Import NetPGP.

NetPGP is a standards-compliant library and suite of utilities providing digital signature and verification functionality, as well as data encryption and decryption, using RSA and DSA/Elgamal keys. Several double frees found by bentley@, already committed upstream. ok benoit@
2013-03-09 16:02:24 +00:00 · 2013-03-09 16:02:24 +00:00 · 12d65e5780
commit 12d65e5780
parent 9b9aee16e8
8 changed files with 106 additions and 0 deletions
--- a/security/netpgp/Makefile
+++ b/security/netpgp/Makefile
@ -0,0 +1,34 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+
+COMMENT =		BSD-licensed PGP implementation
+
+DISTNAME =		netpgp-20101107
+
+SHARED_LIBS +=		mj                        0.0 # 0.0
+SHARED_LIBS +=		netpgp                    0.0 # 0.0
+
+CATEGORIES =		security
+
+HOMEPAGE =		http://www.netpgp.com
+
+MAINTAINER =		Pascal Stumpf <Pascal.Stumpf@cubes.de>
+
+# BSD
+PERMIT_PACKAGE_CDROM =	Yes
+
+WANTLIB +=		bz2 c crypto z
+
+MASTER_SITES =		ftp://ftp.netbsd.org/pub/pkgsrc/distfiles/LOCAL_PORTS/
+
+LIB_DEPENDS =		archivers/bzip2
+REGRESS_DEPENDS =	devel/autoconf/2.68
+
+REGRESS_FLAGS =		AUTOCONF_VERSION=2.68
+
+USE_LIBTOOL =		Yes
+CONFIGURE_STYLE =	gnu
+CONFIGURE_ARGS +=	${CONFIGURE_SHARED}
+CONFIGURE_ENV =		CPPFLAGS="-I${LOCALBASE}/include -DOPENSSL_NO_IDEA" \
+			LDFLAGS="-L${LOCALBASE}/lib"
+
+.include <bsd.port.mk>
--- a/security/netpgp/distinfo
+++ b/security/netpgp/distinfo
@ -0,0 +1,2 @@
+SHA256 (netpgp-20101107.tar.gz) = oCWffciGeIOGwNgn/bqa2ODfz6sdYC3CngKubML5urk=
+SIZE (netpgp-20101107.tar.gz) = 1426600
--- a/security/netpgp/patches/patch-src_lib_crypto_c
+++ b/security/netpgp/patches/patch-src_lib_crypto_c
@ -0,0 +1,13 @@
+$OpenBSD: patch-src_lib_crypto_c,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c.diff?r1=1.34&r2=1.35&f=h&only_with_tag=MAIN&f=u
+--- src/lib/crypto.c.orig	Wed Aug  8 07:02:09 2012
+++ src/lib/crypto.c	Wed Aug  8 07:02:34 2012
+@@ -591,8 +591,6 @@ __ops_decrypt_buf(__ops_io_t *io,
+ 
+ 	/* tidy up */
+ 	__ops_teardown_memory_read(parse, inmem);
+-	__ops_memory_release(inmem);
+-	free(inmem);
+ 
+ 	__ops_writer_close(parse->cbinfo.output);
+ 	__ops_output_delete(parse->cbinfo.output);
--- a/security/netpgp/patches/patch-src_lib_misc_c
+++ b/security/netpgp/patches/patch-src_lib_misc_c
@ -0,0 +1,12 @@
+$OpenBSD: patch-src_lib_misc_c,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+--- src/lib/misc.c.orig	Thu Nov  4 07:45:28 2010
+++ src/lib/misc.c	Thu Aug  2 14:52:01 2012
+@@ -436,7 +436,7 @@ hash_bignum(__ops_hash_t *hash, BIGNUM *bignum)
+ 		(void) fprintf(stderr, "hash_bignum: bad size\n");
+ 		return 0;
+ 	}
+-	if ((bn = calloc(1, len)) == NULL) {
+	if ((bn = calloc(1, len + 1)) == NULL) {
+ 		(void) fprintf(stderr, "hash_bignum: bad bn alloc\n");
+ 		return 0;
+ 	}
--- a/security/netpgp/patches/patch-src_lib_netpgp_c
+++ b/security/netpgp/patches/patch-src_lib_netpgp_c
@ -0,0 +1,13 @@
+$OpenBSD: patch-src_lib_netpgp_c,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c.diff?r1=1.88&r2=1.89&f=h&only_with_tag=MAIN&f=u
+--- src/lib/netpgp.c.orig	Wed Aug  8 07:02:45 2012
+++ src/lib/netpgp.c	Wed Aug  8 07:03:54 2012
+@@ -1434,7 +1434,7 @@ netpgp_verify_memory(netpgp_t *netpgp, const void *in,
+ 	ret = __ops_validate_mem(io, &result, signedmem,
+ 				(out) ? &cat : NULL,
+ 				armored, netpgp->pubring);
+-	__ops_memory_free(signedmem);
+	/* signedmem is freed from pgp_validate_mem */
+ 	if (ret) {
+ 		resultp(io, "<stdin>", &result, netpgp->pubring);
+ 		if (out) {
--- a/security/netpgp/patches/patch-src_lib_ssh2pgp_c
+++ b/security/netpgp/patches/patch-src_lib_ssh2pgp_c
@ -0,0 +1,13 @@
+$OpenBSD: patch-src_lib_ssh2pgp_c,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c.diff?r1=1.21&r2=1.22&f=h&only_with_tag=MAIN&f=u
+--- src/lib/ssh2pgp.c.orig	Wed Sep  8 05:21:22 2010
+++ src/lib/ssh2pgp.c	Wed Aug  8 07:05:52 2012
+@@ -250,7 +250,7 @@ __ops_ssh2pubkey(__ops_io_t *io, const char *f, __ops_
+ 	}
+ 
+ 	/* convert from base64 to binary */
+-	cc = bufgap_getbin(&bg, buf, (size_t)st.st_size);
+	cc = bufgap_getbin(&bg, buf, (size_t)bg.bcc);
+ 	if ((space = strchr(buf, ' ')) != NULL) {
+ 		cc = (int)(space - buf);
+ 	}
--- a/security/netpgp/pkg/DESCR
+++ b/security/netpgp/pkg/DESCR
@ -0,0 +1,3 @@
+NetPGP is a standards-compliant library and suite of utilities
+providing digital signature and verification functionality, as well
+as data encryption and decryption, using RSA and DSA/Elgamal keys.
--- a/security/netpgp/pkg/PLIST
+++ b/security/netpgp/pkg/PLIST
@ -0,0 +1,16 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2013/03/09 16:02:24 pascal Exp $
+@bin bin/netpgp
+@bin bin/netpgpkeys
+@bin bin/netpgpverify
+include/netpgp.h
+lib/libmj.a
+lib/libmj.la
+@lib lib/libmj.so.${LIBmj_VERSION}
+lib/libnetpgp.a
+lib/libnetpgp.la
+@lib lib/libnetpgp.so.${LIBnetpgp_VERSION}
+@man man/man1/netpgp.1
+@man man/man1/netpgpkeys.1
+@man man/man1/netpgpverify.1
+@man man/man3/libmj.3
+@man man/man3/libnetpgp.3