From ee88fe80dcd72d67578fce9e1e25d68549e372e1 Mon Sep 17 00:00:00 2001 From: James Wah Date: Wed, 10 Apr 2019 16:42:16 +1000 Subject: [PATCH] mail-filter/libdkim: update for openssl-1.1.x Signed-off-by: James Wah Bug: https://bugs.gentoo.org/674892 --- .../libdkim/files/libdkim-openssl-1.1.patch | 284 ++++++++++++++++++ mail-filter/libdkim/libdkim-1.0.21-r5.ebuild | 54 ++++ 2 files changed, 338 insertions(+) create mode 100644 mail-filter/libdkim/files/libdkim-openssl-1.1.patch create mode 100644 mail-filter/libdkim/libdkim-1.0.21-r5.ebuild diff --git a/mail-filter/libdkim/files/libdkim-openssl-1.1.patch b/mail-filter/libdkim/files/libdkim-openssl-1.1.patch new file mode 100644 index 00000000000..27e31e3a954 --- /dev/null +++ b/mail-filter/libdkim/files/libdkim-openssl-1.1.patch @@ -0,0 +1,284 @@ +diff -ur src.old/dkimbase.h src/dkimbase.h +--- src.old/dkimbase.h 2019-04-10 11:01:23.544374386 +1000 ++++ src/dkimbase.h 2019-04-10 11:01:38.040374386 +1000 +@@ -25,6 +25,11 @@ + #include + #include + ++#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#define EVP_MD_CTX_new EVP_MD_CTX_create ++#define EVP_MD_CTX_free EVP_MD_CTX_destroy ++#endif ++ + #define BUFFER_ALLOC_INCREMENT 256 + + #include +diff -ur src.old/dkimsign.cpp src/dkimsign.cpp +--- src.old/dkimsign.cpp 2019-04-10 11:01:23.544374386 +1000 ++++ src/dkimsign.cpp 2019-04-10 11:01:38.044374386 +1000 +@@ -31,6 +31,7 @@ + + #include + #include ++#include + + #include "dkim.h" + #include "dkimsign.h" +@@ -41,20 +42,35 @@ + m_EmptyLineCount = 0; + m_pfnHdrCallback = NULL; + +- EVP_SignInit( &m_allman_sha1ctx, EVP_sha1() ); +- EVP_SignInit( &m_Hdr_ietf_sha1ctx, EVP_sha1() ); +- EVP_SignInit( &m_Hdr_ietf_sha256ctx, EVP_sha256() ); +- EVP_DigestInit( &m_Bdy_ietf_sha1ctx, EVP_sha1() ); +- EVP_DigestInit( &m_Bdy_ietf_sha256ctx, EVP_sha256() ); ++ m_allman_sha1ctx = EVP_MD_CTX_new(); ++ if ( m_allman_sha1ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ EVP_SignInit( m_allman_sha1ctx, EVP_sha1() ); ++ m_Hdr_ietf_sha1ctx = EVP_MD_CTX_new(); ++ if ( m_Hdr_ietf_sha1ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ EVP_SignInit( m_Hdr_ietf_sha1ctx, EVP_sha1() ); ++ m_Hdr_ietf_sha256ctx = EVP_MD_CTX_new(); ++ if ( m_Hdr_ietf_sha256ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ EVP_SignInit( m_Hdr_ietf_sha256ctx, EVP_sha256() ); ++ m_Bdy_ietf_sha1ctx = EVP_MD_CTX_new(); ++ if ( m_Bdy_ietf_sha1ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ EVP_DigestInit( m_Bdy_ietf_sha1ctx, EVP_sha1() ); ++ m_Bdy_ietf_sha256ctx = EVP_MD_CTX_new(); ++ if ( m_Bdy_ietf_sha256ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ EVP_DigestInit( m_Bdy_ietf_sha256ctx, EVP_sha256() ); + } + + CDKIMSign::~CDKIMSign() + { +- EVP_MD_CTX_cleanup( &m_allman_sha1ctx ); +- EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha1ctx ); +- EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha256ctx ); +- EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha1ctx ); +- EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha256ctx ); ++ EVP_MD_CTX_free( m_allman_sha1ctx ); ++ EVP_MD_CTX_free( m_Hdr_ietf_sha1ctx ); ++ EVP_MD_CTX_free( m_Hdr_ietf_sha256ctx ); ++ EVP_MD_CTX_free( m_Bdy_ietf_sha1ctx ); ++ EVP_MD_CTX_free( m_Bdy_ietf_sha256ctx ); + } + + //////////////////////////////////////////////////////////////////////////////// +@@ -150,34 +166,34 @@ + { + if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 ) + { +- EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength ); ++ EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength ); + } + } + else + { + if( m_nIncludeBodyHash < DKIM_BODYHASH_IETF_1 ) + { +- EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength ); ++ EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength ); + } + else if( m_nIncludeBodyHash & DKIM_BODYHASH_IETF_1 ) + { + if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 ) + { +- EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength ); ++ EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength ); + } + if( m_nHash & DKIM_HASH_SHA256 ) + { + if( bHdr ) +- EVP_SignUpdate( &m_Hdr_ietf_sha256ctx, szBuffer, nBufLength ); ++ EVP_SignUpdate( m_Hdr_ietf_sha256ctx, szBuffer, nBufLength ); + else +- EVP_DigestUpdate( &m_Bdy_ietf_sha256ctx, szBuffer, nBufLength ); ++ EVP_DigestUpdate( m_Bdy_ietf_sha256ctx, szBuffer, nBufLength ); + } + if( m_nHash != DKIM_HASH_SHA256 ) + { + if( bHdr ) +- EVP_SignUpdate( &m_Hdr_ietf_sha1ctx, szBuffer, nBufLength ); ++ EVP_SignUpdate( m_Hdr_ietf_sha1ctx, szBuffer, nBufLength ); + else +- EVP_DigestUpdate( &m_Bdy_ietf_sha1ctx, szBuffer, nBufLength ); ++ EVP_DigestUpdate( m_Bdy_ietf_sha1ctx, szBuffer, nBufLength ); + } + } + } +@@ -864,7 +880,7 @@ + unsigned char Hash[EVP_MAX_MD_SIZE]; + unsigned int nHashLen = 0; + +- EVP_DigestFinal( bUseSha256 ? &m_Bdy_ietf_sha256ctx : &m_Bdy_ietf_sha1ctx, Hash, &nHashLen ); ++ EVP_DigestFinal( bUseSha256 ? m_Bdy_ietf_sha256ctx : m_Bdy_ietf_sha1ctx, Hash, &nHashLen ); + + bio = BIO_new(BIO_s_mem()); + if (!bio) { +@@ -935,11 +951,11 @@ + + if( bUseIetfBodyHash ) + { +- EVP_SignUpdate( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() ); ++ EVP_SignUpdate( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() ); + } + else + { +- EVP_SignUpdate( &m_allman_sha1ctx, sTemp.c_str(), sTemp.size() ); ++ EVP_SignUpdate( m_allman_sha1ctx, sTemp.c_str(), sTemp.size() ); + } + + bio = BIO_new_mem_buf(szPrivKey, -1); +@@ -966,11 +982,11 @@ + + if( bUseIetfBodyHash ) + { +- nSignRet = EVP_SignFinal( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sig, &siglen, pkey); ++ nSignRet = EVP_SignFinal( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sig, &siglen, pkey); + } + else + { +- nSignRet = EVP_SignFinal( &m_allman_sha1ctx, sig, &siglen, pkey); ++ nSignRet = EVP_SignFinal( m_allman_sha1ctx, sig, &siglen, pkey); + } + + EVP_PKEY_free(pkey); +diff -ur src.old/dkimsign.h src/dkimsign.h +--- src.old/dkimsign.h 2019-04-10 11:01:23.544374386 +1000 ++++ src/dkimsign.h 2019-04-10 11:01:38.040374386 +1000 +@@ -60,13 +60,13 @@ + + int AssembleReturnedSig( char* szPrivKey ); + +- EVP_MD_CTX m_Hdr_ietf_sha1ctx; /* the header hash for ietf sha1 */ +- EVP_MD_CTX m_Hdr_ietf_sha256ctx; /* the header hash for ietf sha256 */ ++ EVP_MD_CTX *m_Hdr_ietf_sha1ctx; /* the header hash for ietf sha1 */ ++ EVP_MD_CTX *m_Hdr_ietf_sha256ctx; /* the header hash for ietf sha256 */ + +- EVP_MD_CTX m_Bdy_ietf_sha1ctx; /* the body hash for ietf sha1 */ +- EVP_MD_CTX m_Bdy_ietf_sha256ctx; /* the body hash for ietf sha256 */ ++ EVP_MD_CTX *m_Bdy_ietf_sha1ctx; /* the body hash for ietf sha1 */ ++ EVP_MD_CTX *m_Bdy_ietf_sha256ctx; /* the body hash for ietf sha256 */ + +- EVP_MD_CTX m_allman_sha1ctx; /* the hash for allman sha1 */ ++ EVP_MD_CTX *m_allman_sha1ctx; /* the hash for allman sha1 */ + + int m_Canon; // canonization method + +diff -ur src.old/dkimverify.cpp src/dkimverify.cpp +--- src.old/dkimverify.cpp 2019-04-10 11:01:23.564374386 +1000 ++++ src/dkimverify.cpp 2019-04-10 11:01:38.044374386 +1000 +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + + #define MAX_SIGNATURES 10 // maximum number of DKIM signatures to process in a message + +@@ -43,8 +44,12 @@ + { + VerifiedBodyCount = 0; + UnverifiedBodyCount = 0; +- EVP_MD_CTX_init( &m_Hdr_ctx ); +- EVP_MD_CTX_init( &m_Bdy_ctx ); ++ m_Hdr_ctx = EVP_MD_CTX_new(); ++ if ( m_Hdr_ctx == NULL ) ++ throw std::runtime_error("out of memory"); ++ m_Bdy_ctx = EVP_MD_CTX_new(); ++ if ( m_Bdy_ctx == NULL ) ++ throw std::runtime_error("out of memory"); + m_pSelector = NULL; + Status = DKIM_SUCCESS; + m_nHash = 0; +@@ -54,8 +59,8 @@ + + SignatureInfo::~SignatureInfo() + { +- EVP_MD_CTX_cleanup( &m_Hdr_ctx ); +- EVP_MD_CTX_cleanup( &m_Bdy_ctx ); ++ EVP_MD_CTX_free(m_Hdr_ctx); ++ EVP_MD_CTX_free(m_Bdy_ctx); + } + + +@@ -459,7 +464,7 @@ + unsigned char md[EVP_MAX_MD_SIZE]; + unsigned len = 0; + +- int res = EVP_DigestFinal( &i->m_Bdy_ctx, md, &len); ++ int res = EVP_DigestFinal( i->m_Bdy_ctx, md, &len); + + if (!res || len != i->BodyHashData.length() || memcmp(i->BodyHashData.data(), md, len) != 0) + { +@@ -515,7 +520,7 @@ + + assert( i->m_pSelector != NULL ); + +- int res = EVP_VerifyFinal( &i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey); ++ int res = EVP_VerifyFinal( i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey); + + if (res == 1) + { +@@ -658,11 +663,11 @@ + + if (IsBody && !BodyHashData.empty()) + { +- EVP_DigestUpdate( &m_Bdy_ctx, szBuffer, nBufLength ); ++ EVP_DigestUpdate( m_Bdy_ctx, szBuffer, nBufLength ); + } + else + { +- EVP_VerifyUpdate( &m_Hdr_ctx, szBuffer, nBufLength ); ++ EVP_VerifyUpdate( m_Hdr_ctx, szBuffer, nBufLength ); + } + + if (m_SaveCanonicalizedData) +@@ -741,13 +746,13 @@ + // initialize the hashes + if (sig.m_nHash == DKIM_HASH_SHA256) + { +- EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha256() ); +- EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha256() ); ++ EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha256() ); ++ EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha256() ); + } + else + { +- EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha1() ); +- EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha1() ); ++ EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha1() ); ++ EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha1() ); + } + + // compute the hash of the header +@@ -1343,7 +1348,8 @@ + return DKIM_SELECTOR_PUBLIC_KEY_INVALID; + + // make sure public key is the correct type (we only support rsa) +- if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA2) ++ if (EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA || ++ EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA2) + { + PublicKey = pkey; + } +diff -ur src.old/dkimverify.h src/dkimverify.h +--- src.old/dkimverify.h 2008-09-15 08:22:00.000000000 +1000 ++++ src/dkimverify.h 2019-04-10 11:01:38.040374386 +1000 +@@ -83,8 +83,8 @@ + unsigned VerifiedBodyCount; + unsigned UnverifiedBodyCount; + +- EVP_MD_CTX m_Hdr_ctx; +- EVP_MD_CTX m_Bdy_ctx; ++ EVP_MD_CTX *m_Hdr_ctx; ++ EVP_MD_CTX *m_Bdy_ctx; + SelectorInfo *m_pSelector; + + int Status; diff --git a/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild b/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild new file mode 100644 index 00000000000..07a1387aa6a --- /dev/null +++ b/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit autotools toolchain-funcs vcs-clean + +DESCRIPTION="DomainKeys Identified Mail library from Alt-N Inc" +HOMEPAGE="http://libdkim.sourceforge.net" +SRC_URI="mirror://sourceforge/${PN}/${P}.zip" + +LICENSE="Apache-2.0 yahoo-patent-license-1.2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="libressl static-libs" + +RDEPEND=" + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + !mail-filter/libdkim-exim +" +DEPEND="${RDEPEND} + app-arch/unzip +" + +S="${WORKDIR}/${PN}/src" + +src_prepare() { + default + + ecvs_clean + cp "${FILESDIR}"/debianize/* "${S}" || die + eapply "${FILESDIR}"/patches/*.patch + eapply "${FILESDIR}"/libdkim-extra-options-r1.patch + eapply "${FILESDIR}"/${P}-gcc6.patch + eapply "${FILESDIR}"/libdkim-openssl-1.1.patch + + # Bug 476772 + if ! use static-libs; then + sed -i \ + -e '/^TARGETS/s/libdkim.a//' \ + -e '/install -m 644 libdkim.a/d' \ + Makefile.in || die 'sed on Makefile.in failed' + fi + + # Bug 476770 + tc-export AR + + eautoreconf +} + +src_install() { + default + dodoc ../README +} -- 2.20.1