From owner-svn-ports-head@freebsd.org Sun Aug 12 14:02:48 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 219A910713F6; Sun, 12 Aug 2018 14:02:48 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CB0F88994F; Sun, 12 Aug 2018 14:02:47 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AC18A2700D; Sun, 12 Aug 2018 14:02:47 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7CE2lcm092423; Sun, 12 Aug 2018 14:02:47 GMT (envelope-from tijl@FreeBSD.org) Received: (from tijl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7CE2kaa092414; Sun, 12 Aug 2018 14:02:46 GMT (envelope-from tijl@FreeBSD.org) Message-Id: <201808121402.w7CE2kaa092414@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tijl set sender to tijl@FreeBSD.org using -f From: Tijl Coosemans Date: Sun, 12 Aug 2018 14:02:45 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r476992 - in head: . security security/beid security/beid/files security/libbeid X-SVN-Group: ports-head X-SVN-Commit-Author: tijl X-SVN-Commit-Paths: in head: . security security/beid security/beid/files security/libbeid X-SVN-Commit-Revision: 476992 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Aug 2018 14:02:48 -0000 Author: tijl Date: Sun Aug 12 14:02:45 2018 New Revision: 476992 URL: https://svnweb.freebsd.org/changeset/ports/476992 Log: Update Belgian eID middleware to 4.4.5. Enable the viewer application and the Firefox extension. Rename the port from security/libbeid to security/beid now that it's more than just a library. Added: head/security/beid/ - copied from r476991, head/security/libbeid/ head/security/beid/files/patch-plugins_tools_chrome_pkcs11_beid-update-nssdb (contents, props changed) head/security/beid/files/patch-plugins_tools_eid-viewer_Makefile.am (contents, props changed) Deleted: head/security/beid/files/patch-Makefile.am head/security/beid/files/patch-configure.ac head/security/libbeid/ Modified: head/MOVED head/security/Makefile head/security/beid/Makefile head/security/beid/distinfo head/security/beid/pkg-descr head/security/beid/pkg-message head/security/beid/pkg-plist Modified: head/MOVED ============================================================================== --- head/MOVED Sun Aug 12 13:44:39 2018 (r476991) +++ head/MOVED Sun Aug 12 14:02:45 2018 (r476992) @@ -10422,3 +10422,4 @@ devel/lldb38|devel/llvm38|2018-08-08|METAPORT removed lang/clang38|devel/llvm38|2018-08-08|METAPORT removed science/py-tensorflow||2018-08-08|Has expired: build broken devel/bazel-clang38|devel/bazel|2018-08-08|Slave port depends on obsolete LLVM version +security/libbeid|security/beid|2018-08-12|No longer just a library Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/Makefile Sun Aug 12 14:02:45 2018 (r476992) @@ -44,6 +44,7 @@ SUBDIR += bdes SUBDIR += bearssl SUBDIR += beecrypt + SUBDIR += beid SUBDIR += belier SUBDIR += bfbtester SUBDIR += binwalk @@ -336,7 +337,6 @@ SUBDIR += libadacrypt SUBDIR += libargon2 SUBDIR += libassuan - SUBDIR += libbeid SUBDIR += libbf SUBDIR += libcryptui SUBDIR += libdecaf Modified: head/security/beid/Makefile ============================================================================== --- head/security/libbeid/Makefile Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/beid/Makefile