Index: head/emulators/tpm-emulator/Makefile =================================================================== --- head/emulators/tpm-emulator/Makefile (revision 415448) +++ head/emulators/tpm-emulator/Makefile (revision 415449) @@ -1,34 +1,34 @@ # Created by: Sebastian Schuetz # $FreeBSD$ PORTNAME= tpm-emulator PORTVERSION= 0.7.4 +PORTREVISION= 1 CATEGORIES= emulators security MASTER_SITES= SF/${PORTNAME}.berlios DISTNAME= ${PORTNAME:S,-,_,}-${PORTVERSION} -MAINTAINER= ports@FreeBSD.org +MAINTAINER= hrs@FreeBSD.org COMMENT= Trusted Platform Module (TPM) emulator LICENSE= GPLv2 LIB_DEPENDS= libgmp.so:math/gmp -CONFLICTS= trousers-tddl-[0-9]* - USES= cmake:outsource USE_RC_SUBR= tpmd CONFIGURE_ENV= PREFIX="${PREFIX}" CMAKE_ARGS= -DTPM_INCLUDE_DIRS:STRING="${LOCALBASE}/include" \ + -DTDDL_LIBRARY_DIRS:STRING="${LOCALBASE}/lib/tddl_emu" \ -DTPM_LIBRARY_DIRS:STRING="${LOCALBASE}/lib" USE_LDCONFIG= yes USERS= _tss GROUPS= _tss SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}" PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}" post-install: @${MKDIR} ${STAGEDIR}/var/run/tpm @${MKDIR} ${STAGEDIR}${PREFIX}/var/db/tpm .include Index: head/emulators/tpm-emulator/files/patch-CMakeLists.txt =================================================================== --- head/emulators/tpm-emulator/files/patch-CMakeLists.txt (revision 415448) +++ head/emulators/tpm-emulator/files/patch-CMakeLists.txt (revision 415449) @@ -1,26 +1,27 @@ ---- CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 -+++ CMakeLists.txt 2010-12-15 07:33:54.234887143 +0900 -@@ -36,19 +36,19 @@ +--- CMakeLists.txt.orig 2011-12-20 18:30:06 UTC ++++ CMakeLists.txt +@@ -36,19 +36,20 @@ set(TPM_DEVICE_NAME "/dev/tpm") else() set(TPM_LOG_FILE "/var/log/tpmd.log") set(TPM_SOCKET_NAME "/var/run/tpm/tpmd_socket:0") -set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}") +set(TPM_STORAGE_NAME "$ENV{PREFIX}/var/db/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}") set(TPM_DEVICE_NAME "/dev/tpm") endif() configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) -add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) +add_definitions(-Wall -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) if("${CMAKE_SYSTEM}" MATCHES "Linux") add_definitions(-Wextra) endif() if(USE_OPENSSL) add_definitions(-DUSE_OPENSSL) endif() -include_directories("/opt/local/include") -link_directories("/opt/local/lib") +include_directories(${TPM_INCLUDE_DIRS}) ++link_directories(${TDDL_LIBRARY_DIRS}) +link_directories(${TPM_LIBRARY_DIRS}) # configure CPack set(CPACK_PACKAGE_VERSION_MAJOR ${${PROJECT_NAME}_VERSION_MAJOR}) Index: head/emulators/tpm-emulator/files/patch-tddl-CMakeLists.txt =================================================================== --- head/emulators/tpm-emulator/files/patch-tddl-CMakeLists.txt (revision 415448) +++ head/emulators/tpm-emulator/files/patch-tddl-CMakeLists.txt (revision 415449) @@ -1,18 +1,23 @@ ---- tddl/CMakeLists.txt.orig 2011-12-21 03:30:06.000000000 +0900 -+++ tddl/CMakeLists.txt 2012-10-10 01:01:00.000000000 +0900 -@@ -7,13 +7,13 @@ +--- tddl/CMakeLists.txt.orig 2011-12-20 18:30:06 UTC ++++ tddl/CMakeLists.txt +@@ -7,16 +7,16 @@ set(tddl_SRCS "tddl.c" "tddl.h") add_library(tddl SHARED ${tddl_SRCS}) add_library(tddl_static STATIC ${tddl_SRCS}) if(UNIX) - set_target_properties(tddl PROPERTIES SOVERSION "1.2" + set_target_properties(tddl PROPERTIES SOVERSION "1" VERSION "1.2.${${PROJECT_NAME}_VERSION_MAJOR}.${${PROJECT_NAME}_VERSION_MINOR}") set_target_properties(tddl_static PROPERTIES OUTPUT_NAME tddl) elseif(WIN32) set_target_properties(tddl PROPERTIES OUTPUT_NAME ifxtpm) set_target_properties(tddl PROPERTIES PREFIX "") -endif() +endif(UNIX) - install(TARGETS tddl DESTINATION lib) - install(TARGETS tddl_static DESTINATION lib) +-install(TARGETS tddl DESTINATION lib) +-install(TARGETS tddl_static DESTINATION lib) ++install(TARGETS tddl DESTINATION lib/tddl_emu) ++install(TARGETS tddl_static DESTINATION lib/tddl_emu) + install(FILES "tddl.h" DESTINATION include) + + include_directories(${CMAKE_CURRENT_SOURCE_DIR}) Index: head/emulators/tpm-emulator/files/patch-tpmd-CMakeLists.txt =================================================================== --- head/emulators/tpm-emulator/files/patch-tpmd-CMakeLists.txt (revision 415448) +++ head/emulators/tpm-emulator/files/patch-tpmd-CMakeLists.txt (revision 415449) @@ -1,9 +1,9 @@ ---- tpmd/CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 -+++ tpmd/CMakeLists.txt 2010-10-25 02:56:43.624559116 +0900 -@@ -11,5 +11,5 @@ +--- tpmd/CMakeLists.txt.orig 2011-12-20 18:30:06 UTC ++++ tpmd/CMakeLists.txt +@@ -11,5 +11,5 @@ elseif(WIN32) add_subdirectory(windows) -endif() +endif(UNIX) Index: head/emulators/tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt =================================================================== --- head/emulators/tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt (revision 415448) +++ head/emulators/tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt (revision 415449) @@ -1,13 +1,13 @@ ---- tpmd/unix/CMakeLists.txt.orig 2011-12-21 03:30:06.000000000 +0900 -+++ tpmd/unix/CMakeLists.txt 2012-10-10 01:03:34.000000000 +0900 -@@ -10,8 +10,8 @@ +--- tpmd/unix/CMakeLists.txt.orig 2011-12-20 18:30:06 UTC ++++ tpmd/unix/CMakeLists.txt +@@ -10,8 +10,8 @@ add_executable(tpmd ${tpmd_SRCS}) if(MTM_EMULATOR) add_definitions(-DMTM_EMULATOR) target_link_libraries(tpmd mtm tpm tpm_crypto) -else() +else(MTM_EMULATOR) target_link_libraries(tpmd tpm tpm_crypto) -endif() +endif(MTM_EMULATOR) install(TARGETS tpmd RUNTIME DESTINATION bin) Index: head/emulators/tpm-emulator/files/tpmd.in =================================================================== --- head/emulators/tpm-emulator/files/tpmd.in (revision 415448) +++ head/emulators/tpm-emulator/files/tpmd.in (revision 415449) @@ -1,31 +1,31 @@ #!/bin/sh # $FreeBSD$ # # PROVIDE: tpmd # REQUIRE: SERVERS # BEFORE: tcsd # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf.local or /etc/rc.conf # to enable this service: # # tpmd_enable (bool): Set to NO by default. # Set it to YES to enable tpmd. . /etc/rc.subr name=tpmd -rcvar=tpmd_enable +rcvar="${name}_enable" command="%%PREFIX%%/bin/${name}" load_rc_config $name -tpmd_enable=${tpmd_enable-"NO"} -tpmd_user=${tpmd_user-"%%USERS%%"} -tpmd_group=${tpmd_group-"%%GROUPS%%"} +: ${tpmd_enable:="NO"} +: ${tpmd_user:="%%USERS%%"} +: ${tpmd_group:="%%GROUPS%%"} command_args="-o ${tpmd_user} -g ${tpmd_group}" unset tpmd_user tpmd_group run_rc_command "$1" Index: head/emulators/tpm-emulator/pkg-plist =================================================================== --- head/emulators/tpm-emulator/pkg-plist (revision 415448) +++ head/emulators/tpm-emulator/pkg-plist (revision 415449) @@ -1,8 +1,8 @@ bin/tpmd include/tddl.h -lib/libtddl.a -lib/libtddl.so -lib/libtddl.so.1 -lib/libtddl.so.1.2.0.7 +lib/tddl_emu/libtddl.a +lib/tddl_emu/libtddl.so +lib/tddl_emu/libtddl.so.1 +lib/tddl_emu/libtddl.so.1.2.0.7 @dir(%%USERS%%,%%GROUPS%%,0700) var/db/tpm @dir(%%USERS%%,%%GROUPS%%,0700) /var/run/tpm Index: head/security/trousers/Makefile =================================================================== --- head/security/trousers/Makefile (revision 415448) +++ head/security/trousers/Makefile (revision 415449) @@ -1,63 +1,50 @@ # Created by: Sebastian Schuetz # $FreeBSD$ PORTNAME= trousers -PORTVERSION= 0.3.10 -PORTREVISION= 7 +PORTVERSION= 0.3.13 CATEGORIES= security MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/${PORTVERSION} MAINTAINER= hrs@FreeBSD.org -COMMENT= The open-source TCG Software Stack +COMMENT= Open-source TCG Software Stack LICENSE= CPL LICENSE_NAME= Common Public License LICENSE_FILE= ${WRKSRC}/LICENSE LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept +BUILD_DEPENDS= tpm-emulator>=0.7.4_1:emulators/tpm-emulator +RUN_DEPENDS:= ${BUILD_DEPENDS} + USES= alias autoreconf gmake iconv libtool pkgconfig USE_OPENSSL= YES USE_LDCONFIG= YES USE_RC_SUBR= tcsd INSTALL_TARGET= install-strip GNU_CONFIGURE= YES CONFIGURE_ARGS= --with-gui=none --enable-static \ --localstatedir=${PREFIX}/var \ --with-tssuser=${USERS} \ --with-tssgroup=${GROUPS} \ --with-openssl=${OPENSSLBASE} \ RANLIB=: MAKE_ENV= ICONV_LIB=${ICONV_LIB} \ ICONV_PREFIX=${ICONV_PREFIX} SUB_FILES= pkg-message -SUB_LIST= USERS=${USERS} GROUPS=${GROUPS} +SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}" +PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}" USERS= _tss GROUPS= _tss -OPTIONS_DEFINE= EMULATOR DEBUG -EMULATOR_DESC= Build for use with the tpm-emulator +OPTIONS_DEFINE= DEBUG DEBUG_CONFIGURE_ENABLE= debug .include -.if ${PORT_OPTIONS:MEMULATOR} -PKGNAMESUFFIX+= -no_tddl -LIB_DEPENDS+= libtddl.so:emulators/tpm-emulator - -EXTRA_PATCHES= ${FILESDIR}/extra-patch-src-tcs-Makefile.am \ - ${FILESDIR}/extra-patch-src-tcsd-Makefile.am \ - ${FILESDIR}/extra-patch-src-tddl-Makefile.am -# The emulator has already a libttddl.so, so comment out trousers' libtddl in the pkg-plist -PLIST_SUB+= TDDL="@comment " -.else -PKGNAMESUFFIX+= -tddl -CONFLICTS+= tpm-emulator-[0-9]* -PLIST_SUB+= TDDL="" -.endif - post-install: ${INSTALL_DATA} \ - ${WRKSRC}/dist/tcsd.conf ${STAGEDIR}${PREFIX}/etc/tcsd.conf.dist + ${WRKSRC}/dist/tcsd.conf ${STAGEDIR}${PREFIX}/etc/tcsd.conf.sample ${MKDIR} ${STAGEDIR}${PREFIX}/var/lib/tpm .include Index: head/security/trousers/distinfo =================================================================== --- head/security/trousers/distinfo (revision 415448) +++ head/security/trousers/distinfo (revision 415449) @@ -1,2 +1,3 @@ -SHA256 (trousers-0.3.10.tar.gz) = eb9569de5c66d9698f6c3303de03777b95ec72827f68b7744454bfa9227bc530 -SIZE (trousers-0.3.10.tar.gz) = 1658652 +TIMESTAMP = 1463562404 +SHA256 (trousers-0.3.13.tar.gz) = bb908e4a3c88a17b247a4fc8e0fff3419d8a13170fe7bdfbe0e2c5c082a276d3 +SIZE (trousers-0.3.13.tar.gz) = 1371901 Index: head/security/trousers/files/extra-patch-src-tcs-Makefile.am =================================================================== --- head/security/trousers/files/extra-patch-src-tcs-Makefile.am (revision 415448) +++ head/security/trousers/files/extra-patch-src-tcs-Makefile.am (nonexistent) @@ -1,11 +0,0 @@ ---- src/tcs/Makefile.am.orig 2013-07-27 04:22:06.000000000 +0900 -+++ src/tcs/Makefile.am 2013-07-27 04:22:21.000000000 +0900 -@@ -1,7 +1,7 @@ - noinst_LIBRARIES=libtcs.a - - CFLAGS+=-I${top_srcdir}/src/include --libtcs_a_LIBADD=${top_builddir}/src/tddl/libtddl.a -+libtcs_a_LIBADD=${LOCALBASE}/lib/libtddl.a - libtcs_a_CFLAGS=-DAPPID=\"TCSD\ TCS\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -fPIE -DPIE - - libtcs_a_SOURCES=log.c \ Property changes on: head/security/trousers/files/extra-patch-src-tcs-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/trousers/files/extra-patch-src-tddl-Makefile.am =================================================================== --- head/security/trousers/files/extra-patch-src-tddl-Makefile.am (revision 415448) +++ head/security/trousers/files/extra-patch-src-tddl-Makefile.am (nonexistent) @@ -1,8 +0,0 @@ ---- src/tddl/Makefile.am.orig 2013-07-27 04:24:29.000000000 +0900 -+++ src/tddl/Makefile.am 2013-07-27 04:24:42.000000000 +0900 -@@ -1,4 +1,4 @@ --lib_LIBRARIES=libtddl.a -+lib_LIBRARIES= - - libtddl_a_SOURCES=tddl.c - libtddl_a_CFLAGS=-DAPPID=\"TCSD\ TDDL\" -I${top_srcdir}/src/include -fPIE -DPIE Property changes on: head/security/trousers/files/extra-patch-src-tddl-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/trousers/files/extra-patch-src-tcsd-Makefile.am =================================================================== --- head/security/trousers/files/extra-patch-src-tcsd-Makefile.am (revision 415448) +++ head/security/trousers/files/extra-patch-src-tcsd-Makefile.am (nonexistent) @@ -1,11 +0,0 @@ ---- src/tcsd/Makefile.am.orig 2013-07-27 04:22:53.000000000 +0900 -+++ src/tcsd/Makefile.am 2013-07-27 04:24:06.000000000 +0900 -@@ -1,7 +1,7 @@ - sbin_PROGRAMS=tcsd - - tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE --tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@ -+tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a -ltddl -L${LOCALBASE}/lib -lpthread @CRYPTOLIB@ - tcsd_LDFLAGS=-pie -Wl,-z,relro -Wl,-z,now - - tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c Property changes on: head/security/trousers/files/extra-patch-src-tcsd-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/trousers/files/patch-configure.in =================================================================== --- head/security/trousers/files/patch-configure.in (revision 415448) +++ head/security/trousers/files/patch-configure.in (revision 415449) @@ -1,41 +1,41 @@ ---- configure.in.orig 2010-07-09 05:35:18.000000000 +0900 -+++ configure.in 2010-10-24 22:31:30.040556068 +0900 -@@ -75,6 +75,21 @@ +--- configure.in.orig 2014-04-24 18:05:43 UTC ++++ configure.in +@@ -72,6 +72,21 @@ AC_ARG_ENABLE(gcov, [CFLAGS="$CFLAGS -ftest-coverage -fprofile-arcs" AC_MSG_RESULT([*** Enabling gcov at user request ***])],) +# Check for tss user +AC_ARG_WITH(tssuser, + [ --with-tssuser[[=USER]] set tss user [[tss]]], + [tss_user=$withval], + [tss_user=tss] +) +# Check for tss group +AC_ARG_WITH(tssgroup, + [ --with-tssgroup[[=GROUP]] set tss group [[tss]]], + [tss_group=$withval], + [tss_group=tss] +) +AC_SUBST(TSS_USER_NAME, $tss_user) +AC_SUBST(TSS_GROUP_NAME, $tss_group) + # profiling support AC_ARG_ENABLE(gprof, [AC_HELP_STRING([--enable-gprof], [enable profiling with gprof [default=off]])], -@@ -352,6 +367,8 @@ +@@ -356,6 +371,8 @@ AC_PROG_LIBTOOL AC_C_BIGENDIAN([AC_DEFINE(_BIG_ENDIAN, 1, [big-endian host])]) AC_CHECK_DECL(htole32, [AC_DEFINE(HTOLE_DEFINED, 1, [htole32 function is available])]) AC_CHECK_HEADER(sys/byteorder.h, [AC_DEFINE(HAVE_BYTEORDER_H, 1, [sys/byteorder.h header])]) +AC_CHECK_HEADER(endian.h, [AC_DEFINE(HAVE_ENDIAN_H, 1, [endian.h header])]) +AC_CHECK_HEADER(sys/endian.h, [AC_DEFINE(HAVE_SYS_ENDIAN_H, 1, [sys/endian.h header])]) AC_CHECK_FUNC(daemon, [ AC_DEFINE(HAVE_DAEMON, 1, [daemon function is available]) ]) if test "x${GCC}" = "xyes"; then -@@ -359,6 +376,7 @@ +@@ -363,6 +380,7 @@ if test "x${GCC}" = "xyes"; then fi CFLAGS="$CFLAGS -I../include \ + -DTSS_USER_NAME=\\\"$tss_user\\\" -DTSS_GROUP_NAME=\\\"$tss_group\\\" \ -DTCSD_DEFAULT_PORT=${TCSD_DEFAULT_PORT} -DTSS_VER_MAJOR=${TSS_VER_MAJOR} \ -DTSS_VER_MINOR=${TSS_VER_MINOR} -DTSS_SPEC_MAJOR=${TSS_SPEC_MAJOR} \ -DTSS_SPEC_MINOR=${TSS_SPEC_MINOR}" Index: head/security/trousers/files/patch-dist-Makefile.am =================================================================== --- head/security/trousers/files/patch-dist-Makefile.am (revision 415448) +++ head/security/trousers/files/patch-dist-Makefile.am (revision 415449) @@ -1,20 +1,19 @@ ---- dist/Makefile.am.orig 2010-03-12 05:41:54.000000000 +0900 -+++ dist/Makefile.am 2010-10-24 21:04:04.818560844 +0900 -@@ -1,17 +1,7 @@ +--- dist/Makefile.am.orig 2014-04-24 18:05:43 UTC ++++ dist/Makefile.am +@@ -1,14 +1,14 @@ EXTRA_DIST = system.data.auth system.data.noauth \ fedora/fedora.initrd.tcsd - install: