Index: devel/qca/Makefile =================================================================== --- devel/qca/Makefile (revision 461733) +++ devel/qca/Makefile (working copy) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= qca -PORTVERSION= 2.1.1 -PORTREVISION= 1 +PORTVERSION= 2.1.3 CATEGORIES= devel MASTER_SITES= KDE/stable/qca/${PORTVERSION}/src @@ -10,6 +9,8 @@ MAINTAINER= kde@FreeBSD.org COMMENT?= Cross-platform crypto API for Qt 4 +LICENSE= LGPL21 + BUILD_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss Index: devel/qca/distinfo =================================================================== --- devel/qca/distinfo (revision 461733) +++ devel/qca/distinfo (working copy) @@ -1,2 +1,3 @@ -SHA256 (qca-2.1.1.tar.xz) = 95de3e7910b5f9ec7084169989c9d98bfb527e6a4865fe17269c3b24308be983 -SIZE (qca-2.1.1.tar.xz) = 688460 +TIMESTAMP = 1518721004 +SHA256 (qca-2.1.3.tar.xz) = 003fd86a32421057a03b18a8168db52e2940978f9db5ebbb6a08882f8ab1e353 +SIZE (qca-2.1.3.tar.xz) = 686340 Index: devel/qca/files/patch-git_601fd3 =================================================================== --- devel/qca/files/patch-git_601fd3 (revision 461733) +++ devel/qca/files/patch-git_601fd3 (nonexistent) @@ -1,39 +0,0 @@ -From 601fd3a05141c614ae48a3ddac44194d669eaae1 Mon Sep 17 00:00:00 2001 -From: Rolf Eike Beer -Date: Mon, 27 Jun 2016 12:55:51 +0200 -Subject: fix base64 decoding on ARM - -This code was broken on ARM and other architectures where "char" is unsigned by -default. - -First, it breaks with newer compilers with errors like: - - .../src/qca_textfilter.cpp:314:2: error: narrowing conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing] - -Second, if the compiler would just allow this conversion then the unsigned char -would hold 255, which would not be sign extended when cast to an int later, so -all the checks "< 0" will never trigger, and so invalid input characters cannot -be detected. - -REVIEW:128295 -BUG:364495 ---- - src/qca_textfilter.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/qca_textfilter.cpp b/src/qca_textfilter.cpp -index 9889a24..3baf511 100644 ---- src/qca_textfilter.cpp -+++ src/qca_textfilter.cpp -@@ -293,7 +293,7 @@ static QByteArray b64decode(const QByteArray &s, bool *ok) - // 64 specifies eof - // everything else specifies data - -- static char tbl[] = -+ static signed char tbl[] = - { - -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, - -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, --- -cgit v0.11.2 - Property changes on: devel/qca/files/patch-git_601fd3 ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: devel/qca/files/patch-git_d58e20 =================================================================== --- devel/qca/files/patch-git_d58e20 (nonexistent) +++ devel/qca/files/patch-git_d58e20 (working copy) @@ -0,0 +1,300 @@ +From d58e20ee652038dc4ec4fe4765dc3639ed735526 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Sat, 16 Dec 2017 22:29:40 +0100 +Subject: Add support for OpenSSL 1.1.0 + +Test Plan: +Ran the testsuite with OpenSSL 1.1.0g and 1.0.2j, all passed. +Using this code with kdeconnect and okteta successfully on my system now. + +Reviewers: iromanov + +Subscribers: anthonyfieroni, alonbl, heikobecker, cfeck, asturmlechner, bero, rdieter + +Differential Revision: https://phabricator.kde.org/D9416 +--- plugins/qca-ossl/ossl110-compat.h.orig 