Date: Sun, 3 Mar 2019 03:47:33 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r494474 - in head/security/opencryptoki: . files Message-ID: <201903030347.x233lXdC034545@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Sun Mar 3 03:47:33 2019 New Revision: 494474 URL: https://svnweb.freebsd.org/changeset/ports/494474 Log: Update to 3.11.0, which supports OpenSSL 1.0.x and 1.1.x. Added: head/security/opencryptoki/files/patch-configure.ac - copied, changed from r494473, head/security/opencryptoki/files/patch-configure.in head/security/opencryptoki/files/patch-misc-misc.mk (contents, props changed) head/security/opencryptoki/files/patch-usr-lib-api-api.mk - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c head/security/opencryptoki/files/patch-usr-lib-common-btree.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c head/security/opencryptoki/files/patch-usr-lib-common-trace.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c head/security/opencryptoki/files/patch-usr-lib-common-utility.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk - copied, changed from r494473, head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am Deleted: head/security/opencryptoki/files/patch-configure.in head/security/opencryptoki/files/patch-usr-lib-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c head/security/opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-Makefile.am head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c Modified: head/security/opencryptoki/Makefile head/security/opencryptoki/distinfo head/security/opencryptoki/files/patch-Makefile.am head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-socket_server.c head/security/opencryptoki/pkg-plist Modified: head/security/opencryptoki/Makefile ============================================================================== --- head/security/opencryptoki/Makefile Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/Makefile Sun Mar 3 03:47:33 2019 (r494474) @@ -2,10 +2,9 @@ # $FreeBSD$ PORTNAME= opencryptoki -PORTVERSION= 3.6 -PORTREVISION= 1 +PORTVERSION= 3.11.0 +DISTVERSIONPREFIX= v CATEGORIES= security -MASTER_SITES= SF MAINTAINER= hrs@FreeBSD.org COMMENT= Open PKCS\#11 implementation library @@ -17,12 +16,15 @@ LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-se LIB_DEPENDS= libtspi.so:security/trousers -USES= alias autoreconf gmake libtool ssl tar:tgz +USES= alias autoreconf gmake libtool localbase ssl tar:tgz +USE_GCC= any +USE_OPENLDAP= yes USE_LDCONFIG= ${PREFIX}/lib/opencryptoki -WRKSRC= ${WRKDIR}/${PORTNAME} +USE_GITHUB= yes INSTALL_TARGET= install-strip GNU_CONFIGURE= yes CONFIGURE_ARGS= --enable-swtok --enable-tpmtok \ + --enable-icsftok \ --disable-crtok --disable-aeptok \ --disable-ccatok --disable-bcomtok \ --disable-pkcscca_migrate \ @@ -33,19 +35,12 @@ CONFIGURE_ARGS= --enable-swtok --enable-tpmtok \ --with-pkcs11user=${USERS} \ --with-pkcs11group=${GROUPS} \ ac_cv_path_CHGRP=true -CFLAGS+= -I${LOCALBASE}/include -LDFLAGS+= -L${LOCALBASE}/lib USE_RC_SUBR= pkcsslotd SUB_FILES= pkg-message SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}" PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}" USERS= _pkcs11 GROUPS= _pkcs11 - -OPTIONS_DEFINE= LDAP -OPTIONS_SUB= yes -LDAP_CONFIGURE_ENABLE= icsf -LDAP_USE= OPENLDAP=yes post-install: ${MV} ${STAGEDIR}${ETCDIR}/opencryptoki.conf \ Modified: head/security/opencryptoki/distinfo ============================================================================== --- head/security/opencryptoki/distinfo Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/distinfo Sun Mar 3 03:47:33 2019 (r494474) @@ -1,3 +1,3 @@ -TIMESTAMP = 1478467347 -SHA256 (opencryptoki-3.6.tgz) = f78a70632e50f6275467e84e95c6fa10dca2078da4e394518280defeb3169d2a -SIZE (opencryptoki-3.6.tgz) = 1067759 +TIMESTAMP = 1551564276 +SHA256 (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 4d901373b08ed0b0d56a4df5e3f35a7d17142bdc5c5bf9b37c8a10200a08d6fd +SIZE (opencryptoki-opencryptoki-v3.11.0_GH0.tar.gz) = 935891 Modified: head/security/opencryptoki/files/patch-Makefile.am ============================================================================== --- head/security/opencryptoki/files/patch-Makefile.am Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-Makefile.am Sun Mar 3 03:47:33 2019 (r494474) @@ -1,9 +1,128 @@ ---- Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ Makefile.am -@@ -8,5 +8,5 @@ if ENABLE_DAEMON - MISCDIR = misc +--- Makefile.am.orig 2018-11-16 23:53:03.000000000 +0900 ++++ Makefile.am 2019-03-03 12:39:45.031868000 +0900 +@@ -29,7 +29,6 @@ + include man/man.mk + include usr/usr.mk + +- + install-data-hook: + if ENABLE_LIBRARY + $(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll +@@ -37,9 +36,9 @@ + cd $(DESTDIR)$(libdir)/opencryptoki && \ + ln -fs libopencryptoki.so PKCS11_API.so + cd $(DESTDIR)$(libdir)/opencryptoki && \ +- ln -nfs $(sbindir) methods ++ ln -nfs ../../sbin methods + cd $(DESTDIR)$(libdir)/pkcs11 && \ +- ln -nfs $(sbindir) methods ++ ln -nfs ../../sbin methods + cd $(DESTDIR)$(libdir)/pkcs11 && \ + ln -fs ../opencryptoki/libopencryptoki.so PKCS11_API.so + cd $(DESTDIR)$(libdir)/pkcs11 && \ +@@ -51,24 +50,24 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_cca.so PKCS11_CCA.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ccatok + $(MKDIR_P) $(DESTDIR)$(lockdir)/ccatok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ccatok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ccatok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ccatok endif + if ENABLE_EP11TOK + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_ep11.so PKCS11_EP11.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/ep11tok + $(MKDIR_P) $(DESTDIR)$(lockdir)/ep11tok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/ep11tok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/ep11tok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/ep11tok + test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true + test -f $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || $(INSTALL) -m 644 $(srcdir)/usr/lib/ep11_stdll/ep11tok.conf $(DESTDIR)$(sysconfdir)/opencryptoki/ep11tok.conf || true +@@ -78,24 +77,24 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_ica.so PKCS11_ICA.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite + $(MKDIR_P) $(DESTDIR)$(lockdir)/lite +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite + endif + if ENABLE_SWTOK + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_sw.so PKCS11_SW.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok + $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok + endif + if ENABLE_TPMTOK +@@ -103,10 +102,10 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_tpm.so PKCS11_TPM.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/tpm + $(MKDIR_P) $(DESTDIR)$(lockdir)/tpm +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/tpm ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/tpm + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/tpm + endif + if ENABLE_ICSFTOK +@@ -114,10 +113,10 @@ + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ + ln -fs libpkcs11_icsf.so PKCS11_ICSF.so + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf +- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf + $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/icsf + $(MKDIR_P) $(DESTDIR)$(lockdir)/icsf +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/icsf ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/icsf + $(CHMOD) 0770 $(DESTDIR)$(lockdir)/icsf + endif + if ENABLE_DAEMON +@@ -130,16 +129,8 @@ + rm -f $(DESTDIR)/usr/lib/systemd/system/tmpfiles.conf + endif + endif +- $(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d +- echo "$(libdir)/opencryptoki" >\ +- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf +- echo "$(libdir)/opencryptoki/stdll" >>\ +- $(DESTDIR)/etc/ld.so.conf.d/opencryptoki-$(target_cpu).conf +- @echo "--------------------------------------------------------------" +- @echo "Remember you must run ldconfig before using the above settings" +- @echo "--------------------------------------------------------------" + $(MKDIR_P) $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) +- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) ++ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) + $(CHMOD) 0770 $(DESTDIR)$(lockdir) $(DESTDIR)$(logdir) --SUBDIRS = usr man $(MISCDIR) $(TESTDIR) -+SUBDIRS = usr man $(TESTDIR) Copied and modified: head/security/opencryptoki/files/patch-configure.ac (from r494473, head/security/opencryptoki/files/patch-configure.in) ============================================================================== --- head/security/opencryptoki/files/patch-configure.in Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-configure.ac Sun Mar 3 03:47:33 