pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #9351 from offlinehacker/pkgs/xca/update/1.3.0

xca: Update to 1.3.0

Jaka Hudoklin 5c91812c bb708a5d

options
unified split
Changed files
+2 -67
pkgs
applications
misc
xca
0001-Fix-for-openssl-1.0.1i.patch
default.nix
-57
pkgs/applications/misc/xca/0001-Fix-for-openssl-1.0.1i.patch 
···

       
1

       

       
-

       
From abd9d530776e8bb6d8f05312fc3ae3044796139c Mon Sep 17 00:00:00 2001


     

       
2

       

       
-

       
From: Oliver Winker <oliver@oli1170.net>


     

       
3

       

       
-

       
Date: Tue, 12 Aug 2014 19:08:05 +0200


     

       
4

       

       
-

       
Subject: [PATCH] Fix for openssl 1.0.1i


     

       
5

       

       
-

       



     

       
6

       

       
-

       
Fixes following application error


     

       
7

       

       
-

       
---


     

       
8

       

       
-

       
Errors


     

       
9

       

       
-

       
error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error


     

       
10

       

       
-

       
---


     

       
11

       

       
-

       



     

       
12

       

       
-

       
Due to openssl 1.0.1i change:


     

       
13

       

       
-

       
---


     

       
14

       

       
-

       
commit 03b04ddac162c7b7fa3c57eadccc5a583a00d291


     

       
15

       

       
-

       
Author: Emilia Kasper <emilia@openssl.org>


     

       
16

       

       
-

       
Date:   Wed Jul 2 19:02:33 2014 +0200


     

       
17

       

       
-

       



     

       
18

       

       
-

       
    Fix OID handling:


     

       
19

       

       
-

       



     

       
20

       

       
-

       
    - Upon parsing, reject OIDs with invalid base-128 encoding.


     

       
21

       

       
-

       
    - Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.


     

       
22

       

       
-

       



     

       
23

       

       
-

       
    CVE-2014-3508


     

       
24

       

       
-

       



     

       
25

       

       
-

       
    Reviewed-by: Dr. Stephen Henson <steve@openssl.org>


     

       
26

       

       
-

       
    Reviewed-by: Kurt Roeckx <kurt@openssl.org>


     

       
27

       

       
-

       
    Reviewed-by: Tim Hudson <tjh@openssl.org>


     

       
28

       

       
-

       
---


     

       
29

       

       
-

       
---


     

       
30

       

       
-

       
 lib/x509v3ext.cpp | 4 +++-


     

       
31

       

       
-

       
 1 file changed, 3 insertions(+), 1 deletion(-)


     

       
32

       

       
-

       



     

       
33

       

       
-

       
diff --git a/lib/x509v3ext.cpp b/lib/x509v3ext.cpp


     

       
34

       

       
-

       
index cf74c32..d94cbda 100644


     

       
35

       

       
-

       
--- a/lib/x509v3ext.cpp


     

       
36

       

       
-

       
+++ b/lib/x509v3ext.cpp


     

       
37

       

       
-

       
@@ -27,6 +27,8 @@ x509v3ext::x509v3ext(const X509_EXTENSION *n)


     

       
38

       

       
-

       
 x509v3ext::x509v3ext(const x509v3ext &n)


     

       
39

       

       
-

       
 {


     

       
40

       

       
-

       
 	ext = NULL;


     

       
41

       

       
-

       
+	if (!n.isValid())


     

       
42

       

       
-

       
+		return;


     

       
43

       

       
-

       
 	set(n.ext);


     

       
44

       

       
-

       
 }


     

       
45

       

       
-

       
 


     

       
46

       

       
-

       
@@ -743,7 +745,7 @@ X509_EXTENSION *x509v3ext::get() const


     

       
47

       

       
-

       
 


     

       
48

       

       
-

       
 bool x509v3ext::isValid() const


     

       
49

       

       
-

       
 {


     

       
50

       

       
-

       
-	return ext->value->length > 0 &&


     

       
51

       

       
-

       
+	return ext && ext->value && ext->value->length > 0 &&


     

       
52

       

       
-

       
 		OBJ_obj2nid(ext->object) != NID_undef;


     

       
53

       

       
-

       
 }


     

       
54

       

       
-

       
 


     

       
55

       

       
-

       
-- 


     

       
56

       

       
-

       
2.0.1


     

       
57

       

       
-
+2 -10
pkgs/applications/misc/xca/default.nix 
···

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
stdenv.mkDerivation rec {


     

       
4

       
4

       
 

       
  name = "xca-${version}";


     

       
5

       

       
-

       
  version = "0.9.3";


     

       

       
5

       
+

       
  version = "1.3.0";


     

       
6

       
6

       
 

       



     

       
7

       
7

       
 

       
  src = fetchurl {


     

       
8

       
8

       
 

       
    url = "mirror://sourceforge/xca/${name}.tar.gz";


     

       
9

       

       
-

       
    sha256 = "1fn6kh8mdy65rrgjif7j9wn3mxg1mrrcnhzpi86hfy24ic6bahk8";


     

       

       
9

       
+

       
    sha256 = "0k21d4lfkn0nlj8az6067dmc5dgy5cidspljagmh5frsv576wnzg";


     

       
10

       
10

       
 

       
  };


     

       
11

       

       
-

       



     

       
12

       

       
-

       
  patches = [ ./0001-Fix-for-openssl-1.0.1i.patch ];


     

       
13

       

       
-

       



     

       
14

       

       
-

       
  configurePhase = ''


     

       
15

       

       
-

       
    export PATH=$PATH:${which}/bin


     

       
16

       

       
-

       
    export QTDIR=${qt4}


     

       
17

       

       
-

       
    prefix=$out ./configure ${openssl} ${libtool}


     

       
18

       

       
-

       
  '';


     

       
19

       
11

       
 

       



     

       
20

       
12

       
 

       
  postInstall = ''


     

       
21

       
13

       
 

       
    wrapProgram "$out/bin/xca" \