Date: Thu, 28 Oct 2010 02:43:40 +0900 From: Norikatsu Shigemura <nork@FreeBSD.org> To: freebsd-current@freebsd.org, freebsd-hackers@freebsd.org Cc: tss-project@genua.de, Hans-Joerg Hoexer <Hans-Joerg_Hoexer@genua.de>, nork@FreeBSD.org, takawata@FreeBSD.org Subject: [CFT] TPM(Trusted Platform Modules) replated ports Message-ID: <20101028024340.38c88103.nork@FreeBSD.org>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Hi TPM users! I reworked bsssd[*] ports as modern-improved ports. So please test attached ports. If test is ok, I'll commit these. [*] http://bsssd.sourceforge.net/download.html#id5 Ports in bsssd are following status: TrouSerS reworked, quite ok tpm_tools reworked, quite ok openssl_tpm_engine crashed on my environment, so now reworking as high priority opencryptoki reworked, quite ok Trusted GRUB not interesting, so I don't rework it TPMemulator reworked, maybe well, but not tested TPM testsuite not interesting, but I'll rework as middle priority I discussed MFC to RELENG_8 with takawata@, so I decided to do MFC by me. (takawata, thanks for my following-up!) Please wait a middle time:-). I tested these ports and got following results on 9-current: (installed) TrouSerS, opencryptoki and tpm_tools (started daemons) service tcsd start; service pkcsslotd start $ id nork uid=1000(nork) gid=1000(users) groups=1000(users),0(wheel),5(operator),602(_pkcs11),601(_tss) $ tpm_version TPM 1.2 Version Info: Chip Version: 1.2.3.16 Spec Level: 2 Errata Revision: 2 TPM Vendor ID: IFX Vendor Specific data: 0310000a 00 TPM Version: 01010000 Manufacturer Info: 49465800 $ tpm_getpubek Public Endorsement Key: Version: 01010000 Usage: 0x0002 (Unknown) Flags: 0x00000000 (!VOLATILE, !MIGRATABLE, !REDIRECTION) AuthUsage: 0x00 (Never) Algorithm: 0x00000020 (Unknown) Encryption Scheme: 0x00000012 (Unknown) Signature Scheme: 0x00000010 (Unknown) Public Key: baa42f29 16a038da eb41f256 d7ad3351 d324b802 d380d92a 7414102e 274331b0 abdfc8a6 b731f365 29f64975 eabaca79 8b254f66 b7496fa8 2fc580d4 6d7cfc2a : $ tpm_setpresence -a Tspi_TPM_SetStatus failed: 0x00000003 - layer=tpm, code=0003 (3), Bad Parameter Change to Physical Presence Failed $ tpm_clear -f Tspi_TPM_ClearOwner failed: 0x0000002d - layer=tpm, code=002d (45), Bad physical presence value (I did these operations on single user mode, so I initialized by BIOS instead of these). $ tpm_takeownership -y -z (no messages, ok) $ pkcsconf -s -c0 Slot #0 Info Description: FreeBSD 9.0-CURRENT FreeBSD (TPM) Manufacturer: FreeBSD 9.0-CURRENT Flags: 0x5 (TOKEN_PRESENT|HW_SLOT) Hardware Version: 0.0 $ pkcsconf -I -c0 Enter the SO PIN: ********** Enter a unique token label: IBM PKCS#11 TPM Token $ pkcsconf -t -c0 Token #0 Info: Label: IBM PKCS#11 TPM Token Manufacturer: IBM Corp. Model: TPM v1.1 Token Serial Number: 123 Flags: 0x880445 (RNG|LOGIN_REQUIRED|CLOCK_ON_TOKEN|TOKEN_INITIALIZED|USER_PIN_TO_BE_CHANGED|SO_PIN_TO_BE_CHANGED) Sessions: -1/-1 R/W Sessions: -1/-1 PIN Length: 6-127 Public Memory: 0xFFFFFFFF/0xFFFFFFFF Private Memory: 0xFFFFFFFF/0xFFFFFFFF Hardware Version: 1.0 Firmware Version: 1.0 Time: 02:13:50 $ tpmtoken_init -k "IBM PKCS#11 TPM Token" Warning: The TPM token has already been initialized. Reinitializing the TPM token will cause all TPM token data to be lost. Clear the TPM token data? [y/N]: y Enter the TPM security officer password: ********** A new TPM security officer password is needed. The password must be between 6 and 127 characters in length. Enter new password: ********** Confirm password: ********** C_SetPIN failed: 0x00000006 (6) (Hum.......) $ ssh -vv -Ilibopencryptoki.so localhost OpenSSH_5.5p1 FreeBSD-20100428, OpenSSL 0.9.8n 24 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * : debug1: manufacturerID <IBM> cryptokiVersion 2.11 libraryDescription <Meta PKCS11 LIBRARY> libraryVersion 2.3 debug1: label <IBM PKCS#11 TPM Token> manufacturerID <IBM Corp.> model <TPM v1.1 Token> serial <123> flags 0x880445 debug1: label <IBM OS PKCS#11> manufacturerID <IBM Corp.> model <IBM SoftTok> serial <123> flags 0x880045 no keys : I want to use on ssh, wpa_spplicant, SSL and firefox. But I don't know how to. There are few tutorials to do my hope:-(. Please teach me TPM related 'can do'! SEE ALSO: http://www.ibm.com/developerworks/linux/library/s-pkcs/ http://www.osxbook.com/book/bonus/chapter10/tpm/ http://blog.4zal.net/2009/06/12/kryptografia-trusted-platform-module-i-ubuntu/ http://infond.blogspot.com/2010/03/trusted-platforms-module-tpm-openssl.html http://infond.blogspot.com/2010/04/tutorial-mutual-authentication-trusted.html Thank you. -- Norikatsu Shigemura <nork@FreeBSD.org> --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK Content-Type: text/plain; name="trousers.shar" Content-Disposition: attachment; filename="trousers.shar" Content-Transfer-Encoding: 7bit # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # trousers # trousers/Makefile # trousers/Makefile.man # trousers/distinfo # trousers/files # trousers/files/patch-configure.in # trousers/files/patch-dist-Makefile.am # trousers/files/patch-dist-tcsd.conf.in # trousers/files/patch-src-include-biosem.h # trousers/files/patch-src-include-linux-tpm.h # trousers/files/patch-src-include-tcs_tsp.h # trousers/files/patch-src-include-tcs_utils.h # trousers/files/patch-src-include-tcsd.h # trousers/files/patch-src-include-tcsd_ops.h # trousers/files/patch-src-include-threads.h # trousers/files/patch-src-include-trousers_types.h # trousers/files/patch-src-include-tss-platform.h # trousers/files/patch-src-tcs-ps-ps_utils.c # trousers/files/patch-src-tcs-ps-tcsps.c # trousers/files/patch-src-tcs-tcs_aik.c # trousers/files/patch-src-tcs-tcs_auth_mgr.c # trousers/files/patch-src-tcsd-svrside.c # trousers/files/patch-src-trspi-Makefile.am # trousers/files/patch-src-tspi-Makefile.am # trousers/files/patch-src-tspi-ps-ps_utils.c # trousers/files/patch-src-tspi-ps-tspps.c # trousers/files/patch-src-tspi-rpc-hosttable.c # trousers/files/patch-src-tspi-rpc-tcstp-rpc.c # trousers/files/pkg-install.in # trousers/files/pkg-message.in # trousers/files/tcsd.in # trousers/pkg-descr # trousers/pkg-plist # echo c - trousers mkdir -p trousers > /dev/null 2>&1 echo x - trousers/Makefile sed 's/^X//' >trousers/Makefile << '62cc97af3c4d7d373e6c5baff3fdd904' X# New ports collection makefile for: trousers X# Date created: 18 Sep 2007 X# Whom: Sebastian Schuetz <sschuetz@fhm.edu> X# X# $FreeBSD$ X# X XPORTNAME= trousers XPORTVERSION= 0.3.6 XCATEGORIES= security XMASTER_SITES= SF/${PORTNAME}/${PORTNAME}/${PORTVERSION} X XMAINTAINER= nork@FreeBSD.org XCOMMENT= The open-source TCG Software Stack X XUSE_GMAKE= YES XUSE_ICONV= YES XUSE_OPENSSL= YES XUSE_LDCONFIG= YES XUSE_AUTOTOOLS= autoconf:268 libtool:22 XGNU_CONFIGURE= YES XMAKE_JOBS_SAFE= YES X XSUB_FILES= pkg-message pkg-install XSUB_LIST= TSS_USER=${TSS_USER} TSS_UID=${TSS_UID} \ X TSS_GROUP=${TSS_GROUP} TSS_GID=${TSS_GID} XPKGINSTALL= ${WRKDIR}/pkg-install XPKGDEINSTALL= ${WRKDIR}/pkg-install XUSE_RC_SUBR= tcsd X X.include "Makefile.man" X XCONFIGURE_ARGS= --with-gui=none \ X --localstatedir=${PREFIX}/var \ X --with-tssuser=${TSS_USER} --with-tssgroup=${TSS_GROUP} X XTSS_USER= _tss XTSS_GROUP= _tss XTSS_UID= 601 XTSS_GID= 601 X XOPTIONS= EMULATOR "Build for use with the tpm-emulator" off \ X DEBUG "Build with debugging flags" off X XWRKSRC= ${WRKDIR}/${DISTNAME} X X.include <bsd.port.pre.mk> X X.if defined(WITH_EMULATOR) XPKGNAMESUFFIX+= -no_tddl XLIB_DEPENDS+= tddl:${PORTSDIR}/security/tpm-emulator X Xpost-patch:: X ${REINPLACE_CMD} -e 's|\.\.\/tddl\/libtddl\.a|${LOCALBASE}\/lib\/libtddl\.a|g' ${WRKSRC}/src/tcs/Makefile.am X ${REINPLACE_CMD} -e 's|\.\.\/tddl\/libtddl\.a|${LOCALBASE}\/lib\/libtddl\.a|g' ${WRKSRC}/src/tcs/Makefile.in X ${REINPLACE_CMD} -e 's|\.\.\/tddl\/libtddl\.a|${LOCALBASE}\/lib\/libtddl\.a|g' ${WRKSRC}/src/tcsd/Makefile.am X ${REINPLACE_CMD} -e 's|\.\.\/tddl\/libtddl\.a|${LOCALBASE}\/lib\/libtddl\.a|g' ${WRKSRC}/src/tcsd/Makefile.in X ${REINPLACE_CMD} -e 's|libtddl\.a||g' ${WRKSRC}/src/tddl/Makefile.in X ${REINPLACE_CMD} -e 's|libtddl\.a||g' ${WRKSRC}/src/tddl/Makefile.am X X# The emulator has already a libttddl.so, so comment out trousers' libtddl in the pkg-plist XPLIST_SUB+= TDDL="@comment " X.else XPKGNAMESUFFIX+= -tddl XCONFLICTS+= tpm-emulator-0* XPLIST_SUB+= TDDL="" X.endif X X.if defined(WITH_DEBUG) XPKGNAMESUFFIX+= -debug XCONFIGURE_ARGS+=--enable-debug X.endif X Xpre-configure: X cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${AUTORECONF} -i X Xpre-install: X ${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL X Xpost-install: X ${MKDIR} ${EXAMPLESDIR} X ${INSTALL_DATA} -o ${TSS_USER} -g ${TSS_GROUP} -m 0600 \ X ${WRKSRC}/dist/tcsd.conf ${EXAMPLESDIR}/tcsd.conf X [ -f ${PREFIX}/etc/tcsd.conf ] || \ X ${CP} -p ${EXAMPLESDIR}/tcsd.conf ${PREFIX}/etc/tcsd.conf X ${CAT} ${PKGMESSAGE} X Xpost-deinstall: X ${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGDEINSTALL} ${PORTNAME} POST-DEINSTALL X X.include <bsd.port.post.mk> 62cc97af3c4d7d373e6c5baff3fdd904 echo x - trousers/Makefile.man sed 's/^X//' >trousers/Makefile.man << '81f6552ec0e9044742900ca70ec96d81' XMAN3= Tspi_ChangeAuth.3 \ X Tspi_ChangeAuthAsym.3 \ X Tspi_Context_Close.3 \ X Tspi_Context_CloseObject.3 \ X Tspi_Context_Connect.3 \ X Tspi_Context_Create.3 \ X Tspi_Context_CreateObject.3 \ X Tspi_Context_FreeMemory.3 \ X Tspi_Context_GetCapability.3 \ X Tspi_Context_GetDefaultPolicy.3 \ X Tspi_Context_GetKeyByPublicInfo.3 \ X Tspi_Context_GetKeyByUUID.3 \ X Tspi_Context_GetRegisteredKeysByUUID.3 \ X Tspi_Context_GetRegisteredKeysByUUID2.3 \ X Tspi_Context_GetTpmObject.3 \ X Tspi_Context_LoadKeyByBlob.3 \ X Tspi_Context_LoadKeyByUUID.3 \ X Tspi_Context_RegisterKey.3 \ X Tspi_Context_UnregisterKey.3 \ X Tspi_DAA_IssueCredential.3 \ X Tspi_DAA_IssueInit.3 \ X Tspi_DAA_IssueSetup.3 \ X Tspi_DAA_IssuerKeyVerification.3 \ X Tspi_DAA_VerifyInit.3 \ X Tspi_DAA_VerifySignature.3 \ X Tspi_Data_Bind.3 \ X Tspi_Data_Seal.3 \ X Tspi_Data_Unbind.3 \ X Tspi_Data_Unseal.3 \ X Tspi_DecodeBER_TssBlob.3 \ X Tspi_EncodeDER_TssBlob.3 \ X Tspi_GetAttribData.3 \ X Tspi_GetAttribUint32.3 \ X Tspi_GetPolicyObject.3 \ X Tspi_Hash_GetHashValue.3 \ X Tspi_Hash_SetHashValue.3 \ X Tspi_Hash_Sign.3 \ X Tspi_Hash_UpdateHashValue.3 \ X Tspi_Hash_VerifySignature.3 \ X Tspi_Key_CertifyKey.3 \ X Tspi_Key_ConvertMigrationBlob.3 \ X Tspi_Key_CreateKey.3 \ X Tspi_Key_CreateMigrationBlob.3 \ X Tspi_Key_GetPubKey.3 \ X Tspi_Key_LoadKey.3 \ X Tspi_Key_UnloadKey.3 \ X Tspi_Key_WrapKey.3 \ X Tspi_PcrComposite_GetPcrValue.3 \ X Tspi_PcrComposite_SelectPcrIndex.3 \ X Tspi_PcrComposite_SetPcrValue.3 \ X Tspi_Policy_AssignToObject.3 \ X Tspi_Policy_FlushSecret.3 \ X Tspi_Policy_SetSecret.3 \ X Tspi_SetAttribData.3 \ X Tspi_SetAttribUint32.3 \ X Tspi_TPM_AuthorizeMigrationTicket.3 \ X Tspi_TPM_CertifySelfTest.3 \ X Tspi_TPM_CheckMaintenancePubKey.3 \ X Tspi_TPM_ClearOwner.3 \ X Tspi_TPM_CollateIdentityRequest.3 \ X Tspi_TPM_CreateEndorsementKey.3 \ X Tspi_TPM_CreateMaintenanceArchive.3 \ X Tspi_TPM_CMKSetRestrictions.3 \ X Tspi_TPM_DAA_JoinCreateDaaPubKey.3 \ X Tspi_TPM_DAA_JoinInit.3 \ X Tspi_TPM_DAA_JoinStoreCredential.3 \ X Tspi_TPM_DAA_Sign.3 \ X Tspi_TPM_DirRead.3 \ X Tspi_TPM_DirWrite.3 \ X Tspi_TPM_GetAuditDigest.3 \ X Tspi_TPM_GetCapability.3 \ X Tspi_TPM_GetEvent.3 \ X Tspi_TPM_GetEventLog.3 \ X Tspi_TPM_GetEvents.3 \ X Tspi_TPM_GetPubEndorsementKey.3 \ X Tspi_TPM_GetRandom.3 \ X Tspi_TPM_GetStatus.3 \ X Tspi_TPM_GetTestResult.3 \ X Tspi_TPM_KillMaintenanceFeature.3 \ X Tspi_TPM_LoadMaintenancePubKey.3 \ X Tspi_TPM_OwnerGetSRKPubKey.3 \ X Tspi_TPM_PcrExtend.3 \ X Tspi_TPM_PcrRead.3 \ X Tspi_TPM_Quote.3 \ X Tspi_TPM_SelfTestFull.3 \ X Tspi_TPM_SetStatus.3 \ X Tspi_TPM_StirRandom.3 \ X Tspi_TPM_TakeOwnership.3 XMAN5= tcsd.conf.5 XMAN8= tcsd.8 81f6552ec0e9044742900ca70ec96d81 echo x - trousers/distinfo sed 's/^X//' >trousers/distinfo << '7c76982f1ae82672bfeaa5709c291459' XMD5 (trousers-0.3.6.tar.gz) = f4609e6446099e1403e23bb671df87f4 XSHA256 (trousers-0.3.6.tar.gz) = 91025f60248af44df192e8df16fa6b0c0f1e48c54f6dc51626567ed95758b0d6 XSIZE (trousers-0.3.6.tar.gz) = 1335084 7c76982f1ae82672bfeaa5709c291459 echo c - trousers/files mkdir -p trousers/files > /dev/null 2>&1 echo x - trousers/files/patch-configure.in sed 's/^X//' >trousers/files/patch-configure.in << '54f263a9bad252dea887f04414abf6ac' X--- configure.in.orig 2010-07-09 05:35:18.000000000 +0900 X+++ configure.in 2010-10-24 22:31:30.040556068 +0900 X@@ -75,6 +75,21 @@ X [CFLAGS="$CFLAGS -ftest-coverage -fprofile-arcs" X AC_MSG_RESULT([*** Enabling gcov at user request ***])],) X X+# Check for tss user X+AC_ARG_WITH(tssuser, X+ [ --with-tssuser[[=USER]] set tss user [[tss]]], X+ [tss_user=$withval], X+ [tss_user=tss] X+) X+# Check for tss group X+AC_ARG_WITH(tssgroup, X+ [ --with-tssgroup[[=GROUP]] set tss group [[tss]]], X+ [tss_group=$withval], X+ [tss_group=tss] X+) X+AC_SUBST(TSS_USER_NAME, $tss_user) X+AC_SUBST(TSS_GROUP_NAME, $tss_group) X+ X # profiling support X AC_ARG_ENABLE(gprof, X [AC_HELP_STRING([--enable-gprof], [enable profiling with gprof [default=off]])], X@@ -352,6 +367,8 @@ X AC_C_BIGENDIAN([AC_DEFINE(_BIG_ENDIAN, 1, [big-endian host])]) X AC_CHECK_DECL(htole32, [AC_DEFINE(HTOLE_DEFINED, 1, [htole32 function is available])]) X AC_CHECK_HEADER(sys/byteorder.h, [AC_DEFINE(HAVE_BYTEORDER_H, 1, [sys/byteorder.h header])]) X+AC_CHECK_HEADER(endian.h, [AC_DEFINE(HAVE_ENDIAN_H, 1, [endian.h header])]) X+AC_CHECK_HEADER(sys/endian.h, [AC_DEFINE(HAVE_SYS_ENDIAN_H, 1, [sys/endian.h header])]) X AC_CHECK_FUNC(daemon, [ AC_DEFINE(HAVE_DAEMON, 1, [daemon function is available]) ]) X X if test "x${GCC}" = "xyes"; then X@@ -359,6 +376,7 @@ X fi X X CFLAGS="$CFLAGS -I../include \ X+ -DTSS_USER_NAME=\\\"$tss_user\\\" -DTSS_GROUP_NAME=\\\"$tss_group\\\" \ X -DTCSD_DEFAULT_PORT=${TCSD_DEFAULT_PORT} -DTSS_VER_MAJOR=${TSS_VER_MAJOR} \ X -DTSS_VER_MINOR=${TSS_VER_MINOR} -DTSS_SPEC_MAJOR=${TSS_SPEC_MAJOR} \ X -DTSS_SPEC_MINOR=${TSS_SPEC_MINOR}" 54f263a9bad252dea887f04414abf6ac echo x - trousers/files/patch-dist-Makefile.am sed 's/^X//' >trousers/files/patch-dist-Makefile.am << '504a086ffac7e812f037fa97f29c1f74' X--- dist/Makefile.am.orig 2010-03-12 05:41:54.000000000 +0900 X+++ dist/Makefile.am 2010-10-24 21:04:04.818560844 +0900 X@@ -1,17 +1,7 @@ X EXTRA_DIST = system.data.auth system.data.noauth \ X fedora/fedora.initrd.tcsd X install: install-exec-hook X- if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi X- /bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf || true X- /bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf X X install-exec-hook: X- /usr/sbin/groupadd tss || true X- /usr/sbin/useradd -r tss -g tss || true X- /bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi' X- /bin/chown tss:tss ${DESTDIR}/@localstatedir@/lib/tpm || true X- /bin/chmod 0700 ${DESTDIR}/@localstatedir@/lib/tpm X X uninstall-hook: X- /usr/sbin/userdel tss || true X- /usr/sbin/groupdel tss || true 504a086ffac7e812f037fa97f29c1f74 echo x - trousers/files/patch-dist-tcsd.conf.in sed 's/^X//' >trousers/files/patch-dist-tcsd.conf.in << 'ba08a8d0974ffb0250885a2fab9cb801' X--- dist/tcsd.conf.in.orig 2010-01-29 01:27:50.000000000 +0900 X+++ dist/tcsd.conf.in 2010-10-25 00:06:25.565556476 +0900 X@@ -35,7 +35,7 @@ X # log data. The interface to this log is usually provided by the TPM X # device driver. X # X-# firmware_log_file = /sys/kernel/security/tpm0/binary_bios_measurements X+# firmware_log_file = /var/run/tpm/binary_bios_measurements X # X X # Option: kernel_log_file X@@ -46,7 +46,7 @@ X # http://sf.net/projects/linux-ima for more info on getting IMA. X # X # X-# kernel_log_file = /sys/kernel/security/ima/binary_runtime_measurements X+# kernel_log_file = /var/run/ima/binary_runtime_measurements X # X X # Option: firmware_pcrs ba08a8d0974ffb0250885a2fab9cb801 echo x - trousers/files/patch-src-include-biosem.h sed 's/^X//' >trousers/files/patch-src-include-biosem.h << '7baa126b3bf782564a424ad400333179' X--- src/include/biosem.h.orig 2010-03-12 05:22:36.000000000 +0900 X+++ src/include/biosem.h 2010-10-24 21:04:04.820558727 +0900 X@@ -26,7 +26,7 @@ X UINT32 eventType; X BYTE digest[20]; X UINT32 eventDataSize; X- BYTE event[0];/* (eventSize) bytes of event data follows */ X+ BYTE event[1];/* (eventSize) bytes of event data follows */ X } TCG_PCClientPCREventStruc; X X #define EVLOG_SOURCE_BIOS 1 7baa126b3bf782564a424ad400333179 echo x - trousers/files/patch-src-include-linux-tpm.h sed 's/^X//' >trousers/files/patch-src-include-linux-tpm.h << 'd0bf3e4824bc76aa3a977b72f0ab172c' X--- src/include/linux/tpm.h.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/include/linux/tpm.h 2010-10-24 21:04:04.821560671 +0900 X@@ -20,6 +20,8 @@ X #include <linux/ioctl.h> X #elif (defined (__OpenBSD__) || defined (__FreeBSD__)) X #include <sys/ioctl.h> X+#elif (defined (SOLARIS)) X+#include <sys/ioccom.h> X #endif X X /* ioctl commands */ d0bf3e4824bc76aa3a977b72f0ab172c echo x - trousers/files/patch-src-include-tcs_tsp.h sed 's/^X//' >trousers/files/patch-src-include-tcs_tsp.h << '205b92e92f124faba1b040f5badf21a3' X--- src/include/tcs_tsp.h.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/include/tcs_tsp.h 2010-10-24 21:04:04.822560729 +0900 X@@ -79,7 +79,13 @@ X /* XXX Get rid of this, there's no reason to set an arbitrary limit */ X #define MAX_KEY_CHILDREN 10 X X+#ifndef STRUCTURE_PACKING_ATTRIBUTE X+#ifdef __GCC X #define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed)) X+#else X+#define STRUCTURE_PACKING_ATTRIBUTE /* */ X+#endif X+#endif X X #ifdef TSS_DEBUG X #define DBG_ASSERT(x) assert(x) 205b92e92f124faba1b040f5badf21a3 echo x - trousers/files/patch-src-include-tcs_utils.h sed 's/^X//' >trousers/files/patch-src-include-tcs_utils.h << '6a7d860e30e992a9fb04fb59af41bf96' X--- src/include/tcs_utils.h.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/include/tcs_utils.h 2010-10-24 21:04:04.824555399 +0900 X@@ -18,6 +18,20 @@ X #include "tcs_tsp.h" X #include "trousers_types.h" X X+ X+ X+/* X+ * XXX malloc wrapper X+ * X+ * Linux: malloc(0) => '\0' X+ * *BSD: malloc(0) => invalid to dereference X+ * X+ * => so wrap malloc(0) => calloc(1, 16) to create X+ * a 16Byte array containing '\0' X+ * X+ */ X+#define malloc(x) ((x) == 0 ? calloc(1, 16) : calloc(1, (x))) X+ X struct key_mem_cache X { X TCPA_KEY_HANDLE tpm_handle; 6a7d860e30e992a9fb04fb59af41bf96 echo x - trousers/files/patch-src-include-tcsd.h sed 's/^X//' >trousers/files/patch-src-include-tcsd.h << 'a1693b5207fb7ec025bd1b08b4943608' X--- src/include/tcsd.h.orig 2010-05-03 11:54:15.000000000 +0900 X+++ src/include/tcsd.h 2010-10-24 22:28:52.708555289 +0900 X@@ -50,14 +50,22 @@ X X #define TCSD_CONFIG_FILE ETC_PREFIX "/tcsd.conf" X X+#ifndef TSS_USER_NAME X #define TSS_USER_NAME "tss" X+#endif X+#ifndef TSS_GROUP_NAME X #define TSS_GROUP_NAME "tss" X+#endif X+ X+#ifndef TPM_PREFIX X+#define TPM_PREFIX "/lib/tpm" X+#endif X X #define TCSD_DEFAULT_MAX_THREADS 10 X-#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data" X-#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm" X-#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements" X-#define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements" X+#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX TPM_PREFIX "/system.data" X+#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX TPM_PREFIX X+#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/var/run/tpm/binary_bios_measurements" X+#define TCSD_DEFAULT_KERNEL_LOG_FILE "/var/run/ima/binary_runtime_measurements" X #define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000 X #define TCSD_DEFAULT_KERNEL_PCRS 0x00000000 X a1693b5207fb7ec025bd1b08b4943608 echo x - trousers/files/patch-src-include-tcsd_ops.h sed 's/^X//' >trousers/files/patch-src-include-tcsd_ops.h << '8b827ea9e570d8942278825f46e5566f' X--- src/include/tcsd_ops.h.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/include/tcsd_ops.h 2010-10-24 21:04:04.827558718 +0900 X@@ -123,7 +123,7 @@ X X struct tcsd_op { X char *name; X- int op[]; X+ int op[20]; X }; X X struct tcsd_op tcsd_op_seal = {"seal", {TCSD_OP_SEAL}}; 8b827ea9e570d8942278825f46e5566f echo x - trousers/files/patch-src-include-threads.h sed 's/^X//' >trousers/files/patch-src-include-threads.h << '6168776c8b0ad74f1579e2ede29ae072' X--- src/include/threads.h.orig 2010-05-03 11:54:15.000000000 +0900 X+++ src/include/threads.h 2010-10-24 21:04:04.828558009 +0900 X@@ -31,7 +31,7 @@ X #define COND_SIGNAL(c) pthread_cond_signal(c) X X /* thread abstractions */ X-#define THREAD_ID ((THREAD_TYPE)pthread_self()) X+#define THREAD_ID (long int)((THREAD_TYPE)pthread_self()) X #define THREAD_TYPE pthread_t X #define THREAD_JOIN pthread_join X #define THREAD_DETACH pthread_detach 6168776c8b0ad74f1579e2ede29ae072 echo x - trousers/files/patch-src-include-trousers_types.h sed 's/^X//' >trousers/files/patch-src-include-trousers_types.h << '8743a61ad1dea5b846b7e649be895c9c' X--- src/include/trousers_types.h.orig 2010-05-20 02:45:55.000000000 +0900 X+++ src/include/trousers_types.h 2010-10-24 21:04:04.829561420 +0900 X@@ -11,6 +11,14 @@ X #ifndef _TROUSERS_TYPES_H_ X #define _TROUSERS_TYPES_H_ X X+#ifndef STRUCTURE_PACKING_ATTRIBUTE X+#ifdef __GCC X+#define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed)) X+#else X+#define STRUCTURE_PACKING_ATTRIBUTE /* */ X+#endif X+#endif X+ X #define TCPA_NONCE_SIZE sizeof(TCPA_NONCE) X #define TCPA_DIGEST_SIZE sizeof(TCPA_DIGEST) X #define TCPA_ENCAUTH_SIZE sizeof(TCPA_ENCAUTH) X@@ -100,7 +108,7 @@ X typedef struct tdTSS_KEY12_HDR { X TPM_STRUCTURE_TAG tag; X UINT16 fill; X-} __attribute__((packed)) TSS_KEY12_HDR; X+} STRUCTURE_PACKING_ATTRIBUTE TSS_KEY12_HDR; X X typedef struct tdTSS_KEY { X union { X@@ -118,11 +126,10 @@ X BYTE *encData; X } TSS_KEY; X X-#if (defined (__linux) || defined (linux) || defined (SOLARIS) || defined (__GLIBC__)) X-#define BSD_CONST X-#elif (defined (__OpenBSD__) || defined (__FreeBSD__)) X+#if defined (__FreeBSD__) X #define BSD_CONST const X-#endif X- X+#else X+#define BSD_CONST /* */ X+#endif X X #endif 8743a61ad1dea5b846b7e649be895c9c echo x - trousers/files/patch-src-include-tss-platform.h sed 's/^X//' >trousers/files/patch-src-include-tss-platform.h << '46d11322ecc7db5e1fa5cdd802b2d150' X--- src/include/tss/platform.h.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/include/tss/platform.h 2010-10-24 21:04:04.830556101 +0900 X@@ -15,7 +15,7 @@ X #if !defined(WIN32) X #include <stdint.h> X typedef uint8_t BYTE; X- typedef int8_t TSS_BOOL; X+ typedef uint8_t TSS_BOOL; X typedef uint16_t UINT16; X typedef uint32_t UINT32; X typedef uint64_t UINT64; 46d11322ecc7db5e1fa5cdd802b2d150 echo x - trousers/files/patch-src-tcs-ps-ps_utils.c sed 's/^X//' >trousers/files/patch-src-tcs-ps-ps_utils.c << '80440b00a9b5029159a65203cb68f7d7' X--- src/tcs/ps/ps_utils.c.orig 2010-07-01 00:15:00.000000000 +0900 X+++ src/tcs/ps/ps_utils.c 2010-10-24 21:04:04.832556427 +0900 X@@ -16,10 +16,18 @@ X #if defined(HAVE_BYTEORDER_H) X #include <sys/byteorder.h> X #elif defined(HTOLE_DEFINED) X+#if defined(HAVE_ENDIAN_H) X #include <endian.h> X #define LE_16 htole16 X #define LE_32 htole32 X #define LE_64 htole64 X+#endif X+#if defined(HAVE_SYS_ENDIAN_H) X+#include <sys/endian.h> X+#define LE_16 htole16 X+#define LE_32 htole32 X+#define LE_64 htole64 X+#endif X #else X #define LE_16(x) (x) X #define LE_32(x) (x) X@@ -39,6 +47,24 @@ X #include "tcs_utils.h" X #include "tcslog.h" X X+#ifndef LE_16 X+static UINT16 htole16(UINT16 x) X+{ X+ BYTE *b = &x; X+ return (UINT16) (b[0] + (b[1] << 8)); X+} X+#define LE_16 htole16 X+#endif X+ X+#ifndef LE_32 X+static UINT32 htole32(UINT32 x) X+{ X+ BYTE *b = &x; X+ return (UINT32) (b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24)); X+} X+#define LE_32 htole32 X+#endif X+ X struct key_disk_cache *key_disk_cache_head = NULL; X X 80440b00a9b5029159a65203cb68f7d7 echo x - trousers/files/patch-src-tcs-ps-tcsps.c sed 's/^X//' >trousers/files/patch-src-tcs-ps-tcsps.c << '28f3bb3e5f973f722dce227a4368092f' X--- src/tcs/ps/tcsps.c.orig 2010-05-02 11:39:11.000000000 +0900 X+++ src/tcs/ps/tcsps.c 2010-10-24 21:04:04.833559489 +0900 X@@ -24,6 +24,11 @@ X #define LE_16 htole16 X #define LE_32 htole32 X #define LE_64 htole64 X+#elif defined (HAVE_SYS_ENDIAN_H) X+#include <sys/endian.h> X+#define LE_16 htole16 X+#define LE_32 htole32 X+#define LE_64 htole64 X #else X #define LE_16(x) (x) X #define LE_32(x) (x) X@@ -33,6 +38,26 @@ X #include <fcntl.h> X #include <limits.h> X X+#ifdef __sun X+#define LOCK_EX F_LOCK X+#define LOCK_UN F_ULOCK X+#define flock(fd, func) lockf(fd, func, 0) X+#endif X+ X+#ifndef LOCK_SH X+#define LOCK_SH 1 /* shared lock */ X+#endif X+#ifndef LOCK_EX X+#define LOCK_EX 2 /* exclusive lock */ X+#endif X+#ifndef LOCK_NB X+#define LOCK_NB 4 /* don't block when locking */ X+#endif X+#ifndef LOCK_UN X+#define LOCK_UN 8 /* unlock */ X+#endif X+ X+ X #include "trousers/tss.h" X #include "trousers_types.h" X #include "tcsps.h" X@@ -43,6 +68,25 @@ X #include "tcsd_wrap.h" X #include "tcsd.h" X X+#ifndef LE_16 X+static UINT16 htole16(UINT16 x) X+{ X+ BYTE *b = &x; X+ return (UINT16) (b[0] + (b[1] << 8)); X+} X+#define LE_16 htole16 X+#endif X+ X+#ifndef LE_32 X+static UINT32 htole32(UINT32 x) X+{ X+ BYTE *b = &x; X+ return (UINT32) (b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24)); X+} X+#define LE_32 htole32 X+#endif X+ X+ X int system_ps_fd = -1; X MUTEX_DECLARE(disk_cache_lock); X 28f3bb3e5f973f722dce227a4368092f echo x - trousers/files/patch-src-tcs-tcs_aik.c sed 's/^X//' >trousers/files/patch-src-tcs-tcs_aik.c << 'dd628e1bc6fd1f40a25a3f9b9a9d6def' X--- src/tcs/tcs_aik.c.orig 2010-06-10 05:20:44.000000000 +0900 X+++ src/tcs/tcs_aik.c 2010-10-24 21:04:04.834556754 +0900 X@@ -66,7 +66,7 @@ X UnloadBlob_UINT16(offset, &key->size, blob); X X if (key->size > 0) { X- key->data = (BYTE *)malloc(key->size); X+ key->data = malloc(key->size); X if (key->data == NULL) { X LogError("malloc of %hu bytes failed.", key->size); X key->size = 0; dd628e1bc6fd1f40a25a3f9b9a9d6def echo x - trousers/files/patch-src-tcs-tcs_auth_mgr.c sed 's/^X//' >trousers/files/patch-src-tcs-tcs_auth_mgr.c << '5b678d6fbc6f41ef8327daed159e7ab4' X--- src/tcs/tcs_auth_mgr.c.orig 2010-06-10 05:21:32.000000000 +0900 X+++ src/tcs/tcs_auth_mgr.c 2010-10-24 21:04:04.836560084 +0900 X@@ -108,7 +108,7 @@ X auth_mgr_swap_in() X { X if (auth_mgr.overflow[auth_mgr.of_tail] != NULL) { X- LogDebug("waking up thread %lddd, auth slot has opened", THREAD_ID); X+ LogDebug("waking up thread %ld, auth slot has opened", THREAD_ID); X /* wake up the next sleeping thread in order and increment tail */ X COND_SIGNAL(auth_mgr.overflow[auth_mgr.of_tail]); X auth_mgr.overflow[auth_mgr.of_tail] = NULL; X@@ -149,7 +149,7 @@ X auth_mgr.overflow[auth_mgr.of_head] = cond; X auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size; X /* go to sleep */ X- LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID); X+ LogDebug("thread %ld going to sleep until auth slot opens", THREAD_ID); X auth_mgr.sleeping_threads++; X COND_WAIT(cond, &tcsp_lock); X auth_mgr.sleeping_threads--; X@@ -180,7 +180,7 @@ X auth_mgr.of_tail = 0; X auth_mgr.overflow[auth_mgr.of_head] = cond; X auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size; X- LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID); X+ LogDebug("thread %ld going to sleep until auth slot opens", THREAD_ID); X auth_mgr.sleeping_threads++; X COND_WAIT(cond, &tcsp_lock); X auth_mgr.sleeping_threads--; 5b678d6fbc6f41ef8327daed159e7ab4 echo x - trousers/files/patch-src-tcsd-svrside.c sed 's/^X//' >trousers/files/patch-src-tcsd-svrside.c << 'a8b09c7ee713f81933bfec58be62413b' X--- src/tcsd/svrside.c.orig 2010-06-10 05:19:00.000000000 +0900 X+++ src/tcsd/svrside.c 2010-10-24 21:04:04.838555802 +0900 X@@ -20,7 +20,6 @@ X #include <sys/stat.h> X #include <sys/socket.h> X #include <netdb.h> X-#include <pwd.h> X #if (defined (__OpenBSD__) || defined (__FreeBSD__)) X #include <netinet/in.h> X #endif X@@ -41,11 +40,9 @@ X X struct tcsd_config tcsd_options; X struct tpm_properties tpm_metrics; X-static volatile int hup = 0, term = 0; X-extern char *optarg; X X-static void X-tcsd_shutdown(void) X+void X+tcsd_shutdown() X { X /* order is important here: X * allow all threads to complete their current request */ X@@ -57,27 +54,44 @@ X EVENT_LOG_final(); X } X X-static void X-tcsd_signal_term(int signal) X+void X+tcsd_signal_int(int signal) X { X- term = 1; X+ switch (signal) { X+ case SIGINT: X+ LogInfo("Caught SIGINT. Cleaning up and exiting."); X+ break; X+ case SIGHUP: X+ LogInfo("Caught SIGHUP. Cleaning up and exiting."); X+ break; X+ default: X+ LogError("Caught signal %d (which I didn't register for!)