Attachment #168545 for bug #206919

View | Details | Raw Unified | Return to bug 206919 | Differences between
Collapse All | Expand All





PORTNAME=	libgcrypt
PORTVERSION=	1.6.5
PORTREVISION=	1
CATEGORIES=	security
MASTER_SITES=	GNUPG


	${RM} -f ${WRKSRC}/doc/gcrypt.info*
	${REINPLACE_CMD} -e 's|ALIGN (3)|ALIGN (2)|g' ${WRKSRC}/mpi/i386/*.S

# Fix crash at cipher/salsa20.c module on amd64
.if ${ARCH} == "amd64" && exists(/usr/bin/clang)
CFLAGS:=	${CFLAGS:N-O*} -O2
.endif

post-install:
	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}.so





--- cipher/Makefile.in.orig	2015-09-08 06:32:11 UTC
+++ cipher/Makefile.in
@@ -818,13 +818,19 @@ uninstall-am:
 	tags tags-am uninstall uninstall-am
 
 
-# We need to lower the optimization for this module.
+# We need to lower the optimization for these modules.
 tiger.o: $(srcdir)/tiger.c
 	`echo $(COMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
 
 tiger.lo: $(srcdir)/tiger.c
 	`echo $(LTCOMPILE) -c $(srcdir)/tiger.c | $(o_flag_munging) `
 
+salsa20.o: $(srcdir)/salsa20.c
+	`echo $(COMPILE) -c $(srcdir)/salsa20.c | $(o_flag_munging) `
+
+salsa20.lo: $(srcdir)/salsa20.c
+	`echo $(LTCOMPILE) -c $(srcdir)/salsa20.c | $(o_flag_munging) `
+
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
 .NOEXPORT:




--- cipher/salsa20.c.orig	2016-03-23 16:34:00 UTC
+++ cipher/salsa20.c
@@ -485,7 +485,8 @@ salsa20r12_encrypt_stream (void *context
 static const char*
 selftest (void)
 {
-  SALSA20_context_t ctx;
+  byte ctxbuf[sizeof(SALSA20_context_t) + 15];
+  SALSA20_context_t *ctx;
   byte scratch[8+1];
   byte buf[256+64+4];
   int i;
@@ -502,32 +503,35 @@ selftest (void)
   static const byte ciphertext_1[] =
     { 0xE3, 0xBE, 0x8F, 0xDD, 0x8B, 0xEC, 0xA2, 0xE3};
 
-  salsa20_setkey (&ctx, key_1, sizeof key_1);
-  salsa20_setiv  (&ctx, nonce_1, sizeof nonce_1);
+  /* 16-byte alignment required for amd64 implementation. */
+  ctx = (SALSA20_context_t *)((uintptr_t)(ctxbuf + 15) & ~(uintptr_t)15);
+
+  salsa20_setkey (ctx, key_1, sizeof key_1);
+  salsa20_setiv  (ctx, nonce_1, sizeof nonce_1);
   scratch[8] = 0;
-  salsa20_encrypt_stream (&ctx, scratch, plaintext_1, sizeof plaintext_1);
+  salsa20_encrypt_stream (ctx, scratch, plaintext_1, sizeof plaintext_1);
   if (memcmp (scratch, ciphertext_1, sizeof ciphertext_1))
     return "Salsa20 encryption test 1 failed.";
   if (scratch[8])
     return "Salsa20 wrote too much.";
-  salsa20_setkey( &ctx, key_1, sizeof(key_1));
-  salsa20_setiv  (&ctx, nonce_1, sizeof nonce_1);
-  salsa20_encrypt_stream (&ctx, scratch, scratch, sizeof plaintext_1);
+  salsa20_setkey( ctx, key_1, sizeof(key_1));
+  salsa20_setiv  (ctx, nonce_1, sizeof nonce_1);
+  salsa20_encrypt_stream (ctx, scratch, scratch, sizeof plaintext_1);
   if (memcmp (scratch, plaintext_1, sizeof plaintext_1))
     return "Salsa20 decryption test 1 failed.";
 
   for (i = 0; i < sizeof buf; i++)
     buf[i] = i;
-  salsa20_setkey (&ctx, key_1, sizeof key_1);
-  salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
+  salsa20_setkey (ctx, key_1, sizeof key_1);
+  salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
   /*encrypt*/
-  salsa20_encrypt_stream (&ctx, buf, buf, sizeof buf);
+  salsa20_encrypt_stream (ctx, buf, buf, sizeof buf);
   /*decrypt*/
-  salsa20_setkey (&ctx, key_1, sizeof key_1);
-  salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
-  salsa20_encrypt_stream (&ctx, buf, buf, 1);
-  salsa20_encrypt_stream (&ctx, buf+1, buf+1, (sizeof buf)-1-1);
-  salsa20_encrypt_stream (&ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
+  salsa20_setkey (ctx, key_1, sizeof key_1);
+  salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
+  salsa20_encrypt_stream (ctx, buf, buf, 1);
+  salsa20_encrypt_stream (ctx, buf+1, buf+1, (sizeof buf)-1-1);
+  salsa20_encrypt_stream (ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
   for (i = 0; i < sizeof buf; i++)
     if (buf[i] != (byte)i)
       return "Salsa20 encryption test 2 failed.";




