[packages/eet] - rel 3; fix gnutls build
arekm
arekm at pld-linux.org
Wed Sep 19 10:56:24 CEST 2018
commit 8668a904faf2ee0b8f18b0b9b8b1552d680eb33a
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Sep 19 10:56:06 2018 +0200
- rel 3; fix gnutls build
eet.spec | 6 ++-
gnutls.patch | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 157 insertions(+), 2 deletions(-)
---
diff --git a/eet.spec b/eet.spec
index 628b3b8..00c2ee4 100644
--- a/eet.spec
+++ b/eet.spec
@@ -8,11 +8,12 @@ Summary: Library for speedy data storage, retrieval, and compression
Summary(pl.UTF-8): Biblioteka do szybkiego zapisywania, odtwarzania i kompresji danych
Name: eet
Version: 1.7.10
-Release: 2
+Release: 3
License: BSD
Group: Libraries
-Source0: http://download.enlightenment.org/releases/%{name}-%{version}.tar.bz2
+Source0: http://download.enlightenment.org/att/releases/%{name}-%{version}.tar.bz2
# Source0-md5: 396ccb7094518cb9ce6939e7d2c6ef8c
+Patch0: gnutls.patch
URL: http://trac.enlightenment.org/e/wiki/Eet
BuildRequires: autoconf >= 2.52
BuildRequires: automake >= 1.6
@@ -86,6 +87,7 @@ Statyczna biblioteka Eet.
%prep
%setup -q
+%patch0 -p1
%build
%{__libtoolize}
diff --git a/gnutls.patch b/gnutls.patch
new file mode 100644
index 0000000..3f29c49
--- /dev/null
+++ b/gnutls.patch
@@ -0,0 +1,153 @@
+--- eet-1.7.10/src/lib/eet_cipher.c.orig 2013-07-29 16:22:39.000000000 +0200
++++ eet-1.7.10/src/lib/eet_cipher.c 2018-09-19 10:34:46.452526279 +0200
+@@ -56,9 +56,7 @@ void *alloca(size_t);
+
+ #ifdef HAVE_CIPHER
+ # ifdef HAVE_GNUTLS
+-# if defined EET_USE_NEW_PUBKEY_VERIFY_HASH || defined EET_USE_NEW_PRIVKEY_SIGN_DATA
+-# include <gnutls/abstract.h>
+-# endif
++# include <gnutls/abstract.h>
+ # include <gnutls/x509.h>
+ # include <gcrypt.h>
+ # else /* ifdef HAVE_GNUTLS */
+@@ -500,10 +498,8 @@ eet_identity_sign(FILE *fp,
+ gnutls_datum_t datum = { NULL, 0 };
+ size_t sign_len = 0;
+ size_t cert_len = 0;
+-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA
+ gnutls_datum_t signum = { NULL, 0 };
+ gnutls_privkey_t privkey;
+-#endif
+ # else /* ifdef HAVE_GNUTLS */
+ EVP_MD_CTX md_ctx;
+ unsigned int sign_len = 0;
+@@ -535,7 +531,6 @@ eet_identity_sign(FILE *fp,
+ datum.size = st_buf.st_size;
+
+ /* Get the signature length */
+-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA
+ if (gnutls_privkey_init(&privkey) < 0)
+ {
+ err = EET_ERROR_SIGNATURE_FAILED;
+@@ -556,30 +551,6 @@ eet_identity_sign(FILE *fp,
+
+ sign = signum.data;
+ sign_len = signum.size;
+-#else
+- if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0,
+- &datum, sign, &sign_len) &&
+- !sign_len)
+- {
+- err = EET_ERROR_SIGNATURE_FAILED;
+- goto on_error;
+- }
+-
+- /* Get the signature */
+- sign = malloc(sign_len);
+- if (!sign ||
+- gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0,
+- &datum,
+- sign, &sign_len))
+- {
+- if (!sign)
+- err = EET_ERROR_OUT_OF_MEMORY;
+- else
+- err = EET_ERROR_SIGNATURE_FAILED;
+-
+- goto on_error;
+- }
+-#endif
+
+ /* Get the certificate length */
+ if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert,
+@@ -729,15 +700,11 @@ eet_identity_check(const void *data_ba
+ gnutls_x509_crt_t cert;
+ gnutls_datum_t datum;
+ gnutls_datum_t signature;
+-# if EET_USE_NEW_GNUTLS_API
+-# if EET_USE_NEW_PUBKEY_VERIFY_HASH
+ gnutls_pubkey_t pubkey;
+ gnutls_digest_algorithm_t hash_algo;
+-# endif
+ unsigned char *hash;
+ gcry_md_hd_t md;
+ int err;
+-# endif /* if EET_USE_NEW_GNUTLS_API */
+
+ /* Create an understanding certificate structure for gnutls */
+ datum.data = (void *)cert_der;
+@@ -749,7 +716,6 @@ eet_identity_check(const void *data_ba
+ signature.size = sign_len;
+
+ /* Verify the signature */
+-# if EET_USE_NEW_GNUTLS_API
+ /*
+ I am waiting for my patch being accepted in GnuTLS release.
+ But we now have a way to prevent double computation of SHA1.
+@@ -767,7 +733,6 @@ eet_identity_check(const void *data_ba
+ datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
+ datum.data = hash;
+
+-# ifdef EET_USE_NEW_PUBKEY_VERIFY_HASH
+ if (gnutls_pubkey_init(&pubkey) < 0)
+ goto on_error;
+
+@@ -779,10 +744,6 @@ eet_identity_check(const void *data_ba
+
+ if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0)
+ goto on_error;
+-# else
+- if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature))
+- goto on_error;
+-# endif
+
+ if (sha1)
+ {
+@@ -794,20 +755,6 @@ eet_identity_check(const void *data_ba
+ }
+
+ gcry_md_close(md);
+-# else /* if EET_USE_NEW_GNUTLS_API */
+- datum.data = (void *)data_base;
+- datum.size = data_length;
+-
+- if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature))
+- return NULL;
+-
+- if (sha1)
+- {
+- *sha1 = NULL;
+- *sha1_length = -1;
+- }
+-
+-# endif /* if EET_USE_NEW_GNUTLS_API */
+ gnutls_x509_crt_deinit(cert);
+
+ # else /* ifdef HAVE_GNUTLS */
+@@ -861,11 +808,9 @@ eet_identity_check(const void *data_ba
+
+ return cert_der;
+ # ifdef HAVE_GNUTLS
+-# if EET_USE_NEW_GNUTLS_API
+ on_error:
+ gcry_md_close(md);
+ return NULL;
+-# endif
+ # endif
+ #else /* ifdef HAVE_SIGNATURE */
+ data_base = NULL;
+--- eet-1.7.10/src/lib/eet_cipher.c.org 2018-09-19 10:53:01.742816086 +0200
++++ eet-1.7.10/src/lib/eet_cipher.c 2018-09-19 10:54:10.794913636 +0200
+@@ -739,10 +739,7 @@ eet_identity_check(const void *data_ba
+ if (gnutls_pubkey_import_x509(pubkey, cert, 0) < 0)
+ goto on_error;
+
+- if (gnutls_pubkey_get_verify_algorithm(pubkey, &signature, &hash_algo) < 0)
+- goto on_error;
+-
+- if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0)
++ if (gnutls_pubkey_verify_hash2(pubkey, GNUTLS_SIGN_RSA_SHA1, 0, &datum, &signature) < 0)
+ goto on_error;
+
+ if (sha1)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/eet.git/commitdiff/8668a904faf2ee0b8f18b0b9b8b1552d680eb33a
More information about the pld-cvs-commit
mailing list