svn commit: r415459 - in head/security/opencryptoki: . files
Hiroki Sato
hrs at FreeBSD.org
Wed May 18 17:23:04 UTC 2016
Author: hrs
Date: Wed May 18 17:22:59 2016
New Revision: 415459
URL: https://svnweb.freebsd.org/changeset/ports/415459
Log:
Update to 3.5. Notable changes are as follows:
- No longer required to run pkcs11_startup.
pkcs11_startup and pkcs_slotd were shell scripts that created the
config file, pk_config_data, which was read by pkcsslotd to get
available slot information.
The pk_config_data configuration file has been replaced with
/etc/opencryptoki/opencryptoki.conf.
In version 3, the pkcsslotd daemon reads opencryptoki.conf to get slot
information. The opencryptoki.conf by default contains slot information
for each token currently supported by opencryptoki with the exception of
the ICSF token, which requires some initial setup.
Please see man page for opencryptoki.conf for further information.
Since pk_config_data is no longer required, pkcs11_startup and
pkcs_slotd have been removed.
Added:
head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c (contents, props changed)
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am (contents, props changed)
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h (contents, props changed)
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c (contents, props changed)
Deleted:
head/security/opencryptoki/files/patch-usr-include-pkcs11-apictl.h
head/security/opencryptoki/files/patch-usr-include-pkcs11-slotmgr.h
head/security/opencryptoki/files/patch-usr-include-pkcs11-stdll.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-aep_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-api_interface.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-bcom_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-host_defs.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-loadsave.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-new_host.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-tok_spec_struct.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-new_host.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-tok_spec_struct.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-cr_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-host_defs.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-loadsave.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-new_host.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-tok_spec_struct.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-utility.c
head/security/opencryptoki/files/patch-usr-sbin-pkcs11_startup-Makefile.am
head/security/opencryptoki/files/patch-usr-sbin-pkcs11_startup-pkcs11_startup.in
head/security/opencryptoki/files/patch-usr-sbin-pkcs_slot-pkcs_slot.in
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-err.c
Modified:
head/security/opencryptoki/Makefile
head/security/opencryptoki/distinfo
head/security/opencryptoki/files/patch-Makefile.am
head/security/opencryptoki/files/patch-configure.in
head/security/opencryptoki/files/patch-usr-lib-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c
head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am
head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am
head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h
head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c
head/security/opencryptoki/files/pkcsslotd.in
head/security/opencryptoki/pkg-plist
Modified: head/security/opencryptoki/Makefile
==============================================================================
--- head/security/opencryptoki/Makefile Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/Makefile Wed May 18 17:22:59 2016 (r415459)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= opencryptoki
-PORTVERSION= 2.3.2
-PORTREVISION= 8
+PORTVERSION= 3.5
CATEGORIES= security
MASTER_SITES= SF
@@ -17,23 +16,35 @@ LICENSE_PERMS= dist-mirror dist-sell pkg
LIB_DEPENDS= libtspi.so:security/trousers
-USES= alias autoreconf gmake libtool tar:bzip2
+USES= alias autoreconf gmake libtool tar:tgz
USE_LDCONFIG= ${PREFIX}/lib/opencryptoki
+WRKSRC= ${WRKDIR}/${PORTNAME}
