summaryrefslogtreecommitdiff
path: root/packaging
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-03-09 22:56:17 -0400
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-03-09 22:56:17 -0400
commitffc22c69eb3376d0e7576f2be2e79e6a94375398 (patch)
tree23ee96981811674262a3e27a06a4c07652932613 /packaging
parent02ef7e000ee2ed085135905c7fecf2a342ae7fc5 (diff)
More FreeBSD packaging work: removing gnutls patches -- not needed for monkeysphere; updating maintainer scripts.
Diffstat (limited to 'packaging')
-rw-r--r--packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff144
-rwxr-xr-xpackaging/freebsd/security/monkeysphere/pkg-deinstall4
-rwxr-xr-xpackaging/freebsd/security/monkeysphere/pkg-install16
-rw-r--r--packaging/freebsd/security/monkeysphere/pkg-plist47
4 files changed, 42 insertions, 169 deletions
diff --git a/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff b/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff
deleted file mode 100644
index 2450bc3..0000000
--- a/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff
+++ /dev/null
@@ -1,144 +0,0 @@
---- ./lib/opencdk/opencdk.h.orig 2008-06-30 16:45:51.000000000 -0400
-+++ ./lib/opencdk/opencdk.h 2008-08-21 19:23:44.000000000 -0400
-@@ -214,7 +214,11 @@
- enum cdk_s2k_type_t {
- CDK_S2K_SIMPLE = 0,
- CDK_S2K_SALTED = 1,
-- CDK_S2K_ITERSALTED = 3
-+ CDK_S2K_ITERSALTED = 3,
-+ CDK_S2K_GNU_EXT = 101
-+ /* GNU S2K extensions: refer to DETAILS from GnuPG:
-+ http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/doc/DETAILS?root=GnuPG
-+ */
- };
-
-
---- ./lib/opencdk/read-packet.c.orig 2008-06-30 16:45:51.000000000 -0400
-+++ ./lib/opencdk/read-packet.c 2008-08-21 19:30:09.000000000 -0400
-@@ -78,10 +78,35 @@
- }
-
-
--static int
-+/* read about S2K at http://tools.ietf.org/html/rfc4880#section-3.7.1 */
-+static cdk_error_t
- read_s2k (cdk_stream_t inp, cdk_s2k_t s2k)
- {
-- return CDK_Not_Implemented;
-+ size_t nread;
-+
-+ s2k->mode = cdk_stream_getc (inp);
-+ s2k->hash_algo = cdk_stream_getc (inp);
-+ if (s2k->mode == CDK_S2K_SIMPLE)
-+ return 0;
-+ else if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
-+ {
-+ if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
-+ return CDK_Inv_Packet;
-+ if (nread != DIM (s2k->salt))
-+ return CDK_Inv_Packet;
-+
-+ if (s2k->mode == CDK_S2K_ITERSALTED)
-+ s2k->count = cdk_stream_getc (inp);
-+ }
-+ else if (s2k->mode == CDK_S2K_GNU_EXT)
-+ {
-+ /* GNU extensions to the S2K : read DETAILS from gnupg */
-+ return 0;
-+ }
-+ else
-+ return CDK_Not_Implemented;
-+
-+ return 0;
- }
-
-
-@@ -194,6 +219,7 @@
- static cdk_error_t
- read_symkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_symkey_enc_t ske)
- {
-+ cdk_error_t ret;
- cdk_s2k_t s2k;
- size_t minlen;
- size_t nread, nleft;
-@@ -213,7 +239,9 @@
- return CDK_Out_Of_Core;
-
- ske->cipher_algo = cdk_stream_getc (inp);
-- s2k->mode = cdk_stream_getc (inp);
-+ ret = read_s2k(inp, s2k);
-+ if (ret != 0)
-+ return ret;
- switch (s2k->mode)