2018-02-14 20:19:15 UTC ++++ plugins/qca-ossl/ossl110-compat.h +@@ -0,0 +1,283 @@ ++/* ++ * Copyright (C) 2017 Gabriel Souza Franco ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ * ++ */ ++ ++#ifndef OSSL110COMPAT_H ++#define OSSL110COMPAT_H ++ ++#include ++#include ++#include ++#include ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define RSA_F_RSA_METH_DUP 161 ++ ++static void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) ++{ ++ if (pr) ++ *pr = sig->r; ++ if (ps) ++ *ps = sig->s; ++} ++ ++static int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) ++{ ++ if (!sig) return 0; ++ sig->r = r; ++ sig->s = s; ++ return 1; ++} ++ ++static void DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++ if (p) ++ *p = dsa->p; ++ if (q) ++ *q = dsa->q; ++ if (g) ++ *g = dsa->g; ++} ++ ++static int DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ if (!dsa) return 0; ++ dsa->p = p; ++ dsa->q = q; ++ dsa->g = g; ++ return 1; ++} ++ ++static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++ if (n) ++ *n = rsa->n; ++ if (e) ++ *e = rsa->e; ++ if (d) ++ *d = rsa->d; ++} ++ ++static int RSA_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d) ++{ ++ if (!rsa) return 0; ++ rsa->n = n; ++ rsa->e = e; ++ rsa->d = d; ++ return 1; ++} ++ ++static void RSA_get0_factors(const RSA *rsa, const BIGNUM **p, const BIGNUM **q) ++{ ++ if (p) ++ *p = rsa->p; ++ if (q) ++ *q = rsa->q; ++} ++ ++static int RSA_set0_factors(RSA *rsa, BIGNUM *p, BIGNUM *q) ++{ ++ if (!rsa) return 0; ++ rsa->p = p; ++ rsa->q = q; ++ return 1; ++} ++ ++static void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++ if (p) ++ *p = dh->p; ++ if (q) ++ *q = dh->q; ++ if (g) ++ *g = dh->g; ++} ++ ++static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ if (!dh) return 0; ++ dh->p = p; ++ dh->q = q; ++ dh->g = g; ++ return 1; ++} ++ ++static void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key) ++ *pub_key = dh->pub_key; ++ if (priv_key) ++ *priv_key = dh->priv_key; ++} ++ ++static int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) ++{ ++ if (!dh) return 0; ++ dh->pub_key = pub_key; ++ dh->priv_key = priv_key; ++ return 1; ++} ++ ++static void DSA_get0_key(const DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key) ++ *pub_key = dsa->pub_key; ++ if (priv_key) ++ *priv_key = dsa->priv_key; ++} ++ ++static int DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key) ++{ ++ if (!dsa) return 0; ++ dsa->pub_key = pub_key; ++ dsa->priv_key = priv_key; ++ return 1; ++} ++ ++static void X509_SIG_getm(const X509_SIG *sig, X509_ALGOR **palg, ASN1_OCTET_STRING **pdigest) ++{ ++ if (palg) ++ *palg = sig->algor; ++ if (pdigest) ++ *pdigest = sig->digest; ++} ++ ++static void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg) ++{ ++ if (psig) ++ *psig = req->signature; ++ if (palg) ++ *palg = req->sig_alg; ++} ++ ++static void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg) ++{ ++ if (psig) ++ *psig = crl->signature; ++ if (palg) ++ *palg = crl->sig_alg; ++} ++ ++static RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) ++{ ++ if (!meth) ++ return NULL; ++ ++ RSA_METHOD *_meth = (RSA_METHOD *) OPENSSL_malloc(sizeof(*_meth)); ++ ++ if (!_meth) ++ { ++ RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ memcpy(_meth, meth, sizeof(*_meth)); ++ _meth->name = strdup(meth->name); ++ if (!