git: c9a4e4c2873c - main - sysutils/shim: Remove expired port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 22 Feb 2025 14:48:01 UTC
The branch main has been updated by rene:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c9a4e4c2873c6f6936e591783606e8f85020d52e
commit c9a4e4c2873c6f6936e591783606e8f85020d52e
Author: Rene Ladan <rene@FreeBSD.org>
AuthorDate: 2025-02-22 14:47:34 +0000
Commit: Rene Ladan <rene@FreeBSD.org>
CommitDate: 2025-02-22 14:47:34 +0000
sysutils/shim: Remove expired port
2025-02-22 sysutils/shim: upstream has been inactive for 10 years and does not build with GCC 14
---
MOVED | 1 +
sysutils/Makefile | 1 -
sysutils/shim/Makefile | 43 --------------
sysutils/shim/distinfo | 3 -
sysutils/shim/files/patch-Cryptlib-Makefile | 12 ----
.../shim/files/patch-Cryptlib-OpenSSL-Makefile | 12 ----
sysutils/shim/files/patch-Makefile | 56 -------------------
sysutils/shim/files/patch-MokManager.c | 65 ----------------------
sysutils/shim/files/patch-elf__ia32__efi.lds | 8 ---
sysutils/shim/files/patch-elf_x86_64_efi.lds | 10 ----
sysutils/shim/files/patch-lib-Makefile | 13 -----
sysutils/shim/files/patch-lib-console.c | 11 ----
sysutils/shim/pkg-descr | 7 ---
13 files changed, 1 insertion(+), 241 deletions(-)
diff --git a/MOVED b/MOVED
index 48cda0baa998..33d262d86fc0 100644
--- a/MOVED
+++ b/MOVED
@@ -4160,3 +4160,4 @@ graphics/showimage||2025-02-22|Depends on discontinued libkipi
graphics/libkipi||2025-02-22|Discontinued upstream
deskutils/knotes||2025-02-22|Discontinued upstream
net-im/kopete||2025-02-22|Discontinued upstream
+sysutils/shim||2025-02-22|Has expired: upstream has been inactive for 10 years and does not build with GCC 14
diff --git a/sysutils/Makefile b/sysutils/Makefile
index 7dce3b79a7ae..e9cf3cf53bb3 100644
--- a/sysutils/Makefile
+++ b/sysutils/Makefile
@@ -1275,7 +1275,6 @@
SUBDIR += setcdboot
SUBDIR += setsid
SUBDIR += sg3_utils
- SUBDIR += shim
SUBDIR += shlock
SUBDIR += shmcat
SUBDIR += shuf
diff --git a/sysutils/shim/Makefile b/sysutils/shim/Makefile
deleted file mode 100644
index 95aadcfa7dfd..000000000000
--- a/sysutils/shim/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-PORTNAME= shim
-PORTVERSION= 0.9
-PORTREVISION= 5
-CATEGORIES= sysutils
-
-MAINTAINER= egypcio@FreeBSD.org
-COMMENT= UEFI Secure Boot shim loader
-WWW= https://github.com/mjg59/shim
-
-LICENSE= BSD2CLAUSE
-LICENSE_FILE= ${WRKSRC}/COPYRIGHT
-
-DEPRECATED= upstream has been inactive for 10 years and does not build with GCC 14
-EXPIRATION_DATE= 2025-02-22
-
-BUILD_DEPENDS= ${LOCALBASE}/lib/libgnuefi.a:devel/gnu-efi \
- bash:shells/bash
-
-USES= compiler gmake shebangfix
-USE_CSTD= gnu99
-USE_GCC= 13
-
-SHEBANG_FILES= make-certs
-
-USE_GITHUB= yes
-GH_ACCOUNT= mjg59
-
-MAKE_ARGS= CC="${CC} ${CFLAGS:M-std=*}" LD="${LD}" OBJCOPY="${OBJCOPY}"
-MAKE_JOBS_UNSAFE= yes
-
-PLIST_FILES= lib/shim/shim.pem lib/shim/shim.key \
- lib/shim/MokManager.efi lib/shim/fallback.efi lib/shim/shim.efi
-
-do-install:
- # Note that before this step, the shim.pem contains the _private_ key.
