debian/0000755000000000000000000000000011771645126007200 5ustar debian/compat0000644000000000000000000000000211570651720010370 0ustar 7 debian/watch0000644000000000000000000000016111570651720010221 0ustar version=3 opts=uversionmangle=s/-/~/ \ http://delta.affinix.com/download/qca/2.0/plugins/qca-ossl-(.*).tar\.bz2 debian/control0000644000000000000000000000204211771644673010607 0ustar Source: qca2-plugin-ossl Section: libs Priority: optional Maintainer: Debian Qt/KDE Maintainers Uploaders: Jan Niehusmann , Felix Geyer , Modestas Vainius Build-Depends: debhelper (>= 7.3.16), pkg-kde-tools (>= 0.12), libqca2-dev (>= 2.0.0), libqt4-dev (>= 4:4.8.0~), libssl-dev Standards-Version: 3.9.3 Homepage: http://delta.affinix.com/qca/ Vcs-Git: git://anonscm.debian.org/pkg-kde/kde-std/qca2-plugin-ossl.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-kde/kde-std/qca2-plugin-ossl.git Package: libqca2-plugin-ossl Architecture: any Multi-Arch: same Depends: ${shlibs:Depends}, ${misc:Depends} Description: SSL/TLS support for the Qt Cryptographic Architecture The Qt Cryptographic Architecture (QCA) provides a straightforward and cross- platform API for a range of cryptographic features, including SSL/TLS, X.509 certificates, SASL, OpenPGP, S/MIME CMS, and smart cards. . This plugin provides support for SSL and TLS using the OpenSSL library. debian/rules0000755000000000000000000000075511771644673010275 0ustar #!/usr/bin/make -f include /usr/share/pkg-kde-tools/qt-kde-team/2/debian-qt-kde.mk dh += --buildsystem=qmake override_dh_auto_configure: ./configure --verbose --qtdir=/usr/share/qt4 --debug --no-separate-debug-info echo QMAKE_CFLAGS_DEBUG="$(CFLAGS) $(CPPFLAGS)" >> conf.pri echo QMAKE_CXXFLAGS_DEBUG="$(CXXFLAGS) $(CPPFLAGS)" >> conf.pri echo QMAKE_LFLAGS_DEBUG="$(LDFLAGS)" >> conf.pri qmake-qt4 override_dh_clean: $(overridden_command) rm -rf conf.log conf.pri conf.pri.tmp lib/ debian/docs0000644000000000000000000000000711570651720010042 0ustar README debian/copyright0000644000000000000000000000260111570651720011124 0ustar This package was debianized by Jan Niehusmann on Tue, 24 Jul 2007 18:30:02 +0200. It was downloaded from Upstream Authors: Justin Karneges Brad Hards Copyright: Copyright (C) 2004-2007, Justin Karneges Copyright (C) 2004-2006, Brad Hards License: This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA On Debian systems, the complete text of the GNU Lesser General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. The Debian packaging is Copyright (C) 2007, Jan Niehusmann and is licensed under the LGPL, see above. debian/patches/0000755000000000000000000000000011762473341010625 5ustar debian/patches/series0000644000000000000000000000016511762473341012044 0ustar remove_whirlpool_algo.diff detect_md2_available.diff detect_ssl2_available.diff backport_r820011_random_support.diff debian/patches/detect_ssl2_available.diff0000644000000000000000000000073011570651720015666 0ustar Description: fix compile when openssl doesn't support ssl2 Origin: upstream, http://websvn.kde.org/?view=revision&revision=1230301 --- qca-ossl/qca-ossl.cpp +++ qca-ossl/qca-ossl.cpp @@ -5235,9 +5235,11 @@ OpenSSL_add_ssl_algorithms(); SSL_CTX *ctx = 0; switch (version) { +#ifndef OPENSSL_NO_SSL2 case TLS::SSL_v2: ctx = SSL_CTX_new(SSLv2_client_method()); break; +#endif case TLS::SSL_v3: ctx = SSL_CTX_new(SSLv3_client_method()); break; debian/patches/backport_r820011_random_support.diff0000644000000000000000000000363311762473341017422 0ustar Author: Justin Karneges Description: patch from Michael Leupold for random support Origin: backport, svn diff -c 820011 svn://anonsvn.kde.org/home/kde Last-Update: 2008-06-12 --- a/qca-ossl.cpp +++ b/qca-ossl.cpp @@ -6708,6 +6708,34 @@ public: } }; +class opensslRandomContext : public RandomContext +{ +public: + opensslRandomContext(QCA::Provider *p) : RandomContext(p) + { + } + + Context *clone() const + { + return new opensslRandomContext(*this); + } + + QCA::SecureArray nextBytes(int size) + { + QCA::SecureArray buf(size); + int r; + // FIXME: loop while we don't have enough random bytes. + while (true) { + r = RAND_bytes((unsigned char*)(buf.data()), size); + if (r == 1) break; // success + r = RAND_pseudo_bytes((unsigned char*)(buf.data()), + size); + if (r >= 0) break; // accept insecure random numbers + } + return buf; + } +}; + } using namespace opensslQCAPlugin; @@ -6727,11 +6755,14 @@ public: OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); - srand(time(NULL)); - char buf[128]; - for(int n = 0; n < 128; ++n) - buf[n] = rand(); - RAND_seed(buf, 128); + // seed the RNG if it's not seeded yet + if (RAND_status() == 0) { + qsrand(time(NULL)); + char buf[128]; + for(int n = 0; n < 128; ++n) + buf[n] = qrand(); + RAND_seed(buf, 128); + } openssl_initted = true; } @@ -6770,6 +6801,7 @@ public: QStringList features() const { QStringList list; + list += "random"; list += all_hash_types(); list += all_mac_types(); list += all_cipher_types(); @@ -6798,7 +6830,9 @@ public: Context *createContext(const QString &type) { //OpenSSL_add_all_digests(); - if ( type == "info" ) + if ( type == "random" ) + return new opensslRandomContext(this); + else if ( type == "info" ) return new opensslInfoContext(this); else if ( type == "sha1" ) return new opensslHashContext( EVP_sha1(), this, type); debian/patches/remove_whirlpool_algo.diff0000644000000000000000000000151111570651720016047 0ustar Description: remove whirlpool usage. the algorithm is missing on at least 0.9.8g and 0.9.8i, even though there's an OBJ_whirlpool definition in 0.9.8i. Origin: upstream, http://websvn.kde.org/?view=revision&revision=864423 --- qca-ossl/qca-ossl.cpp +++ qca-ossl/qca-ossl.cpp @@ -6616,9 +6616,11 @@ #ifdef SHA512_DIGEST_LENGTH list += "sha512"; #endif +/* #ifdef OBJ_whirlpool list += "whirlpool"; #endif +*/ return list; } @@ -6863,10 +6865,12 @@ else if ( type == "sha512" ) return new opensslHashContext( EVP_sha512(), this, type); #endif +/* #ifdef OBJ_whirlpool else if ( type == "whirlpool" ) return new opensslHashContext( EVP_whirlpool(), this, type); #endif +*/ else if ( type == "pbkdf1(sha1)" ) return new opensslPbkdf1Context( EVP_sha1(), this, type ); else if ( type == "pbkdf1(md2)" ) debian/patches/detect_md2_available.diff0000644000000000000000000000557311570651720015477 0ustar Description: Detect whether MD2 is avalable for OpenSSL plugin. Origin: upstream, http://websvn.kde.org/?view=revision&revision=1111902 and http://websvn.kde.org/?view=revision&revision=1115936 --- qca-ossl/qca-ossl.cpp +++ qca-ossl/qca-ossl.cpp @@ -1771,8 +1771,10 @@ md = EVP_sha1(); else if(alg == EMSA3_MD5) md = EVP_md5(); +#ifdef HAVE_OPENSSL_MD2 else if(alg == EMSA3_MD2) md = EVP_md2(); +#endif else if(alg == EMSA3_RIPEMD160) md = EVP_ripemd160(); else if(alg == EMSA3_Raw) @@ -1789,8 +1791,10 @@ md = EVP_sha1(); else if(alg == EMSA3_MD5) md = EVP_md5(); +#ifdef HAVE_OPENSSL_MD2 else if(alg == EMSA3_MD2) md = EVP_md2(); +#endif else if(alg == EMSA3_RIPEMD160) md = EVP_ripemd160(); else if(alg == EMSA3_Raw) @@ -3412,9 +3416,11 @@ case NID_md5WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD5; break; +#ifdef HAVE_OPENSSL_MD2 case NID_md2WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD2; break; +#endif case NID_ripemd160WithRSA: p.sigalgo = QCA::EMSA3_RIPEMD160; break; @@ -3910,9 +3916,11 @@ case NID_md5WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD5; break; +#ifdef HAVE_OPENSSL_MD2 case NID_md2WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD2; break; +#endif case NID_ripemd160WithRSA: p.sigalgo = QCA::EMSA3_RIPEMD160; break; @@ -4100,9 +4108,11 @@ case NID_md5WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD5; break; +#ifdef HAVE_OPENSSL_MD2 case NID_md2WithRSAEncryption: p.sigalgo = QCA::EMSA3_MD2; break; +#endif case