diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2021-08-29 18:23:50 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2021-08-30 08:59:55 +0200 |
commit | 34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d (patch) | |
tree | fd24e6dc296552ed8ce520e595a71eea78e88e9c /source/l/cryfs | |
parent | a685863802fc9764aefd5b07106f3e3e54b210a3 (diff) | |
download | current-34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d.tar.gz current-34ba4d05d9d2b7f5d72aded4eb35aa617cb8629d.tar.xz |
Sun Aug 29 18:23:50 UTC 202120210829182350
ap/man-pages-5.13-noarch-1.txz: Upgraded.
d/binutils-2.37-x86_64-1.txz: Upgraded.
With a few upstream patches to fix some regressions in the release, we no
longer get any new FTBFS with this, so we'll take it.
d/oprofile-1.4.0-x86_64-8.txz: Rebuilt.
Recompiled against binutils-2.37.
kde/sddm-0.19.0-x86_64-8.txz: Rebuilt.
Patched to fix build.
l/libcap-2.54-x86_64-1.txz: Upgraded.
l/libssh-0.9.6-x86_64-1.txz: Upgraded.
Fix possible heap-buffer overflow when rekeying with different key exchange
mechanism.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634
(* Security fix *)
l/qt5-5.15.3_20210826_21ea9c12-x86_64-1.txz: Upgraded.
Switched to the patched qt5 from https://invent.kde.org/qt/qt/qt5.git.
Huge thanks to Heinz Wiesinger for the script to create a release tarball.
Likely this fixes many security issues.
(* Security fix *)
x/libglvnd-1.3.3-x86_64-1.txz: Upgraded.
Reverted to this version because changes to the header files won't allow the
EGL portions of Qt to properly compile.
Diffstat (limited to 'source/l/cryfs')
-rw-r--r-- | source/l/cryfs/041b5baea5a4efceff33df2f316646b47a1cd7c0.patch | 27 | ||||
-rw-r--r-- | source/l/cryfs/27587ea1acec5f939a31217f1c43953378f18821.patch | 297 | ||||
-rwxr-xr-x | source/l/cryfs/cryfs.SlackBuild | 10 |
3 files changed, 2 insertions, 332 deletions
diff --git a/source/l/cryfs/041b5baea5a4efceff33df2f316646b47a1cd7c0.patch b/source/l/cryfs/041b5baea5a4efceff33df2f316646b47a1cd7c0.patch deleted file mode 100644 index 22d8b3447..000000000 --- a/source/l/cryfs/041b5baea5a4efceff33df2f316646b47a1cd7c0.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 041b5baea5a4efceff33df2f316646b47a1cd7c0 Mon Sep 17 00:00:00 2001 -From: Sam James <11667869+thesamesam@users.noreply.github.com> -Date: Sat, 14 Aug 2021 17:29:24 +0100 -Subject: [PATCH] src/fspp/fuse/Fuse.h: add <memory.h> include for - std::shared_ptr (#395) - -Needed to fix build with Boost 1.77 (some indirect inclusion -got lost). - -Signed-off-by: Sam James <sam@gentoo.org> ---- - src/fspp/fuse/Fuse.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/fspp/fuse/Fuse.h b/src/fspp/fuse/Fuse.h -index 2dd3c2d4d..3841e38a4 100644 ---- a/src/fspp/fuse/Fuse.h -+++ b/src/fspp/fuse/Fuse.h -@@ -11,6 +11,7 @@ - #include <boost/optional.hpp> - #include <cpp-utils/macros.h> - #include <atomic> -+#include <memory> - #include "stat_compatibility.h" - #include <fspp/fs_interface/Context.h> - - diff --git a/source/l/cryfs/27587ea1acec5f939a31217f1c43953378f18821.patch b/source/l/cryfs/27587ea1acec5f939a31217f1c43953378f18821.patch deleted file mode 100644 index 0d739b077..000000000 --- a/source/l/cryfs/27587ea1acec5f939a31217f1c43953378f18821.patch +++ /dev/null @@ -1,297 +0,0 @@ -From 27587ea1acec5f939a31217f1c43953378f18821 Mon Sep 17 00:00:00 2001 -From: Sebastian Messmer <messmer@cryfs.org> -Date: Sat, 8 May 2021 14:44:27 -0700 -Subject: [PATCH] Fixed an issue when compiling with GCC 11, see - https://github.com/cryfs/cryfs/issues/389 - ---- - ChangeLog.txt | 5 ++ - .../onblocks/datanodestore/DataNodeView.h | 8 +-- - .../filesystem/fsblobstore/utils/DirEntry.cpp | 66 +++++++++---------- - src/cryfs/localstate/LocalStateMetadata.cpp | 24 +++---- - src/cryfs/localstate/LocalStateMetadata.h | 10 +-- - 5 files changed, 59 insertions(+), 54 deletions(-) - -diff --git a/ChangeLog.txt b/ChangeLog.txt -index f9776eb93..9d7a6708c 100644 ---- a/ChangeLog.txt -+++ b/ChangeLog.txt -@@ -1,3 +1,8 @@ -+Version 0.10.4 (unreleased) -+-------------- -+Fixed bugs: -+* Fixed an issue when compiling with GCC 11, see https://github.com/cryfs/cryfs/issues/389 -+ - Version 0.10.3 - --------------- - Fixed bugs: -diff --git a/src/blobstore/implementations/onblocks/datanodestore/DataNodeView.h b/src/blobstore/implementations/onblocks/datanodestore/DataNodeView.h -index 256c28495..3799612e3 100644 ---- a/src/blobstore/implementations/onblocks/datanodestore/DataNodeView.h -+++ b/src/blobstore/implementations/onblocks/datanodestore/DataNodeView.h -@@ -67,7 +67,7 @@ class DataNodeView final { - - static DataNodeView create(blockstore::BlockStore *blockStore, const DataNodeLayout &layout, uint16_t formatVersion, uint8_t depth, uint32_t size, cpputils::Data data) { - ASSERT(data.size() <= layout.datasizeBytes(), "Data is too large for node"); -- cpputils::Data serialized = _serialize(layout, formatVersion, depth, size, std::move(data)); -+ cpputils::Data serialized = serialize_(layout, formatVersion, depth, size, std::move(data)); - ASSERT(serialized.size() == layout.blocksizeBytes(), "Wrong block size"); - auto block = blockStore->create(serialized); - return DataNodeView(std::move(block)); -@@ -75,7 +75,7 @@ class DataNodeView final { - - static DataNodeView initialize(cpputils::unique_ref<blockstore::Block> block, const DataNodeLayout &layout, uint16_t formatVersion, uint8_t depth, uint32_t size, cpputils::Data data) { - ASSERT(data.size() <= DataNodeLayout(block->size()).datasizeBytes(), "Data is too large for node"); -- cpputils::Data serialized = _serialize(layout, formatVersion, depth, size, std::move(data)); -+ cpputils::Data serialized = serialize_(layout, formatVersion, depth, size, std::move(data)); - ASSERT(serialized.size() == block->size(), "Block has wrong size"); - block->write(serialized.data(), 0, serialized.size()); - return DataNodeView(std::move(block)); -@@ -83,7 +83,7 @@ class DataNodeView final { - - static DataNodeView overwrite(blockstore::BlockStore *blockStore, const DataNodeLayout &layout, uint16_t formatVersion, uint8_t depth, uint32_t size, const blockstore::BlockId &blockId, cpputils::Data data) { - ASSERT(data.size() <= layout.datasizeBytes(), "Data is too large for node"); -- cpputils::Data serialized = _serialize(layout, formatVersion, depth, size, std::move(data)); -+ cpputils::Data serialized = serialize_(layout, formatVersion, depth, size, std::move(data)); - auto block = blockStore->overwrite(blockId, std::move(serialized)); - return DataNodeView(std::move(block)); - } -@@ -143,7 +143,7 @@ class DataNodeView final { - } - - private: -- static cpputils::Data _serialize(const DataNodeLayout &layout, uint16_t formatVersion, uint8_t depth, uint32_t size, cpputils::Data data) { -+ static cpputils::Data serialize_(const DataNodeLayout &layout, uint16_t formatVersion, uint8_t depth, uint32_t size, cpputils::Data data) { - cpputils::Data result(layout.blocksizeBytes()); - cpputils::serialize<uint16_t>(result.dataOffset(layout.FORMAT_VERSION_OFFSET_BYTES), formatVersion); - cpputils::serialize<uint8_t>(result.dataOffset(layout.DEPTH_OFFSET_BYTES), depth); -diff --git a/src/cryfs/filesystem/fsblobstore/utils/DirEntry.cpp b/src/cryfs/filesystem/fsblobstore/utils/DirEntry.cpp -index 941148db9..70dd5a560 100644 ---- a/src/cryfs/filesystem/fsblobstore/utils/DirEntry.cpp -+++ b/src/cryfs/filesystem/fsblobstore/utils/DirEntry.cpp -@@ -11,55 +11,55 @@ namespace cryfs { - - namespace { - template<typename DataType> -- size_t _serialize(void* dst, const DataType& obj) { -+ size_t serialize_(void* dst, const DataType& obj) { - cpputils::serialize<DataType>(dst, obj); - return sizeof(DataType); - } - - template<typename DataType> -- DataType _deserialize(const char** src) { -+ DataType deserialize_(const char** src) { - DataType result = cpputils::deserialize<DataType>(*src); - *src += sizeof(DataType); - return result; - } - -- constexpr size_t _serializedTimeValueSize() { -+ constexpr size_t serializedTimeValueSize_() { - return sizeof(uint64_t) + sizeof(uint32_t); - } - -- unsigned int _serializeTimeValue(uint8_t *dest, timespec value) { -+ unsigned int serializeTimeValue_(uint8_t *dest, timespec value) { - unsigned int offset = 0; -- offset += _serialize<uint64_t>(dest + offset, value.tv_sec); -- offset += _serialize<uint32_t>(dest + offset, value.tv_nsec); -- ASSERT(offset == _serializedTimeValueSize(), "serialized to wrong size"); -+ offset += serialize_<uint64_t>(dest + offset, value.tv_sec); -+ offset += serialize_<uint32_t>(dest + offset, value.tv_nsec); -+ ASSERT(offset == serializedTimeValueSize_(), "serialized to wrong size"); - return offset; - } - -- timespec _deserializeTimeValue(const char **pos) { -+ timespec deserializeTimeValue_(const char **pos) { - timespec value{}; -- value.tv_sec = _deserialize<uint64_t>(pos); -- value.tv_nsec = _deserialize<uint32_t>(pos); -+ value.tv_sec = deserialize_<uint64_t>(pos); -+ value.tv_nsec = deserialize_<uint32_t>(pos); - return value; - } - -- unsigned int _serializeString(uint8_t *dest, const string &value) { -+ unsigned int serializeString_(uint8_t *dest, const string &value) { - std::memcpy(dest, value.c_str(), value.size()+1); - return value.size() + 1; - } - -- string _deserializeString(const char **pos) { -+ string deserializeString_(const char **pos) { - size_t length = strlen(*pos); - string value(*pos, length); - *pos += length + 1; - return value; - } - -- unsigned int _serializeBlockId(uint8_t *dest, const BlockId &blockId) { -+ unsigned int serializeBlockId_(uint8_t *dest, const BlockId &blockId) { - blockId.ToBinary(dest); - return blockId.BINARY_LENGTH; - } - -- BlockId _deserializeBlockId(const char **pos) { -+ BlockId deserializeBlockId_(const char **pos) { - BlockId blockId = BlockId::FromBinary(*pos); - *pos += BlockId::BINARY_LENGTH; - return blockId; -@@ -75,35 +75,35 @@ namespace cryfs { - _mode.hasDirFlag()) + ", " + std::to_string(_mode.hasSymlinkFlag()) + ", " + std::to_string(static_cast<uint8_t>(_type)) - ); - unsigned int offset = 0; -- offset += _serialize<uint8_t>(dest + offset, static_cast<uint8_t>(_type)); -- offset += _serialize<uint32_t>(dest + offset, _mode.value()); -- offset += _serialize<uint32_t>(dest + offset, _uid.value()); -- offset += _serialize<uint32_t>(dest + offset, _gid.value()); -- offset += _serializeTimeValue(dest + offset, _lastAccessTime); -- offset += _serializeTimeValue(dest + offset, _lastModificationTime); -- offset += _serializeTimeValue(dest + offset, _lastMetadataChangeTime); -- offset += _serializeString(dest + offset, _name); -- offset += _serializeBlockId(dest + offset, _blockId); -+ offset += serialize_<uint8_t>(dest + offset, static_cast<uint8_t>(_type)); -+ offset += serialize_<uint32_t>(dest + offset, _mode.value()); -+ offset += serialize_<uint32_t>(dest + offset, _uid.value()); -+ offset += serialize_<uint32_t>(dest + offset, _gid.value()); -+ offset += serializeTimeValue_(dest + offset, _lastAccessTime); -+ offset += serializeTimeValue_(dest + offset, _lastModificationTime); -+ offset += serializeTimeValue_(dest + offset, _lastMetadataChangeTime); -+ offset += serializeString_(dest + offset, _name); -+ offset += serializeBlockId_(dest + offset, _blockId); - ASSERT(offset == serializedSize(), "Didn't write correct number of elements"); - } - - const char *DirEntry::deserializeAndAddToVector(const char *pos, vector<DirEntry> *result) { -- fspp::Dir::EntryType type = static_cast<fspp::Dir::EntryType>(_deserialize<uint8_t>(&pos)); -- fspp::mode_t mode = fspp::mode_t(_deserialize<uint32_t>(&pos)); -- fspp::uid_t uid = fspp::uid_t(_deserialize<uint32_t>(&pos)); -- fspp::gid_t gid = fspp::gid_t(_deserialize<uint32_t>(&pos)); -- timespec lastAccessTime = _deserializeTimeValue(&pos); -- timespec lastModificationTime = _deserializeTimeValue(&pos); -- timespec lastMetadataChangeTime = _deserializeTimeValue(&pos); -- string name = _deserializeString(&pos); -- BlockId blockId = _deserializeBlockId(&pos); -+ fspp::Dir::EntryType type = static_cast<fspp::Dir::EntryType>(deserialize_<uint8_t>(&pos)); -+ fspp::mode_t mode = fspp::mode_t(deserialize_<uint32_t>(&pos)); -+ fspp::uid_t uid = fspp::uid_t(deserialize_<uint32_t>(&pos)); -+ fspp::gid_t gid = fspp::gid_t(deserialize_<uint32_t>(&pos)); -+ timespec lastAccessTime = deserializeTimeValue_(&pos); -+ timespec lastModificationTime = deserializeTimeValue_(&pos); -+ timespec lastMetadataChangeTime = deserializeTimeValue_(&pos); -+ string name = deserializeString_(&pos); -+ BlockId blockId = deserializeBlockId_(&pos); - - result->emplace_back(type, name, blockId, mode, uid, gid, lastAccessTime, lastModificationTime, lastMetadataChangeTime); - return pos; - } - - size_t DirEntry::serializedSize() const { -- return 1 + sizeof(uint32_t) + sizeof(uint32_t) + sizeof(uint32_t) + 3*_serializedTimeValueSize() + ( -+ return 1 + sizeof(uint32_t) + sizeof(uint32_t) + sizeof(uint32_t) + 3*serializedTimeValueSize_() + ( - _name.size() + 1) + _blockId.BINARY_LENGTH; - } - } -diff --git a/src/cryfs/localstate/LocalStateMetadata.cpp b/src/cryfs/localstate/LocalStateMetadata.cpp -index 529a26129..dfa952a1a 100644 ---- a/src/cryfs/localstate/LocalStateMetadata.cpp -+++ b/src/cryfs/localstate/LocalStateMetadata.cpp -@@ -30,10 +30,10 @@ LocalStateMetadata::LocalStateMetadata(uint32_t myClientId, Hash encryptionKeyHa - - LocalStateMetadata LocalStateMetadata::loadOrGenerate(const bf::path &statePath, const Data& encryptionKey, bool allowReplacedFilesystem) { - auto metadataFile = statePath / "metadata"; -- auto loaded = _load(metadataFile); -+ auto loaded = load_(metadataFile); - if (loaded == none) { - // If it couldn't be loaded, generate a new client id. -- return _generate(metadataFile, encryptionKey); -+ return generate_(metadataFile, encryptionKey); - } - - if (!allowReplacedFilesystem && loaded->_encryptionKeyHash.digest != cpputils::hash::hash(encryptionKey, loaded->_encryptionKeyHash.salt).digest) { -@@ -42,22 +42,22 @@ LocalStateMetadata LocalStateMetadata::loadOrGenerate(const bf::path &statePath, - return *loaded; - } - --optional<LocalStateMetadata> LocalStateMetadata::_load(const bf::path &metadataFilePath) { -+optional<LocalStateMetadata> LocalStateMetadata::load_(const bf::path &metadataFilePath) { - ifstream file(metadataFilePath.string()); - if (!file.good()) { - // State file doesn't exist - return none; - } -- return _deserialize(file); -+ return deserialize_(file); - } - --void LocalStateMetadata::_save(const bf::path &metadataFilePath) const { -+void LocalStateMetadata::save_(const bf::path &metadataFilePath) const { - ofstream file(metadataFilePath.string(), std::ios::trunc); -- _serialize(file); -+ serialize_(file); - } - - namespace { --uint32_t _generateClientId() { -+uint32_t generateClientId_() { - uint32_t result; - do { - result = cpputils::deserialize<uint32_t>(Random::PseudoRandom().getFixedSize<sizeof(uint32_t)>().data()); -@@ -82,8 +82,8 @@ optional<uint32_t> _tryLoadClientIdFromLegacyFile(const