Index: head/security/opencryptoki/Makefile =================================================================== --- head/security/opencryptoki/Makefile (revision 494473) +++ head/security/opencryptoki/Makefile (revision 494474) @@ -1,56 +1,51 @@ # Created by: Ralf Meister # $FreeBSD$ PORTNAME= opencryptoki -PORTVERSION= 3.6 -PORTREVISION= 1 +PORTVERSION= 3.11.0 +DISTVERSIONPREFIX= v CATEGORIES= security -MASTER_SITES= SF MAINTAINER= hrs@FreeBSD.org COMMENT= Open PKCS\#11 implementation library LICENSE= CPL LICENSE_NAME= Common Public License LICENSE_FILE= ${WRKSRC}/LICENSE LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept LIB_DEPENDS= libtspi.so:security/trousers -USES= alias autoreconf gmake libtool ssl tar:tgz +USES= alias autoreconf gmake libtool localbase ssl tar:tgz +USE_GCC= any +USE_OPENLDAP= yes USE_LDCONFIG= ${PREFIX}/lib/opencryptoki -WRKSRC= ${WRKDIR}/${PORTNAME} +USE_GITHUB= yes INSTALL_TARGET= install-strip GNU_CONFIGURE= yes CONFIGURE_ARGS= --enable-swtok --enable-tpmtok \ + --enable-icsftok \ --disable-crtok --disable-aeptok \ --disable-ccatok --disable-bcomtok \ --disable-pkcscca_migrate \ --with-lockdir=/var/run/opencryptoki \ --with-logdir=/var/log/opencryptoki \ --localstatedir=/var \ --with-openssl=${OPENSSLBASE} \ --with-pkcs11user=${USERS} \ --with-pkcs11group=${GROUPS} \ ac_cv_path_CHGRP=true -CFLAGS+= -I${LOCALBASE}/include -LDFLAGS+= -L${LOCALBASE}/lib USE_RC_SUBR= pkcsslotd SUB_FILES= pkg-message SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}" PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}" USERS= _pkcs11 GROUPS= _pkcs11 - -OPTIONS_DEFINE= LDAP -OPTIONS_SUB= yes -LDAP_CONFIGURE_ENABLE= icsf -LDAP_USE= OPENLDAP=yes post-install: ${MV} ${STAGEDIR}${ETCDIR}/opencryptoki.conf \ ${STAGEDIR}${ETCDIR}/opencryptoki.conf.sample ${RMDIR} ${STAGEDIR}/var/run/opencryptoki/* \ ${STAGEDIR}/var/run/opencryptoki .include Index: head/security/opencryptoki/distinfo =================================================================== --- head/security/opencryptoki/distinfo (revision 494473) +++ head/security/opencryptoki/distinfo (revision 494474) @@ -1,3 +1,3 @@ -TIMESTAMP = 1478467347 -SHA256 (opencryptoki-3.6.tgz) = f78a70632e50f6275467e84e95c6fa10dca2078da4e394518280defeb3169d2a -SIZE (opencryptoki-3.6.tgz) = 1067759 +TIMESTAMP = 1551564276 +SHA256 (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 4d901373b08ed0b0d56a4df5e3f35a7d17142bdc5c5bf9b37c8a10200a08d6fd +SIZE (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 935891 Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c (nonexistent) @@ -1,50 +0,0 @@ ---- usr/lib/pkcs11/common/utility.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/common/utility.c -@@ -275,9 +275,28 @@ - legal action under this Agreement more than one year after - the cause of action arose. Each party waives its rights to - a jury trial in any resulting litigation. -+*/ - -+#include - --*/ -+#ifdef __sun -+#define LOCK_EX F_LOCK -+#define LOCK_UN F_ULOCK -+#define flock(fd, func) lockf(fd, func, 0) -+#endif -+ -+#ifndef LOCK_SH -+#define LOCK_SH 1 /* shared lock */ -+#endif -+#ifndef LOCK_EX -+#define LOCK_EX 2 /* exclusive lock */ -+#endif -+#ifndef LOCK_NB -+#define LOCK_NB 4 /* don't block when locking */ -+#endif -+#ifndef LOCK_UN -+#define LOCK_UN 8 /* unlock */ -+#endif - - /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */ - -@@ -587,7 +606,7 @@ CK_RV CreateXProcLock(void) - goto err; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp != NULL) { - if (fchown(spinxplfd, -1, grp->gr_gid) - == -1) { -@@ -1131,7 +1150,7 @@ CK_RV check_user_and_group() - * when forked). So we need to get the group information. - * Really need to take the uid and map it to a name. - */ -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp == NULL) { - OCK_SYSLOG(LOG_ERR, "getgrnam() failed: %s\n", strerror(errno)); - goto error; Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c (nonexistent) @@ -1,11 +0,0 @@ ---- usr/lib/pkcs11/common/btree.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/btree.c -@@ -30,7 +30,7 @@ - - - #include --#include -+#include - - #include "pkcs11types.h" - #include "local_types.h" Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-configure.in =================================================================== --- head/security/opencryptoki/files/patch-configure.in (revision 494473) +++ head/security/opencryptoki/files/patch-configure.in (nonexistent) @@ -1,96 +0,0 @@ ---- configure.in.orig 2016-04-29 17:26:45 UTC -+++ configure.in -@@ -6,6 +6,9 @@ AC_CANONICAL_SYSTEM - - AM_INIT_AUTOMAKE([foreign 1.6]) - -+AC_DEFINE(_BSD_SOURCE, 1, BSD functions) -+AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions) -+ - dnl Checks for header files. - AC_DISABLE_STATIC - LT_INIT -@@ -25,6 +28,7 @@ AC_FUNC_MEMCMP - AC_FUNC_STRFTIME - AC_FUNC_VPRINTF - AC_CHECK_FUNCS([getcwd]) -+AC_CHECK_FUNCS([asprintf]) - - dnl Used in various scripts - AC_PATH_PROG([ID], [id], [/us/bin/id]) -@@ -40,10 +44,16 @@ AC_PROG_YACC - - dnl Define custom variables - --lockdir=$localstatedir/lock/opencryptoki -+AC_ARG_WITH([lockdir], -+ [AS_HELP_STRING([--with-lockdir],[lock directory])], -+ [lockdir=$withval], -+ [lockdir=$localstatedir/lock/opencryptoki]) - AC_SUBST(lockdir) - --logdir=$localstatedir/log/opencryptoki -+AC_ARG_WITH([logdir], -+ [AS_HELP_STRING([--with-logdir],[log directory])], -+ [logdir=$withval], -+ [logdir=$localstatedir/log/opencryptoki]) - AC_SUBST(logdir) - - dnl --- -@@ -166,6 +176,21 @@ AC_ARG_WITH([systemd], - [], - [with_systemd=no]) - -+dnl --- check for pkcs11 user -+AC_ARG_WITH([pkcs11user], -+ AC_HELP_STRING([--with-pkcs11user[[=USER]]], [set pkcs11 user [[pkcs11]]]), -+ [pkcs11_user=$withval], -+ [pkcs11_user=pkcs11]) -+ -+dnl --- check for pkcs11 group -+AC_ARG_WITH(pkcs11group, -+ AC_HELP_STRING([--with-pkcs11group[[=GROUP]]], [set pkcs11 group [[pkcs11]]]), -+ [pkcs11_group=$withval], -+ [pkcs11_group=pkcs11]) -+ -+AC_SUBST(PKCS11USER, $pkcs11_user) -+AC_SUBST(PKCS11GROUP, $pkcs11_group) -+ - dnl --- - dnl --- - dnl --- Now that we have all the options, let's check for a valid build -@@ -554,13 +579,31 @@ fi - - AM_CONDITIONAL([ENABLE_PKCSEP11_MIGRATE], [test "x$enable_pkcsep11_migrate" = "xyes"]) - --CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wno-pointer-sign" -- --CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"' -+CFLAGS="$CFLAGS \ -+ -Wall \ -+ -Wno-pointer-sign \ -+" -+CPPFX=' \ -+ -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" \ -+ -DSBIN_PATH=\"$(sbindir)\" \ -+ -DLIB_PATH=\"$(libdir)\" \ -+ -DLOCKDIR_PATH=\"$(lockdir)\" \ -+ -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" \ -+ -DOCK_LOGDIR=\"$(logdir)\" \ -+' -+CPPFLAGS="$CPPFLAGS \ -+ -DPKCS64 \ -+ -D_XOPEN_SOURCE=600 \ -+ $CPPFX \ -+ -DPKCS11USER=\\\"${pkcs11_user}\\\" \ -+ -DPKCS11GROUP=\\\"${pkcs11_group}\\\" \ -+" - - # At this point, CFLAGS is set to something sensible - AC_PROG_CC - -+AC_SUBST(FPIC, $lt_prog_compiler_pic) -+ - AC_CONFIG_FILES([Makefile usr/Makefile \ - usr/include/Makefile \ - usr/include/pkcs11/Makefile \ Property changes on: head/security/opencryptoki/files/patch-configure.in ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am (nonexistent) @@ -1,15 +0,0 @@ ---- usr/lib/pkcs11/tpm_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/tpm_stdll/Makefile.am -@@ -71,10 +71,10 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_tpm.so PKCS11_TPM.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm - $(MKDIR_P) $(DESTDIR)$(lockdir)/tpm -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/tpm - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm - - uninstall-hook: Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c =================================================================== --- head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c (nonexistent) @@ -1,62 +0,0 @@ ---- usr/lib/pkcs11/common/sw_crypt.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/common/sw_crypt.c -@@ -309,12 +309,12 @@ sw_des3_cbc(CK_BYTE * in_data, - CK_BYTE *key_value, - CK_BYTE encrypt) - { -- des_key_schedule des_key1; -- des_key_schedule des_key2; -- des_key_schedule des_key3; -+ DES_key_schedule des_key1; -+ DES_key_schedule des_key2; -+ DES_key_schedule des_key3; - -- const_des_cblock key_SSL1, key_SSL2, key_SSL3; -- des_cblock ivec; -+ const_DES_cblock key_SSL1, key_SSL2, key_SSL3; -+ DES_cblock ivec; - - // the des decrypt will only fail if the data length is not evenly divisible - // by 8 -@@ -328,30 +328,30 @@ sw_des3_cbc(CK_BYTE * in_data, - memcpy(&key_SSL1, key_value, (size_t)8); - memcpy(&key_SSL2, key_value+8, (size_t)8); - memcpy(&key_SSL3, key_value+16, (size_t)8); -- des_set_key_unchecked(&key_SSL1, des_key1); -- des_set_key_unchecked(&key_SSL2, des_key2); -- des_set_key_unchecked(&key_SSL3, des_key3); -+ DES_set_key_unchecked(&key_SSL1, &des_key1); -+ DES_set_key_unchecked(&key_SSL2, &des_key2); -+ DES_set_key_unchecked(&key_SSL3, &des_key3); - - memcpy(ivec, init_v, sizeof(ivec)); - - // Encrypt or decrypt the data - if (encrypt) { -- des_ede3_cbc_encrypt(in_data, -+ DES_ede3_cbc_encrypt(in_data, - out_data, - in_data_len, -- des_key1, -- des_key2, -- des_key3, -+ &des_key1, -+ &des_key2, -+ &des_key3, - &ivec, - DES_ENCRYPT); - *out_data_len = in_data_len; - } else { -- des_ede3_cbc_encrypt(in_data, -+ DES_ede3_cbc_encrypt(in_data, - out_data, - in_data_len, -- des_key1, -- des_key2, -- des_key3, -+ &des_key1, -+ &des_key2, -+ &des_key3, - &ivec, - DES_DECRYPT); - Property changes on: head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-Makefile.am (nonexistent) @@ -1,15 +0,0 @@ ---- usr/lib/Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/Makefile.am -@@ -1,12 +1,4 @@ - SUBDIRS = pkcs11 - --install-data-hook: -- $(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d -- echo "$(libdir)/opencryptoki" >\ -- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf -- echo "$(libdir)/opencryptoki/stdll" >>\ -- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf -- echo "**** Remember you must run ldconfig before using the above settings ****" -- - uninstall-hook: - rm -f $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf Property changes on: head/security/opencryptoki/files/patch-usr-lib-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c (nonexistent) @@ -1,19 +0,0 @@ ---- usr/lib/pkcs11/common/trace.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/common/trace.c -@@ -301,6 +301,7 @@ - #include - #include - #include -+#include - - #include "pkcs11types.h" - #include "defs.h" -@@ -449,7 +450,7 @@ CK_RV trace_initialize(void) - return(CKR_FUNCTION_FAILED); - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp == NULL) { - OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s." - "Tracing is disabled.\n", strerror(errno)); Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c (nonexistent) @@ -1,23 +0,0 @@ ---- usr/lib/pkcs11/common/loadsave.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/loadsave.c -@@ -293,11 +293,9 @@ - #include - #include - #include --#include - #include - #include - #include --#include - #include - #include - #include -@@ -637,7 +635,7 @@ void set_perm(int file) - // Set absolute permissions or rw-rw---- - fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); - -- grp = getgrnam("pkcs11"); // Obtain the group id -+ grp = getgrnam(PKCS11GROUP); // Obtain the group id - if (grp) { - // set ownership to root, and pkcs11 group - if (fchown(file, getuid(), grp->gr_gid) != 0) { Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h (nonexistent) @@ -1,26 +0,0 @@ ---- usr/lib/pkcs11/common/host_defs.h.