diff options
author | mi <mi@FreeBSD.org> | 2008-05-01 12:28:31 +0800 |
---|---|---|
committer | mi <mi@FreeBSD.org> | 2008-05-01 12:28:31 +0800 |
commit | e5dcd4b2a036d5de3b37e01670dafa72876b72a3 (patch) | |
tree | 4d6822692b6eb02ddcad87c27b4bc57ceb81ecba /security/sscep | |
parent | 17fb2169f1378b7311d20d570b78507d4d668bd7 (diff) | |
download | freebsd-ports-gnome-e5dcd4b2a036d5de3b37e01670dafa72876b72a3.tar.gz freebsd-ports-gnome-e5dcd4b2a036d5de3b37e01670dafa72876b72a3.tar.zst freebsd-ports-gnome-e5dcd4b2a036d5de3b37e01670dafa72876b72a3.zip |
Unbreak, upgrade to the most recent version 20071227. Instead of
patching the vendor's Makefile, provide our own -- it is smaller
than the patch...
Address all of the compiler-warnings brought up by WARNS=3. Two
of them appear to be genuine error... The patch-warnings sent to
the vendor.
Manual page is no longer part of the distribution, although it is
still mentioned in the vendor's Makefile. Hopefully, this will be
addressed by the next release (along with the warnings).
Diffstat (limited to 'security/sscep')
-rw-r--r-- | security/sscep/Makefile | 9 | ||||
-rw-r--r-- | security/sscep/distinfo | 6 | ||||
-rw-r--r-- | security/sscep/files/BSDmakefile | 24 | ||||
-rw-r--r-- | security/sscep/files/patch-aa | 41 | ||||
-rw-r--r-- | security/sscep/files/patch-warnings | 322 |
5 files changed, 352 insertions, 50 deletions
diff --git a/security/sscep/Makefile b/security/sscep/Makefile index 696fd24b306d..1af5614c3160 100644 --- a/security/sscep/Makefile +++ b/security/sscep/Makefile @@ -6,7 +6,7 @@ # PORTNAME= sscep -PORTVERSION= 20040325 +PORTVERSION= 20071227 CATEGORIES= security MASTER_SITES= http://www.klake.org/~jt/sscep/ DISTNAME= ${PORTNAME} @@ -14,12 +14,9 @@ EXTRACT_SUFX= .tgz MAINTAINER= ports@FreeBSD.org COMMENT= Simple scep client - -BROKEN= Checksum mismatch +MAKEFILE= ${FILESDIR}/BSDmakefile +ALL_TARGET= -j`${SYSCTL} -n hw.ncpu` USE_OPENSSL= yes -MAKE_ARGS+= BINDIR="${PREFIX}/bin" \ - CONFDIR="${PREFIX}/etc" - .include <bsd.port.mk> diff --git a/security/sscep/distinfo b/security/sscep/distinfo index ba2686c0a9c0..ec1ad504a73f 100644 --- a/security/sscep/distinfo +++ b/security/sscep/distinfo @@ -1,3 +1,3 @@ -MD5 (sscep.tgz) = b509cdf0de952841471e77499aa6e4ca -SHA256 (sscep.tgz) = 391dbe52adfec6a56f279fbe565d2f3fc9e7f2cc8c1d1a8a57cccb205c96aa5e -SIZE (sscep.tgz) = 51300 +MD5 (sscep.tgz) = c5cc9940263d63a097ecdf0056d8532a +SHA256 (sscep.tgz) = 0739bbade24054ff73102e0ef9d43ac7e51be9588ae4b6bd4c7e595a16bbfbcd +SIZE (sscep.tgz) = 101742 diff --git a/security/sscep/files/BSDmakefile b/security/sscep/files/BSDmakefile new file mode 100644 index 000000000000..1152a5a82efb --- /dev/null +++ b/security/sscep/files/BSDmakefile @@ -0,0 +1,24 @@ +BINDIR = ${PREFIX}/bin +MANDIR = ${PREFIX}/man/man8 + +.if !empty(OPENSSLBASE) && ${OPENSSLBASE} != "/usr" +CFLAGS+= -I${OPENSSLINC} +LDADD+= -L${OPENSSLLIB} +.endif +LDADD+= -lcrypto + +WARNS = 3 + +# Manual page appears to have been removed from the distribution. +# This is being investigated... +#MAN8 = sscep.8 +NO_MAN = yes + +PROG = sscep +SRCS = sscep.c init.c net.c sceputils.c pkcs7.c ias.c fileutils.c + +beforeinstall: + ${BSD_INSTALL_SCRIPT} ${.CURDIR}/mkrequest ${BINDIR}/ + ${BSD_INSTALL_DATA} ${.CURDIR}/sscep.conf ${PREFIX}/etc/sscep.conf.sample + +.include <bsd.prog.mk> diff --git a/security/sscep/files/patch-aa b/security/sscep/files/patch-aa deleted file mode 100644 index b170727dab6b..000000000000 --- a/security/sscep/files/patch-aa +++ /dev/null @@ -1,41 +0,0 @@ -$FreeBSD$ - ---- Makefile.orig Wed Jan 22 08:23:18 2003 -+++ Makefile Tue Feb 15 13:32:02 2005 -@@ -2,22 +2,26 @@ - # $Id: Makefile,v 1.0 2003/01/12 13:17:37 jt Exp $ - # - --BINDIR = /usr/local/bin --MANDIR = /usr/local/man/man8 -+BINDIR ?= /usr/local/bin -+CONFDIR ?= /usr/local/etc - --CC = gcc --CFLAGS = -Wall -O -+CC ?= gcc -+CFLAGS ?= -Wall -O - --MAN = sscep.8 --PROG = sscep -+PROG = sscep -+MKREQ = mkrequest - OBJS = sscep.o init.o net.o sceputils.o pkcs7.o ias.o fileutils.o -+CONF = sscep.conf -+ -+all: $(PROG) - - $(PROG): $(OBJS) -- $(CC) $(CFLAGS) -lcrypto -o $(PROG) $(OBJS) -+ $(CC) $(CFLAGS) -lcrypto -o $(PROG) $(OBJS) - - clean: -- rm -f $(PROG) $(OBJS) $(MAN) core -+ rm -f $(PROG) $(OBJS) core - - install: -- ./install-sh $(PROG) $(BINDIR) -- ./install-sh $(MAN) $(MANDIR) -+ cp $(PROG) $(BINDIR) -+ cp $(MKREQ) $(BINDIR) -+ cp $(CONF) $(CONFDIR)/sscep.conf.sample diff --git a/security/sscep/files/patch-warnings b/security/sscep/files/patch-warnings new file mode 100644 index 000000000000..3ed2a280d721 --- /dev/null +++ b/security/sscep/files/patch-warnings @@ -0,0 +1,322 @@ +Fix a lot of warnings and (what seems to be) two errors... + + -mi + +--- ias.h 2006-03-13 06:45:20.000000000 -0500 ++++ ias.h 2008-04-29 10:03:02.000000000 -0400 +@@ -6,13 +6,6 @@ + */ + +-/* Macros */ +- +-#define i2d_pkcs7_issuer_and_subject_bio(bp, ias) \ +- ASN1_i2d_bio(i2d_pkcs7_issuer_and_subject, bp, (unsigned char *)ias) +-#define i2d_PKCS7_ISSUER_AND_SERIAL_bio(bp, ias) \ +- ASN1_i2d_bio(i2d_PKCS7_ISSUER_AND_SERIAL, bp, (unsigned char *)ias) +- + /* Routines */ +-int i2d_pkcs7_issuer_and_subject(pkcs7_issuer_and_subject *, unsigned char **); ++int i2d_pkcs7_issuer_and_subject(void *, unsigned char **); + pkcs7_issuer_and_subject * + d2i_pkcs7_issuer_and_subject(pkcs7_issuer_and_subject **, unsigned char **, +--- net.c 2007-12-27 01:08:39.000000000 -0500 ++++ net.c 2008-04-29 10:03:02.000000000 -0400 +@@ -151,13 +151,13 @@ + + /* URL-encode the input and return back encoded string */ +-char * url_encode(char *s, size_t n) { ++char * url_encode(const char *s, size_t n) { + char *r; + size_t len; +- int i; ++ size_t i; + char ch[2]; + + /* Allocate 2 times bigger space than the original string */ + len = 2 * n; +- r = (char *)malloc(len); ++ r = malloc(len); + if (r == NULL) { + return NULL; +--- pkcs7.c 2006-03-13 06:45:21.000000000 -0500 ++++ pkcs7.c 2008-04-29 10:03:02.000000000 -0400 +@@ -10,4 +10,18 @@ + #include "ias.h" + ++static int ++pkcs7_translator(void *p, unsigned char **out) ++{ ++ return i2d_PKCS7_ISSUER_AND_SERIAL(p, out); ++} ++#define i2d_pkcs7_issuer_and_subject_bio(bp, ias) \ ++ ASN1_i2d_bio(i2d_pkcs7_issuer_and_subject, bp, (unsigned char *)ias) ++#define i2d_PKCS7_ISSUER_AND_SERIAL_bio(bp, ias) \ ++ ASN1_i2d_bio(pkcs7_translator, bp, (unsigned char *)ias) ++ ++static int add_attribute_string(STACK_OF(X509_ATTRIBUTE) *, int, ++ const char *); ++static int add_attribute_octet(STACK_OF(X509_ATTRIBUTE) *, int, ++ const char *, int); + /* + * Wrap data in PKCS#7 envelopes and base64-encode the result. +@@ -64,5 +78,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(databio); ++ (void)BIO_flush(databio); + BIO_set_flags(databio, BIO_FLAGS_MEM_RDONLY); + break; +@@ -90,5 +104,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(databio); ++ (void)BIO_flush(databio); + BIO_set_flags(databio, BIO_FLAGS_MEM_RDONLY); + break; +@@ -100,5 +114,5 @@ + /* Signer cert */ + signercert = localcert; +- signercert = rsa; ++ signerkey = rsa; + + /* Read data in memory bio */ +@@ -111,5 +125,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(databio); ++ (void)BIO_flush(databio); + BIO_set_flags(databio, BIO_FLAGS_MEM_RDONLY); + break; +@@ -121,5 +135,5 @@ + /* Signer cert */ + signercert = localcert; +- signercert = rsa; ++ signerkey = rsa; + + /* Read data in memory bio */ +@@ -132,5 +146,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(databio); ++ (void)BIO_flush(databio); + BIO_set_flags(databio, BIO_FLAGS_MEM_RDONLY); + break; +@@ -195,5 +209,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(memorybio); ++ (void)BIO_flush(memorybio); + BIO_set_flags(memorybio, BIO_FLAGS_MEM_RDONLY); + len = BIO_get_mem_data(memorybio, &buffer); +@@ -298,5 +312,5 @@ + /* Copy PKCS#7 */ + i2d_PKCS7_bio(outbio, s->request_p7); +- BIO_flush(outbio); ++ (void)BIO_flush(outbio); + BIO_set_flags(memorybio, BIO_FLAGS_MEM_RDONLY); + s->request_len = BIO_get_mem_data(memorybio, &s->request_payload); +@@ -370,5 +384,5 @@ + BIO_write(outbio, buffer, bytes); + } +- BIO_flush(outbio); ++ (void)BIO_flush(outbio); + if (v_flag) + printf("%s: PKCS#7 contains %d bytes of enveloped data\n", +@@ -584,5 +598,5 @@ + exit (SCEP_PKISTATUS_P7); + } +- BIO_flush(outbio); ++ (void)BIO_flush(outbio); + + /* Write decrypted data */ +@@ -599,6 +613,6 @@ + + /* Add signed attributes */ +-int +-add_attribute_string(STACK_OF(X509_ATTRIBUTE) *attrs, int nid, char *buffer) { ++static int ++add_attribute_string(STACK_OF(X509_ATTRIBUTE) *attrs, int nid, const char *buffer) { + ASN1_STRING *asn1_string = NULL; + X509_ATTRIBUTE *x509_a; +@@ -623,6 +637,6 @@ + + } +-int +-add_attribute_octet(STACK_OF(X509_ATTRIBUTE) *attrs, int nid, char *buffer, ++static int ++add_attribute_octet(STACK_OF(X509_ATTRIBUTE) *attrs, int nid, const char *buffer, + int len) { + ASN1_STRING *asn1_string = NULL; +--- ias.c 2006-03-13 06:45:20.000000000 -0500 ++++ ias.c 2008-04-29 10:03:02.000000000 -0400 +@@ -15,7 +15,8 @@ + #include "ias.h" + +-int i2d_pkcs7_issuer_and_subject(pkcs7_issuer_and_subject *a, ++int i2d_pkcs7_issuer_and_subject(void *pv, + unsigned char **pp) { + ++ pkcs7_issuer_and_subject *a = pv; + M_ASN1_I2D_vars(a); + M_ASN1_I2D_len(a->issuer,i2d_X509_NAME); +--- sceputils.c 2006-03-13 06:45:22.000000000 -0500 ++++ sceputils.c 2008-04-29 10:03:02.000000000 -0400 +@@ -48,5 +48,5 @@ + */ + int new_selfsigned(struct scep *s) { +- unsigned char *ptr; ++ const unsigned char *ptr; + X509 *cert; + X509_NAME *subject; +@@ -99,5 +99,5 @@ + } + /* Get serial no from transaction id */ +- ptr = (unsigned char *)s->transaction_id; ++ ptr = (const unsigned char *)s->transaction_id; + if (!(serial = c2i_ASN1_INTEGER(NULL, &ptr, 32))) { + fprintf(stderr, "%s: error converting serial\n", pname); +@@ -231,5 +231,5 @@ + + /* Assign space for ASCII presentation of the digest */ +- str = (unsigned char *)malloc(2 * MD5_DIGEST_LENGTH + 1); ++ str = malloc(2 * MD5_DIGEST_LENGTH + 1); /* XXX this is never freed */ + ret = str; + +@@ -246,5 +246,5 @@ + /* Copy as ASCII string and return: */ + for (c = 0; c < MD5_DIGEST_LENGTH; c++, str += 2) { +- sprintf((char *)str, "%02X", md[c]); ++ sprintf(str, "%02X", md[c]); + + } +@@ -252,4 +252,2 @@ + return(ret); + } +- +- +--- sscep.h 2007-12-27 01:15:38.000000000 -0500 ++++ sscep.h 2008-04-29 10:03:02.000000000 -0400 +@@ -139,7 +139,7 @@ + + /* Fingerprint, signing and encryption algorithms */ +-EVP_MD *fp_alg; +-EVP_MD *sig_alg; +-EVP_CIPHER *enc_alg; ++const EVP_MD *fp_alg; ++const EVP_MD *sig_alg; ++const EVP_CIPHER *enc_alg; + + /* OpenSSL OID handles */ +@@ -188,5 +188,5 @@ + /* SCEP message types */ + int request_type; +- char *request_type_str; ++ const char *request_type_str; + int reply_type; + char *reply_type_str; +@@ -199,5 +199,5 @@ + + /* SCEP transaction attributes */ +- char *transaction_id; ++ const char *transaction_id; + unsigned char *sender_nonce; + int sender_nonce_len; +@@ -237,7 +237,4 @@ + int send_msg (struct http_reply *, char *, char *, int, int); + +-/* Catch SIGALRM */ +-void catchalarm (int); +- + /* Get config file parameter */ + char *get_string (char *); +@@ -291,10 +288,4 @@ + int pkcs7_unwrap(struct scep *); + +-/* Add signed string attribute */ +-int add_attribute_string(STACK_OF(X509_ATTRIBUTE) *, int, char *); +- +-/* Add signed octet attribute */ +-int add_attribute_octet(STACK_OF(X509_ATTRIBUTE) *, int, char *, int); +- + /* Find signed attributes */ + int get_signed_attribute(STACK_OF(X509_ATTRIBUTE) *, int, int, char **); +@@ -302,5 +293,5 @@ + + /* URL-endcode */ +-char *url_encode (char *, size_t); ++char *url_encode (const char *, size_t); + + /* End of Functions */ +--- cmd.h 2006-03-13 06:45:14.000000000 -0500 ++++ cmd.h 2008-04-29 10:03:02.000000000 -0400 +@@ -45,5 +45,5 @@ + + /* CA identifier */ +-char *i_char; ++const char *i_char; + int i_flag; + +--- sscep.c 2007-12-27 01:08:39.000000000 -0500 ++++ sscep.c 2008-04-29 10:03:15.000000000 -0400 +@@ -64,4 +64,10 @@ + } /* handle_serial */ + ++static void ++catchalarm(int signo __unused) { ++ fprintf(stderr, "%s: connection timed out\n", pname); ++ exit (SCEP_PKISTATUS_TIMEOUT); ++} ++ + int + main(int argc, char **argv) { +@@ -349,11 +355,11 @@ + /* Check algorithms */ + if (!E_flag) { +- enc_alg = (EVP_CIPHER *)EVP_des_cbc(); ++ enc_alg = EVP_des_cbc(); + } else if (!strncmp(E_char, "blowfish", 8)) { +- enc_alg = (EVP_CIPHER *)EVP_bf_cbc(); ++ enc_alg = EVP_bf_cbc(); + } else if (!strncmp(E_char, "des", 3)) { +- enc_alg = (EVP_CIPHER *)EVP_des_cbc(); ++ enc_alg = EVP_des_cbc(); + } else if (!strncmp(E_char, "3des", 4)) { +- enc_alg = (EVP_CIPHER *)EVP_des_ede3_cbc(); ++ enc_alg = EVP_des_ede3_cbc(); + } else { + fprintf(stderr, "%s: unsupported algorithm: %s\n", +@@ -362,9 +368,9 @@ + } + if (!S_flag) { +- sig_alg = (EVP_MD *)EVP_md5(); ++ sig_alg = EVP_md5(); + } else if (!strncmp(S_char, "md5", 3)) { +- sig_alg = (EVP_MD *)EVP_md5(); ++ sig_alg = EVP_md5(); + } else if (!strncmp(S_char, "sha1", 4)) { +- sig_alg = (EVP_MD *)EVP_sha1(); ++ sig_alg = EVP_sha1(); + } else { + fprintf(stderr, "%s: unsupported algorithm: %s\n", +@@ -374,9 +380,9 @@ + /* Fingerprint algorithm */ + if (!F_flag) { +- fp_alg = (EVP_MD *)EVP_md5(); ++ fp_alg = EVP_md5(); + } else if (!strncmp(F_char, "md5", 3)) { +- fp_alg = (EVP_MD *)EVP_md5(); ++ fp_alg = EVP_md5(); + } else if (!strncmp(F_char, "sha1", 4)) { +- fp_alg = (EVP_MD *)EVP_sha1(); ++ fp_alg = EVP_sha1(); + } else { + fprintf(stderr, "%s: unsupported algorithm: %s\n", +@@ -778,8 +784,2 @@ + exit(0); + } +- +-void +-catchalarm(int signo) { +- fprintf(stderr, "%s: connection timed out\n", pname); +- exit (SCEP_PKISTATUS_TIMEOUT); +-} |