Re: scrypt homepage fix
On Mon, Mar 27, 2023 at 09:48:37AM -0700, Jared Harper wrote: > As of right now, the website redirects incorrectly: > > ~% curl -I https://www.tarsnap.com/scrypt/ > HTTP/1.1 301 Moved Permanently > Date: Mon, 27 Mar 2023 15:12:55 GMT > Server: Apache/2.4.55 (FreeBSD) > Location: http://www.tarsnap.com:8080/scrypt.html > Content-Type: text/html; charset=iso-8859-1 > > Note that it redirects to port 8080 which is not exposed publicly. > > Interestingly, port 80 does not have this issue: > > ~% curl -I http://www.tarsnap.com/scrypt/ > HTTP/1.1 301 Moved Permanently > Date: Mon, 27 Mar 2023 15:13:06 GMT > Server: Apache/2.4.55 (FreeBSD) > Location: http://www.tarsnap.com/scrypt.html > Content-Type: text/html; charset=iso-8859-1 > Thanks. I'll fix this post unlock. > Index: security/scrypt//Makefile > === > RCS file: /cvs/ports/security/scrypt/Makefile,v > retrieving revision 1.13 > diff -u -p -r1.13 Makefile > --- security/scrypt//Makefile11 Mar 2022 19:54:02 -1.13 > +++ security/scrypt//Makefile27 Mar 2023 16:41:13 - > @@ -6,7 +6,7 @@ SHARED_LIBS += scrypt-kdf > > CATEGORIES =security > > -HOMEPAGE =https://www.tarsnap.com/scrypt/ > +HOMEPAGE =https://www.tarsnap.com/scrypt.html > > # BSD > PERMIT_PACKAGE =Yes >
scrypt homepage fix
As of right now, the website redirects incorrectly: ~% curl -I https://www.tarsnap.com/scrypt/ HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 15:12:55 GMT Server: Apache/2.4.55 (FreeBSD) Location: http://www.tarsnap.com:8080/scrypt.html Content-Type: text/html; charset=iso-8859-1 Note that it redirects to port 8080 which is not exposed publicly. Interestingly, port 80 does not have this issue: ~% curl -I http://www.tarsnap.com/scrypt/ HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 15:13:06 GMT Server: Apache/2.4.55 (FreeBSD) Location: http://www.tarsnap.com/scrypt.html Content-Type: text/html; charset=iso-8859-1 Index: security/scrypt//Makefile === RCS file: /cvs/ports/security/scrypt/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- security/scrypt//Makefile11 Mar 2022 19:54:02 -1.13 +++ security/scrypt//Makefile27 Mar 2023 16:41:13 - @@ -6,7 +6,7 @@ SHARED_LIBS +=scrypt-kdf CATEGORIES =security -HOMEPAGE =https://www.tarsnap.com/scrypt/ +HOMEPAGE =https://www.tarsnap.com/scrypt.html # BSD PERMIT_PACKAGE =Yes
[UPDATE] security/py-scrypt to 0.8.20
Update from 0.8.18 to 0.8.20
Dropped REVISION
From Changelog since 0.8.18:
0.8.20
Fix #8 by adding missing gettimeofday.c to MANIFEST.in
0.8.19
Use RtlGenRandom instead of CryptGenRandom on windows (Thanks to
https://github.com/veorq/cryptocoding/)
Add check for c:Program FilesOpenSSL-Win64 and c:Program
FilesOpenSSL-Win32
thanks
gIndex: py-scrypt//Makefile
===
RCS file: /cvs/ports/security/py-scrypt/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- py-scrypt//Makefile 11 Mar 2022 19:53:58 - 1.10
+++ py-scrypt//Makefile 13 Jun 2022 00:49:22 -
@@ -1,7 +1,6 @@
COMMENT = support for the scrypt key derivation function
-MODPY_EGG_VERSION = 0.8.18
-REVISION = 2
+MODPY_EGG_VERSION = 0.8.20
DISTNAME = scrypt-${MODPY_EGG_VERSION}
PKGNAME = py-${DISTNAME}
Index: py-scrypt//distinfo
===
RCS file: /cvs/ports/security/py-scrypt/distinfo,v
retrieving revision 1.3
diff -u -p -r1.3 distinfo
--- py-scrypt//distinfo 15 Jul 2021 17:06:27 - 1.3
+++ py-scrypt//distinfo 13 Jun 2022 00:49:22 -
@@ -1,2 +1,2 @@
-SHA256 (scrypt-0.8.18.tar.gz) = vPBCV68S5tUpdNF3p7COMUtm81CnP5tveyMtaaah4EE=
-SIZE (scrypt-0.8.18.tar.gz) = 56651
+SHA256 (scrypt-0.8.20.tar.gz) = DSJsHGdE+y4wizkUEGabHfXP6CY3/8te1Im/grLS63g=
+SIZE (scrypt-0.8.20.tar.gz) = 55874
Re: security/py-scrypt: missing WANTLIB
> The following diff adds WANTLIB to help the port to update for the > next bump. ok tb
security/py-scrypt: missing WANTLIB
Hi,
It seems that security/py-scrypt has missing WANTLIB for system shared
library. Currently, it doesn't have any WANTLIB, but it is a c module
which depends on crypto and pthread.
With the recent crypto bump, it fails to run:
$ python3 -c 'from scrypt import hash'
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python3.9/site-packages/scrypt/__init__.py", line 1, in
from .scrypt import *
File "/usr/local/lib/python3.9/site-packages/scrypt/scrypt.py", line 24, in
_scrypt = cdll.LoadLibrary(importlib.util.find_spec('_scrypt').origin)
File "/usr/local/lib/python3.9/ctypes/__init__.py", line 452, in LoadLibrary
return self._dlltype(name)
File "/usr/local/lib/python3.9/ctypes/__init__.py", line 374, in __init__
self._handle = _dlopen(self._name, mode)
OSError: Cannot load specified object
$ readelf -d /usr/local/lib/python3.9/site-packages/_scrypt.cpython-39.so
Dynamic section at offset 0x8c78 contains 19 entries:
TagType Name/Value
0x0001 (NEEDED) Shared library: [libcrypto.so.48.0]
0x0001 (NEEDED) Shared library: [libpthread.so.26.1]
0x0007 (RELA) 0x1130
0x0008 (RELASZ) 312 (bytes)
0x0009 (RELAENT)24 (bytes)
0x6ff9 (RELACOUNT) 7
0x0017 (JMPREL) 0x1268
0x0002 (PLTRELSZ) 1344 (bytes)
0x0003 (PLTGOT) 0xade0
0x0014 (PLTREL) RELA
0x0006 (SYMTAB) 0x2c0
0x000b (SYMENT) 24 (bytes)
0x0005 (STRTAB) 0xcf8
0x000a (STRSZ) 1079 (bytes)
0x6ef5 (GNU_HASH) 0x998
0x0004 (HASH) 0xaa8
0x000c (INIT) 0x9360
0x000d (FINI) 0x9370
0x (NULL) 0x0
The following diff adds WANTLIB to help the port to update for the
next bump.
