/security/pinentry-gtk2/ -type f -name "*.orig" -exec rm -f {} \; Patch attached with submission follows: --- pinentry.orig/Makefile 2008-04-19 23:53:28.000000000 +0600 +++ pinentry/Makefile 2008-04-27 00:24:26.000000000 +0600 @@ -6,14 +6,13 @@ # PORTNAME= pinentry -PORTVERSION= 0.7.3 -PORTREVISION= 1 +PORTVERSION= 0.7.5 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= pinentry MAINTAINER= lofi@freebsd.org -COMMENT?= A collection of simple PIN or passphrase entry dialogs +COMMENT= A collection of simple PIN or passphrase entry dialogs LIB_DEPENDS= gcrypt.15:${PORTSDIR}/security/libgcrypt \ ksba.17:${PORTSDIR}/security/libksba @@ -37,7 +36,6 @@ pre-configure: @${REINPLACE_CMD} -e "s@-lpthread@${PTHREAD_LIBS}@g" \ ${WRKSRC}/acinclude.m4 ${WRKSRC}/configure - .else CONFIGURE_ARGS+=--disable-pinentry-qt PLIST_SUB+= WITH_QT="@comment " @@ -46,7 +44,7 @@ .if defined(PINENTRY_GTK) USE_GNOME+= gtk12 PLIST_SUB+= WITH_GTK="" -CONFIGURE_ENV+= CFLAGS=-I${LOCALBASE}/include +CONFIGURE_ENV+= CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib .else CONFIGURE_ARGS+=--disable-pinentry-gtk PLIST_SUB+= WITH_GTK="@comment " @@ -55,7 +53,7 @@ .if defined(PINENTRY_GTK2) USE_GNOME+= gtk20 PLIST_SUB+= WITH_GTK2="" -CONFIGURE_ENV+= CFLAGS=-I${LOCALBASE}/include +CONFIGURE_ENV+= CFLAGS=-I${LOCALBASE}/include LDFLAGS=-L${LOCALBASE}/lib .else CONFIGURE_ARGS+=--disable-pinentry-gtk2 PLIST_SUB+= WITH_GTK2="@comment " --- pinentry.orig/distinfo 2007-10-30 13:39:28.000000000 +0500 +++ pinentry/distinfo 2008-04-26 18:22:22.000000000 +0600 @@ -1,3 +1,3 @@ -MD5 (pinentry-0.7.3.tar.gz) = 59282278405a8264b39ea28678c78cf4 -SHA256 (pinentry-0.7.3.tar.gz) = df1d2c47d501031b4c995cee3e464e62578b8959559121a207a8046e2cd9a5bf -SIZE (pinentry-0.7.3.tar.gz) = 417000 +MD5 (pinentry-0.7.5.tar.gz) = ca492afbbb59cd19f1c875533f18b269 +SHA256 (pinentry-0.7.5.tar.gz) = cb269ac058793b2df343a12a65e3402abc4b68503e105b12e4ca903d8d8e3172 +SIZE (pinentry-0.7.5.tar.gz) = 422801 --- pinentry.orig/files/patch-curses-utf 1970-01-01 05:00:00.000000000 +0500 +++ pinentry/files/patch-curses-utf 2008-02-17 22:30:14.000000000 +0500 @@ -0,0 +1,40 @@ +--- m4/curses.m4.orig 2005-09-08 21:25:01.000000000 +0600 ++++ m4/curses.m4 2008-02-17 22:23:32.000000000 +0500 +@@ -28,7 +28,7 @@ + AC_ARG_ENABLE(ncurses, [ --disable-ncurses don't prefer -lncurses over -lcurses], + , enable_ncurses=yes) + if test "$enable_ncurses" = yes; then +- AC_CHECK_LIB(ncurses, initscr, LIBNCURSES="-lncurses") ++ AC_CHECK_LIB(ncurses, initscr, LIBNCURSES="-lncursesw") + if test "$LIBNCURSES"; then + # Use ncurses header files instead of the ordinary ones, if possible; + # is there a better way of doing this, that avoids looking in specific +--- pinentry/pinentry-curses.c.orig 2007-06-15 