pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2019Q2]: pkgsrc/security/libtomcrypt Pullup ticket #5991 - req...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/1542676d701c
branches:  pkgsrc-2019Q2
changeset: 408151:1542676d701c
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Wed Jul 10 15:15:36 2019 +0000

description:
Pullup ticket #5991 - requested by nia
security/libtomcrypt: security fix

Revisions pulled up:
- security/libtomcrypt/Makefile                                 1.8
- security/libtomcrypt/PLIST                                    1.3
- security/libtomcrypt/distinfo                                 1.8
- security/libtomcrypt/patches/patch-aa                         deleted
- security/libtomcrypt/patches/patch-ab                         1.4
- security/libtomcrypt/patches/patch-ac                         deleted
- security/libtomcrypt/patches/patch-src_headers_tomcrypt__macros.h deleted
- security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c deleted

---
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Tue Jul  9 11:20:58 UTC 2019

   Modified Files:
        pkgsrc/security/libtomcrypt: Makefile PLIST distinfo
        pkgsrc/security/libtomcrypt/patches: patch-ab
   Removed Files:
        pkgsrc/security/libtomcrypt/patches: patch-aa patch-ac
            patch-src_headers_tomcrypt__macros.h
            patch-src_pk_rsa_rsa__verify__hash.c

   Log Message:
   libtomcrypt: Update to 1.18.2

   July 1st, 2018
   v1.18.2
         -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408)
         -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373)
         -- Fix two-key 3DES (PR #390)
         -- Fix accelerated CTR mode (PR #359)
         -- Fix Fortuna PRNG (PR #363)
         -- Fix compilation on platforms where cc doesn't point to gcc (PR #382)
         -- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392)
         -- Fix build on platforms where the compiler provides __WCHAR_MAX__ but wchar.h is not available (PR #390)
         -- Fix & re-factor crypt_list_all_sizes() and crypt_list_all_constants() (PR #414)
         -- Minor fixes (PR's #350 #351 #375 #377 #378 #379)

   January 22nd, 2018
   v1.18.1
         -- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this via Mail (PR #329)
         -- Fix NULL-pointer dereference in `ccm_memory()` with LTC_CLEAN_STACK enabled (PR #327)
         -- Fix `ccm_process()` being unable to process input buffers longer than 256 bytes (PR #326)
         -- Fix the `register_all_{ciphers,hashes,prngs}()` return values (PR #316)
         -- Fix some typos, warnings and duplicate prototypes in code & doc (PR's #310 #320 #321 #335)
         -- Fix possible undefined behavior with LTC_PTHREAD (PR #337)
         -- Fix some DER bugs (PR #339)
         -- Fix CTR-mode when accelerator is used (OP-TEE/optee_os #2086)
         -- Fix installation procedure (Issue #340)

   October 10th, 2017
   v1.18.0
         -- Bugfix multi2
         -- Bugfix Noekeon
         -- Bugfix XTEA
         -- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random
         -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent
         -- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian Verschoor
         -- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3,
            thanks to Rapha?l Jamet
         -- Implement hardened RSA operations when CRT is used
         -- Enabled timing resistant calculations of ECC and RSA operations per default
         -- Applied some patches from the OLPC project regarding PKCS#1 and preventing
            the hash algorithms from overflowing
         -- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt
            from a dynamic language like Python, as shown in his pyTomCrypt
         -- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and DSA keys
            in OpenSSL/GnuTLS compatible format
         -- Patrick Pelletier contributed a smart volley of patches
         -- Christopher Brown contributed some patches and additions to ASN.1/DER
         -- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the
            XTS mode and RSA private key operations with keys without CRT parameters
         -- RC2 now also works with smaller key-sizes
         -- Improved/extended several tests & demos
         -- Hardened DSA and RSA by testing (through Karel's perl-CryptX)
            against Google's "Wycheproof" and Kudelski Security's "CDF"
         -- Fixed all compiler warnings
         -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64,
            Mac OS X, Windows (32&64bit, Cygwin, MingW & MSVC) ...
         -- Re-worked all makefiles
         -- Re-worked most PRNG's
         -- The code is now verified by a linter, thanks to Francois Perrad
         -- Documentation (crypt.pdf) is now built deterministically, thanks to Michael Stapelberg
         -- Add Adler32 and CRC32 checksum algorithms
         -- Add Base64-URL de-/encoding and some strict variants
         -- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock
         -- Add Camellia block cipher
         -- Add ChaCha (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth)
         -- Add constant-time mem-compare mem_neq()
         -- Add DER GeneralizedTime de-/encoding
         -- Add DSA and ECC key generation FIPS-186-4 compliance
         -- Add HKDF, thanks to RyanC (especially for also providing documentation :-) )
         -- Add OCBv3
         -- Add PKCS#1 v1.5 mode of SSL3.0
         -- Add PKCS#1 testvectors from RSA
         -- Add PKCS#8 & X.509 import for RSA keys
         -- Add stream cipher API
         -- Add SHA3 & SHAKE
         -- Add SHA512/256 and SHA512/224
         -- Add Triple-DES 2-key mode, thanks to Paul Howarth
         -- Brought back Diffie-Hellman