Comments or OK ?
--
Sebastien Marie
diff daa95d7360cadc2e078e2af54ae83d80339b29e8 /home/semarie/repos/openbsd/ports
blob - 4c68b7a14b82a97691ee56d7f6b210aad18479f8
file + security/py-scrypt/Makefile
--- security/py-scrypt/Makefile
+++ security/py-scrypt/Makefile
@@ -3,7 +3,7 @@
COMMENT = support for the scrypt key derivation function
MODPY_EGG_VERSION =0.8.18
-REVISION = 1
+REVISION = 2
DISTNAME = scrypt-${MODPY_EGG_VERSION}
PKGNAME = py-${DISTNAME}
@@ -15,6 +15,8 @@ HOMEPAGE =http://bitbucket.org/mhallin/py-scrypt
# BSD
PERMIT_PACKAGE = Yes
+WANTLIB += crypto pthread
+
MODULES = lang/python
MODPY_PI = Yes
Re: [Update] security/py-scrypt : Update to 0.8.17
On Wed, Feb 10, 2021 at 01:27:28PM +, Charlene Wendling wrote: > Here is a patch for security/py-scrypt: > i) Update to 0.8.17 > ii) Switch to python3 > It build well and pass all tests on amd64-6.8 system. > > Only one port depends on it, security/py-passlib, build > well pass test with this patch too. You also need to remove the unflavored py-scrypt line from security/Makefile and add a quirks for py-scrypt -> py3->script which will require a @pkgpath marker for the Python 2 PKGPATH in PLIST. With that OK kn
[Update] security/py-scrypt : Update to 0.8.17
Hi, ports@:
Here is a patch for security/py-scrypt:
i) Update to 0.8.17
ii) Switch to python3
It build well and pass all tests on amd64-6.8 system.
Only one port depends on it, security/py-passlib, build
well pass test with this patch too.
wen
Index: Makefile
===
RCS file: /cvs/ports/security/py-scrypt/Makefile,v
retrieving revision 1.3
diff -u -p -r1.3 Makefile
--- Makefile4 Jan 2021 14:06:37 - 1.3
+++ Makefile10 Feb 2021 13:20:55 -
@@ -2,11 +2,10 @@
COMMENT = support for the scrypt key derivation function
-MODPY_EGG_VERSION =0.8.13
+MODPY_EGG_VERSION =0.8.17
DISTNAME = scrypt-${MODPY_EGG_VERSION}
PKGNAME = py-${DISTNAME}
-REVISION = 1
CATEGORIES = security
@@ -21,6 +20,6 @@ MODPY_PI =Yes
MODPY_SETUPTOOLS = Yes
FLAVORS = python3
-FLAVOR ?=
+FLAVOR = python3
.include
Index: distinfo
===
RCS file: /cvs/ports/security/py-scrypt/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo23 Nov 2019 15:10:06 - 1.1.1.1
+++ distinfo10 Feb 2021 13:20:55 -
@@ -1,2 +1,2 @@
-SHA256 (scrypt-0.8.13.tar.gz) = E3exrcmMQVJpS/XX6TtBqdLpBgr2m3R8+tjJOsQm+eo=
-SIZE (scrypt-0.8.13.tar.gz) = 53606
+SHA256 (scrypt-0.8.17.tar.gz) = JbUHXyI4vpOvHNV0VApeoBuFR/m2eKpy0i/OIld0dew=
+SIZE (scrypt-0.8.17.tar.gz) = 56638
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/py-scrypt/pkg/PLIST,v
retrieving revision 1.2
diff -u -p -r1.2 PLIST
--- pkg/PLIST 4 Jan 2021 14:06:37 - 1.2
+++ pkg/PLIST 10 Feb 2021 13:20:55 -
@@ -11,3 +11,17 @@ ${MODPY_COMMENT}lib/python${MODPY_VERSIO
lib/python${MODPY_VERSION}/site-packages/scrypt/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc
lib/python${MODPY_VERSION}/site-packages/scrypt/${MODPY_PYCACHE}scrypt.${MODPY_PYC_MAGIC_TAG}pyc
lib/python${MODPY_VERSION}/site-packages/scrypt/scrypt.py
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/__init__.py
+${MODPY_COMMENT}lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}/
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_c_module.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_py2x.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_py3x.${MODPY_PYC_MAGIC_TAG}pyc
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/ciphertexts.csv
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/hashvectors.csv
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt.py
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_c_module.py
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_py2x.py
+lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_py3x.py
Re: UPDATE security/scrypt
Björn Ketelaars wrote: > On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > > Björn Ketelaars wrote: > > > > - When estimating the amount of available RAM, scrypt ignores > > > > RLIMIT_DATA on systems which have mmap. > > > > > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > > > patch this out in the meantime. > > > > Although I'm not doubting that you are right, I fail to understand why > > ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > > > I prepared a patch, which: > > - addresses ignoring RLIMIT DATA, reverting > > > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > > - fixes compiling on base-gcc archs (found by kmos@) > > > > OK? > > Ping... > > Diff below for your convenience. oh, patch looks good to me, fwiw.
Re: UPDATE security/scrypt
On Sun, 12 Jan 2020 15:38:21 +0100
Björn Ketelaars wrote:
> On Thu 02/01/2020 06:27, Björn Ketelaars wrote:
> > On Wed 01/01/2020 23:03, Ted Unangst wrote:
> > > Björn Ketelaars wrote:
> > > > - When estimating the amount of available RAM, scrypt ignores
> > > > RLIMIT_DATA on systems which have mmap.
