So this update fixes the CVE that affected previous releases, and brings
back sparc64 support. Patches where committed upstream, too. Tests
pass on amd64 and sparc64.
I noticed only symbol additions, but upstream bumped SOVERSION in the
cmake build files (this changes SONAME on other platforms), so I went
for a major bump. No other port uses this anyway (www/hiawatha?).
ok?
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/polarssl/Makefile,v
retrieving revision 1.2
diff -u -p -r1.2 Makefile
--- Makefile 18 Apr 2014 20:51:48 -0000 1.2
+++ Makefile 18 Aug 2014 07:30:10 -0000
@@ -1,14 +1,12 @@
# $OpenBSD: Makefile,v 1.2 2014/04/18 20:51:48 sthen Exp $
-BROKEN-sparc64= problems with mpi_mul_hlp() (also tested with gcc4.8)
-
COMMENT= SSL library with an intuitive API and readable source code
-DISTNAME= polarssl-1.3.6
-REVISION= 0
+DISTNAME= polarssl-1.3.8
EXTRACT_SUFX= -gpl.tgz
-SHARED_LIBS += polarssl 0.0 # 1.3
+# check SOVERSION
+SHARED_LIBS += polarssl 1.0
CATEGORIES= security
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/polarssl/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo 18 Apr 2014 11:37:02 -0000 1.1.1.1
+++ distinfo 17 Aug 2014 22:30:30 -0000
@@ -1,2 +1,2 @@
-SHA256 (polarssl-1.3.6-gpl.tgz) = uXllwaBS30EgHTXgH5HErAvyjkQ6Vt30Yb5jsgyFrgk=
-SIZE (polarssl-1.3.6-gpl.tgz) = 1596728
+SHA256 (polarssl-1.3.8-gpl.tgz) = MYFx20EzXKy7WwBHyU8fr5FEKrcKIjtSI0NnA8lAb/E=
+SIZE (polarssl-1.3.8-gpl.tgz) = 1725531
Index: patches/patch-library_rsa_c
===================================================================
RCS file: patches/patch-library_rsa_c
diff -N patches/patch-library_rsa_c
--- patches/patch-library_rsa_c 18 Apr 2014 11:37:02 -0000 1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,22 +0,0 @@
-$OpenBSD: patch-library_rsa_c,v 1.1.1.1 2014/04/18 11:37:02 sthen Exp $
-
-Avoid triggering APIWARN (though using rand() for this self-test is
-actually harmless).
-
---- library/rsa.c.orig Fri Apr 18 12:01:57 2014
-+++ library/rsa.c Fri Apr 18 12:02:07 2014
-@@ -1469,13 +1469,10 @@ void rsa_free( rsa_context *ctx )
- #if defined(POLARSSL_PKCS1_V15)
- static int myrand( void *rng_state, unsigned char *output, size_t len )
- {
-- size_t i;
--
- if( rng_state != NULL )
- rng_state = NULL;
-
-- for( i = 0; i < len; ++i )
-- output[i] = rand();
-+ arc4random_buf(output, len);
-
- return( 0 );
- }
Index: patches/patch-tests_suites_helpers_function
===================================================================
RCS file: patches/patch-tests_suites_helpers_function
diff -N patches/patch-tests_suites_helpers_function
--- patches/patch-tests_suites_helpers_function 18 Apr 2014 11:37:02 -0000
1.1.1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,21 +0,0 @@
-$OpenBSD: patch-tests_suites_helpers_function,v 1.1.1.1 2014/04/18 11:37:02
sthen Exp $
-
-Stops test_suite_pk from looping forever.
-
---- tests/suites/helpers.function.orig Fri Apr 18 11:59:32 2014
-+++ tests/suites/helpers.function Fri Apr 18 11:59:54 2014
-@@ -105,13 +105,10 @@ static void hexify(unsigned char *obuf, const unsigned
- */
- static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
- {
-- size_t i;
--
- if( rng_state != NULL )
- rng_state = NULL;
-
-- for( i = 0; i < len; ++i )
-- output[i] = rand();
-+ arc4random_buf(output, len);
-
- return( 0 );
- }
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/security/polarssl/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- pkg/PLIST 19 Apr 2014 14:40:51 -0000 1.3
+++ pkg/PLIST 18 Aug 2014 06:56:18 -0000
@@ -10,7 +10,9 @@ include/polarssl/bignum.h
include/polarssl/blowfish.h
include/polarssl/bn_mul.h
include/polarssl/camellia.h
+include/polarssl/ccm.h
include/polarssl/certs.h
+include/polarssl/check_config.h
include/polarssl/cipher.h
include/polarssl/cipher_wrap.h
include/polarssl/compat-1.2.h
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
