[Buildroot] [PATCH v2 1/2] package/opensc: bump version to 0.23.0

* [Buildroot] [PATCH v2 1/2] package/opensc: bump version to 0.23.0
@ 2023-06-24  8:50 Bernd Kuhls
  2023-06-24  8:50 ` [Buildroot] [PATCH 2/2] package/opensc: fix build with newer versions of LibreSSL Bernd Kuhls
  2023-06-24 13:25 ` [Buildroot] [PATCH v2 1/2] package/opensc: bump version to 0.23.0 Yann E. MORIN
  0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2023-06-24  8:50 UTC (permalink / raw)
  To: buildroot; +Cc: José Pekkarinen

Release notes:
https://github.com/OpenSC/OpenSC/blob/master/NEWS

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
v2: no changes, added a LibreSSL patch to this series

 .checkpackageignore                           |   2 -
 .../0001-Fix-maybe-uninitialized-errors.patch |  82 ---------
 ...02-added-compatibility-with-LibreSSL.patch | 173 ------------------
 .../0003-Fix-build-with-libressl-3.5.0.patch  |  47 -----
 package/opensc/opensc.hash                    |   2 +-
 package/opensc/opensc.mk                      |   2 +-
 6 files changed, 2 insertions(+), 306 deletions(-)
 delete mode 100644 package/opensc/0001-Fix-maybe-uninitialized-errors.patch
 delete mode 100644 package/opensc/0002-added-compatibility-with-LibreSSL.patch
 delete mode 100644 package/opensc/0003-Fix-build-with-libressl-3.5.0.patch

diff --git a/.checkpackageignore b/.checkpackageignore
index 07408893ce..88c69f3ad6 100644
--- a/.checkpackageignore
+++ b/.checkpackageignore
@@ -1136,8 +1136,6 @@ package/openrc/0003-init.d-agetty-replace-sbin-agetty-by-sbin-getty.patch Upstre
 package/openrc/0004-init.d-agetty-start-agetty-after-all-sevices.patch Upstream
 package/openrc/0005-runlevels-do-not-add-agetty.tty-1-6-if-MKSYSVINIT-ye.patch Upstream
 package/openrc/0006-Also-create-run-lock-subsys-directory.patch Upstream
-package/opensc/0002-added-compatibility-with-LibreSSL.patch Upstream
-package/opensc/0003-Fix-build-with-libressl-3.5.0.patch Upstream
 package/openssh/S50sshd EmptyLastLine Indent Variables
 package/openswan/0001-lib-libopenswan-constants.c-workaround-missing-ns_t_.patch Upstream
 package/opentyrian/0001-Move-definitions-that-don-t-need-to-be-exposed-from-opl-h-to-opl-c.patch Upstream
diff --git a/package/opensc/0001-Fix-maybe-uninitialized-errors.patch b/package/opensc/0001-Fix-maybe-uninitialized-errors.patch
deleted file mode 100644
index 671d92c150..0000000000
--- a/package/opensc/0001-Fix-maybe-uninitialized-errors.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From bcb39d6f4d2dee6beb035cb2f3618174ec1cb2b0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Pekkarinen?= <jose.pekkarinen@unikie.com>
-Date: Fri, 10 Dec 2021 13:54:26 +0200
-Subject: [PATCH] Fix maybe uninitialized errors
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
-Upstream: https://github.com/OpenSC/OpenSC/commit/05ec8c7fe785a2b9aeaac1164adb349df42b7f80
----
- src/libopensc/pkcs15-coolkey.c  | 12 ++++++------
- src/pkcs15init/pkcs15-asepcos.c |  2 +-
- src/tools/opensc-explorer.c     |  2 +-