> > >
> > > This is wrong on OpenBSD. I sent an email to Colin, but the
> > > update should patch this out in the meantime.
> >
> > Although I'm not doubting that you are right, I fail to understand
> > why ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why?
> >
> > I prepared a patch, which:
> > - addresses ignoring RLIMIT DATA, reverting
> >
> > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
> > - fixes compiling on base-gcc archs (found by kmos@)
> >
> > OK?
It builds and works fine on powerpc (i tried with low limits as well).
COMPILER_LANGS values are by convention in lowercase. If you wonder,
it's still working fine uppercase :)
OK cwen@ either way
> Diff below for your convenience.
>
> diff --git Makefile Makefile
> index 31dc84c3443..04b73ef02b3 100644
> --- Makefile
> +++ Makefile
> @@ -3,6 +3,7 @@
> COMMENT =command-line encryption using scrypt key derivation
> function
> DISTNAME = scrypt-1.3.0
> +REVISION = 0
>
> SHARED_LIBS += scrypt-kdf0.0 # 1.0
>
> @@ -18,6 +19,9 @@ WANTLIB = c crypto
> MASTER_SITES = ${HOMEPAGE}
> EXTRACT_SUFX = .tgz
>
>
> +COMPILER = base-clang ports-gcc
> +COMPILER_LANGS = C
> +
> CONFIGURE_STYLE =gnu
> CONFIGURE_ARGS = --enable-libscrypt-kdf
>
> diff --git patches/patch-lib_util_memlimit_c
> patches/patch-lib_util_memlimit_c new file mode 100644
> index 000..788724aa76e
> --- /dev/null
> +++ patches/patch-lib_util_memlimit_c
> @@ -0,0 +1,24 @@
> +$OpenBSD$
> +
> +Do not ignore RLIMIT_DATA on OpenBSD. Revert
> +https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
> +
> +Index: lib/util/memlimit.c
> +--- lib/util/memlimit.c.orig
> lib/util/memlimit.c
> +@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit)
> + memrlimit = (uint64_t)rl.rlim_cur;
> + #endif
> +
> +-#ifndef HAVE_MMAP
> +-/* ... RLIMIT_DATA (if we're not using mmap)... */
> ++/* ... RLIMIT_DATA... */
> + if (getrlimit(RLIMIT_DATA, &rl))
> + return (1);
> + if ((rl.rlim_cur != RLIM_INFINITY) &&
> + ((uint64_t)rl.rlim_cur < memrlimit))
> + memrlimit = (uint64_t)rl.rlim_cur;
> +-#endif
> +
> + /* ... and RLIMIT_RSS. */
> + #ifdef RLIMIT_RSS
>
Re: UPDATE security/scrypt
On Sun 12/01/2020 15:38, Björn Ketelaars wrote: > On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > > Björn Ketelaars wrote: > > > > - When estimating the amount of available RAM, scrypt ignores > > > > RLIMIT_DATA on systems which have mmap. > > > > > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > > > patch this out in the meantime. > > > > Although I'm not doubting that you are right, I fail to understand why > > ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > > > I prepared a patch, which: > > - addresses ignoring RLIMIT DATA, reverting > > > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > > - fixes compiling on base-gcc archs (found by kmos@) > > > > OK? > > Ping... Oops, forgot to mention the following: Following https://github.com/Tarsnap/scrypt/issues/226: Without patch: $ ulimit -d 123456 $ scrypt enc -v Makefile Makefile.enc Please enter passphrase: Please confirm passphrase: Parameters used: N = 262144; r = 8; p = 1; This requires at least 268 MB bytes of memory (995 MB available), and will take approximately 0.4 seconds (limit: 5.0 seconds). scrypt: Error computing derived key: Cannot allocate memory With patch: $ ulimit -d 123456 $ scrypt enc -v Makefile Makefile.enc Please enter passphrase: Please confirm passphrase: Parameters used: N = 8192; r = 8; p = 48; This requires at least 8.3 MB bytes of memory (15 MB available), and will take approximately 0.6 seconds (limit: 5.0 seconds).
Re: UPDATE security/scrypt
On Thu 02/01/2020 06:27, Björn Ketelaars wrote:
> On Wed 01/01/2020 23:03, Ted Unangst wrote:
> > Björn Ketelaars wrote:
> > > - When estimating the amount of available RAM, scrypt ignores
> > > RLIMIT_DATA on systems which have mmap.
> >
> > This is wrong on OpenBSD. I sent an email to Colin, but the update should
> > patch this out in the meantime.
>
> Although I'm not doubting that you are right, I fail to understand why
> ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why?
>
> I prepared a patch, which:
> - addresses ignoring RLIMIT DATA, reverting
>
> https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
> - fixes compiling on base-gcc archs (found by kmos@)
>
> OK?
Ping...
Diff below for your convenience.
diff --git Makefile Makefile
index 31dc84c3443..04b73ef02b3 100644
--- Makefile
+++ Makefile
@@ -3,6 +3,7 @@
COMMENT = command-line encryption using scrypt key derivation function
DISTNAME = scrypt-1.3.0
+REVISION = 0
SHARED_LIBS += scrypt-kdf0.0 # 1.0
@@ -18,6 +19,9 @@ WANTLIB = c crypto
MASTER_SITES = ${HOMEPAGE}
EXTRACT_SUFX = .tgz
+COMPILER = base-clang ports-gcc
+COMPILER_LANGS = C
+
CONFIGURE_STYLE = gnu
CONFIGURE_ARGS = --enable-libscrypt-kdf
diff --git patches/patch-lib_util_memlimit_c patches/patch-lib_util_memlimit_c
new file mode 100644
index 000..788724aa76e
--- /dev/null
+++ patches/patch-lib_util_memlimit_c
@@ -0,0 +1,24 @@
+$OpenBSD$
+
+Do not ignore RLIMIT_DATA on OpenBSD. Revert
+https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
+
+Index: lib/util/memlimit.c
+--- lib/util/memlimit.c.orig
lib/util/memlimit.c
+@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit)
+ memrlimit = (uint64_t)rl.rlim_cur;
+ #endif
+
+-#ifndef HAVE_MMAP
+- /* ... RLIMIT_DATA (if we're not using mmap)... */
++ /* ... RLIMIT_DATA... */
+ if (getrlimit(RLIMIT_DATA, &rl))
+ return (1);
+ if ((rl.rlim_cur != RLIM_INFINITY) &&
+ ((uint64_t)rl.rlim_cur < memrlimit))
+ memrlimit = (uint64_t)rl.rlim_cur;
+-#endif
+
+ /* ... and RLIMIT_RSS. */
+ #ifdef RLIMIT_RSS
Re: UPDATE security/scrypt
On Wed 01/01/2020 23:03, Ted Unangst wrote:
> Björn Ketelaars wrote:
> > - When estimating the amount of available RAM, scrypt ignores
> > RLIMIT_DATA on systems which have mmap.