INSTALL_TARGET= install-strip
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --enable-swtok --enable-tpmtok \
--disable-crtok --disable-aeptok \
--disable-ccatok --disable-bcomtok \
--disable-pkcscca_migrate \
+ --with-lockdir=/var/run/opencryptoki \
+ --with-logdir=/var/log/opencryptoki \
--localstatedir=/var \
--with-pkcs11user=${USERS} \
- --with-pkcs11group=${GROUPS}
+ --with-pkcs11group=${GROUPS} \
+ ac_cv_path_CHGRP=true
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
USE_RC_SUBR= pkcsslotd
SUB_FILES= pkg-message
-SUB_LIST= USERS=${USERS} GROUPS=${GROUPS}
+SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}"
+PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}"
USERS= _pkcs11
GROUPS= _pkcs11
+post-install:
+ ${MV} ${STAGEDIR}${ETCDIR}/opencryptoki.conf \
+ ${STAGEDIR}${ETCDIR}/opencryptoki.conf.sample
+ ${RMDIR} ${STAGEDIR}/var/run/opencryptoki/swtok \
+ ${STAGEDIR}/var/run/opencryptoki/tpm \
+ ${STAGEDIR}/var/run/opencryptoki
+
.include <bsd.port.mk>
Modified: head/security/opencryptoki/distinfo
==============================================================================
--- head/security/opencryptoki/distinfo Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/distinfo Wed May 18 17:22:59 2016 (r415459)
@@ -1,2 +1,3 @@
-SHA256 (opencryptoki-2.3.2.tar.bz2) = 44fdf74a9eab2586240a69779c5c323e8378e8f2fde21cd4f8bd9186a24c30f7
-SIZE (opencryptoki-2.3.2.tar.bz2) = 665134
+TIMESTAMP = 1463579349
+SHA256 (opencryptoki-3.5.tgz) = 2789e3135196828e2b904faba766aa4c7fd9d1e67664df79bd9a05381a771452
+SIZE (opencryptoki-3.5.tgz) = 1031722
Modified: head/security/opencryptoki/files/patch-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ Makefile.am 2010-11-23 22:35:25.112978674 +0900
-@@ -8,5 +8,5 @@
+--- Makefile.am.orig 2016-04-29 17:26:45 UTC
++++ Makefile.am
+@@ -8,5 +8,5 @@ if ENABLE_DAEMON
MISCDIR = misc
endif
Modified: head/security/opencryptoki/files/patch-configure.in
==============================================================================
--- head/security/opencryptoki/files/patch-configure.in Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-configure.in Wed May 18 17:22:59 2016 (r415459)
@@ -1,16 +1,16 @@
---- configure.in.orig 2010-07-29 21:28:41.000000000 +0900
-+++ configure.in 2010-10-20 01:31:02.971984782 +0900
-@@ -8,6 +8,9 @@
+--- configure.in.orig 2016-04-29 17:26:45 UTC
++++ configure.in
+@@ -6,6 +6,9 @@ AC_CANONICAL_SYSTEM
AM_INIT_AUTOMAKE([foreign 1.6])
+AC_DEFINE(_BSD_SOURCE, 1, BSD functions)
+AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions)
+
- dnl Get the canonical host type
- AC_CANONICAL_TARGET
-
-@@ -30,6 +33,7 @@
+ dnl Checks for header files.
+ AC_DISABLE_STATIC
+ LT_INIT
+@@ -25,6 +28,7 @@ AC_FUNC_MEMCMP
AC_FUNC_STRFTIME
AC_FUNC_VPRINTF
AC_CHECK_FUNCS([getcwd])
@@ -18,9 +18,28 @@
dnl Used in various scripts
AC_PATH_PROG([ID], [id], [/us/bin/id])
-@@ -193,6 +197,21 @@
+@@ -40,10 +44,16 @@ AC_PROG_YACC
+
+ dnl Define custom variables
+
+-lockdir=$localstatedir/lock/opencryptoki
++AC_ARG_WITH([lockdir],
++ [AS_HELP_STRING([--with-lockdir],[lock directory])],
++ [lockdir=$withval],
++ [lockdir=$localstatedir/lock/opencryptoki])
+ AC_SUBST(lockdir)
+
+-logdir=$localstatedir/log/opencryptoki
++AC_ARG_WITH([logdir],
++ [AS_HELP_STRING([--with-logdir],[log directory])],
++ [logdir=$withval],
++ [logdir=$localstatedir/log/opencryptoki])
+ AC_SUBST(logdir)
+
+ dnl ---
+@@ -166,6 +176,21 @@ AC_ARG_WITH([systemd],
[],
- [with_xcryptolinz=check])
+ [with_systemd=no])
+dnl --- check for pkcs11 user
+AC_ARG_WITH([pkcs11user],
@@ -40,20 +59,38 @@
dnl ---
dnl ---
dnl --- Now that we have all the options, let's check for a valid build
-@@ -630,11 +649,15 @@
+@@ -554,13 +579,31 @@ fi
- CFLAGS="$CFLAGS $DEBUG_CFLAGS -DPKCS64 -D_XOPEN_SOURCE=500"
+ AM_CONDITIONAL([ENABLE_PKCSEP11_MIGRATE], [test "x$enable_pkcsep11_migrate" = "xyes"])
--CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\"'
-+CFLAGS="$CFLAGS -DCONFIG_PATH='\"$localstatedir/lib/opencryptoki\"' -DSBIN_PATH='\"$sbindir\"' -DLIB_PATH='\"$libdir\"'"
-+
-+CFLAGS="$CFLAGS -DPKCS11USER='\"${pkcs11_user}\"' -DPKCS11GROUP='\"${pkcs11_group}\"'"
