220744 – security/softhsm2: Update to 2.3.0

Bug 220744 - security/softhsm2: Update to 2.3.0

Summary: security/softhsm2: Update to 2.3.0

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Danilo G. Baio

URL:	https://reviews.freebsd.org/D11607
Keywords:

Depends on:
Blocks:	218701
	Show dependency tree / graph

Reported:	2017-07-15 11:28 UTC by Jaap Akkerhuis
Modified:	2017-07-18 11:40 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
patch to upgrade (3.28 KB, patch) 2017-07-15 11:28 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jaap Akkerhuis 2017-07-15 11:28:14 UTC

Created attachment 184371 [details]
patch to upgrade

This upgrade also takes care of the probem signalled in <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218701>.


Updates:
* Issue #130: Upgraded to PKCS#11 v2.40.
  * Minor changes to some return values.
  * Added CKA_DESTROYABLE to all objects. Used by C_DestroyObject().
  * Added CKA_PUBLIC_KEY_INFO to certificates, private, and public key
    objects. Will be accepted from application, but SoftHSM will
    currently not calculate it.
* Issue #142: Support for CKM_AES_CTR.
* Issue #155: Add unit tests for SessionManager.
* Issue #189: C_DigestKey returns CKR_KEY_INDIGESTIBLE when key
  attribute CKA_EXTRACTABLE =3D false. Whitelist SHA algorithms to allow
  C_DigestKey in this case.
* Issue #225: Show slot id after initialization.
* Issue #247: Run AppVeyor (Windows CI) for each PR and merge.
* Issue #257: Set CKA_DECRYPT/CKA_ENCRYPT flags on key import to true.
  (Patch from Martin Domke)
* Issue #261: Add support for libeaycompat lib for FIPS on Windows.
  (Patch from Matt Hauck)
* Issue #262: Support importing ECDSA P-521 in softhsm-util.
* Issue #276: Support for Botan 2.0.
* Issue #279: Editorial changes from Mountain Lion to Sierra.
  (Patch from Mike Neumann)
* Issue #283: More detailed error messages when initializing SoftHSM.
* Issue #285: Support for LibreSSL.
  (Patch from Alon Bar-Lev)
* Issue #286: Update .gitignore.
  (Patch from Alon Bar-Lev)
* Issue #291: Change to enable builds and reports on new Jenkinks
  environment.
* Issue #293: Detect cppunit in autoconf.
  (Patch from Alon Bar-Lev)
* Issue #309: CKO_CERTIFICATE and CKO_PUBLIC_KEY now defaults to
  CKA_PRIVATE=3Dfalse.
* Issue #314: Update README with information about logging.
* Issue #330: Adjust log levels for failing to enumerate object store.
  (Patch from Nikos Mavrogiannopoulos)

Bugfixes:
* Issue #216: Better handling of CRYPTO_set_locking_callback() for OpenSSL.
* Issue #265: Fix deriving shared secret with ECC.
* Issue #280: HMAC with sizes less than L bytes is strongly discouraged.
  Set a lower bound equal to L bytes in ulMinKeySize and check it when
  initializing the operation.
* Issue #281: Fix test of p11 shared library.
  (Patch from Lars Silv=C3=A9n)
* Issue #289: Minor fix of 'EVP_CipherFinal_ex'.
  (Patch from Viktor Tarasov)
* Issue #297: Fix build with cppunit.
  (Patch from Ludovic Rousseau)
* Issue #302: Export PKCS#11 symbols from the library.
  (Patch from Ludovic Rousseau)
* Issue #305: Zero pad key to fit the block in CKM_AES_KEY_WRAP.
* Issue #313: Detecting CppUnit when using Macports.
  (Patch from mouse07410)

Comment 1 commit-hook freebsd_committer

2017-07-17 15:19:10 UTC

A commit references this bug:

Author: dbaio
Date: Mon Jul 17 15:18:37 UTC 2017
New revision: 446078
URL: https://svnweb.freebsd.org/changeset/ports/446078

Log:
  security/softhsm2: Update to 2.3.0, Fix build with SQLITE3 storage backend

  Disable support for GOST if openssl-devel is used

  Add option SQLITE (optional) to fix build with SQLITE3 storage backend [1]

  While here:
    Add LICENSE_FILE
    Add USES= ssl (Q/A warning)

  PR:		220744
  PR:		218701 [1]
  Submitted by:	jaap@NLnetLabs.nl (maintainer)
  Submitted by:	sergey@akhmatov.ru [1]
  Approved by:	garga (mentor)
  MFH:		2017Q3
  Differential Revision:	https://reviews.freebsd.org/D11607

Changes:
  head/security/softhsm2/Makefile
  head/security/softhsm2/distinfo
  head/security/softhsm2/files/
  head/security/softhsm2/files/patch-src_lib_object__store_DB.h
  head/security/softhsm2/pkg-plist

Comment 2 commit-hook freebsd_committer

2017-07-18 11:37:44 UTC

A commit references this bug:

Author: dbaio
Date: Tue Jul 18 11:37:27 UTC 2017
New revision: 446138
URL: https://svnweb.freebsd.org/changeset/ports/446138

Log:
  MFH: r446078 r446079

  security/softhsm2: Update to 2.3.0, Fix build with SQLITE3 storage backend

  Disable support for GOST if openssl-devel is used

  Add option SQLITE (optional) to fix build with SQLITE3 storage backend [1]

  While here:
    Add LICENSE_FILE
    Add USES= ssl (Q/A warning)

  PR:		220744
  PR:		218701 [1]
  Submitted by:	jaap@NLnetLabs.nl (maintainer)
  Submitted by:	sergey@akhmatov.ru [1]
  Approved by:	ports-secteam (junovitch), garga (mentor)
  Differential Revision:	https://reviews.freebsd.org/D11607

Changes:
_U  branches/2017Q3/
  branches/2017Q3/security/softhsm2/Makefile
  branches/2017Q3/security/softhsm2/distinfo
  branches/2017Q3/security/softhsm2/files/
  branches/2017Q3/security/softhsm2/pkg-plist

Comment 3 Danilo G. Baio freebsd_committer

2017-07-18 11:40:32 UTC

Committed, thanks.