>
> This is wrong on OpenBSD. I sent an email to Colin, but the update should
> patch this out in the meantime.
Although I'm not doubting that you are right, I fail to understand why
ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why?
I prepared a patch, which:
- addresses ignoring RLIMIT DATA, reverting
https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
- fixes compiling on base-gcc archs (found by kmos@)
OK?
diff --git Makefile Makefile
index 31dc84c3443..04b73ef02b3 100644
--- Makefile
+++ Makefile
@@ -3,6 +3,7 @@
COMMENT = command-line encryption using scrypt key derivation function
DISTNAME = scrypt-1.3.0
+REVISION = 0
SHARED_LIBS += scrypt-kdf0.0 # 1.0
@@ -18,6 +19,9 @@ WANTLIB = c crypto
MASTER_SITES = ${HOMEPAGE}
EXTRACT_SUFX = .tgz
+COMPILER = base-clang ports-gcc
+COMPILER_LANGS = C
+
CONFIGURE_STYLE = gnu
CONFIGURE_ARGS = --enable-libscrypt-kdf
diff --git patches/patch-lib_util_memlimit_c patches/patch-lib_util_memlimit_c
new file mode 100644
index 000..788724aa76e
--- /dev/null
+++ patches/patch-lib_util_memlimit_c
@@ -0,0 +1,24 @@
+$OpenBSD$
+
+Do not ignore RLIMIT_DATA on OpenBSD. Revert
+https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6
+
+Index: lib/util/memlimit.c
+--- lib/util/memlimit.c.orig
lib/util/memlimit.c
+@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit)
+ memrlimit = (uint64_t)rl.rlim_cur;
+ #endif
+
+-#ifndef HAVE_MMAP
+- /* ... RLIMIT_DATA (if we're not using mmap)... */
++ /* ... RLIMIT_DATA... */
+ if (getrlimit(RLIMIT_DATA, &rl))
+ return (1);
+ if ((rl.rlim_cur != RLIM_INFINITY) &&
+ ((uint64_t)rl.rlim_cur < memrlimit))
+ memrlimit = (uint64_t)rl.rlim_cur;
+-#endif
+
+ /* ... and RLIMIT_RSS. */
+ #ifdef RLIMIT_RSS
Re: UPDATE security/scrypt
Björn Ketelaars wrote: > - When estimating the amount of available RAM, scrypt ignores > RLIMIT_DATA on systems which have mmap. This is wrong on OpenBSD. I sent an email to Colin, but the update should patch this out in the meantime.
Re: Fix security/scrypt for sparc64 (and presumably other base-gcc archs)
Hi Kurt, On Wed, 1 Jan 2020 12:46:36 -0500 Kurt Mosiejczuk wrote: > I used this (without the COMPILER_LANGS line) to fix scrypt in the > current sparc64 build. I saw I should have used COMPILER_LANGS too > after the fact. > > --Kurt I've looked at the issue on my powerpc box, it's happening because GCC-4.2.1 is not 100% C99 compliant, it seems it requires GCC>=4.3 in that case [0]. This fixes the build on powerpc as well. OK cwen@ Charlène. [0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=14050
Fix security/scrypt for sparc64 (and presumably other base-gcc archs)
I used this (without the COMPILER_LANGS line) to fix scrypt in the current
sparc64 build. I saw I should have used COMPILER_LANGS too after the fact.
--Kurt
Index: Makefile
===
RCS file: /cvs/ports/security/scrypt/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile31 Dec 2019 07:26:59 - 1.10
+++ Makefile1 Jan 2020 17:46:23 -
@@ -18,6 +18,9 @@ WANTLIB = c crypto
MASTER_SITES = ${HOMEPAGE}
EXTRACT_SUFX = .tgz
+COMPILER = base-clang ports-gcc base-gcc
+COMPILER_LANGS = c
+
CONFIGURE_STYLE = gnu
CONFIGURE_ARGS = --enable-libscrypt-kdf
UPDATE security/scrypt
Diff below brings security/scrypt to 1.3.0. Significant changes since
1.2.1 [0]:
- In addition to the scrypt command-line utility, a library
"libscrypt-kdf" can now be built and installed by passing the
--enable-libscrypt-kdf option to configure.
- On x86 CPUs which support them, RDRAND and SHA extensions are used to
provide supplemental entropy and speed up hash computations
respectively.
- When estimating the amount of available RAM, scrypt ignores
RLIMIT_DATA on systems which have mmap.
- A new command "scrypt info encfile" prints information about an
encrypted file without decrypting it.
Changes to the port:
- Build and package libscrypt-kdf.
- Change HOMEPAGE/MASTER_SITES to https.
- Enable tests.
- Set DEBUG_PACKAGES.
Testing:
'make test' runs successfully
Comments/OK?
