[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: b6ffe6cfad6a3a5db4067d8f3d6a6ba293002a44
Author: Sam James gentoo org>
AuthorDate: Wed Dec 6 11:41:52 2023 +
Commit: Sam James gentoo org>
CommitDate: Wed Dec 6 11:41:52 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6ffe6cf
app-crypt/p11-kit: update c99 patch to upstream variant
Bug: https://bugs.gentoo.org/918982
Signed-off-by: Sam James gentoo.org>
.../p11-kit/files/p11-kit-0.25.3-pointer.patch | 28 ++
...t-0.25.3-r1.ebuild => p11-kit-0.25.3-r2.ebuild} | 0
2 files changed, 13 insertions(+), 15 deletions(-)
diff --git a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
index feac3e132fce..9b316ee2fad6 100644
--- a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
+++ b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
@@ -1,7 +1,7 @@
https://bugs.gentoo.org/918982
-https://github.com/p11-glue/p11-kit/pull/609
+https://github.com/p11-glue/p11-kit/commit/d49c92c8420db6ee4c88515bdb014f68f4d471d9
-From 6f05ca107d588fcedaa4ef06542760cbbda8c878 Mon Sep 17 00:00:00 2001
+From d49c92c8420db6ee4c88515bdb014f68f4d471d9 Mon Sep 17 00:00:00 2001
From: Daiki Ueno
Date: Sat, 2 Dec 2023 09:24:01 +0900
Subject: [PATCH] import-object: Avoid integer truncation on 32-bit platforms
@@ -28,11 +28,11 @@ https://github.com/p11-glue/p11-kit/issues/608
Signed-off-by: Daiki Ueno
---
- p11-kit/import-object.c | 32
- 1 file changed, 28 insertions(+), 4 deletions(-)
+ p11-kit/import-object.c | 30 +++---
+ 1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c
-index feee0765..278ad932 100644
+index feee0765..fb47b964 100644
--- a/p11-kit/import-object.c
+++ b/p11-kit/import-object.c
@@ -55,6 +55,7 @@
@@ -47,7 +47,7 @@ index feee0765..278ad932 100644
CK_ATTRIBUTE attr_encrypt = { CKA_ENCRYPT, , sizeof (tval) };
CK_ATTRIBUTE attr_modulus = { CKA_MODULUS, };
CK_ATTRIBUTE attr_exponent = { CKA_PUBLIC_EXPONENT, };
-+ size_t len;
++ size_t len = 0;
pubkey = p11_asn1_read (info, "subjectPublicKey", _len);
if (pubkey == NULL) {
@@ -70,17 +70,16 @@ index feee0765..278ad932 100644
+ attr_modulus.ulValueLen = len;
- attr_exponent.pValue = p11_asn1_read (asn, "publicExponent",
_exponent.ulValueLen);
-- if (attr_exponent.pValue == NULL) {
+ attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", );
-+ if (attr_exponent.pValue == NULL || len > ULONG_MAX) {
-+ p11_message (_("failed to obtain exponent"));
-+ goto cleanup;
-+ }
-+#if ULONG_MAX < SIZE_MAX
-+ if (len > ULONG_MAX) {
+ if (attr_exponent.pValue == NULL) {
p11_message (_("failed to obtain exponent"));
goto cleanup;
}
++#if ULONG_MAX < SIZE_MAX
++ if (len > ULONG_MAX) {
++ p11_message (_("failed to obtain exponent"));
++ goto cleanup;
++ }
+#endif
+ attr_exponent.ulValueLen = len;
@@ -90,7 +89,7 @@ index feee0765..278ad932 100644
CK_ATTRIBUTE attr_key_type = { CKA_KEY_TYPE, _type, sizeof
(key_type) };
CK_ATTRIBUTE attr_ec_params = { CKA_EC_PARAMS, };
CK_ATTRIBUTE attr_ec_point = { CKA_EC_POINT, };
-+ size_t len;
++ size_t len = 0;
- attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters",
_ec_params.ulValueLen);
+ attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters",
);
@@ -108,4 +107,3 @@ index feee0765..278ad932 100644
/* subjectPublicKey is read as BIT STRING value which contains
* EC point data. We need to DER encode this data as OCTET STRING.
-
diff --git a/app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild
b/app-crypt/p11-kit/p11-kit-0.25.3-r2.ebuild
similarity index 100%
rename from app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild
rename to app-crypt/p11-kit/p11-kit-0.25.3-r2.ebuild
[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: 3c99277497bde269514e37100e531a374b481bc8
Author: Sam James gentoo org>
AuthorDate: Sat Dec 2 04:50:35 2023 +
Commit: Sam James gentoo org>
CommitDate: Sat Dec 2 04:50:35 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c992774
app-crypt/p11-kit: fix modern c issue (32-bit ptr truncation)
Closes: https://bugs.gentoo.org/918982
Signed-off-by: Sam James gentoo.org>
.../p11-kit/files/p11-kit-0.25.3-pointer.patch | 111 +
app-crypt/p11-kit/p11-kit-0.25.3-r1.ebuild | 76 ++
2 files changed, 187 insertions(+)
diff --git a/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
new file mode 100644
index ..feac3e132fce
--- /dev/null
+++ b/app-crypt/p11-kit/files/p11-kit-0.25.3-pointer.patch
@@ -0,0 +1,111 @@
+https://bugs.gentoo.org/918982
+https://github.com/p11-glue/p11-kit/pull/609
+
+From 6f05ca107d588fcedaa4ef06542760cbbda8c878 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno
+Date: Sat, 2 Dec 2023 09:24:01 +0900
+Subject: [PATCH] import-object: Avoid integer truncation on 32-bit platforms
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The build fails when compiling for 32-bit platforms with
+-Werror=incompatible-pointer-types:
+
+ CFLAGS="-m32 -march=i686 -Werror=incompatible-pointer-types -Werror=implicit
-Werror=int-conversion" setarch i686 -- meson setup _build
+ setarch i686 -- meson compile -C _build -v
+ ...
