diff options
| author |   Alon Bar-Lev <alonbl@gentoo.org> | 2016-09-23 00:55:45 +0300 |
|---|---|---|
| committer | Alon Bar-Lev <alonbl@gentoo.org> | 2016-09-23 09:52:56 +0300 |
| commit | 29a23c245f99bc4f22d2d85e2d1adbbf213492e8 (patch) | |
| tree | 8c06375e06945c373f61806d51aaa1725211735f | |
| parent | mail-mta/postfix: Revision bump, fix runtime failures with libressl (diff) | |
| download | gentoo-29a23c245f99bc4f22d2d85e2d1adbbf213492e8.tar.gz gentoo-29a23c245f99bc4f22d2d85e2d1adbbf213492e8.tar.bz2 gentoo-29a23c245f99bc4f22d2d85e2d1adbbf213492e8.zip | |
net-libs/gnutls: remove unused files introduced by forigin merge 2f983b0?!?
14 files changed, 0 insertions, 1026 deletions
diff --git a/net-libs/gnutls/files/gnutls-2.12.20-AF_UNIX.patch b/net-libs/gnutls/files/gnutls-2.12.20-AF_UNIX.patch deleted file mode 100644 index 719baf37b210..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.20-AF_UNIX.patch +++ /dev/null @@ -1,37 +0,0 @@ -Backport of commit 60a13b98e9f410c3b1019252f271d3c0f20b2e61 for 2.12.20 - -From 60a13b98e9f410c3b1019252f271d3c0f20b2e61 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@gnutls.org> -Date: Fri, 23 Sep 2011 14:39:29 +0000 -Subject: a hack to allow compilation on systems without AF_LOCAL. - ---- lib/nettle/egd.c -+++ lib/nettle/egd.c -@@ -33,6 +33,12 @@ - - #include <gnutls_errors.h> - -+#ifdef AF_UNIX -+# define LOCAL_SOCKET_TYPE AF_UNIX -+#else -+# define LOCAL_SOCKET_TYPE AF_LOCAL -+#endif -+ - #ifndef offsetof - #define offsetof(type, member) ((size_t) &((type *)0)->member) - #endif -@@ -141,12 +147,12 @@ - } - - memset (&addr, 0, sizeof addr); -- addr.sun_family = AF_LOCAL; -+ addr.sun_family = LOCAL_SOCKET_TYPE; - strcpy (addr.sun_path, name); - addr_len = (offsetof (struct sockaddr_un, sun_path) - + strlen (addr.sun_path)); - -- fd = socket (AF_LOCAL, SOCK_STREAM, 0); -+ fd = socket (LOCAL_SOCKET_TYPE, SOCK_STREAM, 0); - if (fd == -1) - { - _gnutls_debug_log ("can't create unix domain socket: %s\n", diff --git a/net-libs/gnutls/files/gnutls-2.12.20-guile-parallelmake.patch b/net-libs/gnutls/files/gnutls-2.12.20-guile-parallelmake.patch deleted file mode 100644 index 5bb085793deb..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.20-guile-parallelmake.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- a/guile/src/Makefile.am -+++ b/guile/src/Makefile.am -@@ -124,4 +124,7 @@ - - .c.x: $(BUILT_SOURCES) - $(guile_snarf) -o $@ $< $(snarfcppopts) -+core.x: core.c enums.h enum-map.i.c priorities.i.c smobs.h smob-types.i.c -+errors.x: errors.c enums.h -+extra.x: extra.c enums.h extra-enums.h extra-enum-map.i.c extra-smobs.h extra-smob-types.i.c smobs.h diff --git a/net-libs/gnutls/files/gnutls-2.12.20-libadd.patch b/net-libs/gnutls/files/gnutls-2.12.20-libadd.patch deleted file mode 100644 index fe5f1964ddda..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.20-libadd.patch +++ /dev/null @@ -1,36 +0,0 @@ ---- gnutls-2.12.20/libextra/Makefile.am -+++ gnutls-2.12.20/libextra/Makefile.am -@@ -69,7 +69,7 @@ - if ENABLE_MINITASN1 - libgnutls_openssl_la_LIBADD += ../lib/minitasn1/libminitasn1.la - else --libgnutls_openssl_la_LDFLAGS += $(LTLIBTASN1) -+libgnutls_openssl_la_LIBADD += $(LTLIBTASN1) - endif - - if HAVE_LD_OUTPUT_DEF -@@ -89,8 +89,9 @@ - libgnutls_extra_la_SOURCES += \ - ext_inner_application.h ext_inner_application.c gnutls_ia.c - -+cryptolib_ldadd = - if !ENABLE_NETTLE --libgnutls_extra_la_LIBADD += $(LTLIBGCRYPT) -+cryptolib_ldadd = $(LTLIBGCRYPT) - endif - - # Rest -@@ -104,11 +105,10 @@ - DISTCLEANFILES += $(defexec_DATA) - - libgnutls_extra_la_LDFLAGS += \ -- -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) \ -- $(LZO_LIBS) -+ -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) - - libgnutls_extra_la_LIBADD += ../lib/gl/liblgnu.la gl/libxgnu.la \ -- ../lib/libgnutls.la -+ ../lib/libgnutls.la $(cryptolib_ldadd) $(LZO_LIBS) - - if HAVE_LD_VERSION_SCRIPT - libgnutls_extra_la_LDFLAGS += \ diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2013-2116.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2013-2116.patch deleted file mode 100644 index 2223e708a609..