Comment 1 Edwin Groothuis 2006-01-19 18:04:09 UTC

State Changed
From-To: open->feedback

Awaiting maintainers feedback

On Thu, Jan 19, 2006 at 13:04:04 EST, Edwin Groothuis scribbled these
curious markings:
> Maintainer of security/p5-Digest-SHA256,
> 
> Please note that PR ports/92014 has just been submitted.
> 
> If it contains a patch for an upgrade, an enhancement or a bug fix
> you agree on, reply to this email stating that you approve the patch
> and a committer will take care of it.
> 
> The full text of the PR can be found at:
>     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/92014


Approval is given for the patch attached to the aforementioned
PR, ports/92014.

Best regards,
Christopher Nehren

-- 
I abhor a system designed for the "user", if that word is a coded
pejorative meaning "stupid and unsophisticated". -- Ken Thompson
If you ask questions of idiots, you get "Joel on Software".
Unix is user friendly. However, it isn't idiot friendly.

Comment 3 Mark Linimon 2006-01-20 01:02:24 UTC

State Changed
From-To: feedback->open

Maintainer approval received.

Comment 4 Anton Berezin 2006-01-20 13:27:34 UTC

On Thu, Jan 19, 2006 at 06:53:06PM +0100, Johan van Selst wrote:
> 	Please disable (or fix) this port for FreeBSD 5.x or later:
> 	It produces invalid checksums and should not be used
> 	(at least not in a security context)

> 	I have searched in vain to locate the problem,
> 	so my best suggestion is to mark it broken.
> 
> 	P.S. While we're at it, add sha256 checksum to distfile -
> 	no irony intended.
> 
> diff -uNr p5-Digest-SHA256/Makefile p5-Digest-SHA256/Makefile
> --- p5-Digest-SHA256/Makefile	Thu May 26 15:10:51 2005
> +++ p5-Digest-SHA256/Makefile	Thu Jan 19 18:40:43 2006
> @@ -24,4 +24,10 @@
>  
>  MAN3=	Digest::SHA256.3 Digest::sha256.3
>  
> -.include <bsd.port.mk>
> +.include <bsd.port.pre.mk>
> +
> +.if ${OSVERSION} >= 500000
> +BROKEN=		"Produces invalid checksums on >= 5.x"
> +.endif
> +
> +.include <bsd.port.post.mk>
> diff -uNr p5-Digest-SHA256/distinfo p5-Digest-SHA256/distinfo
> --- p5-Digest-SHA256/distinfo	Thu May 26 15:10:51 2005
> +++ p5-Digest-SHA256/distinfo	Thu Jan 19 18:51:25 2006
> @@ -1,2 +1,3 @@
>  MD5 (SHA256-0.01b.tar.gz) = 08f2b87bad328275bdebf64c18bfcb31
> +SHA256 (SHA256-0.01b.tar.gz) = 72bbb1e31bbfe39e9df930e9b34bbac25e5d1617b7289076945aa303ad03c170
>  SIZE (SHA256-0.01b.tar.gz) = 9326

I have a better idea.  How about fixing it instead?   :-)

Maintainer, do you approve the following patch?

Index: files/patch-Makefile.PL
===================================================================
RCS file: files/patch-Makefile.PL
diff -N files/patch-Makefile.PL
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/patch-Makefile.PL	20 Jan 2006 13:25:23 -0000
@@ -0,0 +1,22 @@
+--- Makefile.PL	Mon Mar 12 06:19:07 2001
++++ Makefile.PL	Fri Jan 20 14:23:20 2006
+@@ -9,6 +9,10 @@ WriteMakefile(
+ );
+ 
+ if (exists($Config{'byteorder'}) and defined($Config{'byteorder'})) {
++  my $bo = $Config{'byteorder'};
++  if (length($bo) == 8 && $Config{use64bitint} && !$Config{use64bitall}) {
++	  $bo =~ s/[5678]//g;
++  }
+   if (-e 'endian.h') {
+     warn "Warning: overwriting endian.h\n";
+   } else {
+@@ -24,7 +28,7 @@ if (exists($Config{'byteorder'}) and def
+ 
+ /* Warning! this file is automatically generated; changes WILL disappear */
+ 
+-#define BYTEORDER $Config{'byteorder'}
++#define BYTEORDER $bo
+ 
+ #endif /* ENDIAN_H */
+ END_OF_STRING

Cheers,
\Anton.
-- 
An undefined problem has an infinite number of solutions.
-- Robert A. Humphrey

Comment 5 Anton Berezin 2006-01-20 13:32:09 UTC

State Changed
From-To: open->feedback

Second round of feedback wanted.

This port is still around producing bad checksums (and not marked broken).

The fix is simple enough: if the maintainer doesn't respond, can it please be applied anyway (feedback timeout)? Thanks.

Comment 7 Anton Berezin 2006-03-23 16:03:16 UTC

State Changed
From-To: feedback->closed

The fix from the followup has been committed.  Thanks for reporting this 
and for the subsequent nudging.  :-)