Re: scrypt homepage fix
On Mon, Mar 27, 2023 at 09:48:37AM -0700, Jared Harper wrote: > As of right now, the website redirects incorrectly: > > ~% curl -I https://www.tarsnap.com/scrypt/ > HTTP/1.1 301 Moved Permanently > Date: Mon, 27 Mar 2023 15:12:55 GMT > Server: Apache/2.4.55 (FreeBSD) > Location: http://www.tarsnap.com:8080/scrypt.html > Content-Type: text/html; charset=iso-8859-1 > > Note that it redirects to port 8080 which is not exposed publicly. > > Interestingly, port 80 does not have this issue: > > ~% curl -I http://www.tarsnap.com/scrypt/ > HTTP/1.1 301 Moved Permanently > Date: Mon, 27 Mar 2023 15:13:06 GMT > Server: Apache/2.4.55 (FreeBSD) > Location: http://www.tarsnap.com/scrypt.html > Content-Type: text/html; charset=iso-8859-1 > Thanks. I'll fix this post unlock. > Index: security/scrypt//Makefile > === > RCS file: /cvs/ports/security/scrypt/Makefile,v > retrieving revision 1.13 > diff -u -p -r1.13 Makefile > --- security/scrypt//Makefile11 Mar 2022 19:54:02 -1.13 > +++ security/scrypt//Makefile27 Mar 2023 16:41:13 - > @@ -6,7 +6,7 @@ SHARED_LIBS += scrypt-kdf > > CATEGORIES =security > > -HOMEPAGE =https://www.tarsnap.com/scrypt/ > +HOMEPAGE =https://www.tarsnap.com/scrypt.html > > # BSD > PERMIT_PACKAGE =Yes >
scrypt homepage fix
As of right now, the website redirects incorrectly: ~% curl -I https://www.tarsnap.com/scrypt/ HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 15:12:55 GMT Server: Apache/2.4.55 (FreeBSD) Location: http://www.tarsnap.com:8080/scrypt.html Content-Type: text/html; charset=iso-8859-1 Note that it redirects to port 8080 which is not exposed publicly. Interestingly, port 80 does not have this issue: ~% curl -I http://www.tarsnap.com/scrypt/ HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 15:13:06 GMT Server: Apache/2.4.55 (FreeBSD) Location: http://www.tarsnap.com/scrypt.html Content-Type: text/html; charset=iso-8859-1 Index: security/scrypt//Makefile === RCS file: /cvs/ports/security/scrypt/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- security/scrypt//Makefile11 Mar 2022 19:54:02 -1.13 +++ security/scrypt//Makefile27 Mar 2023 16:41:13 - @@ -6,7 +6,7 @@ SHARED_LIBS +=scrypt-kdf CATEGORIES =security -HOMEPAGE =https://www.tarsnap.com/scrypt/ +HOMEPAGE =https://www.tarsnap.com/scrypt.html # BSD PERMIT_PACKAGE =Yes
[UPDATE] security/py-scrypt to 0.8.20
Update from 0.8.18 to 0.8.20 Dropped REVISION From Changelog since 0.8.18: 0.8.20 Fix #8 by adding missing gettimeofday.c to MANIFEST.in 0.8.19 Use RtlGenRandom instead of CryptGenRandom on windows (Thanks to https://github.com/veorq/cryptocoding/) Add check for c:Program FilesOpenSSL-Win64 and c:Program FilesOpenSSL-Win32 thanks gIndex: py-scrypt//Makefile === RCS file: /cvs/ports/security/py-scrypt/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- py-scrypt//Makefile 11 Mar 2022 19:53:58 - 1.10 +++ py-scrypt//Makefile 13 Jun 2022 00:49:22 - @@ -1,7 +1,6 @@ COMMENT = support for the scrypt key derivation function -MODPY_EGG_VERSION = 0.8.18 -REVISION = 2 +MODPY_EGG_VERSION = 0.8.20 DISTNAME = scrypt-${MODPY_EGG_VERSION} PKGNAME = py-${DISTNAME} Index: py-scrypt//distinfo === RCS file: /cvs/ports/security/py-scrypt/distinfo,v retrieving revision 1.3 diff -u -p -r1.3 distinfo --- py-scrypt//distinfo 15 Jul 2021 17:06:27 - 1.3 +++ py-scrypt//distinfo 13 Jun 2022 00:49:22 - @@ -1,2 +1,2 @@ -SHA256 (scrypt-0.8.18.tar.gz) = vPBCV68S5tUpdNF3p7COMUtm81CnP5tveyMtaaah4EE= -SIZE (scrypt-0.8.18.tar.gz) = 56651 +SHA256 (scrypt-0.8.20.tar.gz) = DSJsHGdE+y4wizkUEGabHfXP6CY3/8te1Im/grLS63g= +SIZE (scrypt-0.8.20.tar.gz) = 55874
Re: security/py-scrypt: missing WANTLIB
> The following diff adds WANTLIB to help the port to update for the > next bump. ok tb
security/py-scrypt: missing WANTLIB
Hi, It seems that security/py-scrypt has missing WANTLIB for system shared library. Currently, it doesn't have any WANTLIB, but it is a c module which depends on crypto and pthread. With the recent crypto bump, it fails to run: $ python3 -c 'from scrypt import hash' Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python3.9/site-packages/scrypt/__init__.py", line 1, in from .scrypt import * File "/usr/local/lib/python3.9/site-packages/scrypt/scrypt.py", line 24, in _scrypt = cdll.LoadLibrary(importlib.util.find_spec('_scrypt').origin) File "/usr/local/lib/python3.9/ctypes/__init__.py", line 452, in LoadLibrary return self._dlltype(name) File "/usr/local/lib/python3.9/ctypes/__init__.py", line 374, in __init__ self._handle = _dlopen(self._name, mode) OSError: Cannot load specified object $ readelf -d /usr/local/lib/python3.9/site-packages/_scrypt.cpython-39.so Dynamic section at offset 0x8c78 contains 19 entries: TagType Name/Value 0x0001 (NEEDED) Shared library: [libcrypto.so.48.0] 0x0001 (NEEDED) Shared library: [libpthread.so.26.1] 0x0007 (RELA) 0x1130 0x0008 (RELASZ) 312 (bytes) 0x0009 (RELAENT)24 (bytes) 0x6ff9 (RELACOUNT) 7 0x0017 (JMPREL) 0x1268 0x0002 (PLTRELSZ) 1344 (bytes) 0x0003 (PLTGOT) 0xade0 0x0014 (PLTREL) RELA 0x0006 (SYMTAB) 0x2c0 0x000b (SYMENT) 24 (bytes) 