Attachment 572362 Details for Bug 674892 – Patch for OpenSSL 1.1, ready for portage tree

[patch] Patch for OpenSSL 1.1, ready for portage tree

0001-mail-filter-libdkim-update-for-openssl-1.1.x.patch (text/plain), 11.92 KB, created by James Wah on 2019-04-10 06:45:28 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: James Wah

Created: 2019-04-10 06:45:28 UTC

Size: 11.92 KB

patch

obsolete

>From ee88fe80dcd72d67578fce9e1e25d68549e372e1 Mon Sep 17 00:00:00 2001
>From: James Wah <james-gentoo@laird-wah.net>
>Date: Wed, 10 Apr 2019 16:42:16 +1000
>Subject: [PATCH] mail-filter/libdkim: update for openssl-1.1.x
>
>Signed-off-by: James Wah <james-gentoo@laird-wah.net>
>Bug: https://bugs.gentoo.org/674892
>---
> .../libdkim/files/libdkim-openssl-1.1.patch   | 284 ++++++++++++++++++
> mail-filter/libdkim/libdkim-1.0.21-r5.ebuild  |  54 ++++
> 2 files changed, 338 insertions(+)
> create mode 100644 mail-filter/libdkim/files/libdkim-openssl-1.1.patch
> create mode 100644 mail-filter/libdkim/libdkim-1.0.21-r5.ebuild
>
>diff --git a/mail-filter/libdkim/files/libdkim-openssl-1.1.patch b/mail-filter/libdkim/files/libdkim-openssl-1.1.patch
>new file mode 100644
>index 00000000000..27e31e3a954
>--- /dev/null
>+++ b/mail-filter/libdkim/files/libdkim-openssl-1.1.patch
>@@ -0,0 +1,284 @@
>+diff -ur src.old/dkimbase.h src/dkimbase.h
>+--- src.old/dkimbase.h	2019-04-10 11:01:23.544374386 +1000
>++++ src/dkimbase.h	2019-04-10 11:01:38.040374386 +1000
>+@@ -25,6 +25,11 @@
>+ #include <openssl/pem.h>
>+ #include <openssl/err.h>
>+ 
>++#if OPENSSL_VERSION_NUMBER < 0x10100000
>++#define EVP_MD_CTX_new EVP_MD_CTX_create
>++#define EVP_MD_CTX_free EVP_MD_CTX_destroy
>++#endif
>++
>+ #define BUFFER_ALLOC_INCREMENT	256
>+ 
>+ #include <string>
>+diff -ur src.old/dkimsign.cpp src/dkimsign.cpp
>+--- src.old/dkimsign.cpp	2019-04-10 11:01:23.544374386 +1000
>++++ src/dkimsign.cpp	2019-04-10 11:01:38.044374386 +1000
>+@@ -31,6 +31,7 @@
>+ 
>+ #include <string.h>
>+ #include <map>
>++#include <stdexcept>
>+ 
>+ #include "dkim.h"
>+ #include "dkimsign.h"
>+@@ -41,20 +42,35 @@
>+ 	m_EmptyLineCount = 0;
>+ 	m_pfnHdrCallback = NULL;
>+ 
>+-	EVP_SignInit( &m_allman_sha1ctx, EVP_sha1() );
>+-	EVP_SignInit( &m_Hdr_ietf_sha1ctx, EVP_sha1() );
>+-	EVP_SignInit( &m_Hdr_ietf_sha256ctx, EVP_sha256() );
>+-	EVP_DigestInit( &m_Bdy_ietf_sha1ctx, EVP_sha1() );
>+-	EVP_DigestInit( &m_Bdy_ietf_sha256ctx, EVP_sha256() );
>++	m_allman_sha1ctx = EVP_MD_CTX_new();
>++	if ( m_allman_sha1ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	EVP_SignInit( m_allman_sha1ctx, EVP_sha1() );
>++	m_Hdr_ietf_sha1ctx = EVP_MD_CTX_new();
>++	if ( m_Hdr_ietf_sha1ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	EVP_SignInit( m_Hdr_ietf_sha1ctx, EVP_sha1() );
>++	m_Hdr_ietf_sha256ctx = EVP_MD_CTX_new();
>++	if ( m_Hdr_ietf_sha256ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	EVP_SignInit( m_Hdr_ietf_sha256ctx, EVP_sha256() );
>++	m_Bdy_ietf_sha1ctx = EVP_MD_CTX_new();
>++	if ( m_Bdy_ietf_sha1ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	EVP_DigestInit( m_Bdy_ietf_sha1ctx, EVP_sha1() );
>++	m_Bdy_ietf_sha256ctx = EVP_MD_CTX_new();
>++	if ( m_Bdy_ietf_sha256ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	EVP_DigestInit( m_Bdy_ietf_sha256ctx, EVP_sha256() );
