diff options
Diffstat (limited to 'net-wireless/crda/files')
-rw-r--r-- | net-wireless/crda/files/crda-4.14-do-not-compress-doc.patch | 36 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-4.14-openssl-1.1.0-compatibility.patch | 314 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-4.14-python-3.patch | 93 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-cflags.patch (renamed from net-wireless/crda/files/crda-3.18-cflags.patch) | 0 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-ldflags.patch (renamed from net-wireless/crda/files/crda-3.18-ldflags.patch) | 0 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-libreg-link.patch (renamed from net-wireless/crda/files/crda-3.18-libreg-link.patch) | 0 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-libressl.patch (renamed from net-wireless/crda/files/crda-3.18-libressl.patch) | 0 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-no-ldconfig.patch (renamed from net-wireless/crda/files/crda-3.18-no-ldconfig.patch) | 0 | ||||
-rw-r--r-- | net-wireless/crda/files/crda-no-werror.patch (renamed from net-wireless/crda/files/crda-3.18-no-werror.patch) | 0 |
9 files changed, 443 insertions, 0 deletions
diff --git a/net-wireless/crda/files/crda-4.14-do-not-compress-doc.patch b/net-wireless/crda/files/crda-4.14-do-not-compress-doc.patch new file mode 100644 index 000000000000..428bafbde44f --- /dev/null +++ b/net-wireless/crda/files/crda-4.14-do-not-compress-doc.patch @@ -0,0 +1,36 @@ +diff --git a/Makefile b/Makefile +index 335d17d..683a379 100644 +--- a/Makefile ++++ b/Makefile +@@ -157,11 +157,7 @@ verify: $(REG_BIN) regdbdump + LD_LIBRARY_PATH=.:$(LD_LIBRARY_PATH) \ + ./regdbdump $(REG_BIN) >/dev/null + +-%.gz: % +- @$(NQ) ' GZIP' $< +- $(Q)gzip < $< > $@ +- +-install: install-libreg install-libreg-headers crda crda.8.gz regdbdump.8.gz ++install: install-libreg install-libreg-headers crda crda.8 regdbdump.8 + $(NQ) ' INSTALL crda' + $(Q)$(MKDIR) $(DESTDIR)/$(SBINDIR) + $(Q)$(INSTALL) -m 755 -t $(DESTDIR)/$(SBINDIR) crda +@@ -177,13 +173,13 @@ install: install-libreg install-libreg-headers crda crda.8.gz regdbdump.8.gz + $(Q)$(INSTALL) -m 644 -t \ + $(DESTDIR)/$(UDEV_RULE_DIR)/ \ + udev/$(UDEV_LEVEL)regulatory.rules +- $(NQ) ' INSTALL crda.8.gz' ++ $(NQ) ' INSTALL crda.8' + $(Q)$(MKDIR) $(DESTDIR)$(MANDIR)/man8/ +- $(Q)$(INSTALL) -m 644 -t $(DESTDIR)/$(MANDIR)/man8/ crda.8.gz +- $(NQ) ' INSTALL regdbdump.8.gz' +- $(Q)$(INSTALL) -m 644 -t $(DESTDIR)/$(MANDIR)/man8/ regdbdump.8.gz ++ $(Q)$(INSTALL) -m 644 -t $(DESTDIR)/$(MANDIR)/man8/ crda.8 ++ $(NQ) ' INSTALL regdbdump.8' ++ $(Q)$(INSTALL) -m 644 -t $(DESTDIR)/$(MANDIR)/man8/ regdbdump.8 + + clean: + $(Q)rm -f $(LIBREG) crda regdbdump intersect db2rd optimize \ +- *.o *~ *.pyc keys.c *.gz \ ++ *.o *~ *.pyc keys.c \ + udev/$(UDEV_LEVEL)regulatory.rules udev/regulatory.rules.parsed diff --git a/net-wireless/crda/files/crda-4.14-openssl-1.1.0-compatibility.patch b/net-wireless/crda/files/crda-4.14-openssl-1.1.0-compatibility.patch new file mode 100644 index 000000000000..a9999da239fd --- /dev/null +++ b/net-wireless/crda/files/crda-4.14-openssl-1.1.0-compatibility.patch @@ -0,0 +1,314 @@ +From 338637ac08c19708eb35523894b44bbe3c726cfa Mon