summaryrefslogtreecommitdiff
path: root/x11
diff options
context:
space:
mode:
authorskrll <skrll@pkgsrc.org>2002-08-15 08:38:33 +0000
committerskrll <skrll@pkgsrc.org>2002-08-15 08:38:33 +0000
commit3652e0b5ce4b88626d249f2cbbdf6757bb012295 (patch)
treebd5b7af03c1df6f4f7836c39e501776c2880a511 /x11
parent8c0e6366fd0f4383c4d449103e947186d264e2e0 (diff)
downloadpkgsrc-3652e0b5ce4b88626d249f2cbbdf6757bb012295.tar.gz
Bring in security fix for certificate handling.
PKGREVISION++
Diffstat (limited to 'x11')
-rw-r--r--x11/kdelibs2/Makefile4
-rw-r--r--x11/kdelibs2/distinfo7
-rw-r--r--x11/kdelibs2/patches/patch-bt41
-rw-r--r--x11/kdelibs2/patches/patch-bw17
-rw-r--r--x11/kdelibs2/patches/patch-by15
5 files changed, 68 insertions, 16 deletions
diff --git a/x11/kdelibs2/Makefile b/x11/kdelibs2/Makefile
index f1d38c6ce0a..14f35a50e95 100644
--- a/x11/kdelibs2/Makefile
+++ b/x11/kdelibs2/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.37 2002/05/20 10:16:36 cjep Exp $
+# $NetBSD: Makefile,v 1.38 2002/08/15 08:38:33 skrll Exp $
DISTNAME= kdelibs-2.2.2
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= x11
COMMENT= Support libraries for the KDE integrated X11 desktop
diff --git a/x11/kdelibs2/distinfo b/x11/kdelibs2/distinfo
index 0a44dc524f1..e656ae23c4e 100644
--- a/x11/kdelibs2/distinfo
+++ b/x11/kdelibs2/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2002/04/10 12:27:34 dmcmahill Exp $
+$NetBSD: distinfo,v 1.17 2002/08/15 08:38:33 skrll Exp $
SHA1 (kdelibs-2.2.2.tar.bz2) = 6ae1096ffb547f317adca6b29cb9ce9dcaf1863c
Size (kdelibs-2.2.2.tar.bz2) = 5955592 bytes
@@ -47,8 +47,9 @@ SHA1 (patch-bp) = 84fe12d8317bbc9eb0ea2f2d320d3fb9fb138faf
SHA1 (patch-bq) = 37b760bcd4067d3adac6260377f16fcb6ffae909
SHA1 (patch-br) = e4098450a416d419a8ac947ad7a2244298c2c011
SHA1 (patch-bs) = 77b183070cc758feff760ffc44044eb2a6cd5005
-SHA1 (patch-bt) = 96a5b587056abc922957e55898e222910ab98dca
+SHA1 (patch-bt) = d05c189bde88471911126d84549054eac187ebfe
SHA1 (patch-bu) = dfa7b7e83674ed795af0dc347ed95b1383a7f36d
SHA1 (patch-bv) = 7cf20147a66d04638226e0488474d300fcde64b4
-SHA1 (patch-bw) = 7c7cef94871b26eda58862711e65b27c6d43bad4
+SHA1 (patch-bw) = f5492ccb01f0f16400af426a20c778d624c9f616
SHA1 (patch-bx) = 9a8aaeab8852593b1c8f7037ce8a421f9fa8a953
+SHA1 (patch-by) = dfa7fef53b3cc2b6b467be6b43019b3321dc7c64
diff --git a/x11/kdelibs2/patches/patch-bt b/x11/kdelibs2/patches/patch-bt
index 216974c0636..a764b508680 100644
--- a/x11/kdelibs2/patches/patch-bt
+++ b/x11/kdelibs2/patches/patch-bt
@@ -1,8 +1,16 @@
-$NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
+$NetBSD: patch-bt,v 1.2 2002/08/15 08:38:34 skrll Exp $
--- kssl/kopenssl.cc.orig Wed Sep 5 00:08:18 2001
+++ kssl/kopenssl.cc
-@@ -117,7 +117,7 @@
+@@ -92,6 +92,7 @@ static int (*K_SSL_CTX_use_certificate)
+ static int (*K_SSL_get_error) (SSL*, int) = NULL;
+ static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = NULL;
+ static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = NULL;
++static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = NULL;
+ static void (*K_sk_free) (STACK*) = NULL;
+ static int (*K_sk_num) (STACK*) = NULL;
+ static char* (*K_sk_value) (STACK*, int) = NULL;
+@@ -117,7 +118,7 @@ void KOpenSSLProxy::destroy() {
_me = NULL;
}
@@ -11,7 +19,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
#include <qdir.h>
#include <qstring.h>
#include <qstringlist.h>
-@@ -180,20 +180,16 @@
+@@ -180,20 +181,16 @@ KConfig *cfg;
delete cfg;
@@ -38,7 +46,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
// FIXME: #define here for the various OS types to optimize
libnamess << "libssl.so.0"
<< "libssl.so"
-@@ -202,10 +198,16 @@
+@@ -202,10 +199,16 @@ KConfig *cfg;
libnamesc << "libcrypto.so.0"