+-CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wno-pointer-sign"
+-
+-CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"'
++CFLAGS="$CFLAGS \
++ -Wall \
++ -Wno-pointer-sign \
++"
++CPPFX=' \
++ -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" \
++ -DSBIN_PATH=\"$(sbindir)\" \
++ -DLIB_PATH=\"$(libdir)\" \
++ -DLOCKDIR_PATH=\"$(lockdir)\" \
++ -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" \
++ -DOCK_LOGDIR=\"$(logdir)\" \
++'
++CPPFLAGS="$CPPFLAGS \
++ -DPKCS64 \
++ -D_XOPEN_SOURCE=600 \
++ $CPPFX \
++ -DPKCS11USER=\\\"${pkcs11_user}\\\" \
++ -DPKCS11GROUP=\\\"${pkcs11_group}\\\" \
++"
# At this point, CFLAGS is set to something sensible
AC_PROG_CC
+AC_SUBST(FPIC, $lt_prog_compiler_pic)
+
- AC_OUTPUT([Makefile usr/Makefile \
+ AC_CONFIG_FILES([Makefile usr/Makefile \
usr/include/Makefile \
usr/include/pkcs11/Makefile \
Modified: head/security/opencryptoki/files/patch-usr-lib-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/lib/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/Makefile.am 2010-11-24 02:34:56.159978814 +0900
-@@ -1,10 +1,2 @@
+--- usr/lib/Makefile.am.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/Makefile.am
+@@ -1,12 +1,4 @@
SUBDIRS = pkcs11
-install-data-hook:
@@ -11,3 +11,5 @@
- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf
- echo "**** Remember you must run ldconfig before using the above settings ****"
-
+ uninstall-hook:
+ rm -f $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/api/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/api/Makefile.am 2010-10-19 23:49:45.125982519 +0900
-@@ -4,13 +4,13 @@
+--- usr/lib/pkcs11/api/Makefile.am.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/api/Makefile.am
+@@ -4,13 +4,13 @@ SO_CURRENT=0
SO_REVISION=0
SO_AGE=0
@@ -10,9 +10,9 @@
$(SO_CURRENT):$(SO_REVISION):$(SO_AGE)
# Not all versions of automake observe libname_CFLAGS
- opencryptoki_libopencryptoki_la_CFLAGS = -DSPINXPL -DAPI -DDEV -D_THREAD_SAFE \
-- -fPIC -I../. -I../../../include/pkcs11
-+ $(FPIC) -I../. -I../../../include/pkcs11
-
- opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c apiutil.c
+ opencryptoki_libopencryptoki_la_CFLAGS = -DAPI -DDEV -D_THREAD_SAFE \
+- -fPIC -I../. -I../../../include/pkcs11 \
++ $(FPIC) -I../. -I../../../include/pkcs11 \
+ -I ../common -DSTDLL_NAME=\"api\"
+ opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c \
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/api/apiutil.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/api/apiutil.c 2010-10-19 23:54:52.374982634 +0900
-@@ -305,10 +305,10 @@
+--- usr/lib/pkcs11/api/apiutil.c.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/api/apiutil.c
+@@ -298,10 +298,10 @@
#include <string.h>
#include <strings.h>
#include <unistd.h>
@@ -12,33 +12,11 @@
#include <sys/ipc.h>
-@@ -325,10 +325,28 @@
+@@ -314,7 +314,6 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
-#include <sys/file.h>
- static int xplfd=-1;
- #endif
-+#ifdef __sun
-+#define LOCK_EX F_LOCK
-+#define LOCK_UN F_ULOCK
-+#define flock(fd, func) lockf(fd, func, 0)
-+#endif
-+
-+#ifndef LOCK_SH
-+#define LOCK_SH 1 /* shared lock */
-+#endif
-+#ifndef LOCK_EX
-+#define LOCK_EX 2 /* exclusive lock */
-+#endif
-+#ifndef LOCK_NB
-+#define LOCK_NB 4 /* don't block when locking */
-+#endif
-+#ifndef LOCK_UN
-+#define LOCK_UN 8 /* unlock */
-+#endif
-+
- #include <libgen.h>
+ static int xplfd = -1;
- #define LIBLOCATION LIB_PATH
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in Wed May 18 17:22:59 2016 (r415459)
@@ -1,11 +1,11 @@
---- usr/lib/pkcs11/api/shrd_mem.c.in.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/api/shrd_mem.c.in 2010-10-19 23:56:22.728981736 +0900
-@@ -353,7 +353,7 @@
-
-
- // SAB check for the group id here and membership here as well
-- grp = getgrnam("pkcs11");
-+ grp = getgrnam(PKCS11GROUP);
- if ( grp ) {
- int i=0;
- char member=0;
+--- usr/lib/pkcs11/api/shrd_mem.c.in.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/api/shrd_mem.c.in
+@@ -357,7 +357,7 @@ attach_shared_memory() {
+ // only check group membership if not root user
+ if (uid != 0 && euid != 0) {
+ int i, member=0;
