Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 3 Mar 2019 03:47:33 +0000 (UTC)
From:      Hiroki Sato <hrs@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r494474 - in head/security/opencryptoki: . files
Message-ID:  <201903030347.x233lXdC034545@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: hrs
Date: Sun Mar  3 03:47:33 2019
New Revision: 494474
URL: https://svnweb.freebsd.org/changeset/ports/494474

Log:
  Update to 3.11.0, which supports OpenSSL 1.0.x and 1.1.x.

Added:
  head/security/opencryptoki/files/patch-configure.ac
     - copied, changed from r494473, head/security/opencryptoki/files/patch-configure.in
  head/security/opencryptoki/files/patch-misc-misc.mk   (contents, props changed)
  head/security/opencryptoki/files/patch-usr-lib-api-api.mk
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c
  head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in
  head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c
  head/security/opencryptoki/files/patch-usr-lib-common-btree.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c
  head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h
  head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c
  head/security/opencryptoki/files/patch-usr-lib-common-trace.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c
  head/security/opencryptoki/files/patch-usr-lib-common-utility.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c
  head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c
  head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c
  head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk
     - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am
Deleted:
  head/security/opencryptoki/files/patch-configure.in
  head/security/opencryptoki/files/patch-usr-lib-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c
  head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am
  head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am
  head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c
Modified:
  head/security/opencryptoki/Makefile
  head/security/opencryptoki/distinfo
  head/security/opencryptoki/files/patch-Makefile.am
  head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c
  head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h
  head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c
  head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h
  head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c
  head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c
  head/security/opencryptoki/pkg-plist

Modified: head/security/opencryptoki/Makefile
==============================================================================
--- head/security/opencryptoki/Makefile	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/Makefile	Sun Mar  3 03:47:33 2019	(r494474)
@@ -2,10 +2,9 @@
 # $FreeBSD$
 
 PORTNAME=	opencryptoki
-PORTVERSION=	3.6
-PORTREVISION=	1
+PORTVERSION=	3.11.0
+DISTVERSIONPREFIX=	v
 CATEGORIES=	security
-MASTER_SITES=	SF
 
 MAINTAINER=	hrs@FreeBSD.org
 COMMENT=	Open PKCS\#11 implementation library
@@ -17,12 +16,15 @@ LICENSE_PERMS=	dist-mirror dist-sell pkg-mirror pkg-se
 
 LIB_DEPENDS=	libtspi.so:security/trousers
 
-USES=		alias autoreconf gmake libtool ssl tar:tgz
+USES=		alias autoreconf gmake libtool localbase ssl tar:tgz
+USE_GCC=	any
+USE_OPENLDAP=	yes
 USE_LDCONFIG=	${PREFIX}/lib/opencryptoki
-WRKSRC=		${WRKDIR}/${PORTNAME}
+USE_GITHUB=	yes
 INSTALL_TARGET=	install-strip
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--enable-swtok --enable-tpmtok \
+		--enable-icsftok \
 		--disable-crtok --disable-aeptok \
 		--disable-ccatok --disable-bcomtok \
 		--disable-pkcscca_migrate \
@@ -33,19 +35,12 @@ CONFIGURE_ARGS=	--enable-swtok --enable-tpmtok \
 		--with-pkcs11user=${USERS} \
 		--with-pkcs11group=${GROUPS} \
 		ac_cv_path_CHGRP=true
-CFLAGS+=	-I${LOCALBASE}/include
-LDFLAGS+=	-L${LOCALBASE}/lib
 USE_RC_SUBR=	pkcsslotd
 SUB_FILES=	pkg-message
 SUB_LIST=	USERS="${USERS}" GROUPS="${GROUPS}"
 PLIST_SUB=	USERS="${USERS}" GROUPS="${GROUPS}"
 USERS=		_pkcs11
 GROUPS=		_pkcs11
-
-OPTIONS_DEFINE=	LDAP
-OPTIONS_SUB=	yes
-LDAP_CONFIGURE_ENABLE=	icsf
-LDAP_USE=	OPENLDAP=yes
 
 post-install:
 	${MV} ${STAGEDIR}${ETCDIR}/opencryptoki.conf \

Modified: head/security/opencryptoki/distinfo
==============================================================================
--- head/security/opencryptoki/distinfo	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/distinfo	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1478467347
-SHA256 (opencryptoki-3.6.tgz) = f78a70632e50f6275467e84e95c6fa10dca2078da4e394518280defeb3169d2a
-SIZE (opencryptoki-3.6.tgz) = 1067759
+TIMESTAMP = 1551564276
+SHA256 (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 4d901373b08ed0b0d56a4df5e3f35a7d17142bdc5c5bf9b37c8a10200a08d6fd
+SIZE (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 935891

