Date: Thu, 21 Jul 2022 08:48:32 GMT From: Nuno Teixeira <eduardo@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: e0fac7248904 - main - =?utf-8?Q?security/openca-ocspd:=20New=20port:=20OpenCA=E2=80=99s=20OCSP=20responder?= Message-ID: <202207210848.26L8mWIg096588@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by eduardo: URL: https://cgit.FreeBSD.org/ports/commit/?id=e0fac7248904fc89d82ba4b064ca8a61410b1133 commit e0fac7248904fc89d82ba4b064ca8a61410b1133 Author: Bruno Damour <bruno@ruomad.net> AuthorDate: 2022-07-21 08:45:31 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-07-21 08:47:59 +0000 security/openca-ocspd: New port: OpenCA’s OCSP responder - submitter becomes maintainer OpenCA OCSP Responder is an rfc2560 compliant OCSPD responder. The server is a stand-alone application and can be integrated into many different PKI solutions as it does not depend on specific database scheme. Furthermore it can be used as a responder for multiple CAs. WWW: https://www.openca.org/projects/ocspd PR: 264475 --- security/Makefile | 1 + security/openca-ocspd/Makefile | 52 ++++++++++++++++++++++++++++++++++++ security/openca-ocspd/distinfo | 3 +++ security/openca-ocspd/files/ocspd.in | 21 +++++++++++++++ security/openca-ocspd/pkg-descr | 6 +++++ security/openca-ocspd/pkg-message | 18 +++++++++++++ security/openca-ocspd/pkg-plist | 18 +++++++++++++ 7 files changed, 119 insertions(+) diff --git a/security/Makefile b/security/Makefile index 5c0317e122fd..bb1715d19967 100644 --- a/security/Makefile +++ b/security/Makefile @@ -379,6 +379,7 @@ SUBDIR += onionscan SUBDIR += op SUBDIR += openbsm + SUBDIR += openca-ocspd SUBDIR += openconnect SUBDIR += openconnect-freebsd-daemon SUBDIR += openconnect-gui diff --git a/security/openca-ocspd/Makefile b/security/openca-ocspd/Makefile new file mode 100644 index 000000000000..45795272cce3 --- /dev/null +++ b/security/openca-ocspd/Makefile @@ -0,0 +1,52 @@ +PORTNAME= openca-ocspd +DISTVERSIONPREFIX= v +DISTVERSION= 3.1.3 +CATEGORIES= security + +MAINTAINER= bruno@ruomad.net +COMMENT= OpenCA OCSP responder + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/COPYING + +NOT_FOR_ARCHS= arm64 + +LIB_DEPENDS= libpki.so:security/libpki + +USES= autoreconf gnome libtool shebangfix ssl +USE_GITHUB= yes +GH_ACCOUNT= openca +USE_GNOME= libxml2 +# Add a rc script to start the OCSP daemon +USE_RC_SUBR= ocspd + +SHEBANG_FILES= etc/ocspd.in scripts/ocspd-genreq.sh.in + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --with-libpki-prefix=${PREFIX} + +# Rename installed configuration files to samples +post-stage: + ${MKDIR} ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc; \ + ${MKDIR} ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd; \ + ${MKDIR} ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd/ca.d; \ + ${MKDIR} ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd/pki; \ + ${MKDIR} ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd/pki/token.d; \ + cd ${STAGEDIR}${PREFIX}/etc/ocspd/pki; \ + for f in $$(find * -type f); do \ + ${MV} ${STAGEDIR}${PREFIX}/etc/ocspd/pki/$$f ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd/pki/$$f.sample; \ + done; \ + cd ${STAGEDIR}${PREFIX}/etc/ocspd/ca.d; \ + for f in $$(find * -type f); do \ + ${MV} ${STAGEDIR}${PREFIX}/etc/ocspd/ca.d/$$f ${STAGEDIR}${PREFIX}/share/openca-ocspd/etc/ocspd/ca.d/$$f.sample; \ + done; \ + for f in $$(find ${STAGEDIR}${PREFIX}/etc/ocspd -type f); do \ + ${MV} $$f $$f.sample; \ + done; \ + ${RM} ${STAGEDIR}${PREFIX}/bin/test.sh; \ + ${RM} ${STAGEDIR}${PREFIX}/etc/init.d/ocspd; \ + ${RMDIR} ${STAGEDIR}${PREFIX}/etc/init.d + ${RMDIR} ${STAGEDIR}${PREFIX}/var/run + ${RMDIR} ${STAGEDIR}${PREFIX}/var + +.include <bsd.port.mk> diff --git a/security/openca-ocspd/distinfo b/security/openca-ocspd/distinfo new file mode 100644 index 000000000000..5a94844ad10d --- /dev/null +++ b/security/openca-ocspd/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1654414248 +SHA256 (openca-openca-ocspd-v3.1.3_GH0.tar.gz) = 59a0054bee22ba72b23263ead6a8458e2086f1996111608a2a2aafbd9e30f591 +SIZE (openca-openca-ocspd-v3.1.3_GH0.tar.gz) = 592190 diff --git a/security/openca-ocspd/files/ocspd.in b/security/openca-ocspd/files/ocspd.in new file mode 100755 index 000000000000..dc813fc1fe86 --- /dev/null +++ b/security/openca-ocspd/files/ocspd.in @@ -0,0 +1,21 @@ +#!/bin/sh + +# PROVIDE: ocspd +# REQUIRE: NETWORK + +. /etc/rc.subr + +name=ocspd +rcvar=ocspd_enable + +pidfile="/var/run/${name}.pid" + +command="%%PREFIX%%/sbin/ocspd" +command_args="-c %%PREFIX%%/etc/ocspd/ocspd.xml -d -v" + +load_rc_config ${name} +: ${ocspd_enable:=no} +: ${ocspd_msg="Nothing started."} + + +run_rc_command "$1" diff --git a/security/openca-ocspd/pkg-descr b/security/openca-ocspd/pkg-descr new file mode 100644 index 000000000000..f4fd28e1a48e --- /dev/null +++ b/security/openca-ocspd/pkg-descr @@ -0,0 +1,6 @@ +OpenCA OCSP Responder is an rfc2560 compliant OCSPD responder. +The server is a stand-alone application and can be integrated into many +different PKI solutions as it does not depend on specific database scheme. +Furthermore it can be used as a responder for multiple CAs. + +WWW: https://www.openca.org/projects/ocspd diff --git a/security/openca-ocspd/pkg-message b/security/openca-ocspd/pkg-message new file mode 100644 index 000000000000..3b13ccc58dfb --- /dev/null +++ b/security/openca-ocspd/pkg-message @@ -0,0 +1,18 @@ +[ +{ type: install + message: <<EOM +Sample Configuration files have been installed in +$PREFIX/share/openca-ocspd/etc, in a hierachy that mimics the one created in +$PREFIX/etc. +They may be used as templates to be copied into the corresponding subdirectory +under $PREFIX/etc and customized according to user context. +EOM +} +{ +type: remove +message: <<EOM +User-installed configuration files under $PREFIX/etc/ocspd have been preserved and +must be removed manually if needed, as well as this directory. +EOM +} +] diff --git a/security/openca-ocspd/pkg-plist b/security/openca-ocspd/pkg-plist new file mode 100644 index 000000000000..8615fabc665e --- /dev/null +++ b/security/openca-ocspd/pkg-plist @@ -0,0 +1,18 @@ +bin/ocspd-genreq.sh +@sample etc/ocspd/ocspd.xml.sample +libdata/pkgconfig/openca-ocspd.pc +sbin/ocspd +share/man/man3/ocspd.3.gz +share/man/man3/ocspd.conf.3.gz +%%DATADIR%%/etc/ocspd/pki/token.d/etoken.xml.sample +%%DATADIR%%/etc/ocspd/pki/token.d/software.xml.sample +%%DATADIR%%/etc/ocspd/pki/token.d/eracom.xml.sample +%%DATADIR%%/etc/ocspd/ca.d/collegeca.xml.sample +%%DATADIR%%/etc/ocspd/ca.d/self-certs.xml.sample +@dir etc/ocspd/ca.d +@dir etc/ocspd/certs +@dir etc/ocspd/crls +@dir etc/ocspd/pki/hsm.d +@dir etc/ocspd/pki/profile.d +@dir etc/ocspd/pki/token.d +@dir etc/ocspd/private
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202207210848.26L8mWIg096588>