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (!grp) {
+ // group pkcs11 not known to the system
+ return NULL;
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,11 @@
+--- usr/lib/pkcs11/api/socket_client.c.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/api/socket_client.c
+@@ -320,7 +320,7 @@ init_socket_data() {
+ return FALSE;
+ }
+
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if ( !grp ) {
+ OCK_SYSLOG(LOG_ERR, "init_socket_data: pkcs11 group does not exist, errno=%d", errno);
+ return FALSE;
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,18 @@
+--- usr/lib/pkcs11/cca_stdll/Makefile.am.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/cca_stdll/Makefile.am
+@@ -66,12 +66,12 @@ install-data-hook:
+ cd $(DESTDIR)/$(libdir)/opencryptoki/stdll && \
+ ln -sf libpkcs11_cca.so PKCS11_CCA.so
+ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
+ $(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok
+- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok
+ $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok
+
+ uninstall-hook:
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,11 @@
+--- usr/lib/pkcs11/common/btree.c.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/common/btree.c
+@@ -30,7 +30,7 @@
+
+
+ #include <stdio.h>
+-#include <malloc.h>
++#include <stdlib.h>
+
+ #include "pkcs11types.h"
+ #include "local_types.h"
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/common/host_defs.h.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/common/host_defs.h 2010-10-20 00:10:01.398983092 +0900
-@@ -294,13 +294,24 @@
+--- usr/lib/pkcs11/common/host_defs.h.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/common/host_defs.h
+@@ -294,12 +294,23 @@
/* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */
@@ -9,19 +9,18 @@
#ifndef _HOST_DEFS_H
#define _HOST_DEFS_H
- #include <semaphore.h>
#include <pthread.h>
+#if defined(__OpenBSD__) || defined(__FreeBSD__)
+#include <sys/endian.h>
-+#ifdef _BYTE_ORDER
-+#define __BYTE_ORDER _BYTE_ORDER
++#ifdef _BYTE_ORDER
++#define __BYTE_ORDER _BYTE_ORDER
+#endif
-+#ifdef _LITTLE_ENDIAN
-+#define __LITTLE_ENDIAN _LITTLE_ENDIAN
++#ifdef _LITTLE_ENDIAN
++#define __LITTLE_ENDIAN _LITTLE_ENDIAN
+#endif
+#else
#include <endian.h>
+#endif
#include "pkcs32.h"
- // Both of the strings below have a length of 32 chars and must be
+
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/common/loadsave.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/common/loadsave.c 2010-10-20 00:11:28.399983780 +0900
-@@ -301,11 +301,9 @@
+--- usr/lib/pkcs11/common/loadsave.c.orig 2016-04-29 17:26:45 UTC
++++ usr/lib/pkcs11/common/loadsave.c
+@@ -293,11 +293,9 @@
#include <string.h>
#include <strings.h>
#include <unistd.h>
@@ -10,14 +10,14 @@
#include <sys/ipc.h>
-#include <sys/file.h>
#include <errno.h>
-
+ #include <syslog.h>
#include <pwd.h>
-@@ -328,7 +326,7 @@
- // Set absolute permissions or rw-rw-r--
- fchmod(file,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH);
+@@ -637,7 +635,7 @@ void set_perm(int file)
+ // Set absolute permissions or rw-rw----
+ fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
-- grp = getgrnam("pkcs11"); // Obtain the group id
-+ grp = getgrnam(PKCS11GROUP); // Obtain the group id
- if (grp){
- fchown(file,getuid(),grp->gr_gid); // set ownership to root, and pkcs11 group
- }
+- grp = getgrnam("pkcs11"); // Obtain the group id
++ grp = getgrnam(PKCS11GROUP); // Obtain the group id
+ if (grp) {
+ // set ownership to root, and pkcs11 group
+ if (fchown(file, getuid(), grp->gr_gid) != 0) {
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,19 @@
+--- usr/lib/pkcs11/common/trace.c.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/common/trace.c
+@@ -301,6 +301,7 @@
+ #include <unistd.h>
+ #include <sys/file.h>
+ #include <sys/types.h>
++#include <sys/stat.h>
+
+ #include "pkcs11types.h"
+ #include "defs.h"
+@@ -449,7 +450,7 @@ CK_RV trace_initialize(void)
+ return(CKR_FUNCTION_FAILED);
+ }
+
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (grp == NULL) {
+ OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s."