>+ }
>+ 
>+ CDKIMSign::~CDKIMSign()
>+ {
>+-	EVP_MD_CTX_cleanup( &m_allman_sha1ctx );
>+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha1ctx );
>+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha256ctx );
>+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha1ctx );
>+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha256ctx );
>++	EVP_MD_CTX_free( m_allman_sha1ctx );
>++	EVP_MD_CTX_free( m_Hdr_ietf_sha1ctx );
>++	EVP_MD_CTX_free( m_Hdr_ietf_sha256ctx );
>++	EVP_MD_CTX_free( m_Bdy_ietf_sha1ctx );
>++	EVP_MD_CTX_free( m_Bdy_ietf_sha256ctx );
>+ }
>+ 
>+ ////////////////////////////////////////////////////////////////////////////////
>+@@ -150,34 +166,34 @@
>+ 	{
>+ 		if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
>+ 		{
>+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
>++			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
>+ 		}
>+ 	}
>+ 	else
>+ 	{
>+ 		if( m_nIncludeBodyHash < DKIM_BODYHASH_IETF_1 )
>+ 		{
>+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
>++			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
>+ 		}
>+ 		else if( m_nIncludeBodyHash & DKIM_BODYHASH_IETF_1 )
>+ 		{
>+ 			if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
>+ 			{
>+-				EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
>++				EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
>+ 			}
>+ 			if( m_nHash & DKIM_HASH_SHA256 )
>+ 			{
>+ 				if( bHdr )
>+-					EVP_SignUpdate( &m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
>++					EVP_SignUpdate( m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
>+ 				else
>+-					EVP_DigestUpdate( &m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
>++					EVP_DigestUpdate( m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
>+ 			}
>+ 			if( m_nHash != DKIM_HASH_SHA256 )
>+ 			{
>+ 				if( bHdr )
>+-					EVP_SignUpdate( &m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
>++					EVP_SignUpdate( m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
>+ 				else
>+-					EVP_DigestUpdate( &m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
>++					EVP_DigestUpdate( m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
>+ 			}
>+ 		}
>+ 	}
>+@@ -864,7 +880,7 @@
>+ 		unsigned char Hash[EVP_MAX_MD_SIZE];
>+ 		unsigned int nHashLen = 0;
>+ 
>+-		EVP_DigestFinal( bUseSha256 ? &m_Bdy_ietf_sha256ctx : &m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
>++		EVP_DigestFinal( bUseSha256 ? m_Bdy_ietf_sha256ctx : m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
>+ 
>+ 		bio = BIO_new(BIO_s_mem());
>+ 		if (!bio) {
>+@@ -935,11 +951,11 @@
>+ 
>+ 	if( bUseIetfBodyHash )
>+ 	{
>+-		EVP_SignUpdate( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
>++		EVP_SignUpdate( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
>+ 	}
>+ 	else
>+ 	{
>+-		EVP_SignUpdate( &m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
>++		EVP_SignUpdate( m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
>+ 	}
>+  
>+ 	bio = BIO_new_mem_buf(szPrivKey, -1);
>+@@ -966,11 +982,11 @@
>+ 	
>+ 	if( bUseIetfBodyHash )
>+ 	{
>+-		nSignRet = EVP_SignFinal( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
