Bug 245008

Summary: security/softhsm2: Update to 2.6.0 (actually 2.6.1)
Product: Ports & Packages Reporter: Jaap Akkerhuis <jaap>
Component: Individual Port(s)Assignee: Hiroki Tagato <tagattie>
Status: Closed FIXED    
Severity: Affects Only Me CC: tagattie
Priority: --- Keywords: needs-qa
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to update
jaap: maintainer-approval+
improved patch to update
none
improved again patch to upgrade
jaap: maintainer-approval+
Patch to update jaap: maintainer-approval+

Description Jaap Akkerhuis 2020-03-23 16:06:05 UTC 
Created attachment 212648 [details]
patch to update

SoftHSM version 2.6.0 has just been released.  This is mostly
a continued development of SoftHSMv2, and thus should replace
the 2.5 branch to receive any patches.

See also NEWS at https://www.opendnssec.org

No migration, configuration changes or path changes are necessary
and the build configuration should not need changing.

Improvements:
* Issue #493: Upgrade to Botan 2.
* Issue #530: Update appveyor build.
* Issue #438: Detect crypto algorithms by default.
  (Patch from Alon Bar-Lev)
* Issue #455: Provide a new configuration option to allow enabling and
  disabling various mechanisms (slots.mechanisms in the softhsm2.conf).
  (Thanks to Jakub Jelen)
* Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes.
  (Patch from Jan Luebbe)
* Issue #513: Add configuration option to reset state on fork closing all
  sessions rather than keeping all sessions open in duplicate process.
  (Thanks to Anderson Toshiyuki Sasaki)
* Issue #500: C_WaitForSlotEvent implementation.
  (Patch from massey101)
* Issue #445: Add wrap support with CKM_AES_CBC.

Bugfixes:
* Issue #418: Set fields to NULL to avoid double free.
  (Patch from Brian J Murray)
* Issue #423: ENGINE_load_rdrand is not supported with older openssl.
  (Patch from Alon Bar-Lev)
* Issue #429: Updated prerequisite to build from repository.
  (Patch from Dharmesh Khandelwal)
* Issue #434: Fix build issues with CMake.
  (Patch from Peter Wu)
* Issue #435: Fix botan build without EDDSA.
  (Patch from Peter Wu)
* Issue #442: Release resources from OSSLEVPSymmetricAlgorithm.
  (Patch from Petr Menšík)
* Issue #449/#502: Do not copy zero sized buffer avoid null pointer
  reference.  (Patch from space88man)
* Issue #464: Race condition with multiple threads closing last session and
  opening a newer sessions.
  (Patch from Takarth)
* Issue #452: Fixes to automake build fir undefined macros.
* Issue #462: User PIN count wrongly calculated.
  (Patch from Ondřej Hlavatý)
* Issue #516: Fix memory leak in OSSLCryptoFactory.
  (Patch from Anderson Sasaki)
* Issue #494: Allow null pointers as arguments when count is zero.
  (Patch from Yunjong Jeong)
* Issue #518: Sporadic problem in closing sessions because of lookup of
  object without prior locking.
* Issue #506: Check key type for C_EncryptInit and C_DecryptInit.
  (Patch from Yunjong Jeong)
* Issue #526: Adjust EDDSA code to return valid EC_PARAMS.
  (Patch from Jakub Jelen)
* Issue #452: Autogen failure on undefined macro AC_MSG_ERROR.
* Issue #527: Fixed some build errors for GCC 10.
* Issue #470: Null pointer arguments validation for C_EncryptFinal, etc.
Comment 1 Hiroki Tagato freebsd_committer freebsd_triage 2020-04-29 06:12:01 UTC 
Hi,

After applying the patch, there are two lines of OPTIONS_DEFAULT.

OPTIONS_DEFAULT=        CRYP_OPEN SQLITE MIGRATE
OPTIONS_DEFAULT=        CRYP_BOTAN SQLITE MIGRATE

I guess that is by accident. Can you update the patch?
Comment 2 Jaap Akkerhuis 2020-04-29 09:25:29 UTC 
Created attachment 213905 [details]
improved patch to update
Comment 3 Jaap Akkerhuis 2020-04-29 09:26:30 UTC 
(In reply to Hiroki Tagato from comment #1)
Yes, you are right, sorry for that. It was  leftover from testing the botan version. I've attached a new patch.
Comment 4 Hiroki Tagato freebsd_committer freebsd_triage 2020-04-29 11:12:27 UTC 
(In reply to Jaap Akkerhuis from comment #3)

Thanks for updating the patch.

I tried to build the port with poudriere and got the following error:


=======================<phase: patch          >============================
===>  Patching for softhsm2-2.6.0
===>  Applying FreeBSD patches for softhsm2-2.6.0
Ignoring previously applied (or reversed) patch.
1 out of 1 hunks ignored--saving rejects to src/lib/crypto/OSSLCryptoFactory.cpp.rej
=> FreeBSD patch patch-src_lib_crypto_OSSLCryptoFactory.cpp failed to apply cleanly.
*** Error code 1

Stop.


Can you look into this?
Comment 5 Jaap Akkerhuis 2020-04-29 11:32:09 UTC 
Created attachment 213908 [details]
improved again patch to upgrade

(In reply to Hiroki Tagato from comment #4)

Ai, the patches are not needed anymore. Next patch will remove them, sorry about forgetting to add that bit.
Comment 6 Jaap Akkerhuis 2020-04-30 07:16:31 UTC 
Today  new release got announce, 2.6.1. We might consider to skip this version and o directly to 2.6.1.

A Direct jump to 2.6.1 seems more user friendly to me.
Comment 7 Hiroki Tagato freebsd_committer freebsd_triage 2020-04-30 07:26:37 UTC 
(In reply to Jaap Akkerhuis from comment #6)

I see. Can you update the patch to 2.6.1?
Comment 8 Jaap Akkerhuis 2020-04-30 08:50:34 UTC 
(In reply to Hiroki Tagato from comment #7)
Testing on builds on my poudriere systems and in a teleconf now, but will send you in an hour or so.
Comment 9 Jaap Akkerhuis 2020-04-30 09:28:39 UTC 
Created attachment 213938 [details]
Patch to update

This update makes it actually version 2.6.1

From the release notes: This release 2.6.1 mostly improves upon some compilation issues on specific platforms
Comment 10 commit-hook freebsd_committer freebsd_triage 2020-05-01 08:48:49 UTC 
A commit references this bug:

Author: tagattie
Date: Fri May  1 08:48:45 UTC 2020
New revision: 533528
URL: https://svnweb.freebsd.org/changeset/ports/533528

Log:
  Update to 2.6.1

  PR:		245008
  Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
  Approved by:	ehaupt (mentor)
  Changelog:	https://www.opendnssec.org/2020/04/softhsm-2-6-0/
  		https://www.opendnssec.org/2020/04/1602/

Changes:
  head/security/softhsm2/Makefile
  head/security/softhsm2/distinfo
  head/security/softhsm2/files/patch-src_lib_crypto_OSSLCryptoFactory.cpp
  head/security/softhsm2/files/patch-src_lib_object__store_DB.h
Comment 11 Hiroki Tagato freebsd_committer freebsd_triage 2020-05-01 08:49:54 UTC 
Committed, thanks!