- openssl x509 -inform der -in ${WRKSRC}/shim.cer -outform pem -out ${WRKSRC}/shim.pem
- ${MKDIR} ${STAGEDIR}${PREFIX}/lib/shim
- ${INSTALL_DATA} -m 600 ${WRKSRC}/shim.key ${STAGEDIR}${PREFIX}/lib/shim
-.for file in shim.pem MokManager.efi fallback.efi shim.efi
- ${INSTALL_DATA} ${WRKSRC}/${file} ${STAGEDIR}${PREFIX}/lib/shim
-.endfor
-
-.include <bsd.port.mk>
diff --git a/sysutils/shim/distinfo b/sysutils/shim/distinfo
deleted file mode 100644
index 6fc694f1fc97..000000000000
--- a/sysutils/shim/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1535569510
-SHA256 (mjg59-shim-0.9_GH0.tar.gz) = d277d7bea0b5d554dacf284d84252a5e995fb4ef54b6de5ec6296c6c2a9a21bd
-SIZE (mjg59-shim-0.9_GH0.tar.gz) = 1302211
diff --git a/sysutils/shim/files/patch-Cryptlib-Makefile b/sysutils/shim/files/patch-Cryptlib-Makefile
deleted file mode 100644
index 3cf26f99fc0f..000000000000
--- a/sysutils/shim/files/patch-Cryptlib-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Cryptlib/Makefile.orig 2015-06-30 18:20:12 UTC
-+++ Cryptlib/Makefile
-@@ -1,3 +1,9 @@
-+ifeq ($(ARCH),amd64)
-+ override ARCH = x86_64
-+endif
-+ifeq ($(ARCH),i386)
-+ override ARCH = ia32
-+endif
-
- EFI_INCLUDES = -IInclude -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
diff --git a/sysutils/shim/files/patch-Cryptlib-OpenSSL-Makefile b/sysutils/shim/files/patch-Cryptlib-OpenSSL-Makefile
deleted file mode 100644
index 2531b561148c..000000000000
--- a/sysutils/shim/files/patch-Cryptlib-OpenSSL-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Cryptlib/OpenSSL/Makefile.orig 2015-06-30 18:20:12 UTC
-+++ Cryptlib/OpenSSL/Makefile
-@@ -1,3 +1,9 @@
-+ifeq ($(ARCH),amd64)
-+ override ARCH = x86_64
-+endif
-+ifeq ($(ARCH),i386)
-+ override ARCH = ia32
-+endif
-
- EFI_INCLUDES = -I../Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
diff --git a/sysutils/shim/files/patch-Makefile b/sysutils/shim/files/patch-Makefile
deleted file mode 100644
index abb577c07aa8..000000000000
--- a/sysutils/shim/files/patch-Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
---- Makefile.orig 2015-06-30 18:20:12 UTC
-+++ Makefile
-@@ -1,5 +1,5 @@
- VERSION = 0.9
--RELEASE :=
-+RELEASE := ""
- ifneq ($(RELEASE),"")
- RELEASE="-$(RELEASE)"
- endif
-@@ -9,15 +9,23 @@ LD = $(CROSS_COMPILE)ld
- OBJCOPY = $(CROSS_COMPILE)objcopy
-
- ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
-+
-+ifeq ($(ARCH),amd64)
-+ override ARCH := x86_64
-+endif
-+ifeq ($(ARCH),i386)
-+ override ARCH := ia32
-+endif
-+
- OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.* //g' | cut -f1-2 -d.` \>= 2.24)
-
- SUBDIRS = Cryptlib lib
-
--LIB_PATH = /usr/lib64
-+LIB_PATH = /usr/lib -L$(LOCALBASE)/lib
-
--EFI_INCLUDE := /usr/include/efi
--EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -I$(shell pwd)/include
--EFI_PATH := /usr/lib64/gnuefi
-+EFI_INCLUDE := $(LOCALBASE)/include/efi
-+EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -I$(shell pwd)/include -I/usr/include
-+EFI_PATH := $(LOCALBASE)/lib
-
- LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
- EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
-@@ -65,7 +73,7 @@ endif