2019 (r494474) @@ -1,73 +1,74 @@ ---- configure.in.orig 2016-04-29 17:26:45 UTC -+++ configure.in -@@ -6,6 +6,9 @@ AC_CANONICAL_SYSTEM +--- configure.ac.orig 2018-11-16 14:53:03 UTC ++++ configure.ac +@@ -12,6 +12,9 @@ dnl Checks for header files. + AC_DISABLE_STATIC + LT_INIT - AM_INIT_AUTOMAKE([foreign 1.6]) - +AC_DEFINE(_BSD_SOURCE, 1, BSD functions) +AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions) + - dnl Checks for header files. - AC_DISABLE_STATIC - LT_INIT -@@ -25,6 +28,7 @@ AC_FUNC_MEMCMP - AC_FUNC_STRFTIME - AC_FUNC_VPRINTF - AC_CHECK_FUNCS([getcwd]) -+AC_CHECK_FUNCS([asprintf]) + AC_HEADER_STDC + AC_CHECK_HEADER_STDBOOL + AC_CHECK_HEADERS([arpa/inet.h fcntl.h libintl.h limits.h locale.h malloc.h \ +@@ -77,18 +80,27 @@ fi + AC_CHECK_LIB([itm], [_ITM_commitTransaction], [itm=yes], [itm=no]) - dnl Used in various scripts - AC_PATH_PROG([ID], [id], [/us/bin/id]) -@@ -40,10 +44,16 @@ AC_PROG_YACC + OPENLDAP_LIBS= +-AC_CHECK_HEADERS([lber.h ldap.h], ++if test "x$enable_icsftok" = "xyes"; then ++ AC_CHECK_HEADERS([lber.h ldap.h], + [OPENLDAP_LIBS="-llber -lldap"], + [AC_MSG_ERROR([lber.h and ldap.h are missing. Please install + 'openldap-devel'.])]) +-LIBS="$LIBS $OPENLDAP_LIBS" ++ LIBS="$LIBS $OPENLDAP_LIBS" ++fi + AC_SUBST([OPENLDAP_LIBS]) dnl Define custom variables -lockdir=$localstatedir/lock/opencryptoki +AC_ARG_WITH([lockdir], + [AS_HELP_STRING([--with-lockdir],[lock directory])], -+ [lockdir=$withval], -+ [lockdir=$localstatedir/lock/opencryptoki]) ++ [lockdir=$withval], ++ [lockdir=$localstatedir/lock/opencryptoki]) AC_SUBST(lockdir) --logdir=$localstatedir/log/opencryptoki +AC_ARG_WITH([logdir], + [AS_HELP_STRING([--with-logdir],[log directory])], -+ [logdir=$withval], -+ [logdir=$localstatedir/log/opencryptoki]) ++ [logdir=$withval], ++ [logdir=$localstatedir/log/opencryptoki]) + logdir=$localstatedir/log/opencryptoki AC_SUBST(logdir) - dnl --- -@@ -166,6 +176,21 @@ AC_ARG_WITH([systemd], +@@ -225,6 +237,19 @@ AC_ARG_WITH([systemd], [], [with_systemd=no]) +dnl --- check for pkcs11 user +AC_ARG_WITH([pkcs11user], + AC_HELP_STRING([--with-pkcs11user[[=USER]]], [set pkcs11 user [[pkcs11]]]), -+ [pkcs11_user=$withval], -+ [pkcs11_user=pkcs11]) -+ ++ [pkcs11_user=$withval], ++ [pkcs11_user=pkcs11]) +dnl --- check for pkcs11 group +AC_ARG_WITH(pkcs11group, + AC_HELP_STRING([--with-pkcs11group[[=GROUP]]], [set pkcs11 group [[pkcs11]]]), + [pkcs11_group=$withval], + [pkcs11_group=pkcs11]) -+ +AC_SUBST(PKCS11USER, $pkcs11_user) +AC_SUBST(PKCS11GROUP, $pkcs11_group) + dnl --- dnl --- dnl --- Now that we have all the options, let's check for a valid build -@@ -554,13 +579,31 @@ fi +@@ -598,12 +623,31 @@ else + fi + AM_CONDITIONAL([ENABLE_LOCKS], [test "x$enable_locks" = "xyes"]) - AM_CONDITIONAL([ENABLE_PKCSEP11_MIGRATE], [test "x$enable_pkcsep11_migrate" = "xyes"]) - --CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wno-pointer-sign" -- --CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"' +-CFLAGS="$CFLAGS -DPKCS64 -D_XOPEN_SOURCE=600 -Wall -Wextra" +CFLAGS="$CFLAGS \ + -Wall \ ++ -Wextra \ + -Wno-pointer-sign \ +" +CPPFX=' \ @@ -86,11 +87,12 @@ + -DPKCS11GROUP=\\\"${pkcs11_group}\\\" \ +" +-CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\" -DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\" -DOCK_LOGDIR=\"$(logdir)\"' +- # At this point, CFLAGS is set to something sensible AC_PROG_CC - -+AC_SUBST(FPIC, $lt_prog_compiler_pic) + - AC_CONFIG_FILES([Makefile usr/Makefile \ - usr/include/Makefile \ - usr/include/pkcs11/Makefile \ ++AC_SUBST(FPIC, $lt_prog_compiler_pic) + + AC_CONFIG_MACRO_DIRS([m4]) + Added: head/security/opencryptoki/files/patch-misc-misc.mk ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/opencryptoki/files/patch-misc-misc.mk Sun Mar 3 03:47:33 2019 (r494474) @@ -0,0 +1,17 @@ +--- misc/misc.mk.orig 2018-11-16 14:53:03 UTC ++++ misc/misc.mk +@@ -39,14 +39,5 @@ ${srcdir}/misc/tmpfiles.conf: ${srcdir}/misc/tmpfiles. + $(foreach TOK,$(TOKENS),\ + echo "D $(lockdir)/$(TOK) 0770 root pkcs11 -" >> $@-t;) + mv $@-t $@ +-else +-initddir = $(sysconfdir)/rc.d/init.d +-initd_SCRIPTS = misc/pkcsslotd +- +-CLEANFILES += misc/pkcsslotd +-${srcdir}/misc/pkcsslotd: ${srcdir}/misc/pkcsslotd.in +- @SED@ -e s!\@sbindir\@!"@sbindir@"!g < $< > $@-t +- @CHMOD@ a+x $@-t +- mv $@-t $@ + endif + endif Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-api.