diffstat:

 security/libtomcrypt/Makefile                                     |  19 +-
 security/libtomcrypt/PLIST                                        |   6 +-
 security/libtomcrypt/distinfo                                     |  16 +-
 security/libtomcrypt/patches/patch-aa                             |  39 ----
 security/libtomcrypt/patches/patch-ab                             |  97 +--------
 security/libtomcrypt/patches/patch-ac                             |  25 --
 security/libtomcrypt/patches/patch-src_headers_tomcrypt__macros.h |  25 --
 security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c |  33 ---
 8 files changed, 30 insertions(+), 230 deletions(-)

diffs (truncated from 320 to 300 lines):

diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/Makefile
--- a/security/libtomcrypt/Makefile     Wed Jul 10 15:15:31 2019 +0000
+++ b/security/libtomcrypt/Makefile     Wed Jul 10 15:15:36 2019 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.7 2017/05/16 21:55:50 snj Exp $
+# $NetBSD: Makefile,v 1.7.20.1 2019/07/10 15:15:36 bsiegert Exp $
 
-DISTNAME=      crypt-1.17
+DISTNAME=      crypt-1.18.2
 PKGNAME=       libtom${DISTNAME}
-PKGREVISION=   3
 CATEGORIES=    security
-MASTER_SITES=  http://libtom.org/files/
-EXTRACT_SUFX=  .tar.bz2
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=libtom/}
+GITHUB_RELEASE=        v${PKGVERSION_NOREV}
+EXTRACT_SUFX=  .tar.xz
 
 MAINTAINER=    agc%NetBSD.org@localhost
 HOMEPAGE=      https://github.com/libtom/libtomcrypt
@@ -16,11 +16,12 @@
 USE_LIBTOOL=   yes
 USE_TOOLS+=    gmake
 MAKE_FILE=     makefile.shared
-MAKE_ENV+=     CFLAGS_OPTS="-DUSE_LTM -DLTM_DESC"
-BUILD_TARGET=  default
 
-AUTO_MKDIRS=   yes
+# This disables funrolling the loops.
+MAKE_FLAGS+=   IGNORE_SPEED=1
+MAKE_FLAGS+=   EXTRALIBS="-ltommath"
+
+CPPFLAGS+=     -DUSE_LTM -DLTM_DESC
 
 .include "../../math/ltm/buildlink3.mk"
-
 .include "../../mk/bsd.pkg.mk"
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/PLIST
--- a/security/libtomcrypt/PLIST        Wed Jul 10 15:15:31 2019 +0000
+++ b/security/libtomcrypt/PLIST        Wed Jul 10 15:15:36 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2011/03/10 10:02:34 drochner Exp $
+@comment $NetBSD: PLIST,v 1.2.70.1 2019/07/10 15:15:36 bsiegert Exp $
 include/tomcrypt.h
 include/tomcrypt_argchk.h
 include/tomcrypt_cfg.h
@@ -12,7 +12,5 @@
 include/tomcrypt_pk.h
 include/tomcrypt_pkcs.h
 include/tomcrypt_prng.h
-include/tomcrypt_test.h
 lib/libtomcrypt.la
-lib/libtomcrypt_prof.la
-share/doc/libtomcrypt/crypt.pdf
+lib/pkgconfig/libtomcrypt.pc
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/distinfo
--- a/security/libtomcrypt/distinfo     Wed Jul 10 15:15:31 2019 +0000
+++ b/security/libtomcrypt/distinfo     Wed Jul 10 15:15:36 2019 +0000
@@ -1,11 +1,7 @@
-$NetBSD: distinfo,v 1.7 2017/07/15 17:23:03 wiz Exp $
+$NetBSD: distinfo,v 1.7.18.1 2019/07/10 15:15:36 bsiegert Exp $
 