- 3 files changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/src/libopensc/pkcs15-coolkey.c b/src/libopensc/pkcs15-coolkey.c
-index 586475dd..15684cef 100644
---- a/src/libopensc/pkcs15-coolkey.c
-+++ b/src/libopensc/pkcs15-coolkey.c
-@@ -147,9 +147,9 @@ coolkey_find_matching_cert(sc_card_t *card, sc_cardctl_coolkey_object_t *in_obj,
- static int
- coolkey_get_attribute_ulong(sc_card_t *card, sc_cardctl_coolkey_object_t *obj, CK_ATTRIBUTE_TYPE type, CK_ULONG *value)
- {
--	const u8 *val;
--	size_t val_len;
--	u8 data_type;
-+	const u8 *val = NULL;
-+	size_t val_len = 0;
-+	u8 data_type = 0;
- 	int r;
- 
- 	r  = coolkey_get_attribute(card, obj, type, &val, &val_len, &data_type);
-@@ -168,8 +168,8 @@ static int
- coolkey_get_attribute_boolean(sc_card_t *card, sc_cardctl_coolkey_object_t *obj, CK_ATTRIBUTE_TYPE attr_type)
- {
- 	int r;
--	const u8 *val;
--	size_t val_len;
-+	const u8 *val = NULL;
-+	size_t val_len = 0;
- 
- 	r = coolkey_get_attribute(card, obj, attr_type, &val, &val_len, NULL);
- 	if (r < 0) {
-@@ -186,7 +186,7 @@ static int
- coolkey_get_attribute_bytes(sc_card_t *card, sc_cardctl_coolkey_object_t *obj, CK_ATTRIBUTE_TYPE type, u8 *data, size_t *data_len, size_t max_data_len)
- {
- 	const u8 *val;
--	size_t val_len;
-+	size_t val_len = 0;
- 	int r;
- 
- 	r = coolkey_get_attribute(card, obj, type, &val, &val_len, NULL);
-diff --git a/src/pkcs15init/pkcs15-asepcos.c b/src/pkcs15init/pkcs15-asepcos.c
-index d7122012..bc0efb5c 100644
---- a/src/pkcs15init/pkcs15-asepcos.c
-+++ b/src/pkcs15init/pkcs15-asepcos.c
-@@ -221,7 +221,7 @@ static int asepcos_do_store_pin(sc_profile_t *profile, sc_card_t *card,
- {
- 	sc_file_t *nfile = NULL;
- 	u8  buf[64], sbuf[64], *p = buf, *q = sbuf;
--	int r, akn;
-+	int r, akn = 0;
- 
- 	if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
- 		return SC_ERROR_OBJECT_NOT_VALID;
-diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
-index 9ec4daa1..04efdf8f 100644
---- a/src/tools/opensc-explorer.c
-+++ b/src/tools/opensc-explorer.c
-@@ -2472,7 +2472,7 @@ int main(int argc, char *argv[])
- 		char *line;
- 		int cargc;
- 		char *cargv[260];
--		int multiple;
-+		int multiple = 0;
- 		struct command *cmd;
- 		char prompt[3*SC_MAX_PATH_STRING_SIZE];
- 
--- 
-2.25.1
-
diff --git a/package/opensc/0002-added-compatibility-with-LibreSSL.patch b/package/opensc/0002-added-compatibility-with-LibreSSL.patch
deleted file mode 100644
index 86a17448f8..0000000000
--- a/package/opensc/0002-added-compatibility-with-LibreSSL.patch
+++ /dev/null
@@ -1,173 +0,0 @@
-From 302ad70471efa279b033d4d5511d979ec5d965fe Mon Sep 17 00:00:00 2001
-From: Frank Morgner <frankmorgner@gmail.com>
-Date: Thu, 20 Jan 2022 17:01:46 +0100
-Subject: [PATCH] added compatibility with LibreSSL
-
-[Retrieved (and backported) from:
-https://github.com/OpenSC/OpenSC/commit/302ad70471efa279b033d4d5511d979ec5d965fe]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- src/libopensc/sc-ossl-compat.h             |  7 +++++++
- src/tests/p11test/p11test_case_common.c    | 14 ++++++++++++++
- src/tests/p11test/p11test_case_ec_derive.c |  4 ++++
