Commit graph

73 commits

Author SHA1 Message Date
minskim
356082c4c1 security/botan{,-devel}: Designate doc dir explicitly
Before this change, botan{,-devel} installed documents in
${PREFIX}/doc, not ${PREFIX}/share/doc, on Darwin.
2018-09-04 00:02:02 +00:00
joerg
a19083df44 Mark packages that require C++03 (or the GNU variants) if they fail with
C++14 default language.
2018-07-18 00:06:10 +00:00
adam
a31bce9748 extend PYTHON_VERSIONS_ for Python 3.7 2018-07-03 05:03:01 +00:00
joerg
7c898cc450 Update to botan-1.10.17:
- Fix for CVE-2017-14737 (side channel)
- workaround a gcc7 bug on i386
- improve forward API compatibility
2018-07-01 17:23:43 +00:00
wiz
9d1c527d4f botan: follow redirects 2017-11-26 10:39:37 +00:00
joerg
5c32c49829 Update Botan to 1.10.16:
Fix a bug in X509 DN string comparisons that could result in out of
    bound reads. This could result in information leakage, denial of
    service, or potentially incorrect certificate validation results.
    (CVE-2017-2801)

    Avoid throwing during a destructor since this is undefined in
    C++11 and rarely a good idea. (GH #930)


    Fix a bug causing modular exponentiations done modulo even numbers
    to almost always be incorrect, unless the values were small. This
    bug is not known to affect any cryptographic operation in Botan. (GH
    #754)

    Avoid use of C++11 std::to_string in some code added in 1.10.14
    (GH #747 #834)

    Fix integer overflow during BER decoding, found by Falko Strenzke.
    This bug is not thought to be directly exploitable but upgrading ASAP
    is advised. (CVE-2016-9132)

    Fix two cases where (in error situations) an exception would be thrown
    from a destructor, causing a call to std::terminate.

    When RC4 is disabled in the build, also prevent it from being included
    in the OpenSSL provider. (GH #638)
2017-04-10 20:26:31 +00:00
wiz
7f84153239 Add python-3.6 to incompatible versions. 2017-01-01 14:43:22 +00:00
joerg
eb7702387e Update to Botan-1.10.13:
- Use constant time modular inverse algorithm to avoid possible side
  channel attack against ECDSA (CVE-2016-2849)
- Use constant time PKCS #1 unpadding to avoid possible side channel
  attack against RSA decryption (CVE-2015-7827)
2016-11-11 19:46:48 +00:00
wiz
ad0031c15e Remove python33: adapt all packages that refer to it. 2016-07-09 13:03:30 +00:00
markd
875534ca34 Don't try to use sphinx if found. 2016-06-19 05:26:37 +00:00
he
499fe2d466 Follow joerg's advice, use i386 as PLIST variable and revert to
just one PLIST.  Installs cleanly on NetBSD/i386 and NetBSD/amd64.
2016-06-09 08:20:43 +00:00
he
07bd9da859 Separate out files only installed on SunOS.
Make a temporary hack for non-SunOS, not yet fully verified;
this somehow needs to mirror what the package's configure.py
figures out, and expressing that properly and portably in
pkgsrc seems hard.
2016-06-09 07:20:57 +00:00
he
a61613614e Try to reconcile PLIST with what's installed, taking care to preserve
the PLIST.x86* entries.  The sse2 entries are however gone, but a few
new ones have appeared (md4_x86_32.h etc.)  Installs cleanly now on
NetBSD/i386 6.1.5.
2016-06-08 08:19:52 +00:00
fhajny
e5fe8c4892 Avoid dependency on /usr/ucb on SunOS, fixes install on at least
SmartOS. Sort PLIST with LANG=C.
2016-06-03 11:52:42 +00:00
joerg
a429c5375e Deal with lack of TR1 support in libc++ by using the C++11 directly
then.
2016-05-31 21:36:17 +00:00
kre
326bb93eb4 Update MASTER_SITES to match current layout at the master site.
OK wiz@
2016-05-23 06:52:54 +00:00
joerg
8df8d78b0b Update Botan to 1.10.12, the latest pre-C++11 version.
Includes various security fixes.
2016-05-19 22:10:24 +00:00
adam
7f3b4730ad Extend PYTHON_VERSIONS_INCOMPATIBLE to 35 2015-12-05 21:25:27 +00:00
agc
5293710fb4 Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 01:17:40 +00:00
joerg
66a22fb17d Recognize evbarm. 2015-02-19 14:25:12 +00:00
jperkin
365e111be0 Fix PLIST for SunOS/x86_64 2014-09-16 08:47:11 +00:00
jperkin
49be75466b Explicitly pass --cpu=amd64 for MACHINE_ARCH=x86_64, fixes build on SunOS. 2014-09-08 09:12:50 +00:00
wiz
c1b44346cd Mark packages that are not ready for python-3.3 also not ready for 3.4,
until proven otherwise.
2014-05-09 07:36:53 +00:00
joerg
38a72245a8 Add upper limit to the botan dependency. Bump revisions as needed. 2014-02-25 11:51:32 +00:00
joerg
f70b77e878 Correct license. 2014-02-24 19:58:19 +00:00
wiz
aa67e11089 Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE=  33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE=  33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.

Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.

Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.

Whitespace cleanups and other nits corrected, where necessary.
2014-01-25 10:29:56 +00:00
joerg
b6e4704367 Prefer C++11 interfaces over tr1 for libc++ and C++11. 2013-05-06 14:58:20 +00:00
riz
3c49e35bd9 Set up PLIST_VARS for ppc and arm, and use them to point out that arm
doesn't have hardware timer support, so gets one less file installed.

Package builds on evbarm now.
2013-01-23 16:45:27 +00:00
riz
82693b6ea5 Detect arm MACHINE_ARCH, and set --cpu accordingly, so it can build
on NetBSD ARM platforms.  Tested on my Sheevaplug.

XXX will probably need similar treatment for mips and sh3.
2013-01-12 20:52:27 +00:00
asau
1a433eae91 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-23 18:16:19 +00:00
pettai
e1dba2d577 Update to Botan 1.8.14:
* 1.8.14, 2012-07-18

- The malloc allocator would return null instead of throwing in the event of
  an allocation failure, which could cause an application crash due to null
  pointer dereference where normally an exception would occur.
- Recent versions of OpenSSL include extra information in ECC private keys,
  the presence of which caused an exception when such a key was loaded by
  botan. The decoding of ECC private keys has been changed to ignore these
  fields if they are set.
- AutoSeeded_RNG has been changed to prefer /dev/random over /dev/urandom
- Fix detection of s390x (Debian bug 638347)
2012-10-08 20:46:38 +00:00
marino
10303c9a85 security/botan: Fix DragonFly-*-i386 PLIST 2012-05-20 11:43:33 +00:00
fhajny
f926cc3866 Adding PLIST.SunOS 2012-03-13 08:01:01 +00:00
marino
8f5a7ba0d0 security/botan: Fix DragonFly
1) Update two configuration files to include DragonFly, which results in
   additional generated files.
2) Update PLIST.DragonFly (it was wrong in any case)
2011-12-17 16:09:46 +00:00
jmmv
fe40429e60 Move the *_amd64 PLIST entries out of the common file and into all of the
platform files except Darwin.  Also add the *_sse2 entries to Darwin.

Note that both *_amd64 and *_sse2 are conditional on x86_64, so this
division of files per platform is easier to do by PLIST tweaks than by
further Makefile conditionals.

This fixes the build of botan under OS X Lion with ABI=64 and should be
a no-op for all other platforms.
2011-12-08 03:01:03 +00:00
riz
c9e140c951 Remove some i386-specific files which are no longer installed. 2011-12-04 22:39:40 +00:00
joerg
a94fa4ae8b Update to Botan 1.8.13:
* 1.8.13, 2011-07-02
 - A race in Algorithm_Factory that could cause crashes in multithreaded
   code has been fixed.

