Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id C10F07A10E for ; Thu, 29 Sep 2016 12:14:39 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 72F3085F0A; Thu, 29 Sep 2016 12:14:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 02E7485F00 for ; Thu, 29 Sep 2016 12:14:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id vQZkcp-rDmeq for ; Thu, 29 Sep 2016 12:14:38 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 391A885EFC for ; Thu, 29 Sep 2016 12:14:38 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 327B3FBD2; Thu, 29 Sep 2016 12:14:38 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1475151278277300" MIME-Version: 1.0 Date: Thu, 29 Sep 2016 12:14:38 +0000 From: "Joerg Sonnenberger" Subject: CVS commit: pkgsrc/security/libprelude To: pkgsrc-changes@NetBSD.org Reply-To: joerg@netbsd.org X-Mailer: log_accum Message-Id: <20160929121438.327B3FBD2@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk This is a multi-part message in MIME format. --_----------=_1475151278277300 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: joerg Date: Thu Sep 29 12:14:38 UTC 2016 Modified Files: pkgsrc/security/libprelude: Makefile distinfo pkgsrc/security/libprelude/patches: patch-ab patch-ba patch-bb Log Message: Fix build against newer gnutls. To generate a diff of this commit: cvs rdiff -u -r1.56 -r1.57 pkgsrc/security/libprelude/Makefile cvs rdiff -u -r1.37 -r1.38 pkgsrc/security/libprelude/distinfo cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/libprelude/patches/patch-ab cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/libprelude/patches/patch-ba \ pkgsrc/security/libprelude/patches/patch-bb Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1475151278277300 Content-Disposition: inline Content-Length: 10267 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/libprelude/Makefile diff -u pkgsrc/security/libprelude/Makefile:1.56 pkgsrc/security/libprelude/Makefile:1.57 --- pkgsrc/security/libprelude/Makefile:1.56 Mon Sep 19 13:04:19 2016 +++ pkgsrc/security/libprelude/Makefile Thu Sep 29 12:14:37 2016 @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.56 2016/09/19 13:04:19 wiz Exp $ +# $NetBSD: Makefile,v 1.57 2016/09/29 12:14:37 joerg Exp $ # COMMENT= LibPrelude libraries and c++ easy bindings -PKGREVISION= 13 +PKGREVISION= 14 .include "../../security/libprelude/Makefile.common" Index: pkgsrc/security/libprelude/distinfo diff -u pkgsrc/security/libprelude/distinfo:1.37 pkgsrc/security/libprelude/distinfo:1.38 --- pkgsrc/security/libprelude/distinfo:1.37 Wed Nov 4 01:17:49 2015 +++ pkgsrc/security/libprelude/distinfo Thu Sep 29 12:14:37 2016 @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.37 2015/11/04 01:17:49 agc Exp $ +$NetBSD: distinfo,v 1.38 2016/09/29 12:14:37 joerg Exp $ SHA1 (libprelude-0.9.24.1.tar.gz) = b8c0c43efb33f3da741feac59b7a5482adf56282 RMD160 (libprelude-0.9.24.1.tar.gz) = 0a2688cf5c44e834c07eaba36d333155b2ca226d SHA512 (libprelude-0.9.24.1.tar.gz) = f7f86f1f92e84e66f198e04e1d9a6b82c28d8239835919b76bfdb3034270956d915eea0a6c8d9a9eeb519ad02396ab50f14cf820b95c7288d2188ac85923b05c Size (libprelude-0.9.24.1.tar.gz) = 2582719 bytes SHA1 (patch-aa) = 4781d5d5f726b74e3e2179217ff2db9672c12158 -SHA1 (patch-ab) = 96418b2ce697bdfef83780e0dbc47d95568d3a16 +SHA1 (patch-ab) = 126b42abda48d8200040519210a962474fc7c3d0 SHA1 (patch-ac) = 7474b2cf8cbb7fca81d85fe7c575f8ca99f90a43 SHA1 (patch-ad) = 195228e1e04918275a3ab1cccb838de081a9ec98 SHA1 (patch-ae) = d8b22cea826727a41108d65f84b594d0879397b2 @@ -17,6 +17,6 @@ SHA1 (patch-ak) = d5ba7700db11bee688d56e SHA1 (patch-al) = a3c150d76c91e33703d9ee05cd32e5d6f7b1264a SHA1 (patch-am) = 5581c999105a5d3b616e090afc105781e66eb888 