summaryrefslogtreecommitdiff
path: root/app-crypt/mit-krb5
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/mit-krb5')
-rw-r--r--app-crypt/mit-krb5/Manifest6
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch101
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch42
-rw-r--r--app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild7
-rw-r--r--app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild7
5 files changed, 6 insertions, 157 deletions
diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest
index 1a00e04aae7a..55f832e7bcfc 100644
--- a/app-crypt/mit-krb5/Manifest
+++ b/app-crypt/mit-krb5/Manifest
@@ -1,8 +1,6 @@
AUX CVE-2020-28196.patch 3128 BLAKE2B 52674cb21a589b1f72b2ba110657952cd2946d08df58417eb86f75663e5ded48a49bb4e6bed87598b74209ae03ff3dca2f80fe9305f7e44070806f02c8ecafcc SHA512 98fa20ad32610dfa9fd6b9e1657e8c6d7e8905d266ef8953e4d6fdb344f0005ee356a9cca7d5aaa1c5333073b7e464c26201302138e0bf8f1f696c818024ba9d
AUX kpropd.xinetd 194 BLAKE2B cfc40af2e75b0ce5a71e0dfdcfe076d13d996b25d2cb50d4282bc88d7b33b317a202d57df0bb4a2b47113f0d38cb508614e122e4a3bb7dfd2397e2daa3178396 SHA512 c9bbd13f2fadfd2a925bfae834ba61f227cd4386b4c4466b5227d93c792f4549778ef4d6e08353372df99804459277c71f61b41ec71f3afcc600d73c5705f72f
AUX mit-krb5-1.12_warn_cflags.patch 448 BLAKE2B cd9793866173b394bab3497d19653ca3296924cc49aaf540499b149254265af1d995b4d7493b76185ce35d123e70827cb5fcb221efc6499b86a346cfad7478ab SHA512 42364d9cd8c0a6fd28ae661eeac4d0dd3f2001fe290bf9731ee99c2c786a6488805fc93057d59e201e2cef1e5280af4c170187aa5603f4cf542906abc0fccc2b
-AUX mit-krb5-1.16.3-libressl-r1.patch 3815 BLAKE2B b3ad56fee5fd5ace5e5ef0b1002c2f69c14383ca156182c65f4b1d2a5b8010d30677aabab271726c0fa9cbccf4734a3dda54cc492c9b1e5e1bdc7e8757292a73 SHA512 1298cadf15e5f1512af66c6584cff99b1d8f7c9764cb91e1e606fd331da1747b5fd7080c928a373369ab3817acadfa214121fee694a0ac515c0f4d6a623fb834
-AUX mit-krb5-1.18-libressl.patch 1495 BLAKE2B d57e6a9694a3ad97d08b4b7130c8d08308c2b275389949a4b53b6690d13890f74215d4b95026fc47423f6e9c9c71365efb983f6d55d17e53a978e7803dc6ce83 SHA512 63ef239b7f2e5823a3449f48c30904fed451874e7cd7bd14ffa681ce1ad1681fcd51414227c1c837fc5a01c7fe79b1259ed6de2cf4ee07d3de76e5be17b62a2d
AUX mit-krb5-1.18.2-autoconf-2.70.patch 986 BLAKE2B e5d542be9618a37c4efd87bc82bedb59d04595dc33584e1df842db64ce5de2ab8daea72d1a101347f6f0ec72d213fe10e9f90f4fc911cb30bf9571d353ee9543 SHA512 2fc8aa3c9cb0c3ccbeeb853ced2ed27e2b16191518f1fb5764ef0c1ec0a1a5fa47e60a0086ced58c240f6ebf1264d25f55cf048068e6d8cbea1a11ef8d4d9191
AUX mit-krb5-1.18.2-krb5-config.patch 409 BLAKE2B 90290aa717c929d97d38f542753fba7fd4a85aa5d960b1bf8acf9898dfaa16fa9433d2ec5cc985757ae6bfc356cf46fabbb1632f5005f8a93a2ed22699ccaad0 SHA512 2faf5a39b9d7c8bca71d23d0226c2fa8fd9759366c9c2385b8479481b4fcf546d506ee3a4bc1caaf855e8cdfe1abb1b11536bdf9bd06e3c5d9b776bd7926a104
AUX mit-krb5-config_LDFLAGS-r1.patch 458 BLAKE2B adf95690d6bb698dbdb6bf9c4220f3498a332186b059986c5a699aeec81b3342931ca664244fbcb76a61f9a5177972f0e47535035dbf88c949691d5d80d58084 SHA512 4c7ff3f63c9615dae1dbbf03795fede34d54d043acfd91f77f7fef7534253ea308a59657fa93d09f99d1d5ff5d21b58eb6b86bfbe6d65aa82ca1fa187b65d1dc
@@ -22,7 +20,7 @@ AUX mit-krb5kpropd_at.service 162 BLAKE2B ccd1dea2419656a95ea1e5068457ea45a765a8