0x0005 (STRTAB) 0xcf8 0x000a (STRSZ) 1079 (bytes) 0x6ef5 (GNU_HASH) 0x998 0x0004 (HASH) 0xaa8 0x000c (INIT) 0x9360 0x000d (FINI) 0x9370 0x (NULL) 0x0 The following diff adds WANTLIB to help the port to update for the next bump. Comments or OK ? -- Sebastien Marie diff daa95d7360cadc2e078e2af54ae83d80339b29e8 /home/semarie/repos/openbsd/ports blob - 4c68b7a14b82a97691ee56d7f6b210aad18479f8 file + security/py-scrypt/Makefile --- security/py-scrypt/Makefile +++ security/py-scrypt/Makefile @@ -3,7 +3,7 @@ COMMENT = support for the scrypt key derivation function MODPY_EGG_VERSION =0.8.18 -REVISION = 1 +REVISION = 2 DISTNAME = scrypt-${MODPY_EGG_VERSION} PKGNAME = py-${DISTNAME} @@ -15,6 +15,8 @@ HOMEPAGE =http://bitbucket.org/mhallin/py-scrypt # BSD PERMIT_PACKAGE = Yes +WANTLIB += crypto pthread + MODULES = lang/python MODPY_PI = Yes
Re: [Update] security/py-scrypt : Update to 0.8.17
On Wed, Feb 10, 2021 at 01:27:28PM +, Charlene Wendling wrote: > Here is a patch for security/py-scrypt: > i) Update to 0.8.17 > ii) Switch to python3 > It build well and pass all tests on amd64-6.8 system. > > Only one port depends on it, security/py-passlib, build > well pass test with this patch too. You also need to remove the unflavored py-scrypt line from security/Makefile and add a quirks for py-scrypt -> py3->script which will require a @pkgpath marker for the Python 2 PKGPATH in PLIST. With that OK kn
[Update] security/py-scrypt : Update to 0.8.17
Hi, ports@: Here is a patch for security/py-scrypt: i) Update to 0.8.17 ii) Switch to python3 It build well and pass all tests on amd64-6.8 system. Only one port depends on it, security/py-passlib, build well pass test with this patch too. wen Index: Makefile === RCS file: /cvs/ports/security/py-scrypt/Makefile,v retrieving revision 1.3 diff -u -p -r1.3 Makefile --- Makefile4 Jan 2021 14:06:37 - 1.3 +++ Makefile10 Feb 2021 13:20:55 - @@ -2,11 +2,10 @@ COMMENT = support for the scrypt key derivation function -MODPY_EGG_VERSION =0.8.13 +MODPY_EGG_VERSION =0.8.17 DISTNAME = scrypt-${MODPY_EGG_VERSION} PKGNAME = py-${DISTNAME} -REVISION = 1 CATEGORIES = security @@ -21,6 +20,6 @@ MODPY_PI =Yes MODPY_SETUPTOOLS = Yes FLAVORS = python3 -FLAVOR ?= +FLAVOR = python3 .include Index: distinfo === RCS file: /cvs/ports/security/py-scrypt/distinfo,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 distinfo --- distinfo23 Nov 2019 15:10:06 - 1.1.1.1 +++ distinfo10 Feb 2021 13:20:55 - @@ -1,2 +1,2 @@ -SHA256 (scrypt-0.8.13.tar.gz) = E3exrcmMQVJpS/XX6TtBqdLpBgr2m3R8+tjJOsQm+eo= -SIZE (scrypt-0.8.13.tar.gz) = 53606 +SHA256 (scrypt-0.8.17.tar.gz) = JbUHXyI4vpOvHNV0VApeoBuFR/m2eKpy0i/OIld0dew= +SIZE (scrypt-0.8.17.tar.gz) = 56638 Index: pkg/PLIST === RCS file: /cvs/ports/security/py-scrypt/pkg/PLIST,v retrieving revision 1.2 diff -u -p -r1.2 PLIST --- pkg/PLIST 4 Jan 2021 14:06:37 - 1.2 +++ pkg/PLIST 10 Feb 2021 13:20:55 - @@ -11,3 +11,17 @@ ${MODPY_COMMENT}lib/python${MODPY_VERSIO lib/python${MODPY_VERSION}/site-packages/scrypt/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc lib/python${MODPY_VERSION}/site-packages/scrypt/${MODPY_PYCACHE}scrypt.${MODPY_PYC_MAGIC_TAG}pyc lib/python${MODPY_VERSION}/site-packages/scrypt/scrypt.py +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/ +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/__init__.py +${MODPY_COMMENT}lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}/ +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}__init__.${MODPY_PYC_MAGIC_TAG}pyc +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt.${MODPY_PYC_MAGIC_TAG}pyc +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_c_module.${MODPY_PYC_MAGIC_TAG}pyc +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_py2x.${MODPY_PYC_MAGIC_TAG}pyc +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/${MODPY_PYCACHE}test_scrypt_py3x.${MODPY_PYC_MAGIC_TAG}pyc +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/ciphertexts.csv +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/hashvectors.csv +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt.py +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_c_module.py +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_py2x.py +lib/python${MODPY_VERSION}/site-packages/scrypt/tests/test_scrypt_py3x.py
Re: UPDATE security/scrypt
Björn Ketelaars wrote: > On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > > Björn Ketelaars wrote: > > > > - When estimating the amount of available RAM, scrypt ignores > > > > RLIMIT_DATA on systems which have mmap. > > > > > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > > > patch this out in the meantime. > > > > Although I'm not doubting that you are right, I fail to understand why > > ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > > > I prepared a patch, which: > > - addresses ignoring RLIMIT DATA, reverting > > > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > > - fixes compiling on base-gcc archs (found by kmos@) > > > > OK? > > Ping... > > Diff below for your convenience. oh, patch looks good to me, fwiw.