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2013-2116.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 5164d5a1d57cd0372a5dd074382ca960ca18b27d Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@gnutls.org> -Date: Thu, 23 May 2013 09:54:37 +0200 -Subject: [PATCH] re-applied sanity check patch - ---- - lib/gnutls_cipher.c | 2 ++ - 1 files changed, 2 insertions(+), 0 deletions(-) - -diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c -index 2835121..71f5a98 100644 ---- a/lib/gnutls_cipher.c -+++ b/lib/gnutls_cipher.c -@@ -561,6 +561,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, - return GNUTLS_E_DECRYPTION_FAILED; - } - pad = ciphertext.data[ciphertext.size - 1]; /* pad */ -+ if (pad+1 > ciphertext.size-hash_size) -+ pad_failed = GNUTLS_E_DECRYPTION_FAILED; - - /* Check the pading bytes (TLS 1.x). - * Note that we access all 256 bytes of ciphertext for padding check --- -1.7.1 - diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-0092.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-0092.patch deleted file mode 100644 index 21d3f3b9c467..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-0092.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@gnutls.org> -Date: Thu, 27 Feb 2014 19:42:26 +0100 -Subject: [PATCH] corrected return codes - ---- - lib/x509/verify.c | 16 ++++++++++------ - 1 files changed, 10 insertions(+), 6 deletions(-) - -diff --git a/lib/x509/verify.c b/lib/x509/verify.c -index c9a6b0d..eef85a8 100644 ---- a/lib/x509/verify.c -+++ b/lib/x509/verify.c -@@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - result = -@@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - if (result < 0) - { - gnutls_assert (); -- goto cleanup; -+ goto fail; - } - - /* If the subject certificate is the same as the issuer -@@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - else - gnutls_assert (); - -+fail: - result = 0; - - cleanup: -@@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - gnutls_datum_t cert_signed_data = { NULL, 0 }; - gnutls_datum_t cert_signature = { NULL, 0 }; - gnutls_x509_crt_t issuer = NULL; -- int issuer_version, result; -+ int issuer_version, result = 0; - - if (output) - *output = 0; -@@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (issuer_version < 0) - { - gnutls_assert (); -- return issuer_version; -+ return 0; - } - - if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && -@@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (result < 0) - { - gnutls_assert (); -+ result = 0; - goto cleanup; - } - -@@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - if (result < 0) - { - gnutls_assert (); -+ result = 0; - goto cleanup; - } - -@@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, - else if (result < 0) - { - gnutls_assert(); -+ result = 0; - goto cleanup; - } - --- -1.7.1 - diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-1959.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-1959.patch deleted file mode 100644 index 28989c97ceb7..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-1959.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- a/lib/x509/verify.c -+++ b/lib/x509/verify.c -@@ -692,8 +693,10 @@ - /* note that here we disable this V1 CA flag. So that no version 1 - * certificates can exist in a supplied chain. - */ -- if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) -+ if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) { - flags &= ~(GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); -+ flags |= GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT; -+ } - if ((ret = - _gnutls_verify_certificate2(certificate_list[i - 1], - &certificate_list[i], 1,