-SHA1 (crypt-1.17.tar.bz2) = 9c746822c84e4276e432b64964f94d1d5ddd13ad
-RMD160 (crypt-1.17.tar.bz2) = 742d72d82fea2e6a9865d8c682c10cbaba69ea2f
-SHA512 (crypt-1.17.tar.bz2) = 9335df5ae0a2c8e33e8f03ced0cfb0a8d1ac4bccd007b74818228c3b8b232446b4425356f304a08320b75542a537a46b305b92c3011dee76dfd636497bf57af2
-Size (crypt-1.17.tar.bz2) = 1599215 bytes
-SHA1 (patch-aa) = a2385cf0543a19b1555d4370a10c012c5141b48a
-SHA1 (patch-ab) = 9ccfd1f43607c4b781f31f2ddd53500db5c94efd
-SHA1 (patch-ac) = f3beb2d6ffc2db483891b61d1fe53db38434fe38
-SHA1 (patch-src_headers_tomcrypt__macros.h) = 4aa1e0773a11c32fca83e7de82e12d44fdbb8202
-SHA1 (patch-src_pk_rsa_rsa__verify__hash.c) = 0bc2467fa3fc0a372baafbfea4c7b328422f8adb
+SHA1 (crypt-1.18.2.tar.xz) = 55bd8c2015f39bba73aca13b5e4e37f44a292b3f
+RMD160 (crypt-1.18.2.tar.xz) = 484fa6695e84448270d45851123249276d8add8d
+SHA512 (crypt-1.18.2.tar.xz) = f6117a12a42b07f8de4a8aedbccf6ff4ee94b4b81cb7263af99627c32eae646ca8ead7d3063737918db4aa118673001fcf2cfa8e4ca8b528fb00045fda7cc893
+Size (crypt-1.18.2.tar.xz) = 2638064 bytes
+SHA1 (patch-ab) = 8c3750217ec90663a90f2b871e8eb8a940fe2fb0
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/patches/patch-aa
--- a/security/libtomcrypt/patches/patch-aa     Wed Jul 10 15:15:31 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,39 +0,0 @@
-$NetBSD: patch-aa,v 1.1.1.1 2010/11/27 06:11:57 agc Exp $
-
-Use pkgsrc defs to install things
-
-Install the documentation
-
---- makefile.unix      2010/11/24 08:46:20     1.1
-+++ makefile.unix      2010/11/24 08:53:23
-@@ -29,9 +29,9 @@
- #LIBPATH-The directory for libtomcrypt to be installed to.
- #INCPATH-The directory to install the header files for libtomcrypt.
- #DATAPATH-The directory to install the pdf docs.
--LIBPATH=/usr/local/lib
--INCPATH=/usr/local/include
--DATAPATH=/usr/local/share/doc/libtomcrypt/pdf
-+LIBPATH=${PREFIX}/lib
-+INCPATH=${PREFIX}/include
-+DATAPATH=${PREFIX}/share/doc/libtomcrypt/
- 
- #Who do we install as?
- USER=root
-@@ -226,11 +226,12 @@
- #as root in order to have a high enough permission to write to the correct
- #directories and to set the owner and group to root.
- install: library
--      install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(LIBPATH)
--      install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(INCPATH)
--      install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(DATAPATH)
--      install -g $(GROUP) -o $(USER) $(LIBNAME) $(DESTDIR)$(LIBPATH)
--      install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_LIB_DIR} $(DESTDIR)$(LIBPATH)
-+      ${BSD_INSTALL_DATA_DIR} $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_DATA_DIR} $(DESTDIR)$(DATAPATH)
-+      ${BSD_INSTALL_LIB} $(LIBNAME) $(DESTDIR)$(LIBPATH)
-+      ${BSD_INSTALL_DATA} $(HEADERS) $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_DATA} doc/crypt.pdf $(DESTDIR)$(DATAPATH)
- 
- install_test: testprof/$(LIBTEST)
-       install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(LIBPATH)
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/patches/patch-ab
--- a/security/libtomcrypt/patches/patch-ab     Wed Jul 10 15:15:31 2019 +0000
+++ b/security/libtomcrypt/patches/patch-ab     Wed Jul 10 15:15:36 2019 +0000
@@ -1,90 +1,17 @@
-$NetBSD: patch-ab,v 1.3 2017/07/15 17:23:04 wiz Exp $
+$NetBSD: patch-ab,v 1.3.18.1 2019/07/10 15:15:36 bsiegert Exp $
 