Re: UPDATE security/scrypt
On Sun, 12 Jan 2020 15:38:21 +0100 Björn Ketelaars wrote: > On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > > Björn Ketelaars wrote: > > > > - When estimating the amount of available RAM, scrypt ignores > > > > RLIMIT_DATA on systems which have mmap. > > > > > > This is wrong on OpenBSD. I sent an email to Colin, but the > > > update should patch this out in the meantime. > > > > Although I'm not doubting that you are right, I fail to understand > > why ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > > > I prepared a patch, which: > > - addresses ignoring RLIMIT DATA, reverting > > > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > > - fixes compiling on base-gcc archs (found by kmos@) > > > > OK? It builds and works fine on powerpc (i tried with low limits as well). COMPILER_LANGS values are by convention in lowercase. If you wonder, it's still working fine uppercase :) OK cwen@ either way > Diff below for your convenience. > > diff --git Makefile Makefile > index 31dc84c3443..04b73ef02b3 100644 > --- Makefile > +++ Makefile > @@ -3,6 +3,7 @@ > COMMENT =command-line encryption using scrypt key derivation > function > DISTNAME = scrypt-1.3.0 > +REVISION = 0 > > SHARED_LIBS += scrypt-kdf0.0 # 1.0 > > @@ -18,6 +19,9 @@ WANTLIB = c crypto > MASTER_SITES = ${HOMEPAGE} > EXTRACT_SUFX = .tgz > > > +COMPILER = base-clang ports-gcc > +COMPILER_LANGS = C > + > CONFIGURE_STYLE =gnu > CONFIGURE_ARGS = --enable-libscrypt-kdf > > diff --git patches/patch-lib_util_memlimit_c > patches/patch-lib_util_memlimit_c new file mode 100644 > index 000..788724aa76e > --- /dev/null > +++ patches/patch-lib_util_memlimit_c > @@ -0,0 +1,24 @@ > +$OpenBSD$ > + > +Do not ignore RLIMIT_DATA on OpenBSD. Revert > +https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > + > +Index: lib/util/memlimit.c > +--- lib/util/memlimit.c.orig > lib/util/memlimit.c > +@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit) > + memrlimit = (uint64_t)rl.rlim_cur; > + #endif > + > +-#ifndef HAVE_MMAP > +-/* ... RLIMIT_DATA (if we're not using mmap)... */ > ++/* ... RLIMIT_DATA... */ > + if (getrlimit(RLIMIT_DATA, &rl)) > + return (1); > + if ((rl.rlim_cur != RLIM_INFINITY) && > + ((uint64_t)rl.rlim_cur < memrlimit)) > + memrlimit = (uint64_t)rl.rlim_cur; > +-#endif > + > + /* ... and RLIMIT_RSS. */ > + #ifdef RLIMIT_RSS >
Re: UPDATE security/scrypt
On Sun 12/01/2020 15:38, Björn Ketelaars wrote: > On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > > Björn Ketelaars wrote: > > > > - When estimating the amount of available RAM, scrypt ignores > > > > RLIMIT_DATA on systems which have mmap. > > > > > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > > > patch this out in the meantime. > > > > Although I'm not doubting that you are right, I fail to understand why > > ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > > > I prepared a patch, which: > > - addresses ignoring RLIMIT DATA, reverting > > > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > > - fixes compiling on base-gcc archs (found by kmos@) > > > > OK? > > Ping... Oops, forgot to mention the following: Following https://github.com/Tarsnap/scrypt/issues/226: Without patch: $ ulimit -d 123456 $ scrypt enc -v Makefile Makefile.enc Please enter passphrase: Please confirm passphrase: Parameters used: N = 262144; r = 8; p = 1; This requires at least 268 MB bytes of memory (995 MB available), and will take approximately 0.4 seconds (limit: 5.0 seconds). scrypt: Error computing derived key: Cannot allocate memory With patch: $ ulimit -d 123456 $ scrypt enc -v Makefile Makefile.enc Please enter passphrase: Please confirm passphrase: Parameters used: N = 8192; r = 8; p = 48; This requires at least 8.3 MB bytes of memory (15 MB available), and will take approximately 0.6 seconds (limit: 5.0 seconds).
Re: UPDATE security/scrypt
On Thu 02/01/2020 06:27, Björn Ketelaars wrote: > On Wed 01/01/2020 23:03, Ted Unangst wrote: > > Björn Ketelaars wrote: > > > - When estimating the amount of available RAM, scrypt ignores > > > RLIMIT_DATA on systems which have mmap. > > > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > > patch this out in the meantime. > > Although I'm not doubting that you are right, I fail to understand why > ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? > > I prepared a patch, which: > - addresses ignoring RLIMIT DATA, reverting > > https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 > - fixes compiling on base-gcc archs (found by kmos@) > > OK? Ping... Diff below for your convenience. diff --git Makefile Makefile index 31dc84c3443..04b73ef02b3 100644 --- Makefile +++ Makefile @@ -3,6 +3,7 @@ COMMENT = command-line encryption using scrypt key derivation function DISTNAME = scrypt-1.3.0 +REVISION = 0 SHARED_LIBS += scrypt-kdf0.0 # 1.0 @@ -18,6 +19,9 @@ WANTLIB = c crypto MASTER_SITES = ${HOMEPAGE} EXTRACT_SUFX = .tgz +COMPILER = base-clang ports-gcc +COMPILER_LANGS = C + CONFIGURE_STYLE = gnu CONFIGURE_ARGS = --enable-libscrypt-kdf diff --git patches/patch-lib_util_memlimit_c patches/patch-lib_util_memlimit_c new file mode 100644 index 000..788724aa76e --- /dev/null +++ patches/patch-lib_util_memlimit_c @@ -0,0 +1,24 @@ +$OpenBSD$ + +Do not ignore RLIMIT_DATA on OpenBSD. Revert +https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 + +Index: lib/util/memlimit.c +--- lib/util/memlimit.c.orig lib/util/memlimit.c +@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit) + memrlimit = (uint64_t)rl.rlim_cur; + #endif + +-#ifndef HAVE_MMAP +- /* ... RLIMIT_DATA (if we're not using mmap)... */ ++ /* ... RLIMIT_DATA... */ + if (getrlimit(RLIMIT_DATA, &rl)) + return (1); + if ((rl.rlim_cur != RLIM_INFINITY) && + ((uint64_t)rl.rlim_cur < memrlimit)) + memrlimit = (uint64_t)rl.rlim_cur; +-#endif + + /* ... and RLIMIT_RSS. */ + #ifdef RLIMIT_RSS
