Subject: pkg/28740: security/crypto++ outdated
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: Stefan Krüger <skrueger@meinberlikomm.de>
List: pkgsrc-bugs
Date: 12/21/2004 20:21:00
>Number: 28740
>Category: pkg
>Synopsis: security/crypto++ outdated, patch included
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Tue Dec 21 20:21:00 +0000 2004
>Originator: Stefan Krüger
>Release: NetBSD 2.99.11
>Organization:
>Environment:
System: NetBSD dsl-82-144-47-203.berlikomm.net 2.99.11 NetBSD 2.99.11 (PLUTO) #0: Tue Dec 21 18:41:35 CET 2004 space7@dsl-82-144-47-203.berlikomm.net:/usr/obj/cvsroot/src/sys/arch/i386/compile/PLUTO i386
Architecture: i386
Machine: i386
>Description:
http://www.eskimo.com/~weidai/cryptlib.html:
Crypto++® Library 5.2.1
# 7/21/2004 - Version 5.2.1 released.
* fixed bug in the "dlltest" DLL testing program
* fixed compiling with STLport using VC .NET
* fixed compiling with -fPIC using GCC
* fixed compiling with -msse2 on systems without memalign()
* fixed inability to instantiate PanamaMAC
* fixed problems with inline documentation
# 6/29/2004 - Version 5.2 released.
* merged in changes for 5.01 - 5.0.4
o added option to compile Crypto++ as Windows DLL
o fixed vulnerabilities in GetNextIV for CTR and OFB modes
* added support for using encoding parameters and key derivation parameters
with public key encryption (implemented by OAEP and DL/ECIES)
* added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320,
RIPEMD-128, RIPEMD-256, Base-32 coding
* added ThreadUserTimer for timing thread CPU usage
* added option for password-based key derivation functions to iterate until
a mimimum elapsed thread CPU time is reached
* added option (on by default) for DEFLATE compression to detect
uncompressible files and process them more quickly
* improved compatibility and performance on 64-bit platforms, including
Alpha, IA-64, x86-64, PPC64, Sparc64, and MIPS64
* fixed ONE_AND_ZEROS_PADDING to use 0x80 instead 0x01 as padding.
* fixed encoding/decoding of PKCS #8 privateKeyInfo to properly handle
optional attributes
>How-To-Repeat:
cd ../pkgsrc/security/crypto++ && make ;-)
>Fix:
pls check PKGNAME/DISTNAME, thx
diff -uNr crypto++.old/Makefile crypto++/Makefile
--- crypto++.old/Makefile 2004-12-21 20:32:34.000000000 +0100
+++ crypto++/Makefile 2004-12-21 20:42:14.000000000 +0100
@@ -1,12 +1,12 @@
# $NetBSD: Makefile,v 1.1.1.1 2004/07/26 15:18:44 minskim Exp $
#
-DISTNAME= crypto51
-PKGNAME= crypto++-5.1
+DISTNAME= cryptopp521
CATEGORIES= security
MASTER_SITES= http://www.eskimo.com/~weidai/ \
- http://prdownloads.sourceforge.net/cryptopp/ \
- http://gd.tuwien.ac.at/privacy/crypto/libs/cryptlib/
+ ${MASTER_SITE_SOURCEFORGE:=cryptopp/} \
+ http://gd.tuwien.ac.at/privacy/crypto/libs/cryptlib/ \
+ http://www.mirrors.wiretapped.net/security/cryptography/libraries/cryptolib/
EXTRACT_SUFX= .zip
MAINTAINER= tech-pkg@NetBSD.org
diff -uNr crypto++.old/PLIST crypto++/PLIST
--- crypto++.old/PLIST 2004-12-21 20:32:34.000000000 +0100
