Sat Apr 25 13:57:48 2020 UTC ()
yafic: Unbreak with OpenSSL 1.1. Patch taken from FreeBSD Ports.
(nia)
diff -r1.12 -r1.13 pkgsrc/security/yafic/Makefile
diff -r1.3 -r1.4 pkgsrc/security/yafic/distinfo
diff -r0 -r1.1 pkgsrc/security/yafic/patches/patch-crypto.c
--- pkgsrc/security/yafic/Makefile 2020/04/24 11:41:38 1.12
+++ pkgsrc/security/yafic/Makefile 2020/04/25 13:57:47 1.13
| @@ -1,19 +1,17 @@ | | | @@ -1,19 +1,17 @@ |
| 1 | # $NetBSD: Makefile,v 1.12 2020/04/24 11:41:38 nia Exp $ | | 1 | # $NetBSD: Makefile,v 1.13 2020/04/25 13:57:47 nia Exp $ |
| 2 | | | 2 | |
| 3 | DISTNAME= yafic-1.2.2 | | 3 | DISTNAME= yafic-1.2.2 |
| 4 | PKGREVISION= 2 | | 4 | PKGREVISION= 2 |
| 5 | CATEGORIES= security | | 5 | CATEGORIES= security |
| 6 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=yafic/} | | 6 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=yafic/} |
| 7 | | | 7 | |
| 8 | MAINTAINER= pkgsrc-users@NetBSD.org | | 8 | MAINTAINER= pkgsrc-users@NetBSD.org |
| 9 | HOMEPAGE= https://www.saddi.com/software/yafic/ | | 9 | HOMEPAGE= https://www.saddi.com/software/yafic/ |
| 10 | COMMENT= File integrity checker | | 10 | COMMENT= File integrity checker |
| 11 | LICENSE= modified-bsd | | 11 | LICENSE= modified-bsd |
| 12 | | | 12 | |
| 13 | BROKEN= "Fails to build with OpenSSL 1.1" | | | |
| 14 | | | | |
| 15 | GNU_CONFIGURE= YES | | 13 | GNU_CONFIGURE= YES |
| 16 | | | 14 | |
| 17 | .include "../../security/openssl/buildlink3.mk" | | 15 | .include "../../security/openssl/buildlink3.mk" |
| 18 | .include "../../mk/bdb.buildlink3.mk" | | 16 | .include "../../mk/bdb.buildlink3.mk" |
| 19 | .include "../../mk/bsd.pkg.mk" | | 17 | .include "../../mk/bsd.pkg.mk" |
--- pkgsrc/security/yafic/distinfo 2015/11/04 01:18:12 1.3
+++ pkgsrc/security/yafic/distinfo 2020/04/25 13:57:47 1.4
| @@ -1,7 +1,8 @@ | | | @@ -1,7 +1,8 @@ |
| 1 | $NetBSD: distinfo,v 1.3 2015/11/04 01:18:12 agc Exp $ | | 1 | $NetBSD: distinfo,v 1.4 2020/04/25 13:57:47 nia Exp $ |
| 2 | | | 2 | |
| 3 | SHA1 (yafic-1.2.2.tar.gz) = 0592df76f87a6b5b972c1e8c1c08c771e3ffdf7f | | 3 | SHA1 (yafic-1.2.2.tar.gz) = 0592df76f87a6b5b972c1e8c1c08c771e3ffdf7f |
| 4 | RMD160 (yafic-1.2.2.tar.gz) = 976cb8a75bb9cdf75961a60929c5e778049a97b4 | | 4 | RMD160 (yafic-1.2.2.tar.gz) = 976cb8a75bb9cdf75961a60929c5e778049a97b4 |
| 5 | SHA512 (yafic-1.2.2.tar.gz) = 8e05a0838fc2063f1c6bb69d660e9ff5c9fbdc4199e1396232327498c04d037b35307c348d64d928e561875f5cf0ad40c24fd097680cd814b2308608cf738957 | | 5 | SHA512 (yafic-1.2.2.tar.gz) = 8e05a0838fc2063f1c6bb69d660e9ff5c9fbdc4199e1396232327498c04d037b35307c348d64d928e561875f5cf0ad40c24fd097680cd814b2308608cf738957 |
| 6 | Size (yafic-1.2.2.tar.gz) = 96893 bytes | | 6 | Size (yafic-1.2.2.tar.gz) = 96893 bytes |
| 7 | SHA1 (patch-aa) = 288f5793947fbd844e0cdf7706cabd9b9f37abcc | | 7 | SHA1 (patch-aa) = 288f5793947fbd844e0cdf7706cabd9b9f37abcc |
| | | 8 | SHA1 (patch-crypto.c) = 91912dcdfcabc285deea64914bdf9e81e47de359 |
$NetBSD: patch-crypto.c,v 1.1 2020/04/25 13:57:48 nia Exp $
Fix build with OpenSSL >=1.1.