+
+ ../p11-kit/import-object.c: In function ‘add_attrs_pubkey_rsa’:
+ ../p11-kit/import-object.c:223:62: error: passing argument 3 of
‘p11_asn1_read’ from incompatible pointer type
[-Werror=incompatible-pointer-types]
+223 | attr_modulus.pValue = p11_asn1_read (asn, "modulus",
_modulus.ulValueLen);
+|
^~~~
+| |
+| long
unsigned int *
+
+Reported by Sam James in:
+https://github.com/p11-glue/p11-kit/issues/608
+
+Signed-off-by: Daiki Ueno
+---
+ p11-kit/import-object.c | 32
+ 1 file changed, 28 insertions(+), 4 deletions(-)
+
+diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c
+index feee0765..278ad932 100644
+--- a/p11-kit/import-object.c
b/p11-kit/import-object.c
+@@ -55,6 +55,7 @@
+ #endif
+
+ #include
++#include
+ #include
+ #include
+ #include
+@@ -201,6 +202,7 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs,
+ CK_ATTRIBUTE attr_encrypt = { CKA_ENCRYPT, , sizeof (tval) };
+ CK_ATTRIBUTE attr_modulus = { CKA_MODULUS, };
+ CK_ATTRIBUTE attr_exponent = { CKA_PUBLIC_EXPONENT, };
++ size_t len;
+
+ pubkey = p11_asn1_read (info, "subjectPublicKey", _len);
+ if (pubkey == NULL) {
+@@ -220,17 +222,31 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs,
+ goto cleanup;
+ }
+
+- attr_modulus.pValue = p11_asn1_read (asn, "modulus",
_modulus.ulValueLen);
++ attr_modulus.pValue = p11_asn1_read (asn, "modulus", );
+ if (attr_modulus.pValue == NULL) {
+ p11_message (_("failed to obtain modulus"));
+ goto cleanup;
+ }
++#if ULONG_MAX < SIZE_MAX
++ if (len > ULONG_MAX) {
++ p11_message (_("failed to obtain modulus"));
++ goto cleanup;
++ }
++#endif
++ attr_modulus.ulValueLen = len;
+
+- attr_exponent.pValue = p11_asn1_read (asn, "publicExponent",
_exponent.ulValueLen);
+- if (attr_exponent.pValue == NULL) {
++ attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", );
++ if (attr_exponent.pValue == NULL || len > ULONG_MAX) {
++ p11_message (_("failed to obtain exponent"));
++ goto cleanup;
++ }
++#if ULONG_MAX < SIZE_MAX
++ if (len > ULONG_MAX) {
+ p11_message (_("failed to obtain exponent"));
+ goto cleanup;
+ }
++#endif
++ attr_exponent.ulValueLen = len;
+
+ result = p11_attrs_build (attrs, _key_type, _encrypt,
_modulus, _exponent, NULL);
+ if (result == NULL) {
+@@ -260,12 +276,20 @@ add_attrs_pubkey_ec (CK_ATTRIBUTE *attrs,
+ CK_ATTRIBUTE attr_key_type = { CKA_KEY_TYPE, _type, sizeof
(key_type) };
+ CK_ATTRIBUTE attr_ec_params = { CKA_EC_PARAMS, };
+ CK_ATTRIBUTE attr_ec_point = { CKA_EC_POINT, };
++ size_t len;
+
+- attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters",
_ec_params.ulValueLen);
++ attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters",
);
+ if (attr_ec_params.pValue == NULL) {
+ p11_message (_("failed to obtain EC parameters"));
+ goto cleanup;
+ }
++#if ULONG_MAX < SIZE_MAX
++ if (len > ULONG_MAX) {
++
[gentoo-commits] repo/gentoo:master commit in: app-crypt/p11-kit/, app-crypt/p11-kit/files/
commit: 13e0c3c3489b3b33ae9dc9f468f4723c30df8204
Author: David Seifert gentoo org>
AuthorDate: Sun Sep 10 09:49:29 2023 +
Commit: David Seifert gentoo org>
CommitDate: Sun Sep 10 09:49:29 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13e0c3c3
app-crypt/p11-kit: drop 0.24.1-r1
Signed-off-by: David Seifert gentoo.org>
app-crypt/p11-kit/Manifest | 1 -
.../files/p11-kit-0.24.1-configure-clang16.patch | 35 -
app-crypt/p11-kit/metadata.xml | 4 --
app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild | 59 --
4 files changed, 99 deletions(-)
diff --git a/app-crypt/p11-kit/Manifest b/app-crypt/p11-kit/Manifest
index 19269a7fd9f1..b9ce676ba163 100644
--- a/app-crypt/p11-kit/Manifest
+++ b/app-crypt/p11-kit/Manifest
@@ -1,2 +1 @@