\ No newline at end of file diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3466.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3466.patch deleted file mode 100644 index 9e32296e86de..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3466.patch +++ /dev/null @@ -1,311 +0,0 @@ -From e47d30e272a0b3977db8dae09327acad45b931d8 Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@zoho.com> -Date: Sun, 1 Jun 2014 -Subject: CVE-2014-3466 - -This is a backport adaptation for use with GnuTLS 2.12.23. - -Relevant upstream commit(s): -------------------------- -https://gitorious.org/gnutls/gnutls/commit/688ea6428a432c -https://gitorious.org/gnutls/gnutls/commit/a7be326f0e33cf - ---- - lib/gnutls_handshake.c | 2 - tests/Makefile.am | 2 - tests/long-session-id.c | 268 ++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 270 insertions(+), 2 deletions(-) - ---- a/lib/gnutls_handshake.c -+++ b/lib/gnutls_handshake.c -@@ -1797,7 +1797,7 @@ _gnutls_read_server_hello (gnutls_sessio - DECR_LEN (len, 1); - session_id_len = data[pos++]; - -- if (len < session_id_len) -+ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -64,7 +64,7 @@ ctests = simple gc set_pkcs12_cred certd - crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 \ - crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain \ - nul-in-x509-names x509_altname pkcs12_encode mini-x509 \ -- mini-x509-rehandshake rng-fork x509cert gendh -+ mini-x509-rehandshake rng-fork x509cert gendh long-session-id - - if ENABLE_OPENSSL - ctests += openssl ---- /dev/null -+++ b/tests/long-session-id.c -@@ -0,0 +1,268 @@ -+/* -+ * Copyright (C) 2012 Free Software Foundation, Inc. -+ * -+ * Author: Nikos Mavrogiannopoulos -+ * -+ * This file is part of GnuTLS. -+ * -+ * GnuTLS is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GnuTLS is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GnuTLS; if not, write to the Free Software Foundation, -+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA -+ */ -+ -+#ifdef HAVE_CONFIG_H -+#include <config.h> -+#endif -+ -+#include <stdio.h> -+#include <stdlib.h> -+ -+#if defined(_WIN32) -+ -+int main() -+{ -+ exit(77); -+} -+ -+#else -+ -+#include <string.h> -+#include <sys/types.h> -+#include <netinet/in.h> -+#include <sys/socket.h> -+#include <sys/wait.h> -+#include <arpa/inet.h> -+#include <unistd.h> -+#include <gnutls/gnutls.h> -+#include <signal.h> -+ -+static int debug = 0; -+static void terminate(int); -+ -+/* This program tests the robustness of record -+ * decoding. -+ */ -+ -+static void client_log_func(int level, const char *str) -+{ -+ fprintf(stderr, "client|<%d>| %s", level, str); -+} -+ -+static unsigned char server_cert_pem[] = -+ "-----BEGIN CERTIFICATE-----\n" -+ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" -+ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" -+ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" -+ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" -+ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" -+ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" -+ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" -+ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" -+ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" -+ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" -+ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" -+ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" -+ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; -+ -+const gnutls_datum_t server_cert = { server_cert_pem, -+ sizeof(server_cert_pem) -+}; -+ -+static unsigned char server_key_pem[] = -+ "-----BEGIN RSA PRIVATE KEY-----\n" -+ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" -+ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" -+ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" -+ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" -+ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" -+ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" -+ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" -+ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" -+ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" -+ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" -+ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" -+ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" -+ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" -+ "-----END RSA PRIVATE KEY-----\n"; -+ -+const gnutls_datum_t server_key = { server_key_pem, -+ sizeof(server_key_pem) -+}; -+ -+ -+/* A very basic TLS client, with