Remove unnecessary patches and bootstrapping process

2020-09-04 12:51:12 +02:00 · 2020-09-04 12:51:12 +02:00 · 655fab0edb
commit 655fab0edb
parent aa2ff1da12
4 changed files with 1 additions and 266 deletions
--- a/gnutls-3.6.14-configure-fix-soname-detection.patch
+++ b/gnutls-3.6.14-configure-fix-soname-detection.patch
@ -1,60 +0,0 @@
-From b57b820a3f0464e3151dd675af4f28ad109d683c Mon Sep 17 00:00:00 2001
-From: Vitezslav Cizek <vcizek@suse.com>
-Date: Tue, 9 Jun 2020 13:54:04 +0200
-Subject: [PATCH] configure: improve nettle, gmp, and hogweed soname detection
-
-Some linkers might optimize away the libraries passed on the
-command line if they aren't actually needed, such as gnu ld with
--as-needed.
-The ldd output then won't list the shared libraries and the
-detection will fail.
-Make sure nettle and others are really used.
-
-Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
---
- configure.ac | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index e4ca66aec..ccbe4e563 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -741,7 +741,10 @@ LIBS=$save_LIBS
- save_LIBS=$LIBS
- LIBS="$LIBS $GMP_LIBS"
- AC_MSG_CHECKING([gmp soname])
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
-+AC_LINK_IFELSE([AC_LANG_PROGRAM([
-+               #include <gmp.h>],[
-+               mpz_t n;
-+               mpz_init(n);])],
- 	[gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'`],
- 	[gmp_so=none])
- if test -z "$gmp_so"; then
-@@ -754,7 +757,10 @@ LIBS=$save_LIBS
- save_LIBS=$LIBS
- LIBS="$LIBS $NETTLE_LIBS"
- AC_MSG_CHECKING([nettle soname])
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
-+AC_LINK_IFELSE([AC_LANG_PROGRAM([
-+               #include <nettle/sha2.h>],[
-+               struct sha256_ctx ctx;
-+               sha256_init(&ctx);])],
- 	[nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'`],
- 	[nettle_so=none])
- if test -z "$nettle_so"; then
-@@ -767,7 +773,10 @@ LIBS=$save_LIBS
- save_LIBS=$LIBS
- LIBS="$LIBS $HOGWEED_LIBS"
- AC_MSG_CHECKING([hogweed soname])
-AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
-+AC_LINK_IFELSE([AC_LANG_PROGRAM([
-+               #include <nettle/rsa.h>],[
-+               struct rsa_private_key priv;
-+               nettle_rsa_private_key_init(&priv);])],
- 	[hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'`],
- 	[hogweed_so=none])
- if test -z "$hogweed_so"; then
-- 
-2.25.4
-
--- a/gnutls-3.6.14-fix-iovec-memory-leak.patch
+++ b/gnutls-3.6.14-fix-iovec-memory-leak.patch
@ -1,152 +0,0 @@
-From 6fbff7fc8aabeee2254405f254220bbe8c05c67d Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <ueno@gnu.org>
-Date: Fri, 5 Jun 2020 16:26:33 +0200
-Subject: [PATCH] crypto-api: always allocate memory when serializing iovec_t
-
-The AEAD iov interface falls back to serializing the input buffers if
-the low-level cipher doesn't support scatter/gather encryption.
-However, there was a bug in the functions used for the serialization,
-which causes memory leaks under a certain condition (i.e. the number
-of input buffers is 1).
-
-This patch makes the logic of the functions simpler, by removing a
-micro-optimization that tries to minimize the number of calls to
-malloc/free.