install-exec-hook -- if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi -- /bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf || true -- /bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf - install-exec-hook: -- /usr/sbin/groupadd tss || true -- /usr/sbin/useradd -r tss -g tss || true -- /bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi' -- /bin/chown tss:tss ${DESTDIR}/@localstatedir@/lib/tpm || true -- /bin/chmod 0700 ${DESTDIR}/@localstatedir@/lib/tpm +-install: install-exec-hook ++Xinstall: install-exec-hook + if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi + if !NOUSERCHECK + /bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf || true + /bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf + endif - uninstall-hook: -- /usr/sbin/userdel tss || true -- /usr/sbin/groupdel tss || true +-install-exec-hook: ++Xinstall-exec-hook: + /bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi' + if !NOUSERCHECK + /usr/sbin/groupadd tss || true Index: head/security/trousers/files/patch-dist-tcsd.conf.in =================================================================== --- head/security/trousers/files/patch-dist-tcsd.conf.in (revision 415448) +++ head/security/trousers/files/patch-dist-tcsd.conf.in (revision 415449) @@ -1,20 +1,20 @@ ---- dist/tcsd.conf.in.orig 2010-01-29 01:27:50.000000000 +0900 -+++ dist/tcsd.conf.in 2010-10-25 00:06:25.565556476 +0900 +--- dist/tcsd.conf.in.orig 2014-04-24 18:05:43 UTC ++++ dist/tcsd.conf.in @@ -35,7 +35,7 @@ # log data. The interface to this log is usually provided by the TPM # device driver. # -# firmware_log_file = /sys/kernel/security/tpm0/binary_bios_measurements +# firmware_log_file = /var/run/tpm/binary_bios_measurements # # Option: kernel_log_file @@ -46,7 +46,7 @@ # http://sf.net/projects/linux-ima for more info on getting IMA. # # -# kernel_log_file = /sys/kernel/security/ima/binary_runtime_measurements +# kernel_log_file = /var/run/ima/binary_runtime_measurements # # Option: firmware_pcrs Index: head/security/trousers/files/patch-src-include-biosem.h =================================================================== --- head/security/trousers/files/patch-src-include-biosem.h (revision 415448) +++ head/security/trousers/files/patch-src-include-biosem.h (revision 415449) @@ -1,11 +1,11 @@ ---- src/include/biosem.h.orig 2010-03-12 05:22:36.000000000 +0900 -+++ src/include/biosem.h 2010-10-24 21:04:04.820558727 +0900 -@@ -26,7 +26,7 @@ +--- src/include/biosem.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/biosem.h +@@ -26,7 +26,7 @@ typedef struct { UINT32 eventType; BYTE digest[20]; UINT32 eventDataSize; - BYTE event[0];/* (eventSize) bytes of event data follows */ + BYTE event[1];/* (eventSize) bytes of event data follows */ } TCG_PCClientPCREventStruc; #define EVLOG_SOURCE_BIOS 1 Index: head/security/trousers/files/patch-src-include-linux-tpm.h =================================================================== --- head/security/trousers/files/patch-src-include-linux-tpm.h (revision 415448) +++ head/security/trousers/files/patch-src-include-linux-tpm.h (revision 415449) @@ -1,11 +1,11 @@ ---- src/include/linux/tpm.h.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/include/linux/tpm.h 2010-10-24 21:04:04.821560671 +0900 +--- src/include/linux/tpm.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/linux/tpm.h @@ -20,6 +20,8 @@ #include #elif (defined (__OpenBSD__) || defined (__FreeBSD__)) #include +#elif (defined (SOLARIS)) +#include #endif /* ioctl commands */ Index: head/security/trousers/files/patch-src-include-tcs_tsp.h =================================================================== --- head/security/trousers/files/patch-src-include-tcs_tsp.h (revision 415448) +++ head/security/trousers/files/patch-src-include-tcs_tsp.h (revision 415449) @@ -1,16 +1,16 @@ ---- src/include/tcs_tsp.h.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/include/tcs_tsp.h 2010-10-24 21:04:04.822560729 +0900 -@@ -79,7 +79,13 @@ +--- src/include/tcs_tsp.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/tcs_tsp.h +@@ -79,7 +79,13 @@ struct key_disk_cache /* XXX Get rid of this, there's no reason to set an arbitrary limit */ #define MAX_KEY_CHILDREN 10 +#ifndef STRUCTURE_PACKING_ATTRIBUTE +#ifdef __GCC #define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed)) +#else +#define STRUCTURE_PACKING_ATTRIBUTE /* */ +#endif +#endif #ifdef TSS_DEBUG #define DBG_ASSERT(x) assert(x) Index: head/security/trousers/files/patch-src-include-tcs_utils.h =================================================================== --- head/security/trousers/files/patch-src-include-tcs_utils.h (revision 415448) +++ head/security/trousers/files/patch-src-include-tcs_utils.h (revision 415449) @@ -1,23 +1,23 @@ ---- src/include/tcs_utils.h.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/include/tcs_utils.h 2010-10-24 21:04:04.824555399 +0900 +--- src/include/tcs_utils.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/tcs_utils.h @@ -18,6 +18,20 @@ #include "tcs_tsp.h" #include "trousers_types.h" + + +/* + * XXX malloc wrapper + * + * Linux: malloc(0) => '\0' + * *BSD: malloc(0) => invalid to dereference + * + * => so wrap malloc(0) => calloc(1, 16) to create + * a 16Byte array containing '\0' + * + */ +#define malloc(x) ((x) == 0 ? calloc(1, 16) : calloc(1, (x))) + struct key_mem_cache { TCPA_KEY_HANDLE tpm_handle; Index: head/security/trousers/files/patch-src-include-tcsd.h =================================================================== --- head/security/trousers/files/patch-src-include-tcsd.h (revision 415448) +++ head/security/trousers/files/patch-src-include-tcsd.h (revision 415449) @@ -1,29 +1,29 @@ ---- src/include/tcsd.h.orig 2010-05-03 11:54:15.000000000 +0900 -+++ src/include/tcsd.h 2010-10-24 22:28:52.708555289 +0900 -@@ -50,14 +50,22 @@ +--- src/include/tcsd.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/tcsd.h +@@ -53,14 +53,22 @@ struct tcsd_config + #define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf" + extern char *tcsd_config_file; - #define TCSD_CONFIG_FILE ETC_PREFIX "/tcsd.conf" - +#ifndef TSS_USER_NAME #define TSS_USER_NAME "tss" +#endif +#ifndef TSS_GROUP_NAME #define TSS_GROUP_NAME "tss" +#endif + +#ifndef TPM_PREFIX +#define TPM_PREFIX "/lib/tpm" +#endif #define TCSD_DEFAULT_MAX_THREADS 10 -#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data" -#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm" -#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements" -#define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements" +#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX TPM_PREFIX "/system.data" +#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX TPM_PREFIX +#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/var/run/tpm/binary_bios_measurements" +#define TCSD_DEFAULT_KERNEL_LOG_FILE "/var/run/ima/binary_runtime_measurements" #define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000 #define TCSD_DEFAULT_KERNEL_PCRS 0x00000000 - + #define TCSD_DEFAULT_DISABLE_IPV4 0 Index: head/security/trousers/files/patch-src-include-tcsd_ops.h =================================================================== --- head/security/trousers/files/patch-src-include-tcsd_ops.h (revision 415448) +++ head/security/trousers/files/patch-src-include-tcsd_ops.h (revision 415449) @@ -1,11 +1,11 @@ ---- src/include/tcsd_ops.h.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/include/tcsd_ops.h 2010-10-24 21:04:04.827558718 +0900 +--- src/include/tcsd_ops.