17:36:39.000000000 +0600 ++++ pinentry/pinentry-curses.c 2008-02-17 22:28:40.000000000 +0500 +@@ -587,6 +587,13 @@ + SCREEN *screen = 0; + int done = 0; + char *pin_utf8; ++ char *old_ctype = NULL; ++ ++ if (pinentry->lc_ctype) ++ { ++ old_ctype = strdup (setlocale (LC_CTYPE, NULL)); ++ setlocale (LC_CTYPE, pinentry->lc_ctype); ++ } + + /* Open the desired terminal if necessary. */ + if (tty_name) +@@ -739,6 +746,12 @@ + if (screen) + delscreen (screen); + ++ if (old_ctype) ++ { ++ setlocale (LC_CTYPE, old_ctype); ++ free(old_ctype); ++ } ++ + if (ttyfi) + fclose (ttyfi); + if (ttyfo) --- pinentry.orig/files/patch-glib.2.16 2008-04-05 23:36:26.000000000 +0600 +++ pinentry/files/patch-glib.2.16 1970-01-01 05:00:00.000000000 +0500 @@ -1,58 +0,0 @@ ---- gtk+-2/gtksecentry.c- 2008-03-26 17:28:13.000000000 +0200 -+++ gtk+-2/gtksecentry.c 2008-03-26 17:32:51.000000000 +0200 -@@ -270,7 +270,7 @@ gboolean g_use_secure_mem = FALSE; - - - gpointer --g_malloc(gulong size) -+g_malloc(gsize size) - { - gpointer p; - -@@ -282,13 +282,13 @@ g_malloc(gulong size) - else - p = (gpointer) malloc(size); - if (!p) -- g_error("could not allocate %ld bytes", size); -+ g_error("could not allocate %zd bytes", size); - - return p; - } - - gpointer --g_malloc0(gulong size) -+g_malloc0(gsize size) - { - gpointer p; - -@@ -302,13 +302,13 @@ g_malloc0(gulong size) - } else - p = (gpointer) calloc(size, 1); - if (!p) -- g_error("could not allocate %ld bytes", size); -+ g_error("could not allocate %zd bytes", size); - - return p; - } - - gpointer --g_realloc(gpointer mem, gulong size) -+g_realloc(gpointer mem, gsize size) - { - gpointer p; - -@@ -3210,11 +3210,11 @@ static gint - get_cursor_time(GtkSecureEntry * entry) - { - GtkSettings *settings = gtk_widget_get_settings(GTK_WIDGET(entry)); -- gint time; -+ gint _time; - -- g_object_get(settings, "gtk-cursor-blink-time", &time, NULL); -+ g_object_get(settings, "gtk-cursor-blink-time", &_time, NULL); - -- return time; -+ return _time; - } - - static void --- pinentry.orig/files/patch-gtk2-gmem 1970-01-01 05:00:00.000000000 +0500 +++ pinentry/files/patch-gtk2-gmem 2008-04-26 22:53:58.000000000 +0600 @@ -0,0 +1,145 @@ +--- gtk+-2/gtksecentry.c.orig 2007-11-19 16:20:50.000000000 +0500 ++++ gtk+-2/gtksecentry.c 2008-04-26 22:52:13.000000000 +0600 +@@ -256,7 +256,7 @@ + + static GtkWidgetClass *parent_class = NULL; + +-gboolean g_use_secure_mem = FALSE; ++extern gboolean g_use_secure_mem; + + # define g_sec_new(type, count) \ + ((type *) g_sec_malloc ((unsigned) sizeof (type) * (count))) +@@ -269,85 +269,6 @@ + } while(0) + + +-gpointer +-g_malloc(gulong size) +-{ +- gpointer p; +- +- if (size == 0) +- return NULL; +- +- if (g_use_secure_mem) +- p = (gpointer) secmem_malloc(size); +- else +- p = (gpointer) malloc(size); +- if (!p) +- g_error("could not allocate %ld bytes", size); +- +- return p; +-} +- +-gpointer +-g_malloc0(gulong size) +-{ +- gpointer p; +- +- if (size == 0) +- return NULL; +- +- if (g_use_secure_mem) { +- p = (gpointer) secmem_malloc(size); +- if (p) +- memset(p, 0, size); +- } else +- p = (gpointer) calloc(size, 1); +- if (!p) +- g_error("could not allocate %ld bytes", size); +- +- return p; +-} +- +-gpointer +-g_realloc(gpointer mem, gulong size) +-{ +- gpointer p; +- +- if (size == 0) { +- g_free(mem); +- +- return NULL; +- } +- +- if (!mem) { +- if (g_use_secure_mem) +- p = (gpointer) secmem_malloc(size); +- else +- p = (gpointer) malloc(size); +- } else { +- if (g_use_secure_mem) { +- g_assert(m_is_secure(mem)); +- p = (gpointer) secmem_realloc(mem, size); +- } else +- p = (gpointer) realloc(mem, size); +- } +- +- if (!p) +- g_error("could not reallocate %lu bytes", (gulong) size); +- +- return p; +-} +- +-void +-g_free(gpointer mem) +-{ +- if (mem) { +- if (m_is_secure(mem)) +- secmem_free(mem); +- else +- free(mem); +- } +-} +- + GType + gtk_secure_entry_get_type(void) + { +--- gtk+-2/pinentry-gtk-2.c.orig 2007-11-19 16:44:07.000000000 +0500 ++++ gtk+-2/pinentry-gtk-2.c 2008-04-26 22:52:13.000000000 +0600 +@@ -39,6 +39,7 @@ + + #include "gtksecentry.h" + #include "pinentry.h" ++#include "memory.h" + + #ifdef FALLBACK_CURSES + #include "pinentry-curses.h" +@@ -469,12 +470,36 @@ + + pinentry_cmd_handler_t pinentry_cmd_handler = gtk_cmd_handler; + ++gboolean g_use_secure_mem = FALSE; ++ ++static gpointer ++_malloc(gsize size) { ++ return g_use_secure_mem ? secmem_malloc(size) : malloc(size); ++} ++ ++static gpointer ++_realloc(gpointer p, gsize size) { ++ return m_is_secure(p) ? secmem_realloc(p, size) : realloc(p, size); ++} ++ ++static void ++_free(gpointer p) { ++ m_is_secure(p) ? secmem_free(p) : free(p); ++} + + int + main (int argc, char *argv[]) + { + pinentry_init (PGMNAME); +- ++ ++ GMemVTable mem_vtable = { ++ _malloc, ++ _realloc, ++ _free ++ }; ++ ++ g_mem_set_vtable (&mem_vtable); ++ + #ifdef FALLBACK_CURSES + if (pinentry_have_display (argc, argv)) + gtk_init (&argc, &argv); --- pinentry.orig/files/patch-more_sec_mem 1970-01-01 05:00:00.000000000 +0500 +++ pinentry/files/patch-more_sec_mem 2008-02-17 22:20:40.000000000 +0500 @@ -0,0 +1,11 @@ +--- secmem/secmem.c.orig 2007-07-03 05:49:48.000000000 +0600 ++++ secmem/secmem.c 2008-02-17 22:19:50.000000000 +0500 +@@ -85,7 +85,7 @@ + # define MAP_ANONYMOUS MAP_ANON + #endif + +-#define DEFAULT_POOLSIZE 16384 ++#define DEFAULT_POOLSIZE 16384*4 + + typedef struct memblock_struct MEMBLOCK; + struct memblock_struct { >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804261844.m3QIifYF050399>