-
-The original problem was reported by Marius Steffen in:
-https://bugzilla.samba.org/show_bug.cgi?id=14399
-and the cause was investigated by Alexander Haase in:
-https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
-
-Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
- lib/crypto-api.c        | 36 +++++++++++-------------------------
- tests/aead-cipher-vec.c | 33 ++++++++++++++++++---------------
- 2 files changed, 29 insertions(+), 40 deletions(-)
-
-diff --git a/lib/crypto-api.c b/lib/crypto-api.c
-index 45be64ed1..8524f5ed4 100644
--- a/lib/crypto-api.c
-+++ b/lib/crypto-api.c
-@@ -891,32 +891,23 @@ gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
- struct iov_store_st {
- 	void *data;
- 	size_t size;
-	unsigned allocated;
- };
- 
- static void iov_store_free(struct iov_store_st *s)
- {
-	if (s->allocated) {
-		gnutls_free(s->data);
-		s->allocated = 0;
-	}
-+	gnutls_free(s->data);
- }
- 
- static int iov_store_grow(struct iov_store_st *s, size_t length)
- {
-	if (s->allocated || s->data == NULL) {
-		s->size += length;
-		s->data = gnutls_realloc(s->data, s->size);
-		if (s->data == NULL)
-			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-		s->allocated = 1;
-	} else {
-		void *data = s->data;
-		size_t size = s->size + length;
-		s->data = gnutls_malloc(size);
-		memcpy(s->data, data, s->size);
-		s->size += length;
-	}
-+	void *data;
-+
-+	s->size += length;
-+	data = gnutls_realloc(s->data, s->size);
-+	if (data == NULL)
-+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-+
-+	s->data = data;
- 	return 0;
- }
- 
-@@ -926,11 +917,6 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
- 	memset(dst, 0, sizeof(*dst));
- 	if (iovcnt == 0) {
- 		return 0;
-	} else if (iovcnt == 1) {
-		dst->data = iov[0].iov_base;
-		dst->size = iov[0].iov_len;
-		/* implies: dst->allocated = 0; */
-		return 0;
- 	} else {
- 		int i;
- 		uint8_t *p;
-@@ -944,11 +930,11 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
- 
- 		p = dst->data;
- 		for (i=0;i<iovcnt;i++) {
-			memcpy(p, iov[i].iov_base, iov[i].iov_len);
-+			if (iov[i].iov_len > 0)
-+				memcpy(p, iov[i].iov_base, iov[i].iov_len);
- 			p += iov[i].iov_len;
- 		}
- 
-		dst->allocated = 1;
- 		return 0;
- 	}
- }
-diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c
-index fba9010d9..6a30a35f7 100644
--- a/tests/aead-cipher-vec.c
-+++ b/tests/aead-cipher-vec.c
-@@ -49,6 +49,7 @@ static void start(const char *name, int algo)
- 	giovec_t auth_iov[2];
- 	uint8_t tag[64];
- 	size_t tag_size = 0;
-+	size_t i;
- 
- 	key.data = key16;
- 	key.size = gnutls_cipher_get_key_size(algo);
-@@ -82,21 +83,23 @@ static void start(const char *name, int algo)
- 	if (ret < 0)
- 		fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
- 
-	ret = gnutls_aead_cipher_encryptv2(ch,
-					   iv.data, iv.size,
-					   auth_iov, 2,
-					   iov, 3,
-					   tag, &tag_size);
-	if (ret < 0)
-		fail("could not encrypt data: %s\n", gnutls_strerror(ret));
-
-	ret = gnutls_aead_cipher_decryptv2(ch,
-					   iv.data, iv.size,
-					   auth_iov, 2,
-					   iov, 3,
-					   tag, tag_size);
-	if (ret < 0)
-		fail("could not decrypt data: %s\n", gnutls_strerror(ret));
-+	for (i = 0; i < 2; i++) {
