245008 – security/softhsm2: Update to 2.6.0 (actually 2.6.1)

Bug 245008 - security/softhsm2: Update to 2.6.0 (actually 2.6.1)

Summary: security/softhsm2: Update to 2.6.0 (actually 2.6.1)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Hiroki Tagato

URL:
Keywords:	needs-qa

Depends on:
Blocks:

Reported:	2020-03-23 16:06 UTC by Jaap Akkerhuis
Modified:	2020-05-01 08:49 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
patch to update (1.62 KB, patch) 2020-03-23 16:06 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
improved patch to update (1.37 KB, patch) 2020-04-29 09:25 UTC, Jaap Akkerhuis	no flags	Details \| Diff
improved again patch to upgrade (3.28 KB, patch) 2020-04-29 11:32 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
Patch to update (3.28 KB, patch) 2020-04-30 09:28 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jaap Akkerhuis 2020-03-23 16:06:05 UTC

Created attachment 212648 [details]
patch to update

SoftHSM version 2.6.0 has just been released.  This is mostly
a continued development of SoftHSMv2, and thus should replace
the 2.5 branch to receive any patches.

See also NEWS at https://www.opendnssec.org

No migration, configuration changes or path changes are necessary
and the build configuration should not need changing.

Improvements:
* Issue #493: Upgrade to Botan 2.
* Issue #530: Update appveyor build.
* Issue #438: Detect crypto algorithms by default.
  (Patch from Alon Bar-Lev)
* Issue #455: Provide a new configuration option to allow enabling and
  disabling various mechanisms (slots.mechanisms in the softhsm2.conf).
  (Thanks to Jakub Jelen)
* Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes.
  (Patch from Jan Luebbe)
* Issue #513: Add configuration option to reset state on fork closing all
  sessions rather than keeping all sessions open in duplicate process.
  (Thanks to Anderson Toshiyuki Sasaki)
* Issue #500: C_WaitForSlotEvent implementation.
  (Patch from massey101)
* Issue #445: Add wrap support with CKM_AES_CBC.

Bugfixes:
* Issue #418: Set fields to NULL to avoid double free.
  (Patch from Brian J Murray)
* Issue #423: ENGINE_load_rdrand is not supported with older openssl.
  (Patch from Alon Bar-Lev)
* Issue #429: Updated prerequisite to build from repository.
  (Patch from Dharmesh Khandelwal)
* Issue #434: Fix build issues with CMake.
  (Patch from Peter Wu)
* Issue #435: Fix botan build without EDDSA.
  (Patch from Peter Wu)
* Issue #442: Release resources from OSSLEVPSymmetricAlgorithm.
  (Patch from Petr Menšík)
* Issue #449/#502: Do not copy zero sized buffer avoid null pointer
  reference.  (Patch from space88man)
* Issue #464: Race condition with multiple threads closing last session and
  opening a newer sessions.
  (Patch from Takarth)
* Issue #452: Fixes to automake build fir undefined macros.
* Issue #462: User PIN count wrongly calculated.
  (Patch from Ondřej Hlavatý)
* Issue #516: Fix memory leak in OSSLCryptoFactory.
  (Patch from Anderson Sasaki)
* Issue #494: Allow null pointers as arguments when count is zero.
  (Patch from Yunjong Jeong)
* Issue #518: Sporadic problem in closing sessions because of lookup of
  object without prior locking.
* Issue #506: Check key type for C_EncryptInit and C_DecryptInit.
  (Patch from Yunjong Jeong)
* Issue #526: Adjust EDDSA code to return valid EC_PARAMS.
  (Patch from Jakub Jelen)
* Issue #452: Autogen failure on undefined macro AC_MSG_ERROR.
* Issue #527: Fixed some build errors for GCC 10.
* Issue #470: Null pointer arguments validation for C_EncryptFinal, etc.

Comment 1 Hiroki Tagato freebsd_committer

2020-04-29 06:12:01 UTC

Hi,

After applying the patch, there are two lines of OPTIONS_DEFAULT.

OPTIONS_DEFAULT=        CRYP_OPEN SQLITE MIGRATE
OPTIONS_DEFAULT=        CRYP_BOTAN SQLITE MIGRATE

I guess that is by accident. Can you update the patch?

Comment 2 Jaap Akkerhuis 2020-04-29 09:25:29 UTC

Created attachment 213905 [details]
improved patch to update

Comment 3 Jaap Akkerhuis 2020-04-29 09:26:30 UTC

(In reply to Hiroki Tagato from comment #1)
Yes, you are right, sorry for that. It was  leftover from testing the botan version. I've attached a new patch.

Comment 4 Hiroki Tagato freebsd_committer

2020-04-29 11:12:27 UTC

(In reply to Jaap Akkerhuis from comment #3)

Thanks for updating the patch.

I tried to build the port with poudriere and got the following error:


=======================<phase: patch          >============================
===>  Patching for softhsm2-2.6.0
===>  Applying FreeBSD patches for softhsm2-2.6.0
Ignoring previously applied (or reversed) patch.
1 out of 1 hunks ignored--saving rejects to src/lib/crypto/OSSLCryptoFactory.cpp.rej
=> FreeBSD patch patch-src_lib_crypto_OSSLCryptoFactory.cpp failed to apply cleanly.
*** Error code 1

Stop.


Can you look into this?

Comment 5 Jaap Akkerhuis 2020-04-29 11:32:09 UTC

Created attachment 213908 [details]
improved again patch to upgrade

(In reply to Hiroki Tagato from comment #4)

Ai, the patches are not needed anymore. Next patch will remove them, sorry about forgetting to add that bit.

Comment 6 Jaap Akkerhuis 2020-04-30 07:16:31 UTC

Today  new release got announce, 2.6.1. We might consider to skip this version and o directly to 2.6.1.

A Direct jump to 2.6.1 seems more user friendly to me.

Comment 7 Hiroki Tagato freebsd_committer

2020-04-30 07:26:37 UTC

(In reply to Jaap Akkerhuis from comment #6)

I see. Can you update the patch to 2.6.1?

Comment 8 Jaap Akkerhuis 2020-04-30 08:50:34 UTC

(In reply to Hiroki Tagato from comment #7)
Testing on builds on my poudriere systems and in a teleconf now, but will send you in an hour or so.

Comment 9 Jaap Akkerhuis 2020-04-30 09:28:39 UTC

Created attachment 213938 [details]
Patch to update

This update makes it actually version 2.6.1

From the release notes: This release 2.6.1 mostly improves upon some compilation issues on specific platforms

Comment 10 commit-hook freebsd_committer

2020-05-01 08:48:49 UTC

A commit references this bug:

Author: tagattie
Date: Fri May  1 08:48:45 UTC 2020
New revision: 533528
URL: https://svnweb.freebsd.org/changeset/ports/533528

Log:
  Update to 2.6.1

  PR:		245008
  Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
  Approved by:	ehaupt (mentor)
  Changelog:	https://www.opendnssec.org/2020/04/softhsm-2-6-0/
  		https://www.opendnssec.org/2020/04/1602/

Changes:
  head/security/softhsm2/Makefile
  head/security/softhsm2/distinfo
  head/security/softhsm2/files/patch-src_lib_crypto_OSSLCryptoFactory.cpp
  head/security/softhsm2/files/patch-src_lib_object__store_DB.h

Comment 11 Hiroki Tagato freebsd_committer

2020-05-01 08:49:54 UTC

Committed, thanks!