[Cc: maintainer] Please disable (or fix) this port for FreeBSD 5.x or later: It produces invalid checksums and should not be used (at least not in a security context) Originally reported by Ben Laurie in http://lists.FreeBSD.org/pipermail/freebsd-ports/2006-January/028552.html Fix: I have searched in vain to locate the problem, so my best suggestion is to mark it broken. P.S. While we're at it, add sha256 checksum to distfile - no irony intended. How-To-Repeat: Compare the output of these (similar on 4.x, but not on 5.x): perl -e "use Digest::SHA256; print Digest::SHA256::new(256)->hexhash('test');" echo -n test | sha256
State Changed From-To: open->feedback Awaiting maintainers feedback
On Thu, Jan 19, 2006 at 13:04:04 EST, Edwin Groothuis scribbled these curious markings: > Maintainer of security/p5-Digest-SHA256, > > Please note that PR ports/92014 has just been submitted. > > If it contains a patch for an upgrade, an enhancement or a bug fix > you agree on, reply to this email stating that you approve the patch > and a committer will take care of it. > > The full text of the PR can be found at: > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/92014 Approval is given for the patch attached to the aforementioned PR, ports/92014. Best regards, Christopher Nehren -- I abhor a system designed for the "user", if that word is a coded pejorative meaning "stupid and unsophisticated". -- Ken Thompson If you ask questions of idiots, you get "Joel on Software". Unix is user friendly. However, it isn't idiot friendly.
State Changed From-To: feedback->open Maintainer approval received.
On Thu, Jan 19, 2006 at 06:53:06PM +0100, Johan van Selst wrote: > Please disable (or fix) this port for FreeBSD 5.x or later: > It produces invalid checksums and should not be used > (at least not in a security context) > I have searched in vain to locate the problem, > so my best suggestion is to mark it broken. > > P.S. While we're at it, add sha256 checksum to distfile - > no irony intended. > > diff -uNr p5-Digest-SHA256/Makefile p5-Digest-SHA256/Makefile > --- p5-Digest-SHA256/Makefile Thu May 26 15:10:51 2005 > +++ p5-Digest-SHA256/Makefile Thu Jan 19 18:40:43 2006 > @@ -24,4 +24,10 @@ > > MAN3= Digest::SHA256.3 Digest::sha256.3 > > -.include <bsd.port.mk> > +.include <bsd.port.pre.mk> > + > +.if ${OSVERSION} >= 500000 > +BROKEN= "Produces invalid checksums on >= 5.x" > +.endif > + > +.include <bsd.port.post.mk> > diff -uNr p5-Digest-SHA256/distinfo p5-Digest-SHA256/distinfo > --- p5-Digest-SHA256/distinfo Thu May 26 15:10:51 2005 > +++ p5-Digest-SHA256/distinfo Thu Jan 19 18:51:25 2006 > @@ -1,2 +1,3 @@ > MD5 (SHA256-0.01b.tar.gz) = 08f2b87bad328275bdebf64c18bfcb31 > +SHA256 (SHA256-0.01b.tar.gz) = 72bbb1e31bbfe39e9df930e9b34bbac25e5d1617b7289076945aa303ad03c170 > SIZE (SHA256-0.01b.tar.gz) = 9326 I have a better idea. How about fixing it instead? :-) Maintainer, do you approve the following patch? Index: files/patch-Makefile.PL =================================================================== RCS file: files/patch-Makefile.PL diff -N files/patch-Makefile.PL --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-Makefile.PL 20 Jan 2006 13:25:23 -0000 @@ -0,0 +1,22 @@ +--- Makefile.PL Mon Mar 12 06:19:07 2001 ++++ Makefile.PL Fri Jan 20 14:23:20 2006 +@@ -9,6 +9,10 @@ WriteMakefile( + ); + + if (exists($Config{'byteorder'}) and defined($Config{'byteorder'})) { ++ my $bo = $Config{'byteorder'}; ++ if (length($bo) == 8 && $Config{use64bitint} && !$Config{use64bitall}) { ++ $bo =~ s/[5678]//g; ++ } + if (-e 'endian.h') { + warn "Warning: overwriting endian.h\n"; + } else { +@@ -24,7 +28,7 @@ if (exists($Config{'byteorder'}) and def + + /* Warning! this file is automatically generated; changes WILL disappear */ + +-#define BYTEORDER $Config{'byteorder'} ++#define BYTEORDER $bo + + #endif /* ENDIAN_H */ + END_OF_STRING Cheers, \Anton. -- An undefined problem has an infinite number of solutions. -- Robert A. Humphrey
State Changed From-To: open->feedback Second round of feedback wanted.
This port is still around producing bad checksums (and not marked broken). The fix is simple enough: if the maintainer doesn't respond, can it please be applied anyway (feedback timeout)? Thanks.
State Changed From-To: feedback->closed The fix from the followup has been committed. Thanks for reporting this and for the subsequent nudging. :-)