Modified: head/security/opencryptoki/files/patch-Makefile.am
==============================================================================
--- head/security/opencryptoki/files/patch-Makefile.am	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-Makefile.am	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,9 +1,128 @@
---- Makefile.am.orig	2016-04-29 17:26:45 UTC
-+++ Makefile.am
-@@ -8,5 +8,5 @@ if ENABLE_DAEMON
- MISCDIR = misc
+--- Makefile.am.orig	2018-11-16 23:53:03.000000000 +0900
++++ Makefile.am	2019-03-03 12:39:45.031868000 +0900
+@@ -29,7 +29,6 @@
+ include man/man.mk
+ include usr/usr.mk
+ 
+-
+ install-data-hook:
+ if ENABLE_LIBRARY
+ 	$(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll
+@@ -37,9 +36,9 @@
+ 	cd $(DESTDIR)$(libdir)/opencryptoki && \
+ 		ln -fs libopencryptoki.so PKCS11_API.so
+ 	cd $(DESTDIR)$(libdir)/opencryptoki && \
+-		ln -nfs $(sbindir) methods
++		ln -nfs ../../sbin methods
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+-		ln -nfs $(sbindir) methods
++		ln -nfs ../../sbin methods
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+ 		ln -fs ../opencryptoki/libopencryptoki.so PKCS11_API.so
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+@@ -51,24 +50,24 @@
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_cca.so PKCS11_CCA.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok
  endif
+ if ENABLE_EP11TOK
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_ep11.so PKCS11_EP11.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ep11tok
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok
+ 	test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
+ 	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || $(INSTALL) -m 644 $(srcdir)/usr/lib/ep11_stdll/ep11tok.conf $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || true
+@@ -78,24 +77,24 @@
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_ica.so PKCS11_ICA.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/lite
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite
+ endif
+ if ENABLE_SWTOK
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_sw.so PKCS11_SW.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/swtok
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok
+ endif
+ if ENABLE_TPMTOK
+@@ -103,10 +102,10 @@
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_tpm.so PKCS11_TPM.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/tpm
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/tpm
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm
+ endif
+ if ENABLE_ICSFTOK
+@@ -114,10 +113,10 @@
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+ 		ln -fs libpkcs11_icsf.so PKCS11_ICSF.so
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+-	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+ 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir)/icsf
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/icsf
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf
+ endif
+ if ENABLE_DAEMON
+@@ -130,16 +129,8 @@
+ 	rm -f $(DESTDIR)/usr/lib/systemd/system/tmpfiles.conf
+ endif
+ endif
+-	$(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d
+-	echo "$(libdir)/opencryptoki" >\
+-		$(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf
+-	echo "$(libdir)/opencryptoki/stdll" >>\
+-		$(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf
+-	@echo "--------------------------------------------------------------"
+-	@echo "Remember you must run ldconfig before using the above settings"
+-	@echo "--------------------------------------------------------------"
+ 	$(MKDIR_P) $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
+-	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
++	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
+ 	$(CHMOD) 0770 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir)
  
--SUBDIRS = usr man $(MISCDIR) $(TESTDIR)
-+SUBDIRS = usr man $(TESTDIR)
  

Copied and modified: head/security/opencryptoki/files/patch-configure.ac (from r494473, head/security/opencryptoki/files/patch-configure.in)
==============================================================================
--- head/security/opencryptoki/files/patch-configure.in	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-configure.ac	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,73 +1,74 @@
---- configure.in.orig	2016-04-29 17:26:45 UTC
-+++ configure.in
-@@ -6,6 +6,9 @@ AC_CANONICAL_SYSTEM
+--- configure.ac.orig	2018-11-16 14:53:03 UTC
++++ configure.ac
+@@ -12,6 +12,9 @@ dnl Checks for header files.
+ AC_DISABLE_STATIC
+ LT_INIT
  
- AM_INIT_AUTOMAKE([foreign 1.6])
- 
 +AC_DEFINE(_BSD_SOURCE, 1, BSD functions)
 +AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions)
 +
- dnl Checks for header files.
- AC_DISABLE_STATIC
- LT_INIT
-@@ -25,6 +28,7 @@ AC_FUNC_MEMCMP
- AC_FUNC_STRFTIME
- AC_FUNC_VPRINTF
- AC_CHECK_FUNCS([getcwd])
-+AC_CHECK_FUNCS([asprintf])
+ AC_HEADER_STDC
+ AC_CHECK_HEADER_STDBOOL
+ AC_CHECK_HEADERS([arpa/inet.h fcntl.h libintl.h limits.h locale.h malloc.h \
+@@ -77,18 +80,27 @@ fi
+ AC_CHECK_LIB([itm], [_ITM_commitTransaction], [itm=yes], [itm=no])
  
- dnl Used in various scripts
- AC_PATH_PROG([ID], [id], [/us/bin/id])
-@@ -40,10 +44,16 @@ AC_PROG_YACC
+ OPENLDAP_LIBS=
+-AC_CHECK_HEADERS([lber.h ldap.h],
++if test "x$enable_icsftok" = "xyes"; then
++    AC_CHECK_HEADERS([lber.h ldap.h],
+                 [OPENLDAP_LIBS="-llber -lldap"],
+                 [AC_MSG_ERROR([lber.h and ldap.h are missing. Please install
+                               'openldap-devel'.])])
+-LIBS="$LIBS $OPENLDAP_LIBS"
++    LIBS="$LIBS $OPENLDAP_LIBS"
++fi
+ AC_SUBST([OPENLDAP_LIBS])
  
  dnl Define custom variables
  
 -lockdir=$localstatedir/lock/opencryptoki
 +AC_ARG_WITH([lockdir],
 +	[AS_HELP_STRING([--with-lockdir],[lock directory])],
-+        [lockdir=$withval],
-+        [lockdir=$localstatedir/lock/opencryptoki])
++	[lockdir=$withval],
++	[lockdir=$localstatedir/lock/opencryptoki])
  AC_SUBST(lockdir)
  