_meth->name) { ++ OPENSSL_free(_meth); ++ RSAerr(RSA_F_RSA_METH_DUP, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ return _meth; ++} ++ ++static int RSA_meth_set_priv_enc(RSA_METHOD *rsa, int (*priv_enc) (int flen, const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding)) ++{ ++ if (!rsa) return 0; ++ rsa->rsa_priv_enc = priv_enc; ++ return 1; ++} ++ ++static int RSA_meth_set_priv_dec(RSA_METHOD *rsa, int (*priv_dec) (int flen, const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding)) ++{ ++ if (!rsa) return 0; ++ rsa->rsa_priv_dec = priv_dec; ++ return 1; ++} ++ ++static int RSA_meth_set_sign(RSA_METHOD *meth, int (*sign) (int type, const unsigned char *m, ++ unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const RSA *rsa)) ++{ ++ if (!meth) return 0; ++ meth->rsa_sign = sign; ++ return 1; ++} ++ ++static int RSA_meth_set_verify(RSA_METHOD *meth, int (*verify) (int dtype, const unsigned char *m, ++ unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)) ++{ ++ if (!meth) return 0; ++ meth->rsa_verify = verify; ++ return 1; ++} ++ ++static int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa)) ++{ ++ if (!meth) return 0; ++ meth->finish = finish; ++ return 1; ++} ++ ++static HMAC_CTX *HMAC_CTX_new() ++{ ++ HMAC_CTX *ctx = (HMAC_CTX *) OPENSSL_malloc(sizeof(HMAC_CTX)); ++ if (ctx) ++ HMAC_CTX_init(ctx); ++ return ctx; ++} ++ ++static void HMAC_CTX_free(HMAC_CTX *ctx) ++{ ++ if (!ctx) ++ return; ++ HMAC_CTX_cleanup(ctx); ++ EVP_MD_CTX_cleanup(&ctx->i_ctx); ++ EVP_MD_CTX_cleanup(&ctx->o_ctx); ++ EVP_MD_CTX_cleanup(&ctx->md_ctx); ++ OPENSSL_free(ctx); ++} ++ ++#define ASN1_STRING_get0_data(...) (const unsigned char*)ASN1_STRING_data(__VA_ARGS__) ++ ++#define EVP_MD_CTX_new(...) EVP_MD_CTX_create(__VA_ARGS__) ++#define EVP_MD_CTX_free(...) EVP_MD_CTX_destroy(__VA_ARGS__) ++ ++#define EVP_PKEY_up_ref(pkey) CRYPTO_add(&(pkey)->references, 1, CRYPTO_LOCK_EVP_PKEY) ++#define X509_up_ref(cert) CRYPTO_add(&(cert)->references, 1, CRYPTO_LOCK_X509) ++#define X509_CRL_up_ref(crl) CRYPTO_add(&(crl)->references, 1, CRYPTO_LOCK_X509_CRL) ++ ++#define EVP_PKEY_id(pky) (pky)->type ++#define EVP_PKEY_get0_DSA(pky) (pky)->pkey.dsa ++#define EVP_PKEY_get0_RSA(pky) (pky)->pkey.rsa ++#define EVP_PKEY_get0_DH(pky) (pky)->pkey.dh ++ ++#define X509_CRL_get0_lastUpdate X509_CRL_get_lastUpdate ++#define X509_CRL_get0_nextUpdate X509_CRL_get_nextUpdate ++ ++#define X509_REQ_get_signature_nid(req) OBJ_obj2nid((req)->sig_alg->algorithm) ++#define X509_CRL_get_signature_nid(crl) OBJ_obj2nid((crl)->sig_alg->algorithm) ++ ++#define X509_REVOKED_get0_serialNumber(rev) (rev)->serialNumber ++#define X509_REVOKED_get0_revocationDate(rev) (rev)->revocationDate ++ ++#endif // OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#endif // OSSL110COMPAT_H Property changes on: devel/qca/files/patch-git_d58e20 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt =================================================================== --- devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt (revision 461733) +++ devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt (nonexistent) @@ -1,28 +0,0 @@ -qca-ossl: Fix build without support for SHA-0 -https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156 - -LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha -anymore. -Wikipedia says about SHA-0: "160-bit hash function published in 1993 -under the name SHA. It was withdrawn shortly after publication due to -an undisclosed "significant flaw" and replaced by the slightly revised -version SHA-1.' - -REVIEW: 125387 - ---- plugins/qca-ossl/CMakeLists.txt.orig -+++ plugins/qca-ossl/CMakeLists.txt -@@ -24,6 +24,13 @@ - else(HAVE_OPENSSL_AES_CTR) - message(WARNING "qca-ossl will be compiled without AES CTR mode encryption support") - endif(HAVE_OPENSSL_AES_CTR) -+ -+ check_function_exists(EVP_sha HAVE_OPENSSL_SHA0) -+ if(HAVE_OPENSSL_SHA0) -+ add_definitions(-DHAVE_OPENSSL_SHA0) -+ else(HAVE_OPENSSL_SHA0) -+ message(WARNING "qca-ossl will be compiled without SHA-0 digest algorithm support") -+ endif(HAVE_OPENSSL_SHA0) - - set(QCA_OSSL_SOURCES qca-ossl.cpp) - Property changes on: devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp =================================================================== --- devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (revision 461733) +++ devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (nonexistent) @@ -1,73 +0,0 @@ -qca-ossl: Fix build without SSLv3 -http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232 - -This fixes building with LibreSSL >= 2.3.0 which has removed support -for SSLv3 completely. As far as I know OpenSSL can be configured to -build without it, so it might be helpful there as well. - -REVIEW: 125386 - -qca-ossl: Fix build without support for SHA-0 -https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156 - -LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha -anymore. -Wikipedia says about SHA-0: "160-bit hash function published in 1993 -under the name SHA. It was withdrawn shortly after publication due to -an undisclosed "significant flaw" and replaced by the slightly revised -version SHA-1.' - -REVIEW: 125387 - -Also includes: -qca-ossl: Remove SHA0 from all_hash_types() when it is not available. -https://git.reviewboard.kde.org/r/128700/ - ---- plugins/qca-ossl/qca-ossl.cpp.orig 2015-10-02 09:39:21 UTC -+++ plugins/qca-ossl/qca-ossl.cpp -@@ -5403,9 +5403,11 @@ public: - ctx = SSL_CTX_new(SSLv2_client_method()); - break; - #endif -+#ifndef OPENSSL_NO_SSL3_METHOD - case TLS::SSL_v3: - ctx = SSL_CTX_new(SSLv3_client_method()); - break; -+#endif - case TLS::TLS_v1: - ctx = SSL_CTX_new(TLSv1_client_method()); - break; -@@ -5805,7 +5807,11 @@ public: - { - SessionInfo sessInfo; - -- sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session)); -+#ifndef OPENSSL_NO_COMP -+ sessInfo.isCompressed = (0 != ssl->session->compress_meth); -+#else -+ sessInfo.isCompressed = 0; -+#endif - - if (ssl->version == TLS1_VERSION) - sessInfo.version = TLS::TLS_v1; -@@ -6880,7 +6886,9 @@ static QStringList all_hash_types() - { - QStringList list; - list += "sha1"; -+#ifdef HAVE_OPENSSL_SHA0 - list += "sha0"; -+#endif - list += "ripemd160"; - #ifdef HAVE_OPENSSL_MD2 - list += "md2"; -@@ -7133,8 +7141,10 @@ public: - return new opensslInfoContext(this); - else if ( type == "sha1" ) - return new opensslHashContext( EVP_sha1(), this, type); -+#ifdef HAVE_OPENSSL_SHA0 - else if ( type == "sha0" ) - return new opensslHashContext( EVP_sha(), this, type); -+#endif - else if ( type == "ripemd160" ) - return new opensslHashContext( EVP_ripemd160(), this, type); - #ifdef HAVE_OPENSSL_MD2 Property changes on: devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property