From c591f97432047a2add48ff0ec9c20babba2915c6 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Fri, 16 Mar 2018 20:11:40 +0000 Subject: nettle: refresh the patches * fixes: WARNING: nettle-2.7.1-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify devtool finish --force-patch-refresh Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch Add-target-to-only-build-tests-not-run-them.patch patching file Makefile.in Hunk #1 succeeded at 53 (offset -2 lines). patching file testsuite/Makefile.in Hunk #1 succeeded at 105 with fuzz 2 (offset -11 lines). Now at patch Add-target-to-only-build-tests-not-run-them.patch Signed-off-by: Martin Jansa Signed-off-by: Ross Burton --- ...d-target-to-only-build-tests-not-run-them.patch | 18 +++---- .../nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | 59 +++++++++++++--------- .../nettle/nettle-2.7.1/CVE-2015-8804.patch | 26 +++++++--- ...k-header-files-of-openssl-only-if-enable_.patch | 6 +-- 4 files changed, 63 insertions(+), 46 deletions(-) diff --git a/recipes-support/nettle/files/Add-target-to-only-build-tests-not-run-them.patch b/recipes-support/nettle/files/Add-target-to-only-build-tests-not-run-them.patch index 23da777..af77aec 100644 --- a/recipes-support/nettle/files/Add-target-to-only-build-tests-not-run-them.patch +++ b/recipes-support/nettle/files/Add-target-to-only-build-tests-not-run-them.patch @@ -1,4 +1,4 @@ -From 46edf01cc98db9f9feec984897836dfdd26bdc8d Mon Sep 17 00:00:00 2001 +From 9225dfb91b6b5617cf2dff32d370cf027237d4c8 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Wed, 12 Aug 2015 23:27:27 +0300 Subject: [PATCH] Add target to only build tests (not run them) @@ -9,16 +9,17 @@ installable tests: It's useful for us already as is. Upstream-Status: Inappropriate [not a complete solution] Signed-off-by: Jussi Kukkonen + --- Makefile.in | 3 +++ testsuite/Makefile.in | 2 ++ 2 files changed, 5 insertions(+) diff --git a/Makefile.in b/Makefile.in -index 08efb7d..7909342 100644 +index 2c25007..ef21b1b 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -55,6 +55,9 @@ clean distclean mostlyclean maintainer-clean tags: +@@ -53,6 +53,9 @@ clean distclean mostlyclean maintainer-clean tags: echo "Making $@ in $$d" ; (cd $$d && $(MAKE) $@); done $(MAKE) $@-here @@ -29,18 +30,15 @@ index 08efb7d..7909342 100644 true diff --git a/testsuite/Makefile.in b/testsuite/Makefile.in -index 6bc1907..bb65bf0 100644 +index 91f6e2a..52f5c29 100644 --- a/testsuite/Makefile.in +++ b/testsuite/Makefile.in -@@ -116,6 +116,8 @@ $(TARGETS) $(EXTRA_TARGETS): testutils.$(OBJEXT) ../nettle-internal.$(OBJEXT) \ - # data. - VALGRIND = valgrind --error-exitcode=1 --leak-check=full --show-reachable=yes @IF_ASM@ --partial-loads-ok=yes +@@ -105,6 +105,8 @@ $(TARGETS) $(EXTRA_TARGETS): testutils.$(OBJEXT) ../nettle-internal.$(OBJEXT) \ + + VALGRIND = valgrind --error-exitcode=1 --leak-check=full --show-reachable=yes +buildtest: $(TS_ALL) + # The PATH update is for locating dlls on w*ndows. check: $(TS_ALL) LD_LIBRARY_PATH=../.lib PATH="../.lib:$$PATH" srcdir="$(srcdir)" \ --- -2.1.4 - diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch index a956f42..988f39e 100644 --- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch +++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch @@ -1,3 +1,8 @@ +From f21b9f7b21067fa3630607cdc1663141b2735ae5 Mon Sep 17 00:00:00 2001 +From: Armin Kuster +Date: Thu, 2 Mar 2017 12:24:31 +0000 +Subject: [PATCH] Create meta-gplv2 from files from OE-Core + Upstream-Status: Backport https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d @@ -8,14 +13,36 @@ Same fix for both. Signed-off-by: Armin Kuster -Index: nettle-2.7.1/ecc-256.c -=================================================================== ---- nettle-2.7.1.orig/ecc-256.c -+++ nettle-2.7.1/ecc-256.c -@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ec +--- + ChangeLog | 6 ++++++ + ecc-256.c | 23 ++++++++++++++++++----- + 2 files changed, 24 insertions(+), 5 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index 7b7854d..abdd974 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,9 @@ ++2015-12-10 Niels Möller ++ ++ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem ++ reported by Hanno Böck. ++ (ecc_256_modq): Fixed another carry propagation bug. ++ + 2013-05-28 Niels Möller + + * Released nettle-2.7.1. +diff --git a/ecc-256.c b/ecc-256.c +index 571cf73..7bee4c7 100644 +--- a/ecc-256.c ++++ b/ecc-256.c +@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) q2 += t + (q1 < t); assert (q2 < 2); +- +- /* We multiply by two low limbs of p, 2^96 - 1, so we could use +- shifts rather than mul. */ + /* + n-1 n-2 n-3 n-4 + +---+---+---+---+ @@ -25,16 +52,14 @@ Index: nettle-2.7.1/ecc-256.c + +-------+---+ + |q2(2^.)