diff options
author | skrll <skrll@pkgsrc.org> | 2002-08-15 08:38:33 +0000 |
---|---|---|
committer | skrll <skrll@pkgsrc.org> | 2002-08-15 08:38:33 +0000 |
commit | 3652e0b5ce4b88626d249f2cbbdf6757bb012295 (patch) | |
tree | bd5b7af03c1df6f4f7836c39e501776c2880a511 /x11 | |
parent | 8c0e6366fd0f4383c4d449103e947186d264e2e0 (diff) | |
download | pkgsrc-3652e0b5ce4b88626d249f2cbbdf6757bb012295.tar.gz |
Bring in security fix for certificate handling.
PKGREVISION++
Diffstat (limited to 'x11')
-rw-r--r-- | x11/kdelibs2/Makefile | 4 | ||||
-rw-r--r-- | x11/kdelibs2/distinfo | 7 | ||||
-rw-r--r-- | x11/kdelibs2/patches/patch-bt | 41 | ||||
-rw-r--r-- | x11/kdelibs2/patches/patch-bw | 17 | ||||
-rw-r--r-- | x11/kdelibs2/patches/patch-by | 15 |
5 files changed, 68 insertions, 16 deletions
diff --git a/x11/kdelibs2/Makefile b/x11/kdelibs2/Makefile index f1d38c6ce0a..14f35a50e95 100644 --- a/x11/kdelibs2/Makefile +++ b/x11/kdelibs2/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.37 2002/05/20 10:16:36 cjep Exp $ +# $NetBSD: Makefile,v 1.38 2002/08/15 08:38:33 skrll Exp $ DISTNAME= kdelibs-2.2.2 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= x11 COMMENT= Support libraries for the KDE integrated X11 desktop diff --git a/x11/kdelibs2/distinfo b/x11/kdelibs2/distinfo index 0a44dc524f1..e656ae23c4e 100644 --- a/x11/kdelibs2/distinfo +++ b/x11/kdelibs2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.16 2002/04/10 12:27:34 dmcmahill Exp $ +$NetBSD: distinfo,v 1.17 2002/08/15 08:38:33 skrll Exp $ SHA1 (kdelibs-2.2.2.tar.bz2) = 6ae1096ffb547f317adca6b29cb9ce9dcaf1863c Size (kdelibs-2.2.2.tar.bz2) = 5955592 bytes @@ -47,8 +47,9 @@ SHA1 (patch-bp) = 84fe12d8317bbc9eb0ea2f2d320d3fb9fb138faf SHA1 (patch-bq) = 37b760bcd4067d3adac6260377f16fcb6ffae909 SHA1 (patch-br) = e4098450a416d419a8ac947ad7a2244298c2c011 SHA1 (patch-bs) = 77b183070cc758feff760ffc44044eb2a6cd5005 -SHA1 (patch-bt) = 96a5b587056abc922957e55898e222910ab98dca +SHA1 (patch-bt) = d05c189bde88471911126d84549054eac187ebfe SHA1 (patch-bu) = dfa7b7e83674ed795af0dc347ed95b1383a7f36d SHA1 (patch-bv) = 7cf20147a66d04638226e0488474d300fcde64b4 -SHA1 (patch-bw) = 7c7cef94871b26eda58862711e65b27c6d43bad4 +SHA1 (patch-bw) = f5492ccb01f0f16400af426a20c778d624c9f616 SHA1 (patch-bx) = 9a8aaeab8852593b1c8f7037ce8a421f9fa8a953 +SHA1 (patch-by) = dfa7fef53b3cc2b6b467be6b43019b3321dc7c64 diff --git a/x11/kdelibs2/patches/patch-bt b/x11/kdelibs2/patches/patch-bt index 216974c0636..a764b508680 100644 --- a/x11/kdelibs2/patches/patch-bt +++ b/x11/kdelibs2/patches/patch-bt @@ -1,8 +1,16 @@ -$NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ +$NetBSD: patch-bt,v 1.2 2002/08/15 08:38:34 skrll Exp $ --- kssl/kopenssl.cc.orig Wed Sep 5 00:08:18 2001 +++ kssl/kopenssl.cc -@@ -117,7 +117,7 @@ +@@ -92,6 +92,7 @@ static int (*K_SSL_CTX_use_certificate) + static int (*K_SSL_get_error) (SSL*, int) = NULL; + static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = NULL; + static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = NULL; ++static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = NULL; + static void (*K_sk_free) (STACK*) = NULL; + static int (*K_sk_num) (STACK*) = NULL; + static char* (*K_sk_value) (STACK*, int) = NULL; +@@ -117,7 +118,7 @@ void KOpenSSLProxy::destroy() { _me = NULL; } @@ -11,7 +19,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ #include <qdir.h> #include <qstring.h> #include <qstringlist.h> -@@ -180,20 +180,16 @@ +@@ -180,20 +181,16 @@ KConfig *cfg; delete cfg; @@ -38,7 +46,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ // FIXME: #define here for the various OS types to optimize libnamess << "libssl.so.0" << "libssl.so" -@@ -202,10 +198,16 @@ +@@ -202,10 +199,16 @@ KConfig *cfg; libnamesc << "libcrypto.so.0" << "libcrypto.so" << "libcrypto.sl"; @@ -55,7 +63,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ for (QStringList::Iterator shit = libnamesc.begin(); shit != libnamesc.end(); ++shit) { -@@ -213,9 +215,9 @@ +@@ -213,9 +216,9 @@ KConfig *cfg; _cryptoLib = ll->globalLibrary(alib.latin1()); if (_cryptoLib) break; } @@ -66,7 +74,15 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ if (_cryptoLib) { #ifdef HAVE_SSL -@@ -263,16 +265,14 @@ +@@ -254,6 +257,7 @@ KConfig *cfg; + X509**, STACK_OF(X509)**)) _cryptoLib->symbol("PKCS12_parse"); + K_EVP_PKEY_free = (void (*) (EVP_PKEY *)) _cryptoLib->symbol("EVP_PKEY_free"); + K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set_chain"); ++ K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) _cryptoLib->symbol("X509_STORE_CTX_set_purpose"); + K_sk_free = (void (*) (STACK *)) _cryptoLib->symbol("sk_free"); + K_sk_num = (int (*) (STACK *)) _cryptoLib->symbol("sk_num"); + K_sk_value = (char* (*) (STACK *, int)) _cryptoLib->symbol("sk_value"); +@@ -263,16 +267,14 @@ KConfig *cfg; #endif } @@ -88,7 +104,7 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ for (QStringList::Iterator shit = libnamess.begin(); shit != libnamess.end(); ++shit) { -@@ -280,9 +280,9 @@ +@@ -280,9 +282,9 @@ KConfig *cfg; _sslLib = ll->globalLibrary(alib.latin1()); if (_sslLib) break; } @@ -99,3 +115,14 @@ $NetBSD: patch-bt,v 1.1 2001/11/17 12:01:35 skrll Exp $ if (_sslLib) { #ifdef HAVE_SSL +@@ -742,6 +744,10 @@ char *KOpenSSLProxy::sk_value(STACK *s, + + void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) { + if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x); ++} ++ ++void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { ++ if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose); + } + + diff --git a/x11/kdelibs2/patches/patch-bw b/x11/kdelibs2/patches/patch-bw index 41d61a73297..91ef000444c 100644 --- a/x11/kdelibs2/patches/patch-bw +++ b/x11/kdelibs2/patches/patch-bw @@ -1,8 +1,8 @@ -$NetBSD: patch-bw,v 1.1 2002/02/23 15:24:18 skrll Exp $ +$NetBSD: patch-bw,v 1.2 2002/08/15 08:38:34 skrll Exp $ ---- kssl/ksslcertificate.cc.orig Sat Feb 23 12:21:02 2002 +--- kssl/ksslcertificate.cc.orig Thu Aug 15 09:25:29 2002 +++ kssl/ksslcertificate.cc -@@ -79,7 +79,7 @@ +@@ -79,7 +79,7 @@ public: KSSLCertificate::KSSLCertificate() { d = new KSSLCertificatePrivate; d->m_stateCached = false; @@ -11,7 +11,16 @@ $NetBSD: patch-bw,v 1.1 2002/02/23 15:24:18 skrll Exp $ #ifdef HAVE_SSL d->m_cert = NULL; #endif -@@ -447,7 +447,7 @@ +@@ -262,6 +262,8 @@ KSSLCertificate::KSSLValidation KSSLCert + // FIXME: do all the X509_STORE_CTX_set_flags(); here + // +-----> Note that this is for 0.9.6 or better ONLY! + ++ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, X509_PURPOSE_SSL_SERVER); ++ + //kdDebug(7029) << "KSSL verifying.............." << endl; + certStoreCTX->error = X509_V_OK; + rc = d->kossl->X509_verify_cert(certStoreCTX); +@@ -433,7 +435,7 @@ int operator==(KSSLCertificate &x, KSSLC KSSLCertificate::KSSLCertificate(const KSSLCertificate& x) { d = new KSSLCertificatePrivate; d->m_stateCached = false; diff --git a/x11/kdelibs2/patches/patch-by b/x11/kdelibs2/patches/patch-by new file mode 100644 index 00000000000..fc074b8100d --- /dev/null +++ b/x11/kdelibs2/patches/patch-by @@ -0,0 +1,15 @@ +$NetBSD: patch-by,v 1.1 2002/08/15 08:38:34 skrll Exp $ + +--- kssl/kopenssl.h.orig Sun Jul 29 05:55:41 2001 ++++ kssl/kopenssl.h +@@ -277,6 +277,10 @@ public: + */ + void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); + ++ /* ++ * X509_STORE_CTX_set_purpose - set the purpose of the certificate ++ */ ++ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); + + /* + * X509_verify_cert - verify the certificate |