+ "Tracing is disabled.\n", strerror(errno));
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,11 +1,14 @@
---- usr/lib/pkcs11/common/utility.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/common/utility.c 2010-10-20 00:19:02.740983592 +0900
-@@ -302,6 +302,26 @@
- #include <errno.h>
- #include <pwd.h>
+--- usr/lib/pkcs11/common/utility.c.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/common/utility.c
+@@ -275,9 +275,28 @@
+ legal action under this Agreement more than one year after
+ the cause of action arose. Each party waives its rights to
+ a jury trial in any resulting litigation.
++*/
+#include <fcntl.h>
-+
+
+-*/
+#ifdef __sun
+#define LOCK_EX F_LOCK
+#define LOCK_UN F_ULOCK
@@ -25,5 +28,23 @@
+#define LOCK_UN 8 /* unlock */
+#endif
- #include "pkcs11types.h"
- #include "defs.h"
+ /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */
+
+@@ -587,7 +606,7 @@ CK_RV CreateXProcLock(void)
+ goto err;
+ }
+
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (grp != NULL) {
+ if (fchown(spinxplfd, -1, grp->gr_gid)
+ == -1) {
+@@ -1131,7 +1150,7 @@ CK_RV check_user_and_group()
+ * when forked). So we need to get the group information.
+ * Really need to take the uid and map it to a name.
+ */
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (grp == NULL) {
+ OCK_SYSLOG(LOG_ERR, "getgrnam() failed: %s\n", strerror(errno));
+ goto error;
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,16 +1,33 @@
---- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am 2010-10-20 00:22:00.867981839 +0900
-@@ -2,11 +2,11 @@
-
- opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS = $(LCRYPTO) \
- $(ICA_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,$@ \
---Wl,-Bsymbolic -lc -lpthread -lica -ldl -lcrypto
-+-Wl,-Bsymbolic -lc -lpthread -lica -lcrypto
+--- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am
+@@ -6,12 +6,12 @@ opencryptoki_stdll_libpkcs11_ica_la_LDFL
+ -Wl,-Bsymbolic \
+ -Wl,-soname,$@ \
+ -Wl,-Bsymbolic -lc \
+- -lpthread -lica -ldl \
++ -lpthread -lica \
+ -lcrypto
# Not all versions of automake observe libname_CFLAGS
- opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DSPINXPL -DDEV \
---D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH \
-+-D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH \
- -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\"
+ opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DDEV \
+- -D_THREAD_SAFE -fPIC \
++ -D_THREAD_SAFE $(FPIC) \
+ -DSHALLOW=0 -DSWTOK=0 \
+ -DLITE=1 -DNODH \
+ -DNOCDMF -DNOMD2 -DNODSA \
+@@ -64,12 +64,12 @@ install-data-hook:
+ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ ln -sf libpkcs11_ica.so PKCS11_ICA.so
+ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
+ $(MKDIR_P) $(DESTDIR)$(lockdir)/lite
+- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite
+ $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite
- opencryptoki_stdll_libpkcs11_ica_la_SOURCES = ../common/asn1.c \
+ uninstall-hook:
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,15 @@
+--- usr/lib/pkcs11/icsf_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/icsf_stdll/Makefile.am
+@@ -79,10 +79,10 @@ install-data-hook:
+ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ ln -sf libpkcs11_icsf.so PKCS11_ICSF.so
+ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+ $(MKDIR_P) $(DESTDIR)$(lockdir)/icsf
+- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/icsf
+ $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf
+
+ uninstall-hook:
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,11 @@
+--- usr/lib/pkcs11/icsf_stdll/pbkdf.c.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/icsf_stdll/pbkdf.c
+@@ -337,7 +337,7 @@ set_perms(int file)
+ return CKR_FUNCTION_FAILED;
+ }
+
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (grp) {
+ if (fchown(file, -1, grp->gr_gid) != 0) {
+ TRACE_ERROR("fchown failed: %s\n", strerror(errno));
Modified: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,11 +1,27 @@
---- usr/lib/pkcs11/soft_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/lib/pkcs11/soft_stdll/Makefile.am 2010-10-20 00:25:03.227984225 +0900
-@@ -7,7 +7,7 @@
- opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DSPINXPL -DDEV -D_THREAD_SAFE \
