Update to 0.22.1 Changelog: 0.22.1 (stable) * Use SubjectKeyIdentifier for CKA_ID when available [#84761] * Allow 'BEGIN PuBLIC KEY' PEM blocks in .p11-kit files * Bump libtool library version * Build fixes [#84665 ...] 0.22.0 (stable) * Remove the 'isolated = yes' option due to unclear semantics replacement forth coming in later versions. * Use secure_getenv() where necessary * Run separate binary for 'p11-kit remote' command 0.21.3 (unstable) * New public pkcs11x.h header containing extensions [#83495] * Export necessary defines to lookup attached extensions [#83495] * Use term 'attached extensions' rather than 'stabled extensions' * Make proxy module respect 'critical = no' [#83651] * Show public-key-info in 'trust list --details' * Build fixes [#75674 ...] 0.21.2 (unstable) * Don't use invalid keys for looking up stapled extensions [#82328] * Better error messages when invalid certificate extensions * Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files * Fix some leaks, and memory issues * Silence some clang scanner warnings * Fix build against older pthread implementations [#82617] * Move to a non-recursive Makefile * Can now specify which tests to run on command line 0.21.1 (unstable) * Add new 'isolate' pkcs11 config option [#80472] * Add 'p11-kit remote' command for isolating modules [#54105] * Don't complain about C_Finalize after a fork * Other minor fixes 0.20.3 (stable) * Fix problems reinitializing managed modules after fork * Fix bad bookeeping when fail initializing one of the modules * Fix case where module would be unloaded while in use [#74919] * Remove assertions when module used before initialized [#74919] * Fix handling of mmap failure and mapping empty files [#74773] * Stable p11_kit_be_quiet() and p11_kit_be_loud() functions * Require automake 1.12 or later * Build fixes for Windows [#76594 #74149] 0.20.2 (stable) * Fix bug where blacklist didn't affect extracted ca-anchors if the anchor and blacklist were not in the same trust path (regression) [#73558] * Check for race in BasicConstraints stapled extension [#69314] * autogen.sh now runs configure as srcdir != builddir by default * Build fixes and cleanup 0.20.1 (stable) * Extract compat trust data after we've changes * Skip compat extraction if running as non-root * Better failure messages when removing anchors * Build cleanup 0.20.0 (stable) * Doc fixes 0.19.4 (unstable) * 'trust anchor' now adds/removes certificate anchors * 'trust list' lists trust policy stuff * 'p11-kit extract' is now 'trust extract' * 'p11-kit extract-trust' is now 'trust extract-compat' * Workarounds for working on broken zfsonlinux.org [#68525] * Add --with-module-config parameter to the configure script [#68122] * Add support for removing stored PKCS#11 objects in trust module * Various debugging tweaks 0.19.3 (unstable) * Fix up problems with automake testing * Fix a bunch of memory leaks in newly refactored code * Don't use _GNU_SOURCE and the unportability it brings * Testing fixes 0.19.2 (unstable) * Add basic 'trust anchor' command to store a new anchor * Support for writing out trust token objects * Port to use CKA_PUBLIC_KEY_INFO and updated trust store spec * Add option to use freebl for hashing * Implement reloading of token