pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security qca2{, -qt5}{, -gnupg, -ossl}: update to 2.1.0
details: https://anonhg.NetBSD.org/pkgsrc/rev/cc6582f9d5f2
branches: trunk
changeset: 374888:cc6582f9d5f2
user: markd <markd%pkgsrc.org@localhost>
date: Wed Jan 31 09:14:55 2018 +0000
description:
qca2{,-qt5}{,-gnupg,-ossl}: update to 2.1.0
New in 2.1.0
- Ported to Qt5 (Qt4 also supported)
- New building system. CMake instead of qmake
- Added CTR symetric cipher support to qca core
- Added no padding encryption algorithm to qca core
- qcatool2 renamed to qcatool
- fixed crash in qcatool when only options provided on command line without
any commands
- Use plugins installation path as hard-coded runtime plugins search path
- Added new functiion pluginPaths
- Added functions to get runtime QCA version
- Fixed 'no watch file' warnings in FileWatch
- Added EME_PKCS1v15_SSL Encryption Algorithm
- New implementation of SafeTimer to prevent crashes
- Updated certificates for unittests
- RSA Keys are permutable, can encrypt with private and decrypt with public
- Add unloadProvider() function for symmetry with insertProvider()
- Overloaded "makeKey" to derive a password depending on a time factor
- Remove pointer to deinit() routine from QCoreApplication at deinitialization
- Fix a couple of crashes where all plugins might not be available
- Fix operating on keys with unrelated expired subkeys
- Fixed timers in Synchronizer class
- Dropped randomunittest
- Fixed many unittests
- qca-gnupg: internal refactoring
- qca-gnupg: try both gpg and gpg2 to find gnupg executable
- qca-gnupg: fixed some encodings problem
- qca-ossl: no DSA_* dl groups in FIPS specification
- qca-ossl: added missed signatures to CRLContext
- qca-ossl: fixed certs time zone
- qca-nss: fixed KeyLenght for Cipher
- qca-botan: fixed getting result size for ciphers
diffstat:
security/qca2-gnupg/Makefile | 36 +-
security/qca2-gnupg/PLIST | 4 +-
security/qca2-gnupg/distinfo | 6 -
security/qca2-ossl/Makefile | 32 +-
security/qca2-ossl/PLIST | 4 +-
security/qca2-ossl/distinfo | 7 -
security/qca2-ossl/patches/patch-aa | 303 --
security/qca2-qt5-gnupg/DESCR | 17 +
security/qca2-qt5-gnupg/Makefile | 24 +
security/qca2-qt5-gnupg/PLIST | 2 +
security/qca2-qt5-ossl/DESCR | 15 +
security/qca2-qt5-ossl/Makefile | 23 +
security/qca2-qt5-ossl/PLIST | 2 +
security/qca2-qt5/DESCR | 16 +
security/qca2-qt5/Makefile | 23 +
security/qca2-qt5/PLIST | 31 +
security/qca2-qt5/buildlink3.mk | 14 +
security/qca2/Makefile | 32 +-
security/qca2/Makefile.common | 27 +
security/qca2/PLIST | 19 +-
security/qca2/distinfo | 19 +-
security/qca2/patches/patch-CMakeLists.txt | 14 +
security/qca2/patches/patch-aa | 26 -
security/qca2/patches/patch-app.pri | 14 -
security/qca2/patches/patch-configure | 13 -
security/qca2/patches/patch-plugins_qca-ossl_CMakeLists.txt | 15 +
security/qca2/patches/patch-plugins_qca-ossl_libcrypto-compat.c | 417 ++
security/qca2/patches/patch-plugins_qca-ossl_libcrypto-compat.h | 64 +
security/qca2/patches/patch-plugins_qca-ossl_qca-ossl.cpp | 1503 ++++++++++
security/qca2/patches/patch-src_botantools_botan_botan_secmem.h | 13 -
30 files changed, 2275 insertions(+), 460 deletions(-)
diffs (truncated from 2901 to 300 lines):
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-gnupg/Makefile
--- a/security/qca2-gnupg/Makefile Wed Jan 31 07:57:58 2018 +0000
+++ b/security/qca2-gnupg/Makefile Wed Jan 31 09:14:55 2018 +0000
@@ -1,29 +1,25 @@
-# $NetBSD: Makefile,v 1.21 2017/08/29 12:23:25 wiz Exp $
+# $NetBSD: Makefile,v 1.22 2018/01/31 09:14:55 markd Exp $
+
+PKGNAME= qca2-gnupg-${DISTNAME:C/.*-//}
-DISTNAME= qca-gnupg-2.0.0-beta3