+--- usr/lib/pkcs11/soft_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/soft_stdll/Makefile.am
+@@ -7,7 +7,7 @@ opencryptoki_stdll_libpkcs11_sw_la_LDFLA
+ opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DDEV -D_THREAD_SAFE \
-DSHALLOW=0 -DSWTOK=1 -DLITE=0 \
-DNOCDMF -DNOMD2 -DNODSA -DNORIPE \
-- -DDEBUGON -fPIC \
-+ -DDEBUGON $(FPIC) \
+- -fPIC \
++ $(FPIC) \
-I/usr/include -I. \
-I../../../include/pkcs11/stdll \
-I../../../include/pkcs11 \
+@@ -56,12 +56,12 @@ install-data-hook:
+ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ ln -sf libpkcs11_sw.so PKCS11_SW.so
+ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
+ $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok
+- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok
+ $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok
+
+ uninstall-hook:
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,30 @@
+--- usr/lib/pkcs11/soft_stdll/soft_specific.c.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/soft_stdll/soft_specific.c
+@@ -298,7 +298,9 @@
+
+
+ ****************************************************************************/
++#ifndef _BSD_SOURCE
+ #define _BSD_SOURCE
++#endif
+
+ #include <pthread.h>
+ #include <string.h> // for memcmp() et al
+@@ -317,7 +319,17 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
++#if defined(__OpenBSD__) || defined(__FreeBSD__)
++#include <sys/endian.h>
++#ifdef _BYTE_ORDER
++#define __BYTE_ORDER _BYTE_ORDER
++#endif
++#ifdef _LITTLE_ENDIAN
++#define __LITTLE_ENDIAN _LITTLE_ENDIAN
++#endif
++#else
+ #include <endian.h>
++#endif
+
+ #include <openssl/des.h>
+ #include <openssl/rand.h>
Added: head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,15 @@
+--- usr/lib/pkcs11/tpm_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/tpm_stdll/Makefile.am
+@@ -71,10 +71,10 @@ install-data-hook:
+ cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ ln -sf libpkcs11_tpm.so PKCS11_TPM.so
+ $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+ $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+ $(MKDIR_P) $(DESTDIR)$(lockdir)/tpm
+- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm
++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/tpm
+ $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm
+
+ uninstall-hook:
Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am Wed May 18 17:22:59 2016 (r415459)
@@ -1,5 +1,5 @@
---- usr/sbin/pkcsconf/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/sbin/pkcsconf/Makefile.am 2010-10-20 00:46:34.600985372 +0900
+--- usr/sbin/pkcsconf/Makefile.am.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsconf/Makefile.am
@@ -1,6 +1,6 @@
sbin_PROGRAMS=pkcsconf
@@ -7,4 +7,4 @@
+pkcsconf_LDFLAGS = -lpthread
# Not all versions of automake observe sbinname_CFLAGS
- pkcsconf_CFLAGS = -DSPINXPL -D_THREAD_SAFE -DDEBUG -DDEV -DAPI
+ pkcsconf_CFLAGS = -D_THREAD_SAFE -DDEBUG -DDEV -DAPI
Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,11 +1,11 @@
---- usr/sbin/pkcsconf/pkcsconf.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/sbin/pkcsconf/pkcsconf.c 2010-10-20 00:47:46.462984231 +0900
-@@ -654,6 +654,8 @@
- free (newpin2);
- }
+--- usr/sbin/pkcsconf/pkcsconf.c.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsconf/pkcsconf.c
+@@ -777,6 +777,8 @@ display_pkcs11_info(void){
+ printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major,
+ CryptokiInfo.libraryVersion.minor);
+ cleanup();
+
return rc;
-
}
+
Added: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,14 @@
+--- usr/sbin/pkcsslotd/log.h.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsslotd/log.h
+@@ -297,9 +297,8 @@
+ #ifndef _LOG_H
+ #define _LOG_H 1
+
+-
+-
+-
++#include <sys/types.h>
++#include <unistd.h>
+
+ #ifndef FALSE
+ #define FALSE 0
Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,17 +1,20 @@
---- usr/sbin/pkcsslotd/mutex.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/sbin/pkcsslotd/mutex.c 2010-12-19 12:13:34.837579374 +0900
-@@ -293,6 +293,26 @@
-
- #include "pkcsslotd.h"
+--- usr/sbin/pkcsslotd/mutex.c.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsslotd/mutex.c
+@@ -281,10 +281,28 @@
+ legal action under this Agreement more than one year after
+ the cause of action arose. Each party waives its rights to
+ a jury trial in any resulting litigation.