[0] http://mail.tarsnap.com/scrypt/msg00261.html
diff --git Makefile Makefile
index 3c3a2989df8..57667e2dd9a 100644
--- Makefile
+++ Makefile
@@ -2,11 +2,13 @@
COMMENT = command-line encryption using scrypt key derivation function
-DISTNAME = scrypt-1.2.1
+DISTNAME = scrypt-1.3.0
+
+SHARED_LIBS += scrypt-kdf0.0 # 1.0
CATEGORIES = security
-HOMEPAGE = http://www.tarsnap.com/scrypt/
+HOMEPAGE = https://www.tarsnap.com/scrypt/
# BSD
PERMIT_PACKAGE = Yes
@@ -17,7 +19,10 @@ MASTER_SITES = ${HOMEPAGE}
EXTRACT_SUFX = .tgz
CONFIGURE_STYLE = gnu
+CONFIGURE_ARGS = --enable-libscrypt-kdf
+
+DEBUG_PACKAGES = ${BUILD_PACKAGES}
-NO_TEST = Yes
+TEST_TARGET = test
.include
diff --git distinfo distinfo
index 8a34c030d44..a08d6ba134c 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (scrypt-1.2.1.tgz) = RiH159ovgC4ghQQ2IZNwCS6fzak71Zj21CNszjP0xXc=
-SIZE (scrypt-1.2.1.tgz) = 127619
+SHA256 (scrypt-1.3.0.tgz) = JjA07dTR4RfUBR2akmDHTe2w769EkcUVK3OJeLPzJ0g=
+SIZE (scrypt-1.3.0.tgz) = 380332
diff --git patches/patch-tests_test_scrypt_sh patches/patch-tests_test_scrypt_sh
new file mode 100644
index 000..5ee6fb254f2
--- /dev/null
+++ patches/patch-tests_test_scrypt_sh
@@ -0,0 +1,14 @@
+$OpenBSD$
+
+Index: tests/test_scrypt.sh
+--- tests/test_scrypt.sh.orig
tests/test_scrypt.sh
+@@ -14,7 +14,7 @@ out_valgrind="${bindir}/tests-valgrind"
+ password="hunter2"
+
+ # Find system scrypt, and ensure it supports -P.
+-system_scrypt=$( find_system scrypt enc -P )
++system_scrypt=$( find_system ${scriptdir}/../scrypt enc -P )
+
+
+ ### Run tests using project-specific constants
diff --git pkg/PLIST pkg/PLIST
index 733536472a5..d6f4b7b7bec 100644
--- pkg/PLIST
+++ pkg/PLIST
@@ -1,3 +1,7 @@
@comment $OpenBSD: PLIST,v 1.1.1.1 2009/05/25 22:48:48 sthen Exp $
@bin bin/scrypt
+include/scrypt-kdf.h
+@static-lib lib/libscrypt-kdf.a
+lib/libscrypt-kdf.la
+@lib lib/libscrypt-kdf.so.${LIBscrypt-kdf_VERSION}
@man man/man1/scrypt.1
Re: NEW: security/py-scrypt
On Sat 23/11/2019 14:54, Stuart Henderson wrote: > ok to import? > > > This is a set of Python bindings for the scrypt key derivation function. > > Scrypt is useful when encrypting passwords as it is possible to specify a > *minimum* amount of time to use when encrypting and decrypting. If, for > example, a password takes 0.05 seconds to verify, a user won't notice > the slight delay when signing in, but doing a brute force search of > several billion passwords will take a considerable amount of time. This > is in contrast to more traditional hash functions such as MD5 or the SHA > family which can be implemented extremely fast on cheap hardware. > Port looks good, builds and packages, and all tests are OK. OK bket@
NEW: security/py-scrypt
ok to import? This is a set of Python bindings for the scrypt key derivation function. Scrypt is useful when encrypting passwords as it is possible to specify a *minimum* amount of time to use when encrypting and decrypting. If, for example, a password takes 0.05 seconds to verify, a user won't notice the slight delay when signing in, but doing a brute force search of several billion passwords will take a considerable amount of time. This is in contrast to more traditional hash functions such as MD5 or the SHA family which can be implemented extremely fast on cheap hardware. py-scrypt.tgz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
Hi! Here is an updated port. With a lot of help from jca@, we've managed to "persuade" (no, really, Joshua was also very-very helpful :) ) upstream to replace the base64 functions with portable ones, so it now compiles and works on strict aligned archs also. Ok? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tgz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
On p, dec 20, 2013 at 14:37:15 +0100, Jérémie Courrèges-Anglas wrote: [...] > I doubt -soname $fullversion is a good idea. But we don't need > it -soname at all. Also, duplicating information that could be present > in the port Makefile only isn't a good idea. > > Here's a tarball that uses MAKE_FLAGS to pass CC, CFLAGS and > LIBscrypt_VERSION. > > Also: > - simplify V / GH_VER usage (only GH_VER is needed) > - reorder variables to match Makefile.template > - provide a HOMEPAGE > - more info in DESCR Nice, thanks. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: NEW: libscrypt - shared library using scrypt()
LEVAI Daniel writes:
> On cs, dec 19, 2013 at 14:14:40 +0100, Jérémie Courrèges-Anglas wrote:
>> LEVAI Daniel writes:
> [...]
>> but you can keep the upstream version in the comment.
> [...]
>
> This was fixed in the last tarball.
"0" was indeed their version number, hehe. Ahem.
>> >> | @bin lib/libscrypt.so.0
>> >> | lib/libscrypt.so
>> >>
>> >> Library generation is wrong, there should be
>> >> libscrypt.so. and also either a
>> >> static library, or make the port SHARED_ONLY.. I haven't built but
>> >> I guess one of these files is a symlink and one is an incorrectly
>> >> built library.
>> >
>> > Okay, I tried to do a better job this time. The source builds a
>> > libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the
>> > lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 ->
>> > libscrypt.so.0.0
>> > I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library
>> > is correctly prefixed with @lib in the PLIST.
>>
>> Just patch the Makefile. We don't use -soname. What I'd do is ''-o
>> libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in
>> MAKE_FLAGS. The symlinks can be patched away while here.
>
> Okay, thanks! I've attached a new archive that includes these changes.
I doubt -soname $fullversion is a good idea. But we don't need
it -soname at all. Also, duplicating information that could be present
in the port Makefile only isn't a good idea.
Here's a tarball that uses MAKE_FLAGS to pass CC, CFLAGS and
LIBscrypt_VERSION.
Also:
- simplify V / GH_VER usage (only GH_VER is needed)
- reorder variables to match Makefile.template
- provide a HOMEPAGE
- more info in DESCR
libscrypt.tgz
Description: Binary data
>> This still needs SHARED_ONLY, the .a isn't installed and building it
>> should not involve -fPIC.
>>
>> PFRAG.shared can be merged in PLIST.
>
> These were also fixed in the last tarball.
Boo, tarball mixup.
> Daniel
--
jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: NEW: libscrypt - shared library using scrypt()
On cs, dec 19, 2013 at 14:14:40 +0100, Jérémie Courrèges-Anglas wrote:
> LEVAI Daniel writes:
[...]
> but you can keep the upstream version in the comment.
[...]
This was fixed in the last tarball.
