[pkgsrc/trunk]: pkgsrc/security/tlswrapper Update to 20220901. From the chang...

[schmonz <schmonz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f5c9cb3f2f25
branches:  trunk
changeset: 385222:f5c9cb3f2f25
user:      schmonz <schmonz%pkgsrc.org@localhost>
date:      Sun Sep 11 19:33:05 2022 +0000

description:
Update to 20220901. From the changelog:

- fixed randombytes(), uses getentropy() and /dev/urandom where
  getentropy() does not exist

diffstat:

 security/tlswrapper/Makefile                                 |   9 +-
 security/tlswrapper/distinfo                                 |  16 +-
 security/tlswrapper/patches/patch-Makefile                   |  32 +----
 security/tlswrapper/patches/patch-makefilegen.sh             |  78 ------------
 security/tlswrapper/patches/patch-randombytes.c              |  44 ------
 security/tlswrapper/patches/patch-randombytes.c-01getentropy |  38 -----
 security/tlswrapper/patches/patch-randombytes.c-02devurandom |  51 -------
 security/tlswrapper/patches/patch-randombytes.h-01getentropy |  14 --
 security/tlswrapper/patches/patch-randombytes.h-02devurandom |  15 --
 9 files changed, 12 insertions(+), 285 deletions(-)

diffs (truncated from 361 to 300 lines):

diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/Makefile
--- a/security/tlswrapper/Makefile      Sun Sep 11 19:18:56 2022 +0000
+++ b/security/tlswrapper/Makefile      Sun Sep 11 19:33:05 2022 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.5 2022/08/30 17:55:31 schmonz Exp $
+# $NetBSD: Makefile,v 1.6 2022/09/11 19:33:05 schmonz Exp $
 
 DISTNAME=              ${GITHUB_PROJECT}
 PKGNAME=               ${GITHUB_PROJECT}-${GITHUB_TAG}
-PKGREVISION=           1
 CATEGORIES=            security net
 MASTER_SITES=          ${MASTER_SITE_GITHUB:=janmojzis/}
 GITHUB_PROJECT=                tlswrapper
-GITHUB_TAG=            20220814
+GITHUB_TAG=            20220901
 
 MAINTAINER=            schmonz%NetBSD.org@localhost
 HOMEPAGE=              https://github.com/janmojzis/tlswrapper/
@@ -23,10 +22,6 @@
 
 INSTALLATION_DIRS=     bin man/man1 share/examples/${PKGBASE}
 
-post-extract:
-       cd ${WRKSRC};                                                   \
-       ${MV} -f randombytes.h randombytes.h-01getentropy
-
 do-install:
        cd ${WRKSRC};                                                   \
        ${INSTALL_DATA} examples.md \
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/distinfo
--- a/security/tlswrapper/distinfo      Sun Sep 11 19:18:56 2022 +0000
+++ b/security/tlswrapper/distinfo      Sun Sep 11 19:33:05 2022 +0000
@@ -1,12 +1,6 @@
-$NetBSD: distinfo,v 1.5 2022/08/30 17:55:31 schmonz Exp $
+$NetBSD: distinfo,v 1.6 2022/09/11 19:33:05 schmonz Exp $
 
-BLAKE2s (tlswrapper-20220814.tar.gz) = 5ce956397f0639bd400643b74d809f2e074c60511f02dd376dbabafbb66f561f
-SHA512 (tlswrapper-20220814.tar.gz) = f9c0e1b368a634390b6e2fe1092084ebecbe5c4f3892a4ef1dfaf40fce7058b60bfd513ac94693c1eb82cd859b52c84935520770cbf48b195d408bd0e8c4b58e
-Size (tlswrapper-20220814.tar.gz) = 248914 bytes
-SHA1 (patch-Makefile) = 8c531e8b0a42b43b3555e5b95caeec53d3326ef5
-SHA1 (patch-makefilegen.sh) = dfa45f414f0f22e58a39d7bf4a0c32b104876f23
-SHA1 (patch-randombytes.c) = b6d945c69bf67a2040028b3d654582dda4ac7965
-SHA1 (patch-randombytes.c-01getentropy) = b3518de0561393ef6b0f3c820a7142c233689d65
-SHA1 (patch-randombytes.c-02devurandom) = ec8fcff0d126ff794958e29716cf2b2312ac604d
-SHA1 (patch-randombytes.h-01getentropy) = ad16c4556bf3b32f82314b6dd93eb6bf3e65a67a
-SHA1 (patch-randombytes.h-02devurandom) = 96fd1ab08f0e999e718962466009784e1137cfc1
+BLAKE2s (tlswrapper-20220901.tar.gz) = bdd737eb0ec0cb31550eea387a72e4317b3ce345170022d6c51536cb7be06aee
+SHA512 (tlswrapper-20220901.tar.gz) = d4ed61270c4ce5d5660bc7ac2892f9c1610b88ff7a8aff27834159e858ef10a6ea2f568c53d80a0dcbc43a0d98bd9212b66a0a003caf3ccc5e31d9504530b74d
+Size (tlswrapper-20220901.tar.gz) = 249120 bytes
+SHA1 (patch-Makefile) = 06d4b97ac026693def83bbab09249737a152ac97
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/patches/patch-Makefile
--- a/security/tlswrapper/patches/patch-Makefile        Sun Sep 11 19:18:56 2022 +0000
+++ b/security/tlswrapper/patches/patch-Makefile        Sun Sep 11 19:33:05 2022 +0000
@@ -1,38 +1,16 @@
-$NetBSD: patch-Makefile,v 1.2 2022/08/30 17:55:31 schmonz Exp $
+$NetBSD: patch-Makefile,v 1.3 2022/09/11 19:33:05 schmonz Exp $
 