." X+ " Ignoring.", signal); X+ break; X+ } X+ tcsd_shutdown(); X+ exit(signal); X } X X void X-tcsd_signal_hup(int signal) X+tcsd_signal_chld(int signal) X { X- hup = 1; X+ /* kill zombies */ X+ wait3(NULL, WNOHANG, NULL); X } X X-static TSS_RESULT X-signals_init(void) X+TSS_RESULT X+signals_init() X { X int rc; X sigset_t sigmask; X- struct sigaction sa; X X sigemptyset(&sigmask); X- if ((rc = sigaddset(&sigmask, SIGTERM))) { X+ if ((rc = sigaddset(&sigmask, SIGCHLD))) { X+ LogError("sigaddset: %s", strerror(errno)); X+ return TCSERR(TSS_E_INTERNAL_ERROR); X+ } X+ if ((rc = sigaddset(&sigmask, SIGINT))) { X LogError("sigaddset: %s", strerror(errno)); X return TCSERR(TSS_E_INTERNAL_ERROR); X } X@@ -91,25 +105,30 @@ X return TCSERR(TSS_E_INTERNAL_ERROR); X } X X- sa.sa_flags = 0; X- sigemptyset(&sa.sa_mask); X- sa.sa_handler = tcsd_signal_term; X- if ((rc = sigaction(SIGTERM, &sa, NULL))) { X- LogError("signal SIGTERM not registered: %s", strerror(errno)); X+ tcsd_sa_int.sa_handler = tcsd_signal_int; X+ tcsd_sa_chld.sa_handler = tcsd_signal_chld; X+ tcsd_sa_chld.sa_flags = SA_RESTART; X+ X+ if ((rc = sigaction(SIGINT, &tcsd_sa_int, NULL))) { X+ LogError("signal SIGINT not registered: %s", strerror(errno)); X return TCSERR(TSS_E_INTERNAL_ERROR); X } X X- sa.sa_handler = tcsd_signal_hup; X- if ((rc = sigaction(SIGHUP, &sa, NULL))) { X+ if ((rc = sigaction(SIGHUP, &tcsd_sa_int, NULL))) { X LogError("signal SIGHUP not registered: %s", strerror(errno)); X return TCSERR(TSS_E_INTERNAL_ERROR); X } X X+ if ((rc = sigaction(SIGCHLD, &tcsd_sa_chld, NULL))) { X+ LogError("signal SIGCHLD not registered: %s", strerror(errno)); X+ return TCSERR(TSS_E_INTERNAL_ERROR); X+ } X+ X return TSS_SUCCESS; X } X X-static TSS_RESULT X-tcsd_startup(void) X+TSS_RESULT X+tcsd_startup() X { X TSS_RESULT result; X X@@ -183,7 +202,6 @@ X return TSS_SUCCESS; X } X X- X void X usage(void) X { X@@ -195,19 +213,6 @@ X fprintf(stderr, "\n"); X } X X-static TSS_RESULT X-reload_config(void) X-{ X- TSS_RESULT result; X- hup = 0; X- X- // FIXME: reload the config - work in progress X- result = TSS_SUCCESS; X- X- return result; X-} X- X- X int X main(int argc, char **argv) X { X@@ -216,7 +221,6 @@ X int sd, newsd, c, option_index = 0; X unsigned client_len; X char *hostname = NULL; X- struct passwd *pwd; X struct hostent *client_hostent = NULL; X struct option long_options[] = { X {"help", 0, NULL, 'h'}, X@@ -245,6 +249,14 @@ X if ((result = tcsd_startup())) X return (int)result; X X+ if (getenv("TCSD_FOREGROUND") == NULL) { X+ if (daemon(0, 0) == -1) { X+ perror("daemon"); X+ tcsd_shutdown(); X+ return -1; X+ } X+ } X+ X sd = socket(AF_INET, SOCK_STREAM, 0); X if (sd < 0) { X LogError("Failed socket: %s", strerror(errno)); X@@ -268,51 +280,20 @@ X LogError("Failed bind: %s", strerror(errno)); X return -1; X } X-#ifndef SOLARIS X- pwd = getpwnam(TSS_USER_NAME); X- if (pwd == NULL) { X- if (errno == 0) { X- LogError("User \"%s\" not found, please add this user" X- " manually.", TSS_USER_NAME); X- } else { X- LogError("getpwnam(%s): %s", TSS_USER_NAME, strerror(errno)); X- } X- return TCSERR(TSS_E_INTERNAL_ERROR); X- } X- setuid(pwd->pw_uid); X-#endif X if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) { X LogError("Failed listen: %s", strerror(errno)); X return -1; X } X client_len = (unsigned)sizeof(client_addr); X X- if (getenv("TCSD_FOREGROUND") == NULL) { X- if (daemon(0, 0) == -1) { X- perror("daemon"); X- tcsd_shutdown(); X- return -1; X- } X- } X- X LogInfo("%s: TCSD up and running.", PACKAGE_STRING); X do { X newsd = accept(sd, (struct sockaddr *) &client_addr, &client_len); X+ LogDebug("accepted socket %i", newsd); X if (newsd < 0) { X- if (errno == EINTR) { X- if (term) X- break; X- else if (hup) { X- if (reload_config() != TSS_SUCCESS) X- LogError("Failed reloading config"); X- } X- continue; X- } else { X- LogError("Failed accept: %s", strerror(errno)); X- continue; X- } X+ LogError("Failed accept: %s", strerror(errno)); X+ break; X } X- LogDebug("accepted socket %i", newsd); X X if ((client_hostent = gethostbyaddr((char *) &client_addr.sin_addr, X sizeof(client_addr.sin_addr), X@@ -332,12 +313,8 @@ X X tcsd_thread_create(newsd, hostname); X hostname = NULL; X- if (hup) { X- if (reload_config() != TSS_SUCCESS) X- LogError("Failed reloading config"); X- } X- } while (term ==0); X+ } while (1); X X- /* To close correctly, we must receive a SIGTERM */ X- return 0; X+ /* To close correctly, we must recieve a SIGHUP */ X+ return -1; X } a8b09c7ee713f81933bfec58be62413b echo x - trousers/files/patch-src-trspi-Makefile.am sed 's/^X//' >trousers/files/patch-src-trspi-Makefile.am << '0be92f57c62240321e262f33752c1360' X--- src/trspi/Makefile.am.orig 2010-03-12 05:41:54.000000000 +0900 X+++ src/trspi/Makefile.am 2010-10-24 21:04:04.839558584 +0900 X@@ -1,7 +1,8 @@ X noinst_LTLIBRARIES=libtrousers.la X X libtrousers_la_SOURCES=trousers.c crypto/@CRYPTO_PACKAGE@/hash.c X-libtrousers_la_CFLAGS=-DAPPID=\"TSPI\" -I${top_srcdir}/src/include X+libtrousers_la_CFLAGS=-DAPPID=\"TSPI\" -I${top_srcdir}/src/include \ X+ -I${LOCALBASE}/include -I@prefix@/include X X if TSS_BUILD_ASYM_CRYPTO X libtrousers_la_SOURCES+=crypto/@CRYPTO_PACKAGE@/rsa.c 0be92f57c62240321e262f33752c1360 echo x - trousers/files/patch-src-tspi-Makefile.am sed 's/^X//' >trousers/files/patch-src-tspi-Makefile.am << '81ce7a6f4b4a23d02fcefc49bc510760' X--- src/tspi/Makefile.am.orig 2010-03-12 05:41:54.000000000 +0900 X+++ src/tspi/Makefile.am 2010-10-24 21:04:04.840556827 +0900 X@@ -17,7 +17,7 @@ X # 5. If any interfaces have been added since the last public release, then increment age. X # 6. If any interfaces have been removed since the last public release, then set age to 0. X X-libtspi_la_LDFLAGS=-version-info 2:3:1 -lpthread @CRYPTOLIB@ X+libtspi_la_LDFLAGS=-version-info 2:3:1 -lpthread @CRYPTOLIB@ -L@prefix@/lib -liconv X X libtspi_la_CFLAGS=-I$(top_srcdir)/src/include -DAPPID=\"TSPI\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" X 81ce7a6f4b4a23d02fcefc49bc510760 echo x - trousers/files/patch-src-tspi-ps-ps_utils.c sed 's/^X//' >trousers/files/patch-src-tspi-ps-ps_utils.c << '55878de93b9e90775c3af677ac1df5d3' X--- src/tspi/ps/ps_utils.c.orig 2010-01-29 01:27:51.000000000 +0900 X+++ src/tspi/ps/ps_utils.c 2010-10-24 21:04:04.841558702 +0900 X@@ -22,7 +22,7 @@ X #include "tspps.h" X #include "tsplog.h" X X-inline TSS_RESULT X+TSS_RESULT X read_data(int fd, void *data, UINT32 size) X { X int rc; X@@ -39,7 +39,7 @@ X return TSS_SUCCESS; X } X X-inline TSS_RESULT X+TSS_RESULT X write_data(int fd, void *data, UINT32 size) X { X int rc; 55878de93b9e90775c3af677ac1df5d3 echo x - trousers/files/patch-src-tspi-ps-tspps.c sed 's/^X//' >trousers/files/patch-src-tspi-ps-tspps.c << '28832ebe24df8265a9be5f333b3175d2' X--- src/tspi/ps/tspps.c.orig 2010-05-02 11:39:11.000000000 +0900 X+++ src/tspi/ps/tspps.c 2010-10-24 21:04:04.843557352 +0900 X@@ -29,6 +29,11 @@ X #define LE_16 htole16 X #define LE_32 htole32 X #define LE_64 htole64 X+#elif defined(HAVE_SYS_ENDIAN_H) X+#include <sys/endian.h> X+#define LE_16 htole16 X+#define LE_32 htole32 X+#define LE_64 htole64 X #else X #define LE_16(x) (x) X #define LE_32(x) (x) X@@ -43,11 +48,26 @@ X #include "tspps.h" X #include "tsplog.h" X X+#ifndef LE_16 X+static UINT16 htole16(UINT16 x) X+{ X+ BYTE *b = &x; X+ return (UINT16) (b[0] + (b[1] << 8)); X+} X+#define LE_16 htole16 X+#endif X+ X+#ifndef LE_32 X+static UINT32 htole32(UINT32 x) X+{ X+ BYTE *b = &x; X+ return (UINT32) (b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24)); X+} X+#define LE_32 htole32 X+#endif X+ X static int user_ps_fd = -1; X static MUTEX_DECLARE_INIT(user_ps_lock); X-#if (defined (__FreeBSD__) || defined (__OpenBSD__)) X-static MUTEX_DECLARE_INIT(user_ps_path); X-#endif X #if defined (SOLARIS) X static struct flock fl = { X 0, X@@ -70,9 +90,7 @@ X TSS_RESULT result; X char *file_name = NULL, *home_dir = NULL; X struct passwd *pwp; X-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) X struct passwd pw; X-#endif X struct stat stat_buf; X char buf[PASSWD_BUFSIZE]; X uid_t euid; X@@ -82,10 +100,6 @@ X *file = strdup(file_name); X return (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY); X } X-#if (defined (__FreeBSD__) || defined (__OpenBSD__)) X- MUTEX_LOCK(user_ps_path); X-#endif X- X euid = geteuid(); X X #if defined (SOLARIS) X@@ -98,32 +112,14 @@ X */ X rc = snprintf(buf, sizeof (buf), "%s/%d", TSS_USER_PS_DIR, euid); X #else X- setpwent(); X- while (1) { X-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) X- rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); X- if (rc) { X- LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", X- strerror(rc)); X- endpwent(); X- return TSPERR(TSS_E_INTERNAL_ERROR); X- } X+ rc = getpwuid_r(euid, &pw, buf, PASSWD_BUFSIZE, &pwp); X+ if (rc) { X+ LogDebugFn("USER PS: Error getting path to home directory: " X+ "getpwent_r: %s", strerror(rc)); X+ return TSPERR(TSS_E_INTERNAL_ERROR); X+ } X X-#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) X- if ((pwp = getpwent()) == NULL) { X- LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", X- strerror(rc)); X- endpwent(); X- MUTEX_UNLOCK(user_ps_path); X- return TSPERR(TSS_E_INTERNAL_ERROR); X- } X-#endif X- if (euid == pwp->pw_uid) { X- home_dir = strdup(pwp->pw_dir); X- break; X- } X- } X- endpwent(); X+ home_dir = strdup(pwp->pw_dir); X X if (!home_dir) X return TSPERR(TSS_E_OUTOFMEMORY); 28832ebe24df8265a9be5f333b3175d2 echo x - trousers/files/patch-src-tspi-rpc-hosttable.c sed 's/^X//' >trousers/files/patch-src-tspi-rpc-hosttable.c << '38ae0b43adfebd024b3dd0ad4ee5c632' X--- src/tspi/rpc/hosttable.c.orig 2010-05-02 11:39:11.000000000 +0900 X+++ src/tspi/rpc/hosttable.c 2010-10-24 21:04:04.845560543 +0900 X@@ -36,8 +36,8 @@ X } X X #ifdef SOLARIS X-#pragma init(_init) X-void _init(void) X+#pragma init(_init_hosttable) X+void _init_hosttable(void) X #else X void __attribute__ ((constructor)) my_init(void) X #endif X@@ -51,6 +51,8 @@ X { X struct host_table_entry *hte, *next = NULL; X X+ if( ht == NULL ) return; X+ X MUTEX_LOCK(ht->lock); X X for (hte = ht->entries; hte; hte = next) { X@@ -70,8 +72,8 @@ X } X X #ifdef SOLARIS X-#pragma fini(_fini) X-void _fini(void) X+#pragma fini(_fini_hosttable) X+void _fini_hosttable(void) X #else X void __attribute__ ((destructor)) my_fini(void) X #endif X@@ -84,6 +86,8 @@ X { X struct host_table_entry *entry, *tmp; X X+ if( ht == NULL ) return TSPERR(TSS_E_OUTOFMEMORY); X+ X entry = calloc(1, sizeof(struct host_table_entry)); X if (entry == NULL) { X LogError("malloc of %zd bytes failed.", sizeof(struct host_table_entry)); X@@ -134,6 +138,8 @@ X { X struct host_table_entry *hte, *prev = NULL; X X+ if( ht == NULL ) return; X+ X MUTEX_LOCK(ht->lock); X X for (hte = ht->entries; hte; prev = hte, hte = hte->next) { X@@ -158,6 +164,8 @@ X { X struct host_table_entry *index = NULL; X X+ if( ht == NULL ) return NULL; X+ X MUTEX_LOCK(ht->lock); X X for (index = ht->entries; index; index = index->next) { 38ae0b43adfebd024b3dd0ad4ee5c632 echo x - trousers/files/patch-src-tspi-rpc-tcstp-rpc.c sed 's/^X//' >trousers/files/patch-src-tspi-rpc-tcstp-rpc.c << 'd9742557d1dface6a70f071ae69df411' X--- src/tspi/rpc/tcstp/rpc.c.orig 2010-03-12 05:26:51.000000000 +0900 X+++ src/tspi/rpc/tcstp/rpc.c 2010-10-24 21:04:04.846552639 +0900 X@@ -306,7 +306,7 @@ X errno = 0; X if ((recv_size = recv(sock, buffer+recv_total, size-recv_total, 0)) <= 0) { X if (recv_size < 0) { X- if (errno == EINTR) X+ if (errno == EINTR || errno == EAGAIN) X continue; X LogError("Socket receive connection error: %s.", strerror(errno)); X } else { d9742557d1dface6a70f071ae69df411 echo x - trousers/files/pkg-install.in sed 's/^X//' >trousers/files/pkg-install.in << '9176e57905e2f26a08f561de15df0f20' X#!/bin/sh X XPATH=/bin:/usr/bin:/usr/sbin X XPREFIX=${PKG_PREFIX:-%%PREFIX%%} XUSER=%%TSS_USER%% XGROUP=%%TSS_GROUP%% XUID=%%TSS_UID%% XGID=%%TSS_GID%% X Xcase $2 in X PRE-INSTALL) X X if pw group show "${GROUP}" 2>/dev/null; then X echo "You already have a group \"${GROUP}\", so I will use it." X else X if pw groupadd ${GROUP} -g ${GID}; then X echo "Added group \"${GROUP}\"." X else X echo "Adding group \"${GROUP}\" failed..." X fi X fi X X if pw user show "${USER}" 2>/dev/null; then X echo "You already have a user \"${USER}\", so I will use it." X else X if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \ X -s /usr/sbin/nologin -L daemon -d /var/empty -c "TrouSerS user" X then X echo "Added user \"${USER}\"." X else X echo "Adding user \"${USER}\" failed..." X exit 1 X fi X fi X X if pw groupmod ${GROUP} -m ${USER}; then X echo "Added user \"${USER}\" to group \"${GROUP}\"." X else X echo "Adding user \"${USER}\" to group \"${GROUP}\" failed..." X fi X X install -d -o root -g ${GROUP} -m 0700 /var/run/tpm X install -d -o root -g ${GROUP} -m 0700 /var/run/ima X install -d -o root -g ${GROUP} -m 0700 ${PREFIX}/var/lib/tpm X X ;; X X POST-DEINSTALL) X X rmdir /var/run/tpm /var/run/ima 2> /dev/null || true X X# if pw user show "${USER}" 2>/dev/null; then X# if pw userdel ${USER} -u ${UID}; then X# echo "Deleted user \"${USER}\"." X# fi X# fi X X# if pw group show "${GROUP}" 2>/dev/null; then X# if pw groupdel ${GROUP} -g ${GID}; then X# echo "Deleted group \"${GROUP}\"." X# fi X# fi X X ;; X Xesac 9176e57905e2f26a08f561de15df0f20 echo x - trousers/files/pkg-message.in sed 's/^X//' >trousers/files/pkg-message.in << '1f220de02a946ea9b8d3d5db7d809bcf' XTo run tcsd automatically add the following line to /etc/rc.conf X Xtcsd_enable="YES" X XYou might want to edit %%PREFIX%%/etc/tcsd.conf to reflect your setup. 