data * Fix warnings and possible minor bugs higlighted by code scanners * Don't load configs in home directories when running setuid or setgid * Support treating ~/.config as $XDG_CONFIG_HOME * Use $XDG_DATA_HOME/pkcs11 as default user config directory * Use $TMPDIR instead of $TEMP while testing * Open files and fds with O_CLOEXEC * Abort initialization if a critical module fails to load * Don't use thread-unsafe functions: strerror, getpwuid * Fix p11_kit_space_strlen() result when empty string * Refactoring of where various components live * Build fixes 0.19.1 (unstable) * Refactor API to be able to handle managed modules * Deprecate much of old p11-kit API * Implement concept of managed modules * Make C_CloseAllSessions function work for multiple callers * New dependency on libffi * Fix possible threading problems reported by hellgrind * Add log-calls option * Mark p11_kit_message() as a stable function * Use our own unit testing framework 0.18.3 (stable) * Fix reinitialization of trust module [#65401] * Fix crash in trust module C_Initialize * Mac OS fixes [#57714] 0.18.2 (stable) * Build fixes [#64378 ...] 0.18.1 (stable) * Put the external tools in $libdir/p11-kit * Documentation build fixes 0.18.0 (stable) * Fix use of trust module with gcr and empathy [#62896] * Further tweaks to trust module date parsing * Fix unaligned memory reads [#62819] * Win32 fixes [#63062, #63046] * Debug and logging tweaks [#62874] * Other build fixes 0.17.5 (unstable) * Don't try to guess at overflowing time values on 32-bit systems [#62825] * Test fixes [#927394] 0.17.4 (unstable) * Check for duplicate certificates in a token, warn and discard [#62548] * Implement a proper index so we have decent load performance 0.17.3 (unstable) * Use descriptive labels for the trust module tokens [#62534] * Remove the temporary built in distrust objects * Make extracted output directories and files read-only [#61898] * Don't export unneccessary ABI * Build fixes [#62479] 0.17.2 (unstable) * Fix build on 32-bit linux * Fix several crashers 0.17.1 (unstable) * Support a p11-kit specific PKCS#11 attribute persistance format [#62156] * Use the SHA1 hash of SPKI as the CKA_ID in the trust module by default [#62329] * Refactor a trust builder which builds objects out of parsed data [#62329] * Combine trust policy when extracting certificates [#61497] * The extract --comment option adds comments to PEM bundles [#62029] * A new 'priority' config option for ordering modules [#61978] * Make each configured path its own trust module token [#61499] * Use --with-trust-paths to configure trust module [#62327] * Fix bug decoding some PEM files * Better debug output for trust module lookups * Work around bug in NSS when doing serial number lookups * Work around broken strndup() function in firefox * Fix the nickname for the distrusted attribute * Build fixes 0.16.4 (stable) * Display per command help again [#62153] * Don't always print tools debug output [#62152] 0.16.3 (stable) * When iterating don't skip tokens without the CKF_TOKEN_INITIALIZED flag * Hardcode some distrust records for NSS temporarily * Parse global options better in the p11-kit command * Better debugging 0.16.2 (stable) * Fix regression in 'p11-kit extract --purpose' option [#62009] * Documentation updates * Build fixes [#62001, ...] 