--- mpi/longlong.h.orig	2016-03-23 17:33:08 UTC
+++ mpi/longlong.h
@@ -170,6 +170,7 @@ MA 02111-1307, USA. */
     (pl) = __m0 * __m1; 						\
   } while (0)
 #define UMUL_TIME 46
+#if 0
 #ifndef LONGLONG_STANDALONE
 #define udiv_qrnnd(q, r, n1, n0, d) \
   do { UDItype __r;							\
@@ -179,6 +180,7 @@ MA 02111-1307, USA. */
 extern UDItype __udiv_qrnnd ();
 #define UDIV_TIME 220
 #endif /* LONGLONG_STANDALONE */
+#endif /* 0 */
 #endif /* __alpha */
 
 /***************************************
@@ -1287,7 +1289,7 @@ typedef unsigned int UTItype __attribute
 	     "rJ" ((USItype)(al)),                                      \
 	     "rI" ((USItype)(bl))                                       \
 	   __CLOBBER_CC)
-#if defined (__sparc_v8__) || defined(__sparcv8)
+#if defined (__sparc_v8__) || defined(__sparcv8) || defined (__sparc__)
 /* Don't match immediate range because, 1) it is not often useful,
    2) the 'I' flag thinks of the range as a 13 bit signed interval,
    while we want to match a 13 bit interval, sign extended to 32 bits,

Return to bug 206919

Lines 2-7 Link Here

(-)/usr/ports/security/libgcrypt/Makefile (-5 / +1 lines)
2		2
3	PORTNAME= libgcrypt	3	PORTNAME= libgcrypt
4	PORTVERSION= 1.6.5	4	PORTVERSION= 1.6.5
		5	PORTREVISION= 1
5	CATEGORIES= security	6	CATEGORIES= security
6	MASTER_SITES= GNUPG	7	MASTER_SITES= GNUPG
7		8
Lines 40-50 Link Here
40	${RM} -f ${WRKSRC}/doc/gcrypt.info*	41	${RM} -f ${WRKSRC}/doc/gcrypt.info*
41	${REINPLACE_CMD} -e 's\|ALIGN (3)\|ALIGN (2)\|g' ${WRKSRC}/mpi/i386/*.S	42	${REINPLACE_CMD} -e 's\|ALIGN (3)\|ALIGN (2)\|g' ${WRKSRC}/mpi/i386/*.S
42		43
43	# Fix crash at cipher/salsa20.c module on amd64
44	.if ${ARCH} == "amd64" && exists(/usr/bin/clang)
45	CFLAGS:= ${CFLAGS:N-O*} -O2
46	.endif
47
48	post-install:	44	post-install:
49	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}.so	45	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/${PORTNAME}.so
50		46

Lines 1-23 Link Here

(-)/usr/ports/security/libgcrypt/files/patch-cipher-Makefile.in (-23 lines)
1	--- cipher/Makefile.in.orig 2015-09-08 06:32:11 UTC
2	+++ cipher/Makefile.in
3	@@ -818,13 +818,19 @@ uninstall-am:
4	tags tags-am uninstall uninstall-am
5
6
7	-# We need to lower the optimization for this module.
8	+# We need to lower the optimization for these modules.
9	tiger.o: $(srcdir)/tiger.c
10	`echo $(COMPILE) -c $(srcdir)/tiger.c \| $(o_flag_munging) `
11
12	tiger.lo: $(srcdir)/tiger.c
13	`echo $(LTCOMPILE) -c $(srcdir)/tiger.c \| $(o_flag_munging) `
14
15	+salsa20.o: $(srcdir)/salsa20.c
16	+ `echo $(COMPILE) -c $(srcdir)/salsa20.c \| $(o_flag_munging) `
17	+
18	+salsa20.lo: $(srcdir)/salsa20.c
19	+ `echo $(LTCOMPILE) -c $(srcdir)/salsa20.c \| $(o_flag_munging) `
20	+
21	# Tell versions [3.59,3.63) of GNU make to not export all variables.
22	# Otherwise a system limit (for SysV at least) may be exceeded.
23	.NOEXPORT:

Line 0 Link Here

(-)/usr/ports/security/libgcrypt/files/patch-cipher_salsa20.c (+62 lines)
	1	--- cipher/salsa20.c.orig 2016-03-23 16:34:00 UTC
	2	+++ cipher/salsa20.c
	3	@@ -485,7 +485,8 @@ salsa20r12_encrypt_stream (void *context
	4	static const char*
	5	selftest (void)
	6	{
	7	- SALSA20_context_t ctx;
	8	+ byte ctxbuf[sizeof(SALSA20_context_t) + 15];
	9	+ SALSA20_context_t *ctx;
	10	byte scratch[8+1];
	11	byte buf[256+64+4];
	12	int i;
	13	@@ -502,32 +503,35 @@ selftest (void)
	14	static const byte ciphertext_1[] =
	15	{ 0xE3, 0xBE, 0x8F, 0xDD, 0x8B, 0xEC, 0xA2, 0xE3};
	16
	17	- salsa20_setkey (&ctx, key_1, sizeof key_1);
	18	- salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
	19	+ /* 16-byte alignment required for amd64 implementation. */
	20	+ ctx = (SALSA20_context_t *)((uintptr_t)(ctxbuf + 15) & ~(uintptr_t)15);
	21	+
	22	+ salsa20_setkey (ctx, key_1, sizeof key_1);
	23	+ salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
	24	scratch[8] = 0;
	25	- salsa20_encrypt_stream (&ctx, scratch, plaintext_1, sizeof plaintext_1);
	26	+ salsa20_encrypt_stream (ctx, scratch, plaintext_1, sizeof plaintext_1);
	27	if (memcmp (scratch, ciphertext_1, sizeof ciphertext_1))
	28	return "Salsa20 encryption test 1 failed.";
	29	if (scratch[8])
	30	return "Salsa20 wrote too much.";
	31	- salsa20_setkey( &ctx, key_1, sizeof(key_1));
	32	- salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
	33	- salsa20_encrypt_stream (&ctx, scratch, scratch, sizeof plaintext_1);
	34	+ salsa20_setkey( ctx, key_1, sizeof(key_1));
	35	+ salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
	36	+ salsa20_encrypt_stream (ctx, scratch, scratch, sizeof plaintext_1);
	37	if (memcmp (scratch, plaintext_1, sizeof plaintext_1))
	38	return "Salsa20 decryption test 1 failed.";
	39
	40	for (i = 0; i < sizeof buf; i++)
	41	buf[i] = i;
	42	- salsa20_setkey (&ctx, key_1, sizeof key_1);
	43	- salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
	44	+ salsa20_setkey (ctx, key_1, sizeof key_1);
	45	+ salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
	46	/encrypt/
	47	- salsa20_encrypt_stream (&ctx, buf, buf, sizeof buf);
	48	+ salsa20_encrypt_stream (ctx, buf, buf, sizeof buf);
	49	/decrypt/
	50	- salsa20_setkey (&ctx, key_1, sizeof key_1);
	51	- salsa20_setiv (&ctx, nonce_1, sizeof nonce_1);
	52	- salsa20_encrypt_stream (&ctx, buf, buf, 1);
	53	- salsa20_encrypt_stream (&ctx, buf+1, buf+1, (sizeof buf)-1-1);
	54	- salsa20_encrypt_stream (&ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
	55	+ salsa20_setkey (ctx, key_1, sizeof key_1);
	56	+ salsa20_setiv (ctx, nonce_1, sizeof nonce_1);
	57	+ salsa20_encrypt_stream (ctx, buf, buf, 1);
	58	+ salsa20_encrypt_stream (ctx, buf+1, buf+1, (sizeof buf)-1-1);
	59	+ salsa20_encrypt_stream (ctx, buf+(sizeof buf)-1, buf+(sizeof buf)-1, 1);
	60	for (i = 0; i < sizeof buf; i++)
	61	if (buf[i] != (byte)i)
	62	return "Salsa20 encryption test 2 failed.";

Line 0 Link Here

(-)/usr/ports/security/libgcrypt/files/patch-mpi_longlong.h (+27 lines)
	1	--- mpi/longlong.h.orig 2016-03-23 17:33:08 UTC
	2	+++ mpi/longlong.h
	3	@@ -170,6 +170,7 @@ MA 02111-1307, USA. */
	4	(pl) = __m0 * __m1; \
	5	} while (0)
	6	#define UMUL_TIME 46
	7	+#if 0
	8	#ifndef LONGLONG_STANDALONE
	9	#define udiv_qrnnd(q, r, n1, n0, d) \
	10	do { UDItype __r; \
	11	@@ -179,6 +180,7 @@ MA 02111-1307, USA. */
	12	extern UDItype __udiv_qrnnd ();
	13	#define UDIV_TIME 220
	14	#endif /* LONGLONG_STANDALONE */
	15	+#endif /* 0 */
	16	#endif /* __alpha */
	17
	18	/***************************************
	19	@@ -1287,7 +1289,7 @@ typedef unsigned int UTItype __attribute
	20	"rJ" ((USItype)(al)), \
	21	"rI" ((USItype)(bl)) \
	22	__CLOBBER_CC)
	23	-#if defined (__sparc_v8__) \|\| defined(__sparcv8)
	24	+#if defined (__sparc_v8__) \|\| defined(__sparcv8) \|\| defined (__sparc__)
	25	/* Don't match immediate range because, 1) it is not often useful,
	26	2) the 'I' flag thinks of the range as a 13 bit signed interval,
	27	while we want to match a 13 bit interval, sign extended to 32 bits,