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/tcsd_ops.h @@ -123,7 +123,7 @@ struct tcsd_op { char *name; - int op[]; + int op[20]; }; struct tcsd_op tcsd_op_seal = {"seal", {TCSD_OP_SEAL}}; Index: head/security/trousers/files/patch-src-include-threads.h =================================================================== --- head/security/trousers/files/patch-src-include-threads.h (revision 415448) +++ head/security/trousers/files/patch-src-include-threads.h (revision 415449) @@ -1,11 +1,11 @@ ---- src/include/threads.h.orig 2010-05-03 11:54:15.000000000 +0900 -+++ src/include/threads.h 2010-10-24 21:04:04.828558009 +0900 +--- src/include/threads.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/threads.h @@ -31,7 +31,7 @@ #define COND_SIGNAL(c) pthread_cond_signal(c) /* thread abstractions */ -#define THREAD_ID ((THREAD_TYPE)pthread_self()) +#define THREAD_ID (long int)((THREAD_TYPE)pthread_self()) #define THREAD_TYPE pthread_t #define THREAD_JOIN pthread_join #define THREAD_DETACH pthread_detach Index: head/security/trousers/files/patch-src-include-trousers_types.h =================================================================== --- head/security/trousers/files/patch-src-include-trousers_types.h (revision 415448) +++ head/security/trousers/files/patch-src-include-trousers_types.h (revision 415449) @@ -1,42 +1,42 @@ ---- src/include/trousers_types.h.orig 2010-05-20 02:45:55.000000000 +0900 -+++ src/include/trousers_types.h 2010-10-24 21:04:04.829561420 +0900 +--- src/include/trousers_types.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/trousers_types.h @@ -11,6 +11,14 @@ #ifndef _TROUSERS_TYPES_H_ #define _TROUSERS_TYPES_H_ +#ifndef STRUCTURE_PACKING_ATTRIBUTE +#ifdef __GCC +#define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed)) +#else +#define STRUCTURE_PACKING_ATTRIBUTE /* */ +#endif +#endif + #define TCPA_NONCE_SIZE sizeof(TCPA_NONCE) #define TCPA_DIGEST_SIZE sizeof(TCPA_DIGEST) #define TCPA_ENCAUTH_SIZE sizeof(TCPA_ENCAUTH) -@@ -100,7 +108,7 @@ +@@ -100,7 +108,7 @@ typedef struct tdTSS_KEY11_HDR { typedef struct tdTSS_KEY12_HDR { TPM_STRUCTURE_TAG tag; UINT16 fill; -} __attribute__((packed)) TSS_KEY12_HDR; +} STRUCTURE_PACKING_ATTRIBUTE TSS_KEY12_HDR; typedef struct tdTSS_KEY { union { -@@ -118,11 +126,10 @@ +@@ -118,11 +126,10 @@ typedef struct tdTSS_KEY { BYTE *encData; } TSS_KEY; -#if (defined (__linux) || defined (linux) || defined (SOLARIS) || defined (__GLIBC__)) -#define BSD_CONST -#elif (defined (__OpenBSD__) || defined (__FreeBSD__)) +#if defined (__FreeBSD__) #define BSD_CONST const -#endif - +#else +#define BSD_CONST /* */ +#endif #endif Index: head/security/trousers/files/patch-src-include-tss-platform.h =================================================================== --- head/security/trousers/files/patch-src-include-tss-platform.h (revision 415448) +++ head/security/trousers/files/patch-src-include-tss-platform.h (revision 415449) @@ -1,11 +1,11 @@ ---- src/include/tss/platform.h.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/include/tss/platform.h 2010-10-24 21:04:04.830556101 +0900 -@@ -15,7 +15,7 @@ +--- src/include/tss/platform.h.orig 2014-04-24 18:05:44 UTC ++++ src/include/tss/platform.h +@@ -15,7 +15,7 @@ There are platform dependent and general #if !defined(WIN32) #include typedef uint8_t BYTE; - typedef int8_t TSS_BOOL; + typedef uint8_t TSS_BOOL; typedef uint16_t UINT16; typedef uint32_t UINT32; typedef uint64_t UINT64; Index: head/security/trousers/files/patch-src-tcs-Makefile.am =================================================================== --- head/security/trousers/files/patch-src-tcs-Makefile.am (nonexistent) +++ head/security/trousers/files/patch-src-tcs-Makefile.am (revision 415449) @@ -0,0 +1,152 @@ +--- src/tcs/Makefile.am.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/Makefile.am +@@ -1,4 +1,4 @@ +-noinst_LIBRARIES=libtcs.a ++noinst_LIBRARIES=libtcs.a libtcs_emu.a + + CFLAGS+=-I${top_srcdir}/src/include + libtcs_a_LIBADD=${top_builddir}/src/tddl/libtddl.a +@@ -140,3 +140,143 @@ if TSS_BUILD_CMK + libtcs_a_SOURCES+=tcsi_cmk.c rpc/@RPC@/rpc_cmk.c + libtcs_a_CFLAGS+=-DTSS_BUILD_CMK + endif ++ ++libtcs_emu_a_LIBADD=${LOCALBASE}/lib/tddl_emu/libtddl.a ++libtcs_emu_a_CFLAGS=-DAPPID=\"TCSD\ TCS\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -fPIE -DPIE ++ ++libtcs_emu_a_SOURCES=log.c \ ++ tcs_caps.c \ ++ tcs_req_mgr.c \ ++ tcs_context.c \ ++ tcsi_context.c \ ++ tcs_utils.c \ ++ rpc/@RPC@/rpc.c rpc/@RPC@/rpc_context.c \ ++ tcsi_caps_tpm.c rpc/@RPC@/rpc_caps_tpm.c \ ++ tcs_auth_mgr.c tcsi_auth.c rpc/@RPC@/rpc_auth.c \ ++ tcs_pbg.c ++ ++if TSS_BUILD_TRANSPORT ++libtcs_emu_a_SOURCES+=tcsi_transport.c rpc/@RPC@/rpc_transport.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_TRANSPORT ++endif ++if TSS_BUILD_TICK ++libtcs_emu_a_SOURCES+=tcsi_tick.c rpc/@RPC@/rpc_tick.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_TICK ++endif ++if TSS_BUILD_COUNTER ++libtcs_emu_a_SOURCES+=tcsi_counter.c tcs_counter.c rpc/@RPC@/rpc_counter.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_COUNTER ++endif ++if TSS_BUILD_RANDOM ++libtcs_emu_a_SOURCES+=tcsi_random.c rpc/@RPC@/rpc_random.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_RANDOM ++endif ++if TSS_BUILD_CAPS ++libtcs_emu_a_SOURCES+=tcsi_caps.c rpc/@RPC@/rpc_caps.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_CAPS ++endif ++if TSS_BUILD_DIR ++libtcs_emu_a_SOURCES+=tcsi_dir.c rpc/@RPC@/rpc_dir.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_DIR ++endif ++if TSS_BUILD_PCR_EVENTS ++libtcs_emu_a_SOURCES+=tcsi_evlog.c tcs_evlog_biosem.c tcs_evlog_imaem.c tcs_evlog.c \ ++ rpc/@RPC@/rpc_evlog.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_PCR_EVENTS ++endif ++if TSS_BUILD_SIGN ++libtcs_emu_a_SOURCES+=tcsi_sign.c rpc/@RPC@/rpc_sign.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_SIGN ++endif ++if TSS_BUILD_QUOTE ++libtcs_emu_a_SOURCES+=tcsi_quote.c tcs_quote.c rpc/@RPC@/rpc_quote.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_QUOTE ++endif ++if TSS_BUILD_SEAL ++libtcs_emu_a_SOURCES+=tcsi_seal.c tcs_seal.c rpc/@RPC@/rpc_seal.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_SEAL ++endif ++if TSS_BUILD_CHANGEAUTH ++libtcs_emu_a_SOURCES+=tcsi_changeauth.c rpc/@RPC@/rpc_changeauth.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_CHANGEAUTH ++endif ++if TSS_BUILD_BIND ++libtcs_emu_a_SOURCES+=tcsi_bind.c rpc/@RPC@/rpc_bind.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_BIND ++endif ++if TSS_BUILD_OWN ++libtcs_emu_a_SOURCES+=tcsi_own.c rpc/@RPC@/rpc_own.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_OWN ++endif ++if TSS_BUILD_PS ++libtcs_emu_a_SOURCES+=ps/ps_utils.c ps/tcsps.c tcsi_ps.c tcs_ps.c tcs_key_ps.c rpc/@RPC@/rpc_ps.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_PS ++endif ++if TSS_BUILD_ADMIN ++libtcs_emu_a_SOURCES+=tcsi_admin.c rpc/@RPC@/rpc_admin.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_ADMIN ++endif ++if TSS_BUILD_AIK ++libtcs_emu_a_SOURCES+=tcsi_aik.c tcs_aik.c rpc/@RPC@/rpc_aik.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_AIK ++endif ++if TSS_BUILD_EK ++libtcs_emu_a_SOURCES+=tcsi_ek.c rpc/@RPC@/rpc_ek.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_EK ++endif ++if TSS_BUILD_CERTIFY ++libtcs_emu_a_SOURCES+=tcsi_certify.c rpc/@RPC@/rpc_certify.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_CERTIFY ++endif ++if TSS_BUILD_KEY ++libtcs_emu_a_SOURCES+=tcsi_key.c tcs_key.c tcs_key_mem_cache.c tcs_context_key.c rpc/@RPC@/rpc_key.c \ ++ crypto/@CRYPTO_PACKAGE@/crypto.