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-api-api.mk Sun Mar 3 03:47:33 2019 (r494474) @@ -1,18 +1,17 @@ ---- usr/lib/pkcs11/api/Makefile.am.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/Makefile.am -@@ -4,13 +4,13 @@ SO_CURRENT=0 - SO_REVISION=0 +--- usr/lib/api/api.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/api.mk +@@ -7,12 +7,12 @@ SO_REVISION=0 SO_AGE=0 --opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc -ldl \ -+opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc \ - -lpthread -version-info \ - $(SO_CURRENT):$(SO_REVISION):$(SO_AGE) + opencryptoki_libopencryptoki_la_CFLAGS = \ +- -DAPI -DDEV -D_THREAD_SAFE -fPIC -I${srcdir}/usr/include \ ++ -DAPI -DDEV -D_THREAD_SAFE $(FPIC) -I${srcdir}/usr/include \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/lib/api \ + -DSTDLL_NAME=\"api\" - # Not all versions of automake observe libname_CFLAGS - opencryptoki_libopencryptoki_la_CFLAGS = -DAPI -DDEV -D_THREAD_SAFE \ -- -fPIC -I../. -I../../../include/pkcs11 \ -+ $(FPIC) -I../. -I../../../include/pkcs11 \ - -I ../common -DSTDLL_NAME=\"api\" + opencryptoki_libopencryptoki_la_LDFLAGS = \ +- -shared -Wl,-z,defs,-Bsymbolic -lc -ldl -lpthread \ ++ -shared -Wl,-z,defs,-Bsymbolic -lc -lpthread \ + -version-info $(SO_CURRENT):$(SO_REVISION):$(SO_AGE) \ + -Wl,--version-script=${srcdir}/opencryptoki.map - opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c \ Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-api-apiutil.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,6 +1,6 @@ ---- usr/lib/pkcs11/api/apiutil.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/apiutil.c -@@ -298,10 +298,10 @@ +--- usr/lib/api/apiutil.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/apiutil.c +@@ -19,10 +19,10 @@ #include <string.h> #include <strings.h> #include <unistd.h> @@ -12,7 +12,7 @@ #include <sys/ipc.h> -@@ -314,7 +314,6 @@ +@@ -35,7 +35,6 @@ #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-api-shrd_mem.c.in Sun Mar 3 03:47:33 2019 (r494474) @@ -1,11 +1,11 @@ ---- usr/lib/pkcs11/api/shrd_mem.c.in.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/shrd_mem.c.in -@@ -357,7 +357,7 @@ attach_shared_memory() { - // only check group membership if not root user - if (uid != 0 && euid != 0) { - int i, member=0; -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (!grp) { - // group pkcs11 not known to the system - return NULL; +--- usr/lib/api/shrd_mem.c.in.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/shrd_mem.c.in +@@ -74,7 +74,7 @@ void *attach_shared_memory() + // only check group membership if not root user + if (uid != 0 && euid != 0) { + int i, member = 0; +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { + // group pkcs11 not known to the system + return NULL; Copied and modified: head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-api-socket_client.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-api-socket_client.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,11 +1,11 @@ ---- usr/lib/pkcs11/api/socket_client.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/api/socket_client.c -@@ -320,7 +320,7 @@ init_socket_data() { - return FALSE; - } +--- usr/lib/api/socket_client.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/api/socket_client.c +@@ -51,7 +51,7 @@ int init_socket_data() + return FALSE; + } -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if ( !grp ) { - OCK_SYSLOG(LOG_ERR, "init_socket_data: pkcs11 group does not exist, errno=%d", errno); - return FALSE; +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { + OCK_SYSLOG(LOG_ERR, + "init_socket_data: pkcs11 group does not exist, errno=%d", Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-btree.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-btree.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-common-btree.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,6 +1,6 @@ ---- usr/lib/pkcs11/common/btree.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/btree.c -@@ -30,7 +30,7 @@ +--- usr/lib/common/btree.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/btree.c +@@ -18,7 +18,7 @@ #include <stdio.h> Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-common-host_defs.h Sun Mar 3 03:47:33 2019 (r494474) @@ -1,9 +1,9 @@ ---- usr/lib/pkcs11/common/host_defs.h.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/host_defs.h -@@ -294,12 +294,23 @@ - /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */ +--- usr/lib/common/host_defs.h.