0.16.1 (stable) * Don't break when cA field of BasicConstraints is missing [#61975] * Documentation fixes and updates * p11-kit extract-trust is a placeholder script now 0.16.0 (stable) * Update the pkcs11.h header for new mechanisms * Fix build and tests on mingw64 (ie: win32) * Relicense LGPL code to BSD license * Documentation tweaks * Pull translations from Transifex [#60792] * Build fixes [#61739, #60894, #61740] 0.15.2 (unstable) * Add German and Finish translations * Better define the libtasn1 dependency * Crasher and bug fixes * Build fixes 0.15.1 (unstable) * Fix some memory leaks * Add a location for packages to drop module configs * Documentation updates and fixes * Add command line tool manual page * Remove unused err() function and friends * Move more code into common/ directory and refactor * Add a system trust policy module * Refactor how the p11-kit command line tool works * Add p11-kit extract and extract-trust commands * Don't complain if we cannot access ~/.pkcs11/pkcs11.conf * Refuse to load the p11-kit-proxy.so as a registered module * Don't fail initialization if last initialized module fails 0.14 * Change default for user-config to merge * Always URI-encode the 'id' attribute in PKCS#11 URIs * Expect a .module extension on module configs * Windows compatibility fixes * Testing fixes * Build fixes 0.13 * Don't allow reading of PIN files larger than 4096 bytes * If a module is not marked as critical then ignore init failure * Use preconditions to check for input problems and out of memory * Add enable-in and disable-in options to module config * Fix the flags in pin.h * Use gcc extensions to check varargs during compile * Fix crasher when a duplicate module is present * Fix broken hashmap behavior * Testing fixes * Win32 build fixes * 'p11-kit -h' now works * Documentation fixes 0.12 * Build fix 0.11 * Remove automatic reinitialization of PKCS#11 after forkdiff -r1.2 -r1.3 pkgsrc/security/p11-kit/Makefile
(ryoon)
@@ -1,22 +1,28 @@ | @@ -1,22 +1,28 @@ | |||
1 | # $NetBSD: Makefile,v 1.2 2012/10/23 18:16:39 asau Exp $ | 1 | # $NetBSD: Makefile,v 1.3 2016/03/13 03:10:36 ryoon Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= p11-kit-0.10 | 4 | DISTNAME= p11-kit-0.22.1 | |
5 | CATEGORIES= security | 5 | CATEGORIES= security | |
6 | MASTER_SITES= http://p11-glue.freedesktop.org/releases/ | 6 | MASTER_SITES= http://p11-glue.freedesktop.org/releases/ | |
7 | 7 | |||
8 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
9 | HOMEPAGE= http://p11-glue.freedesktop.org/ | 9 | HOMEPAGE= https://p11-glue.freedesktop.org/p11-kit.html | |
10 | COMMENT= PKCS#11 module manager | 10 | COMMENT= PKCS#11 module manager | |
11 | LICENSE= modified-bsd | 11 | LICENSE= modified-bsd | |
12 | 12 | |||
13 | GNU_CONFIGURE= yes | 13 | GNU_CONFIGURE= yes | |
14 | USE_LIBTOOL= yes | 14 | USE_LIBTOOL= yes | |
15 | USE_TOOLS+= pkg-config | |||
16 | ||||
17 | # dirfd(3) | |||
18 | CFLAGS.NetBSD+= -D_NETBSD_SOURCE | |||
15 | 19 | |||
16 | PKGCONFIG_OVERRIDE+= p11-kit/p11-kit-1.pc.in | 20 | PKGCONFIG_OVERRIDE+= p11-kit/p11-kit-1.pc.in | |
17 | 21 | |||
18 | PKG_SYSCONFSUBDIR= pkcs11 | 22 | PKG_SYSCONFSUBDIR= pkcs11 | |