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/host_defs.h -@@ -294,12 +294,23 @@ - /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */ - - -+#include - #include - #ifndef _HOST_DEFS_H - #define _HOST_DEFS_H - - #include -+#if defined(__OpenBSD__) || defined(__FreeBSD__) -+#include -+#ifdef _BYTE_ORDER -+#define __BYTE_ORDER _BYTE_ORDER -+#endif -+#ifdef _LITTLE_ENDIAN -+#define __LITTLE_ENDIAN _LITTLE_ENDIAN -+#endif -+#else - #include -+#endif - - #include "pkcs32.h" - Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c (nonexistent) @@ -1,22 +0,0 @@ ---- usr/lib/pkcs11/api/apiutil.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/apiutil.c -@@ -298,10 +298,10 @@ - #include - #include - #include --#include - #include - #include - #include -+#include - - #include - -@@ -314,7 +314,6 @@ - #include - #include - #include --#include - - static int xplfd = -1; - Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am (nonexistent) @@ -1,27 +0,0 @@ ---- usr/lib/pkcs11/soft_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/soft_stdll/Makefile.am -@@ -7,7 +7,7 @@ opencryptoki_stdll_libpkcs11_sw_la_LDFLA - opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DDEV -D_THREAD_SAFE \ - -DSHALLOW=0 -DSWTOK=1 -DLITE=0 \ - -DNOCDMF -DNOMD2 -DNODSA -DNORIPE \ -- -fPIC \ -+ $(FPIC) \ - -I/usr/include -I. \ - -I../../../include/pkcs11/stdll \ - -I../../../include/pkcs11 \ -@@ -56,12 +56,12 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_sw.so PKCS11_SW.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok - $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok - - uninstall-hook: Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c (nonexistent) @@ -1,11 +0,0 @@ ---- usr/lib/pkcs11/api/socket_client.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/socket_client.c -@@ -320,7 +320,7 @@ init_socket_data() { - return FALSE; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if ( !grp ) { - OCK_SYSLOG(LOG_ERR, "init_socket_data: pkcs11 group does not exist, errno=%d", errno); - return FALSE; Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am (nonexistent) @@ -1,10 +0,0 @@ ---- usr/sbin/pkcsconf/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/sbin/pkcsconf/Makefile.am -@@ -1,6 +1,6 @@ - sbin_PROGRAMS=pkcsconf - --pkcsconf_LDFLAGS = -lpthread -ldl -+pkcsconf_LDFLAGS = -lpthread - - # Not all versions of automake observe sbinname_CFLAGS - pkcsconf_CFLAGS = -D_THREAD_SAFE -DDEBUG -DDEV -DAPI Property changes on: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am (nonexistent) @@ -1,18 +0,0 @@ ---- usr/lib/pkcs11/api/Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/Makefile.am -@@ -4,13 +4,13 @@ SO_CURRENT=0 - SO_REVISION=0 - SO_AGE=0 - --opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc -ldl \ -+opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc \ - -lpthread -version-info \ - $(SO_CURRENT):$(SO_REVISION):$(SO_AGE) - - # Not all versions of automake observe libname_CFLAGS - opencryptoki_libopencryptoki_la_CFLAGS = -DAPI -DDEV -D_THREAD_SAFE \ -- -fPIC -I../. -I../../../include/pkcs11 \ -+ $(FPIC) -I../. -I../../../include/pkcs11 \ - -I ../common -DSTDLL_NAME=\"api\" - - opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c \ Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am (nonexistent) @@ -1,15 +0,0 @@ ---- usr/lib/pkcs11/icsf_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/icsf_stdll/Makefile.am -@@ -79,10 +79,10 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_icsf.so PKCS11_ICSF.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf - $(MKDIR_P) $(DESTDIR)$(lockdir)/icsf -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/icsf - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf - - uninstall-hook: Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c (nonexistent) @@ -1,30 +0,0 @@ ---- usr/lib/pkcs11/soft_stdll/soft_specific.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/soft_stdll/soft_specific.c -@@ -298,7 +298,9 @@ - - - ****************************************************************************/ -+#ifndef _BSD_SOURCE - #define _BSD_SOURCE -+#endif - - #include - #include // for memcmp() et al -@@ -317,7 +319,17 @@ - #include - #include - #include -+#if defined(__OpenBSD__) || defined(__FreeBSD__) -+#include -+#ifdef _BYTE_ORDER -+#define __BYTE_ORDER _BYTE_ORDER -+#endif -+#ifdef _LITTLE_ENDIAN -+#define __LITTLE_ENDIAN _LITTLE_ENDIAN -+#endif -+#else - #include -+#endif - - #include - #include Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c (nonexistent) @@ -1,11 +0,0 @@ ---- usr/lib/pkcs11/icsf_stdll/pbkdf.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/icsf_stdll/pbkdf.c -@@ -337,7 +337,7 @@ set_perms(int file) - return CKR_FUNCTION_FAILED; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp) { - if (fchown(file, -1, grp->gr_gid) != 0) { - TRACE_ERROR("fchown failed: %s\n", strerror(errno)); Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am (nonexistent) @@ -1,33 +0,0 @@ ---- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am -@@ -6,12 +6,12 @@ opencryptoki_stdll_libpkcs11_ica_la_LDFL - -Wl,-Bsymbolic \ - -Wl,-soname,$@ \ - -Wl,-Bsymbolic -lc \ -- -lpthread -lica -ldl \ -+ -lpthread -lica \ - -lcrypto - - # Not all versions of automake observe libname_CFLAGS - opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DDEV \ -- -D_THREAD_SAFE -fPIC \ -+ -D_THREAD_SAFE $(FPIC) \ - -DSHALLOW=0 -DSWTOK=0 \ - -DLITE=1 -DNODH \ - -DNOCDMF -DNOMD2 -DNODSA \ -@@ -64,12 +64,12 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_ica.so PKCS11_ICA.