 Do not consider building a local copy of BearSSL.
-Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
-where getentropy() is not present.
 
---- Makefile.orig      2022-08-14 12:18:16.000000000 +0000
+--- Makefile.orig      2022-08-30 13:33:51.000000000 +0000
 +++ Makefile
-@@ -10,6 +10,13 @@ BINARIES+=tlswrapper-test
- 
- all: bearssl $(BINARIES) tlswrapper-tcp tlswrapper-smtp
- 
-+randombytes.h:
-+      (grep -v "randombytes.h" "randombytes.c-01getentropy"; echo "int main() {}";) > try.c
-+      [ ! -f randombytes.h ] && $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o try try.c && cat randombytes.h-01getentropy > randombytes.h || :
-+      (grep -v "randombytes.h" "randombytes.c-02devurandom"; echo "int main() {}";) > try.c
-+      [ ! -f randombytes.h ] && $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o try try.c && cat randombytes.h-02devurandom > randombytes.h || :
-+      rm try.c try
-+
- alloc.o: alloc.c log.h alloc.h
-       $(CC) $(CFLAGS) $(CPPFLAGS) -c alloc.c
- 
-@@ -267,9 +274,6 @@ tlswrapper-test: tlswrapper-test.o $(OBJ
+@@ -267,9 +267,6 @@ tlswrapper-test: tlswrapper-test.o $(OBJ
  
  
  bearssl:
 -      echo 'int main(){}' > try.c
--      $(CC) $(CFLAGS) $(CPPFLAGS) -o try.o $(LDFLAGS) try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )
--      rm -f try.o try.c
+-      $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o try try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )
+-      rm -f try.c try
        mkdir -p bearssl/inc
  
