Skip to content

Commit

Permalink
security/opencryptoki: Update to 3.19.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@hrs-allbsd
hrs-allbsd committed Feb 11, 2023
1 parent 5550e3d commit e83df13
Show file tree
Hide file tree
Showing 10 changed files with 55 additions and 61 deletions.
2 changes: 1 addition & 1 deletion security/opencryptoki/Makefile
View file
@@ -1,5 +1,5 @@
PORTNAME= opencryptoki
PORTVERSION= 3.18.0
PORTVERSION= 3.19.0
DISTVERSIONPREFIX= v
CATEGORIES= security

Expand Down
6 changes: 3 additions & 3 deletions security/opencryptoki/distinfo
View file
@@ -1,3 +1,3 @@
TIMESTAMP = 1651086346
SHA256 (opencryptoki-opencryptoki-v3.18.0_GH0.tar.gz) = 18882bbb3eaff37b2badf93bce1faab86406ed60f40fd5debc08afd3ceba36c2
SIZE (opencryptoki-opencryptoki-v3.18.0_GH0.tar.gz) = 1337092
TIMESTAMP = 1673927846
SHA256 (opencryptoki-opencryptoki-v3.19.0_GH0.tar.gz) = 9d8646fd5502bbcf6debc89e76ce064198272cbc5856baa8d350056abe5bdf14
SIZE (opencryptoki-opencryptoki-v3.19.0_GH0.tar.gz) = 1371265
23 changes: 12 additions & 11 deletions security/opencryptoki/files/patch-Makefile.am
View file
@@ -1,6 +1,6 @@
--- Makefile.am.orig 2022-04-25 11:04:51 UTC
--- Makefile.am.orig 2022-09-30 07:45:52 UTC
+++ Makefile.am
@@ -39,9 +39,9 @@ if ENABLE_LIBRARY
@@ -47,9 +47,9 @@ if ENABLE_LIBRARY
cd $(DESTDIR)$(libdir)/opencryptoki && \
ln -fs libopencryptoki.so PKCS11_API.so
cd $(DESTDIR)$(libdir)/opencryptoki && \
Expand All @@ -12,7 +12,7 @@
cd $(DESTDIR)$(libdir)/pkcs11 && \
ln -fs ../opencryptoki/libopencryptoki.so PKCS11_API.so
cd $(DESTDIR)$(libdir)/pkcs11 && \
@@ -53,55 +53,55 @@ if ENABLE_CCATOK
@@ -61,12 +61,12 @@ if ENABLE_CCATOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -fs libpkcs11_cca.so PKCS11_CCA.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
Expand All @@ -26,8 +26,9 @@
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok
+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok
$(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok
endif
if ENABLE_EP11TOK
test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
test -f $(DESTDIR)$(sysconfdir)/opencryptoki/ccatok.conf || $(INSTALL) -m 644 $(srcdir)/usr/lib/cca_stdll/ccatok.conf $(DESTDIR)$(sysconfdir)/opencryptoki/ccatok.conf || true
@@ -75,43 +75,43 @@ if ENABLE_EP11TOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -fs libpkcs11_ep11.so PKCS11_EP11.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
Expand All @@ -39,7 +40,7 @@
$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
$(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok
- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok
+ $(CHGRP) @PKCSGROUP11@ $(DESTDIR)$(lockdir)/ep11tok
+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ep11tok
$(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok
test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
- test -f $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || $(INSTALL) -m 644 $(srcdir)/usr/lib/ep11_stdll/ep11tok.conf $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || true
Expand All @@ -50,7 +51,7 @@
if ENABLE_P11SAK
test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
- test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || $(INSTALL) -g pkcs11 -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || true
+ test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf.sample || $(INSTALL) -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf.sample || true
+ test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf.sample || $(INSTALL) -g @PKCS11GROUP@ -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf.sample || true
endif
if ENABLE_ICATOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
Expand Down Expand Up @@ -83,7 +84,7 @@
$(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok
endif
if ENABLE_TPMTOK
@@ -109,10 +109,10 @@ if ENABLE_TPMTOK
@@ -119,10 +119,10 @@ if ENABLE_TPMTOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -fs libpkcs11_tpm.so PKCS11_TPM.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
Expand All @@ -96,7 +97,7 @@
$(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm
endif
if ENABLE_ICSFTOK
@@ -120,16 +120,15 @@ if ENABLE_ICSFTOK
@@ -130,16 +130,15 @@ if ENABLE_ICSFTOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
ln -fs libpkcs11_icsf.so PKCS11_ICSF.so
$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
Expand All @@ -116,7 +117,7 @@
if ENABLE_SYSTEMD
mkdir -p $(DESTDIR)/usr/lib/tmpfiles.d
cp $(srcdir)/misc/tmpfiles.conf $(DESTDIR)/usr/lib/tmpfiles.d/opencryptoki.conf
@@ -137,16 +136,8 @@ if ENABLE_SYSTEMD
@@ -147,16 +146,8 @@ if ENABLE_SYSTEMD
rm -f $(DESTDIR)/usr/lib/systemd/system/tmpfiles.conf
endif
endif
Expand All @@ -134,7 +135,7 @@
$(CHMOD) 0770 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)