19 | CONF_FILES+= share/examples/p11-kit/pkcs11.conf.example \ | 23 | CONF_FILES+= share/examples/p11-kit/pkcs11.conf.example \ | |
20 | ${PKG_SYSCONFDIR}/pkcs11.conf | 24 | ${PKG_SYSCONFDIR}/pkcs11.conf | |
21 | 25 | |||
26 | .include "../../devel/libffi/buildlink3.mk" | |||
27 | .include "../../security/libtasn1/buildlink3.mk" | |||
22 | .include "../../mk/bsd.pkg.mk" | 28 | .include "../../mk/bsd.pkg.mk" |
@@ -1,7 +1,7 @@ | @@ -1,7 +1,7 @@ | |||
1 | $NetBSD: distinfo,v 1.2 2015/11/04 01:17:53 agc Exp $ | 1 | $NetBSD: distinfo,v 1.3 2016/03/13 03:10:36 ryoon Exp $ | |
2 | 2 | |||
3 | SHA1 (p11-kit-0.10.tar.gz) = 861e8d19a2c578ef8009c8ac93975db9884bb002 | 3 | SHA1 (p11-kit-0.22.1.tar.gz) = f92e357ab9bdb27a5a22daa99d738e278f03c947 | |
4 | RMD160 (p11-kit-0.10.tar.gz) = f305a865b4d267b79abb183965704ae406e357ae | 4 | RMD160 (p11-kit-0.22.1.tar.gz) = 6e14580a0d81c9e41f9ff9f95a6f78c58102f8cf | |
5 | SHA512 (p11-kit-0.10.tar.gz) = 28f027e2604265a97a587743752c47fc19412dfea9ed0af89418bcf27eddd871b6cf12ea394d8a086df5d02f14a03ba1377a4560f0a2baf038cd8e66254c8004 | 5 | SHA512 (p11-kit-0.22.1.tar.gz) = 500b0c922e98ed2d28133f93629bf762b873c8f6c638ccb4ba2b4f2df548c519f8ce27f1efae66193f88027d1b548908dbe3f5e84106a52ab972e29771c1d37b | |
6 | Size (p11-kit-0.10.tar.gz) = 528279 bytes | 6 | Size (p11-kit-0.22.1.tar.gz) = 992099 bytes | |
7 | SHA1 (patch-aa) = 16b1ed56c062ed5fe3227489e8d44071882ac1df | 7 | SHA1 (patch-Makefile.in) = 1db1ed011c07bf7ac3022249e0f3b80630a6034e |
@@ -1,35 +1,58 @@ | @@ -1,35 +1,58 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.1.1.1 2012/02/03 14:43:12 drochner Exp $ | 1 | @comment $NetBSD: PLIST,v 1.2 2016/03/13 03:10:36 ryoon Exp $ | |
2 | bin/p11-kit | 2 | bin/p11-kit | |
3 | bin/trust | |||
4 | include/p11-kit-1/p11-kit/deprecated.h | |||
5 | include/p11-kit-1/p11-kit/iter.h | |||
3 | include/p11-kit-1/p11-kit/p11-kit.h | 6 | include/p11-kit-1/p11-kit/p11-kit.h | |
4 | include/p11-kit-1/p11-kit/pin.h | 7 | include/p11-kit-1/p11-kit/pin.h | |
5 | include/p11-kit-1/p11-kit/pkcs11.h | 8 | include/p11-kit-1/p11-kit/pkcs11.h | |
9 | include/p11-kit-1/p11-kit/pkcs11x.h | |||
10 | include/p11-kit-1/p11-kit/remote.h | |||
6 | include/p11-kit-1/p11-kit/uri.h | 11 | include/p11-kit-1/p11-kit/uri.h | |
7 | lib/libp11-kit.la | 12 | lib/libp11-kit.la | |
8 | lib/p11-kit-proxy.so | 13 | lib/p11-kit-proxy.so | |
14 | lib/p11-kit/p11-kit-remote | |||
15 | lib/p11-kit/trust-extract-compat | |||
16 | lib/pkcs11/p11-kit-trust.la | |||
9 | lib/pkgconfig/p11-kit-1.pc | 17 | lib/pkgconfig/p11-kit-1.pc | |
10 | share/examples/p11-kit/pkcs11.conf.example | 18 | share/examples/p11-kit/pkcs11.conf.example | |
11 | share/gtk-doc/html/p11-kit/api-index-full.html | |||
12 | share/gtk-doc/html/p11-kit/config-example.html | 19 | share/gtk-doc/html/p11-kit/config-example.html | |
13 | share/gtk-doc/html/p11-kit/config-format.html | 20 | share/gtk-doc/html/p11-kit/config-files.html | |
14 | share/gtk-doc/html/p11-kit/config-global.html | |||
15 | share/gtk-doc/html/p11-kit/config-locations.html | |||
16 | share/gtk-doc/html/p11-kit/config-module.html | |||
17 | share/gtk-doc/html/p11-kit/config.html | 21 | share/gtk-doc/html/p11-kit/config.html | |
22 | share/gtk-doc/html/p11-kit/devel-building-style.html | |||
