From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D256D1382C5 for ; Sun, 11 Apr 2021 19:48:12 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5D75AE0822; Sun, 11 Apr 2021 19:48:11 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3A312E0822 for ; Sun, 11 Apr 2021 19:48:11 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id BD8E7340CD0 for ; Sun, 11 Apr 2021 19:48:09 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 3DACE647 for ; Sun, 11 Apr 2021 19:48:08 +0000 (UTC) From: "Conrad Kostecki" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Conrad Kostecki" Message-ID: <1618169421.2d4d861149374fc302f73d3cf91835656d85ae70.conikost@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/opencryptoki/ X-VCS-Repository: repo/gentoo X-VCS-Files: dev-libs/opencryptoki/opencryptoki-3.6.1-r1.ebuild X-VCS-Directories: dev-libs/opencryptoki/ X-VCS-Committer: conikost X-VCS-Committer-Name: Conrad Kostecki X-VCS-Revision: 2d4d861149374fc302f73d3cf91835656d85ae70 X-VCS-Branch: master Date: Sun, 11 Apr 2021 19:48:08 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: a5ef9997-7751-4432-93f7-1b0afbd64dd1 X-Archives-Hash: f3df942fb0983dcf867966028ace28a2 commit: 2d4d861149374fc302f73d3cf91835656d85ae70 Author: Conrad Kostecki gentoo org> AuthorDate: Sun Apr 11 19:30:21 2021 +0000 Commit: Conrad Kostecki gentoo org> CommitDate: Sun Apr 11 19:30:21 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d4d8611 dev-libs/opencryptoki: migrate to GLEP 81 Closes: https://bugs.gentoo.org/781563 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Conrad Kostecki gentoo.org> dev-libs/opencryptoki/opencryptoki-3.6.1-r1.ebuild | 102 +++++++++++++++++++++ 1 file changed, 102 insertions(+) diff --git a/dev-libs/opencryptoki/opencryptoki-3.6.1-r1.ebuild b/dev-libs/opencryptoki/opencryptoki-3.6.1-r1.ebuild new file mode 100644 index 00000000000..a391a24d3fa --- /dev/null +++ b/dev-libs/opencryptoki/opencryptoki-3.6.1-r1.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools flag-o-matic + +DESCRIPTION="PKCS#11 provider cryptographic hardware" +HOMEPAGE="https://sourceforge.net/projects/opencryptoki" +SRC_URI="mirror://sourceforge/opencryptoki/${PV}/${P}.tgz" +S="${WORKDIR}/${PN}" + +# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA +# token sources are under CPL-1.0 already. +LICENSE="CPL-0.5" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~s390 ~x86" +IUSE="debug libressl +tpm" + +DEPEND=" + tpm? ( app-crypt/trousers ) + !libressl? ( >=dev-libs/openssl-1.1.0:0= ) + libressl? ( >=dev-libs/libressl-2.7.0:0= ) +" +RDEPEND=" + ${DEPEND} + acct-group/pkcs11 +" + +DOCS=( + README AUTHORS FAQ TODO + doc/openCryptoki-HOWTO.pdf +) + +# tests right now basically don't exist; the only available thing would +# test against an installed copy and would kill a running pcscd, all +# things that we're not interested to. +RESTRICT=test + +src_prepare() { + default + mv configure.in configure.ac || die + eautoreconf +} + +src_configure() { + # package uses ${localstatedir}/lib as the default path, so if we + # leave it to econf, it'll create /var/lib/lib. + + # Since upstream by default seem to enable any possible token, even + # when they don't seem to be used, we limit ourselves to the + # software emulation token (swtok) and if the user enabled the tpm + # USE flag, tpmtok. The rest of the tokens seem to be hardware- or + # software-dependent even when they build fine without their + # requirements, but until somebody asks for those, I'd rather not + # enable them. + + # We don't use --enable-debug because that tinkers with the CFLAGS + # and we don't want that. Instead we append -DDEBUG which enables + # debug information. + use debug && append-flags -DDEBUG + + econf \ + --localstatedir=/var \ + --enable-fast-install \ + --disable-debug \ + --enable-daemon \ + --enable-library \ + --disable-icatok \ + --enable-swtok \ + $(use_enable tpm tpmtok) \ + --disable-ccatok +} + +src_install() { + default + + find "${ED}" -name '*.la' -delete || die + + # Install libopencryptoki in the standard directory for libraries. + mv "${ED}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${ED}"/usr/$(get_libdir) || die + rm "${ED}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so || die + dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so + + # Remove compatibility symlinks as we _never_ required those and + # they seem unused even upstream. + find "${ED}" -name 'PKCS11_*' -delete || die + + # We replace their ld.so and init files (mostly designed for RedHat + # as far as I can tell) with our own replacements. + rm -rf "${ED}"/etc/ld.so.conf.d "${ED}"/etc/rc.d || die + + # make sure that we don't modify the init script if the USE flags + # are enabled for the needed services. + cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init || die + use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init + newinitd "${T}/pkcsslotd.init" pkcsslotd + + # We create /var dirs at runtime as needed, so don't bother installing + # our own. + rm -r "${ED}"/var/{lib,lock} || die +}