--logdir=$localstatedir/log/opencryptoki
 +AC_ARG_WITH([logdir],
 +	[AS_HELP_STRING([--with-logdir],[log directory])],
-+        [logdir=$withval],
-+        [logdir=$localstatedir/log/opencryptoki])
++	[logdir=$withval],
++	[logdir=$localstatedir/log/opencryptoki])
+ logdir=$localstatedir/log/opencryptoki
  AC_SUBST(logdir)
  
- dnl ---
-@@ -166,6 +176,21 @@ AC_ARG_WITH([systemd],
+@@ -225,6 +237,19 @@ AC_ARG_WITH([systemd],
  	[],
  	[with_systemd=no])
  
 +dnl --- check for pkcs11 user
 +AC_ARG_WITH([pkcs11user],
 +	AC_HELP_STRING([--with-pkcs11user[[=USER]]], [set pkcs11 user [[pkcs11]]]),
-+        [pkcs11_user=$withval],
-+        [pkcs11_user=pkcs11])
-+
++	[pkcs11_user=$withval],
++	[pkcs11_user=pkcs11])
 +dnl --- check for pkcs11 group
 +AC_ARG_WITH(pkcs11group,
 +	AC_HELP_STRING([--with-pkcs11group[[=GROUP]]], [set pkcs11 group [[pkcs11]]]),
 +	[pkcs11_group=$withval],
 +	[pkcs11_group=pkcs11])
-+
 +AC_SUBST(PKCS11USER, $pkcs11_user)
 +AC_SUBST(PKCS11GROUP, $pkcs11_group)
 +
  dnl ---
  dnl ---
  dnl --- Now that we have all the options, let's check for a valid build
-@@ -554,13 +579,31 @@ fi
+@@ -598,12 +623,31 @@ else
+ fi
+ AM_CONDITIONAL([ENABLE_LOCKS], [test "x$enable_locks" = "xyes"])
  
- AM_CONDITIONAL([ENABLE_PKCSEP11_MIGRATE], [test "x$enable_pkcsep11_migrate" = "xyes"])
- 
--CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wno-pointer-sign"
--
--CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"'
+-CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wextra"
 +CFLAGS="$CFLAGS \
 + -Wall \
++ -Wextra \
 + -Wno-pointer-sign \
 +"
 +CPPFX=' \
@@ -86,11 +87,12 @@
 + -DPKCS11GROUP=\\\"${pkcs11_group}\\\" \
 +"
  
+-CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"'
+-
  # At this point, CFLAGS is set to something sensible
  AC_PROG_CC
- 
-+AC_SUBST(FPIC, $lt_prog_compiler_pic)
 +
- AC_CONFIG_FILES([Makefile usr/Makefile \
-           usr/include/Makefile \
-           usr/include/pkcs11/Makefile \
++AC_SUBST(FPIC, $lt_prog_compiler_pic)
+ 
+ AC_CONFIG_MACRO_DIRS([m4])
+ 

Added: head/security/opencryptoki/files/patch-misc-misc.mk
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-misc-misc.mk	Sun Mar  3 03:47:33 2019	(r494474)
@@ -0,0 +1,17 @@
+--- misc/misc.mk.orig	2018-11-16 14:53:03 UTC
++++ misc/misc.mk
+@@ -39,14 +39,5 @@ ${srcdir}/misc/tmpfiles.conf: ${srcdir}/misc/tmpfiles.
+ 	$(foreach TOK,$(TOKENS),\
+ 		echo "D $(lockdir)/$(TOK) 0770 root pkcs11 -" >> $@-t;)
+ 	mv $@-t $@
+-else
+-initddir = $(sysconfdir)/rc.d/init.d
+-initd_SCRIPTS = misc/pkcsslotd
+-
+-CLEANFILES += misc/pkcsslotd
+-${srcdir}/misc/pkcsslotd: ${srcdir}/misc/pkcsslotd.in
+-	@SED@ -e s!\@sbindir\@!"@sbindir@"!g < $< > $@-t
+-	@CHMOD@ a+x $@-t
+-	mv $@-t $@
+ endif
+ endif

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-api.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-api-api.mk	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,18 +1,17 @@
---- usr/lib/pkcs11/api/Makefile.am.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/api/Makefile.am
-@@ -4,13 +4,13 @@ SO_CURRENT=0
- SO_REVISION=0
+--- usr/lib/api/api.mk.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/api/api.mk
+@@ -7,12 +7,12 @@ SO_REVISION=0
  SO_AGE=0
  
--opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc -ldl \
-+opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc \
- 					  -lpthread -version-info         \
- 					  $(SO_CURRENT):$(SO_REVISION):$(SO_AGE)
+ opencryptoki_libopencryptoki_la_CFLAGS =				\
+-	-DAPI -DDEV -D_THREAD_SAFE -fPIC -I${srcdir}/usr/include	\
++	-DAPI -DDEV -D_THREAD_SAFE $(FPIC) -I${srcdir}/usr/include	\
+ 	-I${srcdir}/usr/lib/common -I${srcdir}/usr/lib/api		\
+ 	-DSTDLL_NAME=\"api\"
  