-
- LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1
-
--TARGET = shim.efi MokManager.efi.signed fallback.efi.signed
-+TARGET = shim.efi MokManager.efi fallback.efi
- OBJS = shim.o netboot.o cert.o replacements.o version.o
- KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
- SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h version.c version.h
-@@ -156,9 +164,6 @@ endif
- -j .note.gnu.build-id \
- $(FORMAT) $^ $@.debug
-
--%.efi.signed: %.efi certdb/secmod.db
-- pesign -n certdb -i $< -c "shim" -s -o $@ -f
--
- clean:
- $(MAKE) -C Cryptlib clean
- $(MAKE) -C Cryptlib/OpenSSL clean
diff --git a/sysutils/shim/files/patch-MokManager.c b/sysutils/shim/files/patch-MokManager.c
deleted file mode 100644
index bcbf832031c6..000000000000
--- a/sysutils/shim/files/patch-MokManager.c
+++ /dev/null
@@ -1,65 +0,0 @@
---- MokManager.c.orig 2015-06-30 18:20:12 UTC
-+++ MokManager.c
-@@ -588,11 +588,11 @@ static void show_mok_info (EFI_GUID Type, void *Mok, U
-
- static EFI_STATUS list_keys (void *KeyList, UINTN KeyListSize, CHAR16 *title)
- {
-- INTN MokNum = 0;
-+ UINT32 MokNum = 0;
- MokListNode *keys = NULL;
- UINT32 key_num = 0;
- CHAR16 **menu_strings;
-- int i;
-+ UINT32 i;
-
- if (KeyListSize < (sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_SIGNATURE_DATA))) {
-@@ -1037,7 +1037,8 @@ static EFI_STATUS write_back_mok_list (MokListNode *li
- continue;
-
- DataSize += sizeof(EFI_SIGNATURE_LIST);
-- if (CompareGuid(&(list[i].Type), &CertType) == 0)
-+ if (CompareMem(&(list[i].Type), &CertType,
-+ sizeof(EFI_GUID)) == 0)
- DataSize += sizeof(EFI_GUID);
- DataSize += list[i].MokSize;
- }
-@@ -1059,7 +1060,8 @@ static EFI_STATUS write_back_mok_list (MokListNode *li
- CertList->SignatureType = list[i].Type;
- CertList->SignatureHeaderSize = 0;
-
-- if (CompareGuid(&(list[i].Type), &CertType) == 0) {
-+ if (CompareMem(&(list[i].Type), &CertType,
-+ sizeof(EFI_GUID)) == 0) {
- CertList->SignatureListSize = list[i].MokSize +
- sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_GUID);
-@@ -1100,7 +1102,8 @@ static void delete_cert (void *key, UINT32 key_size,
- int i;
-
- for (i = 0; i < mok_num; i++) {
-- if (CompareGuid(&(mok[i].Type), &CertType) != 0)
-+ if (CompareMem(&(mok[i].Type), &CertType,
-+ sizeof(EFI_GUID)) != 0)
- continue;
-
- if (mok[i].MokSize == key_size &&
-@@ -1151,7 +1154,7 @@ static void delete_hash_in_list (EFI_GUID Type, UINT8
- sig_size = hash_size + sizeof(EFI_GUID);
-
- for (i = 0; i < mok_num; i++) {
-- if ((CompareGuid(&(mok[i].Type), &Type) != 0) ||
-+ if ((CompareMem(&(mok[i].Type), &Type, sizeof(EFI_GUID)) != 0) ||
- (mok[i].MokSize < sig_size))
- continue;
-
-@@ -1322,7 +1325,8 @@ static EFI_STATUS delete_keys (void *MokDel, UINTN Mok
-
- /* Search and destroy */
- for (i = 0; i < del_num; i++) {
-- if (CompareGuid(&(del_key[i].Type), &CertType) == 0) {
-+ if (CompareMem(&(del_key[i].Type), &CertType,
-+ sizeof(EFI_GUID)) == 0) {
- delete_cert(del_key[i].Mok, del_key[i].MokSize,
- mok, mok_num);
- } else if (is_sha2_hash(del_key[i].Type)) {
diff --git a/sysutils/shim/files/patch-elf__ia32__efi.lds b/sysutils/shim/files/patch-elf__ia32__efi.lds