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite - $(MKDIR_P) $(DESTDIR)$(lockdir)/lite -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite - - uninstall-hook: Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am (nonexistent) @@ -1,18 +0,0 @@ ---- usr/lib/pkcs11/cca_stdll/Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/cca_stdll/Makefile.am -@@ -66,12 +66,12 @@ install-data-hook: - cd $(DESTDIR)/$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_cca.so PKCS11_CCA.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok - $(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok - - uninstall-hook: Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in (revision 494473) +++ head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in (nonexistent) @@ -1,11 +0,0 @@ ---- usr/lib/pkcs11/api/shrd_mem.c.in.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/shrd_mem.c.in -@@ -357,7 +357,7 @@ attach_shared_memory() { - // only check group membership if not root user - if (uid != 0 && euid != 0) { - int i, member=0; -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (!grp) { - // group pkcs11 not known to the system - return NULL; Property changes on: head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-Makefile.am =================================================================== --- head/security/opencryptoki/files/patch-Makefile.am (revision 494473) +++ head/security/opencryptoki/files/patch-Makefile.am (revision 494474) @@ -1,9 +1,128 @@ ---- Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ Makefile.am -@@ -8,5 +8,5 @@ if ENABLE_DAEMON - MISCDIR = misc +--- Makefile.am.orig 2018-11-16 23:53:03.000000000 +0900 ++++ Makefile.am 2019-03-03 12:39:45.031868000 +0900 +@@ -29,7 +29,6 @@ + include man/man.mk + include usr/usr.mk + +- + install-data-hook: + if ENABLE_LIBRARY + $(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll +@@ -37,9 +36,9 @@ + cd $(DESTDIR)$(libdir)/opencryptoki && \ + ln -fs libopencryptoki.so PKCS11_API.so + cd $(DESTDIR)$(libdir)/opencryptoki && \ +- ln -nfs $(sbindir) methods ++ ln -nfs ../../sbin methods + cd $(DESTDIR)$(libdir)/pkcs11 && \ +- ln -nfs $(sbindir) methods ++ ln -nfs ../../sbin methods + cd $(DESTDIR)$(libdir)/pkcs11 && \ + ln -fs ../opencryptoki/libopencryptoki.so PKCS11_API.so + cd $(DESTDIR)$(libdir)/pkcs11 && \ +@@ -51,24 +50,24 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_cca.so PKCS11_CCA.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok + $(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok endif + if ENABLE_EP11TOK + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_ep11.so PKCS11_EP11.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok + $(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ep11tok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok + test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true + test -f $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || $(INSTALL) -m 644 $(srcdir)/usr/lib/ep11_stdll/ep11tok.conf $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || true +@@ -78,24 +77,24 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_ica.so PKCS11_ICA.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite + $(MKDIR_P) $(DESTDIR)$(lockdir)/lite +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite + endif + if ENABLE_SWTOK + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_sw.so PKCS11_SW.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok + $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok + endif + if ENABLE_TPMTOK +@@ -103,10 +102,10 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_tpm.so PKCS11_TPM.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm + $(MKDIR_P) $(DESTDIR)$(lockdir)/tpm +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/tpm + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm + endif + if ENABLE_ICSFTOK +@@ -114,10 +113,10 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_icsf.so PKCS11_ICSF.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf + $(MKDIR_P) $(DESTDIR)$(lockdir)/icsf +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/icsf + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf + endif + if ENABLE_DAEMON +@@ -130,16 +129,8 @@ + rm -f $(DESTDIR)/usr/lib/systemd/system/tmpfiles.conf + endif + endif +- $(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d +- echo "$(libdir)/opencryptoki" >\ +- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf +- echo "$(libdir)/opencryptoki/stdll" >>\ +- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf +- @echo "--------------------------------------------------------------" +- @echo "Remember you must run ldconfig before using the above settings" +- @echo "--------------------------------------------------------------" + $(MKDIR_P) $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) + $(CHMOD) 0770 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) --SUBDIRS = usr man $(MISCDIR) $(TESTDIR) -+SUBDIRS = usr man $(TESTDIR) Index: head/security/opencryptoki/files/patch-configure.ac =================================================================== --- head/security/opencryptoki/files/patch-configure.ac (nonexistent) +++ head/security/opencryptoki/files/patch-configure.ac (revision 494474) @@ -0,0 +1,98 @@ +--- configure.ac.orig 2018-11-16 14:53:03 UTC ++++ configure.ac +@@ -12,6 +12,9 @@ dnl Checks for header files. + AC_DISABLE_STATIC + LT_INIT + ++AC_DEFINE(_BSD_SOURCE, 1, BSD functions) ++AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions) ++ + AC_HEADER_STDC + AC_CHECK_HEADER_STDBOOL + AC_CHECK_HEADERS([arpa/inet.h fcntl.h libintl.h limits.h locale.h malloc.h \ +@@ -77,18 +80,27 @@ fi + AC_CHECK_LIB([itm], [_ITM_commitTransaction], [itm=yes], [itm=no]) + + OPENLDAP_LIBS= +-AC_CHECK_HEADERS([lber.h ldap.h], ++if test "x$enable_icsftok" = "xyes"; then ++ AC_CHECK_HEADERS([lber.h ldap.h], + [OPENLDAP_LIBS="-llber -lldap"], + [AC_MSG_ERROR([lber.h and ldap.h are missing. Please install + 'openldap-devel'.])]) +-LIBS="$LIBS $OPENLDAP_LIBS" ++ LIBS="$LIBS $OPENLDAP_LIBS" ++fi + AC_SUBST([OPENLDAP_LIBS]) + + dnl Define custom variables + +-lockdir=$localstatedir/lock/opencryptoki ++AC_ARG_WITH([lockdir], ++ [AS_HELP_STRING([--with-lockdir],[lock directory])], ++ [lockdir=$withval], ++ [lockdir=$localstatedir/lock/opencryptoki]) + AC_SUBST(lockdir) + ++AC_ARG_WITH([logdir], ++ [AS_HELP_STRING([--with-logdir],[log directory])], ++ [logdir=$withval], ++ [logdir=$localstatedir/log/opencryptoki]) + logdir=$localstatedir/log/opencryptoki + AC_SUBST(logdir) + +@@ -225,6 +237,19 @@ AC_ARG_WITH([systemd], + [], + [with_systemd=no]) + ++dnl --- check for pkcs11 user ++AC_ARG_WITH([pkcs11user], ++ AC_HELP_STRING([--with-pkcs11user[[=USER]]], [set pkcs11 user [[pkcs11]]]), ++ [pkcs11_user=$withval], ++ [pkcs11_user=pkcs11]) ++dnl --- check for pkcs11 group ++AC_ARG_WITH(pkcs11group, ++ AC_HELP_STRING([--with-pkcs11group[[=GROUP]]], [set pkcs11 group [[pkcs11]]]), ++ [pkcs11_group=$withval], ++ [pkcs11_group=pkcs11]) ++AC_SUBST(PKCS11USER, $pkcs11_user) ++AC_SUBST(PKCS11GROUP, $pkcs11_group) ++ + dnl --- + dnl --- + dnl --- Now that we have all the options, let's check for a valid build +@@ -598,12 +623,31 @@ else + fi + AM_CONDITIONAL([ENABLE_LOCKS], [test "x$enable_locks" = "xyes"]) + +-CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wextra" ++CFLAGS="$CFLAGS \ ++ -Wall \ ++ -Wextra \ ++ -Wno-pointer-sign \ ++" ++CPPFX=' \ ++ -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" \ ++ -DSBIN_PATH=\"$(sbindir)\" \ ++ -DLIB_PATH=\"$(libdir)\" \ ++ -DLOCKDIR_PATH=\"$(lockdir)\" \ ++ -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" \ ++ -DOCK_LOGDIR=\"$(logdir)\" \ ++' ++CPPFLAGS="$CPPFLAGS \ ++ -DPKCS64 \ ++ -D_XOPEN_SOURCE=600 \ ++ $CPPFX \ ++ -DPKCS11USER=\\\"${pkcs11_user}\\\" \ ++ -DPKCS11GROUP=\\\"${pkcs11_group}\\\" \ ++" + +-CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"' +- + # At this point, CFLAGS is set to something sensible + AC_PROG_CC ++ ++AC_SUBST(FPIC, $lt_prog_compiler_pic) + + AC_CONFIG_MACRO_DIRS([m4]) + Property changes on: head/security/opencryptoki/files/patch-configure.ac ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-misc-misc.mk =================================================================== --- head/security/opencryptoki/files/patch-misc-misc.mk (nonexistent) +++ head/security/opencryptoki/files/patch-misc-misc.mk (revision 494474) @@ -0,0 +1,17 @@ +--- misc/misc.mk.orig 2018-11-16 14:53:03 UTC ++++ misc/misc.mk +@@ -39,14 +39,5 @@ ${srcdir}/misc/tmpfiles.conf: ${srcdir}/misc/tmpfiles. + $(foreach TOK,$(TOKENS),\ + echo "D $(lockdir)/$(TOK) 0770 root pkcs11 -" >> $@-t;) + mv $@-t $@ +-else +-initddir = $(sysconfdir)/rc.d/init.d +-initd_SCRIPTS = misc/pkcsslotd +- +-CLEANFILES += misc/pkcsslotd +-${srcdir}/misc/pkcsslotd: ${srcdir}/misc/pkcsslotd.in +- @SED@ -e s!\@sbindir\@!"@sbindir@"!g < $< > $@-t +- @CHMOD@ a+x $@-t +- mv $@-t $@ + endif + endif Property changes on: head/security/opencryptoki/files/patch-misc-misc.mk ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-api-api.mk =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-api-api.mk (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-api-api.mk (revision 494474) @@ -0,0 +1,17 @@ +--- usr/lib/api/api.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/api.mk +@@ -7,12 +7,12 @@ SO_REVISION=0 + SO_AGE=0 + + opencryptoki_libopencryptoki_la_CFLAGS = \ +- -DAPI -DDEV -D_THREAD_SAFE -fPIC -I${srcdir}/usr/include \ ++ -DAPI -DDEV -D_THREAD_SAFE $(FPIC) -I${srcdir}/usr/include \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/lib/api \ + -DSTDLL_NAME=\"api\" + + opencryptoki_libopencryptoki_la_LDFLAGS = \ +- -shared -Wl,-z,defs,-Bsymbolic -lc -ldl -lpthread \ ++ -shared -Wl,-z,defs,-Bsymbolic -lc -lpthread \ + -version-info $(SO_CURRENT):$(SO_REVISION):$(SO_AGE) \ + -Wl,--version-script=${srcdir}/opencryptoki.map + Property changes on: head/security/opencryptoki/files/patch-usr-lib-api-api.mk ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c (revision 494474) @@ -0,0 +1,22 @@ +--- usr/lib/api/apiutil.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/apiutil.c +@@ -19,10 +19,10 @@ + #include + #include + #include +-#include + #include + #include + #include ++#include + + #include + +@@ -35,7 +35,6 @@ + #include + #include + #include +-#include + + static int xplfd = -1; + Property changes on: head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in (revision 494474) @@ -0,0 +1,11 @@ +--- usr/lib/api/shrd_mem.c.in.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/shrd_mem.c.in +@@ -74,7 +74,7 @@ void *attach_shared_memory() + // only check group membership if not root user + if (uid != 0 && euid != 0) { + int i, member = 0; +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { + // group pkcs11 not known to the system + return NULL; Property changes on: head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c (revision 494474) @@ -0,0 +1,11 @@ +--- usr/lib/api/socket_client.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/socket_client.c +@@ -51,7 +51,7 @@ int init_socket_data() + return FALSE; + } + +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { + OCK_SYSLOG(LOG_ERR, + "init_socket_data: pkcs11 group does not exist, errno=%d", Property changes on: head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-common-btree.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-common-btree.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-common-btree.c (revision 494474) @@ -0,0 +1,11 @@ +--- usr/lib/common/btree.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/btree.c +@@ -18,7 +18,7 @@ + + + #include +-#include ++#include + + #include "pkcs11types.h" + #include "local_types.h" Property changes on: head/security/opencryptoki/files/patch-usr-lib-common-btree.