[Midnightbsd-cvs] mports: mports/security: Add opensc and openct.

Thu Sep 18 11:25:30 EDT 2008

Log Message:
-----------
Add opensc and openct.  These ports are used by the openssh-portable port optionally to work with smart cards.

Modified Files:
--------------
    mports/security:
        Makefile (r1.81 -> r1.82)

Added Files:
-----------
    mports/security/opensc:
        Makefile (r1.1)
        distinfo (r1.1)
        pkg-descr (r1.1)
        pkg-message (r1.1)
        pkg-plist (r1.1)
    mports/security/opensc/files:
        patch-configure (r1.1)
        patch-src_pkcs11_misc.c (r1.1)
    mports/security/openct:
        Makefile (r1.1)
        distinfo (r1.1)
        pkg-descr (r1.1)
        pkg-message (r1.1)
        pkg-plist (r1.1)
    mports/security/openct/files:
        etoken.conf.in (r1.1)
        openct.in (r1.1)
        patch-etc_openct.conf.in (r1.1)

-------------- next part --------------

--- /dev/null
+++ security/opensc/pkg-message
@@ -0,0 +1,2 @@
+Before using OpenSC, you should create the configuration
+file, by copying the installed sample.
--- /dev/null
+++ security/opensc/pkg-descr
@@ -0,0 +1,14 @@
+OpenSC provides a set of libraries and utilities to
+access smart cards. Its main focus is on cards that
+support cryptographic operations, and facilitate their
+use in security applications such as mail encryption,
+authentication, and digital signature.
+
+OpenSC implements the PKCS#11 API so applications
+supporting this API such as Mozilla Firefox and
+Thunderbird can use it.
+
+OpenSC implements the PKCS#15 standard and aims to be
+compatible with every software that does so, too.
+
+WWW:	http://www.opensc-project.org/opensc/
--- /dev/null
+++ security/opensc/pkg-plist
@@ -0,0 +1,69 @@
+bin/cardos-info
+bin/cryptoflex-tool
+bin/eidenv
+bin/netkey-tool
+bin/opensc-config
+bin/opensc-explorer
+bin/opensc-tool
+bin/piv-tool
+bin/pkcs11-tool
+bin/pkcs15-crypt
+bin/pkcs15-init
+bin/pkcs15-tool
+etc/opensc.conf-sample
+include/opensc/asn1.h
+include/opensc/cardctl.h
+include/opensc/compression.h
+include/opensc/emv.h
+include/opensc/errors.h
+include/opensc/log.h
+include/opensc/opensc.h
+include/opensc/pkcs11.h
+include/opensc/pkcs15-init.h
+include/opensc/pkcs15.h
+include/opensc/scconf.h
+include/opensc/types.h
+include/opensc/ui.h
+libdata/pkgconfig/libopensc.pc
+libdata/pkgconfig/libpkcs15init.pc
+libdata/pkgconfig/libscconf.pc
+%%SIGNER%%lib/browser_plugins/opensc-signer.so
+%%SIGNER%%lib/opensc-signer.a
+%%SIGNER%%lib/opensc-signer.la
+%%SIGNER%%lib/opensc-signer.so
+lib/libopensc.a
+lib/libopensc.la
+lib/libopensc.so
+lib/libopensc.so.2
+lib/libpkcs15init.a
+lib/libpkcs15init.la
+lib/libpkcs15init.so
+lib/libpkcs15init.so.2
+lib/libscconf.a
+lib/libscconf.la
+lib/libscconf.so
+lib/libscconf.so.2
+lib/onepin-opensc-pkcs11.a
+lib/onepin-opensc-pkcs11.la
+lib/onepin-opensc-pkcs11.so
+lib/opensc-pkcs11.a
+lib/opensc-pkcs11.la
+lib/opensc-pkcs11.so
+lib/pkcs11-spy.a
+lib/pkcs11-spy.la
+lib/pkcs11-spy.so
+%%DATADIR%%/asepcos.profile
+%%DATADIR%%/cardos.profile
+%%DATADIR%%/cyberflex.profile
+%%DATADIR%%/flex.profile
+%%DATADIR%%/gpk.profile
+%%DATADIR%%/incrypto34.profile
+%%DATADIR%%/jcop.profile
+%%DATADIR%%/miocos.profile
+%%DATADIR%%/muscle.profile
+%%DATADIR%%/oberthur.profile
+%%DATADIR%%/pkcs15.profile
+%%DATADIR%%/setcos.profile
+%%DATADIR%%/starcos.profile
+ at dirrm include/opensc
+ at dirrm %%DATADIR%%
--- /dev/null
+++ security/opensc/Makefile
@@ -0,0 +1,103 @@
+# New ports collection makefile for:	opensc
+# Date created:		10 September 2002
+# Whom:			Bruce M Simpson
+#
+# $MidnightBSD: mports/security/opensc/Makefile,v 1.1 2008/09/18 15:25:28 laffer1 Exp $
+# $FreeBSD: ports/security/opensc/Makefile,v 1.30 2008/04/19 17:53:27 miwi Exp $
+#
+
+PORTNAME=	opensc
+DISTVERSION=	0.11.4
+CATEGORIES=	security devel
+MASTER_SITES=	http://www.opensc-project.org/files/${PORTNAME}/ \
+		http://www.opensc-project.org/files/${PORTNAME}/testing/
+
+MAINTAINER=	ports at MidnightBSD.org
+COMMENT=	Libraries and utilities to access smart cards
+
+OPTIONS=	OPENCT "Enable direct OpenCT backend support" on \
+		PCSC "Enable PC/SC backend support" off \
+		SIGNER "Enable signer browser plugin" off
+
+USE_AUTOTOOLS=	libltdl:15
+USE_OPENSSL=	yes
+USE_GMAKE=	yes
+GNU_CONFIGURE=	yes
+USE_GNOME=	gnomehack pkgconfig
+USE_LDCONFIG=	yes
+
+CPPFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+
+CONFIGURE_ENV=	CPPFLAGS="${CPPFLAGS}" \
+		LDFLAGS="${LDFLAGS}" \
+		OPENSSL_CFLAGS="-I${OPENSSLINC}" \
+		OPENSSL_LIBS="-L${OPENSSLLIB} -lssl"
+
+DOC_FILES=	README *.sh *.xsl *.css *.html api html tools
+
+PORTDOCS=	*
+
+MANCOMPRESSED=	no
+MAN1=		cardos-info.1 cryptoflex-tool.1 netkey-tool.1 \
+		opensc-config.1 opensc-explorer.1 opensc-tool.1 \
+		pkcs11-tool.1 pkcs15-crypt.1 pkcs15-init.1 pkcs15-tool.1
+MAN3=		sc_app_info_t.3 sc_append_record.3 sc_asn1_decode.3 \
+		sc_asn1_encode.3 sc_asn1_entry.3 sc_asn1_find_tag.3 \
+		sc_asn1_print_tags.3 sc_asn1_put_tag.3 sc_asn1_read_tag.3 \
+		sc_asn1_skip_tag.3 sc_asn1_verify_tag.3 sc_base64_decode.3 \
+		sc_base64_encode.3 sc_card_ctl.3 sc_card_t.3 \
+		sc_card_valid.3 sc_check_sw.3 sc_connect_card.3 \
+		sc_copy_asn1_entry.3 sc_create_file.3 sc_delete_file.3 \
+		sc_delete_record.3 sc_der_clear.3 sc_der_copy.3 \
+		sc_detect_card_presence.3 sc_disconnect_card.3 \
+		sc_enum_apps.3 sc_establish_context.3 sc_file_dup.3 \
+		sc_file_free.3 sc_file_new.3 sc_file_t.3 \
+		sc_find_app_by_aid.3 sc_find_pkcs15_app.3 sc_format_apdu.3 \
+		sc_format_asn1_entry.3 sc_free_apps.3 sc_get_cache_dir.3 \
+		sc_get_challenge.3 sc_get_data.3 sc_list_files.3 \
+		sc_lock.3 sc_make_cache_dir.3 sc_put_data.3 \
+		sc_read_binary.3 sc_read_record.3 sc_release_context.3 \
+		sc_select_file.3 sc_set_card_driver.3 sc_strerror.3 \
+		sc_transmit_apdu.3 sc_unlock.3 sc_update_binary.3 \
+		sc_update_dir.3 sc_update_record.3 sc_wait_for_event.3 \
+		sc_write_binary.3 sc_write_record.3
+MAN5=		pkcs15-profile.5
+
+.include <bsd.port.pre.mk>
+
+.if !defined(WITHOUT_OPENCT)
+LIB_DEPENDS+=	openct.1:${PORTSDIR}/security/openct
+.else
+CONFIGURE_ARGS+=--disable-openct
+.endif
+
+.if defined(WITH_PCSC)
+LIB_DEPENDS+=	pcsclite.1:${PORTSDIR}/devel/pcsc-lite
+.else
+CONFIGURE_ARGS+=--disable-pcsc-lite
+.endif
+
+.if defined(WITH_SIGNER)
+BUILD_DEPENDS+=	${LOCALBASE}/lib/libassuan.a:${PORTSDIR}/security/libassuan
+PINENTRY?=	${LOCALBASE}/bin/pinentry
+PINENTRY_PORT?=	security/pinentry
+RUN_DEPENDS+=	pinentry:${PORTSDIR}/${PINENTRY_PORT}
+USE_XORG=	x11
+CONFIGURE_ARGS+=--with-libassuan-prefix=${LOCALBASE} \
+		--with-plugin-dir=${LOCALBASE}/lib/browser_plugins \
+		--with-pin-entry=${PINENTRY}
+PLIST_SUB+=	SIGNER=""
+.else
+CONFIGURE_ARGS+=--disable-nsplugin
+PLIST_SUB+=	SIGNER="@comment "
+.endif
+
+post-install:
+	${INSTALL_DATA} ${WRKSRC}/etc/opensc.conf ${PREFIX}/etc/opensc.conf-sample
+.ifndef(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	@(cd ${WRKSRC}/doc && ${CP} -R ${DOC_FILES} ${DOCSDIR})
+.endif
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/opensc/distinfo
@@ -0,0 +1,3 @@
+MD5 (opensc-0.11.4.tar.gz) = 2031aa617be609d50d014d5d370bb8a2
+SHA256 (opensc-0.11.4.tar.gz) = 8534e82dd53208c82a29961455f29d8f3b6350fa2be721e537463d8f6f9d6164
+SIZE (opensc-0.11.4.tar.gz) = 1410650
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/security/Makefile,v
retrieving revision 1.81
retrieving revision 1.82
diff -L security/Makefile -L security/Makefile -u -r1.81 -r1.82
--- security/Makefile
+++ security/Makefile
@@ -46,6 +46,8 @@
     SUBDIR += nmapfe
     SUBDIR += nss
     SUBDIR += opencdk
+    SUBDIR += openct
+    SUBDIR += opensc
     SUBDIR += openssh-askpass
     SUBDIR += openssh-portable
     SUBDIR += openvpn
--- /dev/null
+++ security/opensc/files/patch-src_pkcs11_misc.c
@@ -0,0 +1,11 @@
+--- src/pkcs11/misc.c.orig	2008-01-17 12:22:03.000000000 +0100
++++ src/pkcs11/misc.c	2008-01-17 12:22:18.000000000 +0100
+@@ -233,7 +233,7 @@
+ 		case CKA_PRIVATE:
+ 			size = sizeof(CK_BBOOL); break;
+ 		case CKA_CERTIFICATE_TYPE:
+-			size = sizeof(CKA_CERTIFICATE_TYPE); break;
++			size = sizeof(CK_ULONG); break;
+ 		case CKA_MODULUS_BITS:
+ 			size = sizeof(CK_ULONG); break;
+ 		case CKA_OBJECT_ID:
--- /dev/null
+++ security/opensc/files/patch-configure
@@ -0,0 +1,11 @@
+--- configure.orig	2007-09-10 18:51:01.000000000 +0200
++++ configure	2007-09-10 18:51:56.000000000 +0200
+@@ -23559,7 +23559,7 @@
+ if test "x${ASSUAN_MSG}" != "xyes" -o "x${OPENSSL_MSG}" != "xyes"; then
+ 	ENABLE_NSPLUGIN="no"
+ fi
+-if test "x${ENABLE_NSPLUGIN}" == "xyes"; then
++if test "x${ENABLE_NSPLUGIN}" = "xyes"; then
+ 
+ 
+ if true; then
--- /dev/null
+++ security/openct/pkg-message
@@ -0,0 +1,7 @@
+Before using OpenCT, you should create the configuration
+file, by copying the installed sample.
+
+To enable hot-plug support for your USB reader/token,
+you need a devd enabled system. A configuration sample
+for the Aladdin eToken PRO crypto token has been put
+in the examples directory.
--- /dev/null
+++ security/openct/pkg-descr
@@ -0,0 +1,10 @@
+OpenCT is a middleware framework for smart card terminals.
+
+OpenCT implements drivers for several smart card readers.
+It comes as driver in ifdhandler format for PC/SC-Lite,
+as CT-API driver, or as a small and lean middleware, so
+applications can use it with minimal overhead.
+OpenCT also has a primitive mechanism to export smart card
+readers to remote machines via tcp/ip.
+
+WWW:	http://www.opensc-project.org/openct/
--- /dev/null
+++ security/openct/pkg-plist
@@ -0,0 +1,35 @@
+bin/openct-tool
+etc/openct.conf-sample
+include/openct/apdu.h
+include/openct/buffer.h
+include/openct/conf.h
+include/openct/device.h
+include/openct/driver.h
+include/openct/error.h
+include/openct/ifd.h
+include/openct/logging.h
+include/openct/openct.h
+include/openct/path.h
+include/openct/protocol.h
+include/openct/server.h
+include/openct/socket.h
+include/openct/tlv.h
+include/openct/types.h
+include/openct/ctapi.h
+lib/libopenct.a
+lib/libopenct.la
+lib/libopenct.so
+lib/libopenct.so.1
+lib/libopenctapi.a
+lib/libopenctapi.la
+lib/libopenctapi.so
+%%PCSC%%lib/openct-ifd.a
+%%PCSC%%lib/openct-ifd.la
+%%PCSC%%lib/openct-ifd.so
+libdata/pkgconfig/libopenct.pc
+sbin/ifdhandler
+sbin/ifdproxy
+sbin/openct-control
+%%EXAMPLESDIR%%/etoken.conf
+ at dirrm include/openct
+ at dirrm %%EXAMPLESDIR%%
--- /dev/null
+++ security/openct/Makefile
@@ -0,0 +1,61 @@
+# New ports collection makefile for:	openct
+# Date created:		2004-09-08
+# Whom:			Janos Mohacsi <janos.mohacsi at bsd.hu>
+#
+# $MidnightBSD: mports/security/openct/Makefile,v 1.1 2008/09/18 15:25:28 laffer1 Exp $
+# $FreeBSD: ports/security/openct/Makefile,v 1.17 2008/04/19 17:53:27 miwi Exp $
+#
+
+PORTNAME=	openct
+DISTVERSION=	0.6.14
+CATEGORIES=	security
+MASTER_SITES=	http://www.opensc-project.org/files/${PORTNAME}/ \
+		http://www.opensc-project.org/files/${PORTNAME}/testing/
+
+MAINTAINER=	ports at MidnightBSD.org
+COMMENT=	A middleware framework for smart card terminals
+LICENSE=	lgpl
+
+OPTIONS=	USB "Install libusb for USB tokens/readers support" on \
+		PCSC "Install pcsc-lite to build the PC/SC->OpenCT frontend" off
+
+USE_AUTOTOOLS=	libltdl:15
+GNU_CONFIGURE=	yes
+USE_GMAKE=	yes
+USE_GNOME=	gnomehack pkgconfig
+USE_LDCONFIG=	yes
+USE_RC_SUBR=	openct
+SUB_FILES=	etoken.conf
+
+CONFIGURE_ENV=	CPPFLAGS="-I${LOCALBASE}/include" \
+		LDFLAGS="-L${LOCALBASE}/lib"
+
+MAN1=		openct-tool.1
+
+DOC_FILES=	README export-wiki.sh export-wiki.xsl trac.css *.html api
+
+PORTDOCS=	*
+
+.include <bsd.port.pre.mk>
+
+.if !defined(WITHOUT_USB) || exists(${LOCALBASE}/lib/libusb-0.1.so)
+LIB_DEPENDS+=	usb-0.1.8:${PORTSDIR}/devel/libusb
+.endif
+
+.if defined(WITH_PCSC) || exists(${LOCALBASE}/lib/libpcsclite.so)
+LIB_DEPENDS+=	pcsclite.1:${PORTSDIR}/devel/pcsc-lite
+PLIST_SUB+=	PCSC=""
+.else
+PLIST_SUB+=	PCSC="@comment "
+.endif
+
+post-install:
+	${INSTALL_DATA}	${WRKSRC}/etc/openct.conf ${PREFIX}/etc/openct.conf-sample
+	@${MKDIR} ${EXAMPLESDIR}
+	${INSTALL_DATA}	${WRKDIR}/etoken.conf ${EXAMPLESDIR}
+.ifndef(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	@(cd ${WRKSRC}/doc && ${CP} -R ${DOC_FILES} ${DOCSDIR})
+.endif
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/openct/distinfo
@@ -0,0 +1,3 @@
+MD5 (openct-0.6.14.tar.gz) = 04a5c0c7dedcb1ca0d550b1970fbf3b7
+SHA256 (openct-0.6.14.tar.gz) = 3df187f63eb6694652098238bdf967b304dad8f62e9219be4cf3b6d5ec5db58b
+SIZE (openct-0.6.14.tar.gz) = 670510
--- /dev/null
+++ security/openct/files/openct.in
@@ -0,0 +1,48 @@
+#!/bin/sh
+#
+# $FreeBSD: ports/security/openct/files/openct.in,v 1.1 2006/06/12 16:53:46 ale Exp $
+#
+
+# PROVIDE: openct
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
+# KEYWORD: shutdown
+
+#
+# Add the following line to /etc/rc.conf to enable openct:
+# openct_enable (bool):	Set to "NO" by default.
+#			Set it to "YES" to enable OpenCT.
+#
+
+. %%RC_SUBR%%
+
+name="openct"
+rcvar=`set_rcvar`
+
+load_rc_config $name
+
+: ${openct_enable="NO"}
+
+openct_rundir="/var/run/openct"
+command="%%PREFIX%%/sbin/openct-control"
+command_args="init"
+start_precmd="${name}_prestart"
+stop_cmd="${name}_stop"
+required_files="%%PREFIX%%/etc/openct.conf"
+
+openct_prestart()
+{
+	if [ ! -d "${openct_rundir}/." ]; then
+		/bin/mkdir ${openct_rundir}
+	fi
+}
+
+openct_stop()
+{
+        if [ -f "${openct_rundir}/status" ]; then
+		${command} shutdown > /dev/null
+                /bin/rm ${openct_rundir}/status
+        fi
+}
+
+run_rc_command "$1"
--- /dev/null
+++ security/openct/files/etoken.conf.in
@@ -0,0 +1,13 @@
+# Aladdin eToken PRO USB crypto token
+attach 100 {
+	device-name "ugen[0-9]+";
+	match "vendor" "0x0529";
+	match "product" "0x0514";
+	action "%%PREFIX%%/sbin/openct-control attach usb:529/514 usb /dev/$device-name";
+};
+detach 100 {
+	device-name "ugen[0-9]+";
+	match "vendor" "0x0529";
+	match "product" "0x0514";
+	action "/usr/bin/pkill -fx '%%PREFIX%%/sbin/ifdhandler -H [a-z0-9]+ usb /dev/$device-name'";
+};
--- /dev/null
+++ security/openct/files/patch-etc_openct.conf.in
@@ -0,0 +1,14 @@
+
+$FreeBSD: ports/security/openct/files/patch-etc_openct.conf.in,v 1.1 2005/10/11 17:30:43 garga Exp $
+
+--- etc/openct.conf.in.orig
++++ etc/openct.conf.in
+@@ -2,7 +2,7 @@
+ debug	= 0;
+ #
+ # Enable hot plugging
+-hotplug	= yes;
++hotplug	= no;
+ #
+ # Path to ifdhandler
+ ifdhandler = SBINDIR/ifdhandler;