-DIST p11-kit-0.24.1.tar.xz 838304 BLAKE2B
e5cb98881279199e2674e2ff4f12d72c4d126c54429ee7ece6dd56ad1987f84abf58a67b8bf2405b19a5bca9d1106f8ec901364ac3d2488f65b3f92b51f850fe
SHA512
8cf170c714bb9e0cf3df93e8ec55b8e3c55cabf2c6a27f177ac6de8b8028985df2ca0216d3215d6828dc2ae3095c4e1a4febe8cb26b88ec321defc66bb011e81
DIST p11-kit-0.25.0.tar.xz 958940 BLAKE2B
6ffce977f86c516a327afe50f4cc5a36e86ba7f43c6cb555db419d9e4ba7543a9f1847ba83da348cd6d7bbebe55dfa26cfe3a3aaa3e1d5420a4b8dc6cbbff088
SHA512
e6df3cb224f6ff5671bd3c0557503b5f20bbfded1b6ec340b1dafcbd1b1725ea2d41d0e920756716e0fe9cb28270d115fe77b23ec876a15007b22e3f30d015fe
diff --git a/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch
b/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch
deleted file mode 100644
index 3af5da6c68ac..
--- a/app-crypt/p11-kit/files/p11-kit-0.24.1-configure-clang16.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-https://github.com/p11-glue/p11-kit/commit/d39043f7c6e44247b5b1a237888e80b2a4d9c2b2
-
-From d39043f7c6e44247b5b1a237888e80b2a4d9c2b2 Mon Sep 17 00:00:00 2001
-From: Florian Weimer
-Date: Mon, 12 Dec 2022 19:40:25 +0100
-Subject: [PATCH] Fix meson/configure _Thread_local checks for C99
- compatibility
-
-The type was missing from the definition, which happens to work
-in current compilers for historic reasons. Implicit ints were
-actually removed from C in 1999.
a/configure.ac
-+++ b/configure.ac
-@@ -148,7 +148,7 @@ if test "$os_unix" = "yes"; then
- [ac_cv_tls_keyword=
- for keyword in _Thread_local __thread; do
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include ]],
-- [[static ]$keyword[ foo;]])],
-+ [[static ]$keyword[ int foo;]])],
- [ac_cv_tls_keyword=$keyword])
- done])
- if test -n "$ac_cv_tls_keyword"; then
a/meson.build
-+++ b/meson.build
-@@ -200,7 +200,7 @@ if host_system != 'windows'
- tls_test_code_template = '''
- #include
- int main (void) {
--static @0@ foo;
-+static @0@ int foo;
- return 0;
- }
- '''
-
-
diff --git a/app-crypt/p11-kit/metadata.xml b/app-crypt/p11-kit/metadata.xml
index 206d0fae5a6e..91df1af79aaa 100644
--- a/app-crypt/p11-kit/metadata.xml
+++ b/app-crypt/p11-kit/metadata.xml
@@ -2,10 +2,6 @@
https://www.gentoo.org/dtd/metadata.dtd;>
-
- Enable ASN.1 certificate support
- Build the trust policy module
-
p11-glue/p11-kit
diff --git a/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild
b/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild
deleted file mode 100644
index b7d9c1025d7f..
--- a/app-crypt/p11-kit/p11-kit-0.24.1-r1.ebuild
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# TODO: port to meson on next release
-inherit autotools multilib-minimal
-
-DESCRIPTION="Provides a standard configuration setup for installing PKCS#11"
-HOMEPAGE="https://p11-glue.github.io/p11-glue/p11-kit.html;
-SRC_URI="https://github.com/p11-glue/p11-kit/releases/download/${PV}/${P}.tar.xz;
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64
~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos
~x64-solaris"
-IUSE="+asn1 debug +libffi systemd +trust"
-REQUIRED_USE="trust? ( asn1 )"
-
-RDEPEND="asn1? ( >=dev-libs/libtasn1-3.4:=[${MULTILIB_USEDEP}] )
- libffi? ( dev-libs/libffi:=[${MULTILIB_USEDEP}] )
- systemd? ( sys-apps/systemd:= )
- trust? ( app-misc/ca-certificates )"
-DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
- "${FILESDIR}"/${P}-configure-clang16.patch
-)
-
-pkg_setup() {
- # disable unsafe tests, bug#502088
- export FAKED_MODE=1
-}
-
-src_prepare() {
- default
- # TODO: drop in next release (after 0.24.1),
p11-kit-0.24.1-configure-clang16.patch is emrged
- eautoreconf
-}
-
-multilib_src_configure() {
- ECONF_SOURCE="${S}" econf \
- $(use_enable trust