anonymous authentication. -+ */ -+ -+static void client(int fd, const char *prio) -+{ -+ int ret; -+ gnutls_anon_client_credentials_t anoncred; -+ gnutls_certificate_credentials_t x509_cred; -+ gnutls_session_t session; -+ /* Need to enable anonymous KX specifically. */ -+ -+ gnutls_global_init(); -+ -+ if (debug) { -+ gnutls_global_set_log_function(client_log_func); -+ gnutls_global_set_log_level(7); -+ } -+ -+ gnutls_anon_allocate_client_credentials(&anoncred); -+ gnutls_certificate_allocate_credentials(&x509_cred); -+ -+ /* Initialize TLS session -+ */ -+ gnutls_init(&session, GNUTLS_CLIENT); -+ -+ /* Use default priorities */ -+ gnutls_priority_set_direct(session, prio, NULL); -+ -+ /* put the anonymous credentials to the current session -+ */ -+ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); -+ gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); -+ -+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); -+ -+ /* Perform the TLS handshake -+ */ -+ do { -+ ret = gnutls_handshake(session); -+ } -+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0); -+ -+ if (ret < 0) { -+ fprintf(stderr, "client: Handshake failed (expected)\n"); -+ gnutls_perror(ret); -+ exit(0); -+ } else { -+ if (debug) -+ fprintf(stderr, "client: Handshake was completed\n"); -+ } -+ -+ close(fd); -+ -+ gnutls_deinit(session); -+ -+ gnutls_anon_free_client_credentials(anoncred); -+ gnutls_certificate_free_credentials(x509_cred); -+ -+ gnutls_global_deinit(); -+} -+ -+ -+/* These are global */ -+pid_t child; -+ -+static void terminate(int ret) -+{ -+ kill(child, SIGTERM); -+ exit(ret); -+} -+ -+static void server(int fd, const char *prio) -+{ -+ int ret; -+ uint8_t id[255]; -+ uint8_t buffer[] = "\x16\x03\x00\x01\x25" -+ "\x02\x00\x01\x21" -+ "\x03\x00"/*Server Version */ -+ /*Random*/"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00" -+ /*SessionID*/"\xfe"; -+ -+ ret = read(fd, id, sizeof(id)); -+ if (ret < 0) { -+ abort(); -+ } -+ -+ ret = write(fd, buffer, sizeof(buffer)); -+ if (ret < 0) { -+ return; -+ } -+ -+ memset(id, 0xff, sizeof(id)); -+ ret = write(fd, id, sizeof(id)); -+ if (ret < 0) { -+ return; -+ } -+ -+ memset(id, 0xff, sizeof(id)); -+ ret = write(fd, id, sizeof(id)); -+ if (ret < 0) { -+ return; -+ } -+ sleep(3); -+ -+ return; -+} -+ -+static void start(const char *prio) -+{ -+ int fd[2]; -+ int ret; -+ -+ ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd); -+ if (ret < 0) { -+ perror("socketpair"); -+ exit(1); -+ } -+ -+ child = fork(); -+ if (child < 0) { -+ perror("fork"); -+ exit(1); -+ } -+ -+ if (child) { -+ /* parent */ -+ close(fd[1]); -+ server(fd[0], prio); -+ kill(child, SIGTERM); -+ } else { -+ close(fd[0]); -+ client(fd[1], prio); -+ exit(0); -+ } -+} -+ -+static void ch_handler(int sig) -+{ -+ int status, ret = 0; -+ wait(&status); -+ if (WEXITSTATUS(status) != 0 || -+ (WIFSIGNALED(status) && WTERMSIG(status) == SIGSEGV)) { -+ if (WIFSIGNALED(status)) { -+ fprintf(stderr, "Child died with sigsegv\n"); -+ ret = 1; -+ } else { -+ fprintf(stderr, "Child died with status %d\n", -+ WEXITSTATUS(status)); -+ } -+ terminate(ret); -+ } -+ return; -+} -+ -+int main(int argc, char **argv) -+{ -+ signal(SIGCHLD, ch_handler); -+ -+ if (argc > 1) -+ debug = 1; -+ -+ start("NORMAL"); -+ return 0; -+} -+ -+#endif /* _WIN32 */ diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3467.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3467.patch deleted file mode 100644 index e52965e2b824..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3467.patch +++ /dev/null @@ -1,45 +0,0 @@ -From d4ff19de527cd3eb444c560639324cda35bc838e Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@zoho.com> -Date: Sun, 1 Jun 2014 -Subject: CVE-2014-3467 - -This is a backport adaptation for use with GnuTLS 2.12.23. - -Relevant upstream commit(s): -------------------------- -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=ff3b5c68cc32e3 -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=51612fca32dda4 - ---- - lib/minitasn1/decoding.