From 8668a904faf2ee0b8f18b0b9b8b1552d680eb33a Mon Sep 17 00:00:00 2001 From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= Date: Wed, 19 Sep 2018 10:56:06 +0200 Subject: [PATCH] - rel 3; fix gnutls build --- eet.spec | 6 +- gnutls.patch | 153 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 157 insertions(+), 2 deletions(-) create mode 100644 gnutls.patch diff --git a/eet.spec b/eet.spec index 628b3b8..00c2ee4 100644 --- a/eet.spec +++ b/eet.spec @@ -8,11 +8,12 @@ Summary: Library for speedy data storage, retrieval, and compression Summary(pl.UTF-8): Biblioteka do szybkiego zapisywania, odtwarzania i kompresji danych Name: eet Version: 1.7.10 -Release: 2 +Release: 3 License: BSD Group: Libraries -Source0: http://download.enlightenment.org/releases/%{name}-%{version}.tar.bz2 +Source0: http://download.enlightenment.org/att/releases/%{name}-%{version}.tar.bz2 # Source0-md5: 396ccb7094518cb9ce6939e7d2c6ef8c +Patch0: gnutls.patch URL: http://trac.enlightenment.org/e/wiki/Eet BuildRequires: autoconf >= 2.52 BuildRequires: automake >= 1.6 @@ -86,6 +87,7 @@ Statyczna biblioteka Eet. %prep %setup -q +%patch0 -p1 %build %{__libtoolize} diff --git a/gnutls.patch b/gnutls.patch new file mode 100644 index 0000000..3f29c49 --- /dev/null +++ b/gnutls.patch @@ -0,0 +1,153 @@ +--- eet-1.7.10/src/lib/eet_cipher.c.orig 2013-07-29 16:22:39.000000000 +0200 ++++ eet-1.7.10/src/lib/eet_cipher.c 2018-09-19 10:34:46.452526279 +0200 +@@ -56,9 +56,7 @@ void *alloca(size_t); + + #ifdef HAVE_CIPHER + # ifdef HAVE_GNUTLS +-# if defined EET_USE_NEW_PUBKEY_VERIFY_HASH || defined EET_USE_NEW_PRIVKEY_SIGN_DATA +-# include +-# endif ++# include + # include + # include + # else /* ifdef HAVE_GNUTLS */ +@@ -500,10 +498,8 @@ eet_identity_sign(FILE *fp, + gnutls_datum_t datum = { NULL, 0 }; + size_t sign_len = 0; + size_t cert_len = 0; +-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA + gnutls_datum_t signum = { NULL, 0 }; + gnutls_privkey_t privkey; +-#endif + # else /* ifdef HAVE_GNUTLS */ + EVP_MD_CTX md_ctx; + unsigned int sign_len = 0; +@@ -535,7 +531,6 @@ eet_identity_sign(FILE *fp, + datum.size = st_buf.st_size; + + /* Get the signature length */ +-#ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA + if (gnutls_privkey_init(&privkey) < 0) + { + err = EET_ERROR_SIGNATURE_FAILED; +@@ -556,30 +551,6 @@ eet_identity_sign(FILE *fp, + + sign = signum.data; + sign_len = signum.size; +-#else +- if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, +- &datum, sign, &sign_len) && +- !sign_len) +- { +- err = EET_ERROR_SIGNATURE_FAILED; +- goto on_error; +- } +- +- /* Get the signature */ +- sign = malloc(sign_len); +- if (!sign || +- gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, +- &datum, +- sign, &sign_len)) +- { +- if (!sign) +- err = EET_ERROR_OUT_OF_MEMORY; +- else +- err = EET_ERROR_SIGNATURE_FAILED; +- +- goto on_error; +- } +-#endif + + /* Get the certificate length */ + if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert, +@@ -729,15 +700,11 @@ eet_identity_check(const void *data_ba + gnutls_x509_crt_t cert; + gnutls_datum_t datum; + gnutls_datum_t signature; +-# if EET_USE_NEW_GNUTLS_API +-# if EET_USE_NEW_PUBKEY_VERIFY_HASH + gnutls_pubkey_t pubkey; + gnutls_digest_algorithm_t hash_algo; +-# endif + unsigned char *hash; + gcry_md_hd_t md; + int err; +-# endif /* if EET_USE_NEW_GNUTLS_API */ + + /* Create an understanding certificate structure for gnutls */ + datum.data = (void *)cert_der; +@@ -749,7 +716,6 @@ eet_identity_check(const void *data_ba + signature.size = sign_len; + + /* Verify the signature */ +-# if EET_USE_NEW_GNUTLS_API + /* + I am waiting for my patch being accepted in GnuTLS release. + But we now have a way to prevent double computation of SHA1. +@@ -767,7 +733,6 @@ eet_identity_check(const void *data_ba + datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1); + datum.data = hash; + +-# ifdef EET_USE_NEW_PUBKEY_VERIFY_HASH + if (gnutls_pubkey_init(&pubkey) < 0) + goto on_error; + +@@ -779,10 +744,6 @@ eet_identity_check(const void *data_ba + + if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0) + goto on_error; +-# else +- if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature)) +- goto on_error; +-# endif + + if (sha1) + { +@@ -794,20 +755,6 @@ eet_identity_check(const void *data_ba + } + + gcry_md_close(md); +-# else /* if EET_USE_NEW_GNUTLS_API */ +- datum.data = (void *)data_base; +- datum.size = data_length; +- +- if (!gnutls_x509_crt_verify_data(cert, 0, &datum, &signature)) +- return NULL; +- +- if (sha1) +- { +- *sha1 = NULL; +- *sha1_length = -1; +- } +- +-# endif /* if EET_USE_NEW_GNUTLS_API */ + gnutls_x509_crt_deinit(cert); + + # else /* ifdef HAVE_GNUTLS */ +@@ -861,11 +808,9 @@ eet_identity_check(const void *data_ba + + return cert_der; + # ifdef HAVE_GNUTLS +-# if EET_USE_NEW_GNUTLS_API + on_error: + gcry_md_close(md); + return NULL; +-# endif + # endif + #else /* ifdef HAVE_SIGNATURE */ + data_base = NULL; +--- eet-1.7.10/src/lib/eet_cipher.c.org 2018-09-19 10:53:01.742816086 +0200 ++++ eet-1.7.10/src/lib/eet_cipher.c 2018-09-19 10:54:10.794913636 +0200 +@@ -739,10 +739,7 @@ eet_identity_check(const void *data_ba + if (gnutls_pubkey_import_x509(pubkey, cert, 0) < 0) + goto on_error; + +- if (gnutls_pubkey_get_verify_algorithm(pubkey, &signature, &hash_algo) < 0) +- goto on_error; +- +- if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0) ++ if (gnutls_pubkey_verify_hash2(pubkey, GNUTLS_SIGN_RSA_SHA1, 0, &datum, &signature) < 0) + goto on_error; + + if (sha1) -- 2.43.0