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_KEY ++endif ++if TSS_BUILD_MAINT ++libtcs_emu_a_SOURCES+=tcsi_maint.c rpc/@RPC@/rpc_maint.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_MAINT ++endif ++if TSS_BUILD_MIGRATION ++libtcs_emu_a_SOURCES+=tcsi_migration.c tcs_migration.c rpc/@RPC@/rpc_migration.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_MIGRATION ++endif ++if TSS_BUILD_PCR_EXTEND ++libtcs_emu_a_SOURCES+=tcsi_pcr.c rpc/@RPC@/rpc_pcr_extend.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_PCR_EXTEND ++endif ++if TSS_BUILD_SELFTEST ++libtcs_emu_a_SOURCES+=tcsi_selftest.c rpc/@RPC@/rpc_selftest.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_SELFTEST ++endif ++if TSS_BUILD_DAA ++libtcs_emu_a_SOURCES+=tcsi_daa.c rpc/@RPC@/rpc_daa.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_DAA ++endif ++if TSS_BUILD_NV ++libtcs_emu_a_SOURCES+=tcsi_nv.c rpc/@RPC@/rpc_nv.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_NV ++endif ++if TSS_BUILD_AUDIT ++libtcs_emu_a_SOURCES+=tcsi_audit.c rpc/@RPC@/rpc_audit.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_AUDIT ++endif ++if TSS_BUILD_SEALX ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_SEALX ++endif ++if TSS_BUILD_TSS12 ++libtcs_emu_a_SOURCES+=tcsi_oper.c rpc/@RPC@/rpc_oper.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_TSS12 ++endif ++if TSS_BUILD_DELEGATION ++libtcs_emu_a_SOURCES+=tcsi_delegate.c rpc/@RPC@/rpc_delegate.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_DELEGATION ++endif ++if TSS_BUILD_QUOTE2 ++libtcs_emu_a_SOURCES+=tcsi_quote2.c tcs_quote2.c rpc/@RPC@/rpc_quote2.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_QUOTE2 ++endif ++if TSS_BUILD_CMK ++libtcs_emu_a_SOURCES+=tcsi_cmk.c rpc/@RPC@/rpc_cmk.c ++libtcs_emu_a_CFLAGS+=-DTSS_BUILD_CMK ++endif Property changes on: head/security/trousers/files/patch-src-tcs-Makefile.am ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/trousers/files/patch-src-tcs-ps-ps_utils.c =================================================================== --- head/security/trousers/files/patch-src-tcs-ps-ps_utils.c (revision 415448) +++ head/security/trousers/files/patch-src-tcs-ps-ps_utils.c (revision 415449) @@ -1,45 +1,45 @@ ---- src/tcs/ps/ps_utils.c.orig 2012-09-20 02:24:48.000000000 +0900 -+++ src/tcs/ps/ps_utils.c 2013-07-31 22:18:59.000000000 +0900 +--- src/tcs/ps/ps_utils.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/ps/ps_utils.c @@ -16,10 +16,18 @@ #if defined(HAVE_BYTEORDER_H) #include #elif defined(HTOLE_DEFINED) +#if defined(HAVE_ENDIAN_H) #include #define LE_16 htole16 #define LE_32 htole32 #define LE_64 htole64 +#endif +#if defined(HAVE_SYS_ENDIAN_H) +#include +#define LE_16 htole16 +#define LE_32 htole32 +#define LE_64 htole64 +#endif #else #define LE_16(x) (x) #define LE_32(x) (x) @@ -42,11 +50,7 @@ struct key_disk_cache *key_disk_cache_head = NULL; -#ifdef SOLARIS TSS_RESULT -#else -inline TSS_RESULT -#endif read_data(int fd, void *data, UINT32 size) { int rc; -@@ -64,11 +68,7 @@ +@@ -64,11 +68,7 @@ read_data(int fd, void *data, UINT32 siz } -#ifdef SOLARIS TSS_RESULT -#else -inline TSS_RESULT -#endif write_data(int fd, void *data, UINT32 size) { int rc; Index: head/security/trousers/files/patch-src-tcs-ps-tcsps.c =================================================================== --- head/security/trousers/files/patch-src-tcs-ps-tcsps.c (revision 415448) +++ head/security/trousers/files/patch-src-tcs-ps-tcsps.c (revision 415449) @@ -1,67 +1,67 @@ ---- src/tcs/ps/tcsps.c.orig 2010-05-02 11:39:11.000000000 +0900 -+++ src/tcs/ps/tcsps.c 2010-10-24 21:04:04.833559489 +0900 +--- src/tcs/ps/tcsps.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/ps/tcsps.c @@ -24,6 +24,11 @@ #define LE_16 htole16 #define LE_32 htole32 #define LE_64 htole64 +#elif defined (HAVE_SYS_ENDIAN_H) +#include +#define LE_16 htole16 +#define LE_32 htole32 +#define LE_64 htole64 #else #define LE_16(x) (x) #define LE_32(x) (x) @@ -33,6 +38,26 @@ #include #include +#ifdef __sun +#define LOCK_EX F_LOCK +#define LOCK_UN F_ULOCK +#define flock(fd, func) lockf(fd, func, 0) +#endif + +#ifndef LOCK_SH +#define LOCK_SH 1 /* shared lock */ +#endif +#ifndef LOCK_EX +#define LOCK_EX 2 /* exclusive lock */ +#endif +#ifndef LOCK_NB +#define LOCK_NB 4 /* don't block when locking */ +#endif +#ifndef LOCK_UN +#define LOCK_UN 8 /* unlock */ +#endif + + #include "trousers/tss.h" #include "trousers_types.h" #include "tcsps.h" @@ -43,6 +68,25 @@ #include "tcsd_wrap.h" #include "tcsd.h" +#ifndef LE_16 +static UINT16 htole16(UINT16 x) +{ + BYTE *b = &x; + return (UINT16) (b[0] + (b[1] << 8)); +} +#define LE_16 htole16 +#endif + +#ifndef LE_32 +static UINT32 htole32(UINT32 x) +{ + BYTE *b = &x; + return (UINT32) (b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24)); +} +#define LE_32 htole32 +#endif + + int system_ps_fd = -1; MUTEX_DECLARE(disk_cache_lock); Index: head/security/trousers/files/patch-src-tcs-rpc-tcstp-rpc.c =================================================================== --- head/security/trousers/files/patch-src-tcs-rpc-tcstp-rpc.c (nonexistent) +++ head/security/trousers/files/patch-src-tcs-rpc-tcstp-rpc.c (revision 415449) @@ -0,0 +1,10 @@ +--- src/tcs/rpc/tcstp/rpc.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/rpc/tcstp/rpc.c +@@ -16,6 +16,7 @@ + #if (defined (__OpenBSD__) || defined (__FreeBSD__)) + #include + #include ++#include + #endif + #include + Property changes on: head/security/trousers/files/patch-src-tcs-rpc-tcstp-rpc.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/trousers/files/patch-src-tcs-tcs_aik.c =================================================================== --- head/security/trousers/files/patch-src-tcs-tcs_aik.c (revision 415448) +++ head/security/trousers/files/patch-src-tcs-tcs_aik.c (revision 415449) @@ -1,11 +1,11 @@ ---- src/tcs/tcs_aik.c.orig 2010-06-10 05:20:44.000000000 +0900 -+++ src/tcs/tcs_aik.c 2010-10-24 21:04:04.834556754 +0900 -@@ -66,7 +66,7 @@ +--- src/tcs/tcs_aik.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/tcs_aik.c +@@ -66,7 +66,7 @@ UnloadBlob_SYMMETRIC_KEY(UINT64 *offset, UnloadBlob_UINT16(offset, &key->size, blob); if (key->size > 0) { - key->data = (BYTE *)malloc(key->size); + key->data = malloc(key->size); if (key->data == NULL) { LogError("malloc of %hu bytes failed.", key->size); key->size = 0; Index: head/security/trousers/files/patch-src-tcs-tcs_auth_mgr.c =================================================================== --- head/security/trousers/files/patch-src-tcs-tcs_auth_mgr.c (revision 415448) +++ head/security/trousers/files/patch-src-tcs-tcs_auth_mgr.c (revision 415449) @@ -1,29 +1,29 @@ ---- src/tcs/tcs_auth_mgr.c.orig 2010-06-10 05:21:32.000000000 +0900 -+++ src/tcs/tcs_auth_mgr.c 2010-10-24 21:04:04.836560084 +0900 -@@ -108,7 +108,7 @@ +--- src/tcs/tcs_auth_mgr.