diff options
author | des <des@FreeBSD.org> | 2018-01-29 19:18:02 +0800 |
---|---|---|
committer | des <des@FreeBSD.org> | 2018-01-29 19:18:02 +0800 |
commit | a9df207930e4e53ee330fc50938dd0d54bc08028 (patch) | |
tree | 52f982839150b47adcf220bf6163a8a071d878b7 | |
parent | 8199265217cd77916fd1cdb00c2b6ecbd1cdbda6 (diff) | |
download | freebsd-ports-gnome-a9df207930e4e53ee330fc50938dd0d54bc08028.tar.gz freebsd-ports-gnome-a9df207930e4e53ee330fc50938dd0d54bc08028.tar.zst freebsd-ports-gnome-a9df207930e4e53ee330fc50938dd0d54bc08028.zip |
Add upstream patch for compatibility with newer security/py-openssl.
Approved by: maintainer (rm@)
MFH: 2018Q1
-rw-r--r-- | net-im/gajim/Makefile | 1 | ||||
-rw-r--r-- | net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917 | 87 |
2 files changed, 88 insertions, 0 deletions
diff --git a/net-im/gajim/Makefile b/net-im/gajim/Makefile index b6ba5342f29c..ca66aaf77ddf 100644 --- a/net-im/gajim/Makefile +++ b/net-im/gajim/Makefile @@ -3,6 +3,7 @@ PORTNAME= gajim PORTVERSION= 0.16.8 +PORTREVISION= 1 CATEGORIES= net-im MASTER_SITES= http://gajim.org/downloads/0.16/ diff --git a/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917 b/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917 new file mode 100644 index 000000000000..89e5f92e3fa9 --- /dev/null +++ b/net-im/gajim/files/patch-3dd35f5e762dcef2cf05e325705d0e7a2db21917 @@ -0,0 +1,87 @@ +--- src/common/crypto.py.orig ++++ src/common/crypto.py +@@ -76,50 +76,8 @@ + else: + return base28_chr[n] + +-def add_entropy_sources_OpenSSL(): +- # Other possibly variable data. This are very low quality sources of +- # entropy, but some of them are installation dependent and can be hard +- # to guess for the attacker. +- # Data available on all platforms Unix, Windows +- sources = [sys.argv, sys.builtin_module_names, +- sys.copyright, sys.getfilesystemencoding(), sys.hexversion, +- sys.modules, sys.path, sys.version, sys.api_version, +- os.environ, os.getcwd(), os.getpid()] +- +- for s in sources: +- OpenSSL.rand.add(str(s), 1) +- +- # The /proc filesystem on POSIX systems contains many random variables: +- # memory statistics, interrupt counts, network packet counts +- if os.name == 'posix': +- dirs = ['/proc', '/proc/net', '/proc/self'] +- for d in dirs: +- if os.access(d, os.R_OK): +- for filename in os.listdir(d): +- OpenSSL.rand.add(filename, 0) +- try: +- with open(d + os.sep + filename, "r") as fp: +- # Limit the ammount of read bytes, in case a memory +- # file was opened +- OpenSSL.rand.add(str(fp.read(5000)), 1) +- except IOError: +- # Ignore all read and access errors +- pass +- +-PYOPENSSL_PRNG_PRESENT = False +-try: +- import OpenSSL.rand +- PYOPENSSL_PRNG_PRESENT = True +-except ImportError: +- # PyOpenSSL PRNG not available +- pass +- + def random_bytes(bytes_): +- if PYOPENSSL_PRNG_PRESENT: +- OpenSSL.rand.add(os.urandom(bytes_), bytes_) +- return OpenSSL.rand.bytes(bytes_) +- else: +- return os.urandom(bytes_) ++ return os.urandom(bytes_) + + def generate_nonce(): + return random_bytes(8) +--- src/gajim.py.orig ++++ src/gajim.py +@@ -296,20 +296,6 @@ + pid_filename = gajimpaths['PID_FILE'] + config_filename = gajimpaths['CONFIG_FILE'] + +-# Seed the OpenSSL pseudo random number generator from file and initialize +-RNG_SEED = gajimpaths['RNG_SEED'] +-PYOPENSSL_PRNG_PRESENT = False +-try: +- import OpenSSL.rand +- from common import crypto +- PYOPENSSL_PRNG_PRESENT = True +- # Seed from file +- OpenSSL.rand.load_file(str(RNG_SEED)) +- crypto.add_entropy_sources_OpenSSL() +- OpenSSL.rand.write_file(str(RNG_SEED)) +-except ImportError: +- log.info("PyOpenSSL PRNG not available") +- + import traceback + import errno + import dialogs +@@ -456,9 +442,6 @@ + del pid_dir + + def on_exit(): +- # Save the entropy from OpenSSL PRNG +- if PYOPENSSL_PRNG_PRESENT: +- OpenSSL.rand.write_file(str(RNG_SEED)) + # delete pid file on normal exit + if os.path.exists(pid_filename): + os.remove(pid_filename) |