+++ crypto++/PLIST 2004-12-21 21:12:58.000000000 +0100
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2004/07/26 15:18:44 minskim Exp $
+@comment $NetBSD$
bin/cryptest
include/cryptopp/3way.h
include/cryptopp/adler32.h
@@ -8,11 +8,13 @@
include/cryptopp/arc4.h
include/cryptopp/argnames.h
include/cryptopp/asn.h
+include/cryptopp/base32.h
include/cryptopp/base64.h
include/cryptopp/basecode.h
include/cryptopp/bench.h
include/cryptopp/blowfish.h
include/cryptopp/blumshub.h
+include/cryptopp/camellia.h
include/cryptopp/cast.h
include/cryptopp/cbcmac.h
include/cryptopp/channels.h
@@ -23,7 +25,7 @@
include/cryptopp/des.h
include/cryptopp/dh.h
include/cryptopp/dh2.h
-include/cryptopp/diamond.h
+include/cryptopp/dll.h
include/cryptopp/dmac.h
include/cryptopp/dsa.h
include/cryptopp/ec2n.h
@@ -84,6 +86,7 @@
include/cryptopp/rc2.h
include/cryptopp/rc5.h
include/cryptopp/rc6.h
+include/cryptopp/resource.h
include/cryptopp/rijndael.h
include/cryptopp/ripemd.h
include/cryptopp/rng.h
@@ -95,21 +98,25 @@
include/cryptopp/seckey.h
include/cryptopp/serpent.h
include/cryptopp/sha.h
+include/cryptopp/shacal2.h
include/cryptopp/shark.h
include/cryptopp/simple.h
include/cryptopp/skipjack.h
include/cryptopp/smartptr.h
include/cryptopp/socketft.h
include/cryptopp/square.h
+include/cryptopp/stdcpp.h
include/cryptopp/strciphr.h
include/cryptopp/tea.h
include/cryptopp/tiger.h
include/cryptopp/trdlocal.h
include/cryptopp/trunhash.h
+include/cryptopp/ttmac.h
include/cryptopp/twofish.h
include/cryptopp/validate.h
include/cryptopp/wait.h
include/cryptopp/wake.h
+include/cryptopp/whrlpool.h
include/cryptopp/winpipes.h
include/cryptopp/words.h
include/cryptopp/xormac.h
diff -uNr crypto++.old/distinfo crypto++/distinfo
--- crypto++.old/distinfo 2004-12-21 20:32:34.000000000 +0100
+++ crypto++/distinfo 2004-12-21 20:59:14.000000000 +0100
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.1.1.1 2004/07/26 15:18:44 minskim Exp $
-SHA1 (crypto51.zip) = 95905714c85f6fb563e66edb5478818df787fe2d
-Size (crypto51.zip) = 829560 bytes
-SHA1 (patch-aa) = f66abaac76ea6db3f94a8d3616114b7d893d8793
-SHA1 (patch-ab) = e9ec34d4dd5093c021cc27ea6233e87dc6262221
+SHA1 (cryptopp521.zip) = 4b84311d1cbde04df5d88b5375d29c2e35ccb89c
+Size (cryptopp521.zip) = 1010937 bytes
+SHA1 (patch-aa) = 26021e24220e989a5245c37596dd0364c9016131
+SHA1 (patch-ab) = 16b27d0566a162e8412db9d4f0186cc15f4c9980
diff -uNr crypto++.old/patches/patch-aa crypto++/patches/patch-aa
--- crypto++.old/patches/patch-aa 2004-12-21 20:32:34.000000000 +0100
+++ crypto++/patches/patch-aa 2004-12-21 20:59:11.000000000 +0100
@@ -1,26 +1,48 @@
-$NetBSD: patch-aa,v 1.1.1.1 2004/07/26 15:18:44 minskim Exp $
+$NetBSD$
---- GNUmakefile.orig 2003-03-19 19:24:11.000000000 -0600
+--- GNUmakefile.orig 2004-06-20 11:22:24.000000000 +0200
+++ GNUmakefile
@@ -1,5 +1,5 @@
# can't use -fno-rtti yet because it causes problems with exception handling in GCC 2.95.2
-CXXFLAGS = -g
-+CXXFLAGS = ${CFLAGS}
- # Uncomment the next two lines to do a release build.