Sun Aug 12 14:02:45 2018 (r476992) @@ -1,12 +1,12 @@ # $FreeBSD$ -PORTNAME= libbeid -PORTVERSION= 4.4.2 +PORTNAME= beid +PORTVERSION= 4.4.5 DISTVERSIONPREFIX= v CATEGORIES= security MAINTAINER= tijl@FreeBSD.org -COMMENT= Belgian eID PKCS #11 module +COMMENT= Belgian eID middleware LICENSE= LGPL3 LICENSE_FILE= ${WRKSRC}/COPYING @@ -17,11 +17,14 @@ USE_GITHUB= yes GH_ACCOUNT= Fedict GH_PROJECT= eid-mw -USES= autoreconf gettext-tools libtool pkgconfig +USES= autoreconf gettext-tools gmake libtool pkgconfig USE_GNOME= gtk30 +GLIB_SCHEMAS= eid-viewer.gschema.xml GNU_CONFIGURE= yes -CONFIGURE_ARGS= --disable-p11kit --disable-static --with-gtkvers=3 +CONFIGURE_ARGS= --disable-p11kit --disable-static --with-gtkvers=3 \ + --enable-webextension \ + --with-mozext=${PREFIX}/lib/firefox/browser/extensions INSTALL_TARGET= install-strip OPTIONS_DEFINE= NLS @@ -32,15 +35,23 @@ NLS_USES= gettext-runtime post-patch: @${ECHO_CMD} ${PORTVERSION}-release > ${WRKSRC}/.version + @${REINPLACE_CMD} -e '/^MODUTIL=/s,/usr/bin,${LOCALBASE}/bin,' \ + -e '/^CERTUTIL=/s,/usr/bin,${LOCALBASE}/bin,' \ + -e '/^LIBS=/s,=.*,=${PREFIX}/lib,' \ + ${WRKSRC}/plugins_tools/chrome_pkcs11/beid-update-nssdb + @${REINPLACE_CMD} '/^Exec=/s,/usr/bin,${PREFIX}/bin,' \ + ${WRKSRC}/plugins_tools/chrome_pkcs11/beid-update-nssdb.desktop post-install: - ${RM} -r ${STAGEDIR}${PREFIX}/lib/mozilla - ${RM} -r ${STAGEDIR}${PREFIX}/libdata/pkgconfig ${MKDIR} ${STAGEDIR}${PREFIX}/lib/pkcs11 ${LN} -s ../libbeidpkcs11.so.0 \ ${STAGEDIR}${PREFIX}/lib/pkcs11/beidpkcs11.so ${MKDIR} ${STAGEDIR}${PREFIX}/share/p11-kit/modules ${INSTALL_DATA} ${WRKSRC}/cardcomm/pkcs11/src/beid.module \ ${STAGEDIR}${PREFIX}/share/p11-kit/modules + ${RMDIR} ${STAGEDIR}${PREFIX}/share/locale/en@boldquot/LC_MESSAGES + ${RMDIR} ${STAGEDIR}${PREFIX}/share/locale/en@boldquot + ${RMDIR} ${STAGEDIR}${PREFIX}/share/locale/en@quot/LC_MESSAGES + ${RMDIR} ${STAGEDIR}${PREFIX}/share/locale/en@quot .include Modified: head/security/beid/distinfo ============================================================================== --- head/security/libbeid/distinfo Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/beid/distinfo Sun Aug 12 14:02:45 2018 (r476992) @@ -1,3 +1,3 @@ -TIMESTAMP = 1528377686 -SHA256 (Fedict-eid-mw-v4.4.2_GH0.tar.gz) = c0d9882d9445e51bc57b2f7f003ae03d7842354101c3d27d6a2a68cdb9d3a0d2 -SIZE (Fedict-eid-mw-v4.4.2_GH0.tar.gz) = 7716375 +TIMESTAMP = 1533912357 +SHA256 (Fedict-eid-mw-v4.4.5_GH0.tar.gz) = d2411d1534a1ee37b98cd12e17a79abe818e0a08c30c9e677af0b39a68e8396c +SIZE (Fedict-eid-mw-v4.4.5_GH0.tar.gz) = 7720366 Added: head/security/beid/files/patch-plugins_tools_chrome_pkcs11_beid-update-nssdb ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/beid/files/patch-plugins_tools_chrome_pkcs11_beid-update-nssdb Sun Aug 12 14:02:45 2018 (r476992) @@ -0,0 +1,40 @@ +--- plugins_tools/chrome_pkcs11/beid-update-nssdb.orig 2018-07-20 12:53:45 UTC ++++ plugins_tools/chrome_pkcs11/beid-update-nssdb +@@ -1,4 +1,4 @@ +-#!