++*/
+#include <fcntl.h>
-+
+
+#ifdef __sun
+#define LOCK_EX F_LOCK
+#define LOCK_UN F_ULOCK
+#define flock(fd, func) lockf(fd, func, 0)
+#endif
-+
+
+-*/
+#ifndef LOCK_SH
+#define LOCK_SH 1 /* shared lock */
+#endif
@@ -25,28 +28,14 @@
+#define LOCK_UN 8 /* unlock */
+#endif
- #if SYSVSEM
- #error "Caveat Emptor... this does not work"
-@@ -315,7 +335,7 @@
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <fcntl.h>
--#include <sys/file.h>
-+#include <grp.h>
- static int xplfd=-1;
- #endif
-
-@@ -349,6 +369,13 @@
- #elif (SPINXPL)
-
- xplfd = open (XPL_FILE,O_CREAT|O_RDWR,S_IRWXU|S_IRWXG|S_IRWXO);
-+ {
-+ struct group *grp;
-+ fchmod(xplfd,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH);
-+ grp = getgrnam(PKCS11GROUP);
-+ if (grp)
-+ fchown(xplfd,getuid(),grp->gr_gid);
-+ }
+ /* (C) COPYRIGHT International Business Machines Corp. 2001 */
+
+@@ -323,7 +341,7 @@ CreateXProcLock(void)
+ goto error;
+ }
- #elif (SYSVSEM)
- #error "Caveat Emptor... this does not work"
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (grp != NULL) {
+ if (fchown(xplfd,-1,grp->gr_gid) == -1) {
+ DbgLog(DL0,"%s:fchown(%s):%s\n",
Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h Wed May 18 17:22:59 2016 (r415459)
@@ -1,11 +1,12 @@
---- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/sbin/pkcsslotd/pkcsslotd.h 2010-10-20 01:20:18.253984238 +0900
-@@ -353,7 +353,7 @@
- #include <nl_types.h>
+--- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsslotd/pkcsslotd.h
+@@ -305,6 +305,9 @@
+ #ifndef _PKCSSLOTMGR_H
+ #define _PKCSSLOTMGR_H 1
- #include <sys/ipc.h>
--#include <linux/limits.h>
-+#include <limits.h>
- #include <sys/shm.h>
- #include <sys/stat.h>
- #include <sys/types.h>
++#include <sys/types.h>
++#include <sys/ipc.h>
++
+ /***********
+ * Defines *
+ ***********/
Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c Wed May 18 17:22:59 2016 (r415459)
@@ -1,6 +1,6 @@
---- usr/sbin/pkcsslotd/shmem.c.orig 2010-07-29 21:28:41.000000000 +0900
-+++ usr/sbin/pkcsslotd/shmem.c 2010-10-20 01:23:03.203984101 +0900
-@@ -338,9 +338,9 @@
+--- usr/sbin/pkcsslotd/shmem.c.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsslotd/shmem.c
+@@ -336,9 +336,9 @@ int CreateSharedMemory ( void ) {
}
// SAB Get the group information for the PKCS#11 group... fail if
// it does not exist
@@ -12,7 +12,7 @@
return FALSE; // Group does not exist... setup is wrong..
}
-@@ -409,9 +409,9 @@
+@@ -415,9 +415,9 @@ int CreateSharedMemory ( void ) {
int i;
char *buffer;
@@ -24,7 +24,7 @@
SBIN_PATH);
return FALSE; // Group does not exist... setup is wrong..
