Revision bump. Fix the RSA Security issue. Per bug #258011.

(Portage version: 2.2_rc23/cvs/Linux x86_64)
author: Tomas Chvatal <scarabeus@gentoo.org> 2009-02-16 19:48:26 +0000
committer: Tomas Chvatal <scarabeus@gentoo.org> 2009-02-16 19:48:26 +0000
commit: 1d8e739d429eeb7089f484e9bbcd258deedbdeeb (patch)
tree: 9f89f33ff41658e1edada91c2e7ff38152bb36a9 /sci-misc
parent: Automated update of use.local.desc (diff)
download: gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.tar.gz
gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.tar.bz2
gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.zip
3 files changed, 89 insertions, 2 deletions
diff --git a/sci-misc/boinc/ChangeLog b/sci-misc/boinc/ChangeLog
index 800db92321d5..8710b4dabe82 100644
--- a/sci-misc/boinc/ChangeLog
+++ b/sci-misc/boinc/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sci-misc/boinc
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-misc/boinc/ChangeLog,v 1.52 2009/02/13 16:42:41 ranger Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-misc/boinc/ChangeLog,v 1.53 2009/02/16 19:48:25 scarabeus Exp $
+
+*boinc-6.4.5-r1 (16 Feb 2009)
+
+  16 Feb 2009; Tomas Chvatal <scarabeus@gentoo.org>
+  +files/6.4.5-RSA_security.patch, -boinc-6.4.5.ebuild,
+  +boinc-6.4.5-r1.ebuild:
+  Revision bump. Fix the RSA Security issue. Per bug #258011.
 
   13 Feb 2009; Brent Baude <ranger@gentoo.org> boinc-6.4.5.ebuild:
   Marking boinc-6.4.5 ~ppc64 for bug 255156
diff --git a/sci-misc/boinc/boinc-6.4.5.ebuild b/sci-misc/boinc/boinc-6.4.5-r1.ebuild
index 8a1b6cc2f716..2bb484f141c8 100644
--- a/sci-misc/boinc/boinc-6.4.5.ebuild
+++ b/sci-misc/boinc/boinc-6.4.5-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2009 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-misc/boinc/boinc-6.4.5.ebuild,v 1.3 2009/02/13 16:42:41 ranger Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-misc/boinc/boinc-6.4.5-r1.ebuild,v 1.1 2009/02/16 19:48:25 scarabeus Exp $
 
 #
 # Don't forget to keep things in sync with binary boinc package!
@@ -51,6 +51,8 @@ src_prepare() {
 	cp /etc/ssl/certs/ca-certificates.crt "${S}"/curl/ca-bundle.crt
 	# copy icons to correct location
 	cp "${S}"/sea/*.png "${S}"/clientgui/res/
+	# RSA Security bug fix. Per bug #258011
+	epatch "${FILESDIR}"/${PV}-RSA_security.patch
 	# fix stripping
 	## TODO
 }
diff --git a/sci-misc/boinc/files/6.4.5-RSA_security.patch b/sci-misc/boinc/files/6.4.5-RSA_security.patch
new file mode 100644
index 000000000000..1f10ae467fe8
--- /dev/null
+++ b/sci-misc/boinc/files/6.4.5-RSA_security.patch
@@ -0,0 +1,78 @@
+--- boinc-6.4.5/lib/crypt.cpp	2009-02-15 05:27:43.284347370 +0100
++++ boinc-6.4.5/lib/crypt.cpp	2009-02-15 05:31:25.554348346 +0100
+@@ -243,7 +243,7 @@
+ // The output block must be decrypted in its entirety.
+ //
+ int encrypt_private(R_RSA_PRIVATE_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) {
+-    int n, modulus_len;
++    int n, modulus_len, retval;
+ 
+     modulus_len = (key.bits+7)/8;
+     n = in.len;
+@@ -252,17 +252,27 @@
+     }
+     RSA* rp = RSA_new();
+     private_to_openssl(key, rp);
+-    RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING);
++    retval = RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING);
++    if (retval < 0) {
++        RSA_free(rp);
++        return ERR_CRYPTO;
++    }
+     out.len = RSA_size(rp);
+     RSA_free(rp);
+     return 0;
+ }
+ 
+ int decrypt_public(R_RSA_PUBLIC_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) {
++    int retval;
+     RSA* rp = RSA_new();
+     public_to_openssl(key, rp);
+-    RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING);
++    retval = RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING);
++    if (retval < 0) {
++        RSA_free(rp);
++        return ERR_CRYPTO;
++    }
+     out.len = RSA_size(rp);
++    RSA_free(rp);
+     return 0;
+ }
+ 
+@@ -684,4 +694,4 @@
+     return verified;
+ }
+ 
+-const char *BOINC_RCSID_4f0c2e42ea = "$Id: 6.4.5-RSA_security.patch,v 1.1 2009/02/16 19:48:26 scarabeus Exp $";
++const char *BOINC_RCSID_4f0c2e42ea = "$Id: 6.4.5-RSA_security.patch,v 1.1 2009/02/16 19:48:26 scarabeus Exp $";
+
+
+--- boinc-6.4.5/lib/str_util.cpp        2009-02-15 05:27:43.292347379 +0100
++++ boinc-6.4.5/lib/str_util.cpp        2009-02-15 05:31:25.560347422 +0100
+@@ -735,6 +735,7 @@
+         case ERR_RMDIR: return "rmdir() failed";
+         case ERR_SYMLINK: return "symlink() failed";
+         case ERR_DB_CONN_LOST: return "DB connection lost during enumeration";
++        case ERR_CRYPTO: return "encryption error";
+         case 404: return "HTTP file not found";
+         case 407: return "HTTP proxy authentication failure";
+         case 416: return "HTTP range request error";
+@@ -876,4 +877,4 @@
+     return retval;
+ }
+
+-const char *BOINC_RCSID_ab90e1e = "$Id: 6.4.5-RSA_security.patch,v 1.1 2009/02/16 19:48:26 scarabeus Exp $";
++const char *BOINC_RCSID_ab90e1e = "$Id: 6.4.5-RSA_security.patch,v 1.1 2009/02/16 19:48:26 scarabeus Exp $";
+
+
+--- boinc-6.4.5/lib/error_numbers.h     2009-02-15 05:27:43.290347301 +0100
++++ boinc-6.4.5/lib/error_numbers.h     2009-02-15 05:31:25.558348407 +0100
+@@ -185,6 +185,7 @@
+ #define ERR_RMDIR           -227
+ #define ERR_SYMLINK         -229
+ #define ERR_DB_CONN_LOST    -230
++#define ERR_CRYPTO          -231
+
+ // PLEASE: add a text description of your error to
+ // the text description function boincerror() in str_util.C.
+
author	Tomas Chvatal <scarabeus@gentoo.org>	2009-02-16 19:48:26 +0000
committer	Tomas Chvatal <scarabeus@gentoo.org>	2009-02-16 19:48:26 +0000
commit	1d8e739d429eeb7089f484e9bbcd258deedbdeeb (patch)
tree	9f89f33ff41658e1edada91c2e7ff38152bb36a9 /sci-misc
parent	Automated update of use.local.desc (diff)
download	gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.tar.gz gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.tar.bz2 gentoo-2-1d8e739d429eeb7089f484e9bbcd258deedbdeeb.zip