gentoo resync : 28.04.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-04-28 09:54:45 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2019-04-28 09:54:45 +0100
commit: b7ebc951da8800f711142f69d9d958bde67a112d (patch)
tree: e318514216845acb8f2e49fff7a5cba4027e9d91 /app-crypt/mit-krb5
parent: dc7cbdfa65fd814b3b9aa3c56257da201109e807 (diff)
3 files changed, 104 insertions, 2 deletions
diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest
index 9a783977fddb..36a5b7649283 100644
--- a/app-crypt/mit-krb5/Manifest
+++ b/app-crypt/mit-krb5/Manifest
@@ -1,6 +1,7 @@
 AUX CVE-2018-5729-5730.patch 11896 BLAKE2B 324bbd80acf4a2520909fc26f90f67cec06148ee0effecc43fbadd6c6445b57ee17eae57864c92a5ce0cdc3dbfb0540758910133195fd2078d334bc6e209a452 SHA512 b59ba6cb5d40cca6c8f539c028ba24c2fa6bd1750133545e912f519b91043d426cecf782209c373598fd895c6294e44fc2bc27af34c033ff367bdfb2cb4f91c4
 AUX kpropd.xinetd 194 BLAKE2B cfc40af2e75b0ce5a71e0dfdcfe076d13d996b25d2cb50d4282bc88d7b33b317a202d57df0bb4a2b47113f0d38cb508614e122e4a3bb7dfd2397e2daa3178396 SHA512 c9bbd13f2fadfd2a925bfae834ba61f227cd4386b4c4466b5227d93c792f4549778ef4d6e08353372df99804459277c71f61b41ec71f3afcc600d73c5705f72f
 AUX mit-krb5-1.12_warn_cflags.patch 448 BLAKE2B cd9793866173b394bab3497d19653ca3296924cc49aaf540499b149254265af1d995b4d7493b76185ce35d123e70827cb5fcb221efc6499b86a346cfad7478ab SHA512 42364d9cd8c0a6fd28ae661eeac4d0dd3f2001fe290bf9731ee99c2c786a6488805fc93057d59e201e2cef1e5280af4c170187aa5603f4cf542906abc0fccc2b
+AUX mit-krb5-1.16.3-libressl.patch 3831 BLAKE2B 1f386529069a08e100154640387354644e6e2e64475980af7c1a5be67c8880160f8532cdf4c4d677199a67b7131c495a02370edff08b5ac291d3f0a5adc369ab SHA512 655ce5f28688d06e57bf808f5363ae1bf3276a9c4aad7c08629a459f24efe07b462e8b56f9aaafe3e9cbe54e1846e3d97bd7857e420a7e7268f3a7c89d212383
 AUX mit-krb5-config_LDFLAGS.patch 466 BLAKE2B 2dd4f1cfc20bea229d08201d66e3de71472dccfa45dee9b260c51578187e706b864c0b4ff81c0c5a09fd29401c2abdbe334441ca075208299b02d5e1d49aff94 SHA512 9a1ca9b33e7708346eda78d199fdc51f0d7bd08d3d65ea15a19955a6155ab71b8ee0c8989859d6dff293a141f197ea19394a91b3b641181140a289b743e0f0e7
 AUX mit-krb5-libressl-version-check.patch 1123 BLAKE2B ca8bad504949c8dcbffe5f9906a38287a2483ffef8b0326cf361f7a07c44787aa0972a24a832aa4da9a1450fa41035bf216c55e1aafb8a890cc8d88f1e210e88 SHA512 cec03ab3577fd8f96f34e51e9380622b09ac5964687b2e8e45e066d16846a9add71c3fd44f6de305ee5c5be5a27a07e4758b6752afdd8a70149b3f191be609f8
 AUX mit-krb5kadmind.confd 76 BLAKE2B ca69357a77ddaf67e2f9c104b17d49af5da9891b13bd855f8b04d54bfb6ccf07ae8c5cb694f65a47646675c844c8f8c7224e8487081df678c73c554498259516 SHA512 dbf968800959f0463899031e823f003e9ece90132f452ebf03df08caf0e6a6e6ca2cfdee91491d269cfa24bef19e72dd33c7d818a4bb13ef85edfb6f0e8299f3