}
-@@ -431,7 +431,7 @@
+@@ -437,7 +437,7 @@ int CreateSharedMemory ( void ) {
return FALSE;
}
if (fchown(fd, 0, grp->gr_gid) == -1) {
Added: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c Wed May 18 17:22:59 2016 (r415459)
@@ -0,0 +1,11 @@
+--- usr/sbin/pkcsslotd/socket_server.c.orig 2016-04-29 17:26:46 UTC
++++ usr/sbin/pkcsslotd/socket_server.c
+@@ -337,7 +337,7 @@ int CreateListenerSocket (void) {
+
+ // make socket file part of the pkcs11 group, and write accessable
+ // for that group
+- grp = getgrnam("pkcs11");
++ grp = getgrnam(PKCS11GROUP);
+ if (!grp) {
+ ErrLog("Group PKCS#11 does not exist");
+ DetachSocketListener(socketfd);
Modified: head/security/opencryptoki/files/pkcsslotd.in
==============================================================================
--- head/security/opencryptoki/files/pkcsslotd.in Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/files/pkcsslotd.in Wed May 18 17:22:59 2016 (r415459)
@@ -16,18 +16,19 @@
. /etc/rc.subr
name=pkcsslotd
-rcvar=pkcsslotd_enable
-command=%%PREFIX%%/sbin/${name}
+rcvar=${name}_enable
+command="%%PREFIX%%/sbin/$name"
start_precmd=${name}_prestart
pkcsslotd_prestart () {
- [ -f /var/lib/opencryptoki/pk_config_data ] || \
- %%PREFIX%%/sbin/pkcs11_startup
+ install -d -o %%USERS%% -g %%GROUPS%% -m 0755 \
+ /var/run/opencryptoki/swtok \
+ /var/run/opencryptoki/tpm
}
-load_rc_config ${name}
+load_rc_config $name
-: pkcsslotd_enable=${pkcsslotd_enable-"NO"}
+: ${pkcsslotd_enable="NO"}
run_rc_command "$1"
Modified: head/security/opencryptoki/pkg-plist
==============================================================================
--- head/security/opencryptoki/pkg-plist Wed May 18 17:19:40 2016 (r415458)
+++ head/security/opencryptoki/pkg-plist Wed May 18 17:22:59 2016 (r415459)
@@ -1,3 +1,4 @@
+ at sample etc/opencryptoki/opencryptoki.conf.sample
include/opencryptoki/apiclient.h
include/opencryptoki/pkcs11.h
include/opencryptoki/pkcs11types.h
@@ -7,10 +8,10 @@ lib/opencryptoki/libopencryptoki.so.0
lib/opencryptoki/libopencryptoki.so.0.0.0
lib/opencryptoki/methods
lib/opencryptoki/stdll/PKCS11_SW.so
+lib/opencryptoki/stdll/PKCS11_TPM.so
lib/opencryptoki/stdll/libpkcs11_sw.so
lib/opencryptoki/stdll/libpkcs11_sw.so.0
lib/opencryptoki/stdll/libpkcs11_sw.so.0.0.0
-lib/opencryptoki/stdll/PKCS11_TPM.so
lib/opencryptoki/stdll/libpkcs11_tpm.so
lib/opencryptoki/stdll/libpkcs11_tpm.so.0
lib/opencryptoki/stdll/libpkcs11_tpm.so.0.0.0
@@ -18,16 +19,18 @@ lib/pkcs11/PKCS11_API.so
lib/pkcs11/libopencryptoki.so
lib/pkcs11/methods
lib/pkcs11/stdll
-sbin/pkcs11_startup
-sbin/pkcs_slot
-sbin/pkcsconf
-sbin/pkcsslotd
-man/man1/pkcs11_startup.1.gz
+man/man1/pkcscca.1.gz
man/man1/pkcsconf.1.gz
-man/man5/pk_config_data.5.gz
+man/man1/pkcsep11_migrate.1.gz
+man/man1/pkcsicsf.1.gz
+man/man5/opencryptoki.conf.5.gz
man/man7/opencryptoki.7.gz
man/man8/pkcsslotd.8.gz
- at dir(_pkcs11,_pkcs11,700) /var/lib/opencryptoki/swtok
- at dir(_pkcs11,_pkcs11,700) /var/lib/opencryptoki/tpm
- at dir(_pkcs11,_pkcs11,700) /var/lib/opencryptoki
+sbin/pkcsconf
+sbin/pkcsslotd
+ at dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/swtok/TOK_OBJ
+ at dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/swtok
+ at dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/tpm
+ at dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki
@dir /var/lib
+ at dir /var/log/opencryptoki
More information about the svn-ports-all
mailing list