bf::path &metadataFilePa - #endif - } - --LocalStateMetadata LocalStateMetadata::_generate(const bf::path &metadataFilePath, const Data& encryptionKey) { -- uint32_t myClientId = _generateClientId(); -+LocalStateMetadata LocalStateMetadata::generate_(const bf::path &metadataFilePath, const Data& encryptionKey) { -+ uint32_t myClientId = generateClientId_(); - #ifndef CRYFS_NO_COMPATIBILITY - // In the old format, this was stored in a "myClientId" file. If that file exists, load it from there. - optional<uint32_t> legacy = _tryLoadClientIdFromLegacyFile(metadataFilePath); -@@ -93,11 +93,11 @@ LocalStateMetadata LocalStateMetadata::_generate(const bf::path &metadataFilePat - #endif - - LocalStateMetadata result(myClientId, cpputils::hash::hash(encryptionKey, cpputils::hash::generateSalt())); -- result._save(metadataFilePath); -+ result.save_(metadataFilePath); - return result; - } - --void LocalStateMetadata::_serialize(ostream& stream) const { -+void LocalStateMetadata::serialize_(ostream& stream) const { - ptree pt; - pt.put<uint32_t>("myClientId", myClientId()); - pt.put<string>("encryptionKey.salt", _encryptionKeyHash.salt.ToString()); -@@ -106,7 +106,7 @@ void LocalStateMetadata::_serialize(ostream& stream) const { - write_json(stream, pt); - } - --LocalStateMetadata LocalStateMetadata::_deserialize(istream& stream) { -+LocalStateMetadata LocalStateMetadata::deserialize_(istream& stream) { - try { - ptree pt; - read_json(stream, pt); -diff --git a/src/cryfs/localstate/LocalStateMetadata.h b/src/cryfs/localstate/LocalStateMetadata.h -index 8b0ffc662..c06b0f05b 100644 ---- a/src/cryfs/localstate/LocalStateMetadata.h -+++ b/src/cryfs/localstate/LocalStateMetadata.h -@@ -20,11 +20,11 @@ class LocalStateMetadata final { - const uint32_t _myClientId; - const cpputils::hash::Hash _encryptionKeyHash; - -- static boost::optional<LocalStateMetadata> _load(const boost::filesystem::path &metadataFilePath); -- static LocalStateMetadata _deserialize(std::istream& stream); -- static LocalStateMetadata _generate(const boost::filesystem::path &metadataFilePath, const cpputils::Data& encryptionKey); -- void _save(const boost::filesystem::path &metadataFilePath) const; -- void _serialize(std::ostream& stream) const; -+ static boost::optional<LocalStateMetadata> load_(const boost::filesystem::path &metadataFilePath); -+ static LocalStateMetadata deserialize_(std::istream& stream); -+ static LocalStateMetadata generate_(const boost::filesystem::path &metadataFilePath, const cpputils::Data& encryptionKey); -+ void save_(const boost::filesystem::path &metadataFilePath) const; -+ void serialize_(std::ostream& stream) const; - - LocalStateMetadata(uint32_t myClientId, cpputils::hash::Hash encryptionKey); - }; - diff --git a/source/l/cryfs/cryfs.SlackBuild b/source/l/cryfs/cryfs.SlackBuild index e37b529b2..9738ab4f0 100755 --- a/source/l/cryfs/cryfs.SlackBuild +++ b/source/l/cryfs/cryfs.SlackBuild @@ -1,7 +1,7 @@ #!/bin/bash # Copyright 2018, 2019, 2020 Eric Hameleers, Eindhoven, NL -# Copyright 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2020, 2021 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=cryfs VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -89,12 +89,6 @@ find . \ # Oddly, cryfs expects a static boost, so we'll need to hit it with the LART: export LDFLAGS="$SLKLDFLAGS -lboost_thread -lboost_program_options -lboost_filesystem -lboost_chrono -lcryptopp -lfuse" -# gcc11 fixes: -zcat $CWD/27587ea1acec5f939a31217f1c43953378f18821.patch.gz | patch -p1 --verbose || exit 1 - -# Boost 1.77.0 fix: -zcat $CWD/041b5baea5a4efceff33df2f316646b47a1cd7c0.patch.gz | patch -p1 --verbose || exit 1 - # Configure, build, and install: mkdir cmake-build cd cmake-build |