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h (revision 494474) @@ -0,0 +1,26 @@ +--- usr/lib/common/host_defs.h.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/host_defs.h +@@ -8,12 +8,23 @@ + * https://opensource.org/licenses/cpl1.0.php + */ + ++#include + #include + #ifndef _HOST_DEFS_H + #define _HOST_DEFS_H + + #include ++#if defined(__OpenBSD__) || defined(__FreeBSD__) ++#include ++#ifdef _BYTE_ORDER ++#define __BYTE_ORDER _BYTE_ORDER ++#endif ++#ifdef _LITTLE_ENDIAN ++#define __LITTLE_ENDIAN _LITTLE_ENDIAN ++#endif ++#else + #include ++#endif + + #include "pkcs32.h" + #include Property changes on: head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c (revision 494474) @@ -0,0 +1,23 @@ +--- usr/lib/common/loadsave.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/loadsave.c +@@ -20,11 +20,9 @@ + #include + #include + #include +-#include + #include + #include + #include +-#include + #include + #include + #include +@@ -370,7 +368,7 @@ void set_perm(int file) + // Set absolute permissions or rw-rw---- + fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); + +- grp = getgrnam("pkcs11"); // Obtain the group id ++ grp = getgrnam(PKCS11GROUP); // Obtain the group id + if (grp) { + // set ownership to root, and pkcs11 group + if (fchown(file, getuid(), grp->gr_gid) != 0) { Property changes on: head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-common-trace.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-common-trace.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-common-trace.c (revision 494474) @@ -0,0 +1,19 @@ +--- usr/lib/common/trace.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/trace.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "pkcs11types.h" + #include "defs.h" +@@ -170,7 +171,7 @@ CK_RV trace_initialize(void) + return (CKR_FUNCTION_FAILED); + } + +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp == NULL) { + OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s." + "Tracing is disabled.\n", strerror(errno)); Property changes on: head/security/opencryptoki/files/patch-usr-lib-common-trace.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-common-utility.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-common-utility.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-common-utility.c (revision 494474) @@ -0,0 +1,54 @@ +--- usr/lib/common/utility.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/utility.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "pkcs11types.h" + #include "defs.h" +@@ -35,6 +36,25 @@ + #include + #include + ++#ifdef __sun ++#define LOCK_EX F_LOCK ++#define LOCK_UN F_ULOCK ++#define flock(fd, func) lockf(fd, func, 0) ++#endif ++ ++#ifndef LOCK_SH ++#define LOCK_SH 1 /* shared lock */ ++#endif ++#ifndef LOCK_EX ++#define LOCK_EX 2 /* exclusive lock */ ++#endif ++#ifndef LOCK_NB ++#define LOCK_NB 4 /* don't block when locking */ ++#endif ++#ifndef LOCK_UN ++#define LOCK_UN 8 /* unlock */ ++#endif ++ + // Function: dlist_add_as_first() + // + // Adds the specified node to the start of the list +@@ -317,7 +337,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t * + lockdir, strerror(errno)); + goto err; + } +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp == NULL) { + fprintf(stderr, "getgrname(pkcs11): %s", strerror(errno)); + goto err; +@@ -355,7 +375,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t * + goto err; + } + +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp != NULL) { + if (fchown(tokdata->spinxplfd, -1, grp->gr_gid) == -1) { + OCK_SYSLOG(LOG_ERR, Property changes on: head/security/opencryptoki/files/patch-usr-lib-common-utility.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk (revision 494474) @@ -0,0 +1,19 @@ +--- usr/lib/ica_s390_stdll/ica_s390_stdll.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/ica_s390_stdll/ica_s390_stdll.mk +@@ -3,14 +3,14 @@ nobase_lib_LTLIBRARIES += opencryptoki/stdll/libpkcs11 + noinst_HEADERS += usr/lib/ica_s390_stdll/tok_struct.h + + opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = \ +- -DDEV -D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \ ++ -DDEV -D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \ + -DNODH -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\" \ + $(ICA_INC_DIRS) -I${srcdir}/usr/lib/ica_s390_stdll \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/include + + opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS = \ + $(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared \ +- -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica -ldl \ ++ -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica \ + -lcrypto -lrt \ + -Wl,--version-script=${srcdir}/opencryptoki_tok.map + Property changes on: head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c (revision 494474) @@ -0,0 +1,11 @@ +--- usr/lib/icsf_stdll/pbkdf.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/icsf_stdll/pbkdf.c +@@ -62,7 +62,7 @@ CK_RV set_perms(int file) + return CKR_FUNCTION_FAILED; + } + +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp) { + if (fchown(file, -1, grp->gr_gid) != 0) { + TRACE_ERROR("fchown failed: %s\n", strerror(errno)); Property changes on: head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c (revision 494474) @@ -0,0 +1,31 @@ +--- usr/lib/soft_stdll/soft_specific.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/soft_stdll/soft_specific.c +@@ -19,6 +19,10 @@ + + ****************************************************************************/ + ++#ifndef _BSD_SOURCE ++#define _BSD_SOURCE ++#endif ++ + #include + #include // for memcmp() et al + #include +@@ -36,7 +40,17 @@ + #include + #include + #include ++#if defined(__OpenBSD__) || defined(__FreeBSD__) ++#include ++#ifdef _BYTE_ORDER ++#define __BYTE_ORDER _BYTE_ORDER ++#endif ++#ifdef _LITTLE_ENDIAN ++#define __LITTLE_ENDIAN _LITTLE_ENDIAN ++#endif ++#else + #include ++#endif + + #include + #include Property changes on: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk =================================================================== --- head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk (nonexistent) +++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk (revision 494474) @@ -0,0 +1,11 @@ +--- usr/lib/soft_stdll/soft_stdll.