- {
- case CDK_S2K_SIMPLE : minlen = 0; break;
-@@ -225,18 +253,6 @@
- return CDK_Inv_Packet;
- }
-
-- s2k->hash_algo = cdk_stream_getc (inp);
-- if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
-- {
-- if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
-- return CDK_Inv_Packet;
-- if (nread != DIM (s2k->salt))
-- return CDK_Inv_Packet;
--
-- if (s2k->mode == CDK_S2K_ITERSALTED)
-- s2k->count = cdk_stream_getc (inp);
-- }
--
- ske->seskeylen = pktlen - 4 - minlen;
- /* We check if there is an encrypted session key and if it fits into
- the buffer. The maximal key length is 256-bit. */
-@@ -421,14 +437,19 @@
- rc = read_s2k (inp, sk->protect.s2k);
- if (rc)
- return rc;
-- sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo);
-- if (!sk->protect.ivlen)
-- return CDK_Inv_Packet;
-- rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread);
-- if (rc)
-- return rc;
-- if (nread != sk->protect.ivlen)
-- return CDK_Inv_Packet;
-+ /* refer to --export-secret-subkeys in gpg(1) */
-+ if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT)
-+ sk->protect.ivlen = 0;
-+ else {
-+ sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo);
-+ if (!sk->protect.ivlen)
-+ return CDK_Inv_Packet;
-+ rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread);
-+ if (rc)
-+ return rc;
-+ if (nread != sk->protect.ivlen)
-+ return CDK_Inv_Packet;
-+ }
- }
- else
- sk->protect.algo = sk->s2k_usage;
-@@ -476,6 +497,22 @@
- return CDK_Out_Of_Core;
- if (stream_read (inp, sk->encdata, sk->enclen, &nread))
- return CDK_Inv_Packet;
-+ /* Handle the GNU S2K extensions we know (just gnu-dummy right now): */
-+ if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT) {
-+ unsigned char gnumode;
-+ if ((sk->enclen < strlen("GNU") + 1) ||
-+ (0 != memcmp("GNU", sk->encdata, strlen("GNU"))))
-+ return CDK_Inv_Packet;
-+ gnumode = sk->encdata[strlen("GNU")];
-+ /* we only handle gnu-dummy (mode 1).
-+ mode 2 should refer to external smart cards.
-+ */
-+ if (gnumode != 1)
-+ return CDK_Inv_Packet;
-+ /* gnu-dummy should have no more data */
-+ if (sk->enclen != strlen("GNU") + 1)
-+ return CDK_Inv_Packet;
-+ }
- nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo);
- if (!nskey)
- return CDK_Inv_Algo;
diff --git a/packaging/freebsd/security/monkeysphere/pkg-deinstall b/packaging/freebsd/security/monkeysphere/pkg-deinstall
index 3000878..3e69eab 100755
--- a/packaging/freebsd/security/monkeysphere/pkg-deinstall
+++ b/packaging/freebsd/security/monkeysphere/pkg-deinstall
@@ -4,9 +4,9 @@
# monkeysphere's debian/monkeysphere.postrm)
# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Copyright 2008
+# Copyright 2008,2009
-# FIXME: is /var/lib/monkeysphere the right place for this stuff on
+# FIXME: is /var/monkeysphere the right place for this stuff on
# FreeBSD?
VARLIB="/var/monkeysphere"
diff --git a/packaging/freebsd/security/monkeysphere/pkg-install b/packaging/freebsd/security/monkeysphere/pkg-install