-PKGNAME= qca2-gnupg-${DISTNAME:S/-beta/beta/:C/.*-//}
-PKGREVISION= 18
-CATEGORIES= security
-MASTER_SITES= http://delta.affinix.com/download/qca/2.0/plugins/
-EXTRACT_SUFX= .tar.bz2
+COMMENT= Cross-platform crypto API for QT - GnuPG plugin
-MAINTAINER= jfranz%bsdprojects.net@localhost
-HOMEPAGE= http://delta.affinix.com/qca/
-COMMENT= Cross-platform crypto API for QT - GnuPG plugin
-LICENSE= gnu-lgpl-v2.1
+.include "../../security/qca2/Makefile.common"
DEPENDS+= gnupg2-[0-9]*:../../security/gnupg2
-USE_TOOLS+= gmake
-USE_LIBTOOL= yes
-HAS_CONFIGURE= yes
-USE_LANGUAGES= c c++
+BUILD_DIRS= plugins/qca-gnupg
-CONFIGURE_ARGS+= --qtdir=${QTDIR}
-CONFIGURE_ARGS+= --with-qca=${QTDIR}
-CONFIGURE_ARGS+= --plugins-path=${DESTDIR}${QTDIR}/plugins
-#CONFIGURE_ARGS+= --with-openssl-inc=${SSLBASE}/include
-#CONFIGURE_ARGS+= --with-openssl-lib=${SSLBASE}/lib
+CMAKE_ARGS+= -DQT4_BUILD=ON
+CMAKE_ARGS+= -DBUILD_PLUGINS=gnupg
+CMAKE_ARGS+= -DBUILD_TOOLS=OFF
+CMAKE_ARGS+= -DINST_QCA_LIB_NAME=-lqca
+
+SUBST_CLASSES+= libname
+SUBST_STAGE.libname= post-patch
+SUBST_MESSAGE.libname= Use installed lib.
+SUBST_FILES.libname= plugins/qca-gnupg/CMakeLists.txt
+SUBST_SED.libname= -e 's:{QCA_LIB_NAME}:{INST_QCA_LIB_NAME}:'
.include "../../security/qca2/buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-gnupg/PLIST
--- a/security/qca2-gnupg/PLIST Wed Jan 31 07:57:58 2018 +0000
+++ b/security/qca2-gnupg/PLIST Wed Jan 31 09:14:55 2018 +0000
@@ -1,2 +1,2 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2011/10/18 00:46:58 schnoebe Exp $
-qt4/plugins/crypto/libqca-gnupg.la
+@comment $NetBSD: PLIST,v 1.2 2018/01/31 09:14:55 markd Exp $
+qt4/plugins/crypto/libqca-gnupg.so
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-gnupg/distinfo
--- a/security/qca2-gnupg/distinfo Wed Jan 31 07:57:58 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,6 +0,0 @@
-$NetBSD: distinfo,v 1.2 2015/11/04 01:18:06 agc Exp $
-
-SHA1 (qca-gnupg-2.0.0-beta3.tar.bz2) = 77e3874b9ed427e281b23b9bf41ecc95e74f7053
-RMD160 (qca-gnupg-2.0.0-beta3.tar.bz2) = 2531d81179e0b78cc3689c7891b4c6c60d56a422
-SHA512 (qca-gnupg-2.0.0-beta3.tar.bz2) = b9e0591e861a57c10accbdf91ba6ff5f3cd272254bcd1425a44cdce2689cb626fbf9d62f2657724f293f5ca60dfb4bc5aa7ada850b768f6cba6bb388b97bbdc7
-Size (qca-gnupg-2.0.0-beta3.tar.bz2) = 38177 bytes
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-ossl/Makefile
--- a/security/qca2-ossl/Makefile Wed Jan 31 07:57:58 2018 +0000
+++ b/security/qca2-ossl/Makefile Wed Jan 31 09:14:55 2018 +0000
@@ -1,27 +1,23 @@
-# $NetBSD: Makefile,v 1.34 2016/03/29 23:04:01 khorben Exp $
+# $NetBSD: Makefile,v 1.35 2018/01/31 09:14:56 markd Exp $
-DISTNAME= qca-ossl-2.0.0-beta3
-PKGNAME= qca2-ossl-${DISTNAME:S/-beta/beta/:C/.*-//}
-PKGREVISION= 30
-CATEGORIES= security
-MASTER_SITES= http://delta.affinix.com/download/qca/2.0/plugins/
-EXTRACT_SUFX= .tar.bz2
+PKGNAME= qca2-ossl-${DISTNAME:C/.*-//}
-MAINTAINER= pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE= http://delta.affinix.com/qca/
COMMENT= Cross-platform crypto API for QT - OpenSSL plugin
-USE_TOOLS+= gmake
-USE_LIBTOOL= yes
-HAS_CONFIGURE= yes
-USE_LANGUAGES= c c++
+.include "../../security/qca2/Makefile.common"
+
+BUILD_DIRS= plugins/qca-ossl
-CONFIGURE_ARGS+= --qtdir=${QTDIR}
-CONFIGURE_ARGS+= --with-qca=${QTDIR}
-CONFIGURE_ARGS+= --with-openssl-inc=${SSLBASE}/include
-CONFIGURE_ARGS+= --with-openssl-lib=${SSLBASE}/lib
+CMAKE_ARGS+= -DQT4_BUILD=ON
+CMAKE_ARGS+= -DBUILD_PLUGINS=ossl
+CMAKE_ARGS+= -DBUILD_TOOLS=OFF
+CMAKE_ARGS+= -DINST_QCA_LIB_NAME=-lqca
-INSTALL_MAKE_FLAGS+= INSTALL_ROOT=${DESTDIR}
+SUBST_CLASSES+= libname
+SUBST_STAGE.libname= post-patch
+SUBST_MESSAGE.libname= Use installed lib.