Sep 17 00:00:00 2001 +From: quentin <quentin@minster.io> +Date: Mon, 2 Apr 2018 18:07:50 +0200 +Subject: [PATCH] crda: Fix for OpenSSL 1.1.0: BIGNUM now opaque + +OpenSSL 1.1.0 makes most of OpenSSL's structures opaque, and provides +functions to manipulate them. This means it's no longer possible to +construct an OpenSSL BIGNUM directly from scratch, as was done in +keys-ssl.c. + +Use BN_bin2bn() (available since OpenSSL 0.9.8) to build the bignum from +its big-endian representation as a byte array. + +This also allows factoring the code in utils/key2pub.py as it's now the +same mechanism as with libgcrypt. + +This was tested with OpenSSL 1.1.0g. + +Signed-off-by: Quentin Minster <quentin@minster.io> +--- + Makefile | 12 +++---- + reglib.c | 44 +++++++++++++++++------ + utils/key2pub.py | 107 ++++++------------------------------------------------- + 3 files changed, 49 insertions(+), 114 deletions(-) + +diff --git a/Makefile b/Makefile +index a3ead30..a4e7373 100644 +--- a/Makefile ++++ b/Makefile +@@ -38,18 +38,16 @@ all: all_noverify verify + + all_noverify: $(LIBREG) crda intersect regdbdump db2rd optimize + ++$(LIBREG): keys.c ++ + ifeq ($(USE_OPENSSL),1) + CFLAGS += -DUSE_OPENSSL -DPUBKEY_DIR=\"$(RUNTIME_PUBKEY_DIR)\" `pkg-config --cflags openssl` + LDLIBS += `pkg-config --libs openssl` + +-$(LIBREG): keys-ssl.c +- + else + CFLAGS += -DUSE_GCRYPT + LDLIBS += -lgcrypt + +-$(LIBREG): keys-gcrypt.c +- + endif + MKDIR ?= mkdir -p + INSTALL ?= install +@@ -109,10 +107,10 @@ $(REG_BIN): + $(NQ) + $(Q) exit 1 + +-keys-%.c: utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) ++keys.c: utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) + $(NQ) ' GEN ' $@ + $(NQ) ' Trusted pubkeys:' $(wildcard $(PUBKEY_DIR)/*.pem) +- $(Q)./utils/key2pub.py --$* $(wildcard $(PUBKEY_DIR)/*.pem) $@ ++ $(Q)./utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) $@ + + $(LIBREG): regdb.h reglib.h reglib.c + $(NQ) ' CC ' $@ +@@ -187,5 +185,5 @@ install: install-libreg install-libreg-headers crda crda.8.gz regdbdump.8.gz + + clean: + $(Q)rm -f $(LIBREG) crda regdbdump intersect db2rd optimize \ +- *.o *~ *.pyc keys-*.c *.gz \ ++ *.o *~ *.pyc keys.c *.gz \ + udev/$(UDEV_LEVEL)regulatory.rules udev/regulatory.rules.parsed +diff --git a/reglib.c b/reglib.c +index e00e9b8..00f7f56 100644 +--- a/reglib.c ++++ b/reglib.c +@@ -22,6 +22,7 @@ + #include <openssl/rsa.h> + #include <openssl/sha.h> + #include <openssl/pem.h> ++#include <openssl/bn.h> + #endif + + #ifdef USE_GCRYPT +@@ -30,12 +31,8 @@ + + #include "reglib.h" + +-#ifdef USE_OPENSSL +-#include "keys-ssl.c" +-#endif +- +-#ifdef USE_GCRYPT +-#include "keys-gcrypt.c" ++#if defined(USE_OPENSSL) || defined(USE_GCRYPT) ++#include "keys.c" + #endif + + int debug = 0; +@@ -81,7 +78,8 @@ reglib_array_len(size_t baselen, unsigned int elemcount, size_t elemlen) + #ifdef USE_OPENSSL + int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) + { +- RSA *rsa; ++ RSA *rsa = NULL; ++ BIGNUM *rsa_e = NULL, *rsa_n = NULL; + uint8_t hash[SHA_DIGEST_LENGTH]; + unsigned int i; + int ok = 0; +@@ -102,15 +100,35 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) + goto out; + } + +- rsa->e = &keys[i].e; +- rsa->n = &keys[i].n; ++ rsa_e = BN_bin2bn(keys[i].e, keys[i].len_e, NULL); ++ if (!rsa_e) { ++ fprintf(stderr, "Failed to convert value for RSA e.