Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Jan 2004 19:12:13 -0800 (PST)
From:      Len Sassaman <rabbi@abditum.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        rabbi@anonymizer.com
Subject:   ports/61762: Fixes to PGP6 for FreeBSD 5.1 and for PGP 2.x compat
Message-ID:  <20040123031213.0E1AF1FBC1@chiron.deor.org>
Resent-Message-ID: <200401230310.i0N3AEri087364@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         61762
>Category:       ports
>Synopsis:       Fixes to PGP6 for FreeBSD 5.1 and for PGP 2.x compat
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 22 19:10:14 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Len Sassaman
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
Anonymizer, Inc.
>Environment:
System: FreeBSD chiron.deor.org 4.9-STABLE FreeBSD 4.9-STABLE #0: Thu Nov 20 20:18:52 PST 2003 root@chiron.deor.org:/usr/obj/usr/src/sys/RabbiBSD i386


	
>Description:
I've corrected the FreeBSD 5.1 compilation errors. There aren't any outstanding security issues in PGP 6.5.8 that I am aware of, other than the so-called Czech attack, which has limited practical impact. (There are a number of errors in 6.5.3 that 6.5.8 addresses, and number of errors specific to OS in the Windows version of 6.5.8, but nothing that should affect the commandline version.)

I intend to review the mktemp() usage in PGP later. It doesn't look dangerous at first glance.

>How-To-Repeat:
	
>Fix:

	

diff -ruN pgp6/Makefile pgp6-new/Makefile
--- pgp6/Makefile       Wed Jan 21 23:53:53 2004
+++ pgp6-new/Makefile   Thu Jan 22 17:33:18 2004
@@ -1,6 +1,6 @@
 # New ports collection makefile for:   pgp6
 # Date created:                                25 Jan 2000
-# Whom:                                        mike@fate.com
+# Whom:                                        Len Sassaman
 #
 # $FreeBSD: ports/security/pgp6/Makefile,v 1.45 2004/01/22 07:53:53 dinoex Exp $
 #
@@ -30,11 +30,6 @@
 LATEST_LINK=   pgp6
 
 .include <bsd.port.pre.mk>
-
-#.if ${OSVERSION} >= 500113
-#BROKEN=       "Does not compile"
-#.endif
-FORBIDDEN=     "documented exploits exist; patches will be supplied by maintainer"
 
 # the distfile is actually a tar of three compressed tars and their
 # signatures
diff -ruN pgp6/files/patch-ar pgp6-new/files/patch-ar
--- pgp6/files/patch-ar Wed Dec 31 16:00:00 1969
+++ pgp6-new/files/patch-ar     Thu Jan 22 14:57:50 2004
@@ -0,0 +1,14 @@
+--- libs/pfl/common/lthread/pgpThreads.h.orig   Mon Apr 19 10:59:53 1999
++++ libs/pfl/common/lthread/pgpThreads.h        Thu Jan 22 12:34:15 2004
+@@ -138,7 +138,9 @@
+ #endif /* end HAVE_PTHREAD_ATTR_CREATE */
+ 
+ /* My version of Linux has sem_init in pthreads.so, but *zero* headers ?? */
+-#if HAVE_SEM_INIT && !PGP_UNIX_LINUX
++/* #if HAVE_SEM_INIT && !PGP_UNIX_LINUX
++   commented out for FreeBSD        */ 
++#if 0
+ 
+ #undef HAVE_SEMGET     /* prefer POSIX sem_init over semget */
+ #define HAVE_SEMGET 0
+
diff -ruN pgp6/files/patch-as pgp6-new/files/patch-as
--- pgp6/files/patch-as Wed Dec 31 16:00:00 1969
+++ pgp6-new/files/patch-as     Thu Jan 22 14:58:01 2004
@@ -0,0 +1,13 @@
+--- libs/pfl/common/lthread/pgpSemaphore.c.old  Tue Mar 17 21:08:17 1998
++++ libs/pfl/common/lthread/pgpSemaphore.c      Thu Jan 22 13:00:16 2004
+@@ -41,7 +41,9 @@
+ #endif /* end PGP_UNIX_SOLARIS */
+ 
+ /* Linux has sem_init function but no headers ?? */
+-#if HAVE_SEM_INIT && !PGP_UNIX_LINUX
++/* #if HAVE_SEM_INIT && !PGP_UNIX_LINUX
++   commented out for FreeBSD */
++#if 0
+ 
+ PGPSemAttr_t PGPSemAttr_def = {0, 0};
+ 
diff -ruN pgp6/files/patch-cc pgp6-new/files/patch-cc
--- pgp6/files/patch-cc Wed Dec 31 16:00:00 1969
+++ pgp6-new/files/patch-cc     Thu Jan 22 14:57:16 2004
@@ -0,0 +1,19 @@
+--- clients/pgp/cmdline/doencode.c Thu Sep 30 20:10:21 1999
++++ clients/pgp/cmdline/doencode.c Thu Jan 11 20:50:20 2001
+@@ -283,6 +283,7 @@
+     PGPBoolean batchmode = pgpenvGetInt( env, PGPENV_BATCHMODE, &pri, &err );
+     PGPBoolean verbose = pgpenvGetInt( env, PGPENV_VERBOSE, &pri, &err );
+     PGPBoolean quietmode = pgpenvGetInt( env, PGPENV_NOOUT, &pri, &err);
++    PGPBoolean force = pgpenvGetInt( env, PGPENV_FORCE, &pri, &err);
+     PGPKeySetRef tmpset;
+ 
+     err = PGPNewEmptyKeySet( toSet, &tmpset );
+@@ -317,7 +318,7 @@
+         if(verbose)
+             pgpShowKeyValidity( filebPtr, key );
+ 
+-        if( validity < kPGPValidity_Marginal ) {
++        if( validity < kPGPValidity_Marginal && !force) {
+             char useridstr[ kPGPMaxUserIDSize ];
+             PGPBoolean answer;
+             err = pgpGetUserIDStringFromKey( key, useridstr );
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040123031213.0E1AF1FBC1>