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/host_defs.h +@@ -8,12 +8,23 @@ + * https://opensource.org/licenses/cpl1.0.php + */ - +#include <sys/types.h> #include <sys/mman.h> #ifndef _HOST_DEFS_H @@ -13,14 +13,14 @@ +#if defined(__OpenBSD__) || defined(__FreeBSD__) +#include <sys/endian.h> +#ifdef _BYTE_ORDER -+#define __BYTE_ORDER _BYTE_ORDER ++#define __BYTE_ORDER _BYTE_ORDER +#endif +#ifdef _LITTLE_ENDIAN -+#define __LITTLE_ENDIAN _LITTLE_ENDIAN ++#define __LITTLE_ENDIAN _LITTLE_ENDIAN +#endif +#else #include <endian.h> +#endif #include "pkcs32.h" - + #include <stdint.h> Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-common-loadsave.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,6 +1,6 @@ ---- usr/lib/pkcs11/common/loadsave.c.orig 2016-04-29 17:26:45 UTC -+++ usr/lib/pkcs11/common/loadsave.c -@@ -293,11 +293,9 @@ +--- usr/lib/common/loadsave.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/loadsave.c +@@ -20,11 +20,9 @@ #include <string.h> #include <strings.h> #include <unistd.h> @@ -12,12 +12,12 @@ #include <errno.h> #include <syslog.h> #include <pwd.h> -@@ -637,7 +635,7 @@ void set_perm(int file) - // Set absolute permissions or rw-rw---- - fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); +@@ -370,7 +368,7 @@ void set_perm(int file) + // Set absolute permissions or rw-rw---- + fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); -- grp = getgrnam("pkcs11"); // Obtain the group id -+ grp = getgrnam(PKCS11GROUP); // Obtain the group id - if (grp) { - // set ownership to root, and pkcs11 group - if (fchown(file, getuid(), grp->gr_gid) != 0) { +- grp = getgrnam("pkcs11"); // Obtain the group id ++ grp = getgrnam(PKCS11GROUP); // Obtain the group id + if (grp) { + // set ownership to root, and pkcs11 group + if (fchown(file, getuid(), grp->gr_gid) != 0) { Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-trace.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-trace.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-common-trace.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,6 +1,6 @@ ---- usr/lib/pkcs11/common/trace.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/common/trace.c -@@ -301,6 +301,7 @@ +--- usr/lib/common/trace.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/trace.c +@@ -21,6 +21,7 @@ #include <unistd.h> #include <sys/file.h> #include <sys/types.h> @@ -8,12 +8,12 @@ #include "pkcs11types.h" #include "defs.h" -@@ -449,7 +450,7 @@ CK_RV trace_initialize(void) - return(CKR_FUNCTION_FAILED); - } +@@ -170,7 +171,7 @@ CK_RV trace_initialize(void) + return (CKR_FUNCTION_FAILED); + } -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp == NULL) { - OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s." - "Tracing is disabled.\n", strerror(errno)); +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp == NULL) { + OCK_SYSLOG(LOG_ERR, "getgrnam(pkcs11) failed: %s." + "Tracing is disabled.\n", strerror(errno)); Copied and modified: head/security/opencryptoki/files/patch-usr-lib-common-utility.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-common-utility.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,50 +1,54 @@ ---- usr/lib/pkcs11/common/utility.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/common/utility.c -@@ -275,9 +275,28 @@ - legal action under this Agreement more than one year after - the cause of action arose. Each party waives its rights to - a jury trial in any resulting litigation. -+*/ - +--- usr/lib/common/utility.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/common/utility.c +@@ -21,6 +21,7 @@ + #include <errno.h> + #include <pwd.h> + #include <grp.h> +#include <fcntl.h> --*/ + #include "pkcs11types.h" + #include "defs.h" +@@ -35,6 +36,25 @@ + #include <sys/file.h> + #include <syslog.h> + +#ifdef __sun -+#define LOCK_EX F_LOCK -+#define LOCK_UN F_ULOCK -+#define flock(fd, func) lockf(fd, func, 0) ++#define LOCK_EX F_LOCK ++#define LOCK_UN F_ULOCK ++#define flock(fd, func) lockf(fd, func, 0) +#endif + +#ifndef LOCK_SH -+#define LOCK_SH 1 /* shared lock */ ++#define LOCK_SH 1 /* shared lock */ +#endif +#ifndef LOCK_EX -+#define LOCK_EX 2 /* exclusive lock */ ++#define LOCK_EX 2 /* exclusive lock */ +#endif +#ifndef LOCK_NB -+#define LOCK_NB 4 /* don't block when locking */ ++#define LOCK_NB 4 /* don't block when locking */ +#endif +#ifndef LOCK_UN -+#define LOCK_UN 8 /* unlock */ ++#define LOCK_UN 8 /* unlock */ +#endif ++ + // Function: dlist_add_as_first() + // + // Adds the specified node to the start of the list +@@ -317,7 +337,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t * + lockdir, strerror(errno)); + goto err; + } +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp == NULL) { + fprintf(stderr, "getgrname(pkcs11): %s", strerror(errno)); + goto err; +@@ -355,7 +375,7 @@ CK_RV CreateXProcLock(char *tokname, STDLL_TokData_t * + goto err; + } - /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */ - -@@ -587,7 +606,7 @@ CK_RV CreateXProcLock(void) - goto err; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp != NULL) { - if (fchown(spinxplfd, -1, grp->gr_gid) - == -1) { -@@ -1131,7 +1150,7 @@ CK_RV check_user_and_group() - * when forked). So we need to get the group information. - * Really need to take the uid and map it to a name. - */ -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp == NULL) { - OCK_SYSLOG(LOG_ERR, "getgrnam() failed: %s\n", strerror(errno)); - goto error; +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp != NULL) { + if (fchown(tokdata->spinxplfd, -1, grp->gr_gid) == -1) { + OCK_SYSLOG(LOG_ERR, Copied and modified: head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-ica_s390_stdll-ica_s390_stdll.mk Sun Mar 3 03:47:33 2019 (r494474) @@ -1,33 +1,19 @@ ---- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am -@@ -6,12 +6,12 @@ opencryptoki_stdll_libpkcs11_ica_la_LDFL - -Wl,-Bsymbolic \ - -Wl,-soname,$@ \ - -Wl,-Bsymbolic -lc \ -- -lpthread -lica -ldl \ -+ -lpthread -lica \ - -lcrypto +--- usr/lib/ica_s390_stdll/ica_s390_stdll.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/ica_s390_stdll/ica_s390_stdll.mk +@@ -3,14 +3,14 @@ nobase_lib_LTLIBRARIES += opencryptoki/stdll/libpkcs11 + noinst_HEADERS += usr/lib/ica_s390_stdll/tok_struct.h - # Not all versions of automake observe libname_CFLAGS - opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DDEV \ -- -D_THREAD_SAFE -fPIC \ -+ -D_THREAD_SAFE $(FPIC) \ - -DSHALLOW=0 -DSWTOK=0 \ - -DLITE=1 -DNODH \ - -DNOCDMF -DNOMD2 -DNODSA \ -@@ -64,12 +64,12 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_ica.so PKCS11_ICA.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite/TOK_OBJ - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/lite - $(MKDIR_P) $(DESTDIR)$(lockdir)/lite -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/lite -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/lite - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/lite + opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = \ +- -DDEV -D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \ ++ -DDEV -D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 \ + -DNODH -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\" \ + $(ICA_INC_DIRS) -I${srcdir}/usr/lib/ica_s390_stdll \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/include - uninstall-hook: + opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS = \ + $(LCRYPTO) $(ICA_LIB_DIRS) -nostartfiles -shared \ +- -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica -ldl \ ++ -Wl,-z,defs,-Bsymbolic -Wl,-soname,$@ -lc -lpthread -lica \ + -lcrypto -lrt \ + -Wl,--version-script=${srcdir}/opencryptoki_tok.map + Copied and modified: head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-icsf_stdll-pbkdf.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-icsf_stdll-pbkdf.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,11 +1,11 @@ ---- usr/lib/pkcs11/icsf_stdll/pbkdf.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/icsf_stdll/pbkdf.c -@@ -337,7 +337,7 @@ set_perms(int file) - return CKR_FUNCTION_FAILED; - } +--- usr/lib/icsf_stdll/pbkdf.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/icsf_stdll/pbkdf.c +@@ -62,7 +62,7 @@ CK_RV set_perms(int file) + return CKR_FUNCTION_FAILED; + } -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp) { - if (fchown(file, -1, grp->gr_gid) != 0) { - TRACE_ERROR("fchown failed: %s\n", strerror(errno)); +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp) { + if (fchown(file, -1, grp->gr_gid) != 0) { + TRACE_ERROR("fchown failed: %s\n", strerror(errno)); Copied and modified: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-soft_specific.c Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_specific.