DIST krb5-1.18.2.tar.gz 8713927 BLAKE2B f0eb34e67adcb86f347c59ec6ef74970a57530cc56336a84909f852cd6135079ea89828e77c906a272f54e0faf6a4a0497f2b648446eb9d048d1c51e4ec513af SHA512 7cbb1b28e677fea3e0794e93951f3caaa2c49bb1175dd187951e72a466cc69d96c3b833d838000fe911c1a437d96a558e550f27c53a8b332fb9dfc7cbb7ec44c
DIST krb5-1.18.3.tar.gz 8715312 BLAKE2B 4f6ad4a529e7578e83d82b43c2cada33bce1dca5081ec826ee06a713f82520b783f72ec56d2ce289e10d1ddcfaa079491e43f21c035b214d244bb80e6b2a1c9f SHA512 cf0bf6cf8f622fa085954e6da998d952cf64dc7ccc319972ed81ea0542089cabf2d0e8243df84da01ad6f40584768ca2f02d108630c6741fa7b3d7d98c887c01
DIST krb5-1.19.1.tar.gz 8738142 BLAKE2B 902dd08fe4b81b1cb0ec2bf1b95eeece0f8a87b87bae865272c7bf5dd028c01997ec4c5d24df605328db85e7cbfe9a38dd804b363b651aefa7b4eaec958a280c SHA512 36bf33802119ada4650a8f69f1daca95aaf882dc96bfa7061f0340a5decd588c31fc10108ddadf1042934e0e2c3bbd975deec565b0a7f0fc2baf8b8cc6d97491
-EBUILD mit-krb5-1.18.2-r3.ebuild 4501 BLAKE2B e2f325c8a14b1e51a4708d985faea22380d03a4ce6ff264c02c8861e69917adcd85731014ad6e187850416f1fc1393e8cbd6627354782240f7b55c58240a5502 SHA512 19357d72dcf1a9f0d739194cedfdcb8ba4022a31527952f8fb637e7268f64953770c5434cd4477627c59b45ae5d367b569b2536fcb960333066593ea7f46535e
-EBUILD mit-krb5-1.18.3-r1.ebuild 4425 BLAKE2B 882d05e11f6fac8466defe58176f0c70a67319ab05909f0dec32f5f29d471ea9780b2fa39c6b001488751492a8141cafbbd9dc1a1f0a6146b24f5ad58798e292 SHA512 29caa7dd8a1b3f1cece63cfff348e851809da318dc85550df7c9cd924abdcc3bd1e6a6ef1f3d2d170b4aa2d0a9f778fd298d838862fcc431857e289c93e2d77c
+EBUILD mit-krb5-1.18.2-r3.ebuild 4333 BLAKE2B 5357161368800a8392491cd3d4c6ed551ca9a144d65e63b378ae8069ebd9777d23418f6eaea486fe912be16998f8bd42f5b11a52c5c8970df19d8e790b6638f6 SHA512 5e76d1e223f94302b492cd7bb0e8e82574d9babe1e1a7c7a7a6926ac8aaf61d6679de8d4385cabdf798d84a4271588cf8cd1f8c33fa8ba408daaa76653d852f1
+EBUILD mit-krb5-1.18.3-r1.ebuild 4257 BLAKE2B dd314bd6bd890037d7bda9a0a9e76c7747718aa6a451cf78f4e27b1350d363a62335d3cbb0e8667f44aae6737afda3670611529e3ff4b497d720dc834b2445ab SHA512 43abc1ba64a8c0f6922f4d3d7c39202ae04a681e85742c1acaeb6d107510fe585b24f48ce77f58124d0623e43706fef3c6bb90b5284827540239852a323a23c4
EBUILD mit-krb5-1.19.1.ebuild 4252 BLAKE2B 0c30d532e25dda48b00080027a36baa576306e886f359c5248838c5cd2834137c2aebb835eab2a2c4621d5e09eda67859d021ef9ff68db61aebced461a5a80bd SHA512 6fe8ae104ca40c0097f375feab6726b8b1ad5568fe0e9801dd070960e2bad2e6a0b855a686b8b3496c5f0c9ee09cc69e50950f3ae6668e1bb0b7446f8a43c0e4
MISC metadata.xml 823 BLAKE2B b1e312e7d7d1dde62a6260572d68c5c9df90a00c9ca7d43939df0ce7c6e528ac8dfcf839827938f783c241c19255660e1e7806210aaf407a6e86cbaeef24295a SHA512 844715444284f5c7f1a73ed15c0ebe0b5dd8c96c3aa7e6450f465e2a2086509c04d637f139ede5e427972d4b1bb298255388f50978b41de875b47ee40251451e
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch b/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch
deleted file mode 100644
index ca74b88bb0f3..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.16.3-libressl-r1.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From 58263cbf3106f4c9c9a2252794093014a2f9c01f Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <stefan.strogin@gmail.com>
-Date: Thu, 25 Apr 2019 03:48:10 +0300
-Subject: [PATCH] Fix build for LibreSSL 2.9.x
-
-asn1_mac.h is removed from LibreSSL 2.9.0, but static_ASN1_*() methods
-are not defined. Define them.