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/soft_stdll/soft_stdll.mk +@@ -4,7 +4,7 @@ noinst_HEADERS += usr/lib/soft_stdll/tok_struct.h + + opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = \ + -DDEV -D_THREAD_SAFE -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF \ +- -DNOMD2 -DNODSA -DNORIPE -fPIC -I${srcdir}/usr/lib/soft_stdll \ ++ -DNOMD2 -DNODSA -DNORIPE $(FPIC) -I${srcdir}/usr/lib/soft_stdll \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/include \ + -DSTDLL_NAME=\"swtok\" + Property changes on: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c (revision 494474) @@ -1,11 +1,11 @@ ---- usr/sbin/pkcsconf/pkcsconf.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsconf/pkcsconf.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsconf/pkcsconf.c -@@ -777,6 +777,8 @@ display_pkcs11_info(void){ - printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major, - CryptokiInfo.libraryVersion.minor); +@@ -530,6 +530,8 @@ CK_RV display_pkcs11_info(void) + printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major, + CryptokiInfo.libraryVersion.minor); -+ cleanup(); ++ cleanup(); + - return rc; + return rc; } Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk (nonexistent) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk (revision 494474) @@ -0,0 +1,11 @@ +--- usr/sbin/pkcsconf/pkcsconf.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/sbin/pkcsconf/pkcsconf.mk +@@ -1,7 +1,7 @@ + sbin_PROGRAMS += usr/sbin/pkcsconf/pkcsconf + noinst_HEADERS += usr/sbin/pkcsconf/pkcsconf_msg.h + +-usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -ldl -lcrypto ++usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -lcrypto + + usr_sbin_pkcsconf_pkcsconf_CFLAGS = \ + -D_THREAD_SAFE -DDEBUG -DDEV -DAPI \ Property changes on: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h (revision 494474) @@ -1,14 +1,12 @@ ---- usr/sbin/pkcsslotd/log.h.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/log.h.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/log.h -@@ -297,9 +297,8 @@ +@@ -11,6 +11,9 @@ #ifndef _LOG_H #define _LOG_H 1 -- -- -- +#include +#include - ++ #ifndef FALSE #define FALSE 0 + #endif /* FALSE */ Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c (revision 494474) @@ -1,41 +1,41 @@ ---- usr/sbin/pkcsslotd/mutex.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/mutex.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/mutex.c -@@ -281,10 +281,28 @@ - legal action under this Agreement more than one year after - the cause of action arose. Each party waives its rights to - a jury trial in any resulting litigation. -+*/ - +@@ -16,10 +16,29 @@ + #include + #include + #include +#include + #include "log.h" + #include "slotmgr.h" + +#ifdef __sun -+#define LOCK_EX F_LOCK -+#define LOCK_UN F_ULOCK -+#define flock(fd, func) lockf(fd, func, 0) ++#define LOCK_EX F_LOCK ++#define LOCK_UN F_ULOCK ++#define flock(fd, func) lockf(fd, func, 0) +#endif - --*/ +#ifndef LOCK_SH -+#define LOCK_SH 1 /* shared lock */ ++#define LOCK_SH 1 /* shared lock */ +#endif +#ifndef LOCK_EX -+#define LOCK_EX 2 /* exclusive lock */ ++#define LOCK_EX 2 /* exclusive lock */ +#endif +#ifndef LOCK_NB -+#define LOCK_NB 4 /* don't block when locking */ ++#define LOCK_NB 4 /* don't block when locking */ +#endif +#ifndef LOCK_UN -+#define LOCK_UN 8 /* unlock */ ++#define LOCK_UN 8 /* unlock */ +#endif ++ + static int xplfd = -1; - /* (C) COPYRIGHT International Business Machines Corp. 2001 */ + int CreateXProcLock(void) +@@ -41,7 +60,7 @@ int CreateXProcLock(void) + goto error; + } -@@ -323,7 +341,7 @@ CreateXProcLock(void) - goto error; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp != NULL) { - if (fchown(xplfd,-1,grp->gr_gid) == -1) { - DbgLog(DL0,"%s:fchown(%s):%s\n", +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp != NULL) { + if (fchown(xplfd, -1, grp->gr_gid) == -1) { + DbgLog(DL0, "%s:fchown(%s):%s\n", Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h (revision 494474) @@ -1,12 +1,12 @@ ---- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/pkcsslotd.h -@@ -305,6 +305,9 @@ +@@ -17,6 +17,9 @@ #ifndef _PKCSSLOTMGR_H - #define _PKCSSLOTMGR_H 1 + #define _PKCSSLOTMGR_H 1 +#include +#include + /*********** * Defines * ***********/ Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c (revision 494474) @@ -1,35 +1,37 @@ ---- usr/sbin/pkcsslotd/shmem.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/shmem.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/shmem.c -@@ -336,9 +336,9 @@ int CreateSharedMemory ( void ) { - } - // SAB Get the group information for the PKCS#11 group... fail if - // it does not exist -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if ( !grp ) { -- ErrLog("Group PKCS#11 does not exist "); -+ ErrLog("Group " PKCS11GROUP " does not exist "); - return FALSE; // Group does not exist... setup is wrong.. - } +@@ -54,9 +54,9 @@ int CreateSharedMemory(void) + } + // SAB Get the group information for the PKCS#11 group... fail if + // it does not exist +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { +- ErrLog("Group PKCS#11 does not exist "); ++ ErrLog("Group " PKCS11GROUP " does not exist "); + return FALSE; // Group does not exist... setup is wrong.. + } -@@ -415,9 +415,9 @@ int CreateSharedMemory ( void ) { - int i; - char *buffer; - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if ( !grp ) { -- ErrLog("Group \"pkcs11\" does not exist! Please run %s/pkcs11_startup.", -+ ErrLog("Group " PKCS11GROUP " does not exist! Please run %s/pkcs11_startup.", - SBIN_PATH); - return FALSE; // Group does not exist... setup is wrong.. - } -@@ -437,7 +437,7 @@ int CreateSharedMemory ( void ) { - return FALSE; - } - if (fchown(fd, 0, grp->gr_gid) == -1) { -- ErrLog("%s: fchown(%s, root, pkcs11): %s", __FUNCTION__, MAPFILENAME, -+ ErrLog("%s: fchown(%s, root, %s): %s", __FUNCTION__, MAPFILENAME, PKCS11GROUP, - strerror(errno)); - close(fd); - return FALSE; +@@ -136,9 +136,9 @@ int CreateSharedMemory(void) + int i; + char *buffer; + +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { +- ErrLog("Group \"pkcs11\" does not exist! " ++ ErrLog("Group " PKCS11GROUP " does not exist! " + "Opencryptoki setup is incorrect."); + return FALSE; // Group does not exist... setup is wrong.. + } +@@ -160,8 +160,8 @@ int CreateSharedMemory(void) + return FALSE; + } + if (fchown(fd, 0, grp->gr_gid) == -1) { +- ErrLog("%s: fchown(%s, root, pkcs11): %s", __func__, +- MAPFILENAME, strerror(errno)); ++ ErrLog("%s: fchown(%s, root, %s): %s", __func__, ++ MAPFILENAME, PKCS11GROUP, strerror(errno)); + close(fd); + return FALSE; + } Index: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c =================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c (revision 494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c (revision 494474) @@ -1,45 +1,45 @@ ---- usr/sbin/pkcsslotd/socket_server.c.orig 2016-04-30 02:26:46.000000000 +0900 -+++ usr/sbin/pkcsslotd/socket_server.c 2016-06-12 07:33:22.000000000 +0900 -@@ -300,6 +300,9 @@ +--- usr/sbin/pkcsslotd/socket_server.c.orig 2018-11-16 14:53:03 UTC ++++ usr/sbin/pkcsslotd/socket_server.c +@@ -19,6 +19,9 @@ #include #include #include +#ifndef SOCK_NONBLOCK +#include +#endif #include "log.h" #include "slotmgr.h" -@@ -314,11 +317,23 @@ - struct group *grp; - int socketfd; +@@ -34,11 +37,23 @@ int CreateListenerSocket(void) + struct group *grp; + int socketfd; +#ifdef SOCK_NONBLOCK - socketfd = socket(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0); + socketfd = socket(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0); +#else -+ socketfd = socket(PF_UNIX, SOCK_STREAM, 0); ++ socketfd = socket(PF_UNIX, SOCK_STREAM, 0); +#endif - if (socketfd < 0) { - ErrLog("Failed to create listener socket, errno 0x%X.", errno); - return -1; - } + if (socketfd < 0) { + ErrLog("Failed to create listener socket, errno 0x%X.", errno); + return -1; + } +#ifndef SOCK_NONBLOCK -+ if (fcntl(socketfd, F_SETFL, -+ fcntl(socketfd, F_GETFL) | O_NONBLOCK) < 0) { -+ ErrLog("Failed to set listener non-block, errno 0x%X.", errno); -+ close(socketfd); -+ return -1; -+ } ++ if (fcntl(socketfd, F_SETFL, ++ fcntl(socketfd, F_GETFL) | O_NONBLOCK) < 0) { ++ ErrLog("Failed to set listener non-block, errno 0x%X.", errno); ++ close(socketfd); ++ return -1; ++ } +#endif - if (unlink(SOCKET_FILE_PATH) && errno != ENOENT) { - ErrLog("Failed to unlink socket file, errno 0x%X.", errno); - close(socketfd); -@@ -337,7 +352,7 @@ - - // make socket file part of the pkcs11 group, and write accessable - // for that group -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (!grp) { - ErrLog("Group PKCS#11 does not exist"); - DetachSocketListener(socketfd); + if (unlink(SOCKET_FILE_PATH) && errno != ENOENT) { + ErrLog("Failed to unlink socket file, errno 0x%X.", errno); + close(socketfd); +@@ -57,7 +72,7 @@ int CreateListenerSocket(void) + } + // make socket file part of the pkcs11 group, and write accessable + // for that group +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { + ErrLog("Group PKCS#11 does not exist"); + DetachSocketListener(socketfd); Index: head/security/opencryptoki/pkg-plist =================================================================== --- head/security/opencryptoki/pkg-plist (revision 494473) +++ head/security/opencryptoki/pkg-plist (revision 494474) @@ -1,42 +1,40 @@ @sample etc/opencryptoki/opencryptoki.conf.sample include/opencryptoki/apiclient.h include/opencryptoki/pkcs11.h include/opencryptoki/pkcs11types.h lib/opencryptoki/PKCS11_API.so lib/opencryptoki/libopencryptoki.so lib/opencryptoki/libopencryptoki.so.0 lib/opencryptoki/libopencryptoki.so.0.0.0 lib/opencryptoki/methods -%%LDAP%%lib/opencryptoki/stdll/PKCS11_ICSF.so +lib/opencryptoki/stdll/PKCS11_ICSF.so lib/opencryptoki/stdll/PKCS11_SW.so lib/opencryptoki/stdll/PKCS11_TPM.so lib/opencryptoki/stdll/libpkcs11_sw.so lib/opencryptoki/stdll/libpkcs11_sw.so.0 lib/opencryptoki/stdll/libpkcs11_sw.so.0.0.0 lib/opencryptoki/stdll/libpkcs11_tpm.so lib/opencryptoki/stdll/libpkcs11_tpm.so.0 lib/opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 -%%LDAP%%lib/opencryptoki/stdll/libpkcs11_icsf.so.0.0.0 -%%LDAP%%lib/opencryptoki/stdll/libpkcs11_icsf.so.0 -%%LDAP%%lib/opencryptoki/stdll/libpkcs11_icsf.so +lib/opencryptoki/stdll/libpkcs11_icsf.so.0.0.0 +lib/opencryptoki/stdll/libpkcs11_icsf.so.0 +lib/opencryptoki/stdll/libpkcs11_icsf.so lib/pkcs11/PKCS11_API.so lib/pkcs11/libopencryptoki.so lib/pkcs11/methods lib/pkcs11/stdll -man/man1/pkcscca.1.gz man/man1/pkcsconf.1.gz -man/man1/pkcsep11_migrate.1.gz man/man1/pkcsicsf.1.gz man/man5/opencryptoki.conf.5.gz man/man7/opencryptoki.7.gz man/man8/pkcsslotd.8.gz sbin/pkcsconf -%%LDAP%%sbin/pkcsicsf +sbin/pkcsicsf sbin/pkcsslotd -%%LDAP%%@dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/icsf +@dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/icsf @dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/swtok/TOK_OBJ @dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/swtok @dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki/tpm @dir(%%USERS%%,%%GROUPS%%,700) /var/lib/opencryptoki @dir /var/lib @dir /var/log/opencryptoki