> >> | @bin lib/libscrypt.so.0
> >> | lib/libscrypt.so
> >>
> >> Library generation is wrong, there should be
> >> libscrypt.so. and also either a
> >> static library, or make the port SHARED_ONLY.. I haven't built but
> >> I guess one of these files is a symlink and one is an incorrectly
> >> built library.
> >
> > Okay, I tried to do a better job this time. The source builds a
> > libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the
> > lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 ->
> > libscrypt.so.0.0
> > I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library
> > is correctly prefixed with @lib in the PLIST.
>
> Just patch the Makefile. We don't use -soname. What I'd do is ''-o
> libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in
> MAKE_FLAGS. The symlinks can be patched away while here.
Okay, thanks! I've attached a new archive that includes these changes.
> This still needs SHARED_ONLY, the .a isn't installed and building it
> should not involve -fPIC.
>
> PFRAG.shared can be merged in PLIST.
These were also fixed in the last tarball.
Daniel
--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
libscrypt.tar.gz
Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
LEVAI Daniel writes:
> On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote:
>> On 2013/12/14 18:35, LEVAI Daniel wrote:
> [...]
>>
>> | MASTER_SITES =
>> http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/
>>
>> Rather than this url query hack, please use the newer style of github
>> handling you'll see in other ports e.g. www/tt-rss.
>
> Oh blimey! I would have sweared that I saw this in devel/libgit2 (that
> pkg was even your example in [1] :) ).
I think that included the GH_VER stuff.
>>
>> | SHARED_LIBS += scrypt 1.0 # 1.0
>>
>> Library versioning for OpenBSD ports should start at 0.0.
>
> Right.
but you can keep the upstream version in the comment.
>> | @bin lib/libscrypt.so.0
>> | lib/libscrypt.so
>>
>> Library generation is wrong, there should be
>> libscrypt.so. and also either a
>> static library, or make the port SHARED_ONLY.. I haven't built but
>> I guess one of these files is a symlink and one is an incorrectly
>> built library.
>
> Okay, I tried to do a better job this time. The source builds a
> libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the
> lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 ->
> libscrypt.so.0.0
> I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library
> is correctly prefixed with @lib in the PLIST.
Just patch the Makefile. We don't use -soname. What I'd do is ''-o
libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in
MAKE_FLAGS. The symlinks can be patched away while here.
This still needs SHARED_ONLY, the .a isn't installed and building it
should not involve -fPIC.
PFRAG.shared can be merged in PLIST.
>
> [1] http://marc.info/?l=openbsd-ports&m=138588950307176&w=2
--
jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: NEW: libscrypt - shared library using scrypt()
On v, dec 15, 2013 at 11:23:22 +0100, LEVAI Daniel wrote: > On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote: > > On 2013/12/14 18:35, LEVAI Daniel wrote: > [...] [...] > Okay, I tried to do a better job this time. The source builds a [...] Ping? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: NEW: libscrypt - shared library using scrypt()
On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote:
> On 2013/12/14 18:35, LEVAI Daniel wrote:
[...]
>
> | MASTER_SITES =
> http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/
>
> Rather than this url query hack, please use the newer style of github
> handling you'll see in other ports e.g. www/tt-rss.
Oh blimey! I would have sweared that I saw this in devel/libgit2 (that
pkg was even your example in [1] :) ).
>
> | SHARED_LIBS += scrypt 1.0 # 1.0
>
> Library versioning for OpenBSD ports should start at 0.0.
Right.
> | @bin lib/libscrypt.so.0
> | lib/libscrypt.so
>
> Library generation is wrong, there should be
> libscrypt.so. and also either a
> static library, or make the port SHARED_ONLY.. I haven't built but
> I guess one of these files is a symlink and one is an incorrectly
> built library.
Okay, I tried to do a better job this time. The source builds a
libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the
lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 -> libscrypt.so.0.0
I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library
is correctly prefixed with @lib in the PLIST.
[1] http://marc.info/?l=openbsd-ports&m=138588950307176&w=2
--
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
libscrypt.tar.gz
Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
On 2013/12/14 18:35, LEVAI Daniel wrote:
> Hi!
>
> I came across this useful library.
> I could only test it on amd64, and have no idea how it behaves
> elsewhere.
> Aside from a simple patch, the build is pretty straightforward, and the
> regression test also runs smooth.
>
> libscrypt_scrypt() is very simple to use and the header file contains
> useful API docs and pre-defined values for the performance harness
> variables; all-in-all a nice complement to bcrypt_pbkdf(), I think :)
>
> Please test if you're interested.
>
>
> Thanks,
> Daniel
>
> --
> LÉVAI Dániel
> PGP key ID = 0x83B63A8F
> Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
| MASTER_SITES =
http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/
Rather than this url query hack, please use the newer style of github
handling you'll see in other ports e.g. www/tt-rss.
| SHARED_LIBS += scrypt 1.0 # 1.0
Library versioning for OpenBSD ports should start at 0.0.
| @bin lib/libscrypt.so.0
| lib/libscrypt.so
Library generation is wrong, there should be
libscrypt.so. and also either a
static library, or make the port SHARED_ONLY.. I haven't built but
I guess one of these files is a symlink and one is an incorrectly
built library.