1f220de02a946ea9b8d3d5db7d809bcf echo x - trousers/files/tcsd.in sed 's/^X//' >trousers/files/tcsd.in << '3fafd7e59fa591bc4ccd271ab9f177f4' X#!/bin/sh X X# $FreeBSD$ X# X# PROVIDE: tcsd X# REQUIRE: LOGIN X# KEYWORD: shutdown X# X# Add the following lines to /etc/rc.conf.local or /etc/rc.conf X# to enable this service: X# X# tcsd_enable (bool): Set to NO by default. X# Set it to YES to enable tcsd. X X. /etc/rc.subr X Xname=tcsd Xrcvar=`set_rcvar` Xcommand="%%PREFIX%%/sbin/${name}" X Xload_rc_config $name X X: tcsd_enable=${tcsd_enable-"NO"} X Xrun_rc_command "$1" 3fafd7e59fa591bc4ccd271ab9f177f4 echo x - trousers/pkg-descr sed 's/^X//' >trousers/pkg-descr << '2a7c4d6acfdaa2823ffc7d484f1976d8' XTrouSerS is an CPL (Common Public License) licensed Trusted Computing XSoftware Stack. It is mostly compliant with the TSS 1.2 specification. 2a7c4d6acfdaa2823ffc7d484f1976d8 echo x - trousers/pkg-plist sed 's/^X//' >trousers/pkg-plist << 'ec75e402f06a6acdd6a48c4cc7c7d7cc' X@unexec cmp -s %D/etc/tcsd.conf %D/%%EXAMPLESDIR%%/tcsd.conf && rm -f %D/etc/tcsd.conf || true X%%EXAMPLESDIR%%/tcsd.conf X@exec [ -f %D/etc/tcsd.conf ] || cp -p %B/%f %D/etc/tcsd.conf Xinclude/trousers/trousers.h Xinclude/trousers/tss.h Xinclude/tss/compat11b.h Xinclude/tss/platform.h Xinclude/tss/tcpa_defines.h Xinclude/tss/tcpa_error.h Xinclude/tss/tcpa_struct.h Xinclude/tss/tcpa_typedef.h Xinclude/tss/tcs.h Xinclude/tss/tcs_defines.h Xinclude/tss/tcs_error.h Xinclude/tss/tcs_structs.h Xinclude/tss/tcs_typedef.h Xinclude/tss/tddl_error.h Xinclude/tss/tddlapi_error.h Xinclude/tss/tddli.h Xinclude/tss/tpm.h Xinclude/tss/tpm_error.h Xinclude/tss/tpm_ordinal.h Xinclude/tss/tspi.h Xinclude/tss/tss_defines.h Xinclude/tss/tss_error.h Xinclude/tss/tss_error_basics.h Xinclude/tss/tss_structs.h Xinclude/tss/tss_typedef.h X%%TDDL%%lib/libtddl.a Xlib/libtspi.a Xlib/libtspi.la Xlib/libtspi.so Xlib/libtspi.so.2 Xsbin/tcsd X@dirrm %%EXAMPLESDIR%% X@dirrmtry var/lib/tpm X@dirrmtry var/lib X@dirrmtry var X@dirrm include/tss X@dirrm include/trousers X@comment @dirrmtry var run tpm X@comment @dirrmtry var run ima ec75e402f06a6acdd6a48c4cc7c7d7cc exit --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK Content-Type: text/plain; name="opencryptoki.shar" Content-Disposition: attachment; filename="opencryptoki.shar" Content-Transfer-Encoding: 7bit # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # opencryptoki # opencryptoki/Makefile # opencryptoki/distinfo # opencryptoki/files # opencryptoki/files/patch-configure.in # opencryptoki/files/patch-usr-include-pkcs11-apictl.h # opencryptoki/files/patch-usr-include-pkcs11-slotmgr.h # opencryptoki/files/patch-usr-include-pkcs11-stdll.h # opencryptoki/files/patch-usr-lib-pkcs11-aep_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-api-api_interface.c # opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c # opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in # opencryptoki/files/patch-usr-lib-pkcs11-bcom_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-host_defs.h # opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-loadsave.c # opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-new_host.c # opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-tok_spec_struct.h # opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h # opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c # opencryptoki/files/patch-usr-lib-pkcs11-common-new_host.c # opencryptoki/files/patch-usr-lib-pkcs11-common-tok_spec_struct.h # opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c # opencryptoki/files/patch-usr-lib-pkcs11-cr_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-ica_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am # opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-host_defs.h # opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-loadsave.c # opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-new_host.c # opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-tok_spec_struct.h # opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-utility.c # opencryptoki/files/patch-usr-sbin-pkcs11_startup-Makefile.am # opencryptoki/files/patch-usr-sbin-pkcs11_startup-pkcs11_startup.in # opencryptoki/files/patch-usr-sbin-pkcs_slot-pkcs_slot.in # opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am # opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c # opencryptoki/files/patch-usr-sbin-pkcsslotd-err.c # opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c # opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h # opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c # opencryptoki/files/pkcsslotd.in # opencryptoki/files/pkg-install.in # opencryptoki/files/pkg-message.in # opencryptoki/pkg-descr # opencryptoki/pkg-plist # echo c - opencryptoki mkdir -p opencryptoki > /dev/null 2>&1 echo x - opencryptoki/Makefile sed 's/^X//' >opencryptoki/Makefile << 'f31207dec89f8136d8713efd103a8521' X# New ports collection makefile for: opencryptoki X# Date created: 2010-07-16 X# Whom: Ralf Meister X# X# $FreeBSD$ X# X XPORTNAME= opencryptoki XPORTVERSION= 2.3.2 XCATEGORIES= security XMASTER_SITES= SF/${PORTNAME}/${PORTNAME}/${PORTVERSION} X XMAINTAINER= nork@FreeBSD.org XCOMMENT= An open PKCS\#11 implementation library X XLIB_DEPENDS+= tspi.2:${PORTSDIR}/security/trousers X XUSE_BZIP2= YES XUSE_GMAKE= YES XUSE_LDCONFIG= YES XUSE_AUTOTOOLS= autoconf:268 libtool:22 automake:111 XHAS_CONFIGURE= YES XMAKE_JOBS_SAFE= YES X XSUB_FILES= pkg-install XSUB_LIST= PKCS11_USER=${PKCS11_USER} PKCS11_UID=${PKCS11_UID} \ X PKCS11_GROUP=${PKCS11_GROUP} PKCS11_GID=${PKCS11_GID} XPKGINSTALL= ${WRKDIR}/pkg-install X#PKGDEINSTALL= ${WRKDIR}/pkg-install XUSE_RC_SUBR= pkcsslotd X XMAN1= pkcs11_startup.1 pkcsconf.1 XMAN5= pk_config_data.5 XMAN7= opencryptoki.7 XMAN8= pkcsslotd.8 X XCONFIGURE_ARGS= --enable-swtok --enable-tpmtok \ X --disable-crtok --disable-aeptok \ X --disable-ccatok --disable-bcomtok \ X --disable-pkcscca_migrate \ X --libdir=${PREFIX}/lib \ X --sbindir=${PREFIX}/sbin \ X --localstatedir=${PREFIX}/var \ X --with-pkcs11user=${PKCS11_USER} \ X --with-pkcs11group=${PKCS11_GROUP} XCONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include" XCONFIGURE_ENV+= LDFLAGS="-L${LOCALBASE}/lib" X XPKCS11_USER= _pkcs11 XPKCS11_GROUP= _pkcs11 XPKCS11_UID= 602 XPKCS11_GID= 602 X Xpre-configure: X cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${ACLOCAL} X cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${LIBTOOLIZE} --force -c X cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${AUTOMAKE} --add-missing -c X cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${AUTOCONF} X Xpre-install: X ${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL X Xpost-install: X cd ${PREFIX}/lib && ${LN} -s opencryptoki/libopencryptoki* . X ${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL X X.include <bsd.port.mk> f31207dec89f8136d8713efd103a8521 echo x - opencryptoki/distinfo sed 's/^X//' >opencryptoki/distinfo << 'd6dd4730871d9b94afb052a3c15ab7f9' XMD5 (opencryptoki-2.3.2.tar.bz2) = eada4c72c2563f2c9a1b44fc6d1856db XSHA256 (opencryptoki-2.3.2.tar.bz2) = 44fdf74a9eab2586240a69779c5c323e8378e8f2fde21cd4f8bd9186a24c30f7 XSIZE (opencryptoki-2.3.2.tar.bz2) = 665134 d6dd4730871d9b94afb052a3c15ab7f9 echo c - opencryptoki/files mkdir -p opencryptoki/files > /dev/null 2>&1 echo x - opencryptoki/files/patch-configure.in sed 's/^X//' >opencryptoki/files/patch-configure.in << 'ba603af54cc49bec829d0ca77000ec79' X--- configure.in.orig 2010-07-29 21:28:41.000000000 +0900 X+++ configure.in 2010-10-20 01:31:02.971984782 +0900 X@@ -8,6 +8,9 @@ X X AM_INIT_AUTOMAKE([foreign 1.6]) X X+AC_DEFINE(_BSD_SOURCE, 1, BSD functions) X+AC_DEFINE(__BSD_VISIBLE, 1, BSD extensions) X+ X dnl Get the canonical host type X AC_CANONICAL_TARGET X X@@ -30,6 +33,7 @@ X AC_FUNC_STRFTIME X AC_FUNC_VPRINTF X AC_CHECK_FUNCS([getcwd]) X+AC_CHECK_FUNCS([asprintf]) X X dnl Used in various scripts X AC_PATH_PROG([ID], [id], [/us/bin/id]) X@@ -193,6 +197,21 @@ X [], X [with_xcryptolinz=check]) X X+dnl --- check for pkcs11 user X+AC_ARG_WITH([pkcs11user], X+ AC_HELP_STRING([--with-pkcs11user[[=USER]]], [set pkcs11 user [[pkcs11]]]), X+ [pkcs11_user=$withval], X+ [pkcs11_user=pkcs11]) X+ X+dnl --- check for pkcs11 group X+AC_ARG_WITH(pkcs11group, X+ AC_HELP_STRING([--with-pkcs11group[[=GROUP]]], [set pkcs11 group [[pkcs11]]]), X+ [pkcs11_group=$withval], X+ [pkcs11_group=pkcs11]) X+ X+AC_SUBST(PKCS11USER, $pkcs11_user) X+AC_SUBST(PKCS11GROUP, $pkcs11_group) X+ X dnl --- X dnl --- X dnl --- Now that we have all the options, let's check for a valid build X@@ -630,11 +649,15 @@ X X CFLAGS="$CFLAGS $DEBUG_CFLAGS -DPKCS64 -D_XOPEN_SOURCE=500" X X-CFLAGS+=' -DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\" -DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\"' X+CFLAGS="$CFLAGS -DCONFIG_PATH='\"$localstatedir/lib/opencryptoki\"' -DSBIN_PATH='\"$sbindir\"' -DLIB_PATH='\"$libdir\"'" X+ X+CFLAGS="$CFLAGS -DPKCS11USER='\"${pkcs11_user}\"' -DPKCS11GROUP='\"${pkcs11_group}\"'" X X # At this point, CFLAGS is set to something sensible X AC_PROG_CC X X+AC_SUBST(FPIC, $lt_prog_compiler_pic) X+ X AC_OUTPUT([Makefile usr/Makefile \ X usr/include/Makefile \ X usr/include/pkcs11/Makefile \ ba603af54cc49bec829d0ca77000ec79 echo x - opencryptoki/files/patch-usr-include-pkcs11-apictl.h sed 's/^X//' >opencryptoki/files/patch-usr-include-pkcs11-apictl.h << 'b18558c4d5a71fc05ffa7ebbb02f84d7' X--- usr/include/pkcs11/apictl.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/include/pkcs11/apictl.h 2010-10-19 23:42:04.580983829 +0900 X@@ -296,7 +296,7 @@ X X X #include <pkcs11types.h> X-#include <linux/limits.h> X+#include <limits.h> X #include <local_types.h> X #include <stdll.h> X #include <slotmgr.h> b18558c4d5a71fc05ffa7ebbb02f84d7 echo x - opencryptoki/files/patch-usr-include-pkcs11-slotmgr.h sed 's/^X//' >opencryptoki/files/patch-usr-include-pkcs11-slotmgr.h << 'faca460c2cea8089314a86016a985336' X--- usr/include/pkcs11/slotmgr.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/include/pkcs11/slotmgr.h 2010-10-19 23:42:55.423984058 +0900 X@@ -301,7 +301,7 @@ X X X #include <pkcs11types.h> X-#include <linux/limits.h> X+#include <limits.h> X #include <local_types.h> X #include <pthread.h> X faca460c2cea8089314a86016a985336 echo x - opencryptoki/files/patch-usr-include-pkcs11-stdll.h sed 's/^X//' >opencryptoki/files/patch-usr-include-pkcs11-stdll.h << 'a4a465f74d95fdbcda24a07cf27e78c0' X--- usr/include/pkcs11/stdll.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/include/pkcs11/stdll.h 2010-10-19 23:43:40.418984281 +0900 X@@ -302,7 +302,7 @@ X X X #include <pkcs11types.h> X-#include <linux/limits.h> X+#include <limits.h> X #include <local_types.h> X #include <slotmgr.h> X a4a465f74d95fdbcda24a07cf27e78c0 echo x - opencryptoki/files/patch-usr-lib-pkcs11-aep_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-aep_stdll-Makefile.am << '3f24ba189b1ba4dee357140896e27b09' X--- usr/lib/pkcs11/aep_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/aep_stdll/Makefile.am 2010-10-19 23:45:36.945982287 +0900 X@@ -6,7 +6,7 @@ X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_stdll_libpkcs11_aep_la_CFLAGS = -DSPINXPL -DDEV \ X--D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 \ X+-D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=1 -DLITE=0 -DNOCDMF -DNOMD2 \ X -DNODSA -DDEBUGON -DAEP_GENERIC -DNORIPE -DSTDLL_NAME=\"aeptok\" X X opencryptoki_stdll_libpkcs11_aep_la_SOURCES = ../common/asn1.c \ 3f24ba189b1ba4dee357140896e27b09 echo x - opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-api-Makefile.am << 'a623a243874976260a04ed84d947e9c2' X--- usr/lib/pkcs11/api/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/api/Makefile.am 2010-10-19 23:49:45.125982519 +0900 X@@ -4,13 +4,13 @@ X SO_REVISION=0 X SO_AGE=0 X X-opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc -ldl \ X+opencryptoki_libopencryptoki_la_LDFLAGS = -shared -Wl,-Bsymbolic -lc \ X -lpthread -version-info \ X $(SO_CURRENT):$(SO_REVISION):$(SO_AGE) X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_libopencryptoki_la_CFLAGS = -DSPINXPL -DAPI -DDEV -D_THREAD_SAFE \ X- -fPIC -I../. -I../../../include/pkcs11 X+ $(FPIC) -I../. -I../../../include/pkcs11 X X opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c apiutil.c X a623a243874976260a04ed84d947e9c2 echo x - opencryptoki/files/patch-usr-lib-pkcs11-api-api_interface.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-api-api_interface.c << 'cbc74013fef61cf67a1298020a0675cf' X--- usr/lib/pkcs11/api/api_interface.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/api/api_interface.c 2010-10-19 23:52:25.355983620 +0900 X@@ -2390,7 +2390,7 @@ X C_GetFunctionList ( CK_FUNCTION_LIST_PTR_PTR ppFunctionList ) X { X X- _init(); X+ api_init(); X X LOG("C_GetFunctionList"); X FuncList.version.major = VERSION_MAJOR; X@@ -5168,7 +5168,11 @@ X X } X X+#ifdef __sun X+#pragma init(api_init) X+#else X void api_init(void) __attribute__((constructor)); X+#endif X X void X api_init(void) X@@ -5194,7 +5198,11 @@ X X } X X+#ifdef __sun X+#pragma fini(api_fini) X+#else X void api_fini(void) __attribute__((destructor)); X+#endif X X void X api_fini() cbc74013fef61cf67a1298020a0675cf echo x - opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-api-apiutil.c << '9c1475523ef8e41b383d8926ead6c09a' X--- usr/lib/pkcs11/api/apiutil.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/api/apiutil.c 2010-10-19 23:54:52.374982634 +0900 X@@ -305,10 +305,10 @@ X #include <string.h> X #include <strings.h> X #include <unistd.h> X-#include <alloca.h> X #include <dlfcn.h> X #include <errno.h> X #include <sys/syslog.h> X+#include <limits.h> X X #include <sys/ipc.h> X X@@ -325,10 +325,28 @@ X #include <sys/types.h> X #include <sys/stat.h> X #include <fcntl.h> X-#include <sys/file.h> X static int xplfd=-1; X #endif X X+#ifdef __sun X+#define LOCK_EX F_LOCK X+#define LOCK_UN F_ULOCK X+#define flock(fd, func) lockf(fd, func, 0) X+#endif X+ X+#ifndef LOCK_SH X+#define LOCK_SH 1 /* shared lock */ X+#endif X+#ifndef LOCK_EX X+#define LOCK_EX 2 /* exclusive lock */ X+#endif X+#ifndef LOCK_NB X+#define LOCK_NB 4 /* don't block when locking */ X+#endif X+#ifndef LOCK_UN X+#define LOCK_UN 8 /* unlock */ X+#endif X+ X #include <libgen.h> X X #define LIBLOCATION LIB_PATH 9c1475523ef8e41b383d8926ead6c09a echo x - opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-api-shrd_mem.c.in << '233d06ea6eb5773680be5746327d0383' X--- usr/lib/pkcs11/api/shrd_mem.c.in.