Update to 0.13.0, based on wip/opensc (which is a post 0.13.0 git

snapshot) by Richard Hansen of BBN.

Mostly the update is straightforward, with a bit more effort to avoid
pthreads.  (Threads are not ok because pam modules dlopen opensc, and
pam modules are used from nonthreaded programs.)

New in 0.13.0; 2012-12-04
* New card driver ePass2003.
* OpenPGP card:
  greatly improved card driver and PKCS#15 emulation;
  implemented write (pkcs15init) mode;
  greatly enhanced documentation and tools.
* ECDSA keys supported in 'read' and 'write' modes by
  internal PKCS#15 library, PKCS#11 and tools.
* Minidriver in 'write' mode.
* SM: secure messaging in GlobalPlatform-SP01 and CW14890 specifications;
      supported by ePass2003, IAS/ECC and AuthentIC cards;
      "ACL" and "APDU" modes to trigger secure messaging session;
      'local' version of the external secure messaging module.
* PKCS#15: support of 'secret-key' PKCS#15 objects
           support of 'authentication-object' PKCS#15 objects
           support of 'algReference' common key PKCS#15 attribute
           support of 'algReference' common key PKCS#15 attribute
           support of 'subjectName' common public key PKCS#15 attribute
* PKCS#11: removed 'onepin' version of pkcs#11 module
           configuration options to expose slots for PINs and present on-card applications.
           support GOSTR3410 generate key mechanism
* Support of PACE reader.
* Remove libltdl reference.
* ECDSA supported by MyEID card
* New card driver for the SmartCard-HSM, a light-weight hardware security module
* New useful commands in 'opensc-explorer' tool: 'find', 'put-data', ...
* fixed SIGV issue due to the unsupported public key format
* fixes for the number of documentation issues

10 files changed, 105 insertions, 49 deletions

diff --git a/security/opensc/patches/patch-aa b/security/opensc/patches/patch-aa
index 2c69de0150e..3bf256d0494 100644
--- a/security/opensc/patches/patch-aa
+++ b/security/opensc/patches/patch-aa
@@ -1,21 +1,19 @@
-$NetBSD: patch-aa,v 1.3 2012/11/30 14:44:34 gdt Exp $
+$NetBSD: patch-aa,v 1.4 2014/03/14 20:49:56 gdt Exp $
 
 Disable installation of config file, because pkgsrc installs config
 files as examples.
 
---- etc/Makefile.in.orig	2011-07-15 10:47:01.000000000 +0000
-+++ etc/Makefile.in
-@@ -466,12 +466,7 @@ opensc.conf: opensc.conf.in force
- 		-e 's|@pkgdatadir[@]|$(pkgdatadir)|g' \
- 		-e 's|@DEFAULT_PCSC_PROVIDER[@]|$(DEFAULT_PCSC_PROVIDER)|g' \
+--- etc/Makefile.am.orig	2012-12-04 14:43:40.000000000 +0000
++++ etc/Makefile.am
+@@ -22,11 +22,3 @@ opensc.conf: opensc.conf.in force
+ 		-e 's|@DEFAULT_SM_MODULE[@]|$(DEFAULT_SM_MODULE)|g' \
+ 		-e 's|@DEBUG_FILE[@]|$(DEBUG_FILE)|g' \
  		< $< > $@
--install-exec-hook:	install-sysconfDATA opensc.conf
+-
+-install-exec-hook: opensc.conf
+-	$(MKDIR_P) "$(DESTDIR)$(sysconfdir)"
 -	if [ -f "$(DESTDIR)$(sysconfdir)/opensc.conf" ]; then \
 -		$(INSTALL_DATA) opensc.conf "$(DESTDIR)$(sysconfdir)/opensc.conf.new"; \
 -	else \
 -		$(INSTALL_DATA) opensc.conf "$(DESTDIR)$(sysconfdir)/opensc.conf"; \
 -	fi
-+install-exec-hook:
- 
- # Tell versions [3.59,3.63) of GNU make to not export all variables.
- # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/security/opensc/patches/patch-ab b/security/opensc/patches/patch-ab
index e1f5778a228..7673c20bf91 100644
--- a/security/opensc/patches/patch-ab
+++ b/security/opensc/patches/patch-ab
@@ -1,15 +1,15 @@
-$NetBSD: patch-ab,v 1.3 2012/11/30 14:44:34 gdt Exp $
+$NetBSD: patch-ab,v 1.4 2014/03/14 20:49:56 gdt Exp $
 