NEW: libscrypt - shared library using scrypt()
Hi! I came across this useful library. I could only test it on amd64, and have no idea how it behaves elsewhere. Aside from a simple patch, the build is pretty straightforward, and the regression test also runs smooth. libscrypt_scrypt() is very simple to use and the header file contains useful API docs and pre-defined values for the performance harness variables; all-in-all a nice complement to bcrypt_pbkdf(), I think :) Please test if you're interested. Thanks, Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tar.gz Description: application/tar-gz
Re: [update] scrypt
On Sat, Dec 18, 2010 at 11:34:52PM +0100, Marius ROMAN wrote: >Update to scrypt 1.1.6. >Tested with mandoc(1) so I removed the line wth groff. >Tested on i386. >Encrypted / decrypted one file and works OK. > >Comments ? OK ? > >Index: security/scrypt/Makefile >=== >RCS file: /cvs/ports/security/scrypt/Makefile,v >retrieving revision 1.4 >diff -u -r1.4 Makefile >--- security/scrypt/Makefile 20 Nov 2010 17:22:45 - 1.4 >+++ security/scrypt/Makefile 18 Dec 2010 22:20:58 - >@@ -2,7 +2,7 @@ > > COMMENT = command-line encryption using scrypt key derivation function > >-DISTNAME =scrypt-1.1.4 >+DISTNAME =scrypt-1.1.6 > > CATEGORIES = security > >@@ -20,7 +20,6 @@ > EXTRACT_SUFX =.tgz > > CONFIGURE_STYLE = gnu >-USE_GROFF = Yes > > NO_REGRESS = Yes > >Index: security/scrypt/distinfo >=== >RCS file: /cvs/ports/security/scrypt/distinfo,v >retrieving revision 1.2 >diff -u -r1.2 distinfo >--- security/scrypt/distinfo 22 Jun 2009 22:51:59 - 1.2 >+++ security/scrypt/distinfo 18 Dec 2010 22:20:58 - >@@ -1,5 +1,5 @@ >-MD5 (scrypt-1.1.4.tgz) = xN+Fz9fhZa8KMG0E44vRXQ== >-RMD160 (scrypt-1.1.4.tgz) = vzpoUrnwda4gu13kRXMCVTDlsDQ= >-SHA1 (scrypt-1.1.4.tgz) = BfU9ZhrlDm3zy/XYui7BaeP87v8= >-SHA256 (scrypt-1.1.4.tgz) = pblWsrAuonIwPS0TVOVaip2LiDH2UYxq32voer+Rzhk= >-SIZE (scrypt-1.1.4.tgz) = 82902 >+MD5 (scrypt-1.1.6.tgz) = o1UjzUl/coNjXOiB2znC4g== >+RMD160 (scrypt-1.1.6.tgz) = o5XbM7fGOKTw/rorx2h0z2NLM94= >+SHA1 (scrypt-1.1.6.tgz) = exs/7M/i/wi10FdS7xyn3y7IZG0= >+SHA256 (scrypt-1.1.6.tgz) = 39DRpURDkmW7ubWAQ608jOUKOYe0SmGx05/Xo+1bf7g= >+SIZE (scrypt-1.1.6.tgz) = 83776 Hello ;) Works fine for me (i386). I think you can remove EXTRACT_SUFX as it declares default extension. jirib
[update] scrypt
Update to scrypt 1.1.6. Tested with mandoc(1) so I removed the line wth groff. Tested on i386. Encrypted / decrypted one file and works OK. Comments ? OK ? Index: security/scrypt/Makefile === RCS file: /cvs/ports/security/scrypt/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- security/scrypt/Makefile20 Nov 2010 17:22:45 - 1.4 +++ security/scrypt/Makefile18 Dec 2010 22:20:58 - @@ -2,7 +2,7 @@ COMMENT = command-line encryption using scrypt key derivation function -DISTNAME = scrypt-1.1.4 +DISTNAME = scrypt-1.1.6 CATEGORIES = security @@ -20,7 +20,6 @@ EXTRACT_SUFX = .tgz CONFIGURE_STYLE = gnu -USE_GROFF =Yes NO_REGRESS = Yes Index: security/scrypt/distinfo === RCS file: /cvs/ports/security/scrypt/distinfo,v retrieving revision 1.2 diff -u -r1.2 distinfo --- security/scrypt/distinfo22 Jun 2009 22:51:59 - 1.2 +++ security/scrypt/distinfo18 Dec 2010 22:20:58 - @@ -1,5 +1,5 @@ -MD5 (scrypt-1.1.4.tgz) = xN+Fz9fhZa8KMG0E44vRXQ== -RMD160 (scrypt-1.1.4.tgz) = vzpoUrnwda4gu13kRXMCVTDlsDQ= -SHA1 (scrypt-1.1.4.tgz) = BfU9ZhrlDm3zy/XYui7BaeP87v8= -SHA256 (scrypt-1.1.4.tgz) = pblWsrAuonIwPS0TVOVaip2LiDH2UYxq32voer+Rzhk= -SIZE (scrypt-1.1.4.tgz) = 82902 +MD5 (scrypt-1.1.6.tgz) = o1UjzUl/coNjXOiB2znC4g== +RMD160 (scrypt-1.1.6.tgz) = o5XbM7fGOKTw/rorx2h0z2NLM94= +SHA1 (scrypt-1.1.6.tgz) = exs/7M/i/wi10FdS7xyn3y7IZG0= +SHA256 (scrypt-1.1.6.tgz) = 39DRpURDkmW7ubWAQ608jOUKOYe0SmGx05/Xo+1bf7g= +SIZE (scrypt-1.1.6.tgz) = 83776 -- Marius
Re: Fwd: new version of scrypt-1.1.4
Stuart Henderson wrote: > no time to look further now; build fails: > I did look at it. Maybe this can give you some clue. When you comment out # SEPARATE_BUILD = concurrent it builds fine. I have to check the documentation what this separate build mean. Cheers, Predrag
Re: Fwd: new version of scrypt-1.1.4
On 2009/06/15 21:06, Predrag Punosevac wrote: > Original Message > Date: Mon, 15 Jun 2009 16:39:04 -0600 > From: Colin Percival > To: Predrag Punosevac , wen heping > > Subject: new version of scrypt > > Hi scrypt ports maintainers, > > I just released scrypt version 1.1.4; this is mostly a "clean up and > reorganize > code which is borrowed from tarsnap" release, but does have an important > bugfix > in the SSE2 code (the version in 1.1.3 core dumps due to me forgetting to > match > mmap with munmap). > > The source tarball SHA256 is > SHA256 (scrypt-1.1.4.tgz) = > a5b956b2b02ea272303d2d1354e55a8a9d8b8831f6518c6adf6be87abf91ce19 > and it's in the usual place (http://www.tarsnap.com/scrypt/scrypt-1.1.4.tgz). > > -- > Colin Percival > Security Officer, FreeBSD | freebsd.org | The power to serve > Founder / author, Tarsnap | tarsnap.com | Online backups for the truly > paranoid > > Hi Stuart, > > I just got an e-mail from Colin informing me that he released 1.1.4 > version of scrypt. It is a bug fix release. Compiles fine here on > 4.5 stable. Could you please bump up the port? > > Most Kind Regards, > Predrag > > > no time to look further now; build fails: +++ Tue Jun 16 00:52:49 BST 2009 ===> Checking files for scrypt-1.1.4 `/usr/ports/distfiles/scrypt-1.1.4.tgz' is up to date. >> (SHA256) scrypt-1.1.4.tgz: OK ===> Extracting for scrypt-1.1.4 ===> Patching for scrypt-1.1.4 ===> Configuring for scrypt-1.1.4 configure: loading site script /usr/ports/infrastructure/db/config.site checking for a BSD-compatible install... /usr/bin/install -c -o root -g bin checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/config.aux/install-sh -c -d checking for gawk... (cached) nawk checking whether make sets $(MAKE)... (cached) yes checking whether to enable maintainer-specific portions of Makefiles... no checking for gcc... cc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... (cached) o checking whether we are using the GNU C compiler... (cached) yes checking whether cc accepts -g... (cached) yes checking for