Browse Source

Refresh patch queue

All were applied upstream.
Christoph Biedl 8 months ago
parent
commit
787c35e56d

+ 0 - 27
debian/patches/cherry-pick.v10-1-g198f720.fix-minor-file-leak.patch

@@ -1,27 +0,0 @@
-Subject: Fix minor FILE* leak
-Origin: v10-1-g198f720 <https://github.com/latchset/jose/commit/v10-1-g198f720>
-Upstream-Author: Nathaniel McCallum <npmccallum@redhat.com>
-Date: Fri Sep 29 14:49:57 2017 -0400
-
---- a/cmd/jwe/pwd.h
-+++ b/cmd/jwe/pwd.h
-@@ -57,8 +57,10 @@
-     nf.c_lflag &= ~ECHO;
-     nf.c_lflag |= ECHONL;
- 
--    if (tcsetattr(fileno(tty), TCSANOW, &nf) != 0)
-+    if (tcsetattr(fileno(tty), TCSANOW, &nf) != 0) {
-+        fclose(tty);
-         return NULL;
-+    }
- 
-     fprintf(tty, "%s", prompt);
- 
-@@ -72,6 +74,7 @@
-     }
- 
-     tcsetattr(fileno(tty), TCSANOW, &of);
-+    fclose(tty);
-     return pwd;
- }
- #endif

+ 0 - 78
debian/patches/cherry-pick.v10-4-g9ec5bf7.add-support-for-rsa-oaep-224-rsa-oaep-384-and-rsa-oaep-512.patch

@@ -1,78 +0,0 @@
-Subject: Add support for RSA-OAEP-224, RSA-OAEP-384 and RSA-OAEP-512
-Origin: v10-4-g9ec5bf7 <https://github.com/latchset/jose/commit/v10-4-g9ec5bf7>
-Upstream-Author: Nathaniel McCallum <npmccallum@redhat.com>
-Date: Tue May 1 11:03:10 2018 -0400
-
---- a/lib/openssl/rsaes.c
-+++ b/lib/openssl/rsaes.c
-@@ -26,7 +26,7 @@
- #include <string.h>
- 
- #ifdef EVP_PKEY_CTX_set_rsa_oaep_md
--#define NAMES "RSA1_5", "RSA-OAEP", "RSA-OAEP-256"
-+#define NAMES "RSA1_5", "RSA-OAEP", "RSA-OAEP-224", "RSA-OAEP-256", "RSA-OAEP-384", "RSA-OAEP-512"
- #define HAVE_OAEP
- #else
- #define NAMES "RSA1_5"
-@@ -116,7 +116,10 @@
-     switch (str2enum(alg->name, NAMES, NULL)) {
-     case 0: pad = RSA_PKCS1_PADDING;      tmp = 11; md = EVP_sha1(); break;
-     case 1: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha1(); break;
--    case 2: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha256(); break;
-+    case 2: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha224(); break;
-+    case 3: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha256(); break;
-+    case 4: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha384(); break;
-+    case 5: pad = RSA_PKCS1_OAEP_PADDING; tmp = 41; md = EVP_sha512(); break;
-     default: return false;
-     }
- 
-@@ -206,7 +209,10 @@
-     switch (str2enum(alg->name, NAMES, NULL)) {
-     case 0: pad = RSA_PKCS1_PADDING;      md = EVP_sha1(); break;
-     case 1: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha1(); break;
--    case 2: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha256(); break;
-+    case 2: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha224(); break;
-+    case 3: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha256(); break;
-+    case 4: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha384(); break;
-+    case 5: pad = RSA_PKCS1_OAEP_PADDING; md = EVP_sha512(); break;
-     default: return false;
-     }
- 
-@@ -309,6 +315,14 @@
-           .wrap.enc = alg_wrap_enc,
-           .wrap.wrp = alg_wrap_wrp,
-           .wrap.unw = alg_wrap_unw },
-+        { .kind = JOSE_HOOK_ALG_KIND_WRAP,
-+          .name = "RSA-OAEP-224",
-+          .wrap.eprm = "wrapKey",
-+          .wrap.dprm = "unwrapKey",
-+          .wrap.alg = alg_wrap_alg,
-+          .wrap.enc = alg_wrap_enc,
-+          .wrap.wrp = alg_wrap_wrp,
-+          .wrap.unw = alg_wrap_unw },
-         { .kind = JOSE_HOOK_ALG_KIND_WRAP,
-           .name = "RSA-OAEP-256",
-           .wrap.eprm = "wrapKey",
-@@ -317,6 +331,22 @@
-           .wrap.enc = alg_wrap_enc,
-           .wrap.wrp = alg_wrap_wrp,
-           .wrap.unw = alg_wrap_unw },
-+        { .kind = JOSE_HOOK_ALG_KIND_WRAP,
-+          .name = "RSA-OAEP-384",
-+          .wrap.eprm = "wrapKey",
-+          .wrap.dprm = "unwrapKey",
-+          .wrap.alg = alg_wrap_alg,
-+          .wrap.enc = alg_wrap_enc,
-+          .wrap.wrp = alg_wrap_wrp,
-+          .wrap.unw = alg_wrap_unw },
-+        { .kind = JOSE_HOOK_ALG_KIND_WRAP,
-+          .name = "RSA-OAEP-512",
-+          .wrap.eprm = "wrapKey",
-+          .wrap.dprm = "unwrapKey",
-+          .wrap.alg = alg_wrap_alg,
-+          .wrap.enc = alg_wrap_enc,
-+          .wrap.wrp = alg_wrap_wrp,
-+          .wrap.unw = alg_wrap_unw },
- #endif
-         {}
-     };