NID_ripemd160WithRSA: p.sigalgo = QCA::EMSA3_RIPEMD160; break; @@ -6640,7 +6650,9 @@ list += "sha1"; list += "sha0"; list += "ripemd160"; +#ifdef HAVE_OPENSSL_MD2 list += "md2"; +#endif list += "md4"; list += "md5"; #ifdef SHA224_DIGEST_LENGTH @@ -6849,7 +6861,9 @@ list += all_hash_types(); list += all_mac_types(); list += all_cipher_types(); +#ifdef HAVE_OPENSSL_MD2 list += "pbkdf1(md2)"; +#endif list += "pbkdf1(sha1)"; list += "pbkdf2(sha1)"; list += "pkey"; @@ -6882,8 +6896,10 @@ return new opensslHashContext( EVP_sha(), this, type); else if ( type == "ripemd160" ) return new opensslHashContext( EVP_ripemd160(), this, type); +#ifdef HAVE_OPENSSL_MD2 else if ( type == "md2" ) return new opensslHashContext( EVP_md2(), this, type); +#endif else if ( type == "md4" ) return new opensslHashContext( EVP_md4(), this, type); else if ( type == "md5" ) @@ -6912,8 +6928,10 @@ */ else if ( type == "pbkdf1(sha1)" ) return new opensslPbkdf1Context( EVP_sha1(), this, type ); +#ifdef HAVE_OPENSSL_MD2 else if ( type == "pbkdf1(md2)" ) return new opensslPbkdf1Context( EVP_md2(), this, type ); +#endif else if ( type == "pbkdf2(sha1)" ) return new opensslPbkdf2Context( this, type ); else if ( type == "hmac(md5)" ) debian/source/0000755000000000000000000000000011570651720010472 5ustar debian/source/format0000644000000000000000000000001411570651720011700 0ustar 3.0 (quilt) debian/changelog0000644000000000000000000000524411771644740011060 0ustar qca2-plugin-ossl (2.0.0~beta3-2) unstable; urgency=low * Team upload. [ Felix Geyer ] * Don't export build flags since pkg-kde-tools (and dpkg-buildpackage in the past) takes care of that. * Pass $CPPFLAGS and $LDFLAGS to the build system. * Mark package as Multi-Arch: same and build-depend on libqt4-dev >= 4:4.8.0~. [ Modestas Vainius ] * Add myself to Uploaders. * Bump Standards-Version to 3.9.3: no changes needed. * Backport random password generation support. Patch: backport_r820011_random_support.diff -- Modestas Vainius Sun, 24 Jun 2012 20:09:27 +0300 qca2-plugin-ossl (2.0.0~beta3-1) unstable; urgency=low * New upstream release. - Supports the pbkdf2(sha1) algorithm. (Closes: #514880; LP: #382691) [ Matthew Rosewarne ] * Tweak package description. * Add Homepage: to control. * Add watch file. [ Felix Geyer ] * Switch to source format 3.0 (quilt). - Turn changes from the last revision into a proper patch: remove_whirlpool_algo.diff * Switch debian/rules engine to dhmk. * Enable support for MD2 only when available in OpenSSL. (Closes: #622017) - Add detect_md2_available.diff * Enable support for SSL2 only when available in OpenSSL. - Add detect_ssl2_available.diff * Don't install the TODO file. * Drop libqca2-plugin-ossl.install as we only build a single binary package. * Switch to debhelper compat level 7. * Bump Standards-Version to 3.9.2, no changes needed. * Add myself to uploaders. * Fix lintian warning copyright-with-old-dh-make-debian-copyright. * Add Vcs-* fields. -- Debian Qt/KDE Maintainers Mon, 30 May 2011 11:41:07 +0300 qca2-plugin-ossl (0.1~20070904-4) unstable; urgency=low * Fix compilation with OpenSSL >= 0.9.8i (Closes: Bug#533970) (Upstream patch downloaded from http://websvn.kde.org/trunk/kdesupport/qca/plugins/qca-ossl/qca-ossl.cpp?r1=848615&r2=864423&view=patch) -- Jan Niehusmann Sun, 21 Jun 2009 20:02:15 +0200 qca2-plugin-ossl (0.1~20070904-3) unstable; urgency=low * Upload to unstable -- Jan Niehusmann Sat, 27 Oct 2007 19:05:31 +0200 qca2-plugin-ossl (0.1~20070904-2) experimental; urgency=low * Use qmake.mk instead of makefile.mk (Closes: Bug#445942) -- Jan Niehusmann Tue, 09 Oct 2007 18:58:36 +0200 qca2-plugin-ossl (0.1~20070904-1) experimental; urgency=low * New upstream release -- Jan Niehusmann Sun, 07 Oct 2007 15:29:06 +0200 qca2-plugin-ossl (0.1~20070706-1) experimental; urgency=low * Initial release * Closes: Bug#435693 -- Jan Niehusmann Mon, 06 Aug 2007 11:40:02 +0200