- src/tests/p11test/p11test_case_readonly.c  |  9 +++++++--
- 4 files changed, 32 insertions(+), 2 deletions(-)
-
-diff --git a/src/libopensc/sc-ossl-compat.h b/src/libopensc/sc-ossl-compat.h
-index f885f85bb9..ec694ad48d 100644
---- a/src/libopensc/sc-ossl-compat.h
-+++ b/src/libopensc/sc-ossl-compat.h
-@@ -105,6 +105,13 @@ extern "C" {
- /* workaround unused value warning for a macro that does nothing */
- #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L
- #define OPENSSL_malloc_init()
-+#define FIPS_mode()                             (0)
-+#define EVP_sha3_224()                          (NULL)
-+#define EVP_sha3_256()                          (NULL)
-+#define EVP_sha3_384()                          (NULL)
-+#define EVP_sha3_512()                          (NULL)
-+#define EVP_PKEY_new_raw_public_key(t, e, p, l) (NULL)
-+#define EVP_PKEY_get_raw_public_key(p, pu, l)   (0)
- #endif
- 
- #if OPENSSL_VERSION_NUMBER >= 0x30000000L
-diff --git a/src/tests/p11test/p11test_case_common.c b/src/tests/p11test/p11test_case_common.c
-index e432f8f4ed..f091dbcc10 100644
---- a/src/tests/p11test/p11test_case_common.c
-+++ b/src/tests/p11test/p11test_case_common.c
-@@ -164,6 +164,7 @@ add_supported_mechs(test_cert_t *o)
- 			o->mechs[0].result_flags = 0;
- 			o->mechs[0].usage_flags = CKF_SIGN | CKF_VERIFY;
- 		}
-+#ifdef EVP_PKEY_ED25519
- 	} else if (o->type == EVP_PKEY_ED25519) {
- 		if (token.num_ed_mechs > 0 ) {
- 			o->num_mechs = token.num_ed_mechs;
-@@ -184,6 +185,8 @@ add_supported_mechs(test_cert_t *o)
- 			o->mechs[0].result_flags = 0;
- 			o->mechs[0].usage_flags = CKF_SIGN | CKF_VERIFY;
- 		}
-+#endif
-+#ifdef EVP_PKEY_X25519
- 	} else if (o->type == EVP_PKEY_X25519) {
- 		if (token.num_montgomery_mechs > 0 ) {
- 			o->num_mechs = token.num_montgomery_mechs;
-@@ -204,6 +207,7 @@ add_supported_mechs(test_cert_t *o)
- 			o->mechs[0].result_flags = 0;
- 			o->mechs[0].usage_flags = CKF_DERIVE;
- 		}
-+#endif
- 	}
- }
- 
-@@ -601,6 +605,7 @@ int callback_public_keys(test_certs_t *objects,
- 		a = template[6].pValue;
- 		if (d2i_ASN1_PRINTABLESTRING(&curve, &a, (long)template[6].ulValueLen) != NULL) {
- 			switch (o->key_type) {
-+#ifdef EVP_PKEY_ED25519
- 			case CKK_EC_EDWARDS:
- 				if (strcmp((char *)curve->data, "edwards25519")) {
- 					debug_print(" [WARN %s ] Unknown curve name. "
-@@ -608,6 +613,8 @@ int callback_public_keys(test_certs_t *objects,
- 				}
- 				evp_type = EVP_PKEY_ED25519;
- 				break;
-+#endif
-+#ifdef EVP_PKEY_X25519
- 			case CKK_EC_MONTGOMERY:
- 				if (strcmp((char *)curve->data, "curve25519")) {
- 					debug_print(" [WARN %s ] Unknown curve name. "
-@@ -615,16 +622,20 @@ int callback_public_keys(test_certs_t *objects,
- 				}
- 				evp_type = EVP_PKEY_X25519;
- 				break;
-+#endif
- 			default:
- 				debug_print(" [WARN %s ] Unknown key type %lu", o->id_str, o->key_type);
- 				return -1;
- 			}
- 			ASN1_PRINTABLESTRING_free(curve);
- 		} else if (d2i_ASN1_OBJECT(&obj, &a, (long)template[6].ulValueLen) != NULL) {
