[gentoo-commits] repo/gentoo:master commit in: profiles/, dev-libs/openssl/files/, dev-libs/openssl/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: profiles/, dev-libs/openssl/files/, dev-libs/openssl/
Date:	Thu, 30 Jun 2022 19:32:57
Message-Id:	`1656617564.e875040ac623c2937f6d2a6592e57494ba0d07ad.sam@gentoo`

1

commit:     e875040ac623c2937f6d2a6592e57494ba0d07ad

2

Author:     Sam James <sam <AT> gentoo <DOT> org>

3

AuthorDate: Thu Jun 30 19:20:37 2022 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Thu Jun 30 19:32:44 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e875040a

7

8

dev-libs/openssl: backport test fix for 1.1.1p

9

10

Signed-off-by: Sam James <sam <AT> gentoo.org>

11

12

 .../files/openssl-1.1.1p-fix-test-build.patch      | 46 ++++++++++++++++++++++

13

 dev-libs/openssl/openssl-1.1.1p.ebuild             |  3 +-

14

 profiles/package.mask                              |  4 +-

15

 3 files changed, 49 insertions(+), 4 deletions(-)

16

17

diff --git a/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch

18

new file mode 100644

19

index 000000000000..f96e54f3127e

20

--- /dev/null

21

+++ b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch

22

@@ -0,0 +1,46 @@

23

+https://github.com/openssl/openssl/issues/18619

24

+https://github.com/openssl/openssl/pull/18634

25

+https://github.com/openssl/openssl/commit/665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232

26

+

27

+From 665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232 Mon Sep 17 00:00:00 2001

28

+From: Bernd Edlinger <bernd.edlinger@×××××××.de>

29

+Date: Fri, 17 Jun 2022 10:25:24 +0200

30

+Subject: [PATCH] Fix compile issues in test/v3ext.c with no-rfc3779

31

+

32

+There are no ASIdentifiers if OPENSSL_NO_RFC3779 is defined,

33

+therefore the test cannot be compiled.

34

+

35

+Reviewed-by: Matt Caswell <matt@×××××××.org>

36

+Reviewed-by: Tomas Mraz <tomas@×××××××.org>

37

+Reviewed-by: Paul Dale <pauli@×××××××.org>

38

+(Merged from https://github.com/openssl/openssl/pull/18634)

39

+

40

+(cherry picked from commit b76efe61ea9710a8f69e1cb8caf1aeb2ba6f1ebe)

41

+--- a/test/v3ext.c

42

++++ b/test/v3ext.c

43

+@@ -37,6 +37,7 @@ static int test_pathlen(void)

44

+     return ret;

45

+ }

46

+

47

++#ifndef OPENSSL_NO_RFC3779

48

+ static int test_asid(void)

49

+ {

50

+     ASN1_INTEGER *val1 = NULL, *val2 = NULL;

51

+@@ -113,6 +114,7 @@ static int test_asid(void)

52

+     ASIdentifiers_free(asid4);

53

+     return testresult;

54

+ }

55

++#endif /* OPENSSL_NO_RFC3779 */

56

+

57

+ OPT_TEST_DECLARE_USAGE("cert.pem\n")

58

+

59

+@@ -127,6 +129,8 @@ int setup_tests(void)

60

+         return 0;

61

+

62

+     ADD_TEST(test_pathlen);

63

++#ifndef OPENSSL_NO_RFC3779

64

+     ADD_TEST(test_asid);

65

++#endif /* OPENSSL_NO_RFC3779 */

66

+     return 1;

67

+ }

68

+

69

70

diff --git a/dev-libs/openssl/openssl-1.1.1p.ebuild b/dev-libs/openssl/openssl-1.1.1p.ebuild

71

index 90f1683c106f..f4af78d2c330 100644

72

--- a/dev-libs/openssl/openssl-1.1.1p.ebuild

73

+++ b/dev-libs/openssl/openssl-1.1.1p.ebuild

74

@@ -1,7 +1,7 @@

75

 # Copyright 1999-2022 Gentoo Authors

76

 # Distributed under the terms of the GNU General Public License v2

77

78

-EAPI=7

79

+EAPI=8

80

81

 VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/openssl.org.asc

82

 inherit edo flag-o-matic toolchain-funcs multilib-minimal verify-sig

83

@@ -47,6 +47,7 @@ PATCHES=(

84

 	# If they're Gentoo specific, add to USE=-vanilla logic in src_prepare!

85

 	"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602

86

 	"${FILESDIR}"/${PN}-1.1.1i-riscv32.patch

87

+	"${FILESDIR}"/${P}-fix-test-build.patch

88

)

89

90

 pkg_setup() {

91

92

diff --git a/profiles/package.mask b/profiles/package.mask

93

index fa6249c522e1..e9663afb0ce2 100644

94

--- a/profiles/package.mask

95

+++ b/profiles/package.mask

96

@@ -46,11 +46,9 @@ gnome-extra/gtkhtml

97

98

 # Sam James <sam@g.o> (2022-06-29)

99

 # Pre-emptively mask broken upstream versions.

100

-# 1. openssl 1.1.1o fails tests (https://github.com/openssl/openssl/issues/18619)

101

-# 2. openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625)

102

+# openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625)