cc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of cc... gcc3 checking how to run the C preprocessor... cc -E checking for grep that handles long lines and -e... /usr/local/bin/ggrep checking for egrep... /usr/local/bin/ggrep -E checking for ANSI C header files... (cached) yes checking for sys/types.h... (cached) yes checking for sys/stat.h... (cached) yes checking for stdlib.h... (cached) yes checking for string.h... (cached) yes checking for memory.h... (cached) yes checking for strings.h... (cached) yes checking for inttypes.h... (cached) yes checking for stdint.h... (cached) yes checking for unistd.h... (cached) yes checking sys/endian.h usability... yes checking sys/endian.h presence... yes checking for sys/endian.h... yes checking whether be64enc is declared... no checking err.h usability... yes checking err.h presence... yes checking for err.h... yes checking for clock_gettime in -lrt... no checking for clock_gettime... (cached) yes checking sys/sysinfo.h usability... no checking sys/sysinfo.h presence... no checking for sys/sysinfo.h... no checking for sysinfo... no checking for struct sysinfo... no checking for struct sysinfo.totalram... no checking for struct sysinfo.mem_unit... no checking for sys/param.h... (cached) yes checking for posix_memalign... no configure: creating ./config.status config.status: creating Makefile config.status: creating config.h config.status: executing depfiles commands ===> Building for scrypt-1.1.4 make all-am cc -DHAVE_CONFIG_H -I. -I/usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4-I . -I lib/util -I lib/scryptenc -I lib/crypto -O2 -pipe -MT scrypt-main.o -MD -MP -MF .deps/scrypt-main.Tpo -c -o scrypt-main.o `test -f 'main.c' || echo '/usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/'`main.c /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:35:22: readpass.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:36:23: scryptenc.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:37:20: sha256.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:38:18: warn.h: No such file or directory *** Error code 1 Stop in /usr/obj/ports/scrypt-1.1.4/build-amd64 (line 302 of Makefile). *** Error code 1 Stop in /usr/obj/ports/scrypt-1.1.4/build-amd64 (line 190 of Makefile). *** Error code 1 Stop in /usr/ports/security/scrypt (line 2185 of /usr/ports/infrastructure/mk/bsd.port.mk). --- Tue Jun 16 00:52:53 BST 2009
Re: scrypt-1.1.3 released (was WIP:security/crypt)
Colin Percival wrote: > Hi Predrag & OpenBSD ports people, > > I've released scrypt version 1.1.3, which now has a man page in addition to > the > portability fixes in the version I sent Predrag for testing a few days ago; it > is at > http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz > and there's a GPG-signed SHA256 hash at I just got the email from Stuard. The port is committed! Good job Colin. Best, Predrag
Re: scrypt-1.1.3 released (was WIP:security/crypt)
Colin Percival wrote: > Hi Predrag & OpenBSD ports people, > > I've released scrypt version 1.1.3, which now has a man page in addition to > the > portability fixes in the version I sent Predrag for testing a few days ago; it > is at > http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz > and there's a GPG-signed SHA256 hash at >http://www.tarsnap.com/scrypt/scrypt-sigs-1.1.3.asc > > Please let me know if/when you add this to your ports tree -- I'll list it on > the scrypt website. > > -- > Colin Percival > Security Officer, FreeBSD | freebsd.org | The power to serve > Founder / author, Tarsnap | tarsnap.com | Online backups for the truly > paranoid Hi Collin, Stuard has already made a port. I think he has commit privileges. I just sent him a private email asking him to update Mekefile with the address of your source-file. How quickly the port will be committed depends on testing of course but I would think very soon. I apologize for bitching you saw about your work by one guy on ports. The guy obviously didn't know what he was talking about and was immediately hash. Best, Predrag
scrypt-1.1.3 released (was WIP:security/crypt)
Hi Predrag & OpenBSD ports people, I've released scrypt version 1.1.3, which now has a man page in addition to the portability fixes in the version I sent Predrag for testing a few days ago; it is at http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz and there's a GPG-signed SHA256 hash at http://www.tarsnap.com/scrypt/scrypt-sigs-1.1.3.asc Please let me know if/when you add this to your ports tree -- I'll list it on the scrypt website. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid
Re: WIP:security/crypt (scrypt)
Just one correction. The name of the package is scrypt. I played with it in the mean time. I do not see any man pages. You can encrypt a file as: scrypt enc filename filename.enc To decrypt file scrypt dec filename.enc filename.decrypted Sorry for the wrong name. Predrag
Re: scrypt
Stuart Henderson wrote: > On 2009/05/19 21:05, Predrag Punosevac wrote: > > Is anybody working on porting scrypt to OpenBSD? > > > > www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html > > > > I tried to compile out of joke on 4.4/amd64 and compiler reports > > slue of problems. > > > > Best, > > Predrag > > > > i made a start (attached) but got bored. > > you will need to provide alternative implementations of these: > be32enc, be64enc, le32dec. > > and also convert the sysctlbyname() call to sysctl(3). > That was really quick! Thanks for the update. Predrag
Re: scrypt
On 2009/05/19 21:05, Predrag Punosevac wrote: > Is anybody working on porting scrypt to OpenBSD? > > www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html > > I tried to compile out of joke on 4.4/amd64 and compiler reports > slue of problems. > > Best, > Predrag > i made a start (attached) but got bored. you will need to provide alternative implementations of these: be32enc, be64enc, le32dec. and also convert the sysctlbyname() call to sysctl(3). scrypt.tgz Description: application/tar-gz
scrypt
Is anybody working on porting scrypt to OpenBSD? www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html I tried to compile out of joke on 4.4/amd64 and compiler reports slue of problems. Best, Predrag
