From owner-svn-ports-head@freebsd.org Mon Nov 19 17:35:58 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 615E9110DF1D; Mon, 19 Nov 2018 17:35:58 +0000 (UTC) (envelope-from tobik@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0054681418; Mon, 19 Nov 2018 17:35:58 +0000 (UTC) (envelope-from tobik@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CF53C2530C; Mon, 19 Nov 2018 17:35:57 +0000 (UTC) (envelope-from tobik@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAJHZvKD066731; Mon, 19 Nov 2018 17:35:57 GMT (envelope-from tobik@FreeBSD.org) Received: (from tobik@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAJHZvZM066730; Mon, 19 Nov 2018 17:35:57 GMT (envelope-from tobik@FreeBSD.org) Message-Id: <201811191735.wAJHZvZM066730@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tobik set sender to tobik@FreeBSD.org using -f From: Tobias Kortkamp Date: Mon, 19 Nov 2018 17:35:57 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r485334 - in head/security/botan110: . files X-SVN-Group: ports-head X-SVN-Commit-Author: tobik X-SVN-Commit-Paths: in head/security/botan110: . files X-SVN-Commit-Revision: 485334 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 0054681418 X-Spamd-Result: default: False [0.53 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.50)[0.498,0]; NEURAL_SPAM_MEDIUM(0.04)[0.036,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2018 17:35:58 -0000 Author: tobik Date: Mon Nov 19 17:35:57 2018 New Revision: 485334 URL: https://svnweb.freebsd.org/changeset/ports/485334 Log: security/botan110: Attempt to unbreak consumers with OpenSSL 1.1.1 The OpenSSL 1.1.1 support added in ports r483489 was incomplete and leads to segfaults and build failures in consumers [1,2]. Amend the patch to actually allocate some memory. While here hook up the test suite. [1] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/bundy-0.20170618_10.log [2] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/monotone-1.1_13.log PR: 229030 Approved by: lapo@lapo.it (maintainer timeout, 2 weeks) Pointy hat: fluffy Modified: head/security/botan110/Makefile head/security/botan110/files/extra-patch-openssl11 Modified: head/security/botan110/Makefile ============================================================================== --- head/security/botan110/Makefile Mon Nov 19 17:29:51 2018 (r485333) +++ head/security/botan110/Makefile Mon Nov 19 17:35:57 2018 (r485334) @@ -3,6 +3,7 @@ PORTNAME= botan DISTVERSION= 1.10.17 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://botan.randombit.net/releases/ PKGNAMESUFFIX= 110 @@ -24,11 +25,12 @@ HAS_CONFIGURE= yes CONFIGURE_SCRIPT= configure.py CONFIGURE_ARGS= --prefix=${PREFIX} --cc ${CHOSEN_COMPILER_TYPE} \ --with-tr1-implementation=system --with-bzip2 --with-zlib -MAKE_ARGS= CXX="${CXX}" LIB_OPT="${CXXFLAGS}" +MAKE_ARGS= CXX="${CXX}" CHECK_OPT="${CXXFLAGS}" LIB_OPT="${CXXFLAGS}" USE_LDCONFIG= yes PLIST_FILES= bin/botan-config-1.10 lib/libbotan-1.10.a lib/libbotan-1.10.so lib/libbotan-1.10.so.1 \ lib/libbotan-1.10.so.1.17 libdata/pkgconfig/botan-1.10.pc SHEBANG_FILES= configure.py +TEST_TARGET= check DOCSDIR= ${PREFIX}/share/doc/${PORTNAME}-${PORTVERSION} PORTDOCS= * @@ -56,5 +58,8 @@ post-patch-DOCS-off: post-install: @(cd "${STAGEDIR}${PREFIX}"; ${FIND} -s include/botan-1.10 -not -type d) >> ${TMPPLIST} + +post-test: + cd ${WRKSRC} && ${SETENV} LD_LIBRARY_PATH="." ./check --test .include Modified: head/security/botan110/files/extra-patch-openssl11 ============================================================================== --- head/security/botan110/files/extra-patch-openssl11 Mon Nov 19 17:29:51 2018 (r485333) +++ head/security/botan110/files/extra-patch-openssl11 Mon Nov 19 17:35:57 2018 (r485334) @@ -1,4 +1,4 @@ ---- src/engine/openssl/ossl_bc.cpp.orig 2018-10-15 00:16:53 UTC +--- src/engine/openssl/ossl_bc.cpp.orig 2017-10-02 06:00:00 UTC +++ src/engine/openssl/ossl_bc.cpp @@ -8,10 +8,6 @@ #include @@ -11,7 +11,7 @@ namespace Botan { namespace { -@@ -44,7 +40,7 @@ +@@ -44,7 +40,7 @@ class EVP_BlockCipher : public BlockCipher size_t block_sz; Key_Length_Specification cipher_key_spec; std::string cipher_name; @@ -20,49 +20,53 @@ }; /* -@@ -59,14 +55,14 @@ +@@ -59,14 +55,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE) throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in"); - EVP_CIPHER_CTX_init(&encrypt); - EVP_CIPHER_CTX_init(&decrypt); -+ EVP_CIPHER_CTX_init(encrypt); -+ EVP_CIPHER_CTX_init(decrypt); ++ if ((encrypt = EVP_CIPHER_CTX_new()) == NULL) ++ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed"); ++ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0); ++ EVP_CIPHER_CTX_set_padding(encrypt, 0); - EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0); - EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0); -+ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0); -+ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0); - +- - EVP_CIPHER_CTX_set_padding(&encrypt, 0); - EVP_CIPHER_CTX_set_padding(&decrypt, 0); -+ EVP_CIPHER_CTX_set_padding(encrypt, 0); ++ if ((decrypt = EVP_CIPHER_CTX_new()) == NULL) ++ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed"); ++ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0); + EVP_CIPHER_CTX_set_padding(decrypt, 0); } /* -@@ -83,14 +79,14 @@ +@@ -83,14 +80,15 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE) throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in"); - EVP_CIPHER_CTX_init(&encrypt); - EVP_CIPHER_CTX_init(&decrypt); -+ EVP_CIPHER_CTX_init(encrypt); -+ EVP_CIPHER_CTX_init(decrypt); ++ if ((encrypt = EVP_CIPHER_CTX_new()) == NULL) ++ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed"); ++ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0); ++ EVP_CIPHER_CTX_set_padding(encrypt, 0); - EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0); - EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0); -+ EVP_EncryptInit_ex(encrypt, algo, 0, 0, 0); -+ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0); - +- - EVP_CIPHER_CTX_set_padding(&encrypt, 0); - EVP_CIPHER_CTX_set_padding(&decrypt, 0); -+ EVP_CIPHER_CTX_set_padding(encrypt, 0); ++ if ((decrypt = EVP_CIPHER_CTX_new()) == NULL) ++ throw Invalid_Argument("EVP_BlockCipher: EVP_CIPHER_CTX_new failed"); ++ EVP_DecryptInit_ex(decrypt, algo, 0, 0, 0); + EVP_CIPHER_CTX_set_padding(decrypt, 0); } /* -@@ -98,8 +94,8 @@ +@@ -98,8 +96,8 @@ EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* alg */ EVP_BlockCipher::~EVP_BlockCipher() { @@ -73,7 +77,7 @@ } /* -@@ -109,7 +105,7 @@ +@@ -109,7 +107,7 @@ void EVP_BlockCipher::encrypt_n(const byte in[], byte size_t blocks) const { int out_len = 0; @@ -82,7 +86,7 @@ } /* -@@ -119,7 +115,7 @@ +@@ -119,7 +117,7 @@ void EVP_BlockCipher::decrypt_n(const byte in[], byte size_t blocks) const { int out_len = 0; @@ -91,7 +95,7 @@ } /* -@@ -134,19 +130,19 @@ +@@ -134,19 +132,19 @@ void EVP_BlockCipher::key_schedule(const byte key[], s full_key += std::make_pair(key, 8); } else @@ -117,7 +121,7 @@ } /* -@@ -154,7 +150,7 @@ +@@ -154,7 +152,7 @@ void EVP_BlockCipher::key_schedule(const byte key[], s */ BlockCipher* EVP_BlockCipher::clone() const { @@ -126,7 +130,7 @@ cipher_name, cipher_key_spec.minimum_keylength(), cipher_key_spec.maximum_keylength(), -@@ -166,16 +162,16 @@ +@@ -166,16 +164,16 @@ BlockCipher* EVP_BlockCipher::clone() const */ void EVP_BlockCipher::clear() { @@ -152,7 +156,7 @@ } } ---- src/engine/openssl/ossl_md.cpp.orig 2018-10-15 00:26:19 UTC +--- src/engine/openssl/ossl_md.cpp.orig 2017-10-02 06:00:00 UTC +++ src/engine/openssl/ossl_md.cpp @@ -8,10 +8,6 @@ #include @@ -165,7 +169,7 @@ namespace Botan { namespace { -@@ -28,12 +24,12 @@ +@@ -28,12 +24,12 @@ class EVP_HashFunction : public HashFunction size_t output_length() const { @@ -180,7 +184,7 @@ } EVP_HashFunction(const EVP_MD*, const std::string&); -@@ -44,7 +40,7 @@ +@@ -44,7 +40,7 @@ class EVP_HashFunction : public HashFunction size_t block_size; std::string algo_name; @@ -189,7 +193,7 @@ }; /* -@@ -52,7 +48,7 @@ +@@ -52,7 +48,7 @@ class EVP_HashFunction : public HashFunction */ void EVP_HashFunction::add_data(const byte input[], size_t length) { @@ -198,7 +202,7 @@ } /* -@@ -60,9 +56,9 @@ +@@ -60,9 +56,9 @@ void EVP_HashFunction::add_data(const byte input[], si */ void EVP_HashFunction::final_result(byte output[]) { @@ -211,7 +215,7 @@ } /* -@@ -70,8 +66,8 @@ +@@ -70,8 +66,8 @@ void EVP_HashFunction::final_result(byte output[]) */ void EVP_HashFunction::clear() { @@ -222,7 +226,7 @@ } /* -@@ -79,7 +75,7 @@ +@@ -79,7 +75,7 @@ void EVP_HashFunction::clear() */ HashFunction* EVP_HashFunction::clone() const { @@ -231,18 +235,19 @@ return new EVP_HashFunction(algo, name()); } -@@ -90,8 +86,8 @@ +@@ -90,8 +86,9 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo, const std::string& name) : algo_name(name) { - EVP_MD_CTX_init(&md); - EVP_DigestInit_ex(&md, algo, 0); -+ EVP_MD_CTX_init(md); ++ if ((md = EVP_MD_CTX_new()) == NULL) ++ throw Invalid_Argument("EVP_HashFunction: EVP_MD_CTX_new failed"); + EVP_DigestInit_ex(md, algo, 0); } /* -@@ -99,7 +95,11 @@ +@@ -99,7 +96,11 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo, */ EVP_HashFunction::~EVP_HashFunction() {