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcs/tcs_auth_mgr.c +@@ -108,7 +108,7 @@ void auth_mgr_swap_in() { if (auth_mgr.overflow[auth_mgr.of_tail] != NULL) { - LogDebug("waking up thread %lddd, auth slot has opened", THREAD_ID); + LogDebug("waking up thread %ld, auth slot has opened", THREAD_ID); /* wake up the next sleeping thread in order and increment tail */ COND_SIGNAL(auth_mgr.overflow[auth_mgr.of_tail]); auth_mgr.overflow[auth_mgr.of_tail] = NULL; -@@ -149,7 +149,7 @@ +@@ -149,7 +149,7 @@ auth_mgr_swap_out(TCS_CONTEXT_HANDLE hCo auth_mgr.overflow[auth_mgr.of_head] = cond; auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size; /* go to sleep */ - LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID); + LogDebug("thread %ld going to sleep until auth slot opens", THREAD_ID); auth_mgr.sleeping_threads++; COND_WAIT(cond, &tcsp_lock); auth_mgr.sleeping_threads--; -@@ -180,7 +180,7 @@ +@@ -180,7 +180,7 @@ auth_mgr_swap_out(TCS_CONTEXT_HANDLE hCo auth_mgr.of_tail = 0; auth_mgr.overflow[auth_mgr.of_head] = cond; auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size; - LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID); + LogDebug("thread %ld going to sleep until auth slot opens", THREAD_ID); auth_mgr.sleeping_threads++; COND_WAIT(cond, &tcsp_lock); auth_mgr.sleeping_threads--; Index: head/security/trousers/files/patch-src-tcsd-Makefile.am =================================================================== --- head/security/trousers/files/patch-src-tcsd-Makefile.am (nonexistent) +++ head/security/trousers/files/patch-src-tcsd-Makefile.am (revision 415449) @@ -0,0 +1,21 @@ +--- src/tcsd/Makefile.am.orig 2014-04-24 18:05:44 UTC ++++ src/tcsd/Makefile.am +@@ -1,4 +1,4 @@ +-sbin_PROGRAMS=tcsd ++sbin_PROGRAMS=tcsd tcsd_emu + + tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE + tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@ +@@ -6,6 +6,12 @@ tcsd_LDFLAGS=-pie -Wl,-z,relro -Wl,-z,no + + tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c + ++tcsd_emu_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE ++tcsd_emu_LDADD=${top_builddir}/src/tcs/libtcs_emu.a -ltddl -L${LOCALBASE}/lib/tddl_emu -lpthread @CRYPTOLIB@ ++tcsd_emu_LDFLAGS=-pie -Wl,-z,relro -Wl,-z,now -Wl,-rpath=${LOCALBASE}/lib/tddl_emu:${LOCALBASE}/lib ++ ++tcsd_emu_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c ++ + if TSS_BUILD_PS + tcsd_CFLAGS+=-DTSS_BUILD_PS + endif Property changes on: head/security/trousers/files/patch-src-tcsd-Makefile.am ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/trousers/files/patch-src-tcsd-svrside.c =================================================================== --- head/security/trousers/files/patch-src-tcsd-svrside.c (revision 415448) +++ head/security/trousers/files/patch-src-tcsd-svrside.c (revision 415449) @@ -1,124 +1,63 @@ ---- src/tcsd/svrside.c.orig 2012-09-25 23:23:01.000000000 +0900 -+++ src/tcsd/svrside.c 2013-07-31 22:12:08.000000000 +0900 -@@ -66,12 +66,19 @@ - close(sd); +--- src/tcsd/svrside.c.orig 2014-04-24 18:05:44 UTC ++++ src/tcsd/svrside.c +@@ -92,12 +92,19 @@ tcsd_signal_term(int signal) + term = 1; } -void +static void tcsd_signal_hup(int signal) { hup = 1; } +static void +tcsd_signal_chld(int signal) +{ + + wait3(NULL, WNOHANG, NULL); +} + static TSS_RESULT signals_init(void) { -@@ -80,6 +87,14 @@ +@@ -106,6 +113,14 @@ signals_init(void) struct sigaction sa; sigemptyset(&sigmask); + if ((rc = sigaddset(&sigmask, SIGCHLD))) { + LogError("sigaddset: %s", strerror(errno)); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if ((rc = sigaddset(&sigmask, SIGINT))) { + LogError("sigaddset: %s", strerror(errno)); + return TCSERR(TSS_E_INTERNAL_ERROR); + } if ((rc = sigaddset(&sigmask, SIGTERM))) { LogError("sigaddset: %s", strerror(errno)); return TCSERR(TSS_E_INTERNAL_ERROR); -@@ -102,12 +117,24 @@ +@@ -128,12 +143,24 @@ signals_init(void) return TCSERR(TSS_E_INTERNAL_ERROR); } + if ((rc = sigaction(SIGINT, &sa, NULL))) { + LogError("signal SIGINT not registered: %s", strerror(errno)); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + sa.sa_handler = tcsd_signal_hup; if ((rc = sigaction(SIGHUP, &sa, NULL))) { LogError("signal SIGHUP not registered: %s", strerror(errno)); return TCSERR(TSS_E_INTERNAL_ERROR); } + sa.sa_flags = SA_RESTART; + sa.sa_handler = tcsd_signal_chld; + if ((rc = sigaction(SIGCHLD, &tcsd_sa_chld, NULL))) { + LogError("signal SIGCHLD not registered: %s", strerror(errno)); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + return TSS_SUCCESS; } -@@ -256,6 +283,26 @@ - if ((result = tcsd_startup())) - return (int)result; - -+ pwd = getpwnam(TSS_USER_NAME); -+ if (pwd == NULL) { -+ if (errno == 0) { -+ LogError("User \"%s\" not found, please add this user" -+ " manually.", TSS_USER_NAME); -+ } else { -+ LogError("getpwnam(%s): %s", TSS_USER_NAME, strerror(errno)); -+ } -+ return TCSERR(TSS_E_INTERNAL_ERROR); -+ } -+ setuid(pwd->pw_uid); -+ -+ if (getenv("TCSD_FOREGROUND") == NULL) { -+ if (daemon(0, 0) == -1) { -+ perror("daemon"); -+ tcsd_shutdown(); -+ return -1; -+ } -+ } -+ - sd = socket(AF_INET, SOCK_STREAM, 0); - if (sd < 0) { - LogError("Failed socket: %s", strerror(errno)); -@@ -279,33 +326,12 @@ - LogError("Failed bind: %s", strerror(errno)); - return -1; - } --#ifndef SOLARIS -- pwd = getpwnam(TSS_USER_NAME); -- if (pwd == NULL) { -- if (errno == 0) { -- LogError("User \"%s\" not found, please add this user" -- " manually.", TSS_USER_NAME); -- } else { -- LogError("getpwnam(%s): %s", TSS_USER_NAME, strerror(errno)); -- } -- return TCSERR(TSS_E_INTERNAL_ERROR); -- } -- setuid(pwd->pw_uid); --#endif - if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) { - LogError("Failed listen: %s", strerror(errno)); - return -1; - } - client_len = (unsigned)sizeof(client_addr); - -- if (getenv("TCSD_FOREGROUND") == NULL) { -- if (daemon(0, 0) == -1) { -- perror("daemon"); -- tcsd_shutdown(); -- return -1; -- } -- } -- - LogInfo("%s: TCSD up and running.", PACKAGE_STRING); - do { - newsd = accept(sd, (struct sockaddr *) &client_addr, &client_len); Index: head/security/trousers/files/patch-src-tddl-Makefile.am =================================================================== --- head/security/trousers/files/patch-src-tddl-Makefile.am (nonexistent) +++ head/security/trousers/files/patch-src-tddl-Makefile.am (revision 415449) @@ -0,0 +1,14 @@ +--- src/tddl/Makefile.am.orig 2014-04-24 18:05:44 UTC ++++ src/tddl/Makefile.am +@@ -1,4 +1,11 @@ ++libdir=@libdir@/tddl ++ + lib_LIBRARIES=libtddl.a + + libtddl_a_SOURCES=tddl.c + libtddl_a_CFLAGS=-DAPPID=\"TCSD\ TDDL\" -I${top_srcdir}/src/include -fPIE -DPIE ++ ++lib_LTLIBRARIES=libtddl.la ++ ++libtddl_la_SOURCES=tddl.c ++libtddl_la_CFLAGS=-DAPPID=\"TCSD\ TDDL\" -I${top_srcdir}/src/include -fPIE -DPIE Property changes on: head/security/trousers/files/patch-src-tddl-Makefile.am ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/trousers/files/patch-src-trspi-Makefile.am =================================================================== --- head/security/trousers/files/patch-src-trspi-Makefile.am (revision 415448) +++ head/security/trousers/files/patch-src-trspi-Makefile.am (revision 415449) @@ -1,12 +1,12 @@ ---- src/trspi/Makefile.am.orig 2012-09-20 02:24:48.000000000 +0900 -+++ src/trspi/Makefile.am 2013-12-05 15:12:35.000000000 +0900 +--- src/trspi/Makefile.am.orig 2014-04-24 18:05:44 UTC ++++ src/trspi/Makefile.am @@ -1,7 +1,8 @@ noinst_LTLIBRARIES=libtrousers.la libtrousers_la_SOURCES=trousers.c crypto/@CRYPTO_PACKAGE@/hash.c -libtrousers_la_CFLAGS=-DAPPID=\"TSPI\" -I${top_srcdir}/src/include +libtrousers_la_CFLAGS=-DAPPID=\"TSPI\" -I${top_srcdir}/src/include \ + -I${ICONV_PREFIX}/include if TSS_BUILD_ASYM_CRYPTO libtrousers_la_SOURCES+=crypto/@CRYPTO_PACKAGE@/rsa.c Index: head/security/trousers/files/patch-src-tspi-Makefile.am =================================================================== --- head/security/trousers/files/patch-src-tspi-Makefile.am (revision 415448) +++ head/security/trousers/files/patch-src-tspi-Makefile.am (revision 415449) @@ -1,11 +1,11 @@ ---- src/tspi/Makefile.am.orig 2012-09-20 02:24:48.000000000 +0900 -+++ src/tspi/Makefile.am 2013-12-05 11:10:14.000000000 +0900 -@@ -17,7 +17,7 @@ +--- src/tspi/Makefile.am.