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,26 +1,27 @@ ---- usr/lib/pkcs11/soft_stdll/soft_specific.c.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/soft_stdll/soft_specific.c -@@ -298,7 +298,9 @@ - - +--- usr/lib/soft_stdll/soft_specific.c.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/soft_stdll/soft_specific.c +@@ -19,6 +19,10 @@ + ****************************************************************************/ -+#ifndef _BSD_SOURCE - #define _BSD_SOURCE -+#endif ++#ifndef _BSD_SOURCE ++#define _BSD_SOURCE ++#endif ++ #include <pthread.h> - #include <string.h> // for memcmp() et al -@@ -317,7 +319,17 @@ + #include <string.h> // for memcmp() et al + #include <stdlib.h> +@@ -36,7 +40,17 @@ #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> +#if defined(__OpenBSD__) || defined(__FreeBSD__) +#include <sys/endian.h> -+#ifdef _BYTE_ORDER -+#define __BYTE_ORDER _BYTE_ORDER ++#ifdef _BYTE_ORDER ++#define __BYTE_ORDER _BYTE_ORDER +#endif -+#ifdef _LITTLE_ENDIAN -+#define __LITTLE_ENDIAN _LITTLE_ENDIAN ++#ifdef _LITTLE_ENDIAN ++#define __LITTLE_ENDIAN _LITTLE_ENDIAN +#endif +#else #include <endian.h> Copied and modified: head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk (from r494473, head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am) ============================================================================== --- head/security/opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-lib-soft_stdll-soft_stdll.mk Sun Mar 3 03:47:33 2019 (r494474) @@ -1,27 +1,11 @@ ---- usr/lib/pkcs11/soft_stdll/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/lib/pkcs11/soft_stdll/Makefile.am -@@ -7,7 +7,7 @@ opencryptoki_stdll_libpkcs11_sw_la_LDFLA - opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DDEV -D_THREAD_SAFE \ - -DSHALLOW=0 -DSWTOK=1 -DLITE=0 \ - -DNOCDMF -DNOMD2 -DNODSA -DNORIPE \ -- -fPIC \ -+ $(FPIC) \ - -I/usr/include -I. \ - -I../../../include/pkcs11/stdll \ - -I../../../include/pkcs11 \ -@@ -56,12 +56,12 @@ install-data-hook: - cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ - ln -sf libpkcs11_sw.so PKCS11_SW.so - $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -- $(CHGRP) pkcs11 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok/TOK_OBJ - $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki/swtok - $(MKDIR_P) $(DESTDIR)$(lockdir)/swtok -- $(CHGRP) pkcs11 $(DESTDIR)$(lockdir)/swtok -+ $(CHGRP) @PKCS11GROUP@ $(DESTDIR)$(lockdir)/swtok - $(CHMOD) 0770 $(DESTDIR)$(lockdir)/swtok +--- usr/lib/soft_stdll/soft_stdll.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/lib/soft_stdll/soft_stdll.mk +@@ -4,7 +4,7 @@ noinst_HEADERS += usr/lib/soft_stdll/tok_struct.h - uninstall-hook: + opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = \ + -DDEV -D_THREAD_SAFE -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF \ +- -DNOMD2 -DNODSA -DNORIPE -fPIC -I${srcdir}/usr/lib/soft_stdll \ ++ -DNOMD2 -DNODSA -DNORIPE $(FPIC) -I${srcdir}/usr/lib/soft_stdll \ + -I${srcdir}/usr/lib/common -I${srcdir}/usr/include \ + -DSTDLL_NAME=\"swtok\" + Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,11 +1,11 @@ ---- usr/sbin/pkcsconf/pkcsconf.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsconf/pkcsconf.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsconf/pkcsconf.c -@@ -777,6 +777,8 @@ display_pkcs11_info(void){ - printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major, - CryptokiInfo.libraryVersion.minor); +@@ -530,6 +530,8 @@ CK_RV display_pkcs11_info(void) + printf("\tLibrary Version %d.%d \n", CryptokiInfo.libraryVersion.major, + CryptokiInfo.libraryVersion.minor); -+ cleanup(); ++ cleanup(); + - return rc; + return rc; } Copied and modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk (from r494473, head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am) ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am Sun Mar 3 01:19:32 2019 (r494473, copy source) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.mk Sun Mar 3 03:47:33 2019 (r494474) @@ -1,10 +1,11 @@ ---- usr/sbin/pkcsconf/Makefile.am.orig 2016-04-29 17:26:46 UTC -+++ usr/sbin/pkcsconf/Makefile.am -@@ -1,6 +1,6 @@ - sbin_PROGRAMS=pkcsconf +--- usr/sbin/pkcsconf/pkcsconf.mk.orig 2018-11-16 14:53:03 UTC ++++ usr/sbin/pkcsconf/pkcsconf.mk +@@ -1,7 +1,7 @@ + sbin_PROGRAMS += usr/sbin/pkcsconf/pkcsconf + noinst_HEADERS += usr/sbin/pkcsconf/pkcsconf_msg.h --pkcsconf_LDFLAGS = -lpthread -ldl -+pkcsconf_LDFLAGS = -lpthread +-usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -ldl -lcrypto ++usr_sbin_pkcsconf_pkcsconf_LDFLAGS = -lpthread -lcrypto - # Not all versions of automake observe sbinname_CFLAGS - pkcsconf_CFLAGS = -D_THREAD_SAFE -DDEBUG -DDEV -DAPI + usr_sbin_pkcsconf_pkcsconf_CFLAGS = \ + -D_THREAD_SAFE -DDEBUG -DDEV -DAPI \ Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-log.h Sun Mar 3 03:47:33 2019 (r494474) @@ -1,14 +1,12 @@ ---- usr/sbin/pkcsslotd/log.h.