-+#if defined(EVP_PKEY_ED25519) || defined (EVP_PKEY_X25519)
- 			int nid = OBJ_obj2nid(obj);
-+#endif
- 			ASN1_OBJECT_free(obj);
- 
- 			switch (o->key_type) {
-+#ifdef EVP_PKEY_ED25519
- 			case CKK_EC_EDWARDS:
- 				if (nid != NID_ED25519) {
- 					debug_print(" [WARN %s ] Unknown OID. "
-@@ -632,6 +643,8 @@ int callback_public_keys(test_certs_t *objects,
- 				}
- 				evp_type = EVP_PKEY_ED25519;
- 				break;
-+#endif
-+#ifdef EVP_PKEY_X25519
- 			case CKK_EC_MONTGOMERY:
- 				if (nid != NID_X25519) {
- 					debug_print(" [WARN %s ] Unknown OID. "
-@@ -639,6 +652,7 @@ int callback_public_keys(test_certs_t *objects,
- 				}
- 				evp_type = EVP_PKEY_X25519;
- 				break;
-+#endif
- 			default:
- 				debug_print(" [WARN %s ] Unknown key type %lu", o->id_str, o->key_type);
- 				return -1;
-diff --git a/src/tests/p11test/p11test_case_ec_derive.c b/src/tests/p11test/p11test_case_ec_derive.c
-index 9f13b3e9d6..f7a5f92f9e 100644
---- a/src/tests/p11test/p11test_case_ec_derive.c
-+++ b/src/tests/p11test/p11test_case_ec_derive.c
-@@ -89,6 +89,7 @@ pkcs11_derive(test_cert_t *o, token_info_t * info,
- 
- int test_derive_x25519(test_cert_t *o, token_info_t *info, test_mech_t *mech)
- {
-+#ifdef EVP_PKEY_X25519
- 	unsigned char *secret = NULL, *pkcs11_secret = NULL;
- 	EVP_PKEY_CTX *pctx = NULL;
- 	EVP_PKEY *pkey = NULL; /* This is peer key */
-@@ -210,6 +211,9 @@ int test_derive_x25519(test_cert_t *o, token_info_t *info, test_mech_t *mech)
- 	free(secret);
- 	free(pkcs11_secret);
- 	return 1;
-+#else
-+	return 0;
-+#endif
- }
- 
- int test_derive(test_cert_t *o, token_info_t *info, test_mech_t *mech)
-diff --git a/src/tests/p11test/p11test_case_readonly.c b/src/tests/p11test/p11test_case_readonly.c
-index 624bd6a54d..2aefdc7a70 100644
---- a/src/tests/p11test/p11test_case_readonly.c
-+++ b/src/tests/p11test/p11test_case_readonly.c
-@@ -522,6 +522,7 @@ int verify_message_openssl(test_cert_t *o, token_info_t *info, CK_BYTE *message,
- 				rv, ERR_error_string(ERR_peek_last_error(), NULL));
- 			return -1;
- 		}
-+#ifdef EVP_PKEY_ED25519
- 	} else if (o->type == EVP_PKEY_ED25519) {
- 		/* need to be created even though we do not do any MD */
- 		EVP_MD_CTX *ctx = EVP_MD_CTX_create();
-@@ -547,7 +548,7 @@ int verify_message_openssl(test_cert_t *o, token_info_t *info, CK_BYTE *message,
- 			EVP_MD_CTX_free(ctx);
- 			return -1;
- 		}
--
-+#endif
- 	} else {
- 		fprintf(stderr, " [ KEY %s ] Unknown type. Not verifying\n", o->id_str);
- 	}
-@@ -641,7 +642,11 @@ int sign_verify_test(test_cert_t *o, token_info_t *info, test_mech_t *mech,
- 		return 0;
- 	}
- 
--	if (o->type != EVP_PK_EC && o->type != EVP_PK_RSA && o->type != EVP_PKEY_ED25519) {
-+	if (o->type != EVP_PK_EC && o->type != EVP_PK_RSA
-+#ifdef EVP_PKEY_ED25519
-+			&& o->type != EVP_PKEY_ED25519
-+#endif
-+			) {
- 		debug_print(" [SKIP %s ] Skip non-RSA and non-EC key", o->id_str);
- 		return 0;
- 	}
diff --git a/package/opensc/0003-Fix-build-with-libressl-3.5.0.patch b/package/opensc/0003-Fix-build-with-libressl-3.5.0.patch
deleted file mode 100644
index 1d262362d6..0000000000