Re: UPDATE security/scrypt
On Wed 01/01/2020 23:03, Ted Unangst wrote: > Björn Ketelaars wrote: > > - When estimating the amount of available RAM, scrypt ignores > > RLIMIT_DATA on systems which have mmap. > > This is wrong on OpenBSD. I sent an email to Colin, but the update should > patch this out in the meantime. Although I'm not doubting that you are right, I fail to understand why ignoring RLIMIT_DATA on OpenBSD is bad. Could you explain why? I prepared a patch, which: - addresses ignoring RLIMIT DATA, reverting https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 - fixes compiling on base-gcc archs (found by kmos@) OK? diff --git Makefile Makefile index 31dc84c3443..04b73ef02b3 100644 --- Makefile +++ Makefile @@ -3,6 +3,7 @@ COMMENT = command-line encryption using scrypt key derivation function DISTNAME = scrypt-1.3.0 +REVISION = 0 SHARED_LIBS += scrypt-kdf0.0 # 1.0 @@ -18,6 +19,9 @@ WANTLIB = c crypto MASTER_SITES = ${HOMEPAGE} EXTRACT_SUFX = .tgz +COMPILER = base-clang ports-gcc +COMPILER_LANGS = C + CONFIGURE_STYLE = gnu CONFIGURE_ARGS = --enable-libscrypt-kdf diff --git patches/patch-lib_util_memlimit_c patches/patch-lib_util_memlimit_c new file mode 100644 index 000..788724aa76e --- /dev/null +++ patches/patch-lib_util_memlimit_c @@ -0,0 +1,24 @@ +$OpenBSD$ + +Do not ignore RLIMIT_DATA on OpenBSD. Revert +https://github.com/Tarsnap/scrypt/commit/2b478e7ce590a6564d89417ddad4f3dd4bbdcaf6 + +Index: lib/util/memlimit.c +--- lib/util/memlimit.c.orig lib/util/memlimit.c +@@ -167,14 +167,12 @@ memlimit_rlimit(size_t * memlimit) + memrlimit = (uint64_t)rl.rlim_cur; + #endif + +-#ifndef HAVE_MMAP +- /* ... RLIMIT_DATA (if we're not using mmap)... */ ++ /* ... RLIMIT_DATA... */ + if (getrlimit(RLIMIT_DATA, &rl)) + return (1); + if ((rl.rlim_cur != RLIM_INFINITY) && + ((uint64_t)rl.rlim_cur < memrlimit)) + memrlimit = (uint64_t)rl.rlim_cur; +-#endif + + /* ... and RLIMIT_RSS. */ + #ifdef RLIMIT_RSS
Re: UPDATE security/scrypt
Björn Ketelaars wrote: > - When estimating the amount of available RAM, scrypt ignores > RLIMIT_DATA on systems which have mmap. This is wrong on OpenBSD. I sent an email to Colin, but the update should patch this out in the meantime.
Re: Fix security/scrypt for sparc64 (and presumably other base-gcc archs)
Hi Kurt, On Wed, 1 Jan 2020 12:46:36 -0500 Kurt Mosiejczuk wrote: > I used this (without the COMPILER_LANGS line) to fix scrypt in the > current sparc64 build. I saw I should have used COMPILER_LANGS too > after the fact. > > --Kurt I've looked at the issue on my powerpc box, it's happening because GCC-4.2.1 is not 100% C99 compliant, it seems it requires GCC>=4.3 in that case [0]. This fixes the build on powerpc as well. OK cwen@ Charlène. [0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=14050
Fix security/scrypt for sparc64 (and presumably other base-gcc archs)
I used this (without the COMPILER_LANGS line) to fix scrypt in the current sparc64 build. I saw I should have used COMPILER_LANGS too after the fact. --Kurt Index: Makefile === RCS file: /cvs/ports/security/scrypt/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile31 Dec 2019 07:26:59 - 1.10 +++ Makefile1 Jan 2020 17:46:23 - @@ -18,6 +18,9 @@ WANTLIB = c crypto MASTER_SITES = ${HOMEPAGE} EXTRACT_SUFX = .tgz +COMPILER = base-clang ports-gcc base-gcc +COMPILER_LANGS = c + CONFIGURE_STYLE = gnu CONFIGURE_ARGS = --enable-libscrypt-kdf
UPDATE security/scrypt
Diff below brings security/scrypt to 1.3.0. Significant changes since 1.2.1 [0]: - In addition to the scrypt command-line utility, a library "libscrypt-kdf" can now be built and installed by passing the --enable-libscrypt-kdf option to configure. - On x86 CPUs which support them, RDRAND and SHA extensions are used to provide supplemental entropy and speed up hash computations respectively. - When estimating the amount of available RAM, scrypt ignores RLIMIT_DATA on systems which have mmap. - A new command "scrypt info encfile" prints information about an encrypted file without decrypting it. Changes to the port: - Build and package libscrypt-kdf. - Change HOMEPAGE/MASTER_SITES to https. - Enable tests. - Set DEBUG_PACKAGES. Testing: 'make test' runs successfully Comments/OK? [0] http://mail.tarsnap.com/scrypt/msg00261.html diff --git Makefile Makefile index 3c3a2989df8..57667e2dd9a 100644 --- Makefile +++ Makefile @@ -2,11 +2,13 @@ COMMENT = command-line encryption using scrypt key derivation function -DISTNAME = scrypt-1.2.1 +DISTNAME = scrypt-1.3.0 + +SHARED_LIBS += scrypt-kdf0.0 # 1.0 CATEGORIES = security -HOMEPAGE = http://www.tarsnap.com/scrypt/ +HOMEPAGE = https://www.tarsnap.com/scrypt/ # BSD PERMIT_PACKAGE = Yes @@ -17,7 +19,10 @@ MASTER_SITES = ${HOMEPAGE} EXTRACT_SUFX = .tgz CONFIGURE_STYLE = gnu +CONFIGURE_ARGS = --enable-libscrypt-kdf + +DEBUG_PACKAGES = ${BUILD_PACKAGES} -NO_TEST = Yes +TEST_TARGET = test .include diff --git distinfo distinfo index 8a34c030d44..a08d6ba134c 100644 --- distinfo +++ distinfo @@ -1,2 +1,2 @@ -SHA256 (scrypt-1.2.1.tgz) = RiH159ovgC4ghQQ2IZNwCS6fzak71Zj21CNszjP0xXc= -SIZE (scrypt-1.2.1.tgz) = 127619 +SHA256 (scrypt-1.3.0.tgz) = JjA07dTR4RfUBR2akmDHTe2w769EkcUVK3OJeLPzJ0g= +SIZE (scrypt-1.3.0.tgz) = 380332 diff --git patches/patch-tests_test_scrypt_sh patches/patch-tests_test_scrypt_sh new file mode 100644 index 000..5ee6fb254f2 --- /dev/null +++ patches/patch-tests_test_scrypt_sh @@ -0,0 +1,14 @@ +$OpenBSD$ + +Index: tests/test_scrypt.sh +--- tests/test_scrypt.sh.orig tests/test_scrypt.sh +@@ -14,7 +14,7 @@ out_valgrind="${bindir}/tests-valgrind" + password="hunter2" + + # Find system scrypt, and ensure it supports -P. +-system_scrypt=$( find_system scrypt enc -P ) ++system_scrypt=$( find_system ${scriptdir}/../scrypt enc -P ) + + + ### Run tests using project-specific constants diff --git pkg/PLIST pkg/PLIST index 733536472a5..d6f4b7b7bec 100644 --- pkg/PLIST +++ pkg/PLIST @@ -1,3 +1,7 @@ @comment $OpenBSD: PLIST,v 1.1.1.1 2009/05/25 22:48:48 sthen Exp $ @bin bin/scrypt +include/scrypt-kdf.h +@static-lib lib/libscrypt-kdf.a +lib/libscrypt-kdf.la +@lib lib/libscrypt-kdf.so.${LIBscrypt-kdf_VERSION} @man man/man1/scrypt.1
