Date: Thu, 22 Jan 2004 19:12:13 -0800 (PST) From: Len Sassaman <rabbi@abditum.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: rabbi@anonymizer.com Subject: ports/61762: Fixes to PGP6 for FreeBSD 5.1 and for PGP 2.x compat Message-ID: <20040123031213.0E1AF1FBC1@chiron.deor.org> Resent-Message-ID: <200401230310.i0N3AEri087364@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 61762 >Category: ports >Synopsis: Fixes to PGP6 for FreeBSD 5.1 and for PGP 2.x compat >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Jan 22 19:10:14 PST 2004 >Closed-Date: >Last-Modified: >Originator: Len Sassaman >Release: FreeBSD 4.9-STABLE i386 >Organization: Anonymizer, Inc. >Environment: System: FreeBSD chiron.deor.org 4.9-STABLE FreeBSD 4.9-STABLE #0: Thu Nov 20 20:18:52 PST 2003 root@chiron.deor.org:/usr/obj/usr/src/sys/RabbiBSD i386 >Description: I've corrected the FreeBSD 5.1 compilation errors. There aren't any outstanding security issues in PGP 6.5.8 that I am aware of, other than the so-called Czech attack, which has limited practical impact. (There are a number of errors in 6.5.3 that 6.5.8 addresses, and number of errors specific to OS in the Windows version of 6.5.8, but nothing that should affect the commandline version.) I intend to review the mktemp() usage in PGP later. It doesn't look dangerous at first glance. >How-To-Repeat: >Fix: diff -ruN pgp6/Makefile pgp6-new/Makefile --- pgp6/Makefile Wed Jan 21 23:53:53 2004 +++ pgp6-new/Makefile Thu Jan 22 17:33:18 2004 @@ -1,6 +1,6 @@ # New ports collection makefile for: pgp6 # Date created: 25 Jan 2000 -# Whom: mike@fate.com +# Whom: Len Sassaman # # $FreeBSD: ports/security/pgp6/Makefile,v 1.45 2004/01/22 07:53:53 dinoex Exp $ # @@ -30,11 +30,6 @@ LATEST_LINK= pgp6 .include <bsd.port.pre.mk> - -#.if ${OSVERSION} >= 500113 -#BROKEN= "Does not compile" -#.endif -FORBIDDEN= "documented exploits exist; patches will be supplied by maintainer" # the distfile is actually a tar of three compressed tars and their # signatures diff -ruN pgp6/files/patch-ar pgp6-new/files/patch-ar --- pgp6/files/patch-ar Wed Dec 31 16:00:00 1969 +++ pgp6-new/files/patch-ar Thu Jan 22 14:57:50 2004 @@ -0,0 +1,14 @@ +--- libs/pfl/common/lthread/pgpThreads.h.orig Mon Apr 19 10:59:53 1999 ++++ libs/pfl/common/lthread/pgpThreads.h Thu Jan 22 12:34:15 2004 +@@ -138,7 +138,9 @@ + #endif /* end HAVE_PTHREAD_ATTR_CREATE */ + + /* My version of Linux has sem_init in pthreads.so, but *zero* headers ?? */ +-#if HAVE_SEM_INIT && !PGP_UNIX_LINUX ++/* #if HAVE_SEM_INIT && !PGP_UNIX_LINUX ++ commented out for FreeBSD */ ++#if 0 + + #undef HAVE_SEMGET /* prefer POSIX sem_init over semget */ + #define HAVE_SEMGET 0 + diff -ruN pgp6/files/patch-as pgp6-new/files/patch-as --- pgp6/files/patch-as Wed Dec 31 16:00:00 1969 +++ pgp6-new/files/patch-as Thu Jan 22 14:58:01 2004 @@ -0,0 +1,13 @@ +--- libs/pfl/common/lthread/pgpSemaphore.c.old Tue Mar 17 21:08:17 1998 ++++ libs/pfl/common/lthread/pgpSemaphore.c Thu Jan 22 13:00:16 2004 +@@ -41,7 +41,9 @@ + #endif /* end PGP_UNIX_SOLARIS */ + + /* Linux has sem_init function but no headers ?? */ +-#if HAVE_SEM_INIT && !PGP_UNIX_LINUX ++/* #if HAVE_SEM_INIT && !PGP_UNIX_LINUX ++ commented out for FreeBSD */ ++#if 0 + + PGPSemAttr_t PGPSemAttr_def = {0, 0}; + diff -ruN pgp6/files/patch-cc pgp6-new/files/patch-cc --- pgp6/files/patch-cc Wed Dec 31 16:00:00 1969 +++ pgp6-new/files/patch-cc Thu Jan 22 14:57:16 2004 @@ -0,0 +1,19 @@ +--- clients/pgp/cmdline/doencode.c Thu Sep 30 20:10:21 1999 ++++ clients/pgp/cmdline/doencode.c Thu Jan 11 20:50:20 2001 +@@ -283,6 +283,7 @@ + PGPBoolean batchmode = pgpenvGetInt( env, PGPENV_BATCHMODE, &pri, &err ); + PGPBoolean verbose = pgpenvGetInt( env, PGPENV_VERBOSE, &pri, &err ); + PGPBoolean quietmode = pgpenvGetInt( env, PGPENV_NOOUT, &pri, &err); ++ PGPBoolean force = pgpenvGetInt( env, PGPENV_FORCE, &pri, &err); + PGPKeySetRef tmpset; + + err = PGPNewEmptyKeySet( toSet, &tmpset ); +@@ -317,7 +318,7 @@ + if(verbose) + pgpShowKeyValidity( filebPtr, key ); + +- if( validity < kPGPValidity_Marginal ) { ++ if( validity < kPGPValidity_Marginal && !force) { + char useridstr[ kPGPMaxUserIDSize ]; + PGPBoolean answer; + err = pgpGetUserIDStringFromKey( key, useridstr ); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040123031213.0E1AF1FBC1>