+ 0 - 3
debian/patches/series

@@ -1,7 +1,4 @@
 
 # cherry-picked commits. Keep in upstream's chronological order
-cherry-pick.v10-1-g198f720.fix-minor-file-leak.patch
-cherry-pick.v10-4-g9ec5bf7.add-support-for-rsa-oaep-224-rsa-oaep-384-and-rsa-oaep-512.patch
 
 # patches for upstream
-upstream.typo-fixes.patch

+ 0 - 86
debian/patches/upstream.typo-fixes.patch

@@ -1,86 +0,0 @@
-Description: Typo fixes
-Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
-Date: 2017-11-04
-Forwarded: https://github.com/latchset/jose/issues/49
-
---- a/doc/doxygen/man/man3/jose_cfg.3
-+++ b/doc/doxygen/man/man3/jose_cfg.3
-@@ -37,7 +37,7 @@
- .ti -1c
- .RI "void * \fBjose_cfg_get_err_misc\fP (jose_cfg_t *cfg)"
- .br
--.RI "Gets the miscelaneous data associated with the current error handler\&. "
-+.RI "Gets the miscellaneous data associated with the current error handler\&. "
- .ti -1c
- .RI "void \fBjose_cfg_err\fP (jose_cfg_t *cfg, uint64_t err, const char *fmt,\&.\&.\&.)"
- .br
-@@ -116,14 +116,14 @@
- .br
- \fIerr\fP The error handler function you wish to enable\&. 
- .br
--\fImisc\fP The miscelaneous data you wish to pass to the error handler\&. 
-+\fImisc\fP The miscellaneous data you wish to pass to the error handler\&. 
- .RE
- .PP
- 
- .SS "void* jose_cfg_get_err_misc (jose_cfg_t * cfg)"
- 
- .PP
--Gets the miscelaneous data associated with the current error handler\&. 
-+Gets the miscellaneous data associated with the current error handler\&. 
- .PP
- \fBParameters:\fP
- .RS 4
-@@ -132,7 +132,7 @@
- .PP
- \fBReturns:\fP
- .RS 4
--The miscelaneous data associated with the error handler\&. 
-+The miscellaneous data associated with the error handler\&. 
- .RE
- .PP
- 
---- a/doc/doxygen/man/man3/jose_jwe.3
-+++ b/doc/doxygen/man/man3/jose_jwe.3
-@@ -146,7 +146,7 @@
- .fi
- .PP
- .PP
--In all the above examples, parameters like which encryption algorithms to use were inferred from our keys\&. Where such an inferrence cannot be made, sensible and secure defaults were chosen automatically\&. If you would like more control over the process, simply set parameters in the appropriate objects (more on this in the function documentation)\&. For example, to enable plaintext compression, you can specify the \fCzip\fP property in the JWE Protected Header: 
-+In all the above examples, parameters like which encryption algorithms to use were inferred from our keys\&. Where such an inference cannot be made, sensible and secure defaults were chosen automatically\&. If you would like more control over the process, simply set parameters in the appropriate objects (more on this in the function documentation)\&. For example, to enable plaintext compression, you can specify the \fCzip\fP property in the JWE Protected Header: 
- .PP
- .nf
- json_t *enc(void *plaintext, size_t len, json_t *jwkset) {
---- a/jose/cfg.h
-+++ b/jose/cfg.h
-@@ -98,16 +98,16 @@
-  *
-  * \param cfg  The configuration context.
-  * \param err  The error handler function you wish to enable.
-- * \param misc The miscelaneous data you wish to pass to the error handler.
-+ * \param misc The miscellaneous data you wish to pass to the error handler.
-  */
- void
- jose_cfg_set_err_func(jose_cfg_t *cfg, jose_cfg_err_t *err, void *misc);
- 
- /**
-- * Gets the miscelaneous data associated with the current error handler.
-+ * Gets the miscellaneous data associated with the current error handler.
-  *
-  * \param cfg  The configuration context.
-- * \return     The miscelaneous data associated with the error handler.
-+ * \return     The miscellaneous data associated with the error handler.
-  */
- void *
- jose_cfg_get_err_misc(jose_cfg_t *cfg);
---- a/jose/jwe.h
-+++ b/jose/jwe.h
-@@ -107,7 +107,7 @@
-  *     }
-  *
-  * In all the above examples, parameters like which encryption algorithms to
-- * use were inferred from our keys. Where such an inferrence cannot be made,
-+ * use were inferred from our keys. Where such an inference cannot be made,
-  * sensible and secure defaults were chosen automatically. If you would like
-  * more control over the process, simply set parameters in the appropriate
-  * objects (more on this in the function documentation). For example,