\n"); ++ goto out; ++ } ++ rsa_n = BN_bin2bn(keys[i].n, keys[i].len_n, NULL); ++ if (!rsa_n) { ++ fprintf(stderr, "Failed to convert value for RSA n.\n"); ++ goto out; ++ } ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ rsa->e = rsa_e; ++ rsa->n = rsa_n; ++#else ++ if (RSA_set0_key(rsa, rsa_n, rsa_e, NULL) != 1) { ++ fprintf(stderr, "Failed to set RSA key.\n"); ++ goto out; ++ } ++#endif ++ /* BIGNUMs now owned by the RSA object */ ++ rsa_e = NULL; ++ rsa_n = NULL; + + ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, + db + dblen, siglen, rsa) == 1; + +- rsa->e = NULL; +- rsa->n = NULL; + RSA_free(rsa); ++ rsa = NULL; + } + if (!ok && (pubkey_dir = opendir(PUBKEY_DIR))) { + while (!ok && (nextfile = readdir(pubkey_dir))) { +@@ -123,6 +141,7 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) + ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, + db + dblen, siglen, rsa) == 1; + RSA_free(rsa); ++ rsa = NULL; + fclose(keyfile); + } + } +@@ -133,6 +152,9 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) + fprintf(stderr, "Database signature verification failed.\n"); + + out: ++ RSA_free(rsa); ++ BN_free(rsa_e); ++ BN_free(rsa_n); + return ok; + } + #endif /* USE_OPENSSL */ +diff --git a/utils/key2pub.py b/utils/key2pub.py +index 9bb04cd..1919270 100755 +--- a/utils/key2pub.py ++++ b/utils/key2pub.py +@@ -9,84 +9,7 @@ except ImportError as e: + sys.stderr.write('On Debian GNU/Linux the package is called "python-m2crypto".\n') + sys.exit(1) + +-def print_ssl_64(output, name, val): +- while val[0:1] == b'\0': +- val = val[1:] +- while len(val) % 8: +- val = b'\0' + val +- vnew = [] +- while len(val): +- vnew.append((val[0:1], val[1:2], val[2:3], val[3:4], val[4:5], val[5:6], val[6:7], val[7:8])) +- val = val[8:] +- vnew.reverse() +- output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) +- idx = 0 +- for v1, v2, v3, v4, v5, v6, v7, v8 in vnew: +- if not idx: +- output.write('\t') +- output.write('0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4), ord(v5), ord(v6), ord(v7), ord(v8))) +- idx += 1 +- if idx == 2: +- idx = 0 +- output.write('\n') +- if idx: +- output.write('\n') +- output.write('};\n\n') +- +-def print_ssl_32(output, name, val): +- while val[0:1] == b'\0': +- val = val[1:] +- while len(val) % 4: +- val = b'\0' + val +- vnew = [] +- while len(val): +- vnew.append((val[0:1], val[1:2], val[2:3], val[3:4])) +- val = val[4:] +- vnew.reverse() +- output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) +- idx = 0 +- for v1, v2, v3, v4 in vnew: +- if not idx: +- output.write('\t') +- output.write('0x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4))) +- idx += 1 +- if idx == 4: +- idx = 0 +- output.write('\n') +- if idx: +- output.write('\n') +- output.write('};\n\n') +- +-def print_ssl(output, name, val): +- import struct +- output.write('#include <stdint.h>\n') +- if len(struct.pack('@L', 0)) == 8: +- return print_ssl_64(output, name, val) +- else: +- return print_ssl_32(output, name, val) +- +-def print_ssl_keys(output, n): +- output.write(r''' +-struct pubkey { +- struct bignum_st