@@ -21,5 +22,5 @@ DIST krb5-1.16.tar.gz 9474479 BLAKE2B 0c5caa0a0d2308a447d47ab94d7b8dc92a67ad78b3
 EBUILD mit-krb5-1.16-r2.ebuild 4212 BLAKE2B eac567c47b44a75e06ea412da95ecfb5e65278132cca0757cc83804b71a61a55c6e6c226c2033eac323d237bcb804f674b033403c95caadd7fc35a8d6b5a57a7 SHA512 8c0d1dfb71cd9d5c08bbad176b1ed1b232f31da0e6dc09c1f239f6c90f55879774ef0b9b41b9a4ad5ab67896d1dbb2138bb13087152cb348bd52ea639de78a98
 EBUILD mit-krb5-1.16.1.ebuild 4172 BLAKE2B 4b120ec5bb2d750c6d76c1f6fda2cd21aedbfe771eb234e4d7b392868b6e9d9bcef4b6897df456d8ae30b9cc96a8b83636028d854cb2646172c4f0c27ecc0087 SHA512 af0736e57376a42e44e4a2d97587386590c5a3c5de56485b6db2016494b2bc392ba4bf573462576de5a909fd963da8095d349eaa5866f3ec3ffd427224650eb3
 EBUILD mit-krb5-1.16.2.ebuild 4294 BLAKE2B 4e36bfd702bf28bf73d81265a4d410ce53631c012b9090b6296f1ccb0b923b598ba7bf378451a3490d7018b0681fc9a882805707feb165975ef9ee072536cc89 SHA512 f026e3e3f59e6d4747a3bc3e71292092668f388b61a6d53db437b6fc79311f11c95f6d70e21c36911733900556015a4ebbfa01fc7bcca073561359ce72e9659f
-EBUILD mit-krb5-1.16.3.ebuild 4298 BLAKE2B 1c34349a18af2a0172b64011bd45f5421f3f39b9c36817a10e99be32b212c337446ef55ae4544e8baad32e706d74942e59d9022aa20153aeb98d2cd27df0fdd8 SHA512 5e0534a45cc859ef7226c75817949f9c3b0d0cc336930ceeb2482016db022769e83015b7f9201879986fb3c6ae2fae1f64b45eca22802003fe39d567608b7794
+EBUILD mit-krb5-1.16.3.ebuild 4287 BLAKE2B adfa76bf62c6c9ebd4d854307e77ded4dc6a061e54249332f3ea0ea16863063a18bb142ee02a4fc253ad6a0dc199242796b8b085b324800a12712a98753fc6c4 SHA512 0858f94f587c452c23952f533418ff134723c76061dd244e7ed800ca5d7d16bda1ab3c24494e989c1c6c2f11176c4dda3715d48b54862b643080d05d8d4481cb
 MISC metadata.xml 828 BLAKE2B f317440eac9d164e0640cb059dee0c3bdcfeaeb2d0e346d962f09b7152224efc10084611768663b84c67fdf73c9d89481370fe0b70ffe14aa10a360f60bd00f6 SHA512 c0f45699280d49b91eab24de6cbb28900170c3c4526b8c6ef0f6a996d3e53abd49911ce4f6ce7b28c69d37e86cc9e5b830977b9640809734e7fccf078886685c
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl.patch b/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl.patch
new file mode 100644
index 000000000000..7a655fb9a1d8
--- /dev/null
+++ b/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl.patch
@@ -0,0 +1,101 @@
+From 58263cbf3106f4c9c9a2252794093014a2f9c01f Mon Sep 17 00:00:00 2001
+From: Stefan Strogin <stefan.strogin@gmail.com>
+Date: Thu, 25 Apr 2019 03:48:10 +0300
+Subject: [PATCH] Fix build for LibreSSL 2.9.x
+
+asn1_mac.h is removed from LibreSSL 2.9.0, but static_ASN1_*() methods
+are not defined. Define them.