Re: NEW: security/py-scrypt
On Sat 23/11/2019 14:54, Stuart Henderson wrote: > ok to import? > > > This is a set of Python bindings for the scrypt key derivation function. > > Scrypt is useful when encrypting passwords as it is possible to specify a > *minimum* amount of time to use when encrypting and decrypting. If, for > example, a password takes 0.05 seconds to verify, a user won't notice > the slight delay when signing in, but doing a brute force search of > several billion passwords will take a considerable amount of time. This > is in contrast to more traditional hash functions such as MD5 or the SHA > family which can be implemented extremely fast on cheap hardware. > Port looks good, builds and packages, and all tests are OK. OK bket@
NEW: security/py-scrypt
ok to import? This is a set of Python bindings for the scrypt key derivation function. Scrypt is useful when encrypting passwords as it is possible to specify a *minimum* amount of time to use when encrypting and decrypting. If, for example, a password takes 0.05 seconds to verify, a user won't notice the slight delay when signing in, but doing a brute force search of several billion passwords will take a considerable amount of time. This is in contrast to more traditional hash functions such as MD5 or the SHA family which can be implemented extremely fast on cheap hardware. py-scrypt.tgz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
Hi! Here is an updated port. With a lot of help from jca@, we've managed to "persuade" (no, really, Joshua was also very-very helpful :) ) upstream to replace the base64 functions with portable ones, so it now compiles and works on strict aligned archs also. Ok? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tgz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
On p, dec 20, 2013 at 14:37:15 +0100, Jérémie Courrèges-Anglas wrote: [...] > I doubt -soname $fullversion is a good idea. But we don't need > it -soname at all. Also, duplicating information that could be present > in the port Makefile only isn't a good idea. > > Here's a tarball that uses MAKE_FLAGS to pass CC, CFLAGS and > LIBscrypt_VERSION. > > Also: > - simplify V / GH_VER usage (only GH_VER is needed) > - reorder variables to match Makefile.template > - provide a HOMEPAGE > - more info in DESCR Nice, thanks. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: NEW: libscrypt - shared library using scrypt()
LEVAI Daniel writes: > On cs, dec 19, 2013 at 14:14:40 +0100, Jérémie Courrèges-Anglas wrote: >> LEVAI Daniel writes: > [...] >> but you can keep the upstream version in the comment. > [...] > > This was fixed in the last tarball. "0" was indeed their version number, hehe. Ahem. >> >> | @bin lib/libscrypt.so.0 >> >> | lib/libscrypt.so >> >> >> >> Library generation is wrong, there should be >> >> libscrypt.so. and also either a >> >> static library, or make the port SHARED_ONLY.. I haven't built but >> >> I guess one of these files is a symlink and one is an incorrectly >> >> built library. >> > >> > Okay, I tried to do a better job this time. The source builds a >> > libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the >> > lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 -> >> > libscrypt.so.0.0 >> > I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library >> > is correctly prefixed with @lib in the PLIST. >> >> Just patch the Makefile. We don't use -soname. What I'd do is ''-o >> libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in >> MAKE_FLAGS. The symlinks can be patched away while here. > > Okay, thanks! I've attached a new archive that includes these changes. I doubt -soname $fullversion is a good idea. But we don't need it -soname at all. Also, duplicating information that could be present in the port Makefile only isn't a good idea. Here's a tarball that uses MAKE_FLAGS to pass CC, CFLAGS and LIBscrypt_VERSION. Also: - simplify V / GH_VER usage (only GH_VER is needed) - reorder variables to match Makefile.template - provide a HOMEPAGE - more info in DESCR libscrypt.tgz Description: Binary data >> This still needs SHARED_ONLY, the .a isn't installed and building it >> should not involve -fPIC. >> >> PFRAG.shared can be merged in PLIST. > > These were also fixed in the last tarball. Boo, tarball mixup. > Daniel -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: NEW: libscrypt - shared library using scrypt()