- # Not all versions of automake observe libname_CFLAGS
- opencryptoki_libopencryptoki_la_CFLAGS = -DAPI -DDEV -D_THREAD_SAFE 		\
--					 -fPIC -I../. -I../../../include/pkcs11 \
-+					 $(FPIC) -I../. -I../../../include/pkcs11 \
- 					 -I ../common -DSTDLL_NAME=\"api\"
+ opencryptoki_libopencryptoki_la_LDFLAGS =				\
+-	-shared	-Wl,-z,defs,-Bsymbolic -lc -ldl -lpthread		\
++	-shared	-Wl,-z,defs,-Bsymbolic -lc -lpthread			\
+ 	-version-info $(SO_CURRENT):$(SO_REVISION):$(SO_AGE)		\
+ 	-Wl,--version-script=${srcdir}/opencryptoki.map
  
- opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c \

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/api/apiutil.c.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/api/apiutil.c
-@@ -298,10 +298,10 @@
+--- usr/lib/api/apiutil.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/api/apiutil.c
+@@ -19,10 +19,10 @@
  #include <string.h>
  #include <strings.h>
  #include <unistd.h>
@@ -12,7 +12,7 @@
  
  #include <sys/ipc.h>
  
-@@ -314,7 +314,6 @@
+@@ -35,7 +35,6 @@
  #include <sys/types.h>
  #include <sys/stat.h>
  #include <fcntl.h>

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,11 +1,11 @@
---- usr/lib/pkcs11/api/shrd_mem.c.in.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/api/shrd_mem.c.in
-@@ -357,7 +357,7 @@ attach_shared_memory() {
-    // only check group membership if not root user
-    if (uid != 0 && euid != 0) {
- 	   int i, member=0;
--	   grp = getgrnam("pkcs11");
-+	   grp = getgrnam(PKCS11GROUP);
- 	   if (!grp) {
- 		   // group pkcs11 not known to the system
- 		   return NULL;
+--- usr/lib/api/shrd_mem.c.in.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/api/shrd_mem.c.in
+@@ -74,7 +74,7 @@ void *attach_shared_memory()
+     // only check group membership if not root user
+     if (uid != 0 && euid != 0) {
+         int i, member = 0;
+-        grp = getgrnam("pkcs11");
++        grp = getgrnam(PKCS11GROUP);
+         if (!grp) {
+             // group pkcs11 not known to the system
+             return NULL;

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,11 +1,11 @@
---- usr/lib/pkcs11/api/socket_client.c.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/api/socket_client.c
-@@ -320,7 +320,7 @@ init_socket_data() {
- 		return FALSE;
- 	}
+--- usr/lib/api/socket_client.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/api/socket_client.c
+@@ -51,7 +51,7 @@ int init_socket_data()
+         return FALSE;
+     }
  
--	grp = getgrnam("pkcs11");
-+	grp = getgrnam(PKCS11GROUP);
- 	if ( !grp ) {
- 		OCK_SYSLOG(LOG_ERR, "init_socket_data: pkcs11 group does not exist, errno=%d", errno);
- 		return FALSE;
+-    grp = getgrnam("pkcs11");
++    grp = getgrnam(PKCS11GROUP);
+     if (!grp) {
+         OCK_SYSLOG(LOG_ERR,
+                    "init_socket_data: pkcs11 group does not exist, errno=%d",

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-btree.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-common-btree.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/common/btree.c.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/common/btree.c
-@@ -30,7 +30,7 @@
+--- usr/lib/common/btree.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/common/btree.c
+@@ -18,7 +18,7 @@
  
  
  #include <stdio.h>

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,9 +1,9 @@
---- usr/lib/pkcs11/common/host_defs.h.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/common/host_defs.h
-@@ -294,12 +294,23 @@
- /* (C) COPYRIGHT International Business Machines Corp. 2001,2002          */
+--- usr/lib/common/host_defs.h.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/common/host_defs.h
+@@ -8,12 +8,23 @@
+  * https://opensource.org/licenses/cpl1.0.php
+  */
  
- 
 +#include <sys/types.h>
  #include <sys/mman.h>
  #ifndef _HOST_DEFS_H
@@ -13,14 +13,14 @@
 +#if defined(__OpenBSD__) || defined(__FreeBSD__)
 +#include <sys/endian.h>
 +#ifdef _BYTE_ORDER
-+#define        __BYTE_ORDER    _BYTE_ORDER
++#define	__BYTE_ORDER    _BYTE_ORDER
 +#endif
 +#ifdef _LITTLE_ENDIAN
-+#define        __LITTLE_ENDIAN _LITTLE_ENDIAN
++#define	__LITTLE_ENDIAN _LITTLE_ENDIAN
 +#endif
 +#else
  #include <endian.h>
 +#endif
  
