<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/1b58ab9bd70e5563eea27438eae5558651a7494e">https://github.com/macports/macports-ports/commit/1b58ab9bd70e5563eea27438eae5558651a7494e</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new 1b58ab9bd70 privoxy: Security fix and bugfix
</span>1b58ab9bd70 is described below
<span style='display:block; white-space:pre;color:#808000;'>commit 1b58ab9bd70e5563eea27438eae5558651a7494e
</span>Author: Steven Thomas Smith <s.t.smith@ieee.org>
AuthorDate: Fri Nov 5 22:10:36 2021 -0400
<span style='display:block; white-space:pre;color:#404040;'> privoxy: Security fix and bugfix
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> * Fixes: https://github.com/macports/macports-ports/commit/17dbffd4a4878130afd546886e3240bb3bd862be#r59506269
</span><span style='display:block; white-space:pre;color:#404040;'> * Fixes: https://github.com/openssl/openssl/issues/16968
</span>---
www/privoxy/Portfile | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/privoxy/Portfile b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 24161991c1f..f818bcc7286 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/privoxy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -6,7 +6,7 @@ PortGroup perl5 1.0
</span>
name privoxy
version 3.0.32
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 4
</span> categories www security net
platforms darwin
license GPL-2
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -56,7 +56,7 @@ if {[option gpg_verify.use_gpg_verification]} {
</span> worksrcdir ${name}-${version}-stable
depends_build-append \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- port:p5-sgmlspm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ port:p${perl5.major}-sgmlspm
</span>
depends_lib-append \
port:brotli \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -212,8 +212,8 @@ variant https_inspection \
</span> # set random passphrase if sf-pwgen's is too short for some reason
if {[string length ${passphrase}] < 20} {
set passphrase \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- [exec sh -c "openssl rand -base64 22 2>/dev/null \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- | rev | cut -b 2- | rev || true"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ [exec sh -c "openssl rand -base64 23 2>/dev/null \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ | sed 's|=*\$||' || true"]
</span> }
return ${passphrase}
}
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -288,13 +288,14 @@ variant https_inspection \
</span> [correct_horse_battery_staple]
set tls_ca_passphrase_fd \
[open ${tls_ca_dir}/private/passphrase.txt w 0600]
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ # see `man openssl` for -passin and -passout used together
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # -passin or -passout
</span> puts ${tls_ca_passphrase_fd} \
${tls_ca_passphrase}
<span style='display:block; white-space:pre;background:#ffe0e0;'>- # openssl password file apparently requires newline in
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # the context `openssl pkcs12`, or will throw the error:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # "Error reading password from BIO"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # https://github.com/openssl/openssl/blob/3841d0f6f02e1ad3a54beabf1d5395bd1c383254/apps/lib/apps.c#L330
</span> puts ${tls_ca_passphrase_fd} "\n"
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ # -passout
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ puts ${tls_ca_passphrase_fd} \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${tls_ca_passphrase}
</span> close ${tls_ca_passphrase_fd}
# create the root CA
system -W ${tls_ca_dir} \
</pre><pre style='margin:0'>
</pre>