  tlswrapper-tcp: tlswrapper
-@@ -296,4 +300,5 @@ test: bearssl $(BINARIES) tlswrapper-tcp
- 
- clean:
-       rm -f *.o *.out $(BINARIES) tlswrapper-tcp tlswrapper-smtp
-+      rm -f randombytes.h
- 
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/patches/patch-makefilegen.sh
--- a/security/tlswrapper/patches/patch-makefilegen.sh  Sun Sep 11 19:18:56 2022 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,78 +0,0 @@
-$NetBSD: patch-makefilegen.sh,v 1.1 2022/08/30 17:55:31 schmonz Exp $
-
-Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
-where getentropy() is not present.
-
---- makefilegen.sh.orig        2022-08-14 12:18:16.000000000 +0000
-+++ makefilegen.sh
-@@ -9,6 +9,7 @@
-     echo "DESTDIR?="
-     echo 
- 
-+    # binaries
-     i=0
-     for file in `ls *.c`; do
-       if grep '^int main(' "${file}" >/dev/null; then
-@@ -23,18 +24,40 @@
-     done
-     echo
- 
-+    # portable
-+    headers=`ls *.c-* | sed 's/\.c-.*/.h/' | sort -u`
-+
-     echo "all: bearssl \$(BINARIES) tlswrapper-tcp tlswrapper-smtp"
-     echo 
- 
-+    for hfile in "${headers}"; do
-+      echo "${hfile}:"
-+      ls "${hfile}-"* \
-+      | sort \
-+      | while read hhfile
-+      do
-+        ccfile=`echo ${hhfile} | sed 's/\.h-/.c-/'`
-+        echo "        (grep -v \"${hfile}\" \"${ccfile}\"; echo \"int main() {}\";) > try.c"
-+        echo "        [ ! -f ${hfile} ] && \$(CC) \$(CFLAGS) \$(CPPFLAGS) \$(LDFLAGS) -o try try.c && cat ${hhfile} > ${hfile} || :"
-+      done
-+      echo "  rm try.c try"
-+      touch "${hfile}"
-+    done
-+    echo
-+
-+
-     for file in `ls *.c`; do
-       (
--        #gcc -I/usr/include/bearssl -MM "${file}"
-         gcc -MM "${file}"
-         echo "        \$(CC) \$(CFLAGS) \$(CPPFLAGS) -c ${file}"
-         echo
-       )
-     done
- 
-+    for hfile in "${headers}"; do
-+      rm -f "${hfile}"
-+    done
-+
-     i=0
-     for file in `ls *.c`; do
-       if ! grep '^int main(' "${file}" >/dev/null; then
-@@ -61,8 +84,8 @@
- 
-     echo "bearssl:"
-     echo "    echo 'int main(){}' > try.c"
--    echo "    \$(CC) \$(CFLAGS) \$(CPPFLAGS) -o try.o \$(LDFLAGS) try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )"
--    echo "    rm -f try.o try.c"
-+    echo "    \$(CC) \$(CFLAGS) \$(CPPFLAGS) \$(LDFLAGS) -o try try.c || (sh bearssl.sh; cd bearssl; make; rm build/*.so; )"
-+    echo "    rm -f try.c try"
-     echo "    mkdir -p bearssl/inc"
-     echo
- 
-@@ -94,6 +117,9 @@
- 
-     echo "clean:"
-     echo "    rm -f *.o *.out \$(BINARIES) tlswrapper-tcp tlswrapper-smtp"
-+    for hfile in "${headers}"; do
-+      echo "  rm -f ${hfile}"
-+    done
-     echo 
- 
-   ) > Makefile
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/patches/patch-randombytes.c
--- a/security/tlswrapper/patches/patch-randombytes.c   Sun Sep 11 19:18:56 2022 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,44 +0,0 @@
-$NetBSD: patch-randombytes.c,v 1.1 2022/08/30 17:55:31 schmonz Exp $
-
-Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
-where getentropy() is not present.
-
---- randombytes.c.orig 2022-08-14 12:18:16.000000000 +0000
-+++ randombytes.c
-@@ -1,30 +1,9 @@
--/*
--version 20220222
--*/
--
--#include <unistd.h>
--#ifdef __APPLE__
--#include <sys/random.h>
--#endif
- #include "randombytes.h"
- 
--void randombytes(void *xv, long long xlen) {
--
--    long long i;
--    unsigned char *x = (unsigned char *) xv;
--
--    while (xlen > 0) {
--        if (xlen < 256)
--            i = xlen;
--        else
--            i = 256;
-+#ifdef randombytes_getentropy
-+#include "randombytes.c-01getentropy"
-+#endif
- 
--        if (getentropy(x, i) == -1) {
--            sleep(1);
--            continue;
--        }
--        x += i;
--        xlen -= i;
--    }
--    __asm__ __volatile__("" : : "r"(xv) : "memory");
--}
-+#ifdef randombytes_devurandom
-+#include "randombytes.c-02devurandom"
-+#endif
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/patches/patch-randombytes.c-01getentropy
--- a/security/tlswrapper/patches/patch-randombytes.c-01getentropy      Sun Sep 11 19:18:56 2022 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,38 +0,0 @@
-$NetBSD: patch-randombytes.c-01getentropy,v 1.1 2022/08/30 17:55:31 schmonz Exp $
-
-Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
-where getentropy() is not present.
-
---- randombytes.c-01getentropy.orig    2022-08-30 17:47:01.000000000 +0000
-+++ randombytes.c-01getentropy
-@@ -0,0 +1,30 @@
-+/*
-+version 20220222
-+*/
-+
-+#include <unistd.h>
-+#ifdef __APPLE__
-+#include <sys/random.h>
-+#endif
-+#include "randombytes.h"
-+
-+void randombytes(void *xv, long long xlen) {
-+
-+    long long i;
-+    unsigned char *x = (unsigned char *) xv;
-+
-+    while (xlen > 0) {
-+        if (xlen < 256)
-+            i = xlen;
-+        else
-+            i = 256;
-+
-+        if (getentropy(x, i) == -1) {
-+            sleep(1);
-+            continue;
-+        }
-+        x += i;
-+        xlen -= i;
-+    }
-+    __asm__ __volatile__("" : : "r"(xv) : "memory");
-+}
diff -r 10bd88aa14e3 -r f5c9cb3f2f25 security/tlswrapper/patches/patch-randombytes.c-02devurandom
--- a/security/tlswrapper/patches/patch-randombytes.c-02devurandom      Sun Sep 11 19:18:56 2022 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,51 +0,0 @@
-$NetBSD: patch-randombytes.c-02devurandom,v 1.1 2022/08/30 17:55:31 schmonz Exp $
-
-Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems
-where getentropy() is not present.
-
---- randombytes.c-02devurandom.orig    2022-08-30 17:47:01.000000000 +0000
-+++ randombytes.c-02devurandom
-@@ -0,0 +1,43 @@
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include "randombytes.h"
-+
-+static int fd = -1;
-+
-+void randombytes(void *xv, long long xlen) {
-+
-+    long long i;
-+    unsigned char *x = xv;
-+
-+    if (fd == -1) {
-+        for (;;) {
-+#ifdef O_CLOEXEC
-+            fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
-+#else
-+            fd = open("/dev/urandom", O_RDONLY);