  #include "pkcs32.h"
- 
+ #include <stdint.h>

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/common/loadsave.c.orig	2016-04-29 17:26:45 UTC
-+++ usr/lib/pkcs11/common/loadsave.c
-@@ -293,11 +293,9 @@
+--- usr/lib/common/loadsave.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/common/loadsave.c
+@@ -20,11 +20,9 @@
  #include <string.h>
  #include <strings.h>
  #include <unistd.h>
@@ -12,12 +12,12 @@
  #include <errno.h>
  #include <syslog.h>
  #include <pwd.h>
-@@ -637,7 +635,7 @@ void set_perm(int file)
- 		// Set absolute permissions or rw-rw----
- 		fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+@@ -370,7 +368,7 @@ void set_perm(int file)
+         // Set absolute permissions or rw-rw----
+         fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
  
--		grp = getgrnam("pkcs11");	// Obtain the group id
-+		grp = getgrnam(PKCS11GROUP);	// Obtain the group id
- 		if (grp) {
- 			// set ownership to root, and pkcs11 group
- 			if (fchown(file, getuid(), grp->gr_gid) != 0) {
+-        grp = getgrnam("pkcs11");       // Obtain the group id
++        grp = getgrnam(PKCS11GROUP);       // Obtain the group id
+         if (grp) {
+             // set ownership to root, and pkcs11 group
+             if (fchown(file, getuid(), grp->gr_gid) != 0) {

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-trace.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-common-trace.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,6 +1,6 @@
---- usr/lib/pkcs11/common/trace.c.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/common/trace.c
-@@ -301,6 +301,7 @@
+--- usr/lib/common/trace.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/common/trace.c
+@@ -21,6 +21,7 @@
  #include <unistd.h>
  #include <sys/file.h>
  #include <sys/types.h>
@@ -8,12 +8,12 @@
  
  #include "pkcs11types.h"
  #include "defs.h"
-@@ -449,7 +450,7 @@ CK_RV trace_initialize(void)
- 		return(CKR_FUNCTION_FAILED);
- 	}
+@@ -170,7 +171,7 @@ CK_RV trace_initialize(void)
+         return (CKR_FUNCTION_FAILED);
+     }
  
--	grp = getgrnam("pkcs11");
-+	grp = getgrnam(PKCS11GROUP);
- 	if (grp == NULL) {
- 		OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s."
- 			   "Tracing is disabled.\n", strerror(errno));
+-    grp = getgrnam("pkcs11");
++    grp = getgrnam(PKCS11GROUP);
+     if (grp == NULL) {
+         OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s."
+                    "Tracing is disabled.\n", strerror(errno));

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-utility.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-common-utility.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,50 +1,54 @@
---- usr/lib/pkcs11/common/utility.c.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/common/utility.c
-@@ -275,9 +275,28 @@
-              legal action under this Agreement more than one year after
-              the cause of action arose. Each party waives its rights to
-              a jury trial in any resulting litigation. 
-+*/
- 
+--- usr/lib/common/utility.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/common/utility.c
+@@ -21,6 +21,7 @@
+ #include <errno.h>
+ #include <pwd.h>
+ #include <grp.h>
 +#include <fcntl.h>
  
--*/
+ #include "pkcs11types.h"
+ #include "defs.h"
+@@ -35,6 +36,25 @@
+ #include <sys/file.h>
+ #include <syslog.h>
+ 
 +#ifdef __sun
-+#define	LOCK_EX	F_LOCK
-+#define	LOCK_UN	F_ULOCK
-+#define	flock(fd, func)	lockf(fd, func, 0)
++#define	LOCK_EX F_LOCK
++#define	LOCK_UN F_ULOCK
++#define	flock(fd, func) lockf(fd, func, 0)
 +#endif
 +
 +#ifndef	LOCK_SH
-+#define	LOCK_SH	1	/* shared lock */
++#define	LOCK_SH 1       /* shared lock */
 +#endif
 +#ifndef	LOCK_EX
-+#define	LOCK_EX	2	/* exclusive lock */
++#define	LOCK_EX 2       /* exclusive lock */
 +#endif
 +#ifndef	LOCK_NB
-+#define	LOCK_NB	4	/* don't block when locking */
++#define	LOCK_NB 4       /* don't block when locking */
 +#endif
 +#ifndef	LOCK_UN
-+#define	LOCK_UN	8	/* unlock */
++#define	LOCK_UN 8       /* unlock */
 +#endif
++
+ // Function:  dlist_add_as_first()
+ //
+ // Adds the specified node to the start of the list
+@@ -317,7 +337,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t *
+                            lockdir, strerror(errno));
+                 goto err;
+             }
+-            grp = getgrnam("pkcs11");
++            grp = getgrnam(PKCS11GROUP);
+             if (grp == NULL) {
+                 fprintf(stderr, "getgrname(pkcs11): %s", strerror(errno));
+                 goto err;
+@@ -355,7 +375,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t *
+                     goto err;
+                 }
  