+SUBST_FILES.libname= plugins/qca-ossl/CMakeLists.txt
+SUBST_SED.libname= -e 's:{QCA_LIB_NAME}:{INST_QCA_LIB_NAME}:'
.include "../../security/qca2/buildlink3.mk"
.include "../../security/openssl/buildlink3.mk"
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-ossl/PLIST
--- a/security/qca2-ossl/PLIST Wed Jan 31 07:57:58 2018 +0000
+++ b/security/qca2-ossl/PLIST Wed Jan 31 09:14:55 2018 +0000
@@ -1,2 +1,2 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2007/12/20 20:20:17 jdolecek Exp $
-qt4/plugins/crypto/libqca-ossl.la
+@comment $NetBSD: PLIST,v 1.2 2018/01/31 09:14:56 markd Exp $
+qt4/plugins/crypto/libqca-ossl.so
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-ossl/distinfo
--- a/security/qca2-ossl/distinfo Wed Jan 31 07:57:58 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,7 +0,0 @@
-$NetBSD: distinfo,v 1.5 2016/03/29 23:04:01 khorben Exp $
-
-SHA1 (qca-ossl-2.0.0-beta3.tar.bz2) = dd925e8732ff76f24f9f90f4094abaf2f0ac27bf
-RMD160 (qca-ossl-2.0.0-beta3.tar.bz2) = c979c3c3427eb45e8866e28746f83966e8bcf3c2
-SHA512 (qca-ossl-2.0.0-beta3.tar.bz2) = 17b30099c1bc8650757d71fd9e7824831b132cedc920f59832cb5a8096b90932834e05f3f77ed34e213fdadf881625710e1311ae4fcc4c0919a1684adb4525b8
-Size (qca-ossl-2.0.0-beta3.tar.bz2) = 49188 bytes
-SHA1 (patch-aa) = 186e34288e91383a3a13a5bfbde109f80d9d71e3
diff -r 122e886bc864 -r cc6582f9d5f2 security/qca2-ossl/patches/patch-aa
--- a/security/qca2-ossl/patches/patch-aa Wed Jan 31 07:57:58 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,303 +0,0 @@
-$NetBSD: patch-aa,v 1.3 2016/03/29 23:04:01 khorben Exp $
-
-Remove support for SSLv2
-
---- qca-ossl.cpp.orig 2007-12-11 06:34:57.000000000 +0000
-+++ qca-ossl.cpp
-@@ -42,6 +42,15 @@
- #define OSSL_097
- #endif
-
-+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10000000L
-+// OpenSSL 1.0.0 makes a few changes that aren't very C++ friendly...
-+// Among other things, CHECKED_PTR_OF returns a void*, but is used in
-+// contexts requiring STACK pointers.