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - ---- a/lib/minitasn1/decoding.c -+++ b/lib/minitasn1/decoding.c -@@ -149,7 +149,7 @@ asn1_get_tag_der (const unsigned char *d - /* Long form */ - punt = 1; - ris = 0; -- while (punt <= der_len && der[punt] & 128) -+ while (punt < der_len && der[punt] & 128) - { - last = ris; - -@@ -259,7 +259,7 @@ _asn1_get_time_der (const unsigned char - if (der_len <= 0 || str == NULL) - return ASN1_DER_ERROR; - str_len = asn1_get_length_der (der, der_len, &len_len); -- if (str_len < 0 || str_size < str_len) -+ if (str_len <= 0 || str_size < str_len) - return ASN1_DER_ERROR; - memcpy (str, der + len_len, str_len); - str[str_len] = 0; -@@ -285,7 +285,7 @@ _asn1_get_objectid_der (const unsigned c - return ASN1_GENERIC_ERROR; - len = asn1_get_length_der (der, der_len, &len_len); - -- if (len < 0 || len > der_len || len_len > der_len) -+ if (len <= 0 || len > der_len || len_len > der_len) - return ASN1_DER_ERROR; - - val1 = der[len_len] / 40; diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3468.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3468.patch deleted file mode 100644 index bd324094c293..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3468.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 24ed1d41707f873f3b7a22159e4bb3942f319fac Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@zoho.com> -Date: Sun, 1 Jun 2014 -Subject: CVE-2014-3468 - -This is a backport adaptation for use with GnuTLS 2.12.23. - -Relevant upstream commit(s): -------------------------- -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf1 - ---- - lib/minitasn1/decoding.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - ---- a/lib/minitasn1/decoding.c -+++ b/lib/minitasn1/decoding.c -@@ -226,7 +226,7 @@ asn1_get_octet_der (const unsigned char - int *ret_len, unsigned char *str, int str_size, - int *str_len) - { -- int len_len; -+ int len_len = 0; - - if (der_len <= 0) - return ASN1_GENERIC_ERROR; -@@ -347,7 +347,7 @@ asn1_get_bit_der (const unsigned char *d - int *ret_len, unsigned char *str, int str_size, - int *bit_len) - { -- int len_len, len_byte; -+ int len_len = 0, len_byte; - - if (der_len <= 0) - return ASN1_GENERIC_ERROR; -@@ -358,6 +358,9 @@ asn1_get_bit_der (const unsigned char *d - *ret_len = len_byte + len_len + 1; - *bit_len = len_byte * 8 - der[len_len]; - -+ if (*bit_len <= 0) -+ return ASN1_DER_ERROR; -+ - if (str_size >= len_byte) - memcpy (str, der + len_len + 1, len_byte); - else diff --git a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3469.patch b/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3469.patch deleted file mode 100644 index a99b433b3c92..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-CVE-2014-3469.patch +++ /dev/null @@ -1,122 +0,0 @@ -From 7f5a6256231e278aa7d00b6851c22fb457537262 Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@zoho.com> -Date: Sun, 1 Jun 2014 -Subject: CVE-2014-3469 - -This is a backport adaptation for use with GnuTLS 2.12.23. - -Relevant upstream commit(s): -------------------------- -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a8b3e14f84174e -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=3d6a02f19ff15a -http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=53958290ab731c - ---- - lib/minitasn1/decoding.c | 11 ++++++++--- - lib/minitasn1/element.c | 27 ++++++++++++++++++--------- - 2 files changed, 26 insertions(+), 12 deletions(-) - ---- a/lib/minitasn1/decoding.c -+++ b/lib/minitasn1/decoding.c -@@ -231,7 +231,6 @@ asn1_get_octet_der (const unsigned char - if (der_len <= 0) - return ASN1_GENERIC_ERROR; - -- /* if(str==NULL) return ASN1_SUCCESS; */ - *str_len = asn1_get_length_der (der, der_len, &len_len); - - if (*str_len < 0) -@@ -239,7 +238,10 @@ asn1_get_octet_der (const unsigned char - - *ret_len = *str_len + len_len; - if (str_size >= *str_len) -- memcpy (str, der + len_len, *str_len); -+ { -+ if (*str_len > 0 && str != NULL) -+ memcpy (str, der + len_len, *str_len); -+ } - else - { - return ASN1_MEM_ERROR; -@@ -362,7 +364,10 @@ asn1_get_bit_der (const unsigned char *d - return ASN1_DER_ERROR; - - if (str_size >= len_byte) -- memcpy (str, der + len_len + 