---- makefile.shared.orig       2007-05-12 14:46:25.000000000 +0000
+Use pkgsrc install command.
+
+--- makefile.shared.orig       2018-07-01 20:49:01.000000000 +0000
 +++ makefile.shared
-@@ -9,7 +9,7 @@
- VERSION=0:117
- 
- # Compiler and Linker Names
--CC=libtool --mode=compile --tag=CC gcc 
-+#CC=libtool --mode=compile --tag=CC gcc 
- 
- # ranlib tools
- ifndef RANLIB
-@@ -17,7 +17,7 @@ ifndef RANLIB
- endif
- 
- # Compilation flags. Note the += does not write over the user's CFLAGS!
--CFLAGS += -c -I./src/headers/ -Wall -Wsign-compare -W -Wshadow -DLTC_SOURCE
-+CFLAGS += -c -I./src/headers/ -Wall -Wsign-compare -W -Wshadow -DLTC_SOURCE ${CFLAGS_OPTS}
- 
- # additional warnings (newer GCC 3.4 and higher)
- ifdef GCC_34
-@@ -75,13 +75,13 @@ ifndef DESTDIR
-    DESTDIR=
- endif
- ifndef LIBPATH
--   LIBPATH=/usr/lib
-+   LIBPATH=${PREFIX}/lib
- endif
- ifndef INCPATH
--   INCPATH=/usr/include
-+   INCPATH=${PREFIX}/include
- endif
- ifndef DATAPATH
--   DATAPATH=/usr/share/doc/libtomcrypt/pdf
-+   DATAPATH=${PREFIX}/share/doc/libtomcrypt/
- endif
- 
- #Who do we install as?
-@@ -230,33 +230,38 @@ TIMINGS=demos/timing.o
- default:library
+@@ -64,8 +64,8 @@ $(foreach demo, $(strip $(DEMOS)), $(eva
  
- #ciphers come in two flavours... enc+dec and enc 
--src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
--      $(CC) $(CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.o
-+src/ciphers/aes/aes_enc.lo: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
-+      ${LIBTOOL} --mode=compile $(CC) $(CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.lo
- 
- #These are the rules to make certain object files.
--src/ciphers/aes/aes.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
--src/ciphers/twofish/twofish.o: src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c
--src/hashes/whirl/whirl.o: src/hashes/whirl/whirl.c src/hashes/whirl/whirltab.c
--src/hashes/sha2/sha512.o: src/hashes/sha2/sha512.c src/hashes/sha2/sha384.c
--src/hashes/sha2/sha256.o: src/hashes/sha2/sha256.c src/hashes/sha2/sha224.c
-+src/ciphers/aes/aes.lo: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
-+src/ciphers/twofish/twofish.lo: src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c
-+src/hashes/whirl/whirl.lo: src/hashes/whirl/whirl.c src/hashes/whirl/whirltab.c
-+src/hashes/sha2/sha512.lo: src/hashes/sha2/sha512.c src/hashes/sha2/sha384.c
-+src/hashes/sha2/sha256.lo: src/hashes/sha2/sha256.c src/hashes/sha2/sha224.c
- 
- #This rule makes the libtomcrypt library.
- library: $(LIBNAME)
+ install: $(call print-help,install,Installs the library + headers + pkg-config file) .common_install
+       sed -e 's,^prefix=.*,prefix=$(PREFIX),' -e 's,^Version:.*,Version: $(VERSION_PC),' libtomcrypt.pc.in > libtomcrypt.pc
+-      install -p -d $(DESTDIR)$(LIBPATH)/pkgconfig
+-      install -p -m 644 libtomcrypt.pc $(DESTDIR)$(LIBPATH)/pkgconfig/
++      $(BSD_INSTALL_DATA_DIR) $(DESTDIR)$(LIBPATH)/pkgconfig
++      $(BSD_INSTALL_DATA) libtomcrypt.pc $(DESTDIR)$(LIBPATH)/pkgconfig/
  
-+.SUFFIXES: .lo
-+.c.lo:
-+      ${LIBTOOL} --mode=compile ${CC} -c ${CFLAGS} $< -o $@
-+
- testprof/$(LIBTEST):
-       cd testprof ; CFLAGS="$(CFLAGS)" GROUP=$(GROUP) USER=$(USER) VERSION=$(VERSION) LIBPATH=$(LIBPATH) LIBTEST=$(LIBTEST) LIBTEST_S=$(LIBTEST_S) make -f makefile.shared
- 
- objs: $(OBJECTS)
- 
--$(LIBNAME): $(OBJECTS) testprof/$(LIBTEST)
--      libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION)
-+$(LIBNAME): $(OBJECTS:.o=.lo) testprof/$(LIBTEST)
-+      libtool --silent --mode=link ${CC} $(CFLAGS) $(LDFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION)
+ install_bins: $(call print-help,install_bins,Installs the useful demos ($(USEFUL_DEMOS))) .common_install_bins
  