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/Makefile.am +@@ -17,7 +17,7 @@ libtspi_la_LIBADD=${top_builddir}/src/tr # 5. If any interfaces have been added since the last public release, then increment age. # 6. If any interfaces have been removed since the last public release, then set age to 0. -libtspi_la_LDFLAGS=-version-info 3:0:2 -lpthread @CRYPTOLIB@ +libtspi_la_LDFLAGS=-version-info 3:0:2 -lpthread @CRYPTOLIB@ -L${ICONV_PREFIX}/lib ${ICONV_LIB} libtspi_la_CFLAGS=-I$(top_srcdir)/src/include -DAPPID=\"TSPI\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" Index: head/security/trousers/files/patch-src-tspi-ps-ps_utils.c =================================================================== --- head/security/trousers/files/patch-src-tspi-ps-ps_utils.c (revision 415448) +++ head/security/trousers/files/patch-src-tspi-ps-ps_utils.c (revision 415449) @@ -1,20 +1,20 @@ ---- src/tspi/ps/ps_utils.c.orig 2010-01-29 01:27:51.000000000 +0900 -+++ src/tspi/ps/ps_utils.c 2010-10-24 21:04:04.841558702 +0900 +--- src/tspi/ps/ps_utils.c.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/ps/ps_utils.c @@ -22,7 +22,7 @@ #include "tspps.h" #include "tsplog.h" -inline TSS_RESULT +TSS_RESULT read_data(int fd, void *data, UINT32 size) { int rc; -@@ -39,7 +39,7 @@ +@@ -39,7 +39,7 @@ read_data(int fd, void *data, UINT32 siz return TSS_SUCCESS; } -inline TSS_RESULT +TSS_RESULT write_data(int fd, void *data, UINT32 size) { int rc; Index: head/security/trousers/files/patch-src-tspi-ps-tspps.c =================================================================== --- head/security/trousers/files/patch-src-tspi-ps-tspps.c (revision 415448) +++ head/security/trousers/files/patch-src-tspi-ps-tspps.c (revision 415449) @@ -1,89 +1,89 @@ ---- src/tspi/ps/tspps.c.orig 2012-09-20 02:24:48.000000000 +0900 -+++ src/tspi/ps/tspps.c 2013-07-27 04:03:25.000000000 +0900 +--- src/tspi/ps/tspps.c.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/ps/tspps.c @@ -29,6 +29,11 @@ #define LE_16 htole16 #define LE_32 htole32 #define LE_64 htole64 +#elif defined(HAVE_SYS_ENDIAN_H) +#include +#define LE_16 htole16 +#define LE_32 htole32 +#define LE_64 htole64 #else #define LE_16(x) (x) #define LE_32(x) (x) @@ -43,9 +48,13 @@ #include "tspps.h" #include "tsplog.h" + static int user_ps_fd = -1; static MUTEX_DECLARE_INIT(user_ps_lock); #if (defined (__FreeBSD__) || defined (__OpenBSD__)) +#include +#define LE_16 htole16 +#define LE_32 htole32 static MUTEX_DECLARE_INIT(user_ps_path); #endif static struct flock fl; -@@ -60,9 +69,7 @@ +@@ -60,9 +69,7 @@ get_user_ps_path(char **file) TSS_RESULT result; char *file_name = NULL, *home_dir = NULL; struct passwd *pwp; -#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) struct passwd pw; -#endif struct stat stat_buf; char buf[PASSWD_BUFSIZE]; uid_t euid; -@@ -72,10 +79,6 @@ +@@ -72,10 +79,6 @@ get_user_ps_path(char **file) *file = strdup(file_name); return (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY); } -#if (defined (__FreeBSD__) || defined (__OpenBSD__)) - MUTEX_LOCK(user_ps_path); -#endif - euid = geteuid(); #if defined (SOLARIS) -@@ -88,32 +91,14 @@ +@@ -88,32 +91,14 @@ get_user_ps_path(char **file) */ rc = snprintf(buf, sizeof (buf), "%s/%d", TSS_USER_PS_DIR, euid); #else - setpwent(); - while (1) { -#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) - rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); - if (rc) { - LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", - strerror(rc)); - endpwent(); - return TSPERR(TSS_E_INTERNAL_ERROR); - } + rc = getpwuid_r(euid, &pw, buf, PASSWD_BUFSIZE, &pwp); + if (rc) { + LogDebugFn("USER PS: Error getting path to home directory: " + "getpwent_r: %s", strerror(rc)); + return TSPERR(TSS_E_INTERNAL_ERROR); + } -#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) - if ((pwp = getpwent()) == NULL) { - LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", - strerror(rc)); - endpwent(); - MUTEX_UNLOCK(user_ps_path); - return TSPERR(TSS_E_INTERNAL_ERROR); - } -#endif - if (euid == pwp->pw_uid) { - home_dir = strdup(pwp->pw_dir); - break; - } - } - endpwent(); + home_dir = strdup(pwp->pw_dir); if (!home_dir) return TSPERR(TSS_E_OUTOFMEMORY); Index: head/security/trousers/files/patch-src-tspi-rpc-hosttable.c =================================================================== --- head/security/trousers/files/patch-src-tspi-rpc-hosttable.c (revision 415448) +++ head/security/trousers/files/patch-src-tspi-rpc-hosttable.c (revision 415449) @@ -1,66 +1,38 @@ ---- src/tspi/rpc/hosttable.c.orig 2012-09-20 02:35:07.000000000 +0900 -+++ src/tspi/rpc/hosttable.c 2014-08-06 15:35:22.000000000 +0900 -@@ -36,10 +36,10 @@ - } - - #ifdef SOLARIS --#pragma init(_init) --void _init(void) -+#pragma init(_init_hosttable) -+void _init_hosttable(void) - #else --void __attribute__ ((constructor)) my_init(void) -+static void __attribute__ ((constructor)) my_init(void) - #endif +--- src/tspi/rpc/hosttable.c.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/rpc/hosttable.c +@@ -51,6 +51,8 @@ host_table_final() { - host_table_init(); -@@ -51,6 +51,8 @@ - { struct host_table_entry *hte, *next = NULL; + if( ht == NULL ) return; + MUTEX_LOCK(ht->lock); for (hte = ht->entries; hte; hte = next) { -@@ -70,10 +72,10 @@ - } - - #ifdef SOLARIS --#pragma fini(_fini) --void _fini(void) -+#pragma fini(_fini_hosttable) -+void _fini_hosttable(void) - #else --void __attribute__ ((destructor)) my_fini(void) -+static void __attribute__ ((destructor)) my_fini(void) - #endif +@@ -84,6 +86,8 @@ __tspi_add_table_entry(TSS_HCONTEXT tspC { - host_table_final(); -@@ -84,6 +86,8 @@ - { struct host_table_entry *entry, *tmp; + if( ht == NULL ) return TSPERR(TSS_E_OUTOFMEMORY); + entry = calloc(1, sizeof(struct host_table_entry)); if (entry == NULL) { LogError("malloc of %zd bytes failed.", sizeof(struct host_table_entry)); -@@ -134,6 +138,8 @@ +@@ -134,6 +138,8 @@ remove_table_entry(TSS_HCONTEXT tspConte { struct host_table_entry *hte, *prev = NULL; + if( ht == NULL ) return; + MUTEX_LOCK(ht->lock); for (hte = ht->entries; hte; prev = hte, hte = hte->next) { -@@ -158,6 +164,8 @@ +@@ -158,6 +164,8 @@ get_table_entry(TSS_HCONTEXT tspContext) { struct host_table_entry *index = NULL; + if( ht == NULL ) return NULL; + MUTEX_LOCK(ht->lock); for (index = ht->entries; index; index = index->next) { Index: head/security/trousers/files/patch-src-tspi-rpc-tcstp-rpc.c =================================================================== --- head/security/trousers/files/patch-src-tspi-rpc-tcstp-rpc.c (revision 415448) +++ head/security/trousers/files/patch-src-tspi-rpc-tcstp-rpc.c (revision 415449) @@ -1,11 +1,11 @@ ---- src/tspi/rpc/tcstp/rpc.c.orig 2010-03-12 05:26:51.000000000 +0900 -+++ src/tspi/rpc/tcstp/rpc.c 2010-10-24 21:04:04.846552639 +0900 -@@ -306,7 +306,7 @@ +--- src/tspi/rpc/tcstp/rpc.c.