1, len_byte); -+ { -+ if (len_byte > 0 && str) -+ memcpy (str, der + len_len + 1, len_byte); -+ } - else - { - return ASN1_MEM_ERROR; ---- a/lib/minitasn1/element.c -+++ b/lib/minitasn1/element.c -@@ -112,8 +112,11 @@ _asn1_convert_integer (const unsigned ch - /* VALUE_OUT is too short to contain the value conversion */ - return ASN1_MEM_ERROR; - -- for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) -- value_out[k2 - k] = val[k2]; -+ if (value_out != NULL) -+ { -+ for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) -+ value_out[k2 - k] = val[k2]; -+ } - - #if 0 - printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); -@@ -611,7 +614,8 @@ asn1_write_value (asn1_node node_root, c - if (ptr_size < data_size) { \ - return ASN1_MEM_ERROR; \ - } else { \ -- memcpy( ptr, data, data_size); \ -+ if (ptr && data_size > 0) \ -+ memcpy( ptr, data, data_size); \ - } - - #define PUT_STR_VALUE( ptr, ptr_size, data) \ -@@ -620,16 +624,19 @@ asn1_write_value (asn1_node node_root, c - return ASN1_MEM_ERROR; \ - } else { \ - /* this strcpy is checked */ \ -- _asn1_strcpy(ptr, data); \ -+ if (ptr) { \ -+ _asn1_strcpy(ptr, data); \ -+ } \ - } - - #define ADD_STR_VALUE( ptr, ptr_size, data) \ -- *len = (int) _asn1_strlen(data) + 1; \ -- if (ptr_size < (int) _asn1_strlen(ptr)+(*len)) { \ -+ *len += _asn1_strlen(data); \ -+ if (ptr_size < (int) *len) { \ -+ (*len)++; \ - return ASN1_MEM_ERROR; \ - } else { \ - /* this strcat is checked */ \ -- _asn1_strcat(ptr, data); \ -+ if (ptr) _asn1_strcat (ptr, data); \ - } - - /** -@@ -786,7 +793,9 @@ asn1_read_value (asn1_node root, const c - case TYPE_OBJECT_ID: - if (node->type & CONST_ASSIGN) - { -- value[0] = 0; -+ *len = 0; -+ if (value) -+ value[0] = 0; - p = node->down; - while (p) - { -@@ -800,7 +809,7 @@ asn1_read_value (asn1_node root, const c - } - p = p->right; - } -- *len = _asn1_strlen (value) + 1; -+ (*len)++; - } - else if ((node->type & CONST_DEFAULT) && (node->value == NULL)) - { diff --git a/net-libs/gnutls/files/gnutls-2.12.23-cross-compile.patch b/net-libs/gnutls/files/gnutls-2.12.23-cross-compile.patch deleted file mode 100644 index 31178fcd8c46..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-cross-compile.patch +++ /dev/null @@ -1,69 +0,0 @@ -use pkg-config to locate zlib rather than hardcoding system -L/-I paths - -for pthreads, just hardcode it enabled - -for gnutls, don't hardcode -L/-I all the time to the host paths - ---- a/lib/configure.ac -+++ b/lib/configure.ac -@@ -70,26 +70,23 @@ AC_ARG_WITH(zlib, AS_HELP_STRING([--without-zlib], - AC_MSG_CHECKING([whether to include zlib compression support]) - if test x$ac_zlib != xno; then - AC_MSG_RESULT(yes) -- AC_LIB_HAVE_LINKFLAGS(z,, [#include <zlib.h>], [compress (0, 0, 0, 0);]) -- if test "$ac_cv_libz" != yes; then -- AC_MSG_WARN( --*** --*** ZLIB was not found. You will not be able to use ZLIB compression.) -- fi - else - AC_MSG_RESULT(no) - fi - --PKG_CHECK_EXISTS(zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n) -- - if test x$ac_zlib != xno; then -+ PKG_CHECK_MODULES(ZLIB, zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n) - if test "$ZLIB_HAS_PKGCONFIG" = "y" ; then -+ LTLIBZ=$ZLIB_LIBS -+ AC_DEFINE([HAVE_LIBZ], [1], [zlib is enabled]) -+ AC_SUBST(LTLIBZ) - if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then - GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib" - else - GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE , zlib" - fi - else -+ AC_LIB_HAVE_LINKFLAGS(z,, [#include <zlib.h>], [compress (0, 0, 0, 0);]) - GNUTLS_ZLIB_LIBS_PRIVATE="$LTLIBZ" - fi - fi -@@ -124,10 +121,12 @@ fi - lgl_INIT - - AC_CHECK_FUNCS(getrusage,,) --AC_LIB_HAVE_LINKFLAGS(pthread,, [#include <pthread.h>], [pthread_mutex_lock (0);]) -+LTLIBPTHREAD='-pthread' -+AC_DEFINE([HAVE_LIBPTHREAD], [1], [pthread enabled]) -+AC_SUBST(LTLIBPTHREAD) - --LIBGNUTLS_LIBS="-L${libdir} -lgnutls $LIBS" --LIBGNUTLS_CFLAGS="-I${includedir}" -+LIBGNUTLS_LIBS="-lgnutls $LIBS" -+LIBGNUTLS_CFLAGS="" - AC_SUBST(LIBGNUTLS_LIBS) - AC_SUBST(LIBGNUTLS_CFLAGS) - ---- a/libextra/configure.ac -+++ b/libextra/configure.ac -@@ -41,8 +41,8 @@ LIBGNUTLS_EXTRA_HOOKS - - xgl_INIT - --LIBGNUTLS_EXTRA_LIBS="-L${libdir} -lgnutls-extra $LZO_LIBS $LIBGNUTLS_LIBS" --LIBGNUTLS_EXTRA_CFLAGS="-I${includedir}" -+LIBGNUTLS_EXTRA_LIBS="-lgnutls-extra $LZO_LIBS $LIBGNUTLS_LIBS" -+LIBGNUTLS_EXTRA_CFLAGS="" - AC_SUBST(LIBGNUTLS_EXTRA_LIBS) - AC_SUBST(LIBGNUTLS_EXTRA_CFLAGS) - diff --git a/net-libs/gnutls/files/gnutls-2.12.23-gdoc-perl-5.18.patch b/net-libs/gnutls/files/gnutls-2.12.23-gdoc-perl-5.18.patch deleted file mode 100644 index a89e8f253058..