- /* (C) COPYRIGHT International Business Machines Corp. 2001,2002          */
- 
-@@ -587,7 +606,7 @@ CK_RV CreateXProcLock(void)
- 					goto err;
- 				}
- 
--				grp = getgrnam("pkcs11");
-+				grp = getgrnam(PKCS11GROUP);
- 				if (grp != NULL) {
- 					if (fchown(spinxplfd, -1, grp->gr_gid)
- 					    == -1) {
-@@ -1131,7 +1150,7 @@ CK_RV check_user_and_group()
- 	 * when forked). So we need to get the group information.
- 	 * Really need to take the uid and map it to a name.
- 	 */
--	grp = getgrnam("pkcs11");
-+	grp = getgrnam(PKCS11GROUP);
- 	if (grp == NULL) {
- 		OCK_SYSLOG(LOG_ERR, "getgrnam() failed: %s\n", strerror(errno));
- 		goto error;
+-                grp = getgrnam("pkcs11");
++                grp = getgrnam(PKCS11GROUP);
+                 if (grp != NULL) {
+                     if (fchown(tokdata->spinxplfd, -1, grp->gr_gid) == -1) {
+                         OCK_SYSLOG(LOG_ERR,

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,33 +1,19 @@
---- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am
-@@ -6,12 +6,12 @@ opencryptoki_stdll_libpkcs11_ica_la_LDFL
- 					     -Wl,-Bsymbolic		\
- 					     -Wl,-soname,$@		\
- 					     -Wl,-Bsymbolic -lc		\
--					     -lpthread -lica -ldl	\
-+					     -lpthread -lica		\
- 					     -lcrypto
+--- usr/lib/ica_s390_stdll/ica_s390_stdll.mk.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/ica_s390_stdll/ica_s390_stdll.mk
+@@ -3,14 +3,14 @@ nobase_lib_LTLIBRARIES += opencryptoki/stdll/libpkcs11
+ noinst_HEADERS += usr/lib/ica_s390_stdll/tok_struct.h
  
- # Not all versions of automake observe libname_CFLAGS
- opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DDEV			\
--					     -D_THREAD_SAFE -fPIC	\
-+					     -D_THREAD_SAFE $(FPIC)	\
- 					     -DSHALLOW=0 -DSWTOK=0	\
- 					     -DLITE=1 -DNODH		\
- 					     -DNOCDMF -DNOMD2 -DNODSA	\
-@@ -64,12 +64,12 @@ install-data-hook:
- 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
- 		ln -sf libpkcs11_ica.so PKCS11_ICA.so
- 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
--	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
--	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
- 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ
- 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite
- 	$(MKDIR_P) $(DESTDIR)$(lockdir)/lite
--	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite
- 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite
+ opencryptoki_stdll_libpkcs11_ica_la_CFLAGS =				\
+-	-DDEV -D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1	\
++	-DDEV -D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1	\
+ 	-DNODH -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\"		\
+ 	$(ICA_INC_DIRS) -I${srcdir}/usr/lib/ica_s390_stdll		\
+ 	-I${srcdir}/usr/lib/common -I${srcdir}/usr/include
  
- uninstall-hook:
+ opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS =				\
+ 	$(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared		\
+-	-Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica -ldl	\
++	-Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica 	\
+ 	-lcrypto -lrt							\
+ 	-Wl,--version-script=${srcdir}/opencryptoki_tok.map
+ 

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,11 +1,11 @@
---- usr/lib/pkcs11/icsf_stdll/pbkdf.c.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/icsf_stdll/pbkdf.c
-@@ -337,7 +337,7 @@ set_perms(int file)
- 		return CKR_FUNCTION_FAILED;
- 	}
+--- usr/lib/icsf_stdll/pbkdf.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/icsf_stdll/pbkdf.c
+@@ -62,7 +62,7 @@ CK_RV set_perms(int file)
+         return CKR_FUNCTION_FAILED;
+     }
  
--	grp = getgrnam("pkcs11");
-+	grp = getgrnam(PKCS11GROUP);
- 	if (grp) {
- 		if (fchown(file, -1, grp->gr_gid) != 0) {
- 			TRACE_ERROR("fchown failed: %s\n", strerror(errno));
+-    grp = getgrnam("pkcs11");
++    grp = getgrnam(PKCS11GROUP);
+     if (grp) {
+         if (fchown(file, -1, grp->gr_gid) != 0) {
+             TRACE_ERROR("fchown failed: %s\n", strerror(errno));

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,26 +1,27 @@
---- usr/lib/pkcs11/soft_stdll/soft_specific.c.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/soft_stdll/soft_specific.c
-@@ -298,7 +298,9 @@
-  
-  
+--- usr/lib/soft_stdll/soft_specific.c.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/soft_stdll/soft_specific.c
+@@ -19,6 +19,10 @@
+ 
  ****************************************************************************/
-+#ifndef _BSD_SOURCE
- #define _BSD_SOURCE
-+#endif
  
++#ifndef	_BSD_SOURCE
++#define	_BSD_SOURCE
++#endif
++
  #include <pthread.h>
- #include <string.h>            // for memcmp() et al
-@@ -317,7 +319,17 @@
+ #include <string.h>             // for memcmp() et al
+ #include <stdlib.h>
+@@ -36,7 +40,17 @@
  #include <sys/types.h>
  #include <sys/stat.h>
  #include <fcntl.h>
 +#if defined(__OpenBSD__) || defined(__FreeBSD__)
 +#include <sys/endian.h>
-+#ifdef _BYTE_ORDER
-+#define        __BYTE_ORDER    _BYTE_ORDER
++#ifdef	_BYTE_ORDER
++#define	__BYTE_ORDER    _BYTE_ORDER
 +#endif
-+#ifdef _LITTLE_ENDIAN
-+#define        __LITTLE_ENDIAN _LITTLE_ENDIAN
++#ifdef	_LITTLE_ENDIAN
++#define	__LITTLE_ENDIAN _LITTLE_ENDIAN
 +#endif
 +#else
  #include <endian.h>