* 1.8.12, 2011-06-20
 - If EMSA3(Raw) was used for more than one signature, it would produce
   incorrect output.
 - Fix the --enable-debug option to configure.py
 - Improve OS detection on Cygwin
 - Fix compilation under Sun Studio 12 on Solaris
 - Fix a memory leak in the constructors of DataSource_Stream and
   DataSink_Stream which would occur if opening the file failed. PR 144

* 1.8.11, 2010-11-02
 - Fix a number of CRL encoding and decoding bugs
 - When building a debug library under VC++, use the debug runtime
 - Fix compilation under Sun Studio on Linux and Solaris
 - Add several functions for compatability with 1.9
 - In the examples, read most input files as binary
 - The Perl build script has been removed in this release

* 1.8.10, 2010-08-31
 - Switch default PKCS #8 encryption algorithm from 3DES to AES-256
 - Increase default hash iterations from 2048 to 10000 in PBES1 and
PBES2
 - Use small tables in the first round of AES
 - Add PBKDF typedef and get_pbkdf for better compatability with 1.9
 - Add version of S2K::derive_key taking salt and iteration count
 - Enable the /proc-walking entropy source on NetBSD
 - Fix the doxygen makefile target

* 1.8.9, 2010-06-16
 - Use constant time multiplication in IDEA
 - Avoid possible timing attack against OAEP decoding
 - Add new X509::BER_encode and PKCS8::BER_encode
 - Enable DLL builds under Windows
 - Add Win32 installer support
 - Add support for the Clang compiler
 - Fix problem in semcem.h preventing build under Clang or GCC 3.4
 - Fix bug that prevented creation of DSA groups under 1024 bits
 - Fix crash in GMP_Engine if library is shutdown and reinitialized
 - Work around problem with recent binutils in x86-64 SHA-1
 - The Perl build script is no longer supported and refuses to run by
   default

* 1.8.8, 2009-11-03
 - Alter Skein-512 to match the tweaked 1.2 specification
 - Fix use of inline asm for access to x86 bswap function
 - Allow building the library without AES enabled
 - Add 'powerpc64' alias to ppc64 arch for Gentoo ebuild
2011-11-25 21:25:26 +00:00
joerg
8901c5a3f6 Strictler template usage. Bump revision. 2011-09-08 00:15:50 +00:00
reed
4f7f4a21b8 Remove the REPLACE_PYTHON. It pointed to unused "perl" file.
It is not needed since python is ran directly.
2011-05-10 13:01:01 +00:00
riz
3a41b48a3e Explicitly pass "--cpu=i386" when MACHINE_ARCH is i386 in order for
this to build properly under Mac OS X "Snow Leopard" on a 64-bit host.
Fixes PR pkg/44191 by me.
2010-12-15 21:52:15 +00:00
joerg
69a49845e4 Sort out PLIST for i386. Bump revision. 2010-10-12 19:36:43 +00:00
jnemeth
1c55f55e8f PR/43470 - Jack Lloyd -- update DESCR
While here, do some minor delinting and set LICENSE.
2010-06-14 18:27:54 +00:00
jmmv
9e5b6dcbef Fix PLIST when installing in Linux. 2010-03-31 10:33:46 +00:00
joerg
3a06eb96bf Bump revision for PYTHON_VERSION_DEFAULT change. 2010-02-10 19:17:31 +00:00
jmmv
d464689d18 Fix -install_name of library in OS X to include its full path. This is how
other libraries are being installed (as far as otool -D says) and fixes the
execution of mtn, which couldn't find the botan library before.
2009-10-22 10:25:02 +00:00
joerg
7a466a7121 Fix amd64 case. Simplify. 2009-10-06 18:34:14 +00:00
jmmv
62df13b509 Set the correct cpu in macppc and macppc64 so that this builds. Only
verified in macppc though.
2009-10-03 18:02:32 +00:00
jmmv
b5087ad17a Include bsd.prefs.mk to get the definition of MACHINE_ARCH. 2009-09-23 16:36:30 +00:00
jmmv
a2261658c3 Update to 1.8.7. Too many changes to list here.
This update is quite delicate and I'm sure it'll break somewhere.  So far
I've only been able to test it in NetBSD/amd64 and Mac OS X Leopard.

I'm bumping the dependency version in buildlink3.mk because the only package
using this seems to be Monotone, and I'll updating it right away.
2009-09-23 16:03:25 +00:00
wiz
059bf86ace Remove BROKEN_IN variable. It was no maintained, and there was no
defined workflow for setting it, removing it, or removing packages
depending on it.
2009-08-25 12:32:54 +00:00