Re: UPDATE lastpass-cli 1.2.2

2017-11-11 Thread Daniel Jakots 
On Sat, 11 Nov 2017 13:30:45 +, Stuart Henderson
 wrote:

> No. The problem here is that Daniel's ports tree and packages aren't
> in sync (libxml's library version was bumped recently).

Ah right, I didn't read this carefully, sorry for the noise.

Re: UPDATE lastpass-cli 1.2.2

2017-11-11 Thread Stuart Henderson 
On 2017/11/11 11:42, Björn Ketelaars wrote:
> On Fri 10/11/2017 15:49, Daniel Jakots wrote:
> > On Wed, 1 Nov 2017 12:58:59 +0100, Björn Ketelaars
> >  wrote:
> > 
> > > The diff below brings lastpass-cli to the latest version. Changelog
> > > can be found at
> > > https://github.com/lastpass/lastpass-cli/releases/tag/v1.2.2
> > 
> > /usr/ports/security/lastpass-cli$ make lib-depends-check
> > 
> > lastpass-cli-1.2.2(security/lastpass-cli):
> > Missing lib: xml2.15 (/usr/local/bin/lpass) (NOT REACHABLE)
> > Extra:  xml2.16
> > Scanning: ok
> > *** Error 1 in /usr/ports/security/lastpass-cli 
> > (/usr/ports/infrastructure/mk/bsd.port.mk:2240 'lib-depends-check')
> > 
> > can you check it please?
> > 
> > Cheers,
> > Daniel
> 
> To check If all libraries can be reached I use port-lib-depends-check, as
> described by https://www.openbsd.org/faq/ports/testing.html. Running make
> port-lib-depends-check indicates that the WANTLIB part is OK.
> 
> Is it a mistake to use port-lib-depends-check to check WANTLIB? 

No. The problem here is that Daniel's ports tree and packages aren't
in sync (libxml's library version was bumped recently).

> lib-depends-check is a different beast:
> 
> $ make lib-depends-check
> 
> lastpass-cli-1.2.2(security/lastpass-cli):
> Missing: c.92 (/usr/local/bin/lpass) (system lib)
> Missing: crypto.42 (/usr/local/bin/lpass) (system lib)
> Missing lib: curl.25 (/usr/local/bin/lpass) (NOT REACHABLE)
> Missing: kvm.16 (/usr/local/bin/lpass) (system lib)
> Missing: ssl.44 (/usr/local/bin/lpass) (system lib)
> Missing lib: xml2.16 (/usr/local/bin/lpass) (NOT REACHABLE)
> WANTLIB += c crypto kvm ssl
> Scanning: ok
> *** Error 1 in /home/code/ports/security/lastpass-cli
> (/home/code/ports/infrastructure/mk/bsd.port.mk:2240 'lib-depends-check')

lib-depends-check uses the package (/usr/ports/packages/.../lastpass-cli*tgz),
perhaps you haven't re-built this after base OS libraries were updated.

> From infrastructure/mk/bsd.port.mk I understand that port-lib-depends-check
> and lib-depends-check are different functions. Which one should be used to
> check WANTLIB? More important: any idea on how to fix the problem that has
> been found by make lib-depends-check?

I don't see anything to fix - I have committed the update.

Re: UPDATE lastpass-cli 1.2.2

2017-11-11 Thread Björn Ketelaars 
On Fri 10/11/2017 15:49, Daniel Jakots wrote:
> On Wed, 1 Nov 2017 12:58:59 +0100, Björn Ketelaars
>  wrote:
> 
> > The diff below brings lastpass-cli to the latest version. Changelog
> > can be found at
> > https://github.com/lastpass/lastpass-cli/releases/tag/v1.2.2
> 
> /usr/ports/security/lastpass-cli$ make lib-depends-check
> 
> lastpass-cli-1.2.2(security/lastpass-cli):
> Missing lib: xml2.15 (/usr/local/bin/lpass) (NOT REACHABLE)
> Extra:  xml2.16
> Scanning: ok
> *** Error 1 in /usr/ports/security/lastpass-cli 
> (/usr/ports/infrastructure/mk/bsd.port.mk:2240 'lib-depends-check')
> 
> can you check it please?
> 
> Cheers,
> Daniel

To check If all libraries can be reached I use port-lib-depends-check, as
described by https://www.openbsd.org/faq/ports/testing.html. Running make
port-lib-depends-check indicates that the WANTLIB part is OK.