23 | share/gtk-doc/html/p11-kit/devel-building.html | |||
24 | share/gtk-doc/html/p11-kit/devel-commands.html | |||
25 | share/gtk-doc/html/p11-kit/devel-debugging.html | |||
26 | share/gtk-doc/html/p11-kit/devel-paths.html | |||
27 | share/gtk-doc/html/p11-kit/devel-testing.html | |||
28 | share/gtk-doc/html/p11-kit/devel.html | |||
18 | share/gtk-doc/html/p11-kit/gtk-doc.css | 29 | share/gtk-doc/html/p11-kit/gtk-doc.css | |
19 | share/gtk-doc/html/p11-kit/home.png | 30 | share/gtk-doc/html/p11-kit/home.png | |
20 | share/gtk-doc/html/p11-kit/index.html | 31 | share/gtk-doc/html/p11-kit/index.html | |
21 | share/gtk-doc/html/p11-kit/index.sgml | 32 | share/gtk-doc/html/p11-kit/index.sgml | |
33 | share/gtk-doc/html/p11-kit/left-insensitive.png | |||
22 | share/gtk-doc/html/p11-kit/left.png | 34 | share/gtk-doc/html/p11-kit/left.png | |
35 | share/gtk-doc/html/p11-kit/p11-kit-Deprecated.html | |||
23 | share/gtk-doc/html/p11-kit/p11-kit-Future.html | 36 | share/gtk-doc/html/p11-kit/p11-kit-Future.html | |
24 | share/gtk-doc/html/p11-kit/p11-kit-Modules.html | 37 | share/gtk-doc/html/p11-kit/p11-kit-Modules.html | |
25 | share/gtk-doc/html/p11-kit/p11-kit-PIN-Callbacks.html | 38 | share/gtk-doc/html/p11-kit/p11-kit-PIN-Callbacks.html | |
26 | share/gtk-doc/html/p11-kit/p11-kit-URIs.html | 39 | share/gtk-doc/html/p11-kit/p11-kit-URIs.html | |
27 | share/gtk-doc/html/p11-kit/p11-kit-Utilities.html | 40 | share/gtk-doc/html/p11-kit/p11-kit-Utilities.html | |
28 | share/gtk-doc/html/p11-kit/p11-kit.devhelp2 | 41 | share/gtk-doc/html/p11-kit/p11-kit.devhelp2 | |
42 | share/gtk-doc/html/p11-kit/p11-kit.html | |||
43 | share/gtk-doc/html/p11-kit/pkcs11-conf.html | |||
29 | share/gtk-doc/html/p11-kit/reference.html | 44 | share/gtk-doc/html/p11-kit/reference.html | |
45 | share/gtk-doc/html/p11-kit/right-insensitive.png | |||
30 | share/gtk-doc/html/p11-kit/right.png | 46 | share/gtk-doc/html/p11-kit/right.png | |
31 | share/gtk-doc/html/p11-kit/sharing-initialize.html | 47 | share/gtk-doc/html/p11-kit/sharing-managed.html | |
32 | share/gtk-doc/html/p11-kit/sharing-module.html | |||
33 | share/gtk-doc/html/p11-kit/sharing.html | 48 | share/gtk-doc/html/p11-kit/sharing.html | |
34 | share/gtk-doc/html/p11-kit/style.css | 49 | share/gtk-doc/html/p11-kit/style.css | |
50 | share/gtk-doc/html/p11-kit/tools.html | |||
51 | share/gtk-doc/html/p11-kit/trust-disable.html | |||
52 | share/gtk-doc/html/p11-kit/trust-glib-networking.html | |||
53 | share/gtk-doc/html/p11-kit/trust-module.html | |||
54 | share/gtk-doc/html/p11-kit/trust-nss.html | |||
55 | share/gtk-doc/html/p11-kit/trust.html | |||
56 | share/gtk-doc/html/p11-kit/up-insensitive.png | |||
35 | share/gtk-doc/html/p11-kit/up.png | 57 | share/gtk-doc/html/p11-kit/up.png | |
58 | share/p11-kit/modules/p11-kit-trust.module |
$NetBSD: patch-Makefile.in,v 1.1 2016/03/13 03:10:36 ryoon Exp $
--- Makefile.in.orig 2015-12-07 13:51:02.000000000 +0000
+++ Makefile.in
@@ -1355,7 +1355,7 @@ libp11_kit_testable_la_LIBADD = $(libp11
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = p11-kit/p11-kit-1.pc
-exampledir = $(p11_system_config)
+exampledir = $(prefix)/share/examples/p11-kit
example_DATA = p11-kit/pkcs11.conf.example
p11_kit_p11_kit_SOURCES = \
p11-kit/lists.c \