<< "libcrypto.so"
<< "libcrypto.sl";
@@ -55,7 +63,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
for (QStringList::Iterator shit = libnamesc.begin();
shit != libnamesc.end();
++shit) {
-@@ -213,9 +215,9 @@
+@@ -213,9 +216,9 @@ KConfig *cfg;
_cryptoLib = ll->globalLibrary(alib.latin1());
if (_cryptoLib) break;
}
@@ -66,7 +74,15 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
if (_cryptoLib) {
#ifdef HAVE_SSL
-@@ -263,16 +265,14 @@
+@@ -254,6 +257,7 @@ KConfig *cfg;
+ X509**, STACK_OF(X509)**)) _cryptoLib->symbol("PKCS12_parse");
+ K_EVP_PKEY_free = (void (*) (EVP_PKEY *)) _cryptoLib->symbol("EVP_PKEY_free");
+ K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set_chain");
++ K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) _cryptoLib->symbol("X509_STORE_CTX_set_purpose");
+ K_sk_free = (void (*) (STACK *)) _cryptoLib->symbol("sk_free");
+ K_sk_num = (int (*) (STACK *)) _cryptoLib->symbol("sk_num");
+ K_sk_value = (char* (*) (STACK *, int)) _cryptoLib->symbol("sk_value");
+@@ -263,16 +267,14 @@ KConfig *cfg;
#endif
}
@@ -88,7 +104,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
for (QStringList::Iterator shit = libnamess.begin();
shit != libnamess.end();
++shit) {
-@@ -280,9 +280,9 @@
+@@ -280,9 +282,9 @@ KConfig *cfg;
_sslLib = ll->globalLibrary(alib.latin1());
if (_sslLib) break;
}
@@ -99,3 +115,14 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $
if (_sslLib) {
#ifdef HAVE_SSL
+@@ -742,6 +744,10 @@ char *KOpenSSLProxy::sk_value(STACK *s,
+
+ void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) {
+ if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x);
++}
++
++void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) {
++ if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose);
+ }
+
+
diff --git a/x11/kdelibs2/patches/patch-bw b/x11/kdelibs2/patches/patch-bw
index 41d61a73297..91ef000444c 100644
--- a/x11/kdelibs2/patches/patch-bw
+++ b/x11/kdelibs2/patches/patch-bw
@@ -1,8 +1,8 @@
-$NetBSD: patch-bw,v 1.1 2002/02/23 15:24:18 skrll Exp $
+$NetBSD: patch-bw,v 1.2 2002/08/15 08:38:34 skrll Exp $
---- kssl/ksslcertificate.cc.orig Sat Feb 23 12:21:02 2002
+--- kssl/ksslcertificate.cc.orig Thu Aug 15 09:25:29 2002
+++ kssl/ksslcertificate.cc
-@@ -79,7 +79,7 @@
+@@ -79,7 +79,7 @@ public:
KSSLCertificate::KSSLCertificate() {
d = new KSSLCertificatePrivate;
d->m_stateCached = false;
@@ -11,7 +11,16 @@ $NetBSD: patch-bw,v 1.1 2002/02/23 15:24:18 skrll Exp $
#ifdef HAVE_SSL
d->m_cert = NULL;
#endif
-@@ -447,7 +447,7 @@
+@@ -262,6 +262,8 @@ KSSLCertificate::KSSLValidation KSSLCert
+ // FIXME: do all the X509_STORE_CTX_set_flags(); here
+ // +-----> Note that this is for 0.9.6 or better ONLY!
+
++ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, X509_PURPOSE_SSL_SERVER);
++
+ //kdDebug(7029) << "KSSL verifying.............." << endl;
+ certStoreCTX->error = X509_V_OK;
+ rc = d->kossl->X509_verify_cert(certStoreCTX);
+@@ -433,7 +435,7 @@ int operator==(KSSLCertificate &x, KSSLC
KSSLCertificate::KSSLCertificate(const KSSLCertificate& x) {
d = new KSSLCertificatePrivate;
d->m_stateCached = false;
diff --git a/x11/kdelibs2/patches/patch-by b/x11/kdelibs2/patches/patch-by
new file mode 100644
index 00000000000..fc074b8100d
--- /dev/null
+++ b/x11/kdelibs2/patches/patch-by
@@ -0,0 +1,15 @@
+$NetBSD: patch-by,v 1.1 2002/08/15 08:38:34 skrll Exp $
+
+--- kssl/kopenssl.h.orig Sun Jul 29 05:55:41 2001
++++ kssl/kopenssl.h
+@@ -277,6 +277,10 @@ public:
+ */
+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
+
++ /*
++ * X509_STORE_CTX_set_purpose - set the purpose of the certificate
++ */
++ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
+
+ /*
+ * X509_verify_cert - verify the certificate