Is it a mistake to use port-lib-depends-check to check WANTLIB? 

lib-depends-check is a different beast:

$ make lib-depends-check

lastpass-cli-1.2.2(security/lastpass-cli):
Missing: c.92 (/usr/local/bin/lpass) (system lib)
Missing: crypto.42 (/usr/local/bin/lpass) (system lib)
Missing lib: curl.25 (/usr/local/bin/lpass) (NOT REACHABLE)
Missing: kvm.16 (/usr/local/bin/lpass) (system lib)
Missing: ssl.44 (/usr/local/bin/lpass) (system lib)
Missing lib: xml2.16 (/usr/local/bin/lpass) (NOT REACHABLE)
WANTLIB += c crypto kvm ssl
Scanning: ok
*** Error 1 in /home/code/ports/security/lastpass-cli
(/home/code/ports/infrastructure/mk/bsd.port.mk:2240 'lib-depends-check')

>From infrastructure/mk/bsd.port.mk I understand that port-lib-depends-check
and lib-depends-check are different functions. Which one should be used to
check WANTLIB? More important: any idea on how to fix the problem that has
been found by make lib-depends-check?

-- 
Björn Ketelaars
GPG key: 0x4F0E5F21

Re: UPDATE lastpass-cli 1.2.2

2017-11-10 Thread Daniel Jakots 
On Wed, 1 Nov 2017 12:58:59 +0100, Björn Ketelaars
 wrote:

> The diff below brings lastpass-cli to the latest version. Changelog
> can be found at
> https://github.com/lastpass/lastpass-cli/releases/tag/v1.2.2

/usr/ports/security/lastpass-cli$ make lib-depends-check

lastpass-cli-1.2.2(security/lastpass-cli):
Missing lib: xml2.15 (/usr/local/bin/lpass) (NOT REACHABLE)
Extra:  xml2.16
Scanning: ok
*** Error 1 in /usr/ports/security/lastpass-cli 
(/usr/ports/infrastructure/mk/bsd.port.mk:2240 'lib-depends-check')

can you check it please?

Cheers,
Daniel

Re: UPDATE lastpass-cli 1.2.2

2017-11-09 Thread Björn Ketelaars 
On Wed 01/11/2017 12:58, Björn Ketelaars wrote:
> The diff below brings lastpass-cli to the latest version. Changelog can be
> found at https://github.com/lastpass/lastpass-cli/releases/tag/v1.2.2
> 
> Comments / OK's?
> 
> -- 
> Björn Ketelaars
> GPG key: 0x4F0E5F21
> 
> 
> diff --git security/lastpass-cli/Makefile security/lastpass-cli/Makefile
> index d923eed42b7..e4e46ce055a 100644
> --- security/lastpass-cli/Makefile
> +++ security/lastpass-cli/Makefile
> @@ -4,8 +4,7 @@ COMMENT = LastPass command line interface tool
>  
>  GH_ACCOUNT = lastpass
>  GH_PROJECT = lastpass-cli
> -GH_TAGNAME = v1.2.1
> -REVISION =   0
> +GH_TAGNAME = v1.2.2
>  CATEGORIES = security
>  
>  MAINTAINER = Bjorn Ketelaars 
> diff --git security/lastpass-cli/distinfo security/lastpass-cli/distinfo
> index ace40671eac..2bbf379ee21 100644
> --- security/lastpass-cli/distinfo
> +++ security/lastpass-cli/distinfo
> @@ -1,2 +1,2 @@
> -SHA256 (lastpass-cli-1.2.1.tar.gz) = 
> GkmjemepcyluIYMG5tNsk4M0exgz5ah468CDVbHHdFY=
> -SIZE (lastpass-cli-1.2.1.tar.gz) = 108780
> +SHA256 (lastpass-cli-1.2.2.tar.gz) = 
> Jsk65hCTITnayv8uD5FsVije9Iu0EptAmRAc9ObHxJk=
> +SIZE (lastpass-cli-1.2.2.tar.gz) = 110045
> diff --git security/lastpass-cli/patches/patch-http_c 
> security/lastpass-cli/patches/patch-http_c
> deleted file mode 100644
> index 323bf3aee97..000
> --- security/lastpass-cli/patches/patch-http_c
> +++ /dev/null
> @@ -1,19 +0,0 @@
> -$OpenBSD: patch-http_c,v 1.1 2017/09/29 15:56:40 sthen Exp $
> -
> -From 68cfae08b22954fe952cfe590daa4b81a7f7124b Mon Sep 17 00:00:00 2001
> -Date: Fri, 29 Sep 2017 14:06:25 +0200
> -Subject: [PATCH] use-after-free bug in http.c
> -
> -Index: http.c
>  http.c.orig
> -+++ http.c
> -@@ -310,8 +310,8 @@ char *http_post_lastpass_v_noexit(const char *server, 
> - ret = curl_easy_perform(curl);
> - unset_interrupt_detect();
> - 
> --curl_easy_cleanup(curl);
> - curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, http_code);
> -+curl_easy_cleanup(curl);
> - *curl_ret = ret;
> - 
> - if (ret != CURLE_OK) {

Ping?

-- 
Björn Ketelaars
GPG key: 0x4F0E5F21