From FreeBSD Ports.
--- crypto.c.orig 2004-03-21 12:02:32.000000000 +0000
+++ crypto.c
@@ -56,6 +56,30 @@ static const char rcsid[] =
static EVP_PKEY *pkey;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+static void *OPENSSL_zalloc (size_t num)
+{
+ void *ret = OPENSSL_malloc (num);
+
+ if (ret != NULL)
+ memset (ret, 0, num);
+ return ret;
+}
+
+EVP_MD_CTX *EVP_MD_CTX_new (void)
+{
+ return OPENSSL_zalloc (sizeof (EVP_MD_CTX));
+}
+
+void EVP_MD_CTX_free (EVP_MD_CTX *ctx)
+{
+ EVP_MD_CTX_cleanup (ctx);
+ OPENSSL_free (ctx);
+}
+
+#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+
static void
opensslError (const char *what)
{
@@ -100,7 +124,7 @@ void
SignFile (int fd, const char *filename, const char *sigfile)
{
const EVP_MD *mdType;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx;
ssize_t len;
unsigned char *sig = NULL;
unsigned int sigLen;
@@ -111,8 +135,12 @@ SignFile (int fd, const char *filename,
if (!pkey)
return;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
EVP_sha1 ();
+#else
+ mdType = EVP_sha1 ();
+#endif
if (!sigfile) {
int tlen = strlen (filename) + 4 + 1;
@@ -122,21 +150,23 @@ SignFile (int fd, const char *filename,
sigfile = tsigfile;
}
+ if ((ctx = EVP_MD_CTX_new ()) == NULL)
+ opensslError ("EVP_MD_CTX_new");
#ifdef HAVE_EVP_MD_CTX_INIT
- EVP_MD_CTX_init (&ctx);
+ EVP_MD_CTX_init (ctx);
#endif
#ifdef EVP_DIGESTINIT_VOID
- EVP_SignInit (&ctx, mdType);
+ EVP_SignInit (ctx, mdType);
#else
- if (!EVP_SignInit (&ctx, mdType))
+ if (!EVP_SignInit (ctx, mdType))
opensslError ("EVP_SignInit");
#endif
while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
#ifdef EVP_DIGESTINIT_VOID
- EVP_SignUpdate (&ctx, HashBuffer, len);
+ EVP_SignUpdate (ctx, HashBuffer, len);
#else
- if (!EVP_SignUpdate (&ctx, HashBuffer, len))
+ if (!EVP_SignUpdate (ctx, HashBuffer, len))
opensslError ("EVP_SignUpdate");
#endif
}
@@ -146,7 +176,7 @@ SignFile (int fd, const char *filename,
sig = mymalloc (EVP_PKEY_size (pkey));
- if (EVP_SignFinal (&ctx, sig, &sigLen, pkey)) {
+ if (EVP_SignFinal (ctx, sig, &sigLen, pkey)) {
if ((f = open (sigfile, O_CREAT|O_WRONLY|O_TRUNC, 0600)) != -1) {
if (write (f, sig, sigLen) != sigLen)
yaficError (sigfile);
@@ -162,15 +192,16 @@ SignFile (int fd, const char *filename,
if (sig) free (sig);
if (tsigfile) free (tsigfile);