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/log.h.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/log.h -@@ -297,9 +297,8 @@ +@@ -11,6 +11,9 @@ #ifndef _LOG_H #define _LOG_H 1 -- -- -- +#include <sys/types.h> +#include <unistd.h> - ++ #ifndef FALSE #define FALSE 0 + #endif /* FALSE */ Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,41 +1,41 @@ ---- usr/sbin/pkcsslotd/mutex.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/mutex.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/mutex.c -@@ -281,10 +281,28 @@ - legal action under this Agreement more than one year after - the cause of action arose. Each party waives its rights to - a jury trial in any resulting litigation. -+*/ - +@@ -16,10 +16,29 @@ + #include <sys/stat.h> + #include <grp.h> + #include <string.h> +#include <fcntl.h> + #include "log.h" + #include "slotmgr.h" + +#ifdef __sun -+#define LOCK_EX F_LOCK -+#define LOCK_UN F_ULOCK -+#define flock(fd, func) lockf(fd, func, 0) ++#define LOCK_EX F_LOCK ++#define LOCK_UN F_ULOCK ++#define flock(fd, func) lockf(fd, func, 0) +#endif - --*/ +#ifndef LOCK_SH -+#define LOCK_SH 1 /* shared lock */ ++#define LOCK_SH 1 /* shared lock */ +#endif +#ifndef LOCK_EX -+#define LOCK_EX 2 /* exclusive lock */ ++#define LOCK_EX 2 /* exclusive lock */ +#endif +#ifndef LOCK_NB -+#define LOCK_NB 4 /* don't block when locking */ ++#define LOCK_NB 4 /* don't block when locking */ +#endif +#ifndef LOCK_UN -+#define LOCK_UN 8 /* unlock */ ++#define LOCK_UN 8 /* unlock */ +#endif ++ + static int xplfd = -1; - /* (C) COPYRIGHT International Business Machines Corp. 2001 */ + int CreateXProcLock(void) +@@ -41,7 +60,7 @@ int CreateXProcLock(void) + goto error; + } -@@ -323,7 +341,7 @@ CreateXProcLock(void) - goto error; - } - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if (grp != NULL) { - if (fchown(xplfd,-1,grp->gr_gid) == -1) { - DbgLog(DL0,"%s:fchown(%s):%s\n", +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (grp != NULL) { + if (fchown(xplfd, -1, grp->gr_gid) == -1) { + DbgLog(DL0, "%s:fchown(%s):%s\n", Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h Sun Mar 3 03:47:33 2019 (r494474) @@ -1,8 +1,8 @@ ---- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/pkcsslotd.h -@@ -305,6 +305,9 @@ +@@ -17,6 +17,9 @@ #ifndef _PKCSSLOTMGR_H - #define _PKCSSLOTMGR_H 1 + #define _PKCSSLOTMGR_H 1 +#include <sys/types.h> +#include <sys/ipc.h> Modified: head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c ============================================================================== --- head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c Sun Mar 3 01:19:32 2019 (r494473) +++ head/security/opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c Sun Mar 3 03:47:33 2019 (r494474) @@ -1,35 +1,37 @@ ---- usr/sbin/pkcsslotd/shmem.c.orig 2016-04-29 17:26:46 UTC +--- usr/sbin/pkcsslotd/shmem.c.orig 2018-11-16 14:53:03 UTC +++ usr/sbin/pkcsslotd/shmem.c -@@ -336,9 +336,9 @@ int CreateSharedMemory ( void ) { - } - // SAB Get the group information for the PKCS#11 group... fail if - // it does not exist -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); - if ( !grp ) { -- ErrLog("Group PKCS#11 does not exist "); -+ ErrLog("Group " PKCS11GROUP " does not exist "); - return FALSE; // Group does not exist... setup is wrong.. - } +@@ -54,9 +54,9 @@ int CreateSharedMemory(void) + } + // SAB Get the group information for the PKCS#11 group... fail if + // it does not exist +- grp = getgrnam("pkcs11"); ++ grp = getgrnam(PKCS11GROUP); + if (!grp) { +- ErrLog("Group PKCS#11 does not exist "); ++ ErrLog("Group " PKCS11GROUP " does not exist "); + return FALSE; // Group does not exist... setup is wrong.. + } -@@ -415,9 +415,9 @@ int CreateSharedMemory ( void ) { - int i; - char *buffer; - -- grp = getgrnam("pkcs11"); -+ grp = getgrnam(PKCS11GROUP); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903030347.x233lXdC034545>