[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: b6ffe6cfad6a3a5db4067d8f3d6a6ba293002a44 Author: Sam James gentoo org> AuthorDate: Wed Dec 6 11:41:52 2023 + Commit: Sam James gentoo org> CommitDate: Wed Dec 6 11:41:52 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6ffe6cf app-crypt/p11-kit: update c99 patch to upstream variant Bug: https://bugs.gentoo.org/918982 Signed-off-by: Sam James gentoo.org> .../p11-kit/files/p11-kit-0.25.3-pointer.patch | 28 ++ ...t-0.25.3-r1.ebuild => p11-kit-0.25.3-r2.ebuild} | 0 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch index feac3e132fce..9b316ee2fad6 100644 --- a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch +++ b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch @@ -1,7 +1,7 @@ https://bugs.gentoo.org/918982 -https://github.com/p11-glue/p11-kit/pull/609 +https://github.com/p11-glue/p11-kit/commit/d49c92c8420db6ee4c88515bdb014f68f4d471d9 -From 6f05ca107d588fcedaa4ef06542760cbbda8c878 Mon Sep 17 00:00:00 2001 +From d49c92c8420db6ee4c88515bdb014f68f4d471d9 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Sat, 2 Dec 2023 09:24:01 +0900 Subject: [PATCH] import-object: Avoid integer truncation on 32-bit platforms @@ -28,11 +28,11 @@ https://github.com/p11-glue/p11-kit/issues/608 Signed-off-by: Daiki Ueno --- - p11-kit/import-object.c | 32 - 1 file changed, 28 insertions(+), 4 deletions(-) + p11-kit/import-object.c | 30 +++--- + 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c -index feee0765..278ad932 100644 +index feee0765..fb47b964 100644 --- a/p11-kit/import-object.c +++ b/p11-kit/import-object.c @@ -55,6 +55,7 @@ @@ -47,7 +47,7 @@ index feee0765..278ad932 100644 CK_ATTRIBUTE attr_encrypt = { CKA_ENCRYPT, , sizeof (tval) }; CK_ATTRIBUTE attr_modulus = { CKA_MODULUS, }; CK_ATTRIBUTE attr_exponent = { CKA_PUBLIC_EXPONENT, }; -+ size_t len; ++ size_t len = 0; pubkey = p11_asn1_read (info, "subjectPublicKey", _len); if (pubkey == NULL) { @@ -70,17 +70,16 @@ index feee0765..278ad932 100644 + attr_modulus.ulValueLen = len; - attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", _exponent.ulValueLen); -- if (attr_exponent.pValue == NULL) { + attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", ); -+ if (attr_exponent.pValue == NULL || len > ULONG_MAX) { -+ p11_message (_("failed to obtain exponent")); -+ goto cleanup; -+ } -+#if ULONG_MAX < SIZE_MAX -+ if (len > ULONG_MAX) { + if (attr_exponent.pValue == NULL) { p11_message (_("failed to obtain exponent")); goto cleanup; } ++#if ULONG_MAX < SIZE_MAX ++ if (len > ULONG_MAX) { ++ p11_message (_("failed to obtain exponent")); ++ goto cleanup; ++ } +#endif + attr_exponent.ulValueLen = len; @@ -90,7 +89,7 @@ index feee0765..278ad932 100644 CK_ATTRIBUTE attr_key_type = { CKA_KEY_TYPE, _type, sizeof (key_type) }; CK_ATTRIBUTE attr_ec_params = { CKA_EC_PARAMS, }; CK_ATTRIBUTE attr_ec_point = { CKA_EC_POINT, }; -+ size_t len; ++ size_t len = 0; - attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", _ec_params.ulValueLen); + attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", ); @@ -108,4 +107,3 @@ index feee0765..278ad932 100644 /* subjectPublicKey is read as BIT STRING value which contains * EC point data. We need to DER encode this data as OCTET STRING. - diff --git a/app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild b/app-crypt/p11-kit/p11-kit-0.25.3-r2.ebuild similarity index 100% rename from app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild rename to app-crypt/p11-kit/p11-kit-0.25.3-r2.ebuild