index 70d37b5..435c69a 100755
--- a/packaging/freebsd/security/monkeysphere/pkg-install
+++ b/packaging/freebsd/security/monkeysphere/pkg-install
@@ -5,9 +5,9 @@
# debian/monkeysphere.postinst)
# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Copyright 2008
+# Copyright 2008,2009
-# FIXME: is /var/lib/monkeysphere the right place for this stuff on
+# FIXME: is /var/monkeysphere the right place for this stuff on
# FreeBSD?
# PostgreSQL puts its data in /usr/local/pgsql/data
@@ -57,16 +57,8 @@ POST-INSTALL)
fi
fi
- ## set up the cache directories, and link them to the config files:
+ ## set up the monkeysphere authentication cache directory:
- install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host
- ln -sf "$ETCDIR"/gnupg-host.conf "$VARLIB"/gnupg-host/gpg.conf
-
- install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication
- ln -sf "$ETCDIR"/gnupg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf
-
- install -d "$VARLIB"/tmp "$VARLIB"/authorized_keys
-
- monkeysphere-server diagnostics
+ monkeysphere-authentication setup
;;
esac
diff --git a/packaging/freebsd/security/monkeysphere/pkg-plist b/packaging/freebsd/security/monkeysphere/pkg-plist
index 9d9d40a..b52f998 100644
--- a/packaging/freebsd/security/monkeysphere/pkg-plist
+++ b/packaging/freebsd/security/monkeysphere/pkg-plist
@@ -1,24 +1,49 @@
-sbin/monkeysphere-server
+sbin/monkeysphere-host
+sbin/monkeysphere-authentication
share/doc/monkeysphere/TODO
share/doc/monkeysphere/MonkeySpec
share/doc/monkeysphere/getting-started-user.mdwn
share/doc/monkeysphere/getting-started-admin.mdwn
bin/openpgp2ssh
-bin/monkeysphere-ssh-proxycommand
+bin/pem2openpgp
bin/monkeysphere
+share/monkeysphere/mh
+share/monkeysphere/mh/publish_key
+share/monkeysphere/mh/import_key
+share/monkeysphere/mh/set_expire
+share/monkeysphere/mh/diagnostics
+share/monkeysphere/mh/add_hostname
+share/monkeysphere/mh/add_revoker
+share/monkeysphere/mh/revoke_hostname
+share/monkeysphere/mh/revoke_key
+share/monkeysphere/keytrans
+share/monkeysphere/defaultenv
+share/monkeysphere/VERSION
+share/monkeysphere/transitions
+share/monkeysphere/transitions/0.23
+share/monkeysphere/transitions/README.txt
+share/monkeysphere/ma
+share/monkeysphere/ma/list_certifiers
+share/monkeysphere/ma/add_certifier
+share/monkeysphere/ma/update_users
+share/monkeysphere/ma/setup
+share/monkeysphere/ma/remove_certifier
+share/monkeysphere/ma/diagnostics
share/monkeysphere/common
+share/monkeysphere/m
+share/monkeysphere/m/gen_subkey
+share/monkeysphere/m/ssh_proxycommand
+share/monkeysphere/m/subkey_to_ssh_agent
+share/monkeysphere/m/import_subkey
@unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.conf; fi
etc/monkeysphere/monkeysphere.conf.sample
@exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F %B/monkeysphere.conf; fi
-@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/etc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/monkeysphere-server.conf; fi
-etc/monkeysphere/monkeysphere-server.conf.sample
-@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -p %D/%F %B/monkeysphere-server.conf; fi
-@unexec if cmp -s %D/etc/monkeysphere/gnupg-host.conf.sample %D/etc/monkeysphere/gnupg-host.conf; then rm -f %D/etc/monkeysphere/gnupg-host.conf; fi
-etc/monkeysphere/gnupg-host.conf.sample
-@exec if [ ! -f %D/etc/monkeysphere/gnupg-host.conf ] ; then cp -p %D/%F %B/gnupg-host.conf; fi
-@unexec if cmp -s %D/etc/monkeysphere/gnupg-authentication.conf.sample %D/etc/monkeysphere/gnupg-authentication.conf; then rm -f %D/etc/monkeysphere/gnupg-authentication.conf; fi
-etc/monkeysphere/gnupg-authentication.conf.sample
-@exec if [ ! -f %D/etc/monkeysphere/gnupg-authentication.conf ] ; then cp -p %D/%F %B/gnupg-authentication.conf; fi
+@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-host.conf.sample %D/etc/monkeysphere/monkeysphere-host.conf; then rm -f %D/etc/monkeysphere/monkeysphere-host.conf; fi
+etc/monkeysphere/monkeysphere-host.conf.sample
+@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-host.conf ] ; then cp -p %D/%F %B/monkeysphere-host.conf; fi
+@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-authentication.conf.sample %D/etc/monkeysphere/monkeysphere-authentication.conf; then rm -f %D/etc/monkeysphere/monkeysphere-authentication.conf; fi
+etc/monkeysphere/monkeysphere-authentication.conf.sample
+@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-authentication.conf ] ; then cp -p %D/%F %B/monkeysphere-authentication.conf; fi
@dirrm share/doc/monkeysphere
@dirrm share/monkeysphere
@dirrm etc/monkeysphere