Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Jan 2018 11:18:02 +0000 (UTC)
From:      =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r460256 - in head/net-im/gajim: . files
Message-ID:  <201801291118.w0TBI2GQ072015@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: des
Date: Mon Jan 29 11:18:02 2018
New Revision: 460256
URL: https://svnweb.freebsd.org/changeset/ports/460256

Log:
  Add upstream patch for compatibility with newer security/py-openssl.
  
  Approved by:	maintainer (rm@)
  MFH:		2018Q1

Added:
  head/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917   (contents, props changed)
Modified:
  head/net-im/gajim/Makefile

Modified: head/net-im/gajim/Makefile
==============================================================================
--- head/net-im/gajim/Makefile	Mon Jan 29 11:11:31 2018	(r460255)
+++ head/net-im/gajim/Makefile	Mon Jan 29 11:18:02 2018	(r460256)
@@ -3,6 +3,7 @@
 
 PORTNAME=	gajim
 PORTVERSION=	0.16.8
+PORTREVISION=	1
 CATEGORIES=	net-im
 MASTER_SITES=	http://gajim.org/downloads/0.16/
 

Added: head/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917	Mon Jan 29 11:18:02 2018	(r460256)
@@ -0,0 +1,87 @@
+--- src/common/crypto.py.orig
++++ src/common/crypto.py
+@@ -76,50 +76,8 @@
+     else:
+         return base28_chr[n]
+ 
+-def add_entropy_sources_OpenSSL():
+-    # Other possibly variable data. This are very low quality sources of
+-    # entropy, but some of them are installation dependent and can be hard
+-    # to guess for the attacker.
+-    # Data available on all platforms Unix, Windows
+-    sources = [sys.argv, sys.builtin_module_names,
+-        sys.copyright, sys.getfilesystemencoding(), sys.hexversion,
+-        sys.modules, sys.path, sys.version, sys.api_version,
+-        os.environ, os.getcwd(), os.getpid()]
+-
+-    for s in sources:
+-        OpenSSL.rand.add(str(s), 1)
+-
+-    # The /proc filesystem on POSIX systems contains many random variables:
+-    # memory statistics, interrupt counts, network packet counts
+-    if os.name == 'posix':
+-        dirs = ['/proc', '/proc/net', '/proc/self']
+-        for d in dirs:
+-            if os.access(d, os.R_OK):
+-                for filename in os.listdir(d):
+-                    OpenSSL.rand.add(filename, 0)
+-                    try:
+-                        with open(d + os.sep + filename, "r") as fp:
+-                        # Limit the ammount of read bytes, in case a memory
+-                        # file was opened
+-                            OpenSSL.rand.add(str(fp.read(5000)), 1)
+-                    except IOError:
+-                        # Ignore all read and access errors
+-                        pass
+-
+-PYOPENSSL_PRNG_PRESENT = False
+-try:
+-    import OpenSSL.rand
+-    PYOPENSSL_PRNG_PRESENT = True
+-except ImportError:
+-    # PyOpenSSL PRNG not available
+-    pass
+-
+ def random_bytes(bytes_):
+-    if PYOPENSSL_PRNG_PRESENT:
+-        OpenSSL.rand.add(os.urandom(bytes_), bytes_)
+-        return OpenSSL.rand.bytes(bytes_)
+-    else:
+-        return os.urandom(bytes_)
++    return os.urandom(bytes_)
+ 
+ def generate_nonce():
+     return random_bytes(8)
+--- src/gajim.py.orig
++++ src/gajim.py
+@@ -296,20 +296,6 @@
+ pid_filename = gajimpaths['PID_FILE']
+ config_filename = gajimpaths['CONFIG_FILE']
+ 
+-# Seed the OpenSSL pseudo random number generator from file and initialize
+-RNG_SEED = gajimpaths['RNG_SEED']
+-PYOPENSSL_PRNG_PRESENT = False
+-try:
+-    import OpenSSL.rand
+-    from common import crypto
+-    PYOPENSSL_PRNG_PRESENT = True
+-    # Seed from file
+-    OpenSSL.rand.load_file(str(RNG_SEED))
+-    crypto.add_entropy_sources_OpenSSL()
+-    OpenSSL.rand.write_file(str(RNG_SEED))
+-except ImportError:
+-    log.info("PyOpenSSL PRNG not available")
+-
+ import traceback
+ import errno
+ import dialogs
+@@ -456,9 +442,6 @@
+ del pid_dir
+ 
+ def on_exit():
+-    # Save the entropy from OpenSSL PRNG
+-    if PYOPENSSL_PRNG_PRESENT:
+-        OpenSSL.rand.write_file(str(RNG_SEED))
+     # delete pid file on normal exit
+     if os.path.exists(pid_filename):
+         os.remove(pid_filename)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801291118.w0TBI2GQ072015>