++#CXXFLAGS = -g
+ # Uncomment the following two lines to do a release build.
# Note that you must define NDEBUG for your own application if you define it for Crypto++.
- # Also, make sure you run the validation tests and test your own program thoroughly
-@@ -47,16 +47,16 @@ OBJS = $(SRCS:.cpp=.o)
- TESTOBJS = bench.o test.o validat1.o validat2.o validat3.o adhoc.o datatest.o regtest.o
- LIBOBJS = $(filter-out $(TESTOBJS),$(OBJS))
+ # Make sure you run the validation tests and test your own program thoroughly
+@@ -22,9 +22,9 @@ ifeq ($(ISX86),1)
+ GCC33ORLATER = $(shell $(CXX) -v 2>&1 | grep -c "gcc version \(3.[3-9]\|[4-9]\)")
+ GAS210ORLATER = $(shell echo "" | $(AS) -v 2>&1 | grep -c "GNU assembler version \(2.[1-9][0-9]\|[3-9]\)")
+
+-ifeq ($(GCC33ORLATER) $(ISMINGW),1 0) # MINGW32 is missing the memalign function
+-CXXFLAGS += -msse2
+-endif
++#ifeq ($(GCC33ORLATER) $(ISMINGW),1 0) # MINGW32 is missing the memalign function
++#CXXFLAGS += -msse2
++#endif
+
+ ifeq ($(GAS210ORLATER),0) # .intel_syntax wasn't supported until GNU assembler 2.10
+ CXXFLAGS += -DCRYPTOPP_DISABLE_X86ASM
+@@ -38,8 +38,8 @@ endif
+
+ ifeq ($(UNAME),) # for DJGPP, where uname doesn't exist
+ CXXFLAGS += -mbnu210
+-else
+-CXXFLAGS += -pipe
++#else
++#CXXFLAGS += -pipe
+ endif
+
+ ifeq ($(UNAME),Darwin)
+@@ -75,7 +75,7 @@ LIBIMPORTOBJS = $(LIBOBJS:.o=.import.o)
+ TESTIMPORTOBJS = $(TESTOBJS:.o=.import.o)
+ DLLTESTOBJS = dlltest.dllonly.o
-all: cryptest.exe
+all: cryptest
clean:
-- $(RM) cryptest.exe libcryptopp.a $(LIBOBJS) $(TESTOBJS)
-+ $(RM) cryptest libcryptopp.a $(LIBOBJS) $(TESTOBJS)
-
- libcryptopp.a: $(LIBOBJS)
+ $(RM) cryptest.exe libcryptopp.a $(LIBOBJS) $(TESTOBJS) cryptopp.dll libcryptopp.dll.a libcryptopp.import.a cryptest.import.exe dlltest.exe $(DLLOBJS) $(LIBIMPORTOBJS) $(TESTIMPORTOBJS) $(DLLTESTOBJS)
+@@ -84,7 +84,7 @@ libcryptopp.a: $(LIBOBJS)
$(AR) $(ARFLAGS) $@ $(LIBOBJS)
$(RANLIB) $@
diff -uNr crypto++.old/patches/patch-ab crypto++/patches/patch-ab
--- crypto++.old/patches/patch-ab 2004-12-21 20:32:34.000000000 +0100
+++ crypto++/patches/patch-ab 2004-12-21 20:50:18.000000000 +0100
@@ -1,7 +1,8 @@
-$NetBSD: patch-ab,v 1.1.1.1 2004/07/26 15:18:44 minskim Exp $
---- config.h.orig 2004-04-14 01:13:37.000000000 +0100
-+++ config.h 2004-04-14 01:13:41.000000000 +0100
-@@ -194,7 +194,7 @@
+$NetBSD$
+
+--- config.h.orig 2004-07-21 19:09:46.000000000 +0200
++++ config.h
+@@ -201,7 +201,7 @@ NAMESPACE_END
#define CRYPTOPP_WIN32_AVAILABLE
#endif
>Unformatted: