Minix/pkgsrc-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Import of pkgsrc-2013Q2

Browse Source
This commit is contained in:
Lionel Sambuc
2013-09-26 17:14:40 +02:00
commit 785076ae39
74991 changed files with 4380255 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
security/CoolKey/DESCR Normal file
View File

@@ -0,0 +1,4 @@
Provides driver support for the CoolKey and Common Access Card (CAC)
smart card used in a Public Key Infrastructure (PKI). The libpkcs11
module allows use of Smart Cards in applications that use mozilla
Network Security Services (NSS).

48
security/CoolKey/Makefile Normal file
View File

@@ -0,0 +1,48 @@
# $NetBSD: Makefile,v 1.6 2013/02/01 22:21:09 wiz Exp $
#
DISTNAME= coolkey-1.1.0
PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= http://directory.fedora.redhat.com/download/coolkey/
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://directory.fedora.redhat.com/wiki/CoolKey
COMMENT= Driver support for the CoolKey and CAC products
LICENSE= gnu-lgpl-v2
# Only for NetBSD>=4.99.0
NOT_FOR_PLATFORM= NetBSD-[0-3].*-* NetBSD-4.[0-9].*-*
NOT_FOR_PLATFORM+= NetBSD-4.[0-8]*.*-* NetBSD-4.9[0-8].*-*
.include "../../mk/bsd.prefs.mk"
BUILD_DEFS= VARBASE
GNU_CONFIGURE= yes
USE_LIBTOOL= yes
USE_TOOLS+= pkg-config
USE_TOOLS+= autoconf
USE_TOOLS+= gmake
USE_TOOLS+= grep
.if ${OPSYS} != "NetBSD"
USE_TOOLS+= gsed
.endif
USE_LANGUAGES= c c++
AUTOCONF_REQD= 2.59
CONFIGURE_ARGS+= --sharedstatedir=${VARBASE:Q}
CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q}
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
CONFIGURE_ARGS+= --disable-dependency-tracking
PKGCONFIG_OVERRIDE+= src/libckyapplet/libckyapplet.pc.in
pre-configure:
cd ${WRKSRC} && autoconf
.include "../../security/pcsc-lite/buildlink3.mk"
.include "../../security/ccid/buildlink3.mk"
.include "../../mk/pthread.buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
.include "../../mk/bsd.pkg.mk"

11
security/CoolKey/PLIST Normal file
View File

@@ -0,0 +1,11 @@
@comment $NetBSD: PLIST,v 1.2 2009/06/14 18:13:25 joerg Exp $
include/cky_applet.h
include/cky_base.h
include/cky_card.h
include/cky_factory.h
include/cky_list.h
lib/libckyapplet.so
lib/libckyapplet.so.1
lib/libckyapplet.so.1.0.0
lib/pkcs11/libcoolkeypk11.so
lib/pkgconfig/libckyapplet.pc

14
security/CoolKey/distinfo Normal file
View File

@@ -0,0 +1,14 @@
$NetBSD: distinfo,v 1.4 2013/04/29 21:31:12 joerg Exp $
SHA1 (coolkey-1.1.0.tar.gz) = 54136decf9dfd091c8b231cb77dac97db95e1866
RMD160 (coolkey-1.1.0.tar.gz) = 1873e85aecb30c5311444c76fd85ba79633dce23
Size (coolkey-1.1.0.tar.gz) = 432808 bytes
SHA1 (patch-aa) = f91d804c54540f45e7791b3ca9a1fb987bde0a72
SHA1 (patch-ab) = 6aed241ec856b7b826e7c9953e286088d8960feb
SHA1 (patch-ac) = 8b7604ea677471a7ee5c1d7c9f4f6f4c03468350
SHA1 (patch-src_coolkey_log.cpp) = 2e9fe538236496a924eb3a12a43a4336e814aabb
SHA1 (patch-src_coolkey_object.cpp) = a28c9a56e4a184bcdf73be9d64ef133b691ccf0e
SHA1 (patch-src_coolkey_params.h) = 21b7ae6a872a7d79d884d7a380f131839d867aff
SHA1 (patch-src_coolkey_slot.cpp) = a797e9e2dcc04598fb3e322fe7f78326c9ea1de6
SHA1 (patch-src_libckyapplet_cky_card.c) = 7c662083d622b464a74322aef883f211b8ac9420
SHA1 (patch-src_libckyapplet_cky_card.h) = 94067de1f656ef85eec7f13614f55760bf5fe338

30
security/CoolKey/patches/patch-aa Normal file
View File

@@ -0,0 +1,30 @@
$NetBSD: patch-aa,v 1.1.1.1 2008/03/04 11:33:02 shannonjr Exp $
--- configure.in.orig 2007-02-16 12:50:50.000000000 -0700
+++ configure.in
@@ -101,7 +101,8 @@ AC_PROG_LN_S
# Checks for libraries.
if test $WINDOWS -ne 1; then
AC_CHECK_LIB(z, uncompress, , AC_MSG_ERROR(could not locate libz compression library))
-AC_CHECK_LIB(dl, dlopen, , AC_MSG_ERROR(could not locate dynamic library services library))
+# NetBSD: dlopen is not in a library. It is included in every dynamically linked program automatically.
+#AC_CHECK_LIB(dl, dlopen, , AC_MSG_ERROR(could not locate dynamic library services library))
fi
# add our compiled static libraries
@@ -121,12 +122,13 @@ AC_ARG_ENABLE(pk11install,
[ --enable-pk11install build an installer for legacy user apps(default=no)])
if test "$enable_pk11install" = "yes" -o "$enable_pk11install" = "true"
then
+/* Bugzilla Bug 250738: build patches for coolkey */
if test $WINDOWS -ne 1; then
PKG_CHECK_MODULES(NSS, nss, true, [ AC_MSG_ERROR(could not find NSS Crypto libraries) ])
fi
- enable_pk11install = "yes"
+ enable_pk11install="yes"
else
- enable_pk11install = "no"
+ enable_pk11install="no"
AC_MSG_WARN([skipping pk11install])
fi

192
security/CoolKey/patches/patch-ab Normal file
View File

@@ -0,0 +1,192 @@
$NetBSD: patch-ab,v 1.2 2011/11/25 22:17:49 joerg Exp $
--- src/coolkey/machdep.cpp.orig 2007-02-14 00:46:28.000000000 +0000
+++ src/coolkey/machdep.cpp
@@ -17,6 +17,8 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
* ***** END COPYRIGHT BLOCK *****/
+/* Patch from RedHAT coolkey-1.1.0-5.el5.src.rpm */
+
#include "machdep.h"
#include "mypkcs11.h"
#include "PKCS11Exception.h"
@@ -32,6 +34,8 @@
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/mman.h>
+#include <stdlib.h>
+#include <string.h>
#include <pthread.h>
#endif
@@ -185,12 +189,20 @@ void OSSleep(int time)
#define MAP_INHERIT 0
#endif
+#ifndef BASEPATH
+#ifdef MAC
+#define BASEPATH "/var"
+#else
+#define BASEPATH "/var/cache"
+#endif
+#endif
+
#ifdef FULL_CLEANUP
#define RESERVED_OFFSET 256
-#define MEMSEGPATH "/tmp/.pk11ipc"
+#define MEMSEGPATH BASEPATH"/coolkey-lock"
#else
#define RESERVED_OFFSET 0
-#define MEMSEGPATH "/tmp/.pk11ipc1"
+#define MEMSEGPATH BASEPATH"/coolkey"
#endif
struct SHMemData {
@@ -208,11 +220,6 @@ SHMemData::~SHMemData() {
#ifdef FULL_CLEANUP
flock(fd,LOCK_EX);
unsigned long ref = --(*(unsigned long *)addr);
-#ifdef notdef
- if (ref == 0) {
- unlink(path);
- }
-#endif
flock(fd, LOCK_UN);
#endif
munmap(addr,size+RESERVED_OFFSET);
@@ -225,6 +232,73 @@ SHMemData::~SHMemData() {
}
}
+/*
+ * The cache directory is shared and accessible by anyone, make
+ * sure the cache file we are opening is really a valid cache file.
+ */
+int safe_open(char *path, int flags, int mode, int size)
+{
+ struct stat buf;
+ int fd, ret;
+
+ fd = open (path, flags|O_NOFOLLOW, mode);
+
+ if (fd < 0) {
+ return fd;
+ }
+
+ ret = fstat(fd, &buf);
+ if (ret < 0) {
+ close (fd);
+ return ret;
+ }
+
+ /* our cache files are pretty specific, make sure we are looking
+ * at the correct one */
+
+ /* first, we should own the file ourselves, don't open a file
+ * that someone else wanted us to see. */
+ if (buf.st_uid != getuid()) {
+ close(fd);
+ errno = EACCES;
+ return -1;
+ }
+
+ /* next, there should only be one link in this file. Don't
+ * use this code to trash another file */
+ if (buf.st_nlink != 1) {
+ close(fd);
+ errno = EMLINK;
+ return -1;
+ }
+
+ /* next, This better be a regular file */
+ if (!S_ISREG(buf.st_mode)) {
+ close(fd);
+ errno = EACCES;
+ return -1;
+ }
+
+ /* if the permissions don't match, something is wrong */
+ if ((buf.st_mode & 03777) != mode) {
+ close(fd);
+ errno = EACCES;
+ return -1;
+ }
+
+ /* finally the file should be the correct size. This
+ * check isn't so much to protect from an attack, as it is to
+ * detect a corrupted cache file */
+ if (buf.st_size != size) {
+ close(fd);
+ errno = EACCES;
+ return -1;
+ }
+
+ /* OK, the file checked out, ok to continue */
+ return fd;
+}
+
SHMem::SHMem(): shmemData(0) {}
SHMem *
@@ -248,7 +322,7 @@ SHMem::initSegment(const char *name, int
return NULL;
}
int mask = umask(0);
- int ret = mkdir (MEMSEGPATH, 0777);
+ int ret = mkdir (MEMSEGPATH, 01777);
umask(mask);
if ((ret == -1) && (errno != EEXIST)) {
delete shmemData;
@@ -264,21 +338,16 @@ SHMem::initSegment(const char *name, int
shmemData->path[sizeof(MEMSEGPATH)-1] = '/';
strcpy(&shmemData->path[sizeof(MEMSEGPATH)],name);
- int mode = 0777;
- if (strcmp(name,"token_names") != 0) {
- /* each user gets his own uid array */
- sprintf(uid_str, "-%u",getuid());
- strcat(shmemData->path,uid_str);
- mode = 0700;
- }
+ sprintf(uid_str, "-%u",getuid());
+ strcat(shmemData->path,uid_str);
+ int mode = 0600;
+
shmemData->fd = open(shmemData->path,
O_CREAT|O_RDWR|O_EXCL|O_APPEND|O_EXLOCK, mode);
- if (shmemData->fd < 0) {
- needInit = false;
- shmemData->fd = open(shmemData->path,O_RDWR|O_EXLOCK, mode);
- } else {
+ if (shmemData->fd >= 0) {
char *buf;
int len = size+RESERVED_OFFSET;
+ int ret;
buf = (char *)calloc(1,len);
if (!buf) {
@@ -289,8 +358,22 @@ SHMem::initSegment(const char *name, int
delete shmemData;
return NULL;
}
- write(shmemData->fd,buf,len);
+ ret = write(shmemData->fd,buf,len);
+ if (ret != len) {
+ unlink(shmemData->path);
+#ifdef FULL_CLEANUP
+ flock(shmemData->fd, LOCK_UN);
+#endif
+ delete shmemData;
+ return NULL;
+ }
+
free(buf);
+ } else if (errno == EEXIST) {
+ needInit = false;
+
+ shmemData->fd = safe_open(shmemData->path,O_RDWR|O_EXLOCK, mode,
+ size+RESERVED_OFFSET);
}
if (shmemData->fd < 0) {
delete shmemData;

14
security/CoolKey/patches/patch-ac Normal file
View File

@@ -0,0 +1,14 @@
$NetBSD: patch-ac,v 1.1.1.1 2008/03/04 11:33:02 shannonjr Exp $
--- ./src/coolkey/coolkey.cpp.orig 2007-02-14 12:54:01.000000000 -0700
+++ ./src/coolkey/coolkey.cpp
@@ -34,7 +34,9 @@
#include "cky_base.h"
#include "params.h"
+#ifndef NULL
#define NULL 0
+#endif
/* static module data -------------------------------- */

13
security/CoolKey/patches/patch-src_coolkey_log.cpp Normal file
View File

@@ -0,0 +1,13 @@
$NetBSD: patch-src_coolkey_log.cpp,v 1.1 2011/11/25 22:17:49 joerg Exp $
--- src/coolkey/log.cpp.orig 2011-11-25 17:05:01.000000000 +0000
+++ src/coolkey/log.cpp
@@ -21,6 +21,8 @@
#include "mypkcs11.h"
#include <assert.h>
#include <stdio.h>
+#include <stdlib.h>
+#include <strings.h>
#include "log.h"
#include <cstdarg>
#include "PKCS11Exception.h"

12
security/CoolKey/patches/patch-src_coolkey_object.cpp Normal file
View File

@@ -0,0 +1,12 @@
$NetBSD: patch-src_coolkey_object.cpp,v 1.1 2011/11/25 22:17:49 joerg Exp $
--- src/coolkey/object.cpp.orig 2011-11-25 17:09:14.000000000 +0000
+++ src/coolkey/object.cpp
@@ -21,6 +21,7 @@
#include "PKCS11Exception.h"
#include "object.h"
#include <algorithm>
+#include <cstring>
using std::find_if;

12
security/CoolKey/patches/patch-src_coolkey_params.h Normal file
View File

@@ -0,0 +1,12 @@
$NetBSD: patch-src_coolkey_params.h,v 1.1 2013/04/29 21:31:12 joerg Exp $
--- src/coolkey/params.h.orig 2013-04-29 20:24:44.000000000 +0000
+++ src/coolkey/params.h
@@ -20,6 +20,7 @@
#ifndef COOLKEY_PARAMS_H
#define COOLKEY_PARAMS_H
+#include <cstdlib>
class Params {

13
security/CoolKey/patches/patch-src_coolkey_slot.cpp Normal file
View File

@@ -0,0 +1,13 @@
$NetBSD: patch-src_coolkey_slot.cpp,v 1.1 2011/11/25 22:17:49 joerg Exp $
--- src/coolkey/slot.cpp.orig 2011-11-25 17:09:33.000000000 +0000
+++ src/coolkey/slot.cpp
@@ -31,6 +31,8 @@
#include "machdep.h"
+#include <memory>
+
#define MIN(x, y) ((x) < (y) ? (x) : (y))
using std::auto_ptr;

23
security/CoolKey/patches/patch-src_libckyapplet_cky_card.c Normal file
View File

@@ -0,0 +1,23 @@
$NetBSD: patch-src_libckyapplet_cky_card.c,v 1.1 2012/12/15 01:07:17 pettai Exp $
Build fix for a more modern pcsc-lite.
--- src/libckyapplet/cky_card.c.orig 2012-12-11 21:28:26.000000000 +0000
+++ src/libckyapplet/cky_card.c
@@ -27,7 +27,6 @@
#ifndef WINAPI
#define WINAPI
-typedef SCARD_READERSTATE *LPSCARD_READERSTATE;
#endif
#ifndef SCARD_E_NO_READERS_AVAILABLE
@@ -108,7 +107,7 @@ typedef long (WINAPI * SCardGetAttribFn)
typedef long (WINAPI * SCardGetStatusChangeFn) (
SCARDCONTEXT hContext,
unsigned long dwTimeout,
- LPSCARD_READERSTATE rgReaderStates,
+ SCARD_READERSTATE *rgReaderStates,
unsigned long cReaders);
typedef long (WINAPI * SCardCancelFn) (

50
security/CoolKey/patches/patch-src_libckyapplet_cky_card.h Normal file
View File

@@ -0,0 +1,50 @@
$NetBSD: patch-src_libckyapplet_cky_card.h,v 1.1 2012/12/15 01:07:17 pettai Exp $
Build fix for a more modern pcsc-lite.
--- src/libckyapplet/cky_card.h.orig 2012-12-11 21:28:32.000000000 +0000
+++ src/libckyapplet/cky_card.h
@@ -41,23 +41,23 @@ CKYLIST_DECLARE(CKYReaderName, char *)
CKYLIST_DECLARE(CKYCardConnection, CKYCardConnection *)
CKY_BEGIN_PROTOS
-void CKYReader_Init(SCARD_READERSTATE_A *reader);
-void CKYReader_FreeData(SCARD_READERSTATE_A *reader);
+void CKYReader_Init(SCARD_READERSTATE *reader);
+void CKYReader_FreeData(SCARD_READERSTATE *reader);
/*
- * "Accessors": for SCARD_READERSTATE_A structure as a class.
- * These functions take an SCARD_READERSTATE_A which can also be referenced
+ * "Accessors": for SCARD_READERSTATE structure as a class.
+ * These functions take an SCARD_READERSTATE which can also be referenced
* directly.
*/
-CKYStatus CKYReader_SetReaderName(SCARD_READERSTATE_A *reader, const char *name);
-const char *CKYReader_GetReaderName(const SCARD_READERSTATE_A *reader);
-CKYStatus CKYReader_SetKnownState(SCARD_READERSTATE_A *reader,
+CKYStatus CKYReader_SetReaderName(SCARD_READERSTATE *reader, const char *name);
+const char *CKYReader_GetReaderName(const SCARD_READERSTATE *reader);
+CKYStatus CKYReader_SetKnownState(SCARD_READERSTATE *reader,
unsigned long state);
-unsigned long CKYReader_GetKnownState(const SCARD_READERSTATE_A *reader);
-unsigned long CKYReader_GetEventState(const SCARD_READERSTATE_A *reader);
-CKYStatus CKYReader_GetATR(const SCARD_READERSTATE_A *reader, CKYBuffer *buf);
+unsigned long CKYReader_GetKnownState(const SCARD_READERSTATE *reader);
+unsigned long CKYReader_GetEventState(const SCARD_READERSTATE *reader);
+CKYStatus CKYReader_GetATR(const SCARD_READERSTATE *reader, CKYBuffer *buf);
/* create an array of READERSTATEs from a LIST of Readers */
-SCARD_READERSTATE_A *CKYReader_CreateArray(const CKYReaderNameList readerNames,
+SCARD_READERSTATE *CKYReader_CreateArray(const CKYReaderNameList readerNames,
unsigned long *readerCount);
/* frees the reader, then the full array */
void CKYReader_DestroyArray(SCARD_READERSTATE *reader, unsigned long count);
@@ -88,7 +88,7 @@ CKYStatus CKYCardContext_FindReadersByAT
const CKYBuffer *targetATR);
/* return if any of the readers in our array has changed in status */
CKYStatus CKYCardContext_WaitForStatusChange(CKYCardContext *context,
- SCARD_READERSTATE_A *readers,
+ SCARD_READERSTATE *readers,
unsigned long readerCount,
unsigned long timeout);
/* cancel any current operation (such as wait for status change) on this