On cs, dec 19, 2013 at 14:14:40 +0100, Jérémie Courrèges-Anglas wrote: > LEVAI Daniel writes: [...] > but you can keep the upstream version in the comment. [...] This was fixed in the last tarball. > >> | @bin lib/libscrypt.so.0 > >> | lib/libscrypt.so > >> > >> Library generation is wrong, there should be > >> libscrypt.so. and also either a > >> static library, or make the port SHARED_ONLY.. I haven't built but > >> I guess one of these files is a symlink and one is an incorrectly > >> built library. > > > > Okay, I tried to do a better job this time. The source builds a > > libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the > > lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 -> > > libscrypt.so.0.0 > > I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library > > is correctly prefixed with @lib in the PLIST. > > Just patch the Makefile. We don't use -soname. What I'd do is ''-o > libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in > MAKE_FLAGS. The symlinks can be patched away while here. Okay, thanks! I've attached a new archive that includes these changes. > This still needs SHARED_ONLY, the .a isn't installed and building it > should not involve -fPIC. > > PFRAG.shared can be merged in PLIST. These were also fixed in the last tarball. Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tar.gz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
LEVAI Daniel writes: > On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote: >> On 2013/12/14 18:35, LEVAI Daniel wrote: > [...] >> >> | MASTER_SITES = >> http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/ >> >> Rather than this url query hack, please use the newer style of github >> handling you'll see in other ports e.g. www/tt-rss. > > Oh blimey! I would have sweared that I saw this in devel/libgit2 (that > pkg was even your example in [1] :) ). I think that included the GH_VER stuff. >> >> | SHARED_LIBS += scrypt 1.0 # 1.0 >> >> Library versioning for OpenBSD ports should start at 0.0. > > Right. but you can keep the upstream version in the comment. >> | @bin lib/libscrypt.so.0 >> | lib/libscrypt.so >> >> Library generation is wrong, there should be >> libscrypt.so. and also either a >> static library, or make the port SHARED_ONLY.. I haven't built but >> I guess one of these files is a symlink and one is an incorrectly >> built library. > > Okay, I tried to do a better job this time. The source builds a > libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the > lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 -> > libscrypt.so.0.0 > I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library > is correctly prefixed with @lib in the PLIST. Just patch the Makefile. We don't use -soname. What I'd do is ''-o libscrypt.so.${LIBscrypt_VERSION}'', you can pass the version in MAKE_FLAGS. The symlinks can be patched away while here. This still needs SHARED_ONLY, the .a isn't installed and building it should not involve -fPIC. PFRAG.shared can be merged in PLIST. > > [1] http://marc.info/?l=openbsd-ports&m=138588950307176&w=2 -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: NEW: libscrypt - shared library using scrypt()
On v, dec 15, 2013 at 11:23:22 +0100, LEVAI Daniel wrote: > On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote: > > On 2013/12/14 18:35, LEVAI Daniel wrote: > [...] [...] > Okay, I tried to do a better job this time. The source builds a [...] Ping? Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
Re: NEW: libscrypt - shared library using scrypt()
On szo, dec 14, 2013 at 22:41:21 +, Stuart Henderson wrote: > On 2013/12/14 18:35, LEVAI Daniel wrote: [...] > > | MASTER_SITES = > http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/ > > Rather than this url query hack, please use the newer style of github > handling you'll see in other ports e.g. www/tt-rss. Oh blimey! I would have sweared that I saw this in devel/libgit2 (that pkg was even your example in [1] :) ). > > | SHARED_LIBS += scrypt 1.0 # 1.0 > > Library versioning for OpenBSD ports should start at 0.0. Right. > | @bin lib/libscrypt.so.0 > | lib/libscrypt.so > > Library generation is wrong, there should be > libscrypt.so. and also either a > static library, or make the port SHARED_ONLY.. I haven't built but > I guess one of these files is a symlink and one is an incorrectly > built library. Okay, I tried to do a better job this time. The source builds a libscrypt.so.0 file, and I couldn't get pkg_create(1) to recognize the lib mentioned in SHARED_LIBS, so I had to mv libscrypt.so.0 -> libscrypt.so.0.0 I've also @comment-ed the symlink to ...so.0 in PLIST. Now the library is correctly prefixed with @lib in the PLIST. [1] http://marc.info/?l=openbsd-ports&m=138588950307176&w=2 -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tar.gz Description: application/tar-gz
Re: NEW: libscrypt - shared library using scrypt()
On 2013/12/14 18:35, LEVAI Daniel wrote: > Hi! > > I came across this useful library. > I could only test it on amd64, and have no idea how it behaves > elsewhere. > Aside from a simple patch, the build is pretty straightforward, and the > regression test also runs smooth. > > libscrypt_scrypt() is very simple to use and the header file contains > useful API docs and pre-defined values for the performance harness > variables; all-in-all a nice complement to bcrypt_pbkdf(), I think :) > > Please test if you're interested. > > > Thanks, > Daniel > > -- > LÉVAI Dániel > PGP key ID = 0x83B63A8F > Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F | MASTER_SITES = http://github.com/technion/${PROJECT}/archive/v${V}.tar.gz?dummy=/ Rather than this url query hack, please use the newer style of github handling you'll see in other ports e.g. www/tt-rss. | SHARED_LIBS += scrypt 1.0 # 1.0 Library versioning for OpenBSD ports should start at 0.0. | @bin lib/libscrypt.so.0 | lib/libscrypt.so Library generation is wrong, there should be libscrypt.so. and also either a static library, or make the port SHARED_ONLY.. I haven't built but I guess one of these files is a symlink and one is an incorrectly built library.