-+#undef CHECKED_PTR_OF
-+#define CHECKED_PTR_OF(type, p) \
-+ ((_STACK*) (1 ? p : (type*)0))
-+#endif
-+
- using namespace QCA;
-
- namespace opensslQCAPlugin {
-@@ -327,7 +336,7 @@ static X509_EXTENSION *new_subject_key_i
- X509V3_CTX ctx;
- X509V3_set_ctx_nodb(&ctx);
- X509V3_set_ctx(&ctx, NULL, cert, NULL, NULL, 0);
-- X509_EXTENSION *ex = X509V3_EXT_conf_nid(NULL, &ctx, NID_subject_key_identifier, "hash");
-+ X509_EXTENSION *ex = X509V3_EXT_conf_nid(NULL, &ctx, NID_subject_key_identifier, (char *)"hash");
- return ex;
- }
-
-@@ -1182,6 +1191,7 @@ public:
- {
- pkey = from.pkey;
- CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-+ raw_type = false;
- state = Idle;
- }
-
-@@ -1226,6 +1236,7 @@ public:
- }
- else
- {
-+ raw_type = false;
- EVP_MD_CTX_init(&mdctx);
- if(!EVP_VerifyInit_ex(&mdctx, type, NULL))
- state = VerifyError;
-@@ -1771,8 +1782,10 @@ public:
- md = EVP_sha1();
- else if(alg == EMSA3_MD5)
- md = EVP_md5();
-+#ifdef HAVE_OPENSSL_MD2
- else if(alg == EMSA3_MD2)
- md = EVP_md2();
-+#endif
- else if(alg == EMSA3_RIPEMD160)
- md = EVP_ripemd160();
- else if(alg == EMSA3_Raw)
-@@ -1789,8 +1802,10 @@ public:
- md = EVP_sha1();
- else if(alg == EMSA3_MD5)
- md = EVP_md5();
-+#ifdef HAVE_OPENSSL_MD2
- else if(alg == EMSA3_MD2)
- md = EVP_md2();
-+#endif
- else if(alg == EMSA3_RIPEMD160)
- md = EVP_ripemd160();
- else if(alg == EMSA3_Raw)
-@@ -3385,9 +3400,11 @@ public:
- case NID_md5WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD5;
- break;
-+#ifdef HAVE_OPENSSL_MD2
- case NID_md2WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD2;
- break;
-+#endif
- case NID_ripemd160WithRSA:
- p.sigalgo = QCA::EMSA3_RIPEMD160;
- break;
-@@ -3871,9 +3888,11 @@ public:
- case NID_md5WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD5;
- break;
-+#ifdef HAVE_OPENSSL_MD2
- case NID_md2WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD2;
- break;
-+#endif
- case NID_ripemd160WithRSA:
- p.sigalgo = QCA::EMSA3_RIPEMD160;
- break;
-@@ -4061,9 +4080,11 @@ public:
- case NID_md5WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD5;
- break;
-+#ifdef HAVE_OPENSSL_MD2
- case NID_md2WithRSAEncryption:
- p.sigalgo = QCA::EMSA3_MD2;
- break;
-+#endif
- case NID_ripemd160WithRSA:
- p.sigalgo = QCA::EMSA3_RIPEMD160;
- break;
-@@ -5128,14 +5149,21 @@ public:
- v_eof = false;
- }
-
-+ // dummy verification function for SSL_set_verify()
-+ static int ssl_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
-+ {
-+ Q_UNUSED(preverify_ok);
-+ Q_UNUSED(x509_ctx);
-+
-+ // don't terminate handshake in case of verification failure
-+ return 1;
-+ }
-+
- virtual QStringList supportedCipherSuites(const TLS::Version &version) const
- {
- OpenSSL_add_ssl_algorithms();
- SSL_CTX *ctx = 0;
- switch (version) {
-- case TLS::SSL_v2:
-- ctx = SSL_CTX_new(SSLv2_client_method());
-- break;
- case TLS::SSL_v3:
- ctx = SSL_CTX_new(SSLv3_client_method());
- break;
-@@ -5151,6 +5179,8 @@ public:
- if (NULL == ctx)
- return QStringList();
-
-+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
-+
- SSL *ssl = SSL_new(ctx);
- if (NULL == ssl) {
- SSL_CTX_free(ctx);
-@@ -5692,6 +5722,14 @@ public:
- }
- }
-
-+ // request a certificate from the client, if in server mode
-+ if(serv)
-+ {
-+ SSL_set_verify(ssl,
-+ SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
-+ ssl_verify_callback);
-+ }
-+
- return true;
- }
-
-@@ -6155,6 +6193,7 @@ public:
- i2d_PKCS7_bio(bo, p7);
- //PEM_write_bio_PKCS7(bo, p7);
- out = bio2ba(bo);
-+ PKCS7_free(p7);
- }
- else
- {
-@@ -6582,7 +6621,9 @@ static QStringList all_hash_types()
- list += "sha1";
- list += "sha0";
Home |
Main Index |
Thread Index |
Old Index