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-gdoc-perl-5.18.patch +++ /dev/null @@ -1,137 +0,0 @@ ---- gnutls-2.12.23.orig/doc/scripts/gdoc 2011-04-08 02:30:44.000000000 +0200 -+++ gnutls-2.12.23/doc/scripts/gdoc 2014-03-10 01:53:28.899566076 +0200 -@@ -7,6 +7,8 @@ - ## Copyright (c) 2001, 2002 Nikos Mavrogiannopoulos - ## added -tex - ## Copyright (c) 1998 Michael Zucchi -+## Copyright (c) 2013 Adam Sampson -+## made highlighting not depend on hash order, for Perl 5.18 - - # This program is free software: you can redistribute it and/or modify - # it under the terms of the GNU General Public License as published by -@@ -143,44 +145,44 @@ - # One for each output format - - # these work fairly well --%highlights_html = ( $type_constant, "<i>\$2</i>", -- $type_func, "<b>\$1</b>", -- $type_struct, "<i>\$1</i>", -- $type_param, "<tt><b>\$1</b></tt>" ); -+@highlights_html = ( [$type_constant, "<i>\$2</i>"], -+ [$type_func, "<b>\$1</b>"], -+ [$type_struct, "<i>\$1</i>"], -+ [$type_param, "<tt><b>\$1</b></tt>"] ); - $blankline_html = "<p>"; - --%highlights_texinfo = ( $type_constant, "\\\@code{\$2}", -- $type_func, "\\\@code{\$1}", -- $type_struct, "\\\@code{\$1}", -- $type_param, "\\\@code{\$1}" ); -+@highlights_texinfo = ( [$type_constant, "\\\@code{\$2}"], -+ [$type_func, "\\\@code{\$1}"], -+ [$type_struct, "\\\@code{\$1}"], -+ [$type_param, "\\\@code{\$1}"] ); - $blankline_texinfo = ""; - --%highlights_tex = ( $type_constant, "{\\\\it \$2}", -- $type_func, "{\\\\bf \$1}", -- $type_struct, "{\\\\it \$1}", -- $type_param, "{\\\\bf \$1}" ); -+@highlights_tex = ( [$type_constant, "{\\\\it \$2}"], -+ [$type_func, "{\\\\bf \$1}"], -+ [$type_struct, "{\\\\it \$1}"], -+ [$type_param, "{\\\\bf \$1}"] ); - $blankline_tex = "\\\\"; - - # sgml, docbook format --%highlights_sgml = ( $type_constant, "<replaceable class=\"option\">\$2</replaceable>", -- $type_func, "<function>\$1</function>", -- $type_struct, "<structname>\$1</structname>", -- $type_env, "<envar>\$1</envar>", -- $type_param, "<parameter>\$1</parameter>" ); -+@highlights_sgml = ( [$type_constant, "<replaceable class=\"option\">\$2</replaceable>"], -+ [$type_func, "<function>\$1</function>"], -+ [$type_struct, "<structname>\$1</structname>"], -+ [$type_env, "<envar>\$1</envar>"], -+ [$type_param, "<parameter>\$1</parameter>"] ); - $blankline_sgml = "</para><para>\n"; - - # these are pretty rough --%highlights_man = ( $type_constant, "\\\\fB\$2\\\\fP", -- $type_func, "\\\\fB\$1\\\\fP", -- $type_struct, "\\\\fB\$1\\\\fP", -- $type_param, "\\\\fI\$1\\\\fP" ); -+@highlights_man = ( [$type_constant, "\\\\fB\$2\\\\fP"], -+ [$type_func, "\\\\fB\$1\\\\fP"], -+ [$type_struct, "\\\\fB\$1\\\\fP"], -+ [$type_param, "\\\\fI\$1\\\\fP"] ); - $blankline_man = ""; - - # text-mode --%highlights_text = ( $type_constant, "\$2", -- $type_func, "\$1", -- $type_struct, "\$1", -- $type_param, "\$1" ); -+@highlights_text = ( [$type_constant, "\$2"], -+ [$type_func, "\$1"], -+ [$type_struct, "\$1"], -+ [$type_param, "\$1"] ); - $blankline_text = ""; - - -@@ -201,7 +203,7 @@ - - $verbose = 0; - $output_mode = "man"; --%highlights = %highlights_man; -+@highlights = @highlights_man; - $blankline = $blankline_man; - $modulename = "API Documentation"; - $sourceversion = strftime "%Y-%m-%d", localtime; -@@ -210,27 +212,27 @@ - $cmd = shift @ARGV; - if ($cmd eq "-html") { - $output_mode = "html"; -- %highlights = %highlights_html; -+ @highlights = @highlights_html; - $blankline = $blankline_html; - } elsif ($cmd eq "-man") { - $output_mode = "man"; -- %highlights = %highlights_man; -+ @highlights = @highlights_man; - $blankline = $blankline_man; - } elsif ($cmd eq "-tex") { - $output_mode = "tex"; -- %highlights = %highlights_tex; -+ @highlights = @highlights_tex; - $blankline = $blankline_tex; - } elsif ($cmd eq "-texinfo") { - $output_mode = "texinfo"; - %highlights = %highlights_texinfo; -- $blankline = $blankline_texinfo; -+ @blankline = @blankline_texinfo; - } elsif ($cmd eq "-text") { - $output_mode = "text"; - %highlights = %highlights_text; -- $blankline = $blankline_text; -+ @blankline = @blankline_text; - } elsif ($cmd eq "-docbook") { - $output_mode = "sgml"; -- %highlights = %highlights_sgml; -+ @highlights = @highlights_sgml; - $blankline = $blankline_sgml; - } elsif ($cmd eq "-listfunc") { - $output_mode = "listfunc"; -@@ -322,9 +324,10 @@ - my $line; - my $ret = ""; - -- foreach $pattern (keys %highlights) { -+ foreach $highlight (@highlights) { -+ my ($pattern, $replace) = @$highlight; - # print "scanning pattern $pattern ($highlights{$pattern})\n"; -- $contents =~ s:$pattern:repstr($pattern, $highlights{$pattern}, $1, $2, $3, $4):gse; -+ $contents =~ s:$pattern:repstr($pattern, $replace, $1, $2, $3, $4):gse; - } - foreach $line (split "\n", $contents) { - if ($line eq ""){ diff --git a/net-libs/gnutls/files/gnutls-2.12.23-gl-tests-getaddrinfo-skip-if-no-network.patch b/net-libs/gnutls/files/gnutls-2.12.23-gl-tests-getaddrinfo-skip-if-no-network.patch deleted file mode 100644 index 6d04ccbdcd8d..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-gl-tests-getaddrinfo-skip-if-no-network.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 4b3252d59ef2d73118e2de6743ba58e2cbafa008 Mon Sep 17 00:00:00 2001 -From: Alon Bar-Lev <alon.barlev@gmail.com> -Date: Sat, 8 Mar 2014 22:13:51 +0200 -Subject: [PATCH] tests: getaddrinfo: skip if no network - -When running tests under network sandbox, there is no connectivity to -the DNS, in this case function returns system error and ECONNREFUSED -this should result in skipping test. - -Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> ---- - tests/test-getaddrinfo.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gl/tests/test-getaddrinfo.c b/gl/tests/test-getaddrinfo.c -index acf9cd6..b155410 100644 ---- a/gl/tests/test-getaddrinfo.c -+++ b/gl/tests/test-getaddrinfo.c -@@ -85,7 +85,7 @@ simple (char const *host, char const *service) - /* EAI_AGAIN is returned if no network is available. Don't fail - the test merely because someone is down the country on their - in-law's farm. */ -- if (res == EAI_AGAIN) -+ if (res == EAI_AGAIN || (res == EAI_SYSTEM && err == ECONNREFUSED)) - { - skip++; - fprintf (stderr, "skipping getaddrinfo test: no network?\n"); --- -1.8.3.2 - diff --git a/net-libs/gnutls/files/gnutls-2.12.23-hppa.patch b/net-libs/gnutls/files/gnutls-2.12.23-hppa.patch deleted file mode 100644 index 16981cf2e91b..000000000000 --- a/net-libs/gnutls/files/gnutls-2.12.23-hppa.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 043fe2c28a5f6b3ec6202090faaf7933b247e40c Mon Sep 17 00:00:00 2001 -From: Alon Bar-Lev <alon.barlev@gmail.com> -Date: Mon, 17 Jun 2013 13:27:55 +0300 -Subject: [PATCH] build: fix hppa compile - -gentoo#471914 - -O_SYNC : 262144 -O_DSYNC: 262144 -O_RSYNC: 524288 ---- - gl/tests/test-fcntl-h.c | 2 +- - lib/gl/tests/test-fcntl-h.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/gl/tests/test-fcntl-h.c b/gl/tests/test-fcntl-h.c -index a6c9621..9e13491 100644 ---- a/gl/tests/test-fcntl-h.c -+++ b/gl/tests/test-fcntl-h.c -@@ -111,7 +111,7 @@ main (void) - #if O_RSYNC && O_RSYNC != O_DSYNC - case O_RSYNC: - #endif --#if O_SYNC && O_SYNC != O_RSYNC -+#if O_SYNC && O_SYNC != O_RSYNC && O_SYNC != O_DSYNC - case O_SYNC: - #endif - #if O_TTY_INIT -diff --git a/lib/gl/tests/test-fcntl-h.c b/lib/gl/tests/test-fcntl-h.c -index a6c9621..9e13491 100644 ---- a/lib/gl/tests/test-fcntl-h.c -+++ b/lib/gl/tests/test-fcntl-h.c -@@ -111,7 +111,7 @@ main (void) - #if O_RSYNC && O_RSYNC != O_DSYNC - case O_RSYNC: - #endif --#if O_SYNC && O_SYNC != O_RSYNC -+#if O_SYNC && O_SYNC != O_RSYNC && O_SYNC != O_DSYNC - case O_SYNC: - #endif - #if O_TTY_INIT --- -1.8.1.5 - |