| + +-------+ - -- /* We multiply by two low limbs of p, 2^96 - 1, so we could use -- shifts rather than mul. */ ++ + We multiply by two low limbs of p, 2^96 - 1, so we could use + shifts rather than mul. + */ t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1); t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1); t += (-q2) & 0xffffffff; -@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ec +@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) u0 -= t; t = (u1 < cy); u1 -= cy; @@ -46,7 +71,7 @@ Index: nettle-2.7.1/ecc-256.c u1 -= (-t) & 0xffffffff; } rp[2] = u0; -@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ec +@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ecc, mp_limb_t *rp) /* Conditional add of p */ u1 += t; @@ -55,17 +80,3 @@ Index: nettle-2.7.1/ecc-256.c t = cnd_add_n (t, rp + n - 4, ecc->q, 2); u1 += t; -Index: nettle-2.7.1/ChangeLog -=================================================================== ---- nettle-2.7.1.orig/ChangeLog -+++ nettle-2.7.1/ChangeLog -@@ -1,3 +1,9 @@ -+2015-12-10 Niels Möller -+ -+ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem -+ reported by Hanno Böck. -+ (ecc_256_modq): Fixed another carry propagation bug. -+ - 2013-05-28 Niels Möller - - * Released nettle-2.7.1. diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch index 73723a9..f6906fd 100644 --- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch +++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch @@ -1,13 +1,23 @@ +From 8cbd1d71caf56d45c54b1d8d073b330c07c66d12 Mon Sep 17 00:00:00 2001 +From: Armin Kuster +Date: Thu, 2 Mar 2017 12:24:31 +0000 +Subject: [PATCH] Create meta-gplv2 from files from OE-Core + Upstream-Status: Backport https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7 CVE: CVE-2015-8804 Signed-off-by: Armin Kuster -Index: nettle-2.7.1/ChangeLog -=================================================================== ---- nettle-2.7.1.orig/ChangeLog -+++ nettle-2.7.1/ChangeLog +--- + ChangeLog | 8 +++ + x86_64/ecc-384-modp.asm | 169 +++++++++++++++++++++--------------------------- + 2 files changed, 83 insertions(+), 94 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index abdd974..c81168b 100644 +--- a/ChangeLog ++++ b/ChangeLog @@ -1,3 +1,11 @@ +2015-12-15 Niels Möller + @@ -20,10 +30,10 @@ Index: nettle-2.7.1/ChangeLog 2015-12-10 Niels Möller * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem -Index: nettle-2.7.1/x86_64/ecc-384-modp.asm -=================================================================== ---- nettle-2.7.1.orig/x86_64/ecc-384-modp.asm -+++ nettle-2.7.1/x86_64/ecc-384-modp.asm +diff --git a/x86_64/ecc-384-modp.asm b/x86_64/ecc-384-modp.asm +index 698838f..31b739e 100644 +--- a/x86_64/ecc-384-modp.asm ++++ b/x86_64/ecc-384-modp.asm @@ -20,7 +20,7 @@ C MA 02111-1301, USA. .file "ecc-384-modp.asm" diff --git a/recipes-support/nettle/nettle-2.7.1/check-header-files-of-openssl-only-if-enable_.patch b/recipes-support/nettle/nettle-2.7.1/check-header-files-of-openssl-only-if-enable_.patch index 38d9107..d72165a 100644 --- a/recipes-support/nettle/nettle-2.7.1/check-header-files-of-openssl-only-if-enable_.patch +++ b/recipes-support/nettle/nettle-2.7.1/check-header-files-of-openssl-only-if-enable_.patch @@ -1,4 +1,4 @@ -From c369dd7049f5a198f8b6c96fde6e294ce5146c2f Mon Sep 17 00:00:00 2001 +From 95c6efc308c314f0cfe874d6a26cd1f59089adf6 Mon Sep 17 00:00:00 2001 From: Haiqing Bai Date: Fri, 9 Dec 2016 16:16:45 +0800 Subject: [PATCH] nettle: check header files of openssl only if @@ -10,6 +10,7 @@ building for nettle. Upstream-Status: Pending Signed-off-by: Haiqing Bai + --- configure.ac | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) @@ -33,6 +34,3 @@ index 78a3d4e..4f16a98 100644 LSH_FUNC_ALLOCA LSH_FUNC_STRERROR --- -1.9.1 - -- cgit v1.2.3-54-g00ecf