Bug 220744 - security/softhsm2: Update to 2.3.0
Summary: security/softhsm2: Update to 2.3.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Danilo G. Baio
URL: https://reviews.freebsd.org/D11607
Keywords:
Depends on:
Blocks: 218701
  Show dependency treegraph
 
Reported: 2017-07-15 11:28 UTC by jaap
Modified: 2017-07-18 11:40 UTC (History)
1 user (show)

See Also:


Attachments
patch to upgrade (3.28 KB, patch)
2017-07-15 11:28 UTC, jaap
jaap: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description jaap 2017-07-15 11:28:14 UTC
Created attachment 184371 [details]
patch to upgrade

This upgrade also takes care of the probem signalled in <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218701>.


Updates:
* Issue #130: Upgraded to PKCS#11 v2.40.
  * Minor changes to some return values.
  * Added CKA_DESTROYABLE to all objects. Used by C_DestroyObject().
  * Added CKA_PUBLIC_KEY_INFO to certificates, private, and public key
    objects. Will be accepted from application, but SoftHSM will
    currently not calculate it.
* Issue #142: Support for CKM_AES_CTR.
* Issue #155: Add unit tests for SessionManager.
* Issue #189: C_DigestKey returns CKR_KEY_INDIGESTIBLE when key
  attribute CKA_EXTRACTABLE =3D false. Whitelist SHA algorithms to allow
  C_DigestKey in this case.
* Issue #225: Show slot id after initialization.
* Issue #247: Run AppVeyor (Windows CI) for each PR and merge.
* Issue #257: Set CKA_DECRYPT/CKA_ENCRYPT flags on key import to true.
  (Patch from Martin Domke)
* Issue #261: Add support for libeaycompat lib for FIPS on Windows.
  (Patch from Matt Hauck)
* Issue #262: Support importing ECDSA P-521 in softhsm-util.
* Issue #276: Support for Botan 2.0.
* Issue #279: Editorial changes from Mountain Lion to Sierra.
  (Patch from Mike Neumann)
* Issue #283: More detailed error messages when initializing SoftHSM.
* Issue #285: Support for LibreSSL.
  (Patch from Alon Bar-Lev)
* Issue #286: Update .gitignore.
  (Patch from Alon Bar-Lev)
* Issue #291: Change to enable builds and reports on new Jenkinks
  environment.
* Issue #293: Detect cppunit in autoconf.
  (Patch from Alon Bar-Lev)
* Issue #309: CKO_CERTIFICATE and CKO_PUBLIC_KEY now defaults to
  CKA_PRIVATE=3Dfalse.
* Issue #314: Update README with information about logging.
* Issue #330: Adjust log levels for failing to enumerate object store.
  (Patch from Nikos Mavrogiannopoulos)

Bugfixes:
* Issue #216: Better handling of CRYPTO_set_locking_callback() for OpenSSL.
* Issue #265: Fix deriving shared secret with ECC.
* Issue #280: HMAC with sizes less than L bytes is strongly discouraged.
  Set a lower bound equal to L bytes in ulMinKeySize and check it when
  initializing the operation.
* Issue #281: Fix test of p11 shared library.
  (Patch from Lars Silv=C3=A9n)
* Issue #289: Minor fix of 'EVP_CipherFinal_ex'.
  (Patch from Viktor Tarasov)
* Issue #297: Fix build with cppunit.
  (Patch from Ludovic Rousseau)
* Issue #302: Export PKCS#11 symbols from the library.
  (Patch from Ludovic Rousseau)
* Issue #305: Zero pad key to fit the block in CKM_AES_KEY_WRAP.
* Issue #313: Detecting CppUnit when using Macports.
  (Patch from mouse07410)
Comment 1 commit-hook freebsd_committer 2017-07-17 15:19:10 UTC
A commit references this bug:

Author: dbaio
Date: Mon Jul 17 15:18:37 UTC 2017
New revision: 446078
URL: https://svnweb.freebsd.org/changeset/ports/446078

Log:
  security/softhsm2: Update to 2.3.0, Fix build with SQLITE3 storage backend

  Disable support for GOST if openssl-devel is used

  Add option SQLITE (optional) to fix build with SQLITE3 storage backend [1]

  While here:
    Add LICENSE_FILE
    Add USES= ssl (Q/A warning)

  PR:		220744
  PR:		218701 [1]
  Submitted by:	jaap@NLnetLabs.nl (maintainer)
  Submitted by:	sergey@akhmatov.ru [1]
  Approved by:	garga (mentor)
  MFH:		2017Q3
  Differential Revision:	https://reviews.freebsd.org/D11607

Changes:
  head/security/softhsm2/Makefile
  head/security/softhsm2/distinfo
  head/security/softhsm2/files/
  head/security/softhsm2/files/patch-src_lib_object__store_DB.h
  head/security/softhsm2/pkg-plist
Comment 2 commit-hook freebsd_committer 2017-07-18 11:37:44 UTC
A commit references this bug:

Author: dbaio
Date: Tue Jul 18 11:37:27 UTC 2017
New revision: 446138
URL: https://svnweb.freebsd.org/changeset/ports/446138

Log:
  MFH: r446078 r446079

  security/softhsm2: Update to 2.3.0, Fix build with SQLITE3 storage backend

  Disable support for GOST if openssl-devel is used

  Add option SQLITE (optional) to fix build with SQLITE3 storage backend [1]

  While here:
    Add LICENSE_FILE
    Add USES= ssl (Q/A warning)

  PR:		220744
  PR:		218701 [1]
  Submitted by:	jaap@NLnetLabs.nl (maintainer)
  Submitted by:	sergey@akhmatov.ru [1]
  Approved by:	ports-secteam (junovitch), garga (mentor)
  Differential Revision:	https://reviews.freebsd.org/D11607

Changes:
_U  branches/2017Q3/
  branches/2017Q3/security/softhsm2/Makefile
  branches/2017Q3/security/softhsm2/distinfo
  branches/2017Q3/security/softhsm2/files/
  branches/2017Q3/security/softhsm2/pkg-plist
Comment 3 Danilo G. Baio freebsd_committer 2017-07-18 11:40:32 UTC
Committed, thanks.