[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: 3c99277497bde269514e37100e531a374b481bc8 Author: Sam James gentoo org> AuthorDate: Sat Dec 2 04:50:35 2023 + Commit: Sam James gentoo org> CommitDate: Sat Dec 2 04:50:35 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c992774 app-crypt/p11-kit: fix modern c issue (32-bit ptr truncation) Closes: https://bugs.gentoo.org/918982 Signed-off-by: Sam James gentoo.org> .../p11-kit/files/p11-kit-0.25.3-pointer.patch | 111 + app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild | 76 ++ 2 files changed, 187 insertions(+) diff --git a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch new file mode 100644 index ..feac3e132fce --- /dev/null +++ b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch @@ -0,0 +1,111 @@ +https://bugs.gentoo.org/918982 +https://github.com/p11-glue/p11-kit/pull/609 + +From 6f05ca107d588fcedaa4ef06542760cbbda8c878 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Sat, 2 Dec 2023 09:24:01 +0900 +Subject: [PATCH] import-object: Avoid integer truncation on 32-bit platforms +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The build fails when compiling for 32-bit platforms with +-Werror=incompatible-pointer-types: + + CFLAGS="-m32 -march=i686 -Werror=incompatible-pointer-types -Werror=implicit -Werror=int-conversion" setarch i686 -- meson setup _build + setarch i686 -- meson compile -C _build -v + ... + + ../p11-kit/import-object.c: In function ‘add_attrs_pubkey_rsa’: + ../p11-kit/import-object.c:223:62: error: passing argument 3 of ‘p11_asn1_read’ from incompatible pointer type [-Werror=incompatible-pointer-types] +223 | attr_modulus.pValue = p11_asn1_read (asn, "modulus", _modulus.ulValueLen); +| ^~~~ +| | +| long unsigned int * + +Reported by Sam James in: +https://github.com/p11-glue/p11-kit/issues/608 + +Signed-off-by: Daiki Ueno +--- + p11-kit/import-object.c | 32 + 1 file changed, 28 insertions(+), 4 deletions(-) + +diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c +index feee0765..278ad932 100644 +--- a/p11-kit/import-object.c b/p11-kit/import-object.c +@@ -55,6 +55,7 @@ + #endif + + #include ++#include + #include + #include + #include +@@ -201,6 +202,7 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs, + CK_ATTRIBUTE attr_encrypt = { CKA_ENCRYPT, , sizeof (tval) }; + CK_ATTRIBUTE attr_modulus = { CKA_MODULUS, }; + CK_ATTRIBUTE attr_exponent = { CKA_PUBLIC_EXPONENT, }; ++ size_t len; + + pubkey = p11_asn1_read (info, "subjectPublicKey", _len); + if (pubkey == NULL) { +@@ -220,17 +222,31 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs, + goto cleanup; + } + +- attr_modulus.pValue = p11_asn1_read (asn, "modulus", _modulus.ulValueLen); ++ attr_modulus.pValue = p11_asn1_read (asn, "modulus", ); + if (attr_modulus.pValue == NULL) { + p11_message (_("failed to obtain modulus")); + goto cleanup; + } ++#if ULONG_MAX < SIZE_MAX ++ if (len > ULONG_MAX) { ++ p11_message (_("failed to obtain modulus")); ++ goto cleanup; ++ } ++#endif ++ attr_modulus.ulValueLen = len; + +- attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", _exponent.ulValueLen); +- if (attr_exponent.pValue == NULL) { ++ attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", ); ++ if (attr_exponent.pValue == NULL || len > ULONG_MAX) { ++ p11_message (_("failed to obtain exponent")); ++ goto cleanup; ++ } ++#if ULONG_MAX < SIZE_MAX ++ if (len > ULONG_MAX) { + p11_message (_("failed to obtain exponent")); + goto cleanup; + } ++#endif ++ attr_exponent.ulValueLen = len; + + result = p11_attrs_build (attrs, _key_type, _encrypt, _modulus, _exponent, NULL); + if (result == NULL) { +@@ -260,12 +276,20 @@ add_attrs_pubkey_ec (CK_ATTRIBUTE *attrs, + CK_ATTRIBUTE attr_key_type = { CKA_KEY_TYPE, _type, sizeof (key_type) }; + CK_ATTRIBUTE attr_ec_params = { CKA_EC_PARAMS, }; + CK_ATTRIBUTE attr_ec_point = { CKA_EC_POINT, }; ++ size_t len; + +- attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", _ec_params.ulValueLen); ++ attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", ); + if (attr_ec_params.pValue == NULL) { + p11_message (_("failed to obtain EC parameters")); + goto cleanup; + } ++#if ULONG_MAX < SIZE_MAX ++ if (len > ULONG_MAX) { ++