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/rpc/tcstp/rpc.c +@@ -304,7 +304,7 @@ recv_from_socket(int sock, void *buffer, errno = 0; if ((recv_size = recv(sock, buffer+recv_total, size-recv_total, 0)) <= 0) { if (recv_size < 0) { - if (errno == EINTR) + if (errno == EINTR || errno == EAGAIN) continue; LogError("Socket receive connection error: %s.", strerror(errno)); } else { Index: head/security/trousers/files/patch-src-tspi-tsp_tcsi_param.c =================================================================== --- head/security/trousers/files/patch-src-tspi-tsp_tcsi_param.c (nonexistent) +++ head/security/trousers/files/patch-src-tspi-tsp_tcsi_param.c (revision 415449) @@ -0,0 +1,15 @@ +--- src/tspi/tsp_tcsi_param.c.orig 2014-04-24 18:05:44 UTC ++++ src/tspi/tsp_tcsi_param.c +@@ -11,7 +11,12 @@ + #include + #include + #include ++#if !defined(__FreeBSD__) + #include ++#else ++#include ++#define HOST_NAME_MAX MAXHOSTNAMELEN ++#endif + #include "trousers/tss.h" + #include "trousers/trousers.h" + #include "trousers_types.h" Property changes on: head/security/trousers/files/patch-src-tspi-tsp_tcsi_param.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/trousers/files/pkg-message.in =================================================================== --- head/security/trousers/files/pkg-message.in (revision 415448) +++ head/security/trousers/files/pkg-message.in (revision 415449) @@ -1,9 +1,16 @@ -To run tcsd automatically, add the following line to /etc/rc.conf +To run tcsd automatically, add the following line to /etc/rc.conf: tcsd_enable="YES" You might want to edit %%PREFIX%%/etc/tcsd.conf to reflect your setup. + +If you want to use tcsd with software TPM emulator, use the following +configuration in /etc/rc.conf: + +tcsd_enable="YES" +tcsd_mode="emulator" +tpmd_enable="YES" To use TPM, add your_account to '%%GROUPS%%' group like following: # pw groupadd %%GROUPS%% -m your_account Index: head/security/trousers/files/tcsd.in =================================================================== --- head/security/trousers/files/tcsd.in (revision 415448) +++ head/security/trousers/files/tcsd.in (revision 415449) @@ -1,38 +1,52 @@ #!/bin/sh # $FreeBSD$ # # PROVIDE: tcsd # REQUIRE: SERVERS tpmd # BEFORE: named hastd kerberos # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf.local or /etc/rc.conf # to enable this service: # # tcsd_enable (bool): Set to NO by default. # Set it to YES to enable tcsd. +# tcsd_mode (string): Set to "native" by default. +# Set it to "emulator" to use software TPM emulator. +# "emulator" depends on tpmd (emulators/tpm-emulator). . /etc/rc.subr name=tcsd rcvar=tcsd_enable command="%%PREFIX%%/sbin/${name}" start_precmd="tcsd_precmd" required_files="%%PREFIX%%/etc/${name}.conf" tcsd_precmd() { /usr/bin/install -d -m 0700 -o %%USERS%% -g %%GROUPS%% \ - /var/run/tpm /var/run/ima %%PREFIX%%/var/lib/tpm + /var/run/tpm /var/run/ima %%PREFIX%%/var/lib/tpm /usr/sbin/chown %%USERS%%:%%GROUPS%% \ - %%PREFIX%%/etc/tcsd.conf + %%PREFIX%%/etc/tcsd.conf /bin/chmod 0600 \ - %%PREFIX%%/etc/tcsd.conf + %%PREFIX%%/etc/tcsd.conf } load_rc_config $name : ${tcsd_enable:="NO"} +: ${tcsd_mode:="native"} + +case $tcsd_mode in +emulator) + if checkyesno tpmd_enable; then + command="%%PREFIX%%/sbin/tcsd_emu" + else + err 1 "tcsd_mode=\"emulator\" requires tpmd_enable=\"YES\"." + fi +;; +esac run_rc_command "$1" Index: head/security/trousers/pkg-plist =================================================================== --- head/security/trousers/pkg-plist (revision 415448) +++ head/security/trousers/pkg-plist (revision 415449) @@ -1,123 +1,118 @@ include/trousers/trousers.h include/trousers/tss.h include/tss/compat11b.h include/tss/platform.h include/tss/tcpa_defines.h include/tss/tcpa_error.h include/tss/tcpa_struct.h include/tss/tcpa_typedef.h include/tss/tcs.h include/tss/tcs_defines.h include/tss/tcs_error.h include/tss/tcs_structs.h include/tss/tcs_typedef.h include/tss/tddl_error.h include/tss/tddlapi_error.h include/tss/tddli.h include/tss/tpm.h include/tss/tpm_error.h include/tss/tpm_ordinal.h include/tss/tspi.h include/tss/tss_defines.h include/tss/tss_error.h include/tss/tss_error_basics.h include/tss/tss_structs.h include/tss/tss_typedef.h -%%TDDL%%lib/libtddl.a +lib/tddl/libtddl.a +lib/tddl/libtddl.so +lib/tddl/libtddl.so.0 +lib/tddl/libtddl.so.0.0.0 lib/libtspi.a lib/libtspi.so lib/libtspi.so.1 lib/libtspi.so.1.2.0 sbin/tcsd +sbin/tcsd_emu man/man3/Tspi_ChangeAuth.3.gz man/man3/Tspi_ChangeAuthAsym.3.gz man/man3/Tspi_Context_Close.3.gz man/man3/Tspi_Context_CloseObject.3.gz man/man3/Tspi_Context_Connect.3.gz man/man3/Tspi_Context_Create.3.gz man/man3/Tspi_Context_CreateObject.3.gz man/man3/Tspi_Context_FreeMemory.3.gz man/man3/Tspi_Context_GetCapability.3.gz man/man3/Tspi_Context_GetDefaultPolicy.3.gz man/man3/Tspi_Context_GetKeyByPublicInfo.3.gz man/man3/Tspi_Context_GetKeyByUUID.3.gz man/man3/Tspi_Context_GetRegisteredKeysByUUID.3.gz man/man3/Tspi_Context_GetRegisteredKeysByUUID2.3.gz man/man3/Tspi_Context_GetTpmObject.3.gz man/man3/Tspi_Context_LoadKeyByBlob.3.gz man/man3/Tspi_Context_LoadKeyByUUID.3.gz man/man3/Tspi_Context_RegisterKey.3.gz man/man3/Tspi_Context_UnregisterKey.3.gz -man/man3/Tspi_DAA_IssueCredential.3.gz -man/man3/Tspi_DAA_IssueInit.3.gz -man/man3/Tspi_DAA_IssueSetup.3.gz -man/man3/Tspi_DAA_IssuerKeyVerification.3.gz -man/man3/Tspi_DAA_VerifyInit.3.gz -man/man3/Tspi_DAA_VerifySignature.3.gz man/man3/Tspi_Data_Bind.3.gz man/man3/Tspi_Data_Seal.3.gz man/man3/Tspi_Data_Unbind.3.gz man/man3/Tspi_Data_Unseal.3.gz man/man3/Tspi_DecodeBER_TssBlob.3.gz man/man3/Tspi_EncodeDER_TssBlob.3.gz man/man3/Tspi_GetAttribData.3.gz man/man3/Tspi_GetAttribUint32.3.gz man/man3/Tspi_GetPolicyObject.3.gz man/man3/Tspi_Hash_GetHashValue.3.gz man/man3/Tspi_Hash_SetHashValue.3.gz man/man3/Tspi_Hash_Sign.3.gz man/man3/Tspi_Hash_UpdateHashValue.3.gz man/man3/Tspi_Hash_VerifySignature.3.gz man/man3/Tspi_Key_CertifyKey.3.gz man/man3/Tspi_Key_ConvertMigrationBlob.3.gz man/man3/Tspi_Key_CreateKey.3.gz man/man3/Tspi_Key_CreateMigrationBlob.3.gz man/man3/Tspi_Key_GetPubKey.3.gz man/man3/Tspi_Key_LoadKey.3.gz man/man3/Tspi_Key_UnloadKey.3.gz man/man3/Tspi_Key_WrapKey.3.gz man/man3/Tspi_PcrComposite_GetPcrValue.3.gz man/man3/Tspi_PcrComposite_SelectPcrIndex.3.gz man/man3/Tspi_PcrComposite_SetPcrValue.3.gz man/man3/Tspi_Policy_AssignToObject.3.gz man/man3/Tspi_Policy_FlushSecret.3.gz man/man3/Tspi_Policy_SetSecret.3.gz man/man3/Tspi_SetAttribData.3.gz man/man3/Tspi_SetAttribUint32.3.gz man/man3/Tspi_TPM_AuthorizeMigrationTicket.3.gz man/man3/Tspi_TPM_CMKSetRestrictions.3.gz man/man3/Tspi_TPM_CertifySelfTest.3.gz man/man3/Tspi_TPM_CheckMaintenancePubKey.3.gz man/man3/Tspi_TPM_ClearOwner.3.gz man/man3/Tspi_TPM_CollateIdentityRequest.3.gz man/man3/Tspi_TPM_CreateEndorsementKey.3.gz man/man3/Tspi_TPM_CreateMaintenanceArchive.3.gz -man/man3/Tspi_TPM_DAA_JoinCreateDaaPubKey.3.gz -man/man3/Tspi_TPM_DAA_JoinInit.3.gz -man/man3/Tspi_TPM_DAA_JoinStoreCredential.3.gz -man/man3/Tspi_TPM_DAA_Sign.3.gz man/man3/Tspi_TPM_DirRead.3.gz man/man3/Tspi_TPM_DirWrite.3.gz man/man3/Tspi_TPM_GetAuditDigest.3.gz man/man3/Tspi_TPM_GetCapability.3.gz man/man3/Tspi_TPM_GetEvent.3.gz man/man3/Tspi_TPM_GetEventLog.3.gz man/man3/Tspi_TPM_GetEvents.3.gz man/man3/Tspi_TPM_GetPubEndorsementKey.3.gz man/man3/Tspi_TPM_GetRandom.3.gz man/man3/Tspi_TPM_GetStatus.3.gz man/man3/Tspi_TPM_GetTestResult.3.gz man/man3/Tspi_TPM_KillMaintenanceFeature.3.gz man/man3/Tspi_TPM_LoadMaintenancePubKey.3.gz man/man3/Tspi_TPM_OwnerGetSRKPubKey.3.gz man/man3/Tspi_TPM_PcrExtend.3.gz man/man3/Tspi_TPM_PcrRead.3.gz man/man3/Tspi_TPM_Quote.3.gz +man/man3/Tspi_TPM_Quote2.3.gz man/man3/Tspi_TPM_SelfTestFull.3.gz man/man3/Tspi_TPM_SetStatus.3.gz man/man3/Tspi_TPM_StirRandom.3.gz man/man3/Tspi_TPM_TakeOwnership.3.gz man/man5/tcsd.conf.5.gz man/man8/tcsd.8.gz -@sample(_tss,_tss,0600) etc/tcsd.conf.dist etc/tcsd.conf -@dir(_tss,_tss,0700) var/lib/tpm +@sample(%%USERS%%,%%GROUPS%%,0600) etc/tcsd.conf.sample +@dir(%%USERS%%,%%GROUPS%%,0700) var/lib/tpm