Replace patch-ab with upstream version, see

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=817472358a093438e802380caecf7139406400cf;hp=8c5eee51d9a25b143e41ffb7ff4a6b2a29b82d83

Bump PKGREVISION.

4 files changed, 61 insertions, 52 deletions

diff --git a/security/libgcrypt/Makefile b/security/libgcrypt/Makefile
index 4881fe67db7..697de74e53c 100644
--- a/security/libgcrypt/Makefile
+++ b/security/libgcrypt/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.68 2014/10/09 14:06:52 wiz Exp $
+# $NetBSD: Makefile,v 1.69 2015/01/05 21:56:16 wiz Exp $
 
 DISTNAME=	libgcrypt-1.6.2
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.gnupg.org/gcrypt/libgcrypt/ \
 		http://gd.tuwien.ac.at/privacy/gnupg/libgcrypt/
diff --git a/security/libgcrypt/distinfo b/security/libgcrypt/distinfo
index 61bfce18831..55414caef64 100644
--- a/security/libgcrypt/distinfo
+++ b/security/libgcrypt/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.54 2014/08/29 14:22:59 wiz Exp $
+$NetBSD: distinfo,v 1.55 2015/01/05 21:56:16 wiz Exp $
 
 SHA1 (libgcrypt-1.6.2.tar.bz2) = cc31aca87e4a3769cb86884a3f5982b2cc8eb7ec
 RMD160 (libgcrypt-1.6.2.tar.bz2) = 807df33a98468015293846fd589a213dad38be19
 Size (libgcrypt-1.6.2.tar.bz2) = 2476101 bytes
 SHA1 (patch-aa) = 3dd44b8745128a6788d24f9eb00002624a5fc52b
-SHA1 (patch-ab) = 1a72ac897fbccbd58f0108b36a9ab2a6ee579b59
 SHA1 (patch-configure) = b9abea2f665ed0d8e0f36cf207f2cb9667bdfb4d
+SHA1 (patch-random_rndunix.c) = 8069cf981fe6166cd7accce1258d8e47859657bb
 SHA1 (patch-src_visibility.h) = 8cbbf6803ab34b4b7dda832aa8ee18247aa89518
diff --git a/security/libgcrypt/patches/patch-ab b/security/libgcrypt/patches/patch-ab
deleted file mode 100644
index 757d3c8597c..00000000000
--- a/security/libgcrypt/patches/patch-ab
+++ /dev/null
@@ -1,48 +0,0 @@
-$NetBSD: patch-ab,v 1.5 2014/08/21 19:55:26 wiz Exp $
-
-When exec'ing child processes (netstat and vmstat), make sure the standard
-file descriptors (0, 1, 2) are open.  This avoids multiple warnings issued
-under NetBSD about running set[ug]id programs with those descriptors closed.
-
-Fixes PR pkg/26079; although it talks about gaim, the problem is here, in
-libgcrypt.
-
-https://bugs.g10code.com/gnupg/issue1702
-
---- random/rndunix.c.orig	2011-02-04 19:16:03.000000000 +0000
-+++ random/rndunix.c
-@@ -87,6 +87,7 @@
- #include <stdlib.h>
- #include <stdio.h>
- #include <string.h>
-+#include <assert.h>
- 
- /* OS-specific includes */
- 
-@@ -737,6 +738,15 @@ start_gatherer( int pipefd )
- 	    if( i != n1 && i != n2 && i != pipefd )
- 		close(i);
- 	}
-+
-+	/* Reopen standard files (only if needed) so that NetBSD does not
-+	   complain about executing set[ug]id programs with descriptors 0
-+	   and/or 1 closed.  At this point, 2 is still open. */
-+	if ((i = open("/dev/null", O_RDONLY)) != STDIN_FILENO)
-+		close(i);
-+	if ((i = open("/dev/null", O_WRONLY)) != STDOUT_FILENO)
-+		close(i);
-+
- 	errno = 0;
-     }
- 
-@@ -764,6 +774,10 @@ start_gatherer( int pipefd )
- #endif
- 
-     fclose(stderr);		/* Arrghh!!  It's Stuart code!! */
-+    {
-+	int i = open("/dev/null", O_WRONLY);
-+	assert(i == STDERR_FILENO);
-+    }
- 
-     for(;;) {
- 	GATHER_MSG msg;
diff --git a/security/libgcrypt/patches/patch-random_rndunix.c b/security/libgcrypt/patches/patch-random_rndunix.c
new file mode 100644
index 00000000000..5eeac2885bb
--- /dev/null
+++ b/security/libgcrypt/patches/patch-random_rndunix.c
@@ -0,0 +1,57 @@
+$NetBSD: patch-random_rndunix.c,v 1.1 2015/01/05 21:56:16 wiz Exp $
+
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 5 Jan 2015 18:38:29 +0000 (+0100)
+Subject: random: Silent warning under NetBSD using rndunix
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff_plain;h=817472358a093438e802380caecf7139406400cf;hp=8c5eee51d9a25b143e41ffb7ff4a6b2a29b82d83
+
+random: Silent warning under NetBSD using rndunix
+
+* random/rndunix.c (STDERR_FILENO): Define if needed.
+(start_gatherer): Re-open standard descriptors.  Fix an
+unsigned/signed pointer warning.
+--
+
+GnuPG-bug-id: 1702
+
+--- random/rndunix.c.orig	2013-12-12 14:15:04.000000000 +0000
++++ random/rndunix.c
+@@ -144,6 +144,9 @@
+ #ifndef STDOUT_FILENO
+ #define STDOUT_FILENO 1
+ #endif
++#ifndef STDERR_FILENO
++#define STDERR_FILENO 2
++#endif
+ 
+ #define GATHER_BUFSIZE		49152	/* Usually about 25K are filled */
+ 
+@@ -766,13 +769,27 @@ start_gatherer( int pipefd )
+ 
+     fclose(stderr);		/* Arrghh!!  It's Stuart code!! */
+ 
++    /* Mary goes to Berkeley: NetBSD emits warnings if the standard
++       descriptors are not open when running setuid program.  Thus we
++       connect them to the bitbucket if they are not already open.  */
++    {
++      struct stat statbuf;
++
++      if (fstat (STDIN_FILENO, &statbuf) == -1 && errno == EBADF)
++        open ("/dev/null",O_RDONLY);
++      if (fstat (STDOUT_FILENO, &statbuf) == -1 && errno == EBADF)
++        open ("/dev/null",O_WRONLY);
++      if (fstat (STDERR_FILENO, &statbuf) == -1 && errno == EBADF)
++        open ("/dev/null",O_WRONLY);
++    }
++
+     for(;;) {
+ 	GATHER_MSG msg;
+ 	size_t nbytes;
+ 	const char *p;
+ 
+ 	msg.usefulness = slow_poll( dbgfp, dbgall, &nbytes );
+-	p = gather_buffer;
++	p = (const char*)gather_buffer;
+ 	while( nbytes ) {
+ 	    msg.ndata = nbytes > sizeof(msg.data)? sizeof(msg.data) : nbytes;
+ 	    memcpy( msg.data, p, msg.ndata );