Update to 0.12.2.

Thanks to manu@ for testing and resolving pcsc-lite ptthread leakage problems. Note that pcsc-lite and openct should be an options group. Disable some obsolete CONFIGURE_ARGS. Work around assumption that either getopt_long_only is present or allgetopt functions must be provided. Finnish EID patches have been applied upstream (from whence they came, perhaps). From upstream NEWS: Complete change history is available online: http://www.opensc-project.org/opensc/timeline New in 0.12.2; 2011-07-15 * Builds are now silent by default when OpenSC is built from source on Unix. * Using --wait with command line tools works with 64bit Linux again. * Greatly improved OpenPGP card support, including OpenPGP 2.0 cards like the one found in German Privacy Foundation CryptoStick. * Fixed support for FINeID cards issued after 01.03.2011 with 2048bit keys. * #256: Fixed support for TCOS cards (broken since 0.12.0). * Added support for IDKey-cards to TCOS3 driver. * #361: Improved PC/SC driver to fetch the maximum PIN sizes from the open source CCID driver. This fixes the issue for Linux/OSX with recent driver. * WindowsInstaller now installs only static DLL-s (PKCS#11, minidriver) to system folder. * Fix FINeID cards for organizations. * Several smaller bugs and compiler warnings fixed. New in 0.12.1; 2011-05-17 * New card driver: IAS/ECC 1.0.1 * rutoken-tool has been deprecated and removed. * eidenv and piv-tool utilities now have manual pages. * pkcs11-tool now requires the use of --module parameter. * All tools can now use an ATR as an argument to --reader, to skip to the card with given ATR. * opensc-tool -l with -v now shows information about the inserted cards. * Creating files have an enforced upper size limit, 64K * Support for multiple PKCS#15 applications with different AID-s. PKCS#15 applications can be listed with pkcs15-tool --list-applications. Binding to a specific AID with PKCS#15 tools can be done with --aid. * Hex strings (like card ATR or APDU-s) can now be separated by space, in addition to colons. * Pinpad readers known to be bogus are now ignored by OpenSC. At the moment only "HP USB Smart Card Keyboard" is disabled. * Windows installer is now distributed as a statically built MSI, for both x86 and x64. * Numerous compiler warnings, unused code and internal bugs have been eliminated. New in 0.12.0; 2010-12-22 * OpenSC uses a single reader driver, specified at compile time. * New card driver: Italian eID (CNS) by Emanuele Pucciarelli. * New card driver: Portuguese eID by João Poupino. * New card driver: westcos by François Leblanc. * pkcs11-tool can use a slot based on ID, label or index in the slot list. * PIN flags are updated from supported cards when C_GetTokenInfo is called. * Support for CardOS 4.4 cards added. * Fature to exclude readers from OpenSC PKCS#11 via "ignored_readers" configuration file entry. * #229: Support semi-automatic fixes to cards personalized with older and broken OpenSC versions. * Software keys removed from pkcs15-init and the PKCS#11 module. OpenSC can either generate keys on card or import plaintext keys to the card, but will never generate plaintext key material in software by itself. All traces of a software token (PKCS#15 Section 7) shall be removed. * Updates to PC/SC driver to build with pcsc-lite >= 1.6.2 * Build script for a binary Mac OS X installer for 10.5 and 10.6 systems. Binary installer includes OpenSC.tokend for platform integration. 10.6 installer includes engine_pkcs11. * Modify Rutoken S binary interfaces by Aktiv Co. * Support GOST R 34.10-2001 and GOST R 34.11-94 by Aktiv Co. * CardOS driver now emulates sign on rsa keys with sign+decrypt usage with padding and decrypt(). This is compatible with old cards and card initialized by Siemens software. Removed "--split-key" option, as it is no longer needed. * Improved debugging support: debug level 3 will show everything except of ASN1 and card matching debugging (usualy not needed). * Massive changes to libopensc. This library is now internal, only used by opensc-pkcs11.so and command line tools. Header files are no longer installed, library should not be used by other applications. Please use generic PKCS#11 interface instead. * #include file statements cleaned up: first include "config.h", then system headers, then additional libraries, then headers in opensc (but from other directories), then header files from same directory. Fix path to reference headers, remove src/include/ directory. * Various source code fixes and improvements. * OpenSC now depends on xsltproc utility and docbook-xsl to build docs and man * Remove iconv dependency. EstEID driver now uses the commonName from the certificate for card label. * Possibility to change the default behavior for card resets via opensc.conf.
author: gdt <gdt> 2012-11-30 14:44:34 +0000
committer: gdt <gdt> 2012-11-30 14:44:34 +0000
commit: 73957c075dff2b0a26f6b49971ea1032dcb08133 (patch)
tree: a8d0bafdb545caa01c394ac40500dc0ca761a912 /security
parent: ebcc6ca2983acaed0fda42145693709de83bfbe3 (diff)
download: pkgsrc-73957c075dff2b0a26f6b49971ea1032dcb08133.tar.gz
20 files changed, 137 insertions, 387 deletions
diff --git a/security/opensc/Makefile b/security/opensc/Makefile
index f72fff498d9..2c46c56421d 100644
--- a/security/opensc/Makefile
+++ b/security/opensc/Makefile
@@ -1,13 +1,11 @@
-# $NetBSD: Makefile,v 1.11 2012/10/24 08:33:51 manu Exp $
+# $NetBSD: Makefile,v 1.12 2012/11/30 14:44:34 gdt Exp $
 
 COMMENT=		Smart Card drivers and middleware
 LICENSE=		gnu-lgpl-v2.1
 
 .include "../../security/opensc/Makefile.common"
 