e, n; +-}; +- +-#define KEY(data) { \ +- .d = data, \ +- .top = sizeof(data)/sizeof(data[0]), \ +-} +- +-#define KEYS(e,n) { KEY(e), KEY(n), } +- +-static struct pubkey keys[] = { +-''') +- for n in range(n + 1): +- output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) +- output.write('};\n') +- pass +- +-def print_gcrypt(output, name, val): +- output.write('#include <stdint.h>\n') ++def print_bignum(output, name, val): + while val[0:1] == b'\0': + val = val[1:] + output.write('static const uint8_t %s[%d] = {\n' % (name, len(val))) +@@ -103,11 +26,11 @@ def print_gcrypt(output, name, val): + output.write('\n') + output.write('};\n\n') + +-def print_gcrypt_keys(output, n): ++def print_keys(output, n): + output.write(r''' + struct key_params { + const uint8_t *e, *n; +- uint32_t len_e, len_n; ++ const uint32_t len_e, len_n; + }; + + #define KEYS(_e, _n) { \ +@@ -120,25 +43,17 @@ static const struct key_params __attribute__ ((unused)) keys[] = { + for n in range(n + 1): + output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) + output.write('};\n') +- + +-modes = { +- '--ssl': (print_ssl, print_ssl_keys), +- '--gcrypt': (print_gcrypt, print_gcrypt_keys), +-} + +-try: +- mode = sys.argv[1] +- files = sys.argv[2:-1] +- outfile = sys.argv[-1] +-except IndexError: +- mode = None ++files = sys.argv[1:-1] ++outfile = sys.argv[-1] + +-if not mode in modes: +- print('Usage: %s [%s] input-file... output-file' % (sys.argv[0], '|'.join(modes.keys()))) ++if len(files) == 0: ++ print('Usage: %s input-file... output-file' % sys.argv[0]) + sys.exit(2) + + output = open(outfile, 'w') ++output.write('#include <stdint.h>\n\n\n') + + # load key + idx = 0 +@@ -148,10 +63,10 @@ for f in files: + except RSA.RSAError: + key = RSA.load_key(f) + +- modes[mode][0](output, 'e_%d' % idx, key.e[4:]) +- modes[mode][0](output, 'n_%d' % idx, key.n[4:]) ++ print_bignum(output, 'e_%d' % idx, key.e[4:]) ++ print_bignum(output, 'n_%d' % idx, key.n[4:]) + idx += 1 + +-modes[mode][1](output, idx - 1) ++print_keys(output, idx - 1) + + output.close() diff --git a/net-wireless/crda/files/crda-4.14-python-3.patch b/net-wireless/crda/files/crda-4.14-python-3.patch new file mode 100644 index 000000000000..97db1ac05294 --- /dev/null +++ b/net-wireless/crda/files/crda-4.14-python-3.patch @@ -0,0 +1,93 @@ +--- /utils/key2pub.py ++++ /utils/key2pub.py +@@ -3,20 +3,20 @@ + import sys + try: + from M2Crypto import RSA +-except ImportError, e: ++except ImportError as e: + sys.stderr.write('ERROR: Failed to import the "M2Crypto" module: %s\n' % e.message) + sys.stderr.write('Please install the "M2Crypto" Python module.\n') + sys.stderr.write('On Debian GNU/Linux the package is called "python-m2crypto".\n') + sys.exit(1) + + def print_ssl_64(output, name, val): +- while val[0] == '\0': ++ while val[0:1] == b'\0': + val = val[1:] + while len(val) % 8: +- val = '\0' + val ++ val = b'\0' + val + vnew = [] + while len(val): +- vnew.append((val[0], val[1], val[2], val[3], val[4], val[5], val[6], val[7])) ++ vnew.append((val[0:1], val[1:2], val[2:3], val[3:4], val[4:5], val[5:6], val[6:7], val[7:8])) + val = val[8:] + vnew.reverse() + output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) +@@ -34,13 +34,13 @@ + output.write('};\n\n') + + def print_ssl_32(output, name, val): +- while val[0] == '\0': ++ while val[0:1] == b'\0': + val = val[1:] + while len(val) % 4: +- val = '\0' + val ++ val = b'\0' + val + vnew = [] + while len(val): +- vnew.append((val[0], val[1], val[2], val[3], )) ++ vnew.append((val[0:1], val[1:2], val[2:3], val[3:4])) + val = val[4:] + vnew.reverse() + output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) +@@ -80,21 +80,21 @@ + + static struct pubkey keys[] = { + ''') +- for n in xrange(n + 1): ++ for n in range(n + 1): + output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) + output.write('};\n') + pass + + def print_gcrypt(output, name, val): + output.write('#include <stdint.h>\n') +- while val[0] == '\0': ++ while val[0:1] == b'\0': + val = val[1:] + output.write('static const uint8_t %s[%d] = {\n' % (name, len(val))) + idx = 0 + for v in val: + if not idx: + output.write('\t') +- output.write('0x%.2x, ' % ord(v)) ++ output.write('0x%.2x, ' % (v if sys.version_info[0] >=3 else ord(v))) + idx += 1 + if idx == 8: + idx = 0 +@@ -117,7 +117,7 @@ + + static const struct key_params keys[] = { + ''') +- for n in xrange(n + 1): ++ for n in range(n + 1): + output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) + output.write('};\n') + +@@ -135,7 +135,7 @@ + mode = None + + if not mode in modes: +- print 'Usage: %s [%s] input-file... output-file' % (sys.argv[0], '|'.join(modes.keys())) ++ print('Usage: %s [%s] input-file... output-file' % (sys.argv[0], '|'.join(modes.keys()))) + sys.exit(2) + + output = open(outfile, 'w') +@@ -153,3 +153,5 @@ + idx += 1 + + modes[mode][1](output, idx - 1) ++ ++output.close() diff --git a/net-wireless/crda/files/crda-3.18-cflags.patch b/net-wireless/crda/files/crda-cflags.patch index 6edbded822cc..6edbded822cc 100644 --- a/net-wireless/crda/files/crda-3.18-cflags.patch +++ b/net-wireless/crda/files/crda-cflags.patch diff --git a/net-wireless/crda/files/crda-3.18-ldflags.patch b/net-wireless/crda/files/crda-ldflags.patch index 5ba9165c7adc..5ba9165c7adc 100644 --- a/net-wireless/crda/files/crda-3.18-ldflags.patch +++ b/net-wireless/crda/files/crda-ldflags.patch diff --git a/net-wireless/crda/files/crda-3.18-libreg-link.patch b/net-wireless/crda/files/crda-libreg-link.patch index 0aa1b6e87a39..0aa1b6e87a39 100644 --- a/net-wireless/crda/files/crda-3.18-libreg-link.patch +++ b/net-wireless/crda/files/crda-libreg-link.patch diff --git a/net-wireless/crda/files/crda-3.18-libressl.patch b/net-wireless/crda/files/crda-libressl.patch index 817f2e0328cc..817f2e0328cc 100644 --- a/net-wireless/crda/files/crda-3.18-libressl.patch +++ b/net-wireless/crda/files/crda-libressl.patch diff --git a/net-wireless/crda/files/crda-3.18-no-ldconfig.patch b/net-wireless/crda/files/crda-no-ldconfig.patch index a5cc42084d53..a5cc42084d53 100644 --- a/net-wireless/crda/files/crda-3.18-no-ldconfig.patch +++ b/net-wireless/crda/files/crda-no-ldconfig.patch diff --git a/net-wireless/crda/files/crda-3.18-no-werror.patch b/net-wireless/crda/files/crda-no-werror.patch index 6abb78c984e4..6abb78c984e4 100644 --- a/net-wireless/crda/files/crda-3.18-no-werror.patch +++ b/net-wireless/crda/files/crda-no-werror.patch |