>++		nSignRet = EVP_SignFinal( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
>+ 	}
>+ 	else
>+ 	{
>+-		nSignRet = EVP_SignFinal( &m_allman_sha1ctx, sig, &siglen, pkey);
>++		nSignRet = EVP_SignFinal( m_allman_sha1ctx, sig, &siglen, pkey);
>+ 	}
>+ 
>+	 EVP_PKEY_free(pkey);
>+diff -ur src.old/dkimsign.h src/dkimsign.h
>+--- src.old/dkimsign.h	2019-04-10 11:01:23.544374386 +1000
>++++ src/dkimsign.h	2019-04-10 11:01:38.040374386 +1000
>+@@ -60,13 +60,13 @@
>+ 
>+ 	int AssembleReturnedSig( char* szPrivKey );
>+ 
>+-	EVP_MD_CTX m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
>+-	EVP_MD_CTX m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
>++	EVP_MD_CTX *m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
>++	EVP_MD_CTX *m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
>+ 
>+-	EVP_MD_CTX m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
>+-	EVP_MD_CTX m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
>++	EVP_MD_CTX *m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
>++	EVP_MD_CTX *m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
>+ 
>+-	EVP_MD_CTX m_allman_sha1ctx;		/* the hash for allman sha1  */
>++	EVP_MD_CTX *m_allman_sha1ctx;		/* the hash for allman sha1  */
>+ 
>+ 	int m_Canon;				// canonization method
>+ 
>+diff -ur src.old/dkimverify.cpp src/dkimverify.cpp
>+--- src.old/dkimverify.cpp	2019-04-10 11:01:23.564374386 +1000
>++++ src/dkimverify.cpp	2019-04-10 11:01:38.044374386 +1000
>+@@ -35,6 +35,7 @@
>+ #include <assert.h>
>+ #include <vector>
>+ #include <algorithm>
>++#include <stdexcept>
>+ 
>+ #define MAX_SIGNATURES	10			// maximum number of DKIM signatures to process in a message
>+ 
>+@@ -43,8 +44,12 @@
>+ {
>+ 	VerifiedBodyCount = 0;
>+ 	UnverifiedBodyCount = 0;
>+-	EVP_MD_CTX_init( &m_Hdr_ctx );
>+-	EVP_MD_CTX_init( &m_Bdy_ctx );
>++	m_Hdr_ctx = EVP_MD_CTX_new();
>++	if ( m_Hdr_ctx == NULL )
>++		throw std::runtime_error("out of memory");
>++	m_Bdy_ctx = EVP_MD_CTX_new();
>++	if ( m_Bdy_ctx == NULL )
>++		throw std::runtime_error("out of memory");
>+ 	m_pSelector = NULL;
>+ 	Status = DKIM_SUCCESS;
>+ 	m_nHash = 0;
>+@@ -54,8 +59,8 @@
>+ 
>+ SignatureInfo::~SignatureInfo()
>+ {
>+-	EVP_MD_CTX_cleanup( &m_Hdr_ctx );
>+-	EVP_MD_CTX_cleanup( &m_Bdy_ctx );
>++	EVP_MD_CTX_free(m_Hdr_ctx);
>++	EVP_MD_CTX_free(m_Bdy_ctx);
>+ }
>+ 
>+ 
>+@@ -459,7 +464,7 @@
>+ 				unsigned char md[EVP_MAX_MD_SIZE];
>+ 				unsigned len = 0;
>+ 
>+-				int res = EVP_DigestFinal( &i->m_Bdy_ctx, md, &len);
>++				int res = EVP_DigestFinal( i->m_Bdy_ctx, md, &len);
>+ 
>+ 				if (!res || len != i->BodyHashData.length() || memcmp(i->BodyHashData.data(), md, len) != 0)
>+ 				{
>+@@ -515,7 +520,7 @@
>+ 
>+ 			assert( i->m_pSelector != NULL );
>+ 
>+-			int res = EVP_VerifyFinal( &i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
>++			int res = EVP_VerifyFinal( i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
>+ 
>+ 			if (res == 1)
>+ 			{
>+@@ -658,11 +663,11 @@
>+ 
>+ 	if (IsBody && !BodyHashData.empty())
>+ 	{
>+-		EVP_DigestUpdate( &m_Bdy_ctx, szBuffer, nBufLength );
>++		EVP_DigestUpdate( m_Bdy_ctx, szBuffer, nBufLength );
>+ 	}
>+ 	else
>+ 	{
>+-		EVP_VerifyUpdate( &m_Hdr_ctx, szBuffer, nBufLength );
>++		EVP_VerifyUpdate( m_Hdr_ctx, szBuffer, nBufLength );