-
-Upstream-Status: Pending
-[Needs to be amended if
-https://github.com/libressl-portable/openbsd/pull/109 is accepted]
-Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
----
- .../preauth/pkinit/pkinit_crypto_openssl.c | 13 ++++++++----
- .../preauth/pkinit/pkinit_crypto_openssl.h | 20 ++++++++++++++++++-
- 2 files changed, 28 insertions(+), 5 deletions(-)
-
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-index 2064eb7bd..81d5d3cf2 100644
---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.c
-@@ -188,14 +188,16 @@ pkinit_pkcs11_code_to_text(int err);
- (*_x509_pp) = PKCS7_cert_from_signer_info(_p7,_si)
- #endif
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-
--/* 1.1 standardizes constructor and destructor names, renaming
-- * EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
-+/* 1.1 (and LibreSSL 2.7) standardizes constructor and destructor names,
-+ * renaming EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
- #define EVP_MD_CTX_new EVP_MD_CTX_create
- #define EVP_MD_CTX_free EVP_MD_CTX_destroy
- #define ASN1_STRING_get0_data ASN1_STRING_data
-+#endif
-
- /* 1.1 makes many handle types opaque and adds accessors. Add compatibility
- * versions of the new accessors we use for pre-1.1. */
-@@ -203,6 +205,7 @@ pkinit_pkcs11_code_to_text(int err);
- #define OBJ_get0_data(o) ((o)->data)
- #define OBJ_length(o) ((o)->length)
-
-+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL
- #define DH_set0_pqg compat_dh_set0_pqg
- static int compat_dh_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
- {
-@@ -235,6 +238,7 @@ static void compat_dh_get0_key(const DH *dh, const BIGNUM **pub,
- if (priv != NULL)
- *priv = dh->priv_key;
- }
-+#endif /* LIBRESSL_VERSION_NUMBER */
-
- /* Return true if the cert c includes a key usage which doesn't include u.
- * Define using direct member access for pre-1.1. */
-@@ -3040,7 +3044,8 @@ cleanup:
- return retval;
- }
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
-+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL
-
- /*
- * We need to decode DomainParameters from RFC 3279 section 2.3.3. We would
-diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-index 7411348fa..ac91408c4 100644
---- a/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-+++ b/plugins/preauth/pkinit/pkinit_crypto_openssl.h
-@@ -46,7 +46,25 @@
- #include <openssl/asn1.h>
- #include <openssl/pem.h>
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
-+ LIBRESSL_VERSION_NUMBER >= 0x2090000fL
-+
-+#ifndef static_ASN1_SEQUENCE_END_name
-+#define static_ASN1_ITEM_start(itname) \
-+ static const ASN1_ITEM itname##_it = {
-+#define static_ASN1_SEQUENCE_END_name(stname, tname) \
-+ ;\
-+ static_ASN1_ITEM_start(tname) \
-+ ASN1_ITYPE_SEQUENCE,\
-+ V_ASN1_SEQUENCE,\
-+ tname##_seq_tt,\
-+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-+ NULL,\
-+ sizeof(stname),\
-+ #stname \
-+ ASN1_ITEM_end(tname)
-+#endif /* !defined(static_ASN1_SEQUENCE_END_name) */
-+
- #include <openssl/asn1t.h>
- #else
- #include <openssl/asn1_mac.h>
---
-2.21.0
-
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch b/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch
deleted file mode 100644
index 1522d42a730f..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.18-libressl.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From e3e3bc2a20795becda6e130d511fe59f04635624 Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <steils@gentoo.org>
-Date: Sat, 15 Feb 2020 10:27:20 +0200
-Subject: [PATCH] Fix compilation for LibreSSL 3.0.2
-
-RSA_PKCS1_OpenSSL() is provided in LibreSSL the master branch,
-expected to be in the next release.