SHA1 (patch-an) = 1f92ed4028087d9a357fcf3788978495d63a13e3 -SHA1 (patch-ba) = adb9d29439df7f6f75396914e2f7f9732983eecf -SHA1 (patch-bb) = 42ddad73912f8a5dd0deab11a710c5dcf32af322 +SHA1 (patch-ba) = 333d6e3f842d80888be0cec3921417fe51a027bc +SHA1 (patch-bb) = ca80e503226a2e1adcc0976597a225a51a74b8f9 SHA1 (patch-src_include_prelude-plugin.h) = 4731b98059971577819906d84fe7f160c24c04f5 Index: pkgsrc/security/libprelude/patches/patch-ab diff -u pkgsrc/security/libprelude/patches/patch-ab:1.3 pkgsrc/security/libprelude/patches/patch-ab:1.4 --- pkgsrc/security/libprelude/patches/patch-ab:1.3 Mon Jul 21 12:10:49 2008 +++ pkgsrc/security/libprelude/patches/patch-ab Thu Sep 29 12:14:38 2016 @@ -1,22 +1,12 @@ -$NetBSD: patch-ab,v 1.3 2008/07/21 12:10:49 shannonjr Exp $ +$NetBSD: patch-ab,v 1.4 2016/09/29 12:14:38 joerg Exp $ ---- src/tls-auth.c.orig 2008-07-18 08:32:52.000000000 -0600 +--- src/tls-auth.c.orig 2009-05-12 07:49:43.000000000 +0000 +++ src/tls-auth.c -@@ -269,6 +269,7 @@ int tls_auth_connection(prelude_client_p - void *cred; - int ret, fd; - gnutls_session session; -+ int cipher_list[2]; - - if ( ! priority_set ) { - ret = tls_auth_init_priority(NULL); -@@ -285,6 +286,9 @@ int tls_auth_connection(prelude_client_p +@@ -259,6 +260,7 @@ int tls_auth_connection(prelude_client_p return prelude_error_verbose(PRELUDE_ERROR_PROFILE, "TLS initialization error: %s", gnutls_strerror(ret)); set_default_priority(session); -+ cipher_list[0] = GNUTLS_CIPHER_AES_128_CBC; -+ cipher_list[1] = 0; -+ gnutls_cipher_set_priority (session, cipher_list); ++ gnutls_priority_set_direct (session, "NORMAL", NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred); fd = prelude_io_get_fd(io); Index: pkgsrc/security/libprelude/patches/patch-ba diff -u pkgsrc/security/libprelude/patches/patch-ba:1.1 pkgsrc/security/libprelude/patches/patch-ba:1.2 --- pkgsrc/security/libprelude/patches/patch-ba:1.1 Thu Jul 5 15:42:56 2012 +++ pkgsrc/security/libprelude/patches/patch-ba Thu Sep 29 12:14:38 2016 @@ -1,4 +1,4 @@ -$NetBSD: patch-ba,v 1.1 2012/07/05 15:42:56 drochner Exp $ +$NetBSD: patch-ba,v 1.2 2016/09/29 12:14:38 joerg Exp $ make this build with gnutls-3 @@ -12,3 +12,106 @@ make this build with gnutls-3 #include "common.h" #include "config-engine.h" +@@ -841,29 +840,70 @@ static int anon_check_passwd(prelude_io_ + } + + ++static inline gnutls_transport_ptr_t fd_to_ptr(int fd) ++{ ++ union { ++ gnutls_transport_ptr_t ptr; ++ int fd; ++ } data; ++ ++ data.fd = fd; ++ ++ return data.ptr; ++} ++ ++ ++static inline int ptr_to_fd(gnutls_transport_ptr_t ptr) ++{ ++ union { ++ gnutls_transport_ptr_t ptr; ++ int fd; ++ } data; ++ ++ data.ptr = ptr; ++ return data.fd; ++} ++ ++ ++static ssize_t tls_pull(gnutls_transport_ptr_t fd, void *buf, size_t count) ++{ ++ return read(ptr_to_fd(fd), buf, count); ++} ++ ++ ++static ssize_t tls_push(gnutls_transport_ptr_t fd, const void *buf, size_t count) ++{ ++ return write(ptr_to_fd(fd), buf, count); ++} ++ + + static gnutls_session new_tls_session(int sock, char *passwd) + { + int ret; + gnutls_session session; + gnutls_anon_client_credentials anoncred; ++ const char *err; + +- const int kx_priority[] = { +- GNUTLS_KX_ANON_DH, +-#ifdef GNUTLS_SRP_ENABLED +- GNUTLS_KX_SRP, GNUTLS_KX_SRP_DSS, GNUTLS_KX_SRP_RSA, ++#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3 ++# define TLS_DH_STR "+ANON-ECDH:+ANON-DH" ++#else ++# define TLS_DH_STR "+ANON-DH" + #endif +- 0 +- }; + +- union { +- int fd; +- void *ptr; +- } data; ++#ifdef GNUTLS_SRP_ENABLED ++ const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; ++#else ++ const char *pstring = "NORMAL:" TLS_DH_STR; ++#endif + + gnutls_init(&session, GNUTLS_CLIENT); + gnutls_set_default_priority(session); +- gnutls_kx_set_priority(session, kx_priority); ++ ++ ret = gnutls_priority_set_direct(session, pstring, &err); ++ if (ret < 0) { ++ fprintf(stderr, "TLS priority syntax error at: %s\n", err); ++ return NULL; ++ } + + #ifdef GNUTLS_SRP_ENABLED + { +@@ -877,8 +917,9 @@ static gnutls_session new_tls_session(in + gnutls_anon_allocate_client_credentials(&anoncred); + gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); + +- data.fd = sock; +- gnutls_transport_set_ptr(session, data.ptr); ++ gnutls_transport_set_ptr(session, fd_to_ptr(sock)); ++ gnutls_transport_set_pull_function(session, tls_pull); ++ gnutls_transport_set_push_function(session, tls_push); + + ret = gnutls_handshake(session); + if ( ret < 0 ) { +@@ -897,8 +938,6 @@ static gnutls_session new_tls_session(in + return session; + } + +- +- + static prelude_io_t *connect_manager(const char *addr, unsigned int port, char *passwd) + { + int ret, sock; Index: pkgsrc/security/libprelude/patches/patch-bb diff -u pkgsrc/security/libprelude/patches/patch-bb:1.1 pkgsrc/security/libprelude/patches/patch-bb:1.2 --- pkgsrc/security/libprelude/patches/patch-bb:1.1 Thu Jul 5 15:42:56 2012 +++ pkgsrc/security/libprelude/patches/patch-bb Thu Sep 29 12:14:38 2016 @@ -1,4 +1,4 @@ -$NetBSD: patch-bb,v 1.1 2012/07/05 15:42:56 drochner Exp $ +$NetBSD: patch-bb,v 1.2 2016/09/29 12:14:38 joerg Exp $ make this build with gnutls-3 @@ -12,3 +12,97 @@ make this build with gnutls-3 #include "prelude-client.h" #include "prelude-error.h" +@@ -97,26 +96,71 @@ static int anon_check_passwd(prelude_io_ + } + + ++static inline gnutls_transport_ptr_t fd_to_ptr(int fd) ++{ ++ union { ++ gnutls_transport_ptr_t ptr; ++ int fd; ++ } data; ++ ++ data.fd = fd; ++ ++ return data.ptr; ++} ++ ++ ++static inline int ptr_to_fd(gnutls_transport_ptr_t ptr) ++{ ++ union { ++ gnutls_transport_ptr_t ptr; ++ int fd; ++ } data; ++ ++ data.ptr = ptr; ++ return data.fd; ++} ++ ++ ++ ++static ssize_t tls_pull(gnutls_transport_ptr_t fd, void *buf, size_t count) ++{ ++ return read(ptr_to_fd(fd), buf, count); ++} ++ ++static ssize_t tls_push(gnutls_transport_ptr_t fd, const void *buf, size_t count) ++{ ++ return write(ptr_to_fd(fd), buf, count); ++} ++ ++ + + static gnutls_session new_tls_session(int sock) + { + int ret; + gnutls_session session; +- const int kx_priority[] = { +- GNUTLS_KX_ANON_DH, ++ const char *err; ++ ++#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3 ++# define TLS_DH_STR "+ANON-ECDH:+ANON-DH" ++#else ++# define TLS_DH_STR "+ANON-DH" ++#endif ++ + #ifdef GNUTLS_SRP_ENABLED +- GNUTLS_KX_SRP, GNUTLS_KX_SRP_DSS, GNUTLS_KX_SRP_RSA, ++ const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; ++#else ++ const char *pstring = "NORMAL:" TLS_DH_STR; + #endif +- 0 }; +- union { +- int fd; +- void *ptr; +- } data; + + gnutls_init(&session, GNUTLS_SERVER); +- + gnutls_set_default_priority(session); +- gnutls_kx_set_priority(session, kx_priority); ++ ++ ret = gnutls_priority_set_direct(session, pstring, &err); ++ if (ret < 0) { ++ fprintf(stderr, "TLS priority syntax error at: %s\n", err); ++ return NULL; ++ } ++ + + #ifdef GNUTLS_SRP_ENABLED + gnutls_credentials_set(session, GNUTLS_CRD_SRP, srpcred); +@@ -124,8 +168,9 @@ static gnutls_session new_tls_session(in + #endif + gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); + +- data.fd = sock; +- gnutls_transport_set_ptr(session, data.ptr); ++ gnutls_transport_set_ptr(session, fd_to_ptr(sock)); ++ gnutls_transport_set_pull_function(session, tls_pull); ++ gnutls_transport_set_push_function(session, tls_push); + + ret = gnutls_handshake(session); + if ( ret < 0 ) { --_----------=_1475151278277300--