 This patch was added 2009-09-10 by hasso@, with comment:
   More userfriendly default configuration.
 
---- etc/opensc.conf.in.orig	2011-07-05 11:28:53.000000000 +0000
+--- etc/opensc.conf.in.orig	2012-12-04 14:43:40.000000000 +0000
 +++ etc/opensc.conf.in
-@@ -309,6 +309,7 @@ app default {
+@@ -453,6 +453,7 @@ app default {
  		#
  		# Default: no
  		# try_emulation_first = yes;
 +		try_emulation_first = yes;
- 		
+ 
  		# Enable builtin emulators.
  		# Default: yes
diff --git a/security/opensc/patches/patch-bootstrap b/security/opensc/patches/patch-bootstrap
new file mode 100644
index 00000000000..a9aeeb0f948
--- /dev/null
+++ b/security/opensc/patches/patch-bootstrap
@@ -0,0 +1,18 @@
+$NetBSD: patch-bootstrap,v 1.1 2014/03/14 20:49:56 gdt Exp $
+
+  * fix sed regular expressions to be POSIX BREs (change '\s' to
+    '[[:space:]]', '+' to '\{1,\}') (not yet reported upstream)
+  * quote $SUFFIX and $REVISION variable expansions (not yet reported
+    upstream)
+
+--- bootstrap.orig	2012-12-04 14:43:40.000000000 +0000
++++ bootstrap
+@@ -9,7 +9,7 @@ rm -rf *~ *.cache *.m4 config.guess conf
+ 
+ if test ! -z "$1"; then
+     cp configure.ac configure.ac.orig
+-    sed 's/^define(\[PACKAGE_SUFFIX\],\s*\[\([-~]*[0-9a-zA-Z]*\)\])$/define(\[PACKAGE_SUFFIX\], \['$1'\])/g' configure.ac.orig > configure.ac
++    sed 's/^define(\[PACKAGE_SUFFIX\],[[:space:]]*\[\([-~]*[0-9a-zA-Z]*\)\])$/define(\[PACKAGE_SUFFIX\], \['"$SUFFIX"'\])/g' configure.ac.orig > configure.ac
+ fi
+ 
+ autoreconf --verbose --install --force
diff --git a/security/opensc/patches/patch-configure b/security/opensc/patches/patch-configure
deleted file mode 100644
index 3d72797462e..00000000000
--- a/security/opensc/patches/patch-configure
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-configure,v 1.2 2012/11/30 14:44:35 gdt Exp $
-
-Make sure we do not link against -lpthread, as we only need mutexes
-that can be found in libc.
-
-Linking with -lpthread hurst with opensc-pkcs11.so since NetBSD-6.0
-libpthread cannot be loaded by dlopen()
-
---- configure.orig	2011-07-15 10:46:59.000000000 +0000
-+++ configure
-@@ -12903,6 +12903,15 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