@@ -190,7 +181,6 @@ if ENABLE_TPMTOK
@@ -200,7 +191,6 @@ if ENABLE_TPMTOK
cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
rm -rf PKCS11_TPM.so; fi
endif
Expand Down
19 changes: 8 additions & 11 deletions security/opencryptoki/files/patch-configure.ac
View file
@@ -1,4 +1,4 @@
--- configure.ac.orig 2022-04-25 11:04:51 UTC
--- configure.ac.orig 2022-09-30 07:45:52 UTC
+++ configure.ac
@@ -12,6 +12,9 @@ dnl Checks for header files.
AC_DISABLE_STATIC
Expand All @@ -19,20 +19,17 @@
AC_PATH_PROG([USERMOD], [usermod], [/usr/sbin/usermod])
AC_PATH_PROG([GROUPADD], [groupadd], [/usr/sbin/groupadd])
AC_PATH_PROG([CAT], [cat], [/bin/cat])
@@ -71,19 +74,27 @@ fi
@@ -71,18 +74,26 @@ fi
AC_CHECK_LIB([itm], [_ITM_commitTransaction], [itm=yes], [itm=no])

OPENLDAP_LIBS=
-AC_CHECK_HEADERS([lber.h ldap.h],
+if test "x$enable_icsftok" = "xyes"; then
+ AC_CHECK_HEADERS([lber.h ldap.h],
AC_CHECK_HEADERS([lber.h ldap.h],
[OPENLDAP_LIBS="-llber -lldap"],
[AC_MSG_ERROR([lber.h and ldap.h are missing. Please install
'openldap-devel'.])])
-LIBS="$LIBS $OPENLDAP_LIBS"
+ LIBS="$LIBS $OPENLDAP_LIBS"
+fi
AC_SUBST([OPENLDAP_LIBS])
+fi

dnl Define custom variables

Expand All @@ -51,7 +48,7 @@
AC_SUBST(logdir)

dnl ---
@@ -241,6 +252,19 @@ AC_ARG_WITH([libudev],
@@ -244,6 +255,19 @@ AC_ARG_WITH([libudev],
[],
[with_libudev=check])

Expand All @@ -71,9 +68,9 @@
dnl ---
dnl ---
dnl --- Now that we have all the options, let's check for a valid build
@@ -662,10 +686,14 @@ libitm and gcc>=4.7 is required])
@@ -674,10 +698,14 @@ else
fi
AM_CONDITIONAL([ENABLE_LOCKS], [test "x$enable_locks" = "xyes"])
AM_CONDITIONAL([ENABLE_MD2], [test "x$enable_md2" = "xyes"])

-CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wextra"
+CFLAGS="$CFLAGS -Wall -Wextra -Wno-pointer-sign"
Expand All @@ -88,7 +85,7 @@
# At this point, CFLAGS is set to something sensible
AC_PROG_CC
AC_PROG_CXX
@@ -678,6 +706,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
@@ -690,6 +718,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
#endif]])],,
[AC_MSG_ERROR([C++ compiler is missing on your system. Please install 'gcc-c++'.])])
AC_LANG_POP([C++])
Expand Down
6 changes: 3 additions & 3 deletions security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk
View file
@@ -1,12 +1,12 @@
--- usr/lib/ica_s390_stdll/ica_s390_stdll.mk.orig 2022-04-25 11:04:51 UTC
--- usr/lib/ica_s390_stdll/ica_s390_stdll.mk.orig 2022-09-30 07:45:52 UTC
+++ usr/lib/ica_s390_stdll/ica_s390_stdll.mk
@@ -3,7 +3,7 @@ nobase_lib_LTLIBRARIES += opencryptoki/stdll/libpkcs11
noinst_HEADERS += usr/lib/ica_s390_stdll/tok_struct.h

opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = \
- -DDEV -D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \
+ -DDEV -D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \
-DNODH -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\" \
-DNODH -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\" \
-DTOK_NEW_DATA_STORE=0x0003000c \
$(ICA_INC_DIRS) -I${srcdir}/usr/lib/ica_s390_stdll \
@@ -12,7 +12,7 @@ opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = \
Expand All @@ -15,6 +15,6 @@
$(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared \
- -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica -ldl \
+ -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica \
-lcrypto -lrt \
-lcrypto -lrt -llber \
-Wl,--version-script=${srcdir}/opencryptoki_tok.map