- install: $(LIBNAME)
--      install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(LIBPATH)
-+      ${BSD_INSTALL_LIB_DIR} $(DESTDIR)$(LIBPATH)
-       cd testprof ; CFLAGS="$(CFLAGS)" GROUP=$(GROUP) USER=$(USER) VERSION=$(VERSION) LIBPATH=$(LIBPATH) LIBTEST=$(LIBTEST) LIBTEST_S=$(LIBTEST_S) DESTDIR=$(DESTDIR) make -f makefile.shared install
-       libtool --silent --mode=install install -c libtomcrypt.la $(DESTDIR)$(LIBPATH)/libtomcrypt.la
--      install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(INCPATH)
--      install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_DATA_DIR} $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_DATA} $(HEADERS) $(DESTDIR)$(INCPATH)
-+      ${BSD_INSTALL_DATA} doc/crypt.pdf $(DESTDIR)$(DATAPATH)
- 
- #This rule makes the hash program included with libtomcrypt
- hashsum: library
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/patches/patch-ac
--- a/security/libtomcrypt/patches/patch-ac     Wed Jul 10 15:15:31 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,25 +0,0 @@
-$NetBSD: patch-ac,v 1.2 2017/07/15 17:23:04 wiz Exp $
-
---- testprof/makefile.shared.orig      2007-05-12 14:46:25.000000000 +0000
-+++ testprof/makefile.shared
-@@ -1,4 +1,4 @@
--CC=libtool --mode=compile gcc
-+#CC=libtool --mode=compile gcc
- 
- CFLAGS += -I../src/headers -I./ -Wall -W
- 
-@@ -17,8 +17,12 @@ endif
- 
- default: $(LIBTEST)
- 
--$(LIBTEST): $(OBJECTS)
--      libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" |  xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION)
-+.SUFFIXES: .lo
-+.c.lo:
-+      ${LIBTOOL} --mode=compile ${CC} -c ${CFLAGS} $< -o $@
-+
-+$(LIBTEST): $(OBJECTS:.o=.lo)
-+      libtool --silent --mode=link ${CC} $(CFLAGS) $(LDFLAGS) `find . -type f | grep "[.]lo" |  xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION)
- 
- install: $(LIBTEST)
-       libtool --silent --mode=install install -c $(LIBTEST) $(DESTDIR)$(LIBPATH)/$(LIBTEST)
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/patches/patch-src_headers_tomcrypt__macros.h
--- a/security/libtomcrypt/patches/patch-src_headers_tomcrypt__macros.h Wed Jul 10 15:15:31 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,25 +0,0 @@
-$NetBSD: patch-src_headers_tomcrypt__macros.h,v 1.1 2015/01/25 13:13:51 joerg Exp $
-
-clang doesn't allow non-constant arguments for "I" constraints.
-Just use the C version, it will get optimised to rotate anyway.
-
---- src/headers/tomcrypt_macros.h.orig 2015-01-24 16:35:36.000000000 +0000
-+++ src/headers/tomcrypt_macros.h
-@@ -242,7 +242,7 @@ asm __volatile__ (             \
- #define RORc(x,n) _lrotr(x,n)
- #define ROLc(x,n) _lrotl(x,n)
- 
--#elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM)
-+#elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) && !defined(__clang__)
- 
- static inline unsigned ROL(unsigned word, int i)
- {
-@@ -341,7 +341,7 @@ static inline unsigned RORc(unsigned wor
- 
- 
- /* 64-bit Rotates */
--#if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
-+#if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM) && !defined(__clang__)
- 
- static inline unsigned long ROL64(unsigned long word, int i)
- {
diff -r 50ec9ae27435 -r 1542676d701c security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c
--- a/security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c Wed Jul 10 15:15:31 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-$NetBSD: patch-src_pk_rsa_rsa__verify__hash.c,v 1.1 2017/05/16 21:55:50 snj Exp $
-
-Fix for CVE-2016-6129.  
-
-Source: https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd09
-
---- src/pk/rsa/rsa_verify_hash.c.orig  2007-05-12 07:46:25.000000000 -0700
-+++ src/pk/rsa/rsa_verify_hash.c       2017-05-16 13:42:46.762259864 -0700
-@@ -96,7 +96,7 @@ int rsa_verify_hash_ex(const unsigned ch
-   } else {
-     /* LTC_PKCS #1 v1.5 decode it */
-     unsigned char *out;
--    unsigned long outlen, loid[16];



Home | Main Index | Thread Index | Old Index