/bin/bash ++#! /bin/sh + # + # The MIT License (MIT) + # +@@ -26,15 +26,17 @@ + # Copyright(c) Wouter Verhelst, 2018 + + NSSDB=$HOME/.pki/nssdb +-MODUTIL="/usr/bin/modutil -force -dbdir sql:$NSSDB" +-CERTUTIL="/usr/bin/certutil -d sql:$NSSDB" ++MODUTIL="/usr/bin/modutil" ++CERTUTIL="/usr/bin/certutil" + LIBS=$(ld --verbose | grep SEARCH | awk '{ gsub(/;/,"\n"); print }' | awk -F '\"' '/SEARCH_DIR\(\"=?/ { gsub(/=/,""); print $2 }') + PKCS11=libbeidpkcs11.so.0 + ++[ -e $CERTUTIL -a -e $MODUTIL ] || exit ++ + if [ ! -f $NSSDB/cert9.db ]; then + echo "Initializing new database" + mkdir -p $NSSDB +- $CERTUTIL -N --empty-password ++ $CERTUTIL -d sql:$NSSDB -N --empty-password + fi + + for DIR in $LIBS; do +@@ -45,8 +47,8 @@ for DIR in $LIBS; do + echo "ID-card support for Google Chrome/Chromium/Opera already enabled" + else + echo "Enabling ID-card functionality in Google Chrome/Chromium/Opera via $LIB" +- $MODUTIL -delete "Belgium eID" +- $MODUTIL -add "Belgium eID" -libfile $LIB -mechanisms FRIENDLY ++ $MODUTIL -force -dbdir sql:$NSSDB -delete "Belgium eID" ++ $MODUTIL -force -dbdir sql:$NSSDB -add "Belgium eID" -libfile $LIB -mechanisms FRIENDLY + fi + exit + fi Added: head/security/beid/files/patch-plugins_tools_eid-viewer_Makefile.am ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/beid/files/patch-plugins_tools_eid-viewer_Makefile.am Sun Aug 12 14:02:45 2018 (r476992) @@ -0,0 +1,20 @@ +--- plugins_tools/eid-viewer/Makefile.am.orig 2018-07-20 12:53:45 UTC ++++ plugins_tools/eid-viewer/Makefile.am +@@ -51,6 +51,8 @@ libeidviewer_la_SOURCES = \ + cache/cache.cpp \ + conversions/bbannumconv.h \ + conversions/bbannumconv.cpp \ ++ conversions/booldecode.h \ ++ conversions/booldecode.cpp \ + conversions/genderconv.h \ + conversions/genderconv.cpp \ + conversions/hexnumconv.cpp \ +@@ -74,6 +76,8 @@ libeidviewer_la_SOURCES = \ + conversions/specconv.cpp \ + conversions/specorgconv.h \ + conversions/specorgconv.cpp \ ++ conversions/toxmlmemberoffamilyconv.h \ ++ conversions/toxmlmemberoffamilyconv.cpp \ + conversions/valdate.h \ + conversions/valdate.cpp \ + conversions/workpermitconv.h \ Modified: head/security/beid/pkg-descr ============================================================================== --- head/security/libbeid/pkg-descr Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/beid/pkg-descr Sun Aug 12 14:02:45 2018 (r476992) @@ -1,3 +1,4 @@ -PKCS #11 module for Belgian government-issued electronic identity cards. +Viewer and PKCS #11 module for Belgian government-issued electronic identity +cards. WWW: https://github.com/Fedict/eid-mw/ Modified: head/security/beid/pkg-message ============================================================================== --- head/security/libbeid/pkg-message Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/beid/pkg-message Sun Aug 12 14:02:45 2018 (r476992) @@ -3,19 +3,14 @@ The private keys on the eID cards are created by the B not by the citizens. You should assume that the government can forge digital signatures and decrypt encrypted content. -The procfs file system must be mounted on /proc for these libraries to work -correctly. Add the following line to /etc/fstab and run "mount procfs". +The procfs file system must be mounted on /proc for the PKCS #11 module