git: 0400c882914a - main - devel/libzrtpcpp: mark BROKEN

Adriaan de Groot adridg at FreeBSD.org
Mon Apr 12 09:18:53 UTC 2021


The branch main has been updated by adridg:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0400c882914a168367eb67680d215563a5836029

commit 0400c882914a168367eb67680d215563a5836029
Author:     Adriaan de Groot <adridg at FreeBSD.org>
AuthorDate: 2021-04-11 23:38:59 +0000
Commit:     Adriaan de Groot <adridg at FreeBSD.org>
CommitDate: 2021-04-12 09:14:53 +0000

    devel/libzrtpcpp: mark BROKEN
    
    Does not compile on the cluster or 13- locally, because base SSL:
            hmac384.cpp:56:14: error: variable has incomplete type 'HMAC_CTX' (aka 'hmac_ctx_st')
                HMAC_CTX ctx;
            /usr/include/openssl/ossl_typ.h:102:16: note: forward declaration of 'hmac_ctx_st'
            typedef struct hmac_ctx_st HMAC_CTX;
    There is no definition of that type anywhere in /usr/include.
    
    The only consumer of this library is -- or was -- net/opal,
    and the use of this library was .if 0'ed out. Remove that
    non-use of the library as well.
    
    The library should also be marked BROKEN because the code is, well,
    broken. Clang rightfully complains:
            ZrtpPacketCommit.h:124:42: warning: 'memcpy' will always overflow; destination buffer has size 0, but size argument is 8 [-Wfortify-source]
                void setHMACMulti(uint8_t* hash)   { memcpy(commitHeader->hmac-4*ZRTP_WORD_SIZE, hash, sizeof(commitHeader->hmac)); };
            ZrtpQueue.cpp:147:9: warning: 'delete' applied to a pointer that was allocated with 'new[]'; did you mean 'delete[]'? [-Wmismatched-new-delete]
                    delete buffer;
            ZrtpQueue.cpp:144:29: note: allocated with 'new[]' here
                unsigned char* buffer = new unsigned char[nextSize];
    The first warning is *possibly* spurious: it's doing memcpy() into
    a struct intended for bit-banging, and is overwriting part of a
    previous field. Since there's no member there, there's no size
    information for fortify-source to use.
    
    The other two warnings are plain old UB, they were UB when this
    library was last released / updated in 2013, they're still UB, now.
    
    There **are** newer releases of this project, but not entirely under
    the GNU banner; https://github.com/wernerd/ZRTPCPP seems to be the
    right source for that, but I'm not going to chase updating this.
---
 devel/libzrtpcpp/Makefile |  3 ++-
 net/opal/Makefile         | 13 -------------
 2 files changed, 2 insertions(+), 14 deletions(-)

diff --git a/devel/libzrtpcpp/Makefile b/devel/libzrtpcpp/Makefile
index bc831bccc73a..d81844438067 100644
--- a/devel/libzrtpcpp/Makefile
+++ b/devel/libzrtpcpp/Makefile
@@ -9,6 +9,8 @@ MASTER_SITES=	GNU/ccrtp
 MAINTAINER=	acm at FreeBSD.org
 COMMENT=	ZRTP extension for GNU ccRTP
 
+BROKEN=		incompatible with current SSL, bad C++ code
+
 LIB_DEPENDS=	libccrtp.so:devel/ccrtp \
 		libgcrypt.so:security/libgcrypt
 
@@ -20,7 +22,6 @@ CMAKE_ARGS+=	-DBUILD_SHARED_LIBS:BOOL=ON \
 CXXFLAGS+=	-I${LOCALBASE}/include -I${OPENSSLINC}
 LDFLAGS+=	-L${LOCALBASE}/lib -L${OPENSSLLIB}
 USE_LDCONFIG=	yes
-CONFLICTS_BUILD=libzrtpcppcore
 
 post-patch:
 	@${FIND} ${WRKSRC}/src -type f | ${XARGS} ${REINPLACE_CMD} -i "" \
diff --git a/net/opal/Makefile b/net/opal/Makefile
index ec2256f232bb..396faed4736b 100644
--- a/net/opal/Makefile
+++ b/net/opal/Makefile
@@ -24,13 +24,11 @@ LDFLAGS+=	-L${LOCALBASE}/lib
 OPTIONS_DEFINE=	JAVA CELT ILBC GSM SPEEX THEORA FFMPEG X264 SIP H323 IAX \
 		H224 H281 FAX MSRP SIPIM RTPTEXT H450 H460 H501 LID UVIDEO \
 		AEC DEBUG RUBY
-# ZRTP
 # MSRP = plist extra line vpd?
 # RTPTEXT disable == build fail, so make it default?
 OPTIONS_DEFAULT=CELT GSM SPEEX FFMPEG X264 SIP H224 H281 FAX MSRP SIPIM \
 		RTPTEXT LID AEC
 DEBUG_DESC=	Install debug library
-ZRTP_DESC=	ZRTP protocol support
 JAVA_DESC=	Java JNI support
 RUBY_DESC=	Ruby support
 CELT_DESC=	Celt codec from ports
@@ -78,18 +76,7 @@ ALL_TARGET=	opt
 PLIST_SUB+=	DEBUG="@comment "
 .endif
 
-# libzrtpcpp uses port ssl, which will conflict with this port since we use
-# base ssl.
-#.if ${PORT_OPTIONS:MZRTP}
-.if 0
-.if !defined(SAFE_ZRTP)
-IGNORE=	please build devel/libzrtpcpp WITHOUT ports SSL and re-run build with SAFE_ZRTP set
-.endif
-LIB_DEPENDS+=	libzrtpcpp.so:devel/libzrtpcpp
-CONFIGURE_ARGS+=	--enable-zrtp
-.else
 CONFIGURE_ARGS+=	--disable-zrtp
-.endif
 
 .if ${PORT_OPTIONS:MGSM}
 LIB_DEPENDS+=	libgsm.so:audio/gsm


More information about the dev-commits-ports-all mailing list