>+ 	}
>+ 
>+ 	if (m_SaveCanonicalizedData)
>+@@ -741,13 +746,13 @@
>+ 		// initialize the hashes
>+ 		if (sig.m_nHash == DKIM_HASH_SHA256)
>+ 		{
>+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha256() );
>+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha256() );
>++			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha256() );
>++			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha256() );
>+ 		}
>+ 		else
>+ 		{
>+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha1() );
>+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha1() );
>++			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha1() );
>++			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha1() );
>+ 		}
>+ 
>+ 		// compute the hash of the header
>+@@ -1343,7 +1348,8 @@
>+ 			return DKIM_SELECTOR_PUBLIC_KEY_INVALID;
>+ 
>+ 		// make sure public key is the correct type (we only support rsa)
>+-		if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA2)
>++		if (EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA ||
>++			EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA2)
>+ 		{
>+ 			PublicKey = pkey;
>+ 		}
>+diff -ur src.old/dkimverify.h src/dkimverify.h
>+--- src.old/dkimverify.h	2008-09-15 08:22:00.000000000 +1000
>++++ src/dkimverify.h	2019-04-10 11:01:38.040374386 +1000
>+@@ -83,8 +83,8 @@
>+ 	unsigned VerifiedBodyCount;
>+ 	unsigned UnverifiedBodyCount;
>+ 
>+-	EVP_MD_CTX m_Hdr_ctx;
>+-	EVP_MD_CTX m_Bdy_ctx;
>++	EVP_MD_CTX *m_Hdr_ctx;
>++	EVP_MD_CTX *m_Bdy_ctx;
>+ 	SelectorInfo *m_pSelector;
>+ 
>+ 	int Status;
>diff --git a/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild b/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild
>new file mode 100644
>index 00000000000..07a1387aa6a
>--- /dev/null
>+++ b/mail-filter/libdkim/libdkim-1.0.21-r5.ebuild
>@@ -0,0 +1,54 @@
>+# Copyright 1999-2018 Gentoo Foundation
>+# Distributed under the terms of the GNU General Public License v2
>+
>+EAPI=6
>+inherit autotools toolchain-funcs vcs-clean
>+
>+DESCRIPTION="DomainKeys Identified Mail library from Alt-N Inc"
>+HOMEPAGE="http://libdkim.sourceforge.net"
>+SRC_URI="mirror://sourceforge/${PN}/${P}.zip"
>+
>+LICENSE="Apache-2.0 yahoo-patent-license-1.2"
>+SLOT="0"
>+KEYWORDS="~amd64 ~x86"
>+IUSE="libressl static-libs"
>+
>+RDEPEND="
>+	!libressl? ( dev-libs/openssl:0= )
>+	libressl? ( dev-libs/libressl:0= )
>+	!mail-filter/libdkim-exim
>+"
>+DEPEND="${RDEPEND}
>+	app-arch/unzip
>+"
>+
>+S="${WORKDIR}/${PN}/src"
>+
>+src_prepare() {
>+	default
>+
>+	ecvs_clean
>+	cp  "${FILESDIR}"/debianize/* "${S}" || die
>+	eapply "${FILESDIR}"/patches/*.patch
>+	eapply "${FILESDIR}"/libdkim-extra-options-r1.patch
>+	eapply "${FILESDIR}"/${P}-gcc6.patch
>+	eapply "${FILESDIR}"/libdkim-openssl-1.1.patch
>+
>+	# Bug 476772
>+	if ! use static-libs; then
>+		 sed -i \
>+			-e '/^TARGETS/s/libdkim.a//' \
>+			-e '/install -m 644 libdkim.a/d' \
>+			Makefile.in || die 'sed on Makefile.in failed'
>+	fi
>+
>+	# Bug 476770
>+	tc-export AR
>+
>+	eautoreconf
>+}
>+
>+src_install() {
>+	default
>+	dodoc ../README
>+}
>-- 
>2.20.1
>

Actions: View | Diff

Attachments on bug 674892: 560366 | 560368 | 560370 | 560372 | 560374 | 560376 | 572360 | 572362