-+		ret = gnutls_aead_cipher_encryptv2(ch,
-+						   iv.data, iv.size,
-+						   auth_iov, 2,
-+						   iov, i + 1,
-+						   tag, &tag_size);
-+		if (ret < 0)
-+			fail("could not encrypt data: %s\n", gnutls_strerror(ret));
-+
-+		ret = gnutls_aead_cipher_decryptv2(ch,
-+						   iv.data, iv.size,
-+						   auth_iov, 2,
-+						   iov, i + 1,
-+						   tag, tag_size);
-+		if (ret < 0)
-+			fail("could not decrypt data: %s\n", gnutls_strerror(ret));
-+	}
- 
- 	gnutls_aead_cipher_deinit(ch);
- }
-- 
-2.25.4
-
--- a/gnutls-3.6.14-pthreads.patch
+++ b/gnutls-3.6.14-pthreads.patch
@ -1,50 +0,0 @@
-From f15c02b1fb9faf3e06db2c51196a27b0f9d72672 Mon Sep 17 00:00:00 2001
-From: James Bottomley <James.Bottomley@HansenPartnership.com>
-Date: Sun, 28 Jun 2020 21:33:09 +0200
-Subject: [PATCH] build: use $(LIBPTHREAD) rather than non-existent
- $(LTLIBPTHREAD)
-
-On a very recent openSUSE build, libgnutls is getting built without
-libpthread. This caused a thread related error when trying to load a
-pkcs11 module that uses threading. The reason is rather convoluted:
-glibc actually controls all the pthread_ function calls, but it
-returns success without doing anything unless -lpthread is in the link
-list. What's happening is that gnutls_system_mutex_init() is being
-called on _gnutls_pkcs11_mutex before library pthreading is
-initialized, so the pthread_mutex_init ends up being a nop. Then, when
-the pkcs11 module is loaded, pthreads get initialized and the call to
-pthread_mutex_lock is real, but errors out on the uninitialized mutex.
-
-The problem seems to be that nothing in the gnulib macros gnutls
-relies on for threading support detection actually sets LTLIBPTHREAD,
-they only set LIBPTHREAD. The fix is to use LIBPTHREAD in
-lib/Makefile.in
-
-Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
---
- bootstrap.conf  | 4 ++--
- lib/Makefile.am | 8 +++++++-
- 2 files changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/lib/Makefile.am b/lib/Makefile.am
-index fa47ac5e6..02504d8d1 100644
--- a/lib/Makefile.am
-+++ b/lib/Makefile.am
-@@ -168,7 +168,13 @@ libgnutls_la_LIBADD += accelerated/libaccelerated.la
- endif
- 
- if !WINDOWS
-thirdparty_libadd += $(LTLIBPTHREAD)
-+# p11-kit does not work without threading support:
-+# https://github.com/p11-glue/p11-kit/pull/183
-+if ENABLE_PKCS11
-+thirdparty_libadd += $(LIBPMULTITHREAD)
-+else
-+thirdparty_libadd += $(LIBPTHREAD)
-+endif
- endif
- 
- if NEEDS_LIBRT
-- 
-2.26.2
-
--- a/gnutls.spec
+++ b/gnutls.spec
@ -3,9 +3,6 @@ Version:	3.6.15
 Release: 1%{?dist}
 Patch1:	gnutls-3.6.7-no-now-guile.patch
 Patch2:	gnutls-3.2.7-rpath.patch
-Patch3:	gnutls-3.6.14-fix-iovec-memory-leak.patch
-Patch4:	gnutls-3.6.14-configure-fix-soname-detection.patch
-Patch5: gnutls-3.6.14-pthreads.patch
 %bcond_without dane
 %if 0%{?rhel}
 %bcond_with guile
@ -146,7 +143,7 @@ This package contains Guile bindings for the library.
 gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}

 %autosetup -p1
-autoreconf -fi
+#autoreconf -fi

 sed -i -e 's|sys_lib_dlsearch_path_spec="/lib /usr/lib|sys_lib_dlsearch_path_spec="/lib /usr/lib %{_libdir}|g' configure
 rm -f lib/minitasn1/*.c lib/minitasn1/*.h