103

 # Gentoo isn't vulnerable to the original CVE which caused these releases

104

 # (CVE-2022-2068) as we have our own rehash script.

105

-=dev-libs/openssl-1.1.1p

106

 =dev-libs/openssl-3.0.4

107

108

 # Piotr Karbowski <slashbeast@g.o> (2022-06-26)

1	commit: e875040ac623c2937f6d2a6592e57494ba0d07ad
2	Author: Sam James <sam <AT> gentoo <DOT> org>
3	AuthorDate: Thu Jun 30 19:20:37 2022 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Thu Jun 30 19:32:44 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e875040a
7
8	dev-libs/openssl: backport test fix for 1.1.1p
9
10	Signed-off-by: Sam James <sam <AT> gentoo.org>
11
12	.../files/openssl-1.1.1p-fix-test-build.patch \| 46 ++++++++++++++++++++++
13	dev-libs/openssl/openssl-1.1.1p.ebuild \| 3 +-
14	profiles/package.mask \| 4 +-
15	3 files changed, 49 insertions(+), 4 deletions(-)
16
17	diff --git a/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch
18	new file mode 100644
19	index 000000000000..f96e54f3127e
20	--- /dev/null
21	+++ b/dev-libs/openssl/files/openssl-1.1.1p-fix-test-build.patch
22	@@ -0,0 +1,46 @@
23	+https://github.com/openssl/openssl/issues/18619
24	+https://github.com/openssl/openssl/pull/18634
25	+https://github.com/openssl/openssl/commit/665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232
26	+
27	+From 665ab12ed3f0d78e7cb6a55cdd2b83a2fe150232 Mon Sep 17 00:00:00 2001
28	+From: Bernd Edlinger <bernd.edlinger@×××××××.de>
29	+Date: Fri, 17 Jun 2022 10:25:24 +0200
30	+Subject: [PATCH] Fix compile issues in test/v3ext.c with no-rfc3779
31	+
32	+There are no ASIdentifiers if OPENSSL_NO_RFC3779 is defined,
33	+therefore the test cannot be compiled.
34	+
35	+Reviewed-by: Matt Caswell <matt@×××××××.org>
36	+Reviewed-by: Tomas Mraz <tomas@×××××××.org>
37	+Reviewed-by: Paul Dale <pauli@×××××××.org>
38	+(Merged from https://github.com/openssl/openssl/pull/18634)
39	+
40	+(cherry picked from commit b76efe61ea9710a8f69e1cb8caf1aeb2ba6f1ebe)
41	+--- a/test/v3ext.c
42	++++ b/test/v3ext.c
43	+@@ -37,6 +37,7 @@ static int test_pathlen(void)
44	+ return ret;
45	+ }
46	+
47	++#ifndef OPENSSL_NO_RFC3779
48	+ static int test_asid(void)
49	+ {
50	+ ASN1_INTEGER val1 = NULL, val2 = NULL;
51	+@@ -113,6 +114,7 @@ static int test_asid(void)
52	+ ASIdentifiers_free(asid4);
53	+ return testresult;
54	+ }
55	++#endif /* OPENSSL_NO_RFC3779 */
56	+
57	+ OPT_TEST_DECLARE_USAGE("cert.pem\n")
58	+
59	+@@ -127,6 +129,8 @@ int setup_tests(void)
60	+ return 0;
61	+
62	+ ADD_TEST(test_pathlen);
63	++#ifndef OPENSSL_NO_RFC3779
64	+ ADD_TEST(test_asid);
65	++#endif /* OPENSSL_NO_RFC3779 */
66	+ return 1;
67	+ }
68	+
69
70	diff --git a/dev-libs/openssl/openssl-1.1.1p.ebuild b/dev-libs/openssl/openssl-1.1.1p.ebuild
71	index 90f1683c106f..f4af78d2c330 100644
72	--- a/dev-libs/openssl/openssl-1.1.1p.ebuild
73	+++ b/dev-libs/openssl/openssl-1.1.1p.ebuild
74	@@ -1,7 +1,7 @@
75	# Copyright 1999-2022 Gentoo Authors
76	# Distributed under the terms of the GNU General Public License v2
77
78	-EAPI=7
79	+EAPI=8
80
81	VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/openssl.org.asc
82	inherit edo flag-o-matic toolchain-funcs multilib-minimal verify-sig
83	@@ -47,6 +47,7 @@ PATCHES=(
84	# If they're Gentoo specific, add to USE=-vanilla logic in src_prepare!
85	"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602
86	"${FILESDIR}"/${PN}-1.1.1i-riscv32.patch
87	+ "${FILESDIR}"/${P}-fix-test-build.patch
88	)
89
90	pkg_setup() {
91
92	diff --git a/profiles/package.mask b/profiles/package.mask
93	index fa6249c522e1..e9663afb0ce2 100644
94	--- a/profiles/package.mask
95	+++ b/profiles/package.mask
96	@@ -46,11 +46,9 @@ gnome-extra/gtkhtml
97
98	# Sam James <sam@g.o> (2022-06-29)
99	# Pre-emptively mask broken upstream versions.
100	-# 1. openssl 1.1.1o fails tests (https://github.com/openssl/openssl/issues/18619)
101	-# 2. openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625)
102	+# openssl 3.0.4 has a buffer overflow w/ AVX512 (https://github.com/openssl/openssl/issues/18625)
103	# Gentoo isn't vulnerable to the original CVE which caused these releases
104	# (CVE-2022-2068) as we have our own rehash script.
105	-=dev-libs/openssl-1.1.1p
106	=dev-libs/openssl-3.0.4
107
108	# Piotr Karbowski <slashbeast@g.o> (2022-06-26)

Gentoo Archives: gentoo-commits