deleted file mode 100644
index 68ea0e843a5f..000000000000
--- a/sysutils/shim/files/patch-elf__ia32__efi.lds
+++ /dev/null
@@ -1,8 +0,0 @@
---- elf_ia32_efi.lds.orig 2018-12-15 14:43:25 UTC
-+++ elf_ia32_efi.lds
-@@ -1,4 +1,4 @@
--OUTPUT_FORMAT("elf32-i386", "elf32-i386", "elf32-i386")
-+OUTPUT_FORMAT("elf32-i386-freebsd", "elf32-i386-freebsd", "elf32-i386-freebsd")
- OUTPUT_ARCH(i386)
- ENTRY(_start)
- SECTIONS
diff --git a/sysutils/shim/files/patch-elf_x86_64_efi.lds b/sysutils/shim/files/patch-elf_x86_64_efi.lds
deleted file mode 100644
index 4d43ab7ab656..000000000000
--- a/sysutils/shim/files/patch-elf_x86_64_efi.lds
+++ /dev/null
@@ -1,10 +0,0 @@
---- elf_x86_64_efi.lds.orig 2015-06-30 18:20:12 UTC
-+++ elf_x86_64_efi.lds
-@@ -1,5 +1,5 @@
--/* Same as elf_x86_64_fbsd_efi.lds, except for OUTPUT_FORMAT below - KEEP IN SYNC */
--OUTPUT_FORMAT("elf64-x86-64", "elf64-x86-64", "elf64-x86-64")
-+/* Same as elf_x86_64_efi.lds, except for OUTPUT_FORMAT below - KEEP IN SYNC */
-+OUTPUT_FORMAT("elf64-x86-64-freebsd", "elf64-x86-64-freebsd", "elf64-x86-64-freebsd")
- OUTPUT_ARCH(i386:x86-64)
- ENTRY(_start)
- SECTIONS
diff --git a/sysutils/shim/files/patch-lib-Makefile b/sysutils/shim/files/patch-lib-Makefile
deleted file mode 100644
index 7d0d690cb3bb..000000000000
--- a/sysutils/shim/files/patch-lib-Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
---- lib/Makefile.orig 2015-06-30 18:20:12 UTC
-+++ lib/Makefile
-@@ -1,3 +1,10 @@
-+ifeq ($(ARCH),amd64)
-+ override ARCH = x86_64
-+endif
-+ifeq ($(ARCH),i386)
-+ override ARCH = ia32
-+endif
-+
- TARGET = lib.a
-
- LIBFILES = simple_file.o guid.o console.o execute.o configtable.o shell.o variables.o security_policy.o
diff --git a/sysutils/shim/files/patch-lib-console.c b/sysutils/shim/files/patch-lib-console.c
deleted file mode 100644
index 9b8771a6298e..000000000000
--- a/sysutils/shim/files/patch-lib-console.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- lib/console.c.orig 2019-10-23 08:09:31 UTC
-+++ lib/console.c
-@@ -360,7 +360,7 @@ static struct {
- { EFI_SECURITY_VIOLATION, L"Security Violation"},
-
- // warnings
-- { EFI_WARN_UNKOWN_GLYPH, L"Warning Unknown Glyph"},
-+ { EFI_WARN_UNKNOWN_GLYPH, L"Warning Unknown Glyph"},
- { EFI_WARN_DELETE_FAILURE, L"Warning Delete Failure"},
- { EFI_WARN_WRITE_FAILURE, L"Warning Write Failure"},
- { EFI_WARN_BUFFER_TOO_SMALL, L"Warning Buffer Too Small"},
diff --git a/sysutils/shim/pkg-descr b/sysutils/shim/pkg-descr
deleted file mode 100644
index 78313d12bc9a..000000000000
--- a/sysutils/shim/pkg-descr
+++ /dev/null
@@ -1,7 +0,0 @@
-shim is a trivial EFI application that, when run, attempts to open and
-execute another application. It will initially attempt to do this via the
-standard EFI LoadImage() and StartImage() calls. If these fail (because secure
-boot is enabled and the binary is not signed with an appropriate key, for
-instance) it will then validate the binary against a built-in certificate. If
-this succeeds and if the binary or signing key are not blacklisted then shim
-will relocate and execute the binary.