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/api/shrd_mem.c.in 2010-10-19 23:56:22.728981736 +0900 X@@ -353,7 +353,7 @@ X X X // SAB check for the group id here and membership here as well X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if ( grp ) { X int i=0; X char member=0; 233d06ea6eb5773680be5746327d0383 echo x - opencryptoki/files/patch-usr-lib-pkcs11-bcom_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-bcom_stdll-Makefile.am << '4b300e6041f3cd546cd76d646ad887e7' X--- usr/lib/pkcs11/bcom_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/bcom_stdll/Makefile.am 2010-10-19 23:57:38.434983522 +0900 X@@ -8,7 +8,7 @@ X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_stdll_libpkcs11_bc_la_CFLAGS = -DSPINXPL -DDEV \ X--D_THREAD_SAFE -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DNOAES \ X+-D_THREAD_SAFE $(FPIC) $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DNOAES \ X -DNODH -DDEBUGON -DNORIPE -DSTDLL_NAME=\"bcomtok\" X X opencryptoki_stdll_libpkcs11_bc_la_SOURCES = ../common/asn1.c \ 4b300e6041f3cd546cd76d646ad887e7 echo x - opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-host_defs.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-host_defs.h << 'fcd67028a5743a97083888e6e3fce52c' X--- usr/lib/pkcs11/cca_stdll/host_defs.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/cca_stdll/host_defs.h 2010-10-19 23:59:33.363984758 +0900 X@@ -10,13 +10,24 @@ X */ X X X+#include <sys/types.h> X #include <sys/mman.h> X #ifndef _HOST_DEFS_H X #define _HOST_DEFS_H X X #include <semaphore.h> X #include <pthread.h> X+#if defined(__OpenBSD__) || defined(__FreeBSD__) X+#include <sys/endian.h> X+#ifdef _BYTE_ORDER X+#define __BYTE_ORDER _BYTE_ORDER X+#endif X+#ifdef _LITTLE_ENDIAN X+#define __LITTLE_ENDIAN _LITTLE_ENDIAN X+#endif X+#else X #include <endian.h> X+#endif X X #include "pkcs32.h" X // Both of the strings below have a length of 32 chars and must be fcd67028a5743a97083888e6e3fce52c echo x - opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-loadsave.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-loadsave.c << '5c92c9c229f35515bb4671f61df8a54f' X--- usr/lib/pkcs11/cca_stdll/loadsave.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/cca_stdll/loadsave.c 2010-10-20 01:49:50.769984323 +0900 X@@ -22,11 +22,9 @@ X #include <string.h> X #include <strings.h> X #include <unistd.h> X-#include <alloca.h> X #include <sys/types.h> X #include <sys/stat.h> X #include <sys/ipc.h> X-#include <sys/file.h> X #include <errno.h> X X #include <pwd.h> X@@ -51,7 +49,7 @@ X // Set absolute permissions or rw-rw-r-- X fchmod(file,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH); X X- grp = getgrnam("pkcs11"); // Obtain the group id X+ grp = getgrnam(PKCS11GROUP); // Obtain the group id X if (grp){ X fchown(file,getuid(),grp->gr_gid); // set ownership to root, and pkcs11 group X } 5c92c9c229f35515bb4671f61df8a54f echo x - opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-new_host.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-new_host.c << 'd40d0b7dec7ca3e3fc985e9123c9e636' X--- usr/lib/pkcs11/cca_stdll/new_host.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/cca_stdll/new_host.c 2010-10-20 00:06:26.575983974 +0900 X@@ -298,7 +298,7 @@ X struct group *grp; X int rc = 0; X gid_t gid,egid; X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if (grp) { X // Check for member of group.. X // SAB get login seems to not work with some X@@ -786,7 +786,19 @@ X // X object_mgr_destroy_token_objects(); X #if 0 /* TODO: Implement delete_all_files_in_dir() */ X+#if HAVE_ASPRINTF X local_rc = asprintf(&pk_full_path, "%s/%s", pk_dir, PK_LITE_OBJ_DIR); X+#else X+ pk_full_path = malloc(1024); X+ if( pk_full_path != NULL ) { X+ local_rc = snprintf(pk_full_path, 1023, "%s/%s", X+ pk_dir, PK_LITE_OBJ_DIR); X+ if( local_rc == -1 ) free(pk_full_path); X+ } X+ else { X+ local_rc = -1; X+ } X+#endif X if (local_rc == -1) { X rc = CKR_HOST_MEMORY; X goto out; X@@ -797,8 +809,20 @@ X goto out; X } X #endif X+#if HAVE_ASPRINTF X local_rc = asprintf(&s, "%s %s/%s/* > /dev/null 2>&1", DEL_CMD, pk_dir, X PK_LITE_OBJ_DIR); X+#else X+ s = malloc(1024); X+ if( s != NULL ) { X+ local_rc = snprintf(s, 1023, "%s %s/%s/* > /dev/null 2>&1", X+ DEL_CMD, pk_dir, PK_LITE_OBJ_DIR); X+ if( local_rc == -1 ) free(s); X+ } X+ else { X+ local_rc = -1; X+ } X+#endif X if (local_rc == -1) { X rc = CKR_HOST_MEMORY; X goto out; d40d0b7dec7ca3e3fc985e9123c9e636 echo x - opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-tok_spec_struct.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-cca_stdll-tok_spec_struct.h << 'e5f074c237888e86017dd50b2276b829' X--- usr/lib/pkcs11/cca_stdll/tok_spec_struct.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/cca_stdll/tok_spec_struct.h 2010-10-20 00:08:00.317982423 +0900 X@@ -22,9 +22,9 @@ X #define _TOK_SPECIFIC_STRUCT X X struct token_specific_struct{ X- CK_BYTE token_directory[2048]; // Used to be in the token_local.h as a #def X- CK_BYTE token_subdir[2048]; // subdirectory X- CK_BYTE token_debug_tag[2048]; // debug logging tag X+ CK_BYTE *token_directory; // Used to be in the token_local.h as a #def X+ CK_BYTE *token_subdir; // subdirectory X+ CK_BYTE *token_debug_tag; // debug logging tag X X CK_RV (*t_init)(char *,CK_SLOT_ID); // Initialization function X int (*t_slot2local)(); // convert the PKCS#11 slot to a local index e5f074c237888e86017dd50b2276b829 echo x - opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-common-host_defs.h << '39ed08aa6515acd003ce4a19841060e1' X--- usr/lib/pkcs11/common/host_defs.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/common/host_defs.h 2010-10-20 00:10:01.398983092 +0900 X@@ -294,13 +294,24 @@ X /* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */ X X X+#include <sys/types.h> X #include <sys/mman.h> X #ifndef _HOST_DEFS_H X #define _HOST_DEFS_H X X #include <semaphore.h> X #include <pthread.h> X+#if defined(__OpenBSD__) || defined(__FreeBSD__) X+#include <sys/endian.h> X+#ifdef _BYTE_ORDER X+#define __BYTE_ORDER _BYTE_ORDER X+#endif X+#ifdef _LITTLE_ENDIAN X+#define __LITTLE_ENDIAN _LITTLE_ENDIAN X+#endif X+#else X #include <endian.h> X+#endif X X #include "pkcs32.h" X // Both of the strings below have a length of 32 chars and must be 39ed08aa6515acd003ce4a19841060e1 echo x - opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-common-loadsave.c << '4276b6e56c02ebbaa9e25b90fdeb9451' X--- usr/lib/pkcs11/common/loadsave.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/common/loadsave.c 2010-10-20 00:11:28.399983780 +0900 X@@ -301,11 +301,9 @@ X #include <string.h> X #include <strings.h> X #include <unistd.h> X-#include <alloca.h> X #include <sys/types.h> X #include <sys/stat.h> X #include <sys/ipc.h> X-#include <sys/file.h> X #include <errno.h> X X #include <pwd.h> X@@ -328,7 +326,7 @@ X // Set absolute permissions or rw-rw-r-- X fchmod(file,S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH); X X- grp = getgrnam("pkcs11"); // Obtain the group id X+ grp = getgrnam(PKCS11GROUP); // Obtain the group id X if (grp){ X fchown(file,getuid(),grp->gr_gid); // set ownership to root, and pkcs11 group X } 4276b6e56c02ebbaa9e25b90fdeb9451 echo x - opencryptoki/files/patch-usr-lib-pkcs11-common-new_host.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-common-new_host.c << '539830893ffa52debc0f93f634b96128' X--- usr/lib/pkcs11/common/new_host.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/common/new_host.c 2010-10-20 00:16:08.274985517 +0900 X@@ -576,7 +576,7 @@ X struct group *grp; X int rc = 0; X gid_t gid,egid; X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if (grp) { X // Check for member of group.. X // SAB get login seems to not work with some X@@ -1064,7 +1064,19 @@ X // X object_mgr_destroy_token_objects(); X #if 0 /* TODO: Implement delete_all_files_in_dir() */ X+#if HAVE_ASPRINTF X local_rc = asprintf(&pk_full_path, "%s/%s", pk_dir, PK_LITE_OBJ_DIR); X+#else X+ pk_full_path = malloc(1024); X+ if( pk_full_path != NULL ) { X+ local_rc = snprintf(pk_full_path, 1023, "%s/%s", X+ pk_dir, PK_LITE_OBJ_DIR); X+ if( local_rc == -1 ) free(pk_full_path); X+ } X+ else { X+ local_rc = -1; X+ } X+#endif X if (local_rc == -1) { X rc = CKR_HOST_MEMORY; X goto out; X@@ -1075,8 +1087,20 @@ X goto out; X } X #endif X+#if HAVE_ASPRINTF X local_rc = asprintf(&s, "%s %s/%s/* > /dev/null 2>&1", DEL_CMD, pk_dir, X PK_LITE_OBJ_DIR); X+#else X+ s = malloc(1024); X+ if( s != NULL ) { X+ local_rc = snprintf(s, 1023, "%s %s/%s/* > /dev/null 2>&1", X+ DEL_CMD, pk_dir, PK_LITE_OBJ_DIR); X+ if( local_rc == -1 ) free(s); X+ } X+ else { X+ local_rc = -1; X+ } X+#endif X if (local_rc == -1) { X rc = CKR_HOST_MEMORY; X goto out; 539830893ffa52debc0f93f634b96128 echo x - opencryptoki/files/patch-usr-lib-pkcs11-common-tok_spec_struct.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-common-tok_spec_struct.h << 'c149cce0a7390bc1c5e7bc9fe6f2ee60' X--- usr/lib/pkcs11/common/tok_spec_struct.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/common/tok_spec_struct.h 2010-10-20 00:17:28.288984976 +0900 X@@ -308,9 +308,9 @@ X #define _TOK_SPECIFIC_STRUCT X X struct token_specific_struct{ X- CK_BYTE token_directory[PATH_MAX]; // Used to be in the token_local.h as a #def X- CK_BYTE token_subdir[PATH_MAX]; // subdirectory X- CK_BYTE token_debug_tag[PATH_MAX]; // debug logging tag X+ CK_BYTE *token_directory; // Used to be in the token_local.h as a #def X+ CK_BYTE *token_subdir; // subdirectory X+ CK_BYTE *token_debug_tag; // debug logging tag X X CK_RV (*t_init)(char *,CK_SLOT_ID); // Initialization function X int (*t_slot2local)(); // convert the PKCS#11 slot to a local index c149cce0a7390bc1c5e7bc9fe6f2ee60 echo x - opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-common-utility.c << '77e8868c45982b0cfee169bb03f75a5d' X--- usr/lib/pkcs11/common/utility.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/common/utility.c 2010-10-20 00:19:02.740983592 +0900 X@@ -302,6 +302,26 @@ X #include <errno.h> X #include <pwd.h> X X+#include <fcntl.h> X+ X+#ifdef __sun X+#define LOCK_EX F_LOCK X+#define LOCK_UN F_ULOCK X+#define flock(fd, func) lockf(fd, func, 0) X+#endif X+ X+#ifndef LOCK_SH X+#define LOCK_SH 1 /* shared lock */ X+#endif X+#ifndef LOCK_EX X+#define LOCK_EX 2 /* exclusive lock */ X+#endif X+#ifndef LOCK_NB X+#define LOCK_NB 4 /* don't block when locking */ X+#endif X+#ifndef LOCK_UN X+#define LOCK_UN 8 /* unlock */ X+#endif X X #include "pkcs11types.h" X #include "defs.h" 77e8868c45982b0cfee169bb03f75a5d echo x - opencryptoki/files/patch-usr-lib-pkcs11-cr_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-cr_stdll-Makefile.am << '44e019f344ba07311bc6ff07fbcf9363' X--- usr/lib/pkcs11/cr_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/cr_stdll/Makefile.am 2010-10-20 00:20:46.987982761 +0900 X@@ -2,13 +2,13 @@ X X opencryptoki_stdll_libpkcs11_cr_la_LDFLAGS = $(LCRYPTO) $(CR_LIB_DIRS) \ X -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,PKCS11_BC.so.1 -lc \ X--lpthread -lsocketarmor -ldl -lcrypto X+-lpthread -lsocketarmor -lcrypto X X VARIANT = -DSHALLOW=0 -DSWTOK=1 -DLITE=0 X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_stdll_libpkcs11_cr_la_CFLAGS = -DSPINXPL -DDEV \ X--D_THREAD_SAFE -fPIC $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON X+-D_THREAD_SAFE $(FPIC) $(VARIANT) -DNOCDMF -DNOMD2 -DNODSA -DDEBUGON X X opencryptoki_stdll_libpkcs11_cr_la_SOURCES = ../common/asn1.c \ X ../common/cert.c ../common/hwf_obj.c ../common/dp_obj.c \ 44e019f344ba07311bc6ff07fbcf9363 echo x - opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-ica_s390_stdll-Makefile.am << '8c93a57494e6120cf53add028bc14f01' X--- usr/lib/pkcs11/ica_s390_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/ica_s390_stdll/Makefile.am 2010-10-20 00:22:00.867981839 +0900 X@@ -2,11 +2,11 @@ X X opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS = $(LCRYPTO) \ X $(ICA_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic -Wl,-soname,$@ \ X--Wl,-Bsymbolic -lc -lpthread -lica -ldl -lcrypto X+-Wl,-Bsymbolic -lc -lpthread -lica -lcrypto X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DSPINXPL -DDEV \ X--D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH \ X+-D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNODH \ X -DNOCDMF -DNOMD2 -DNODSA -DSTDLL_NAME=\"icatok\" X X opencryptoki_stdll_libpkcs11_ica_la_SOURCES = ../common/asn1.c \ 8c93a57494e6120cf53add028bc14f01 echo x - opencryptoki/files/patch-usr-lib-pkcs11-ica_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-ica_stdll-Makefile.am << 'b83bc89dfb09f3cc0910f849a8f74138' X--- usr/lib/pkcs11/ica_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/ica_stdll/Makefile.am 2010-10-20 00:23:51.161996275 +0900 X@@ -2,15 +2,15 @@ X X opencryptoki_stdll_libpkcs11_ica_la_LDFLAGS = $(LCRYPTO) \ X $(ICA_LIB_DIRS) -nostartfiles -shared -Wl,-Bsymbolic \ X--Wl,-soname,PKCS11_ICA.so.1 -lc -lpthread -ldl -lica X+-Wl,-soname,PKCS11_ICA.so.1 -lc -lpthread -lica X X # Not all versions of automake observe libname_CFLAGS X opencryptoki_stdll_libpkcs11_ica_la_CFLAGS = -DSPINXPL -DDEV \ X--D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNOCDMF -DNOMD2 \ X+-D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 -DLITE=1 -DNOCDMF -DNOMD2 \ X -DNODSA -DNOAES -DNODH -DNORIPE -DSTDLL_NAME=\"icatok\" X X # Not all versions of automake observe libname_CFLAGS X-AM_CFLAGS = -DSPINXPL -DDEV -D_THREAD_SAFE -fPIC -DSHALLOW=0 -DSWTOK=0 \ X+AM_CFLAGS = -DSPINXPL -DDEV -D_THREAD_SAFE $(FPIC) -DSHALLOW=0 -DSWTOK=0 \ X -DLITE=1 -DNOCDMF -DNOMD2 -DNODSA -DNOAES -DNODH -DNORIPE X X opencryptoki_stdll_libpkcs11_ica_la_SOURCES= ../common/asn1.c \ b83bc89dfb09f3cc0910f849a8f74138 echo x - opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-soft_stdll-Makefile.am << '573ae8919b6e13d479790124e490c7b7' X--- usr/lib/pkcs11/soft_stdll/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/soft_stdll/Makefile.am 2010-10-20 00:25:03.227984225 +0900 X@@ -7,7 +7,7 @@ X opencryptoki_stdll_libpkcs11_sw_la_CFLAGS = -DSPINXPL -DDEV -D_THREAD_SAFE \ X -DSHALLOW=0 -DSWTOK=1 -DLITE=0 \ X -DNOCDMF -DNOMD2 -DNODSA -DNORIPE \ X- -DDEBUGON -fPIC \ X+ -DDEBUGON $(FPIC) \ X -I/usr/include -I. \ X -I../../../include/pkcs11/stdll \ X -I../../../include/pkcs11 \ 573ae8919b6e13d479790124e490c7b7 echo x - opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-host_defs.