--- a/package/opensc/0003-Fix-build-with-libressl-3.5.0.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From d13059d1ec2bbb8fe7068db0d66d521daa4b71ce Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Sat, 13 Aug 2022 14:27:22 +0200
-Subject: [PATCH] Fix build with libressl >= 3.5.0
-
-libressl added back FIPS_mode since version 3.5.0 and
-https://github.com/libressl-portable/openbsd/commit/a97eabc90d7647e374c1c6da686aeec63c49ff14
-
-libressl provides X509_get_extension_flags since version 3.5.0 and
-https://github.com/libressl-portable/openbsd/commit/3180723224c1b2c7856a110b8213e4966995d7e0
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://github.com/OpenSC/OpenSC/pull/2593 &
- https://github.com/OpenSC/OpenSC/pull/2595 (merged)]
----
- src/libopensc/sc-ossl-compat.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/libopensc/sc-ossl-compat.h b/src/libopensc/sc-ossl-compat.h
-index f0d55279..2c42794c 100644
---- a/src/libopensc/sc-ossl-compat.h
-+++ b/src/libopensc/sc-ossl-compat.h
-@@ -86,9 +86,11 @@ extern "C" {
- #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define RSA_PKCS1_OpenSSL		RSA_PKCS1_SSLeay
- 
-+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L
- #define X509_get_extension_flags(x)	(x->ex_flags)
- #define X509_get_key_usage(x)		(x->ex_kusage)
- #define X509_get_extended_key_usage(x)	(x->ex_xkusage)
-+#endif
- #if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2050300fL
- #define X509_up_ref(cert)		CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509)
- #endif
-@@ -104,7 +106,9 @@ extern "C" {
- /* workaround unused value warning for a macro that does nothing */
- #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L
- #define OPENSSL_malloc_init()
-+#if LIBRESSL_VERSION_NUMBER < 0x30500000L
- #define FIPS_mode()                             (0)
-+#endif
- #define EVP_sha3_224()                          (NULL)
- #define EVP_sha3_256()                          (NULL)
- #define EVP_sha3_384()                          (NULL)
--- 
-2.35.1
-
diff --git a/package/opensc/opensc.hash b/package/opensc/opensc.hash
index 517cfe503a..e8e675667e 100644
--- a/package/opensc/opensc.hash
+++ b/package/opensc/opensc.hash
@@ -1,5 +1,5 @@
 # Computed locally from https://https://github.com/OpenSC/OpenSC/releases/
-sha256  8d4e5347195ebea332be585df61dcc470331c26969e4b0447c851fb0844c7186  opensc-0.22.0.tar.gz
+sha256  a4844a6ea03a522ecf35e49659716dacb6be03f7c010a1a583aaf3eb915ed2e0  opensc-0.23.0.tar.gz
 
 # Computed locally
 sha256  376b54d4c5f4aa99421823fa4da93e3ab73096fce2400e89858632aa7da24a14  COPYING
diff --git a/package/opensc/opensc.mk b/package/opensc/opensc.mk
index f9e2f5083e..253b6b26f8 100644
--- a/package/opensc/opensc.mk
+++ b/package/opensc/opensc.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENSC_VERSION = 0.22.0
+OPENSC_VERSION = 0.23.0
 OPENSC_SITE = https://github.com/OpenSC/OpenSC/releases/download/$(OPENSC_VERSION)
 OPENSC_LICENSE = LGPL-2.1+
 OPENSC_LICENSE_FILES = COPYING
-- 
2.39.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread