Date: Thu, 19 Jan 2006 18:53:06 +0100 (CET) From: Johan van Selst <johans@stack.nl> To: FreeBSD-gnats-submit@FreeBSD.org Cc: apeiron+ports@coitusmentis.info Subject: ports/92014: security/p5-Digest-SHA256: Broken on FreeBSD >= 5.x Message-ID: <20060119175306.CB17717017@mud.stack.nl> Resent-Message-ID: <200601191800.k0JI0G4a015061@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 92014 >Category: ports >Synopsis: security/p5-Digest-SHA256: Broken on FreeBSD >= 5.x >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Jan 19 18:00:16 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Johan van Selst >Release: FreeBSD 6.0-STABLE i386 >Organization: >Environment: System: FreeBSD mud.stack.nl 6.0-STABLE FreeBSD 6.0-STABLE #9: Wed Jan 11 14:40:03 CET 2006 johans@mud.stack.nl:/usr/obj/usr/src/sys/mud i386 >Description: [Cc: maintainer] Please disable (or fix) this port for FreeBSD 5.x or later: It produces invalid checksums and should not be used (at least not in a security context) Originally reported by Ben Laurie in http://lists.FreeBSD.org/pipermail/freebsd-ports/2006-January/028552.html >How-To-Repeat: Compare the output of these (similar on 4.x, but not on 5.x): perl -e "use Digest::SHA256; print Digest::SHA256::new(256)->hexhash('test');" echo -n test | sha256 >Fix: I have searched in vain to locate the problem, so my best suggestion is to mark it broken. P.S. While we're at it, add sha256 checksum to distfile - no irony intended. diff -uNr p5-Digest-SHA256/Makefile p5-Digest-SHA256/Makefile --- p5-Digest-SHA256/Makefile Thu May 26 15:10:51 2005 +++ p5-Digest-SHA256/Makefile Thu Jan 19 18:40:43 2006 @@ -24,4 +24,10 @@ MAN3= Digest::SHA256.3 Digest::sha256.3 -.include <bsd.port.mk> +.include <bsd.port.pre.mk> + +.if ${OSVERSION} >= 500000 +BROKEN= "Produces invalid checksums on >= 5.x" +.endif + +.include <bsd.port.post.mk> diff -uNr p5-Digest-SHA256/distinfo p5-Digest-SHA256/distinfo --- p5-Digest-SHA256/distinfo Thu May 26 15:10:51 2005 +++ p5-Digest-SHA256/distinfo Thu Jan 19 18:51:25 2006 @@ -1,2 +1,3 @@ MD5 (SHA256-0.01b.tar.gz) = 08f2b87bad328275bdebf64c18bfcb31 +SHA256 (SHA256-0.01b.tar.gz) = 72bbb1e31bbfe39e9df930e9b34bbac25e5d1617b7289076945aa303ad03c170 SIZE (SHA256-0.01b.tar.gz) = 9326 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060119175306.CB17717017>