[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: 13e0c3c3489b3b33ae9dc9f468f4723c30df8204 Author: David Seifert gentoo org> AuthorDate: Sun Sep 10 09:49:29 2023 + Commit: David Seifert gentoo org> CommitDate: Sun Sep 10 09:49:29 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13e0c3c3 app-crypt/p11-kit: drop 0.24.1-r1 Signed-off-by: David Seifert gentoo.org> app-crypt/p11-kit/Manifest | 1 - .../files/p11-kit-0.24.1-configure-clang16.patch | 35 - app-crypt/p11-kit/metadata.xml | 4 -- app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild | 59 -- 4 files changed, 99 deletions(-) diff --git a/app-crypt/p11-kit/Manifest b/app-crypt/p11-kit/Manifest index 19269a7fd9f1..b9ce676ba163 100644 --- a/app-crypt/p11-kit/Manifest +++ b/app-crypt/p11-kit/Manifest @@ -1,2 +1 @@ -DIST p11-kit-0.24.1.tar.xz 838304 BLAKE2B e5cb98881279199e2674e2ff4f12d72c4d126c54429ee7ece6dd56ad1987f84abf58a67b8bf2405b19a5bca9d1106f8ec901364ac3d2488f65b3f92b51f850fe SHA512 8cf170c714bb9e0cf3df93e8ec55b8e3c55cabf2c6a27f177ac6de8b8028985df2ca0216d3215d6828dc2ae3095c4e1a4febe8cb26b88ec321defc66bb011e81 DIST p11-kit-0.25.0.tar.xz 958940 BLAKE2B 6ffce977f86c516a327afe50f4cc5a36e86ba7f43c6cb555db419d9e4ba7543a9f1847ba83da348cd6d7bbebe55dfa26cfe3a3aaa3e1d5420a4b8dc6cbbff088 SHA512 e6df3cb224f6ff5671bd3c0557503b5f20bbfded1b6ec340b1dafcbd1b1725ea2d41d0e920756716e0fe9cb28270d115fe77b23ec876a15007b22e3f30d015fe diff --git a/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch b/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch deleted file mode 100644 index 3af5da6c68ac.. --- a/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch +++ /dev/null @@ -1,35 +0,0 @@ -https://github.com/p11-glue/p11-kit/commit/d39043f7c6e44247b5b1a237888e80b2a4d9c2b2 - -From d39043f7c6e44247b5b1a237888e80b2a4d9c2b2 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Mon, 12 Dec 2022 19:40:25 +0100 -Subject: [PATCH] Fix meson/configure _Thread_local checks for C99 - compatibility - -The type was missing from the definition, which happens to work -in current compilers for historic reasons. Implicit ints were -actually removed from C in 1999. a/configure.ac -+++ b/configure.ac -@@ -148,7 +148,7 @@ if test "$os_unix" = "yes"; then - [ac_cv_tls_keyword= - for keyword in _Thread_local __thread; do - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include ]], -- [[static ]$keyword[ foo;]])], -+ [[static ]$keyword[ int foo;]])], - [ac_cv_tls_keyword=$keyword]) - done]) - if test -n "$ac_cv_tls_keyword"; then a/meson.build -+++ b/meson.build -@@ -200,7 +200,7 @@ if host_system != 'windows' - tls_test_code_template = ''' - #include - int main (void) { --static @0@ foo; -+static @0@ int foo; - return 0; - } - ''' - - diff --git a/app-crypt/p11-kit/metadata.xml b/app-crypt/p11-kit/metadata.xml index 206d0fae5a6e..91df1af79aaa 100644 --- a/app-crypt/p11-kit/metadata.xml +++ b/app-crypt/p11-kit/metadata.xml @@ -2,10 +2,6 @@ https://www.gentoo.org/dtd/metadata.dtd;> - - Enable ASN.1 certificate support - Build the trust policy module - p11-glue/p11-kit diff --git a/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild b/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild deleted file mode 100644 index b7d9c1025d7f.. --- a/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# TODO: port to meson on next release -inherit autotools multilib-minimal - -DESCRIPTION="Provides a standard configuration setup for installing PKCS#11" -HOMEPAGE="https://p11-glue.github.io/p11-glue/p11-kit.html; -SRC_URI="https://github.com/p11-glue/p11-kit/releases/download/${PV}/${P}.tar.xz; - -LICENSE="MIT" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="+asn1 debug +libffi systemd +trust" -REQUIRED_USE="trust? ( asn1 )" - -RDEPEND="asn1? ( >=dev-libs/libtasn1-3.4:=[${MULTILIB_USEDEP}] ) - libffi? ( dev-libs/libffi:=[${MULTILIB_USEDEP}] ) - systemd? ( sys-apps/systemd:= ) - trust? ( app-misc/ca-certificates )" -DEPEND="${RDEPEND}" -BDEPEND="virtual/pkgconfig" - -PATCHES=( - "${FILESDIR}"/${P}-configure-clang16.patch -) - -pkg_setup() { - # disable unsafe tests, bug#502088 - export FAKED_MODE=1 -} - -src_prepare() { - default - # TODO: drop in next release (after 0.24.1), p11-kit-0.24.1-configure-clang16.patch is emrged - eautoreconf -} - -multilib_src_configure() { - ECONF_SOURCE="${S}" econf \ - $(use_enable trust