+
+Upstream-Status: Pending
+[Needs to be amended if
+https://github.com/libressl-portable/openbsd/pull/109 is accepted]
+Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
+---
+ .../preauth/pkinit/pkinit_crypto_openssl.c    | 13 ++++++++----
+ .../preauth/pkinit/pkinit_crypto_openssl.h    | 20 ++++++++++++++++++-
+ 2 files changed, 28 insertions(+), 5 deletions(-)
+
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+index 2064eb7bd..81d5d3cf2 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+@@ -188,14 +188,16 @@ pkinit_pkcs11_code_to_text(int err);
+     (*_x509_pp) = PKCS7_cert_from_signer_info(_p7,_si)
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+-/* 1.1 standardizes constructor and destructor names, renaming
+- * EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
++/* 1.1 (and LibreSSL 2.7) standardizes constructor and destructor names,
++ * renaming EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
+ 
++#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
+ #define EVP_MD_CTX_new EVP_MD_CTX_create
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #define ASN1_STRING_get0_data ASN1_STRING_data
++#endif
+ 
+ /* 1.1 makes many handle types opaque and adds accessors.  Add compatibility
+  * versions of the new accessors we use for pre-1.1. */
+@@ -203,6 +205,7 @@ pkinit_pkcs11_code_to_text(int err);
+ #define OBJ_get0_data(o) ((o)->data)
+ #define OBJ_length(o) ((o)->length)
+ 
++#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
+ #define DH_set0_pqg compat_dh_set0_pqg
+ static int compat_dh_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+ {
+@@ -235,6 +238,7 @@ static void compat_dh_get0_key(const DH *dh, const BIGNUM **pub,
+     if (priv != NULL)
+         *priv = dh->priv_key;
+ }
++#endif /* LIBRESSL_VERSION_NUMBER */
+ 
+ /* Return true if the cert c includes a key usage which doesn't include u.
+  * Define using direct member access for pre-1.1. */
+@@ -3040,7 +3044,8 @@ cleanup:
+     return retval;
+ }
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
++  LIBRESSL_VERSION_NUMBER >= 0x2090000fL
+ 
+ /*
+  * We need to decode DomainParameters from RFC 3279 section 2.3.3.  We would
+diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h
+index 7411348fa..ac91408c4 100644
+--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h
++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h
+@@ -46,7 +46,25 @@
+ #include <openssl/asn1.h>
+ #include <openssl/pem.h>
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
++  LIBRESSL_VERSION_NUMBER >= 0x2090000fL
++
++#ifndef static_ASN1_SEQUENCE_END_name
++#define static_ASN1_ITEM_start(itname) \
++	static const ASN1_ITEM itname##_it = {
++#define static_ASN1_SEQUENCE_END_name(stname, tname) \
++	;\
++	static_ASN1_ITEM_start(tname) \
++		ASN1_ITYPE_SEQUENCE,\
++		V_ASN1_SEQUENCE,\
++		tname##_seq_tt,\
++		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
++		NULL,\
++		sizeof(stname),\
++		#stname \
++	ASN1_ITEM_end(tname)
++#endif /* !defined(static_ASN1_SEQUENCE_END_name) */
++
+ #include <openssl/asn1t.h>
+ #else
+ #include <openssl/asn1_mac.h>
+-- 
+2.21.0
+
diff --git a/app-crypt/mit-krb5/mit-krb5-1.16.3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.16.3.ebuild
index 4aeaa219ada8..9d8b99116396 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.16.3.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.16.3.ebuild
@@ -63,7 +63,7 @@ MULTILIB_CHOST_TOOLS=(
 src_prepare() {
 	eapply "${FILESDIR}/${PN}-1.12_warn_cflags.patch"
 	eapply -p2 "${FILESDIR}/${PN}-config_LDFLAGS.patch"
-	eapply "${FILESDIR}/${PN}-libressl-version-check.patch"
+	eapply -p2 "${FILESDIR}/${P}-libressl.patch"
 
 	# Make sure we always use the system copies.
 	rm -rf util/{et,ss,verto}
author	V3n3RiX <venerix@redcorelinux.org>	2019-04-28 09:54:45 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2019-04-28 09:54:45 +0100
commit	b7ebc951da8800f711142f69d9d958bde67a112d (patch)
tree	e318514216845acb8f2e49fff7a5cba4027e9d91 /app-crypt/mit-krb5
parent	dc7cbdfa65fd814b3b9aa3c56257da201109e807 (diff)