- 
- acx_pthread_ok=no
- 
-+case "${host_cpu}-${host_os}" in
-+        *netbsd*)
-+		acx_pthread_ok=yes
-+		PTHREAD_CFLAGS=""
-+		PTHREAD_LIBS=""
-+		LIBS="$LIBS -lltdl"
-+	;;
-+esac
-+
- # We used to check for pthread.h first, but this fails if pthread.h
- # requires special compiler flags (e.g. on True64 or Sequent).
- # It gets checked for in the link test anyway.
diff --git a/security/opensc/patches/patch-configure.ac b/security/opensc/patches/patch-configure.ac
new file mode 100644
index 00000000000..f5ab759b104
--- /dev/null
+++ b/security/opensc/patches/patch-configure.ac
@@ -0,0 +1,43 @@
+$NetBSD: patch-configure.ac,v 1.1 2014/03/14 20:49:56 gdt Exp $
+
+Patch taken from upstream post 0.13.0:
+  https://github.com/OpenSC/OpenSC/commit/11ff81367af9bc9dce2cbcb550cc463552a3b69e
+
+--- configure.ac.orig	2012-12-04 14:43:40.000000000 +0000
++++ configure.ac
+@@ -286,23 +286,19 @@ AC_CHECK_LIB(
+ 
+ if test "${WIN32}" = "no"; then
+ 	dnl dl support
+-	AC_CHECK_LIB(
+-		[dl],
+-		[dlopen],
+-		,
+-		[AC_MSG_ERROR([libdl required])]
+-	)
++	dnl https://github.com/OpenSC/OpenSC/commit/11ff81367af9bc9dce2cbcb550cc463552a3b69e
++	AC_SEARCH_LIBS([dlopen], [dl dld], [], [
++				 AC_MSG_ERROR([unable to find the dlopen() function])
++				 ])
++
++case "${host_cpu}-${host_os}" in
++        *netbsd*)
++		acx_pthread_ok=yes
++		PTHREAD_CFLAGS=""
++		PTHREAD_LIBS=""
++	;;
++esac
+ 
+-	dnl Special check for pthread support.
+-	AX_PTHREAD(
+-		[AC_DEFINE(
+-			[HAVE_PTHREAD],
+-			[1],
+-			[Define if you have POSIX threads libraries and header files.]
+-		)],
+-		[AC_MSG_ERROR([POSIX thread support required])]
+-	)
+-	CC="${PTHREAD_CC}"
+ fi
+ 
+ if test "${enable_minidriver}" = "yes"; then
diff --git a/security/opensc/patches/patch-src_common_compat__getopt.c b/security/opensc/patches/patch-src_common_compat__getopt.c
index 9191b525901..2e3ae7bea5f 100644
--- a/security/opensc/patches/patch-src_common_compat__getopt.c
+++ b/security/opensc/patches/patch-src_common_compat__getopt.c
@@ -1,8 +1,8 @@
-$NetBSD: patch-src_common_compat__getopt.c,v 1.1 2012/11/30 14:44:35 gdt Exp $
+$NetBSD: patch-src_common_compat__getopt.c,v 1.2 2014/03/14 20:49:56 gdt Exp $
 
 See comment in patch-src_common_compat__getopt.h.
 
---- src/common/compat_getopt.c.orig	2011-07-05 11:28:53.000000000 +0000
+--- src/common/compat_getopt.c.orig	2012-12-04 14:43:40.000000000 +0000
 +++ src/common/compat_getopt.c
 @@ -25,7 +25,7 @@
  
diff --git a/security/opensc/patches/patch-src_common_compat__getopt.h b/security/opensc/patches/patch-src_common_compat__getopt.h
index 976c8504031..1c7b6019695 100644
--- a/security/opensc/patches/patch-src_common_compat__getopt.h
+++ b/security/opensc/patches/patch-src_common_compat__getopt.h
@@ -1,4 +1,4 @@
-$NetBSD: patch-src_common_compat__getopt.h,v 1.1 2012/11/30 14:44:35 gdt Exp $
+$NetBSD: patch-src_common_compat__getopt.h,v 1.2 2014/03/14 20:49:56 gdt Exp $
 
 NetBSD has getopt_long but not getopt_long_only.  Replacing
 getopt_long causes a type conflict with the built-in implementation.
@@ -6,9 +6,13 @@ The replacement is unnecesssary because getopt_long_only is not
 actually used.
 
 Reported upstream:
+http://article.gmane.org/gmane.comp.encryption.opensc.user/5931
+
+The following is the original mail archive URL, but it currently
+yields a '404 not found' error:
 https://www.opensc-project.org/pipermail/opensc-devel/2012-November/018668.html
 
---- src/common/compat_getopt.h.orig	2011-07-05 11:28:53.000000000 +0000
+--- src/common/compat_getopt.h.orig	2012-12-04 14:43:40.000000000 +0000
 +++ src/common/compat_getopt.h
 @@ -30,7 +30,7 @@
  #include "config.h"
diff --git a/security/opensc/patches/patch-src_common_compat__getopt__main.c b/security/opensc/patches/patch-src_common_compat__getopt__main.c
index 101d1bb10ee..90b1e8ca6fc 100644
--- a/security/opensc/patches/patch-src_common_compat__getopt__main.c
+++ b/security/opensc/patches/patch-src_common_compat__getopt__main.c
@@ -1,10 +1,10 @@
-$NetBSD: patch-src_common_compat__getopt__main.c,v 1.1 2012/11/30 14:44:35 gdt Exp $
+$NetBSD: patch-src_common_compat__getopt__main.c,v 1.2 2014/03/14 20:49:56 gdt Exp $
 
 See comment in patch-src_common_compat__getopt.h.  In addition, a
 kludge is added here to get the test file to build, pending a new
 release from upstream with the issue properly addressed.
 
---- src/common/compat_getopt_main.c.orig	2011-07-05 11:28:53.000000000 +0000
+--- src/common/compat_getopt_main.c.orig	2012-12-04 14:43:40.000000000 +0000
 +++ src/common/compat_getopt_main.c
 @@ -173,6 +173,8 @@ main(int argc, char * argv[])
                progname);
diff --git a/security/opensc/patches/patch-src_libopensc_log.c b/security/opensc/patches/patch-src_libopensc_log.c
new file mode 100644
index 00000000000..7bac58392f3
--- /dev/null
+++ b/security/opensc/patches/patch-src_libopensc_log.c
@@ -0,0 +1,19 @@
+$NetBSD: patch-src_libopensc_log.c,v 1.1 2014/03/14 20:49:56 gdt Exp $
+
+--- src/libopensc/log.c.orig	2012-12-04 14:43:40.000000000 +0000
++++ src/libopensc/log.c
+@@ -91,7 +91,13 @@ static void sc_do_log_va(sc_context_t *c
+ 	gettimeofday (&tv, NULL);
+ 	tm = localtime (&tv.tv_sec);
+ 	strftime (time_string, sizeof(time_string), "%H:%M:%S", tm);
+-	r = snprintf(p, left, "0x%lx %s.%03ld ", (unsigned long)pthread_self(), time_string, tv.tv_usec / 1000);
++	r = snprintf(p, left, "0x%lx %s.%03ld ",
++#ifdef HAVE_PTHREAD
++		     (unsigned long)pthread_self(),
++#else
++		     (unsigned long) 0,
++#endif
++		     time_string, tv.tv_usec / 1000);
+ #endif
+ 	p += r;
+ 	left -= r;
diff --git a/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c b/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
index 7776a9e7b67..3b1ae8c36d2 100644
--- a/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
+++ b/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
@@ -1,10 +1,10 @@
-$NetBSD: patch-src_pkcs11_pkcs11-global.c,v 1.2 2012/11/30 14:44:35 gdt Exp $
+$NetBSD: patch-src_pkcs11_pkcs11-global.c,v 1.3 2014/03/14 20:49:56 gdt Exp $
 
 Use correct size for malloc.
 
 Not yet reported upstream.
 
---- src/pkcs11/pkcs11-global.c.orig	2011-07-05 11:28:53.000000000 +0000
+--- src/pkcs11/pkcs11-global.c.orig	2012-12-04 14:43:40.000000000 +0000
 +++ src/pkcs11/pkcs11-global.c
 @@ -42,7 +42,7 @@ extern CK_FUNCTION_LIST pkcs11_function_
  #include <pthread.h>