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-host_defs.h << 'e052f0434b86a0e14c8810f6a03db6fd' X--- usr/lib/pkcs11/tpm_stdll/host_defs.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/tpm_stdll/host_defs.h 2010-10-20 00:26:48.474982648 +0900 X@@ -2,13 +2,25 @@ X /* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005*/ X X X+#include <sys/types.h> X #include <sys/mman.h> X #ifndef _HOST_DEFS_H X #define _HOST_DEFS_H X X #include <semaphore.h> X #include <pthread.h> X+ X+#if defined(__OpenBSD__) || defined(__FreeBSD__) X+#include <sys/endian.h> X+#ifdef _BYTE_ORDER X+#define __BYTE_ORDER _BYTE_ORDER X+#endif X+#ifdef _LITTLE_ENDIAN X+#define __LITTLE_ENDIAN _LITTLE_ENDIAN X+#endif X+#else X #include <endian.h> X+#endif X X #include "pkcs32.h" X // Both of the strings below have a length of 32 chars and must be e052f0434b86a0e14c8810f6a03db6fd echo x - opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-loadsave.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-loadsave.c << '7f2fcb4011b87cbfa62228aa77f5246a' X--- usr/lib/pkcs11/tpm_stdll/loadsave.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/tpm_stdll/loadsave.c 2010-10-20 00:27:47.109983972 +0900 X@@ -339,7 +339,7 @@ X fchmod(file,S_IRUSR|S_IWUSR); X X #if 0 X- grp = getgrnam("pkcs11"); // Obtain the group id X+ grp = getgrnam(PKCS11GROUP); // Obtain the group id X if (grp){ X fchown(file,getuid(),grp->gr_gid); // set ownership to root, and pkcs11 group X } 7f2fcb4011b87cbfa62228aa77f5246a echo x - opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-new_host.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-new_host.c << '24f2426f6be8691303853d0c1117ca14' X--- usr/lib/pkcs11/tpm_stdll/new_host.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/tpm_stdll/new_host.c 2010-10-20 00:29:17.108984288 +0900 X@@ -356,7 +356,7 @@ X int rc = 0; X int index = 0; X gid_t gid,egid; X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if ( grp ) { X // Check for member of group.. X 24f2426f6be8691303853d0c1117ca14 echo x - opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-tok_spec_struct.h sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-tok_spec_struct.h << 'dc54ee9fd8bf2e2cc64593f9499647b5' X--- usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h 2010-10-20 00:30:22.991986453 +0900 X@@ -33,9 +33,9 @@ X #define _TOK_SPECIFIC_STRUCT X X struct token_specific_struct{ X- CK_BYTE token_directory[PATH_MAX]; // Used to be in the token_local.h as a #def X- CK_BYTE token_subdir[PATH_MAX]; // subdirectory X- CK_BYTE token_debug_tag[PATH_MAX]; // debug logging tag X+ CK_BYTE *token_directory; // Used to be in the token_local.h as a #def X+ CK_BYTE *token_subdir; // subdirectory X+ CK_BYTE *token_debug_tag; // debug logging tag X X CK_RV (*t_init)(char *,CK_SLOT_ID); // Initialization function X int (*t_slot2local)(); // convert the PKCS#11 slot to a local index dc54ee9fd8bf2e2cc64593f9499647b5 echo x - opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-utility.c sed 's/^X//' >opencryptoki/files/patch-usr-lib-pkcs11-tpm_stdll-utility.c << '420526561e1928908234af336d8466d4' X--- usr/lib/pkcs11/tpm_stdll/utility.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/lib/pkcs11/tpm_stdll/utility.c 2010-10-20 00:33:02.810983787 +0900 X@@ -44,6 +44,27 @@ X #include "tok_spec_struct.h" X #include "pkcs32.h" X X+#include <fcntl.h> X+ X+#ifdef __sun X+#define LOCK_EX F_LOCK X+#define LOCK_UN F_ULOCK X+#define flock(fd, func) lockf(fd, func, 0) X+#endif X+ X+#ifndef LOCK_SH X+#define LOCK_SH 1 /* shared lock */ X+#endif X+#ifndef LOCK_EX X+#define LOCK_EX 2 /* exclusive lock */ X+#endif X+#ifndef LOCK_NB X+#define LOCK_NB 4 /* don't block when locking */ X+#endif X+#ifndef LOCK_UN X+#define LOCK_UN 8 /* unlock */ X+#endif X+ X #if (SPINXPL) X #include <sys/file.h> X #endif 420526561e1928908234af336d8466d4 echo x - opencryptoki/files/patch-usr-sbin-pkcs11_startup-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcs11_startup-Makefile.am << 'e638cfb2518512a41c7f4bd7ebebc006' X--- usr/sbin/pkcs11_startup/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcs11_startup/Makefile.am 2010-10-22 00:59:30.397048865 +0900 X@@ -12,6 +12,8 @@ X -e s!\@ID\@!"@ID@"!g \ X -e s!\@CAT\@!"@CAT@"!g \ X -e s!\@SED\@!"@SED@"!g \ X+ -e s!\@PKCS11USER\@!"@PKCS11USER@"!g \ X+ -e s!\@PKCS11GROUP\@!"@PKCS11GROUP@"!g \ X -e s!\@GROUPADD\@!"@GROUPADD@"!g \ X -e s!\@USERMOD\@!"@USERMOD@"!g < $< > $@-t X @CHMOD@ +x $@-t e638cfb2518512a41c7f4bd7ebebc006 echo x - opencryptoki/files/patch-usr-sbin-pkcs11_startup-pkcs11_startup.in sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcs11_startup-pkcs11_startup.in << 'f01391ab670353b99f14d4208feeefd2' X--- usr/sbin/pkcs11_startup/pkcs11_startup.in.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcs11_startup/pkcs11_startup.in 2010-10-22 00:57:35.508983672 +0900 X@@ -1,4 +1,4 @@ X-#!/bin/bash X+#!/bin/sh X X # X # X@@ -310,29 +310,20 @@ X X X # Create the pkcs11 group if it does not exist... X-cat /etc/group|grep pkcs11 >/dev/null 2>&1 X+cat /etc/group|grep @PKCS11GROUP@ >/dev/null 2>&1 X rc=$? X if [ $rc = 1 ] X then X if [ -x @GROUPADD@ ] X then X- @GROUPADD@ pkcs11 >/dev/null 2>&1 X+ @GROUPADD@ @PKCS11GROUP@ >/dev/null 2>&1 X X else X- echo "Couldn't execute @GROUPADD@. Please add the group 'pkcs11' manually." X+ echo "Couldn't execute @GROUPADD@. Please add the group '@PKCS11GROUP@' manually." X fi X fi X X X-if [ -x @USERMOD@ -a -x @ID@ ] X-then X- # add the pkcs group X- # replace spaces by commas X- @USERMOD@ -G $( @ID@ --groups --name root | @SED@ -e 'y/ /,/'),pkcs11 root X-else X- echo "Couldn't execute @USERMOD@. Please add root to the group 'pkcs11' manually." X-fi X- X X # For each card run the status command and if successful X # create the odm stanza for the file f01391ab670353b99f14d4208feeefd2 echo x - opencryptoki/files/patch-usr-sbin-pkcs_slot-pkcs_slot.in sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcs_slot-pkcs_slot.in << 'dabbf41c80650a92864c60ab257f1e9b' X--- usr/sbin/pkcs_slot/pkcs_slot.in.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcs_slot/pkcs_slot.in 2010-10-22 00:42:38.286985256 +0900 X@@ -1,4 +1,4 @@ X-#!/bin/bash X+#!/bin/sh X X # X # X@@ -360,7 +360,7 @@ X if [ ! -d @localstatedir@/lib/opencryptoki ] X then X @MKDIR_P@ @localstatedir@/lib/opencryptoki X- @CHGRP@ pkcs11 @localstatedir@/lib/opencryptoki X+ @CHGRP@ @PKCS11GROUP@ @localstatedir@/lib/opencryptoki X @CHMOD@ -R g+rwX @localstatedir@/lib/opencryptoki X fi X X@@ -372,9 +372,9 @@ X if [ $? -ne 0 ] X then X mkdir $SOFT_DIR X- @CHGRP@ pkcs11 $SOFT_DIR X+ @CHGRP@ @PKCS11GROUP@ $SOFT_DIR X mkdir "$SOFT_DIR"/TOK_OBJ X- @CHGRP@ pkcs11 "$SOFT_DIR"/TOK_OBJ X+ @CHGRP@ @PKCS11GROUP@ "$SOFT_DIR"/TOK_OBJ X fi X SYS_SLOT="Soft" X fi X@@ -386,7 +386,7 @@ X if [ $? -ne 0 ] X then X mkdir $TPM_DIR X- @CHGRP@ pkcs11 $TPM_DIR X+ @CHGRP@ @PKCS11GROUP@ $TPM_DIR X fi X SYS_SLOT="TPM" X fi X@@ -397,7 +397,7 @@ X if [ $? -ne 0 ] X then X mkdir $CCA_DIR X- @CHGRP@ pkcs11 $CCA_DIR X+ @CHGRP@ @PKCS11GROUP@ $CCA_DIR X mkdir "$CCA_DIR"/TOK_OBJ X @CHGRP@ pkcs11 "$CCA_DIR"/TOK_OBJ X fi X@@ -406,7 +406,7 @@ X X # If we are using a shallow device, make sure that the directory X # to store token objects is available, if not create it and change X-# the ownership to the pkcs11 group X+# the ownership to the @PKCS11GROUP@ group X X X if [ $DEPTH = "ica" ] X@@ -415,9 +415,9 @@ X if [ $? -ne 0 ] X then X mkdir $ICA_DIR X- @CHGRP@ pkcs11 $ICA_DIR X+ @CHGRP@ @PKCS11GROUP@ $ICA_DIR X mkdir "$ICA_DIR"/TOK_OBJ X- @CHGRP@ pkcs11 "$ICA_DIR"/TOK_OBJ X+ @CHGRP@ @PKCS11GROUP@ "$ICA_DIR"/TOK_OBJ X fi X SYS_SLOT="ICA" X fi X@@ -428,9 +428,9 @@ X if [ $? -ne 0 ] X then X mkdir $BCOM_DIR X- @CHGRP@ pkcs11 $BCOM_DIR X+ @CHGRP@ @PKCS11GROUP@ $BCOM_DIR X mkdir "$BCOM_DIR"/TOK_OBJ X- @CHGRP@ pkcs11 "$BCOM_DIR"/TOK_OBJ X+ @CHGRP@ @PKCS11GROUP@ "$BCOM_DIR"/TOK_OBJ X fi X SYS_SLOT="BCOM" X fi X@@ -441,9 +441,9 @@ X if [ $? -ne 0 ] X then X mkdir $AEP_DIR X- @CHGRP@ pkcs11 $AEP_DIR X+ @CHGRP@ @PKCS11GROUP@ $AEP_DIR X mkdir "$AEP_DIR"/TOK_OBJ X- @CHGRP@ pkcs11 "$AEP_DIR"/TOK_OBJ X+ @CHGRP@ @PKCS11GROUP@ "$AEP_DIR"/TOK_OBJ X fi X SYS_SLOT="AEP" X fi X@@ -454,9 +454,9 @@ X if [ $? -ne 0 ] X then X mkdir $CR_DIR X- @CHGRP@ pkcs11 $CR_DIR X+ @CHGRP@ @PKCS11GROUP@ $CR_DIR X mkdir "$CR_DIR"/TOK_OBJ X- @CHGRP@ pkcs11 "$CR_DIR"/TOK_OBJ X+ @CHGRP@ @PKCS11GROUP@ "$CR_DIR"/TOK_OBJ X fi X SYS_SLOT="CRNT" X fi X@@ -477,29 +477,29 @@ X X if [ $DEPTH = "deep" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|$DEVICE|$DEEP4758_DLL_FN|$DEEP4758_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|$DEVICE|$DEEP4758_DLL|$DEEP4758_INIT" >>$CFGFILE X X elif [ $DEPTH = "ica" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$ICA_DLL_FN|$ICA_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$ICA_DLL|$ICA_INIT" >>$CFGFILE X elif [ $DEPTH = "bcom" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$BCOM_DLL_FN|$BCOM_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$BCOM_DLL|$BCOM_INIT" >>$CFGFILE X elif [ $DEPTH = "aep" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$AEP_DLL_FN|$AEP_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$AEP_DLL|$AEP_INIT" >>$CFGFILE X elif [ $DEPTH = "cr" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$CR_DLL_FN|$CR_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$CR_DLL|$CR_INIT" >>$CFGFILE X elif [ $DEPTH = "soft" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|FALSE|0|0|1|1|NONE|$SOFT_DLL_FN|$SOFT_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|FALSE|0|0|1|1|NONE|$SOFT_DLL|$SOFT_INIT" >>$CFGFILE X elif [ $DEPTH = "tpm" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$TPM_DLL_FN|$TPM_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$TPM_DLL|$TPM_INIT" >>$CFGFILE X elif [ $DEPTH = "cca" ] X then X-echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$CCA_DLL_FN|$CCA_INIT" >>$CFGFILE X+echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$CCA_DLL|$CCA_INIT" >>$CFGFILE X fi X X @CHMOD@ -R g+wrX @localstatedir@/lib/opencryptoki dabbf41c80650a92864c60ab257f1e9b echo x - opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsconf-Makefile.am << 'd30fd3117805ef384d8fab8f854bb96a' X--- usr/sbin/pkcsconf/Makefile.am.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsconf/Makefile.am 2010-10-20 00:46:34.600985372 +0900 X@@ -1,6 +1,6 @@ X sbin_PROGRAMS=pkcsconf X X-pkcsconf_LDFLAGS = -lpthread -ldl X+pkcsconf_LDFLAGS = -lpthread X X # Not all versions of automake observe sbinname_CFLAGS X pkcsconf_CFLAGS = -DSPINXPL -D_THREAD_SAFE -DDEBUG -DDEV -DAPI d30fd3117805ef384d8fab8f854bb96a echo x - opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsconf-pkcsconf.c << 'bc76b15dc0416402cd2da19022323e72' X--- usr/sbin/pkcsconf/pkcsconf.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsconf/pkcsconf.c 2010-10-20 00:47:46.462984231 +0900 X@@ -654,6 +654,8 @@ X free (newpin2); X } X X+ cleanup(); X+ X return rc; X X } bc76b15dc0416402cd2da19022323e72 echo x - opencryptoki/files/patch-usr-sbin-pkcsslotd-err.c sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsslotd-err.c << '885d321e2542d044a5681817002baac8' X--- usr/sbin/pkcsslotd/err.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsslotd/err.c 2010-10-20 01:17:17.245985003 +0900 X@@ -288,6 +288,7 @@ X X /* (C) COPYRIGHT International Business Machines Corp. 2001 */ X X+#include <signal.h> X X #include "pthread.h" X X@@ -331,14 +332,30 @@ X CONSTINFO(ERANGE), X CONSTINFO(ENOMSG), X CONSTINFO(EIDRM), X+#ifdef ECHRNG X CONSTINFO(ECHRNG), X+#endif X+#ifdef EL2NSYNC X CONSTINFO(EL2NSYNC), X+#endif X+#ifdef EL3HLT X CONSTINFO(EL3HLT), X+#endif X+#ifdef EL3RST X CONSTINFO(EL3RST), X+#endif X+#ifdef ELNRNG X CONSTINFO(ELNRNG), X+#endif X+#ifdef EUNATCH X CONSTINFO(EUNATCH), X+#endif X+#ifdef ENOCSI X CONSTINFO(ENOCSI), X+#endif X+#ifdef EL2HLT X CONSTINFO(EL2HLT), X+#endif X CONSTINFO(EDEADLK), X CONSTINFO(ESTALE), X CONSTINFO(EWOULDBLOCK), X@@ -369,7 +386,9 @@ X CONSTINFO(ECONNREFUSED), X CONSTINFO(EHOSTDOWN), X CONSTINFO(EHOSTUNREACH), X+#ifdef ERESTART X CONSTINFO(ERESTART), X+#endif X CONSTINFO(EUSERS), X CONSTINFO(ELOOP), X CONSTINFO(ENAMETOOLONG), X@@ -380,16 +399,34 @@ X CONSTINFO(ETOOMANYREFS), X CONSTINFO(EILSEQ), X CONSTINFO(ECANCELED), X+#ifdef ENOSR X CONSTINFO(ENOSR), X+#endif X+#ifdef ETIME X CONSTINFO(ETIME), X+#endif X+#ifdef EBADMSG X CONSTINFO(EBADMSG), X+#endif X+#ifdef EPROTO X CONSTINFO(EPROTO), X+#endif X+#ifdef ENODATA X CONSTINFO(ENODATA), X+#endif X+#ifdef ENOSTR X CONSTINFO(ENOSTR), X+#endif X CONSTINFO(ENOTSUP), X+#ifdef EMULTIHOP X CONSTINFO(EMULTIHOP), X+#endif X+#ifdef ENOLINK X CONSTINFO(ENOLINK), X+#endif X+#ifdef EOVERFLOW X CONSTINFO(EOVERFLOW), X+#endif X X }; X X@@ -424,14 +461,20 @@ X CONSTINFO(SIGXCPU), X CONSTINFO(SIGXFSZ), X CONSTINFO(SIGWINCH), X+#ifdef SIGPWR X CONSTINFO(SIGPWR), X+#endif X CONSTINFO(SIGUSR1), X CONSTINFO(SIGUSR2), X CONSTINFO(SIGPROF), X CONSTINFO(SIGVTALRM), X CONSTINFO(SIGIOT), X+#ifdef SIGCLD X CONSTINFO(SIGCLD), X+#endif X+#ifdef SIGPOLL X CONSTINFO(SIGPOLL), X+#endif X #if 0 X CONSTINFO(SIG_DFL), X CONSTINFO(SIG_IGN), 885d321e2542d044a5681817002baac8 echo x - opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsslotd-mutex.c << '6df008249a1d8796bc0e8713ccdc0567' X--- usr/sbin/pkcsslotd/mutex.