4 changes: 2 additions & 2 deletions security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk
View file
@@ -1,9 +1,9 @@
--- usr/lib/soft_stdll/soft_stdll.mk.orig 2022-04-25 11:04:51 UTC
--- usr/lib/soft_stdll/soft_stdll.mk.orig 2022-09-30 07:45:52 UTC
+++ usr/lib/soft_stdll/soft_stdll.mk
@@ -4,7 +4,7 @@ noinst_HEADERS += usr/lib/soft_stdll/tok_struct.h

opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = \
-DDEV -D_THREAD_SAFE -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF \
-DDEV -D_THREAD_SAFE -DSHALLOW=0 -DSWTOK=1 -DLITE=0 \
- -DNOMD2 -DNODSA -DNORIPE -fPIC -I${srcdir}/usr/lib/soft_stdll \
+ -DNOMD2 -DNODSA -DNORIPE $(FPIC) -I${srcdir}/usr/lib/soft_stdll \
-DTOK_NEW_DATA_STORE=0x0003000c \
Expand Down
13 changes: 2 additions & 11 deletions security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c
View file
@@ -1,6 +1,6 @@
--- usr/sbin/pkcsconf/pkcsconf.c.orig 2022-04-25 11:04:51 UTC
--- usr/sbin/pkcsconf/pkcsconf.c.orig 2022-09-30 07:45:52 UTC
+++ usr/sbin/pkcsconf/pkcsconf.c
@@ -548,7 +548,7 @@ CK_RV check_user_and_group(void)
@@ -362,7 +362,7 @@ CK_RV check_user_and_group(void)
* when forked). So we need to get the group information.
* Really need to take the uid and map it to a name.
*/
Expand All @@ -9,12 +9,3 @@
if (grp == NULL) {
return CKR_FUNCTION_FAILED;
}
@@ -589,6 +589,8 @@ CK_RV display_pkcs11_info(void)
printf("\tLibrary Description: %.32s \n", CryptokiInfo.libraryDescription);
printf("\tLibrary Version: %d.%d \n", CryptokiInfo.libraryVersion.major,
CryptokiInfo.libraryVersion.minor);
+
+ cleanup();

return rc;
}
38 changes: 20 additions & 18 deletions security/opencryptoki/files/patch-usr-sbin-pkcsslotd-opencryptoki.conf
View file
@@ -1,6 +1,6 @@
--- usr/sbin/pkcsslotd/opencryptoki.conf.orig 2022-04-25 11:04:51 UTC
--- usr/sbin/pkcsslotd/opencryptoki.conf.orig 2022-09-30 07:45:52 UTC
+++ usr/sbin/pkcsslotd/opencryptoki.conf
@@ -21,31 +21,40 @@ version opencryptoki-3.18
@@ -21,32 +21,41 @@ version opencryptoki-3.19
#
slot 0
{
Expand All @@ -23,6 +23,7 @@
slot 2
{
-stdll = libpkcs11_cca.so
-confname = ccatok.conf
-tokversion = 3.12
+ stdll = %%DLLDIR%%/libpkcs11_icsf.so
+ description = "ICSF (Integrated Cryptographic Service Facility) Token"
Expand All @@ -34,27 +35,28 @@
-stdll = libpkcs11_sw.so
-tokversion = 3.12
-}
+# slot 3
+# {
+# stdll = %%DLLDIR%%/libpkcs11_ica.so
+# tokversion = 3.12
+# }
+#slot 3
+#{
+# stdll = %%DLLDIR%%/libpkcs11_ica.so
+# tokversion = 3.12
+#}

-slot 4
-{
-stdll = libpkcs11_ep11.so
-confname = ep11tok.conf
-tokversion = 3.12
-}
+# slot 4
+# {
+# stdll = %%DLLDIR%%/libpkcs11_cca.so
+# tokversion = 3.12
+# }
+#slot 4
+#{
+# stdll = %%DLLDIR%%/libpkcs11_cca.so
+# confname = ccatok.conf
+# tokversion = 3.12
+#}
+
+# slot 5
+# {
+# stdll = %%DLLDIR%%/libpkcs11_ep11.so
+# confname = ep11tok.conf
+# tokversion = 3.12
+# }
+#slot 5
+#{
+# stdll = %%DLLDIR%%/libpkcs11_ep11.so
+# confname = ep11tok.conf
+# tokversion = 3.12
+#}
4 changes: 3 additions & 1 deletion security/opencryptoki/pkg-descr
View file
@@ -1 +1,3 @@
openCryptoki is a PKCS#11 implementation.
openCryptoki implements the PKCS#11 specification version 3.0,
including several cryptographic tokens: CCA, ICA, TPM , SWToken,
ICSF and EP11.
1 change: 1 addition & 0 deletions security/opencryptoki/pkg-plist
View file
Expand Up @@ -27,6 +27,7 @@ lib/pkcs11/libopencryptoki.so
lib/pkcs11/methods
lib/pkcs11/PKCS11_API.so
lib/pkcs11/stdll
libdata/pkgconfig/opencryptoki.pc
man/man1/p11sak.1.gz
man/man1/pkcsconf.1.gz
man/man1/pkcsicsf.1.gz
Expand Down

0 comments on commit e83df13

Please sign in to comment.