#ifdef HAVE_EVP_MD_CTX_CLEANUP
- EVP_MD_CTX_cleanup (&ctx);
+ EVP_MD_CTX_cleanup (ctx);
#endif
+ EVP_MD_CTX_free (ctx);
}
void
VerifyFile (int fd, const char *filename, const char *sigfile)
{
const EVP_MD *mdType;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx;
ssize_t len;
unsigned char *sig = NULL;
int f;
@@ -181,8 +212,12 @@ VerifyFile (int fd, const char *filename
if (!pkey)
return;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
mdType = EVP_PKEY_type (pkey->type) == EVP_PKEY_DSA ? EVP_dss1 () :
EVP_sha1 ();
+#else
+ mdType = EVP_sha1 ();
+#endif
if (!sigfile) {
int tlen = strlen (filename) + 4 + 1;
@@ -195,13 +230,15 @@ VerifyFile (int fd, const char *filename
fprintf (stderr, "Verifying %s: ", filename);
fflush (stderr);
+ if ((ctx = EVP_MD_CTX_new ()) == NULL)
+ opensslError ("EVP_MD_CTX_new");
#ifdef HAVE_EVP_MD_CTX_INIT
- EVP_MD_CTX_init (&ctx);
+ EVP_MD_CTX_init (ctx);
#endif
#ifdef EVP_DIGESTINIT_VOID
- EVP_VerifyInit (&ctx, mdType);
+ EVP_VerifyInit (ctx, mdType);
#else
- if (!EVP_VerifyInit (&ctx, mdType)) {
+ if (!EVP_VerifyInit (ctx, mdType)) {
fprintf (stderr, "Error\n");
opensslError ("EVP_VerifyInit");
}
@@ -209,9 +246,9 @@ VerifyFile (int fd, const char *filename
while ((len = read (fd, HashBuffer, HASH_BUFFER_SIZE)) > 0) {
#ifdef EVP_DIGESTINIT_VOID
- EVP_VerifyUpdate (&ctx, HashBuffer, len);
+ EVP_VerifyUpdate (ctx, HashBuffer, len);
#else
- if (!EVP_VerifyUpdate (&ctx, HashBuffer, len)) {
+ if (!EVP_VerifyUpdate (ctx, HashBuffer, len)) {
fprintf (stderr, "Error\n");
opensslError ("EVP_SignUpdate");
}
@@ -233,7 +270,7 @@ VerifyFile (int fd, const char *filename
close (f);
- ret = EVP_VerifyFinal (&ctx, sig, len, pkey);
+ ret = EVP_VerifyFinal (ctx, sig, len, pkey);
if (ret < 0) {
fprintf (stderr, "Error\n");
opensslError ("EVP_VerifyFinal");
@@ -254,8 +291,9 @@ VerifyFile (int fd, const char *filename
if (sig) free (sig);
if (tsigfile) free (tsigfile);
#ifdef HAVE_EVP_MD_CTX_CLEANUP
- EVP_MD_CTX_cleanup (&ctx);
+ EVP_MD_CTX_cleanup (ctx);
#endif
+ EVP_MD_CTX_free (ctx);
}
const char *
@@ -265,7 +303,11 @@ KeyTypeStr (void)
if (pkey) {
int bits = EVP_PKEY_bits (pkey);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int type = EVP_PKEY_type (pkey->type);
+#else
+ int type = EVP_PKEY_base_id (pkey);
+#endif
switch (type) {
case EVP_PKEY_RSA: