UPDATE security/polarssl

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

UPDATE security/polarssl

Björn Ketelaars
A new version of mbedtls is available, which is the first of the next
long term support branch. This version fixes a couple of bugs, and adds
some new features. Changelog can be found at
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.0-2.7.9-and-2.1.18-released

'make test' runs successful, consumers have been build tested, and
lightly run tested with net/openvpn,mbedtls.

Concerning the port:
- Bump minor of mbedtls and mbedcrypt as symbols have been added
- Tell PORTROACH to follow the LTS branch. Advantage is that we can more
  easily backport security fixes (no new features will be added to the
  LTS branch, the API and ABI will be maintained, and only bug fixes
  will be made)
- Take maintainership

OK?


Index: Makefile
===================================================================
RCS file: /cvs/ports/security/polarssl/Makefile,v
retrieving revision 1.26
diff -u -p -r1.26 Makefile
--- Makefile 7 Dec 2018 13:11:24 -0000 1.26
+++ Makefile 10 Jan 2019 17:13:06 -0000
@@ -1,18 +1,22 @@
 # $OpenBSD: Makefile,v 1.26 2018/12/07 13:11:24 bket Exp $
 
+PORTROACH= limit:^2\.16
+
 COMMENT= SSL library with an intuitive API and readable source code
 
-DISTNAME= mbedtls-2.14.1
+DISTNAME= mbedtls-2.16.0
 EXTRACT_SUFX= -gpl.tgz
 
 # check SOVERSION
-SHARED_LIBS +=  mbedtls                   6.0 # 12
-SHARED_LIBS +=  mbedcrypto                4.1 # 3
+SHARED_LIBS +=  mbedtls                   6.1 # 12
+SHARED_LIBS +=  mbedcrypto                4.2 # 3
 SHARED_LIBS +=  mbedx509                  3.0 # 0
 
 CATEGORIES= security
 
 HOMEPAGE= https://tls.mbed.org/
+
+MAINTAINER= Bjorn Ketelaars <[hidden email]>
 
 # Dual licensed: GPLv2+/Commercial, Apache v2 is also available
 PERMIT_PACKAGE_CDROM= Yes
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/polarssl/distinfo,v
retrieving revision 1.18
diff -u -p -r1.18 distinfo
--- distinfo 7 Dec 2018 13:11:24 -0000 1.18
+++ distinfo 10 Jan 2019 17:13:06 -0000
@@ -1,2 +1,2 @@
-SHA256 (mbedtls-2.14.1-gpl.tgz) = uqESGVJ4b1ssZsUiJqjKDgUSbekg0XViZlUd9neRW34=
-SIZE (mbedtls-2.14.1-gpl.tgz) = 2477521
+SHA256 (mbedtls-2.16.0-gpl.tgz) = yNekaWKHy5UzxFW91lhZEG291EcsElGUOHSG5tTfJ5k=
+SIZE (mbedtls-2.16.0-gpl.tgz) = 2515339
Index: patches/patch-include_mbedtls_config_h
===================================================================
RCS file: /cvs/ports/security/polarssl/patches/patch-include_mbedtls_config_h,v
retrieving revision 1.7
diff -u -p -r1.7 patch-include_mbedtls_config_h
--- patches/patch-include_mbedtls_config_h 26 Nov 2018 15:18:28 -0000 1.7
+++ patches/patch-include_mbedtls_config_h 10 Jan 2019 17:13:06 -0000
@@ -6,7 +6,7 @@ www/hiawatha.
 Index: include/mbedtls/config.h
 --- include/mbedtls/config.h.orig
 +++ include/mbedtls/config.h
-@@ -1582,7 +1582,7 @@
+@@ -1624,7 +1624,7 @@
   *
   * Uncomment this to enable pthread mutexes.
   */
@@ -15,7 +15,7 @@ Index: include/mbedtls/config.h
 
  /**
   * \def MBEDTLS_VERSION_FEATURES
-@@ -2774,7 +2774,7 @@
+@@ -2816,7 +2816,7 @@
   *
   * Enable this layer to allow use of mutexes within mbed TLS
   */
Index: patches/patch-tests_suites_host_test_function
===================================================================
RCS file: /cvs/ports/security/polarssl/patches/patch-tests_suites_host_test_function,v
retrieving revision 1.1
diff -u -p -r1.1 patch-tests_suites_host_test_function
--- patches/patch-tests_suites_host_test_function 2 Oct 2018 15:13:04 -0000 1.1
+++ patches/patch-tests_suites_host_test_function 10 Jan 2019 17:13:06 -0000
@@ -15,9 +15,9 @@ Index: tests/suites/host_test.function
 
  #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
      !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
-@@ -547,20 +544,6 @@ int execute_tests( int argc , const char ** argv )
-             {
+@@ -548,20 +545,6 @@ int execute_tests( int argc , const char ** argv )
                  test_info.failed = 0;
+                 test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE;
 
 -#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
 -                /* Suppress all output from the library unless we're verbose
@@ -36,7 +36,7 @@ Index: tests/suites/host_test.function
 
                  function_id = strtol( params[0], NULL, 10 );
                  if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS )
-@@ -572,13 +555,6 @@ int execute_tests( int argc , const char ** argv )
+@@ -573,13 +556,6 @@ int execute_tests( int argc , const char ** argv )
                      }
                  }
 
@@ -50,7 +50,7 @@ Index: tests/suites/host_test.function
 
              }
 
-@@ -662,10 +638,6 @@ int execute_tests( int argc , const char ** argv )
+@@ -663,10 +639,6 @@ int execute_tests( int argc , const char ** argv )
      mbedtls_memory_buffer_alloc_free();
  #endif