to +work. Add the following line to /etc/fstab and run "mount procfs". procfs /proc procfs rw 0 0 -To use your eID in Firefox you can add libbeidpkcs11.so as a security module: -- Make sure you have installed a pcsc-lite driver for your card reader (such - as devel/libccid) and that pcscd is running (add pcscd_enable="YES" to - /etc/rc.conf and start the service by running "service pcscd start"). -- Connect your card reader. -- In Firefox go to Edit->Preferences->Advanced->Certificates and press - "Security Devices", then "Load". -- Enter a name such as "Belgian eID" and browse for libbeidpkcs11.so. Then - close the two windows by pressing "OK" twice. -- If all went well you can now plug in your eID card and see your certificates - listed under "View Certificates->Your Certificates". +Make sure you have installed a pcsc-lite driver for your card reader (such +as devel/libccid) and that pcscd is running (add pcscd_enable="YES" to +/etc/rc.conf and start the service by running "service pcscd start"). + +To use your eID in Firefox you have to enable the "eID Belgium" extension +in the Add-ons Manager. Modified: head/security/beid/pkg-plist ============================================================================== --- head/security/libbeid/pkg-plist Sun Aug 12 13:44:39 2018 (r476991) +++ head/security/beid/pkg-plist Sun Aug 12 14:02:45 2018 (r476992) @@ -1,14 +1,51 @@ +bin/about-eid-mw +bin/beid-update-nssdb +bin/eid-viewer +etc/xdg/autostart/beid-update-nssdb.desktop +include/beid/rsaref220/pkcs11.h +include/beid/rsaref220/pkcs11f.h +include/beid/rsaref220/pkcs11t.h +include/beid/rsaref220/unix.h +include/eid-util/utftranslate.h +include/eid-viewer/certhelpers.h +include/eid-viewer/eid-viewer.h +include/eid-viewer/macros.h +include/eid-viewer/oslayer.h +include/eid-viewer/verify_cert.h lib/libbeidpkcs11.so lib/libbeidpkcs11.so.0 lib/libbeidpkcs11.so.0.0.0 +lib/libeidviewer.so +lib/libeidviewer.so.0 +lib/libeidviewer.so.0.1.0 +lib/mozilla/pkcs11-modules/beidpkcs11.json lib/pkcs11/beidpkcs11.so +lib/firefox/browser/extensions/belgiumeid@eid.belgium.be.xpi +libdata/pkgconfig/libbeidpkcs11.pc libexec/beid-askaccess libexec/beid-askpin libexec/beid-badpin libexec/beid-changepin libexec/beid-spr-askpin libexec/beid-spr-changepin +share/applications/eid-viewer.desktop +share/eid-mw/eidv4.xsd +share/eid-mw/trustdir/143b8e8e.0 +share/eid-mw/trustdir/9ef4b1e1.0 +share/eid-mw/trustdir/belgiumrca2.pem +share/eid-mw/trustdir/belgiumrca3.pem +share/eid-mw/trustdir/belgiumrca4.pem +share/eid-mw/trustdir/c7e71426.0 +share/icons/hicolor/128x128/apps/eid-viewer.png +share/icons/hicolor/16x16/apps/eid-viewer.png +share/icons/hicolor/256x256/apps/eid-viewer.png +share/icons/hicolor/32x32/apps/eid-viewer.png +share/icons/hicolor/48x48/apps/eid-viewer.png +share/icons/hicolor/512x512/apps/eid-viewer.png %%NLS%%share/locale/de/LC_MESSAGES/dialogs-beid.mo +%%NLS%%share/locale/de/LC_MESSAGES/eid-viewer.mo %%NLS%%share/locale/fr/LC_MESSAGES/dialogs-beid.mo +%%NLS%%share/locale/fr/LC_MESSAGES/eid-viewer.mo %%NLS%%share/locale/nl/LC_MESSAGES/dialogs-beid.mo +%%NLS%%share/locale/nl/LC_MESSAGES/eid-viewer.mo share/p11-kit/modules/beid.module