-See: https://github.com/libressl-portable/openbsd/commit/3a8c41f3a84868337fde01ec1122198ec60bdc8e
-
-Bug: https://bugs.gentoo.org/709640
-Signed-off-by: Stefan Strogin <steils@gentoo.org>
----
- tests/softpkcs11/main.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/tests/softpkcs11/main.c b/tests/softpkcs11/main.c
-index 1cccdfb43..a5099fbe4 100644
---- a/tests/softpkcs11/main.c
-+++ b/tests/softpkcs11/main.c
-@@ -47,7 +47,6 @@
-
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
- #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa)
--#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay
- #define RSA_get0_key compat_rsa_get0_key
- static void
- compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
-@@ -62,6 +61,11 @@ compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
- }
- #endif
-
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
-+ defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER <= 0x3000200fL)
-+#define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay
-+#endif
-+
- #define OPENSSL_ASN1_MALLOC_ENCODE(T, B, BL, S, R) \
- { \
- unsigned char *p; \
---
-2.25.0
-
diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
index 8482b1acd95e..a80fe2ba685f 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.18.2-r3.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}.tar.gz"
LICENSE="openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 || ( BSD-2 GPL-2+ )"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86"
-IUSE="cpu_flags_x86_aes doc +keyutils libressl lmdb nls openldap +pkinit selinux +threads test xinetd"
+IUSE="cpu_flags_x86_aes doc +keyutils lmdb nls openldap +pkinit selinux +threads test xinetd"
# Test suite requires network access
RESTRICT="test"
@@ -33,8 +33,7 @@ DEPEND="
nls? ( sys-devel/gettext[${MULTILIB_USEDEP}] )
openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
pkinit? (
- !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
- libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
+ >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
)
xinetd? ( sys-apps/xinetd )
"
@@ -60,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src
PATCHES=(
"${FILESDIR}/${PN}-1.12_warn_cflags.patch"
"${FILESDIR}/${PN}-config_LDFLAGS-r1.patch"
- "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch"
"${FILESDIR}/${PN}_dont_create_run.patch"
- "${FILESDIR}/${PN}-1.18-libressl.patch"
"${FILESDIR}/CVE-2020-28196.patch"
"${FILESDIR}/${PN}-1.18.2-krb5-config.patch"
"${FILESDIR}/${PN}-1.18.2-autoconf-2.70.patch"
diff --git a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
index b17423863743..a20eb9604cba 100644
--- a/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
+++ b/app-crypt/mit-krb5/mit-krb5-1.18.3-r1.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}.tar.gz"
LICENSE="openafs-krb5-a BSD MIT OPENLDAP BSD-2 HPND BSD-4 ISC RSA CC-BY-SA-3.0 || ( BSD-2 GPL-2+ )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
-IUSE="cpu_flags_x86_aes doc +keyutils libressl lmdb nls openldap +pkinit selinux +threads test xinetd"
+IUSE="cpu_flags_x86_aes doc +keyutils lmdb nls openldap +pkinit selinux +threads test xinetd"
# Test suite requires network access
RESTRICT="test"
@@ -33,8 +33,7 @@ DEPEND="
nls? ( sys-devel/gettext[${MULTILIB_USEDEP}] )
openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
pkinit? (
- !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
- libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
+ >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
)
xinetd? ( sys-apps/xinetd )
"
@@ -60,9 +59,7 @@ S=${WORKDIR}/${MY_P}/src
PATCHES=(
"${FILESDIR}/${PN}-1.12_warn_cflags.patch"
"${FILESDIR}/${PN}-config_LDFLAGS-r1.patch"
- "${FILESDIR}/${PN}-1.16.3-libressl-r1.patch"
"${FILESDIR}/${PN}_dont_create_run.patch"
- "${FILESDIR}/${PN}-1.18-libressl.patch"
"${FILESDIR}/${PN}-1.18.2-krb5-config.patch"
)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 06:24:37 +0000