NEW: libscrypt - shared library using scrypt()
Hi! I came across this useful library. I could only test it on amd64, and have no idea how it behaves elsewhere. Aside from a simple patch, the build is pretty straightforward, and the regression test also runs smooth. libscrypt_scrypt() is very simple to use and the header file contains useful API docs and pre-defined values for the performance harness variables; all-in-all a nice complement to bcrypt_pbkdf(), I think :) Please test if you're interested. Thanks, Daniel -- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F libscrypt.tar.gz Description: application/tar-gz
Re: [update] scrypt
On Sat, Dec 18, 2010 at 11:34:52PM +0100, Marius ROMAN wrote: >Update to scrypt 1.1.6. >Tested with mandoc(1) so I removed the line wth groff. >Tested on i386. >Encrypted / decrypted one file and works OK. > >Comments ? OK ? > >Index: security/scrypt/Makefile >=== >RCS file: /cvs/ports/security/scrypt/Makefile,v >retrieving revision 1.4 >diff -u -r1.4 Makefile >--- security/scrypt/Makefile 20 Nov 2010 17:22:45 - 1.4 >+++ security/scrypt/Makefile 18 Dec 2010 22:20:58 - >@@ -2,7 +2,7 @@ > > COMMENT = command-line encryption using scrypt key derivation function > >-DISTNAME =scrypt-1.1.4 >+DISTNAME =scrypt-1.1.6 > > CATEGORIES = security > >@@ -20,7 +20,6 @@ > EXTRACT_SUFX =.tgz > > CONFIGURE_STYLE = gnu >-USE_GROFF = Yes > > NO_REGRESS = Yes > >Index: security/scrypt/distinfo >=== >RCS file: /cvs/ports/security/scrypt/distinfo,v >retrieving revision 1.2 >diff -u -r1.2 distinfo >--- security/scrypt/distinfo 22 Jun 2009 22:51:59 - 1.2 >+++ security/scrypt/distinfo 18 Dec 2010 22:20:58 - >@@ -1,5 +1,5 @@ >-MD5 (scrypt-1.1.4.tgz) = xN+Fz9fhZa8KMG0E44vRXQ== >-RMD160 (scrypt-1.1.4.tgz) = vzpoUrnwda4gu13kRXMCVTDlsDQ= >-SHA1 (scrypt-1.1.4.tgz) = BfU9ZhrlDm3zy/XYui7BaeP87v8= >-SHA256 (scrypt-1.1.4.tgz) = pblWsrAuonIwPS0TVOVaip2LiDH2UYxq32voer+Rzhk= >-SIZE (scrypt-1.1.4.tgz) = 82902 >+MD5 (scrypt-1.1.6.tgz) = o1UjzUl/coNjXOiB2znC4g== >+RMD160 (scrypt-1.1.6.tgz) = o5XbM7fGOKTw/rorx2h0z2NLM94= >+SHA1 (scrypt-1.1.6.tgz) = exs/7M/i/wi10FdS7xyn3y7IZG0= >+SHA256 (scrypt-1.1.6.tgz) = 39DRpURDkmW7ubWAQ608jOUKOYe0SmGx05/Xo+1bf7g= >+SIZE (scrypt-1.1.6.tgz) = 83776 Hello ;) Works fine for me (i386). I think you can remove EXTRACT_SUFX as it declares default extension. jirib
[update] scrypt
Update to scrypt 1.1.6. Tested with mandoc(1) so I removed the line wth groff. Tested on i386. Encrypted / decrypted one file and works OK. Comments ? OK ? Index: security/scrypt/Makefile === RCS file: /cvs/ports/security/scrypt/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- security/scrypt/Makefile20 Nov 2010 17:22:45 - 1.4 +++ security/scrypt/Makefile18 Dec 2010 22:20:58 - @@ -2,7 +2,7 @@ COMMENT = command-line encryption using scrypt key derivation function -DISTNAME = scrypt-1.1.4 +DISTNAME = scrypt-1.1.6 CATEGORIES = security @@ -20,7 +20,6 @@ EXTRACT_SUFX = .tgz CONFIGURE_STYLE = gnu -USE_GROFF =Yes NO_REGRESS = Yes Index: security/scrypt/distinfo === RCS file: /cvs/ports/security/scrypt/distinfo,v retrieving revision 1.2 diff -u -r1.2 distinfo --- security/scrypt/distinfo22 Jun 2009 22:51:59 - 1.2 +++ security/scrypt/distinfo18 Dec 2010 22:20:58 - @@ -1,5 +1,5 @@ -MD5 (scrypt-1.1.4.tgz) = xN+Fz9fhZa8KMG0E44vRXQ== -RMD160 (scrypt-1.1.4.tgz) = vzpoUrnwda4gu13kRXMCVTDlsDQ= -SHA1 (scrypt-1.1.4.tgz) = BfU9ZhrlDm3zy/XYui7BaeP87v8= -SHA256 (scrypt-1.1.4.tgz) = pblWsrAuonIwPS0TVOVaip2LiDH2UYxq32voer+Rzhk= -SIZE (scrypt-1.1.4.tgz) = 82902 +MD5 (scrypt-1.1.6.tgz) = o1UjzUl/coNjXOiB2znC4g== +RMD160 (scrypt-1.1.6.tgz) = o5XbM7fGOKTw/rorx2h0z2NLM94= +SHA1 (scrypt-1.1.6.tgz) = exs/7M/i/wi10FdS7xyn3y7IZG0= +SHA256 (scrypt-1.1.6.tgz) = 39DRpURDkmW7ubWAQ608jOUKOYe0SmGx05/Xo+1bf7g= +SIZE (scrypt-1.1.6.tgz) = 83776 -- Marius
Re: Fwd: new version of scrypt-1.1.4
Stuart Henderson wrote: > no time to look further now; build fails: > I did look at it. Maybe this can give you some clue. When you comment out # SEPARATE_BUILD = concurrent it builds fine. I have to check the documentation what this separate build mean. Cheers, Predrag
Re: Fwd: new version of scrypt-1.1.4
On 2009/06/15 21:06, Predrag Punosevac wrote: > Original Message > Date: Mon, 15 Jun 2009 16:39:04 -0600 > From: Colin Percival > To: Predrag Punosevac , wen heping > > Subject: new version of scrypt > > Hi scrypt ports maintainers, > > I just released scrypt version 1.1.4; this is mostly a "clean up and > reorganize > code which is borrowed from tarsnap" release, but does have an important > bugfix > in the SSE2 code (the version in 1.1.3 core dumps due to me forgetting to > match > mmap with munmap). > > The source tarball SHA256 is > SHA256 (scrypt-1.1.4.tgz) = > a5b956b2b02ea272303d2d1354e55a8a9d8b8831f6518c6adf6be87abf91ce19 > and it's in the usual place (http://www.tarsnap.com/scrypt/scrypt-1.1.4.tgz). > > -- > Colin Percival > Security Officer, FreeBSD | freebsd.org | The power to serve > Founder / author, Tarsnap | tarsnap.com | Online backups for the truly > paranoid > > Hi Stuart, > > I just got an e-mail from Colin informing me that he released 1.1.4 > version of scrypt. It is a bug fix release. Compiles fine here on > 4.5 stable. Could you please bump up the port? > > Most Kind Regards, > Predrag > > > no time to look further now; build fails: +++ Tue Jun 16 00:52:49 BST 2009 ===> Checking files for scrypt-1.1.4 `/usr/ports/distfiles/scrypt-1.1.4.tgz' is up to date. >> (SHA256) scrypt-1.1.4.tgz: OK ===> Extracting for scrypt-1.1.4 ===> Patching for scrypt-1.1.4 ===> Configuring for scrypt-1.1.4 configure: loading site script /usr/ports/infrastructure/db/config.site checking for a BSD-compatible install... /usr/bin/install -c -o root -g bin checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/config.aux/install-sh -c -d checking for gawk... (cached) nawk checking whether make sets $(MAKE)... (cached) yes checking whether to enable maintainer-specific portions of Makefiles... no checking for gcc... cc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... (cached) o checking whether we are using the GNU C compiler... (cached) yes checking whether cc accepts -g... (cached) yes checking for