Copied and modified: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,27 +1,11 @@
---- usr/lib/pkcs11/soft_stdll/Makefile.am.orig	2016-04-29 17:26:46 UTC
-+++ usr/lib/pkcs11/soft_stdll/Makefile.am
-@@ -7,7 +7,7 @@ opencryptoki_stdll_libpkcs11_sw_la_LDFLA
- opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DDEV -D_THREAD_SAFE            \
- 					    -DSHALLOW=0 -DSWTOK=1 -DLITE=0  \
- 					    -DNOCDMF -DNOMD2 -DNODSA -DNORIPE	    \
--					    -fPIC		    \
-+					    $(FPIC)		    \
- 					    -I/usr/include -I.		    \
- 					    -I../../../include/pkcs11/stdll \
- 					    -I../../../include/pkcs11	    \
-@@ -56,12 +56,12 @@ install-data-hook:
- 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
- 		ln -sf libpkcs11_sw.so PKCS11_SW.so
- 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
--	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
--	$(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
- 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ
- 	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok
- 	$(MKDIR_P) $(DESTDIR)$(lockdir)/swtok
--	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok
-+	$(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok
- 	$(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok
+--- usr/lib/soft_stdll/soft_stdll.mk.orig	2018-11-16 14:53:03 UTC
++++ usr/lib/soft_stdll/soft_stdll.mk
+@@ -4,7 +4,7 @@ noinst_HEADERS += usr/lib/soft_stdll/tok_struct.h
  
- uninstall-hook:
+ opencryptoki_stdll_libpkcs11_sw_la_CFLAGS =				\
+ 	-DDEV -D_THREAD_SAFE -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF	\
+-	-DNOMD2 -DNODSA -DNORIPE -fPIC -I${srcdir}/usr/lib/soft_stdll	\
++	-DNOMD2 -DNODSA -DNORIPE $(FPIC) -I${srcdir}/usr/lib/soft_stdll	\
+ 	-I${srcdir}/usr/lib/common -I${srcdir}/usr/include		\
+ 	-DSTDLL_NAME=\"swtok\"
+ 

Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,11 +1,11 @@
---- usr/sbin/pkcsconf/pkcsconf.c.orig	2016-04-29 17:26:46 UTC
+--- usr/sbin/pkcsconf/pkcsconf.c.orig	2018-11-16 14:53:03 UTC
 +++ usr/sbin/pkcsconf/pkcsconf.c
-@@ -777,6 +777,8 @@ display_pkcs11_info(void){
-    printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major,
-          CryptokiInfo.libraryVersion.minor);
+@@ -530,6 +530,8 @@ CK_RV display_pkcs11_info(void)
+     printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major,
+            CryptokiInfo.libraryVersion.minor);
  
-+   cleanup();
++    cleanup();
 +
-    return rc;
+     return rc;
  }
  

Copied and modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk (from r494473, head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am)
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am	Sun Mar  3 01:19:32 2019	(r494473, copy source)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,10 +1,11 @@
---- usr/sbin/pkcsconf/Makefile.am.orig	2016-04-29 17:26:46 UTC
-+++ usr/sbin/pkcsconf/Makefile.am
-@@ -1,6 +1,6 @@
- sbin_PROGRAMS=pkcsconf
+--- usr/sbin/pkcsconf/pkcsconf.mk.orig	2018-11-16 14:53:03 UTC
++++ usr/sbin/pkcsconf/pkcsconf.mk
+@@ -1,7 +1,7 @@
+ sbin_PROGRAMS += usr/sbin/pkcsconf/pkcsconf
+ noinst_HEADERS += usr/sbin/pkcsconf/pkcsconf_msg.h
  
--pkcsconf_LDFLAGS = -lpthread -ldl
-+pkcsconf_LDFLAGS = -lpthread
+-usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -ldl -lcrypto
++usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -lcrypto
  
- # Not all versions of automake observe sbinname_CFLAGS
- pkcsconf_CFLAGS = -D_THREAD_SAFE -DDEBUG -DDEV -DAPI
+ usr_sbin_pkcsconf_pkcsconf_CFLAGS =					\
+ 	-D_THREAD_SAFE -DDEBUG -DDEV -DAPI				\

Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,14 +1,12 @@
---- usr/sbin/pkcsslotd/log.h.orig	2016-04-29 17:26:46 UTC
+--- usr/sbin/pkcsslotd/log.h.orig	2018-11-16 14:53:03 UTC
 +++ usr/sbin/pkcsslotd/log.h
-@@ -297,9 +297,8 @@
+@@ -11,6 +11,9 @@
  #ifndef _LOG_H
  #define _LOG_H 1
  
--
--
--
 +#include <sys/types.h>
 +#include <unistd.h>
- 
++
  #ifndef FALSE
  #define FALSE 0
+ #endif                          /* FALSE */

Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,41 +1,41 @@
---- usr/sbin/pkcsslotd/mutex.c.orig	2016-04-29 17:26:46 UTC
+--- usr/sbin/pkcsslotd/mutex.c.orig	2018-11-16 14:53:03 UTC
 +++ usr/sbin/pkcsslotd/mutex.c
-@@ -281,10 +281,28 @@
-              legal action under this Agreement more than one year after
-              the cause of action arose. Each party waives its rights to
-              a jury trial in any resulting litigation. 
-+*/
- 
+@@ -16,10 +16,29 @@
+ #include <sys/stat.h>
+ #include <grp.h>
+ #include <string.h>
 +#include <fcntl.h>
  
+ #include "log.h"
+ #include "slotmgr.h"
+ 
 +#ifdef __sun
-+#define	LOCK_EX	F_LOCK
-+#define	LOCK_UN	F_ULOCK
-+#define	flock(fd, func)	lockf(fd, func, 0)
++#define	LOCK_EX F_LOCK
++#define	LOCK_UN F_ULOCK
++#define	flock(fd, func) lockf(fd, func, 0)
 +#endif
- 
--*/
 +#ifndef	LOCK_SH
-+#define	LOCK_SH	1	/* shared lock */
++#define	LOCK_SH 1       /* shared lock */
 +#endif
 +#ifndef	LOCK_EX
-+#define	LOCK_EX	2	/* exclusive lock */
++#define	LOCK_EX 2       /* exclusive lock */
 +#endif
 +#ifndef	LOCK_NB
-+#define	LOCK_NB	4	/* don't block when locking */
++#define	LOCK_NB 4       /* don't block when locking */
 +#endif
 +#ifndef	LOCK_UN
-+#define	LOCK_UN	8	/* unlock */
++#define	LOCK_UN 8       /* unlock */
 +#endif
++
+ static int xplfd = -1;
  
- /* (C) COPYRIGHT International Business Machines Corp. 2001          */
+ int CreateXProcLock(void)
+@@ -41,7 +60,7 @@ int CreateXProcLock(void)
+                     goto error;
+                 }
  
-@@ -323,7 +341,7 @@ CreateXProcLock(void)
- 					goto error;
- 				}
- 
--				grp = getgrnam("pkcs11");
-+				grp = getgrnam(PKCS11GROUP);
- 				if (grp != NULL) {
- 					if (fchown(xplfd,-1,grp->gr_gid) == -1) {
- 						DbgLog(DL0,"%s:fchown(%s):%s\n",
+-                grp = getgrnam("pkcs11");
++                grp = getgrnam(PKCS11GROUP);
+                 if (grp != NULL) {
+                     if (fchown(xplfd, -1, grp->gr_gid) == -1) {
+                         DbgLog(DL0, "%s:fchown(%s):%s\n",

Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,8 +1,8 @@
---- usr/sbin/pkcsslotd/pkcsslotd.h.orig	2016-04-29 17:26:46 UTC
+--- usr/sbin/pkcsslotd/pkcsslotd.h.orig	2018-11-16 14:53:03 UTC
 +++ usr/sbin/pkcsslotd/pkcsslotd.h
-@@ -305,6 +305,9 @@
+@@ -17,6 +17,9 @@
  #ifndef _PKCSSLOTMGR_H
- #define _PKCSSLOTMGR_H 1
+ #define _PKCSSLOTMGR_H  1
  
 +#include <sys/types.h>
 +#include <sys/ipc.h>

Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c
==============================================================================
--- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c	Sun Mar  3 01:19:32 2019	(r494473)
+++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c	Sun Mar  3 03:47:33 2019	(r494474)
@@ -1,35 +1,37 @@
---- usr/sbin/pkcsslotd/shmem.c.orig	2016-04-29 17:26:46 UTC
+--- usr/sbin/pkcsslotd/shmem.c.orig	2018-11-16 14:53:03 UTC
 +++ usr/sbin/pkcsslotd/shmem.c
-@@ -336,9 +336,9 @@ int CreateSharedMemory ( void ) {
-    }
-    // SAB  Get the group information for the PKCS#11 group... fail if
-    // it does not exist
--   grp = getgrnam("pkcs11");
-+   grp = getgrnam(PKCS11GROUP);
-    if ( !grp ) {
--     ErrLog("Group PKCS#11 does not exist ");
-+     ErrLog("Group " PKCS11GROUP " does not exist ");
-      return FALSE;  // Group does not exist... setup is wrong..
-    }
+@@ -54,9 +54,9 @@ int CreateSharedMemory(void)
+     }
+     // SAB  Get the group information for the PKCS#11 group... fail if
+     // it does not exist
+-    grp = getgrnam("pkcs11");
++    grp = getgrnam(PKCS11GROUP);
+     if (!grp) {
+-        ErrLog("Group PKCS#11 does not exist ");
++        ErrLog("Group " PKCS11GROUP " does not exist ");
+         return FALSE;           // Group does not exist... setup is wrong..
+     }
  
-@@ -415,9 +415,9 @@ int CreateSharedMemory ( void ) {
-    int i;
-    char *buffer;
-    
--   grp = getgrnam("pkcs11");
-+   grp = getgrnam(PKCS11GROUP);

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903030347.x233lXdC034545>