From 5e65715a78184da9176d90c6290866c56d5f17b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Klitzing?= <aklitzing@gmail.com>
Date: Fri, 3 Mar 2017 16:01:32 +0100
Subject: main/libarchive: upgrade to 3.3.1

* Modernize abuild
* Remove merged patch
* Add patch for libressl
* Add support for lz4
---
 main/libarchive/APKBUILD            | 23 ++++++-----------------
 main/libarchive/CVE-2017-5601.patch | 21 ---------------------
 main/libarchive/libressl.patch      | 22 ++++++++++++++++++++++
 3 files changed, 28 insertions(+), 38 deletions(-)
 delete mode 100644 main/libarchive/CVE-2017-5601.patch
 create mode 100644 main/libarchive/libressl.patch

diff --git a/main/libarchive/APKBUILD b/main/libarchive/APKBUILD
index d976f795ab..e7b4138b8a 100644
--- a/main/libarchive/APKBUILD
+++ b/main/libarchive/APKBUILD
@@ -1,24 +1,17 @@
 # Contributor: Sergei Lukin <sergej.lukin@gmail.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libarchive
-pkgver=3.2.2
-pkgrel=1
+pkgver=3.3.1
+pkgrel=0
 pkgdesc="library that can create and read several streaming archive formats"
 url="http://libarchive.org/"
 arch="all"
 license="BSD"
-depends=""
-depends_dev="zlib-dev bzip2-dev xz-dev acl-dev libressl-dev expat-dev"
-makedepends="$depends_dev"
+makedepends="zlib-dev bzip2-dev xz-dev lz4-dev acl-dev libressl-dev expat-dev"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-tools"
 source="http://www.libarchive.org/downloads/$pkgname-$pkgver.tar.gz
-	CVE-2017-5601.patch
+	libressl.patch
 	"
-
-# secfixes:
-#   3.2.2-r1:
-#   - CVE-2017-5601.patch
-
 builddir="$srcdir/$pkgname-$pkgver"
 
 build () {
@@ -44,9 +37,5 @@ tools() {
 	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
 }
 
-md5sums="1ec00b7dcaf969dd2a5712f85f23c764  libarchive-3.2.2.tar.gz
-165d8eb95d6083dfd3e8f2453a644497  CVE-2017-5601.patch"
-sha256sums="691c194ee132d1f0f7a42541f091db811bc2e56f7107e9121be2bc8c04f1060f  libarchive-3.2.2.tar.gz
-572abfaf0e252f855a500bfc17eb711f26be6e94133a8e3bbf929e49b0450533  CVE-2017-5601.patch"
-sha512sums="a67920c37d49cf9478032d77fc4fa21827cebb96e9b83d9ecb8466328834052e4ab3d3a9bc4e2edf405d6cb14ffd648c9fa100b578257f6e5842c99bbea558a7  libarchive-3.2.2.tar.gz
-c450b0a9eb952b292d3749acd7041b59a0fa72b8f5a284ceaab6665a95336a5b39182addd59628661caf911a6461726ebe1c85c7d39b7d9da84ed6f736ef3e6e  CVE-2017-5601.patch"
+sha512sums="90702b393b6f0943f42438e277b257af45eee4fa82420431f6a4f5f48bb846f2a72c8ff084dc3ee9c87bdf8b57f4d8dddf7814870fe2604fe86c55d8d744c164  libarchive-3.3.1.tar.gz
+749cd7ef6ed9e12b3ac1f2ffc302e3d2fca0bf6634f77e7ae155ae1b51415744b908d6a014c1bbf1abc8d1eeee191781a21aebd4dd680dd21e6b96da7e0547f0  libressl.patch"
diff --git a/main/libarchive/CVE-2017-5601.patch b/main/libarchive/CVE-2017-5601.patch
deleted file mode 100644
index 4103c2a02e..0000000000
--- a/main/libarchive/CVE-2017-5601.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-commit 98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
-Author: Martin Matuska <martin@matuska.org>
-Date:   Thu Jan 19 22:00:18 2017 +0100
-
-    Fail with negative lha->compsize in lha_read_file_header_1()
-    Fixes a heap buffer overflow reported in Secunia SA74169
-
-diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c
-index 52a5531b..d77a7c2e 100644
---- a/libarchive/archive_read_support_format_lha.c
-+++ b/libarchive/archive_read_support_format_lha.c
-@@ -924,6 +924,9 @@ lha_read_file_header_1(struct archive_read *a, struct lha *lha)
- 	/* Get a real compressed file size. */
- 	lha->compsize -= extdsize - 2;
- 
-+	if (lha->compsize < 0)
-+		goto invalid;	/* Invalid compressed file size */
-+
- 	if (sum_calculated != headersum) {
- 		archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
- 		    "LHa header sum error");
diff --git a/main/libarchive/libressl.patch b/main/libarchive/libressl.patch
new file mode 100644
index 0000000000..05b7c1b4eb
--- /dev/null
+++ b/main/libarchive/libressl.patch
@@ -0,0 +1,22 @@
+--- a/libarchive/archive_openssl_hmac_private.h
++++ b/libarchive/archive_openssl_hmac_private.h
+@@ -28,7 +28,7 @@
+ #include <openssl/hmac.h>
+ #include <openssl/opensslv.h>
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #include <stdlib.h> /* malloc, free */
+ #include <string.h> /* memset */
+ static inline HMAC_CTX *HMAC_CTX_new(void)
+--- a/libarchive/archive_openssl_evp_private.h
++++ b/libarchive/archive_openssl_evp_private.h
+@@ -28,7 +28,7 @@
+ #include <openssl/evp.h>
+ #include <openssl/opensslv.h>
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #include <stdlib.h> /* malloc, free */
+ #include <string.h> /* memset */
+ static inline EVP_MD_CTX *EVP_MD_CTX_new(void)
-- 
cgit v1.2.3