From nobody Thu Nov 03 22:40:01 2022
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N3Jc21Vkdz4gxdV;
	Thu,  3 Nov 2022 22:40:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4N3Jc20Tzyz3XkY;
	Thu,  3 Nov 2022 22:40:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1667515202;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tucVEE95CpKI5TWcfOETjTpVqK0vKtXl4HIpL9xzQ/0=;
	b=kPR8LAEbx01JfiDtMKlfkhCa9GByFvvtEDeR0qGpmnmWfon+7a1zgOq/No4QBczuxicyei
	L0gpslLomLUy0OFCn5i1LjGKxxgL9fjO/z43I5zqDzxfYodBbsYS5DRXXmFW9wI1PDoEEG
	wZBfaIS5VvqtSfjRqTLzLzZqMx3Qohfw9jHeKWWKElgQT58muVsYzJU1n9snCYOIAIx9iB
	rI0vwwMz0ihDUdQA7e+MTB8+GStFtO5rU6IGKONn6rY7dlM6J35vHRpwfGrYAr7lHD5iBi
	hkIpcTX6iGNthaFEKOSk1rHuiLZBGGuMYrk0N+m/YDGZNpv0aLiEKM7bv09asA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4N3Jc15xDKzsrB;
	Thu,  3 Nov 2022 22:40:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2A3Me11w070194;
	Thu, 3 Nov 2022 22:40:01 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2A3Me1wd070191;
	Thu, 3 Nov 2022 22:40:01 GMT
	(envelope-from git)
Date: Thu, 3 Nov 2022 22:40:01 GMT
Message-Id: <202211032240.2A3Me1wd070191@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Dave Cottlehuber <dch@FreeBSD.org>
Subject: git: 42875692d7c3 - main - dns/dnsdist: re-enable scrypt hashing
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-all@freebsd.org
X-BeenThere: dev-commits-ports-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: dch
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 42875692d7c3ba04dad1852db3d2c9e4ce8656ba
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1667515202;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tucVEE95CpKI5TWcfOETjTpVqK0vKtXl4HIpL9xzQ/0=;
	b=v2Xl7V2LOnAxsDTL+WzTkJQSy+wHuARtbHXghiqS152zImMKO5MZBB9nKCgrlsULvkj2C4
	NLxYQAP8WcoJK46AWynBntroni5WMLPRdVLVzSEJNhCsDrB91nB0glEdjY2rmBCtlvPpCh
	ErKM8TN622RdVLWb3NMswUJyyZAOJjYnZ+JTKX9WYU0si/RmFGB1L/pS37Oe8TXEFFqIxO
	AeAgRauzSWr7OytWVGkMa/VMY87ALTqV5rZjlhURF5zeeKfkmRPOzqaKpLsLWCLob+bBb6
	ArIWZ6LdRwvKNN4JVOEw1hx4CbjqSudwiByBB0rBGscMeCQwWJ4NMVfJc/wMSw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667515202; a=rsa-sha256; cv=none;
	b=IFLxIVm39vItb+IWbYqzuCu+ysiq6OaeMWY5L6q4zTN5eZOvqyh9DCQKoWfbDUG8SE4oIL
	h7iHE9+uVzZty/V1yUf30zY+01MU3AVtI7Lcl3nzjseSsPEn1IcP1JnHJKGFAYwosljd0V
	J/rXQDObrq/Xn0p2kZ6YnlyQEPRHfRxtOYjYKBDczmb7jPc1qKXmU612f5qUcKxRONPCje
	H0pgYBEDtBWcLp89Slm7Q/pxTLlDDMBsvQEgpbytyest7bdYNwTbUXFAJ0bL48D9h38rIx
	dBsig+JmLfxXgiwg0S13KNE8mQQE4I7nSxnuDvQFmFg4AgzsvbBwJV7jsQ2Isg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by dch:

URL: https://cgit.FreeBSD.org/ports/commit/?id=42875692d7c3ba04dad1852db3d2c9e4ce8656ba

commit 42875692d7c3ba04dad1852db3d2c9e4ce8656ba
Author:     Dave Cottlehuber <dch@FreeBSD.org>
AuthorDate: 2022-11-03 07:35:46 +0000
Commit:     Dave Cottlehuber <dch@FreeBSD.org>
CommitDate: 2022-11-03 22:38:52 +0000

    dns/dnsdist: re-enable scrypt hashing
    
    PR:             266722
---
 dns/dnsdist/files/patch-credentials.cc | 101 ---------------------------------
 1 file changed, 101 deletions(-)

diff --git a/dns/dnsdist/files/patch-credentials.cc b/dns/dnsdist/files/patch-credentials.cc
deleted file mode 100644
index 4d71e65ad7aa..000000000000
--- a/dns/dnsdist/files/patch-credentials.cc
+++ /dev/null
@@ -1,101 +0,0 @@
---- credentials.cc.orig	2021-11-23 18:39:17 UTC
-+++ credentials.cc
-@@ -28,7 +28,7 @@
- #include <sodium.h>
- #endif
- 
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
- #include <openssl/evp.h>
- #include <openssl/kdf.h>
- #include <openssl/rand.h>
-@@ -42,7 +42,7 @@
- #include "credentials.hh"
- #include "misc.hh"
- 
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
- static size_t const pwhash_max_size = 128U; /* maximum size of the output */
- static size_t const pwhash_output_size = 32U; /* size of the hashed output (before base64 encoding) */
- static unsigned int const pwhash_salt_size = 16U; /* size of the salt (before base64 encoding */
-@@ -95,7 +95,7 @@ void SensitiveData::clear()
- 
- static std::string hashPasswordInternal(const std::string& password, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   auto pctx = std::unique_ptr<EVP_PKEY_CTX, void (*)(EVP_PKEY_CTX*)>(EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, nullptr), EVP_PKEY_CTX_free);
-   if (!pctx) {
-     throw std::runtime_error("Error getting a scrypt context to hash the supplied password");
-@@ -142,7 +142,7 @@ static std::string hashPasswordInternal(const std::str
- 
- static std::string generateRandomSalt()
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   /* generate a random salt */
-   std::string salt;
-   salt.resize(pwhash_salt_size);
-@@ -159,7 +159,7 @@ static std::string generateRandomSalt()
- 
- std::string hashPassword(const std::string& password, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   std::string result;
-   result.reserve(pwhash_max_size);
- 
-@@ -187,7 +187,7 @@ std::string hashPassword(const std::string& password, 
- 
- std::string hashPassword(const std::string& password)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   return hashPassword(password, CredentialsHolder::s_defaultWorkFactor, CredentialsHolder::s_defaultParallelFactor, CredentialsHolder::s_defaultBlockSize);
- #else
-   throw std::runtime_error("Hashing a password requires scrypt support in OpenSSL, and it is not available");
-@@ -196,7 +196,7 @@ std::string hashPassword(const std::string& password)
- 
- bool verifyPassword(const std::string& binaryHash, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize, const std::string& binaryPassword)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   auto expected = hashPasswordInternal(binaryPassword, salt, workFactor, parallelFactor, blockSize);
-   return constantTimeStringEquals(expected, binaryHash);
- #else
-@@ -207,7 +207,7 @@ bool verifyPassword(const std::string& binaryHash, con
- /* parse a hashed password in PHC string format */
- static void parseHashed(const std::string& hash, std::string& salt, std::string& hashedPassword, uint64_t& workFactor, uint64_t& parallelFactor, uint64_t& blockSize)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   auto parametersEnd = hash.find('$', pwhash_prefix.size());
-   if (parametersEnd == std::string::npos || parametersEnd == hash.size()) {
-     throw std::runtime_error("Invalid hashed password format, no parameters");
-@@ -276,7 +276,7 @@ bool verifyPassword(const std::string& hash, const std
-     return false;
-   }
- 
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   std::string salt;
-   std::string hashedPassword;
-   uint64_t workFactor = 0;
-@@ -294,7 +294,7 @@ bool verifyPassword(const std::string& hash, const std
- 
- bool isPasswordHashed(const std::string& password)
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   if (password.size() < pwhash_prefix_size || password.size() > pwhash_max_size) {
-     return false;
-   }
-@@ -389,7 +389,7 @@ bool CredentialsHolder::matches(const std::string& pas
- 
- bool CredentialsHolder::isHashingAvailable()
- {
--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT)
-   return true;
- #else
-   return false;