cc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of cc... gcc3 checking how to run the C preprocessor... cc -E checking for grep that handles long lines and -e... /usr/local/bin/ggrep checking for egrep... /usr/local/bin/ggrep -E checking for ANSI C header files... (cached) yes checking for sys/types.h... (cached) yes checking for sys/stat.h... (cached) yes checking for stdlib.h... (cached) yes checking for string.h... (cached) yes checking for memory.h... (cached) yes checking for strings.h... (cached) yes checking for inttypes.h... (cached) yes checking for stdint.h... (cached) yes checking for unistd.h... (cached) yes checking sys/endian.h usability... yes checking sys/endian.h presence... yes checking for sys/endian.h... yes checking whether be64enc is declared... no checking err.h usability... yes checking err.h presence... yes checking for err.h... yes checking for clock_gettime in -lrt... no checking for clock_gettime... (cached) yes checking sys/sysinfo.h usability... no checking sys/sysinfo.h presence... no checking for sys/sysinfo.h... no checking for sysinfo... no checking for struct sysinfo... no checking for struct sysinfo.totalram... no checking for struct sysinfo.mem_unit... no checking for sys/param.h... (cached) yes checking for posix_memalign... no configure: creating ./config.status config.status: creating Makefile config.status: creating config.h config.status: executing depfiles commands ===> Building for scrypt-1.1.4 make all-am cc -DHAVE_CONFIG_H -I. -I/usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4-I . -I lib/util -I lib/scryptenc -I lib/crypto -O2 -pipe -MT scrypt-main.o -MD -MP -MF .deps/scrypt-main.Tpo -c -o scrypt-main.o `test -f 'main.c' || echo '/usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/'`main.c /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:35:22: readpass.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:36:23: scryptenc.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:37:20: sha256.h: No such file or directory /usr/obj/ports/scrypt-1.1.4/scrypt-1.1.4/main.c:38:18: warn.h: No such file or directory *** Error code 1 Stop in /usr/obj/ports/scrypt-1.1.4/build-amd64 (line 302 of Makefile). *** Error code 1 Stop in /usr/obj/ports/scrypt-1.1.4/build-amd64 (line 190 of Makefile). *** Error code 1 Stop in /usr/ports/security/scrypt (line 2185 of /usr/ports/infrastructure/mk/bsd.port.mk). --- Tue Jun 16 00:52:53 BST 2009
Re: scrypt-1.1.3 released (was WIP:security/crypt)
Colin Percival wrote: > Hi Predrag & OpenBSD ports people, > > I've released scrypt version 1.1.3, which now has a man page in addition to > the > portability fixes in the version I sent Predrag for testing a few days ago; it > is at > http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz > and there's a GPG-signed SHA256 hash at I just got the email from Stuard. The port is committed! Good job Colin. Best, Predrag
Re: scrypt-1.1.3 released (was WIP:security/crypt)
Colin Percival wrote: > Hi Predrag & OpenBSD ports people, > > I've released scrypt version 1.1.3, which now has a man page in addition to > the > portability fixes in the version I sent Predrag for testing a few days ago; it > is at > http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz > and there's a GPG-signed SHA256 hash at >http://www.tarsnap.com/scrypt/scrypt-sigs-1.1.3.asc > > Please let me know if/when you add this to your ports tree -- I'll list it on > the scrypt website. > > -- > Colin Percival > Security Officer, FreeBSD | freebsd.org | The power to serve > Founder / author, Tarsnap | tarsnap.com | Online backups for the truly > paranoid Hi Collin, Stuard has already made a port. I think he has commit privileges. I just sent him a private email asking him to update Mekefile with the address of your source-file. How quickly the port will be committed depends on testing of course but I would think very soon. I apologize for bitching you saw about your work by one guy on ports. The guy obviously didn't know what he was talking about and was immediately hash. Best, Predrag
scrypt-1.1.3 released (was WIP:security/crypt)
Hi Predrag & OpenBSD ports people, I've released scrypt version 1.1.3, which now has a man page in addition to the portability fixes in the version I sent Predrag for testing a few days ago; it is at http://www.tarsnap.com/scrypt/scrypt-1.1.3.tgz and there's a GPG-signed SHA256 hash at http://www.tarsnap.com/scrypt/scrypt-sigs-1.1.3.asc Please let me know if/when you add this to your ports tree -- I'll list it on the scrypt website. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid
Re: WIP:security/crypt (scrypt)
Just one correction. The name of the package is scrypt. I played with it in the mean time. I do not see any man pages. You can encrypt a file as: scrypt enc filename filename.enc To decrypt file scrypt dec filename.enc filename.decrypted Sorry for the wrong name. Predrag
Re: scrypt
Stuart Henderson wrote: > On 2009/05/19 21:05, Predrag Punosevac wrote: > > Is anybody working on porting scrypt to OpenBSD? > > > > www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html > > > > I tried to compile out of joke on 4.4/amd64 and compiler reports > > slue of problems. > > > > Best, > > Predrag > > > > i made a start (attached) but got bored. > > you will need to provide alternative implementations of these: > be32enc, be64enc, le32dec. > > and also convert the sysctlbyname() call to sysctl(3). > That was really quick! Thanks for the update. Predrag
Re: scrypt
On 2009/05/19 21:05, Predrag Punosevac wrote: > Is anybody working on porting scrypt to OpenBSD? > > www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html > > I tried to compile out of joke on 4.4/amd64 and compiler reports > slue of problems. > > Best, > Predrag > i made a start (attached) but got bored. you will need to provide alternative implementations of these: be32enc, be64enc, le32dec. and also convert the sysctlbyname() call to sysctl(3). scrypt.tgz Description: application/tar-gz
scrypt
Is anybody working on porting scrypt to OpenBSD? www.daemonology.net/blog/2009-05-16-scrypt-version-1.1-released.html I tried to compile out of joke on 4.4/amd64 and compiler reports slue of problems. Best, Predrag