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsslotd/mutex.c 2010-10-20 01:19:28.613984045 +0900 X@@ -293,6 +293,26 @@ X X #include "pkcsslotd.h" X X+#include <fcntl.h> X+ X+#ifdef __sun X+#define LOCK_EX F_LOCK X+#define LOCK_UN F_ULOCK X+#define flock(fd, func) lockf(fd, func, 0) X+#endif X+ X+#ifndef LOCK_SH X+#define LOCK_SH 1 /* shared lock */ X+#endif X+#ifndef LOCK_EX X+#define LOCK_EX 2 /* exclusive lock */ X+#endif X+#ifndef LOCK_NB X+#define LOCK_NB 4 /* don't block when locking */ X+#endif X+#ifndef LOCK_UN X+#define LOCK_UN 8 /* unlock */ X+#endif X X #if SYSVSEM X #error "Caveat Emptor... this does not work" X@@ -315,7 +335,6 @@ X #include <sys/types.h> X #include <sys/stat.h> X #include <fcntl.h> X-#include <sys/file.h> X static int xplfd=-1; X #endif X 6df008249a1d8796bc0e8713ccdc0567 echo x - opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsslotd-pkcsslotd.h << '8ea35fc8c0ea5d77b0d72b9c285851bc' X--- usr/sbin/pkcsslotd/pkcsslotd.h.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsslotd/pkcsslotd.h 2010-10-20 01:20:18.253984238 +0900 X@@ -353,7 +353,7 @@ X #include <nl_types.h> X X #include <sys/ipc.h> X-#include <linux/limits.h> X+#include <limits.h> X #include <sys/shm.h> X #include <sys/stat.h> X #include <sys/types.h> 8ea35fc8c0ea5d77b0d72b9c285851bc echo x - opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c sed 's/^X//' >opencryptoki/files/patch-usr-sbin-pkcsslotd-shmem.c << '22c3cc0c492381c803955a9e2480f74b' X--- usr/sbin/pkcsslotd/shmem.c.orig 2010-07-29 21:28:41.000000000 +0900 X+++ usr/sbin/pkcsslotd/shmem.c 2010-10-20 01:23:03.203984101 +0900 X@@ -338,9 +338,9 @@ X } X // SAB Get the group information for the PKCS#11 group... fail if X // it does not exist X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if ( !grp ) { X- ErrLog("Group PKCS#11 does not exist "); X+ ErrLog("Group " PKCS11GROUP " does not exist "); X return FALSE; // Group does not exist... setup is wrong.. X } X X@@ -409,9 +409,9 @@ X int i; X char *buffer; X X- grp = getgrnam("pkcs11"); X+ grp = getgrnam(PKCS11GROUP); X if ( !grp ) { X- ErrLog("Group \"pkcs11\" does not exist! Please run %s/pkcs11_startup.", X+ ErrLog("Group " PKCS11GROUP " does not exist! Please run %s/pkcs11_startup.", X SBIN_PATH); X return FALSE; // Group does not exist... setup is wrong.. X } X@@ -431,7 +431,7 @@ X return FALSE; X } X if (fchown(fd, 0, grp->gr_gid) == -1) { X- ErrLog("%s: fchown(%s, root, pkcs11): %s", __FUNCTION__, MAPFILENAME, X+ ErrLog("%s: fchown(%s, root, %s): %s", __FUNCTION__, MAPFILENAME, PKCS11GROUP, X strerror(errno)); X close(fd); X return FALSE; 22c3cc0c492381c803955a9e2480f74b echo x - opencryptoki/files/pkcsslotd.in sed 's/^X//' >opencryptoki/files/pkcsslotd.in << '1f11ad2bb42314f125197258d0cc9de3' X#!/bin/sh X X# $FreeBSD$ X# X# PROVIDE: pkcsslotd X# REQUIRE: LOGIN tcsd X# KEYWORD: shutdown X# X# Add the following lines to /etc/rc.conf.local or /etc/rc.conf X# to enable this service: X# X# pkcsslotd_enable (bool): Set to NO by default. X# Set it to YES to enable pkcsslotd. X# X X. /etc/rc.subr X Xname=pkcsslotd Xrcvar=`set_rcvar` Xcommand=%%PREFIX%%/sbin/${name} Xstart_precmd=${name}_prestart X Xpkcsslotd_prestart () { X [ -f %%PREFIX%%/var/lib/opencryptoki/pk_config_data ] || \ X %%PREFIX%%/sbin/pkcs11_startup X} X Xload_rc_config ${name} X X: pkcsslotd_enable=${pkcsslotd_enable-"NO"} X Xrun_rc_command "$1" X 1f11ad2bb42314f125197258d0cc9de3 echo x - opencryptoki/files/pkg-install.in sed 's/^X//' >opencryptoki/files/pkg-install.in << '30f4da3abe0ccab7d7e530e7f8a9d413' X#!/bin/sh X XPATH=/bin:/usr/sbin X XPREFIX=${PKG_PREFIX:-%%PREFIX%%} XUSER=%%PKCS11_USER%% XGROUP=%%PKCS11_GROUP%% XUID=%%PKCS11_UID%% XGID=%%PKCS11_GID%% X Xcase $2 in X PRE-INSTALL) X X if pw group show "${GROUP}" 2>/dev/null; then X echo "You already have a group \"${GROUP}\", so I will use it." X else X if pw groupadd ${GROUP} -g ${GID}; then X echo "Added group \"${GROUP}\"." X else X echo "Adding group \"${GROUP}\" failed..." X fi X fi X X if pw user show "${USER}" 2>/dev/null; then X echo "You already have a user \"${USER}\", so I will use it." X else X if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \ X -s /usr/sbin/nologin -L daemon -d /var/empty -c "opencryptoki user" X then X echo "Added user \"${USER}\"." X else X echo "Adding user \"${USER}\" failed..." X exit 1 X fi X fi X X if pw groupmod ${GROUP} -m ${USER}; then X echo "Added user \"${USER}\" to group \"${GROUP}\"." X else X echo "Adding user \"${USER}\" to group \"${GROUP}\" failed..." X fi X X ;; X X X DEINSTALL) X X# rm -rf ${PKG_PREFIX}/var/lib/opencryptoki/* X# rm -f ${PKG_PREFIX}/var/lib/opencryptoki/.slotpid X X ;; X X POST-DEINSTALL) X X# if pw user show "${USER}" 2>/dev/null; then X# if pw userdel ${USER} -u ${UID}; then X# echo "Deleted user \"${USER}\"." X# fi X# fi X X# if pw group show "${GROUP}" 2>/dev/null; then X# if pw groupdel ${GROUP} -g ${GID}; then X# echo "Deleted group \"${GROUP}\"." X# fi X# fi X X ;; Xesac 30f4da3abe0ccab7d7e530e7f8a9d413 echo x - opencryptoki/files/pkg-message.in sed 's/^X//' >opencryptoki/files/pkg-message.in << 'e78db1fca7ce94405657b3a3ec855f74' XTo run pkcsslotd automatically add the following line to /etc/rc.conf X Xpkcsslotd_enable="YES" X e78db1fca7ce94405657b3a3ec855f74 echo x - opencryptoki/pkg-descr sed 's/^X//' >opencryptoki/pkg-descr << '3f96db8570c34fc8c749f3067c73f2c3' XopenCryptoki is a PKCS#11 implementation. 3f96db8570c34fc8c749f3067c73f2c3 echo x - opencryptoki/pkg-plist sed 's/^X//' >opencryptoki/pkg-plist << 'be37b4b35c3978156f8b74f96105f5c5' Xinclude/opencryptoki/apiclient.h Xinclude/opencryptoki/pkcs11.h Xinclude/opencryptoki/pkcs11types.h Xlib/libopencryptoki.la Xlib/libopencryptoki.so Xlib/libopencryptoki.so.0 Xlib/opencryptoki/PKCS11_API.so Xlib/opencryptoki/libopencryptoki.la Xlib/opencryptoki/libopencryptoki.so Xlib/opencryptoki/libopencryptoki.so.0 Xlib/opencryptoki/methods Xlib/opencryptoki/stdll/PKCS11_SW.so Xlib/opencryptoki/stdll/libpkcs11_sw.la Xlib/opencryptoki/stdll/libpkcs11_sw.so Xlib/opencryptoki/stdll/libpkcs11_sw.so.0 Xlib/opencryptoki/stdll/PKCS11_TPM.so Xlib/opencryptoki/stdll/libpkcs11_tpm.la Xlib/opencryptoki/stdll/libpkcs11_tpm.so Xlib/opencryptoki/stdll/libpkcs11_tpm.so.0 Xlib/pkcs11/PKCS11_API.so Xlib/pkcs11/libopencryptoki.so Xlib/pkcs11/methods Xlib/pkcs11/stdll Xsbin/pkcs11_startup Xsbin/pkcs_slot Xsbin/pkcsconf Xsbin/pkcsslotd X@dirrmtry var/lib/opencryptoki X@dirrmtry var/lib X@dirrmtry var X@dirrm lib/pkcs11 X@dirrm lib/opencryptoki/stdll X@dirrm lib/opencryptoki X@dirrm include/opencryptoki be37b4b35c3978156f8b74f96105f5c5 exit --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK Content-Type: text/plain; name="tpm-tools.shar" Content-Disposition: attachment; filename="tpm-tools.shar" Content-Transfer-Encoding: 7bit # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # tpm-tools # tpm-tools/Makefile # tpm-tools/distinfo # tpm-tools/files # tpm-tools/files/patch-lib-tpm_utils.c # tpm-tools/files/patch-src-cmds-Makefile.am # tpm-tools/files/patch-src-cmds-Makefile.in # tpm-tools/files/patch-src-tpm_mgmt-tpm_present.c # tpm-tools/pkg-descr # tpm-tools/pkg-plist # echo c - tpm-tools mkdir -p tpm-tools > /dev/null 2>&1 echo x - tpm-tools/Makefile sed 's/^X//' >tpm-tools/Makefile << 'e616569e13415541b00ced234ba46e9a' X# New ports collection makefile for: tpm-tools X# Date created: 18 Sep 2007 X# Whom: Sebastian Schuetz <sschuetz@fhm.edu> X# X# $FreeBSD$ X# X XPORTNAME= tpm-tools XPORTVERSION= 1.3.5 XCATEGORIES= security XMASTER_SITES= SF/trousers/${PORTNAME}/${PORTVERSION} X XMAINTAINER= nork@freebsd.org XCOMMENT= Provides a basic set of TPM tools X XLIB_DEPENDS= tspi.2:${PORTSDIR}/security/trousers XBUILD_DEPENDS= pkcsconf:${PORTSDIR}/security/opencryptoki XRUN_DEPENDS= ${LOCALBASE}/sbin/tcsd:${PORTSDIR}/security/trousers XRUN_DEPENDS+= ${LOCALBASE}/lib/pkcs11/libopencryptoki.so:${PORTSDIR}/security/opencryptoki X XUSE_GMAKE= YES XUSE_GETTEXT= YES XUSE_LDCONFIG= YES XUSE_AUTOTOOLS= autoconf:268 XGNU_CONFIGURE= YES XCONFIGURE_ENV+= LDFLAGS="-L${LOCALBASE}/lib -lintl -liconv" XMAKE_JOBS_SAFE= YES X X.include <bsd.port.mk> e616569e13415541b00ced234ba46e9a echo x - tpm-tools/distinfo sed 's/^X//' >tpm-tools/distinfo << '5be4d99d59b3e97ccab7b89908cb03db' XMD5 (tpm-tools-1.3.5.tar.gz) = b64baa248cf30a57ad0e5fb6f096e7dc XSHA256 (tpm-tools-1.3.5.tar.gz) = 60717336302bffff5044ed945a79f07594962fa3b989cf37f6eb042874d8fc45 XSIZE (tpm-tools-1.3.5.tar.gz) = 439922 5be4d99d59b3e97ccab7b89908cb03db echo c - tpm-tools/files mkdir -p tpm-tools/files > /dev/null 2>&1 echo x - tpm-tools/files/patch-lib-tpm_utils.c sed 's/^X//' >tpm-tools/files/patch-lib-tpm_utils.c << '382e2c559dcfb1aa9ef3febed4781190' X--- lib/tpm_utils.c.orig 2010-02-02 02:17:23.000000000 +0900 X+++ lib/tpm_utils.c 2010-10-25 01:55:31.065559348 +0900 X@@ -55,6 +55,7 @@ X CmdHelpFunction tCmdHelp = ( a_tCmdHelpFunction ) ? a_tCmdHelpFunction X : logCmdHelp; X X+#ifdef __GCC X char szShortOpts[strlen( pszGenShortOpts ) X + ( ( a_pszShortOpts == NULL ) ? 0 : strlen( a_pszShortOpts ) ) X + 1]; X@@ -64,6 +65,26 @@ X X int iOpt; X int rc; X+#else X+ int iOpt; X+ int rc; X+ X+ char *szShortOpts; X+ int iNumShortOpts, iNumGenLongOpts; X+ struct option *sLongOpts; X+ X+ iNumShortOpts = strlen( pszGenShortOpts ) + X+ ( ( a_pszShortOpts == NULL ) ? 0 : strlen( a_pszShortOpts ) ); X+ iNumGenLongOpts = sizeof( sGenLongOpts ) / sizeof( struct option ); X+ X+ szShortOpts = malloc(iNumShortOpts + 1); X+ sLongOpts = malloc((iNumGenLongOpts + a_iNumOpts + 1) X+ * sizeof(struct option)); X+ if( (szShortOpts == NULL) || (sLongOpts == NULL) ) { X+ perror("malloc"); X+ return -1; X+ } X+#endif X X strcpy( szShortOpts, pszGenShortOpts); X if ( a_pszShortOpts ) 382e2c559dcfb1aa9ef3febed4781190 echo x - tpm-tools/files/patch-src-cmds-Makefile.am sed 's/^X//' >tpm-tools/files/patch-src-cmds-Makefile.am << '7fcd9b82bdd922713fbb782067ba3236' X--- src/cmds/Makefile.am.orig 2010-02-02 02:17:23.000000000 +0900 X+++ src/cmds/Makefile.am 2010-10-25 01:55:31.067559744 +0900 X@@ -30,7 +30,7 @@ X AM_CPPFLAGS = -I$(top_srcdir)/include -D_LINUX X endif X X-LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal X+LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la X X tpm_sealdata_SOURCES = tpm_sealdata.c X tpm_unsealdata_SOURCES = tpm_unsealdata.c 7fcd9b82bdd922713fbb782067ba3236 echo x - tpm-tools/files/patch-src-cmds-Makefile.in sed 's/^X//' >tpm-tools/files/patch-src-cmds-Makefile.in << 'e49f990f4a699cbddd4cfd2d06d85fd0' X--- src/cmds/Makefile.in.orig 2010-02-02 05:59:31.000000000 +0900 X+++ src/cmds/Makefile.in 2010-10-25 01:55:31.069555531 +0900 X@@ -242,7 +242,7 @@ X top_srcdir = @top_srcdir@ X @TSS_LIB_IS_12_FALSE@AM_CPPFLAGS = -I$(top_srcdir)/include -D_LINUX X @TSS_LIB_IS_12_TRUE@AM_CPPFLAGS = -I$(top_srcdir)/include -D_LINUX -DTSS_LIB_IS_12 X-LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal X+LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la X tpm_sealdata_SOURCES = tpm_sealdata.c X tpm_unsealdata_SOURCES = tpm_unsealdata.c X all: all-am e49f990f4a699cbddd4cfd2d06d85fd0 echo x - tpm-tools/files/patch-src-tpm_mgmt-tpm_present.c sed 's/^X//' >tpm-tools/files/patch-src-tpm_mgmt-tpm_present.c << '26c32265380323ccda4b4848e7e65183' X--- src/tpm_mgmt/tpm_present.c.orig 2009-08-20 23:46:31.000000000 +0900 X+++ src/tpm_mgmt/tpm_present.c 2010-10-25 01:55:31.071556276 +0900 X@@ -168,7 +168,7 @@ X TSS_HPOLICY hTpmPolicy; X char *pwd = NULL; X int pswd_len; X- char rsp[5]; X+ char rsp[6]; X int scanCount; X X //get status w/o owner auth (FAILS 1.1, should PASS 1.2) 26c32265380323ccda4b4848e7e65183 echo x - tpm-tools/pkg-descr sed 's/^X//' >tpm-tools/pkg-descr << '449287a8e37a8c5d061423b998fd09ff' Xtpm-tools package provides a basic TPM management suite. 449287a8e37a8c5d061423b998fd09ff echo x - tpm-tools/pkg-plist sed 's/^X//' >tpm-tools/pkg-plist << '2af157faaa2d37cac091513593fd18f2' Xbin/tpm_sealdata Xbin/tpm_unsealdata Xbin/tpmtoken_import Xbin/tpmtoken_init Xbin/tpmtoken_objects Xbin/tpmtoken_protect Xbin/tpmtoken_setpasswd Xinclude/tpm_tools/tpm_unseal.h Xlib/libtpm_unseal.la Xlib/libtpm_unseal.so Xlib/libtpm_unseal.so.1 Xman/man1/tpm_sealdata.1 Xman/man1/tpm_version.1 Xman/man1/tpmtoken_import.1 Xman/man1/tpmtoken_init.1 Xman/man1/tpmtoken_objects.1 Xman/man1/tpmtoken_protect.1 Xman/man1/tpmtoken_setpasswd.1 Xman/man3/tpmUnsealFile.3 Xman/man3/tpmUnsealShred.3 Xman/man3/tpmUnsealStrerror.3 Xman/man8/tpm_changeownerauth.8 Xman/man8/tpm_clear.8 Xman/man8/tpm_createek.8 Xman/man8/tpm_getpubek.8 Xman/man8/tpm_resetdalock.8 Xman/man8/tpm_restrictpubek.8 Xman/man8/tpm_revokeek.8 Xman/man8/tpm_selftest.8 Xman/man8/tpm_setactive.8 Xman/man8/tpm_setclearable.8 Xman/man8/tpm_setenable.8 Xman/man8/tpm_setoperatorauth.8 Xman/man8/tpm_setownable.8 Xman/man8/tpm_setpresence.8 Xman/man8/tpm_takeownership.8 Xsbin/tpm_changeownerauth Xsbin/tpm_clear Xsbin/tpm_createek Xsbin/tpm_getpubek Xsbin/tpm_resetdalock Xsbin/tpm_restrictpubek Xsbin/tpm_restrictsrk Xsbin/tpm_revokeek Xsbin/tpm_selftest Xsbin/tpm_setactive Xsbin/tpm_setclearable Xsbin/tpm_setenable Xsbin/tpm_setoperatorauth Xsbin/tpm_setownable Xsbin/tpm_setpresence Xsbin/tpm_takeownership Xsbin/tpm_version X@dirrm include/tpm_tools 2af157faaa2d37cac091513593fd18f2 exit --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK Content-Type: text/plain; name="tpm-emulator.shar" Content-Disposition: attachment; filename="tpm-emulator.shar" Content-Transfer-Encoding: 7bit # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # tpm-emulator # tpm-emulator/Makefile # tpm-emulator/distinfo # tpm-emulator/files # tpm-emulator/files/patch-CMakeLists.txt # tpm-emulator/files/patch-mtm-mtm_structures.h # tpm-emulator/files/patch-tddl-CMakeLists.txt # tpm-emulator/files/patch-tpm-tpm_ticks.c # tpm-emulator/files/patch-tpmd-CMakeLists.txt # tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt # tpm-emulator/files/patch-tpmd_dev-CMakeLists.txt # tpm-emulator/files/patch-tpmd_dev-openbsd-Makefile # tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.c # tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.h # tpm-emulator/files/pkg-install.in # tpm-emulator/pkg-descr # tpm-emulator/pkg-plist # echo c - tpm-emulator mkdir -p tpm-emulator > /dev/null 2>&1 echo x - tpm-emulator/Makefile sed 's/^X//' >tpm-emulator/Makefile << '77e8d7f016b1d8fccb95ce1b1166c793' X# New ports collection makefile for: tpm-emulator X# Date created: 18 Sep 2007 X# Whom: Sebastian Schuetz <sschuetz@fhm.edu> X# X# $FreeBSD$ X# X XPORTNAME= tpm-emulator XPORTVERSION= 0.7.1 XCATEGORIES= emulators XMASTER_SITES= BERLIOS/${PORTNAME} XDISTNAME= ${PORTNAME:S/-/_/}-${PORTVERSION} X XMAINTAINER= nork@freebsd.org XCOMMENT= Trusted Platform Module (TPM) emulator X XLIB_DEPENDS= gmp.10:${PORTSDIR}/math/gmp X XUSE_CMAKE= YES XUSE_LDCONFIG= YES X#USE_AUTOTOOLS= libtool:22 X XCONFLICTS= trousers-tddl* X XWANTLIB+= c XCMAKE_VERBOSE= YES XCMAKE_SOURCE_PATH= ${WRKSRC} XNO_CONFIGURE= YES XBUILD_WRKSRC= ${CONFIGURE_WRKSRC} XINSTALL_WRKSRC= ${CONFIGURE_WRKSRC} XCONFIGURE_WRKSRC= ${CMAKE_SOURCE_PATH}/build X XCMAKE_ARGS+= -DCMAKE_INCLUDE_PATH="${LOCALBASE}/include" \ X -DCMAKE_EXE_LINKER_FLAGS="-L${LOCALBASE}/lib" X XSUB_FILES= pkg-install XSUB_LIST= TSS_USER=${TSS_USER} TSS_UID=${TSS_UID} \ X TSS_GROUP=${TSS_GROUP} TSS_GID=${TSS_GID} XPKGINSTALL= ${WRKDIR}/pkg-install X XTSS_USER= _tss XTSS_GROUP= _tss XTSS_UID= 601 XTSS_GID= 601 X XWRKSRC= ${WRKDIR}/${PORTNAME:S/-/_/}-${PORTVERSION} X Xpost-patch: X @${MKDIR} ${WRKSRC}/build X Xpre-install: X @${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL X X.include <bsd.port.mk> 77e8d7f016b1d8fccb95ce1b1166c793 echo x - tpm-emulator/distinfo sed 's/^X//' >tpm-emulator/distinfo << 'd373adfa96e33606f6c96255c8a6ba49' XMD5 (tpm_emulator-0.7.1.tar.gz) = ada4af190af2e4bd9da4469f72459d34 XSHA256 (tpm_emulator-0.7.1.tar.gz) = 7c10a753206bf0f32a767dc69039a866bd8d3eb8a4834f5e722c7510a9f54c24 XSIZE (tpm_emulator-0.7.1.tar.gz) = 207497 d373adfa96e33606f6c96255c8a6ba49 echo c - tpm-emulator/files mkdir -p tpm-emulator/files > /dev/null 2>&1 echo x - tpm-emulator/files/patch-CMakeLists.txt sed 's/^X//' >tpm-emulator/files/patch-CMakeLists.txt << '873e4acb22dce03bed901917a5f14b77' X--- CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 X+++ CMakeLists.txt 2010-10-25 02:56:43.617558705 +0900 X@@ -5,13 +5,13 @@ X X project(TPM_Emulator C) X X-cmake_minimum_required(VERSION 2.6) X+cmake_minimum_required(VERSION 2.4) X X # enforce out of source build X string(COMPARE EQUAL "${CMAKE_SOURCE_DIR}" "${CMAKE_BINARY_DIR}" IS_INSOURCE) X if(IS_INSOURCE) X message(FATAL_ERROR "${PROJECT_NAME} requires an out of source build.") X-endif() X+endif(IS_INSOURCE) X X # set project and build version X set(${PROJECT_NAME}_VERSION_MAJOR 0) X@@ -29,14 +29,14 @@ X set(TPM_SOCKET_NAME "/private/var/run/tpm/tpmd_socket:0") X set(TPM_STORAGE_NAME "/private/var/lib/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}") X set(TPM_DEVICE_NAME "/dev/tpm") X-else() X+else(WIN32) X set(TPM_LOG_FILE "/var/log/tpmd.log") X set(TPM_SOCKET_NAME "/var/run/tpm/tpmd_socket:0") X set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_emulator-1_2_${${PROJECT_NAME}_VERSION_MAJOR}_${${PROJECT_NAME}_VERSION_MINOR}") X set(TPM_DEVICE_NAME "/dev/tpm") X-endif() X+endif(WIN32) X configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) X-add_definitions(-Wall -Werror -Wextra -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) X+add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) X X # configure CPack X set(CPACK_PACKAGE_VERSION_MAJOR ${${PROJECT_NAME}_VERSION_MAJOR}) X@@ -51,6 +51,7 @@ X # include root directories X include_directories(${CMAKE_SOURCE_DIR}) X include_directories(${CMAKE_BINARY_DIR}) X+include_directories("/usr/local/include") X X # add internal libraries X add_subdirectory(tpm) 873e4acb22dce03bed901917a5f14b77 echo x - tpm-emulator/files/patch-mtm-mtm_structures.h sed 's/^X//' >tpm-emulator/files/patch-mtm-mtm_structures.h << '643c39a73d9e4fd081dd6ea123fb9422' X--- mtm/mtm_structures.h.orig 2010-07-06 06:21:20.000000000 +0900 X+++ mtm/mtm_structures.h 2010-10-25 02:56:43.619561686 +0900 X@@ -228,8 +228,6 @@ X MTM_PERMANENT_DATA data; X } permanent; X struct { X- } stclear; X- struct { X MTM_STANY_FLAGS flags; X } stany; X } MTM_DATA; 643c39a73d9e4fd081dd6ea123fb9422 echo x - tpm-emulator/files/patch-tddl-CMakeLists.txt sed 's/^X//' >tpm-emulator/files/patch-tddl-CMakeLists.txt << '946b8c2206569c17f1b5906d910b23d7' X--- tddl/CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tddl/CMakeLists.txt 2010-10-25 02:56:43.620555878 +0900 X@@ -5,18 +5,21 @@ X X set(tddl_SRCS "tddl.c" "tddl.h") X add_library(tddl SHARED ${tddl_SRCS}) X+add_library(tddlStatic STATIC ${tddl_SRCS}) X if(UNIX) X set_target_properties(tddl PROPERTIES SOVERSION "1.2" X VERSION "1.2.${${PROJECT_NAME}_VERSION_MAJOR}.${${PROJECT_NAME}_VERSION_MINOR}") X+ set_target_properties(tddlStatic PROPERTIES OUTPUT_NAME tddl) X elseif(WIN32) X set_target_properties(tddl PROPERTIES OUTPUT_NAME ifxtpm) X set_target_properties(tddl PROPERTIES PREFIX "") X-endif() X+endif(UNIX) X X install(TARGETS tddl DESTINATION lib) X+install(TARGETS tddlStatic DESTINATION lib) X install(FILES "tddl.h" DESTINATION include) X X include_directories(${CMAKE_CURRENT_SOURCE_DIR}) X add_executable(test_tddl test_tddl.c) X-target_link_libraries(test_tddl tddl) X+target_link_libraries(test_tddl tddlStatic) X 946b8c2206569c17f1b5906d910b23d7 echo x - tpm-emulator/files/patch-tpm-tpm_ticks.c sed 's/^X//' >tpm-emulator/files/patch-tpm-tpm_ticks.c << 'ed5eef403d205e08ab4eab3dac4a9380' X--- tpm/tpm_ticks.c.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpm/tpm_ticks.c 2010-10-25 02:56:43.622559766 +0900 X@@ -42,7 +42,7 @@ X { X TPM_RESULT res; X TPM_KEY_DATA *key; X- BYTE *info, *ptr; X+ BYTE *info_buffer, *ptr; X UINT32 info_length, len; X info("TPM_TickStampBlob()"); X /* get key */ X@@ -66,21 +66,21 @@ X if (*sig == NULL) return TPM_FAIL; X /* setup TPM_SIGN_INFO structure */ X info_length = 30 + sizeof(TPM_DIGEST) + sizeof_TPM_CURRENT_TICKS(currentTicks); X- info = tpm_malloc(info_length); X- if (info == NULL) { X+ info_buffer = tpm_malloc(info_length); X+ if (info_buffer == NULL) { X tpm_free(*sig); X return TPM_FAIL; X } X- memcpy(&info[0], "\x00\x05TSTP", 6); X- memcpy(&info[6], antiReplay->nonce, 20); X- ptr = &info[26]; len = info_length - 26; X+ memcpy(&info_buffer[0], "\x00\x05TSTP", 6); X+ memcpy(&info_buffer[6], antiReplay->nonce, 20); X+ ptr = &info_buffer[26]; len = info_length - 26; X tpm_marshal_UINT32(&ptr, &len, info_length - 30); X memcpy(ptr, digestToStamp->digest, sizeof(TPM_DIGEST)); X ptr += sizeof(TPM_DIGEST); len -= sizeof(TPM_DIGEST); X if (tpm_marshal_TPM_CURRENT_TICKS(&ptr, &len, currentTicks) X- || tpm_rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info, info_length, *sig)) { X+ || tpm_rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info_buffer, info_length, *sig)) { X tpm_free(*sig); X- tpm_free(info); X+ tpm_free(info_buffer); X return TPM_FAIL; X } X return TPM_SUCCESS; ed5eef403d205e08ab4eab3dac4a9380 echo x - tpm-emulator/files/patch-tpmd-CMakeLists.txt sed 's/^X//' >tpm-emulator/files/patch-tpmd-CMakeLists.txt << 'f452f31d62e4ee1075ceb07e6345caad' X--- tpmd/CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd/CMakeLists.txt 2010-10-25 02:56:43.624559116 +0900 X@@ -11,5 +11,5 @@ X X add_subdirectory(windows) X X-endif() X+endif(UNIX) X f452f31d62e4ee1075ceb07e6345caad echo x - tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt sed 's/^X//' >tpm-emulator/files/patch-tpmd-unix-CMakeLists.txt << '12f93ef13f089c880896ef8034b05bef' X--- tpmd/unix/CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd/unix/CMakeLists.txt 2010-10-25 02:56:43.633558246 +0900 X@@ -10,8 +10,8 @@ X if(MTM_EMULATOR) X add_definitions(-DMTM_EMULATOR) X target_link_libraries(tpmd mtm tpm crypto) X-else() X+else(MTM_EMULATOR) X target_link_libraries(tpmd tpm crypto) X-endif() X+endif(MTM_EMULATOR) X install(TARGETS tpmd RUNTIME DESTINATION bin) X 12f93ef13f089c880896ef8034b05bef echo x - tpm-emulator/files/patch-tpmd_dev-CMakeLists.txt sed 's/^X//' >tpm-emulator/files/patch-tpmd_dev-CMakeLists.txt << '7ad97596d776d088f7580ee3acf82b1a' X--- tpmd_dev/CMakeLists.txt.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd_dev/CMakeLists.txt 2010-10-25 02:56:43.626557976 +0900 X@@ -17,8 +17,8 @@ X set(tpmd_dev_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/openbsd") X set(tpmd_dev_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/openbsd") X set(tpmd_dev_OBJ "${tpmd_dev_BINARY_DIR}/tpmd_dev.o") X-set(tpmd_dev_BUILD_CMD make -C ${tpmd_dev_BINARY_DIR}) X-set(tpmd_dev_INSTALL_CMD make -C ${tpmd_dev_BINARY_DIR} install) X+set(tpmd_dev_BUILD_CMD gmake -C ${tpmd_dev_BINARY_DIR}) X+set(tpmd_dev_INSTALL_CMD gmake -C ${tpmd_dev_BINARY_DIR} install) X X elseif(CMAKE_SYSTEM_NAME STREQUAL "Darwin") X X@@ -28,7 +28,7 @@ X set(tpmd_dev_BUILD_CMD make -C ${tpmd_dev_BINARY_DIR}) X set(tpmd_dev_INSTALL_CMD make -C ${tpmd_dev_BINARY_DIR} install) X X-endif() X+endif(CMAKE_SYSTEM_NAME STREQUAL "Linux") X X # compile module X if(tpmd_dev_OBJ) X@@ -45,5 +45,5 @@ X X install(CODE "EXECUTE_PROCESS(COMMAND ${tpmd_dev_INSTALL_CMD})") X X-endif() X+endif(tpmd_dev_OBJ) X 7ad97596d776d088f7580ee3acf82b1a echo x - tpm-emulator/files/patch-tpmd_dev-openbsd-Makefile sed 's/^X//' >tpm-emulator/files/patch-tpmd_dev-openbsd-Makefile << '9f421f1851467b5331355b2330f1f32f' X--- tpmd_dev/openbsd/Makefile.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd_dev/openbsd/Makefile 2010-10-25 02:56:43.628559140 +0900 X@@ -6,14 +6,15 @@ X X CFLAGS= -D_KERNEL -I/usr/src/sys X SRC= tpmd_dev.c X+OBJ= tpmd_dev.obj X MODULE= tpmd_dev.o X X all: X- cc -c $(SRC) $(CFLAGS) X- ld -r -o $(MODULE) $(SRC:.c=.o) X+ cc -o $(OBJ) -c $(SRC) $(CFLAGS) X+ ld -r -o $(MODULE) $(OBJ) X X clean: X- rm -rf $(SRC:.c=.o) X+ rm -rf $(OBJ) X rm -f $(MODULE) X X load: all mknod X@@ -27,3 +28,6 @@ X X rmnod: X rm /dev/tpm X+ X+install: X+ 9f421f1851467b5331355b2330f1f32f echo x - tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.c sed 's/^X//' >tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.c << '2bce3479c0b6bc088ca782fc2a955038' X--- tpmd_dev/openbsd/tpmd_dev.c.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd_dev/openbsd/tpmd_dev.c 2010-10-25 02:56:43.630557372 +0900 X@@ -32,7 +32,7 @@ X #include <sys/proc.h> X #include <machine/intr.h> X X-#include "tpm_dev.h" X+#include "tpmd_dev.h" X X X int tpmopen __P((dev_t dev, int oflags, int devtype, struct proc *p)); X@@ -57,7 +57,7 @@ X cdev_decl(tpm); X X /* define our cdev struct containing the functions */ X-static struct cdevsw cdev_tpm = cdev_tpm_init(1,tpm); X+static struct cdevsw cdev_tpm = cdev_tpmd_init(1,tpm); X X /* fill in the lkm_dev structure */ X MOD_DEV("tpm",LM_DT_CHAR,-1,&cdev_tpm); X@@ -213,7 +213,7 @@ X * sometime returns EINTR X */ X tpmd_sock->so_rcv.sb_flags |= SB_NOINTR; X- error = soreceive(tpmd_sock,NULL,uio,NULL,NULL,NULL); X+ error = soreceive(tpmd_sock,NULL,uio,NULL,NULL,NULL,0); X X if (error) { X debug("soreceive() failed %i",error); 2bce3479c0b6bc088ca782fc2a955038 echo x - tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.h sed 's/^X//' >tpm-emulator/files/patch-tpmd_dev-openbsd-tpmd_dev.h << 'f6b99e1a81f107eae3f2eb7220549964' X--- tpmd_dev/openbsd/tpmd_dev.h.orig 2010-07-06 06:21:20.000000000 +0900 X+++ tpmd_dev/openbsd/tpmd_dev.h 2010-10-25 02:56:43.632557559 +0900 X@@ -20,7 +20,7 @@ X X #include "config.h" X X-#define cdev_tpm_init(c,n) { \ X+#define cdev_tpmd_init(c,n) { \ X dev_init(c,n,open),dev_init(c,n,close),dev_init(c,n,read), \ X dev_init(c,n,write), dev_init(c,n,ioctl),(dev_type_stop((*))) lkmenodev, \ X 0,(dev_type_poll((*))) lkmenodev,(dev_type_mmap((*))) lkmenodev } f6b99e1a81f107eae3f2eb7220549964 echo x - tpm-emulator/files/pkg-install.in sed 's/^X//' >tpm-emulator/files/pkg-install.in << '1b9371219f217e714ca8bcbd5465efbf' X#!/bin/sh X XPATH=/bin:/usr/sbin X XPREFIX=${PKG_PREFIX:-%%PREFIX%%} XUSER=%%TSS_USER%% XGROUP=%%TSS_GROUP%% XUID=%%TSS_UID%% XGID=%%TSS_GID%% X Xcase $2 in X PRE-INSTALL) X X if pw group show "${GROUP}" 2>/dev/null; then X echo "You already have a group \"${GROUP}\", so I will use it." X else X if pw groupadd ${GROUP} -g ${GID}; then X echo "Added group \"${GROUP}\"." X else X echo "Adding group \"${GROUP}\" failed..." X fi X fi X X if pw user show "${USER}" 2>/dev/null; then X echo "You already have a user \"${USER}\", so I will use it." X else X if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \ X -s /usr/sbin/nologin -L daemon -d /var/empty -c "TrouSerS user" X then X echo "Added user \"${USER}\"." X else X echo "Adding user \"${USER}\" failed..." X exit 1 X fi X fi X X if pw groupmod ${GROUP} -m ${USER}; then X echo "Added user \"${USER}\" to group \"${GROUP}\"." X else X echo "Adding user \"${USER}\" to group \"${GROUP}\" failed..." X fi X X ;; X X POST-DEINSTALL) X X# if pw user show "${USER}" 2>/dev/null; then X# if pw userdel ${USER} -u ${UID}; then X# echo "Deleted user \"${USER}\"." X# fi X# fi X X# if pw group show "${GROUP}" 2>/dev/null; then X# if pw groupdel ${GROUP} -g ${GID}; then X# echo "Deleted group \"${GROUP}\"." X# fi X# fi X X ;; X Xesac 1b9371219f217e714ca8bcbd5465efbf echo x - tpm-emulator/pkg-descr sed 's/^X//' >tpm-emulator/pkg-descr << '1caa38e70a34b545e2de6a85bf003cb0' XThe project aims to create a fully working Trusted Platform Module (TPM) Xemulator follwing the specifications of the Trusted Computing Group. XThe port provides a driver library libtddl which can be linked against programs Xproviding a Trusted Software Stack to redirect TPM calls to the emulator. 1caa38e70a34b545e2de6a85bf003cb0 echo x - tpm-emulator/pkg-plist sed 's/^X//' >tpm-emulator/pkg-plist << 'afb9f3e41cbb6fd2469711c7791b39df' Xinclude/tddl.h Xlib/libtddl.so.1.2.0.7 Xlib/libtddl.so.1.2 Xlib/libtddl.a Xbin/tpmd X@unexec rm -f /var/tpm/tpmd_socket* X@unexec rm -rf /var/tpm afb9f3e41cbb6fd2469711c7791b39df exit --Multipart=_Thu__28_Oct_2010_02_43_40_+0900_JtScQ_e/yKAD9/CK--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101028024340.38c88103.nork>