CVS commit: [pkgsrc-2023Q4] pkgsrc/security/libfido2

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2023Q4] pkgsrc/security/libfido2
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Fri, 1 Mar 2024 17:29:55 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Mar  1 17:29:55 UTC 2024

Modified Files:
        pkgsrc/security/libfido2 [pkgsrc-2023Q4]: Makefile distinfo
        pkgsrc/security/libfido2/patches [pkgsrc-2023Q4]: patch-CMakeLists.txt

Log Message:
Pullup ticket #6838 - requested by riastradh
security/libfido2: NetBSD build fix

security/libfido2: Fix NetBSD support (PR 57919) by not patching
away -Werror in a critical place where the build system relies on
it to detect whether ioctl argument is int or long.  When the build
system infers the wrong answer, it builds a libfido2 that doesn't
work on NetBSD because it sends the wrong (sign-extended) ioctl
commands to the kernel for USB stuff.

Revisions pulled up:
- security/libfido2/Makefile                                    1.14
- security/libfido2/distinfo                                    1.11
- security/libfido2/patches/patch-CMakeLists.txt                1.2

---
   Module Name:    pkgsrc
   Committed By:   riastradh
   Date:           Sat Feb 10 03:10:53 UTC 2024

   Modified Files:
           pkgsrc/security/libfido2: Makefile distinfo
           pkgsrc/security/libfido2/patches: patch-CMakeLists.txt

   Log Message:
   security/libfido2: Fix NetBSD build, PR pkg/57919.

   Patching away -Werror may be reasonable in general, but in this case
   it breaks libfido2's detection of whether ioctl takes int or unsigned
   long on NetBSD -- without -Werror, it wrongly concludes int, and
   proceeds to build a libfido2 that casts every ioctl command to int
   first, which leads to sign extension, which leads to the wrong ioctls
   being passed into the kernel, which leads libfido2 to fail in any
   attempts to open fido devices on NetBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.2.1 pkgsrc/security/libfido2/Makefile
cvs rdiff -u -r1.10 -r1.10.2.1 pkgsrc/security/libfido2/distinfo
cvs rdiff -u -r1.1 -r1.1.4.1 \
    pkgsrc/security/libfido2/patches/patch-CMakeLists.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/libfido2/Makefile
diff -u pkgsrc/security/libfido2/Makefile:1.13 pkgsrc/security/libfido2/Makefile:1.13.2.1
--- pkgsrc/security/libfido2/Makefile:1.13      Thu Dec  7 12:35:46 2023
+++ pkgsrc/security/libfido2/Makefile   Fri Mar  1 17:29:55 2024
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.13 2023/12/07 12:35:46 adam Exp $
+# $NetBSD: Makefile,v 1.13.2.1 2024/03/01 17:29:55 bsiegert Exp $
 
 DISTNAME=      libfido2-1.14.0
+PKGREVISION=   1
 CATEGORIES=    security devel
 MASTER_SITES=  https://developers.yubico.com/libfido2/Releases/
 

Index: pkgsrc/security/libfido2/distinfo
diff -u pkgsrc/security/libfido2/distinfo:1.10 pkgsrc/security/libfido2/distinfo:1.10.2.1
--- pkgsrc/security/libfido2/distinfo:1.10      Thu Dec  7 12:35:46 2023
+++ pkgsrc/security/libfido2/distinfo   Fri Mar  1 17:29:55 2024
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.10 2023/12/07 12:35:46 adam Exp $
+$NetBSD: distinfo,v 1.10.2.1 2024/03/01 17:29:55 bsiegert Exp $
 
 BLAKE2s (libfido2-1.14.0.tar.gz) = 805620349129b744d12a5103399ea70c1832b49c66a1c82b4ef89d2da9d857a3
 SHA512 (libfido2-1.14.0.tar.gz) = 83454b0db0cc8546f377d0dd59f95785fe6b73cf28e499a6182a6ece4b7bce17c3e750155262adf71f339ec0b3b6c3d3d64a07b01c8428b4b91de97ae768f0e6
 Size (libfido2-1.14.0.tar.gz) = 660289 bytes
-SHA1 (patch-CMakeLists.txt) = 7b1f8653d6d6cdd542e866754fd6eaf556277ab3
+SHA1 (patch-CMakeLists.txt) = b3bbd4ecb0cc4eac5d4b43cab2176418e1b3df03

Index: pkgsrc/security/libfido2/patches/patch-CMakeLists.txt
diff -u pkgsrc/security/libfido2/patches/patch-CMakeLists.txt:1.1 pkgsrc/security/libfido2/patches/patch-CMakeLists.txt:1.1.4.1
--- pkgsrc/security/libfido2/patches/patch-CMakeLists.txt:1.1   Fri Sep  1 09:56:56 2023
+++ pkgsrc/security/libfido2/patches/patch-CMakeLists.txt       Fri Mar  1 17:29:55 2024
@@ -1,4 +1,4 @@
-$NetBSD: patch-CMakeLists.txt,v 1.1 2023/09/01 09:56:56 nia Exp $
+$NetBSD: patch-CMakeLists.txt,v 1.1.4.1 2024/03/01 17:29:55 bsiegert Exp $
 
 Remove overzealous compiler options and let pkgsrc define the
 stack protection to use.
@@ -13,15 +13,6 @@ stack protection to use.
  
  check_include_files(cbor.h HAVE_CBOR_H)
  check_include_files(endian.h HAVE_ENDIAN_H)
-@@ -123,7 +122,7 @@ set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC
- try_compile(HAVE_POSIX_IOCTL
-     "${CMAKE_CURRENT_BINARY_DIR}/posix_ioctl_check.o"
-     "${CMAKE_CURRENT_SOURCE_DIR}/openbsd-compat/posix_ioctl_check.c"
--    COMPILE_DEFINITIONS "-Werror -Woverflow -Wsign-conversion")
-+    COMPILE_DEFINITIONS "-Woverflow -Wsign-conversion")
- 
- list(APPEND CHECK_VARIABLES
-       HAVE_ARC4RANDOM_BUF
 @@ -295,7 +294,6 @@ else()
  
        add_compile_options(-Wall)

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/games/chess-tui
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/games/chess-tui
Indexes:

Home | Main Index | Thread Index | Old Index