diff options
author | Adriaan de Groot <adridg@FreeBSD.org> | 2021-04-11 23:38:59 +0000 |
---|---|---|
committer | Adriaan de Groot <adridg@FreeBSD.org> | 2021-04-12 09:14:53 +0000 |
commit | 0400c882914a168367eb67680d215563a5836029 (patch) | |
tree | 6a80aecfa3d0d3837ab09b81991a328d9f8a64ca | |
parent | f34213df16160014b473ddb3f69e8acd10188d2f (diff) | |
download | ports-0400c882914a168367eb67680d215563a5836029.tar.gz ports-0400c882914a168367eb67680d215563a5836029.zip |
devel/libzrtpcpp: mark BROKEN
Does not compile on the cluster or 13- locally, because base SSL:
hmac384.cpp:56:14: error: variable has incomplete type 'HMAC_CTX' (aka 'hmac_ctx_st')
HMAC_CTX ctx;
/usr/include/openssl/ossl_typ.h:102:16: note: forward declaration of 'hmac_ctx_st'
typedef struct hmac_ctx_st HMAC_CTX;
There is no definition of that type anywhere in /usr/include.
The only consumer of this library is -- or was -- net/opal,
and the use of this library was .if 0'ed out. Remove that
non-use of the library as well.
The library should also be marked BROKEN because the code is, well,
broken. Clang rightfully complains:
ZrtpPacketCommit.h:124:42: warning: 'memcpy' will always overflow; destination buffer has size 0, but size argument is 8 [-Wfortify-source]
void setHMACMulti(uint8_t* hash) { memcpy(commitHeader->hmac-4*ZRTP_WORD_SIZE, hash, sizeof(commitHeader->hmac)); };
ZrtpQueue.cpp:147:9: warning: 'delete' applied to a pointer that was allocated with 'new[]'; did you mean 'delete[]'? [-Wmismatched-new-delete]
delete buffer;
ZrtpQueue.cpp:144:29: note: allocated with 'new[]' here
unsigned char* buffer = new unsigned char[nextSize];
The first warning is *possibly* spurious: it's doing memcpy() into
a struct intended for bit-banging, and is overwriting part of a
previous field. Since there's no member there, there's no size
information for fortify-source to use.
The other two warnings are plain old UB, they were UB when this
library was last released / updated in 2013, they're still UB, now.
There **are** newer releases of this project, but not entirely under
the GNU banner; https://github.com/wernerd/ZRTPCPP seems to be the
right source for that, but I'm not going to chase updating this.
-rw-r--r-- | devel/libzrtpcpp/Makefile | 3 | ||||
-rw-r--r-- | net/opal/Makefile | 13 |
2 files changed, 2 insertions, 14 deletions
diff --git a/devel/libzrtpcpp/Makefile b/devel/libzrtpcpp/Makefile index bc831bccc73a..d81844438067 100644 --- a/devel/libzrtpcpp/Makefile +++ b/devel/libzrtpcpp/Makefile @@ -9,6 +9,8 @@ MASTER_SITES= GNU/ccrtp MAINTAINER= acm@FreeBSD.org COMMENT= ZRTP extension for GNU ccRTP +BROKEN= incompatible with current SSL, bad C++ code + LIB_DEPENDS= libccrtp.so:devel/ccrtp \ libgcrypt.so:security/libgcrypt @@ -20,7 +22,6 @@ CMAKE_ARGS+= -DBUILD_SHARED_LIBS:BOOL=ON \ CXXFLAGS+= -I${LOCALBASE}/include -I${OPENSSLINC} LDFLAGS+= -L${LOCALBASE}/lib -L${OPENSSLLIB} USE_LDCONFIG= yes -CONFLICTS_BUILD=libzrtpcppcore post-patch: @${FIND} ${WRKSRC}/src -type f | ${XARGS} ${REINPLACE_CMD} -i "" \ diff --git a/net/opal/Makefile b/net/opal/Makefile index ec2256f232bb..396faed4736b 100644 --- a/net/opal/Makefile +++ b/net/opal/Makefile @@ -24,13 +24,11 @@ LDFLAGS+= -L${LOCALBASE}/lib OPTIONS_DEFINE= JAVA CELT ILBC GSM SPEEX THEORA FFMPEG X264 SIP H323 IAX \ H224 H281 FAX MSRP SIPIM RTPTEXT H450 H460 H501 LID UVIDEO \ AEC DEBUG RUBY -# ZRTP # MSRP = plist extra line vpd? # RTPTEXT disable == build fail, so make it default? OPTIONS_DEFAULT=CELT GSM SPEEX FFMPEG X264 SIP H224 H281 FAX MSRP SIPIM \ RTPTEXT LID AEC DEBUG_DESC= Install debug library -ZRTP_DESC= ZRTP protocol support JAVA_DESC= Java JNI support RUBY_DESC= Ruby support CELT_DESC= Celt codec from ports @@ -78,18 +76,7 @@ ALL_TARGET= opt PLIST_SUB+= DEBUG="@comment " .endif -# libzrtpcpp uses port ssl, which will conflict with this port since we use -# base ssl. -#.if ${PORT_OPTIONS:MZRTP} -.if 0 -.if !defined(SAFE_ZRTP) -IGNORE= please build devel/libzrtpcpp WITHOUT ports SSL and re-run build with SAFE_ZRTP set -.endif -LIB_DEPENDS+= libzrtpcpp.so:devel/libzrtpcpp -CONFIGURE_ARGS+= --enable-zrtp -.else CONFIGURE_ARGS+= --disable-zrtp -.endif .if ${PORT_OPTIONS:MGSM} LIB_DEPENDS+= libgsm.so:audio/gsm |