-PKGREVISION=	4
-
-CONFIGURE_ARGS+=	--disable-nsplugin
+CONFIGURE_ARGS+=	--with-xsl-stylesheetsdir=${BUILDLINK_PREFIX.docbook-xsl}/share/xsl/docbook
 
 EGDIR=			${PREFIX}/share/examples/opensc
 CONF_FILES+=		${EGDIR}/opensc.conf ${PKG_SYSCONFDIR}/opensc.conf
@@ -16,6 +14,10 @@ INSTALLATION_DIRS=	${EGDIR}
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/etc/opensc.conf ${DESTDIR}${EGDIR}
 
+# build tools for doc
+.include "../../textproc/libxslt/buildlink3.mk"
+.include "../../textproc/docbook-xsl/buildlink3.mk"
+
 .include "../../devel/libltdl/buildlink3.mk"
 .include "../../devel/readline/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
diff --git a/security/opensc/Makefile.common b/security/opensc/Makefile.common
index 00cf0039038..28f82de5125 100644
--- a/security/opensc/Makefile.common
+++ b/security/opensc/Makefile.common
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.8 2012/10/24 08:33:51 manu Exp $
+# $NetBSD: Makefile.common,v 1.9 2012/11/30 14:44:34 gdt Exp $
 #
 # used by security/opensc/Makefile
 # used by security/opensc-signer/Makefile
 
-OPENSC_PKG_VERSION=	0.11.13
+OPENSC_PKG_VERSION=	0.12.2
 DISTNAME=		opensc-${OPENSC_PKG_VERSION}
 CATEGORIES=		security
 MASTER_SITES=		http://www.opensc-project.org/files/opensc/
@@ -20,8 +20,10 @@ USE_TOOLS+=		gmake pkg-config
 
 .include "options.mk"
 
-CONFIGURE_ARGS+=	--with-openssl=${SSLBASE:Q}
+# Previous versions needed these, but 0.12.2 configure does not
+# recognize them.
+#CONFIGURE_ARGS+=	--with-openssl=${SSLBASE:Q}
+#CONFIGURE_ARGS+=	--disable-sensitive-logging
+
 CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+=	--disable-sensitive-logging
 CONFIGURE_ENV+=		PCSC_CFLAGS=-I${PREFIX}/include/PCSC
-
diff --git a/security/opensc/PLIST b/security/opensc/PLIST
index 2cb40d5d029..a6d783ee506 100644
--- a/security/opensc/PLIST
+++ b/security/opensc/PLIST
@@ -1,10 +1,8 @@
-@comment $NetBSD: PLIST,v 1.5 2010/09/01 15:59:22 drochner Exp $
-bin/cardos-info
+@comment $NetBSD: PLIST,v 1.6 2012/11/30 14:44:34 gdt Exp $
 bin/cardos-tool
 bin/cryptoflex-tool
 bin/eidenv
 bin/netkey-tool
-bin/opensc-config
 bin/opensc-explorer
 bin/opensc-tool
 bin/piv-tool
@@ -12,113 +10,43 @@ bin/pkcs11-tool
 bin/pkcs15-crypt
 bin/pkcs15-init
 bin/pkcs15-tool
-bin/rutoken-tool
 bin/westcos-tool
-include/opensc/asn1.h
-include/opensc/cardctl.h
-include/opensc/compression.h
-include/opensc/emv.h
-include/opensc/errors.h
-include/opensc/log.h
-include/opensc/opensc.h
-include/opensc/pkcs11-opensc.h
-include/opensc/pkcs11.h
-include/opensc/pkcs15-init.h
-include/opensc/pkcs15.h
-include/opensc/scconf.h
-include/opensc/types.h
-include/opensc/ui.h
 lib/libopensc.la
-lib/libpkcs15init.la
-lib/libscconf.la
 lib/onepin-opensc-pkcs11.la
 lib/opensc-pkcs11.la
 lib/pkcs11-spy.la
 lib/pkcs11/onepin-opensc-pkcs11.so
 lib/pkcs11/opensc-pkcs11.so
 lib/pkcs11/pkcs11-spy.so
-lib/pkgconfig/libopensc.pc
-lib/pkgconfig/libpkcs15init.pc
-lib/pkgconfig/libscconf.pc
 man/man1/cardos-tool.1
 man/man1/cryptoflex-tool.1
+man/man1/eidenv.1
 man/man1/netkey-tool.1
-man/man1/opensc-config.1
 man/man1/opensc-explorer.1
 man/man1/opensc-tool.1
+man/man1/piv-tool.1
 man/man1/pkcs11-tool.1
 man/man1/pkcs15-crypt.1
 man/man1/pkcs15-init.1
 man/man1/pkcs15-tool.1
 man/man1/westcos-tool.1
-man/man3/sc_app_info_t.3
-man/man3/sc_append_record.3
-man/man3/sc_asn1_decode.3
-man/man3/sc_asn1_encode.3
-man/man3/sc_asn1_entry.3
-man/man3/sc_asn1_find_tag.3
-man/man3/sc_asn1_print_tags.3
-man/man3/sc_asn1_put_tag.3
-man/man3/sc_asn1_read_tag.3
-man/man3/sc_asn1_skip_tag.3
-man/man3/sc_asn1_verify_tag.3
-man/man3/sc_base64_decode.3
-man/man3/sc_base64_encode.3
-man/man3/sc_card_ctl.3
-man/man3/sc_card_t.3
-man/man3/sc_card_valid.3
-man/man3/sc_check_sw.3
-man/man3/sc_connect_card.3
-man/man3/sc_copy_asn1_entry.3
-man/man3/sc_create_file.3
-man/man3/sc_delete_file.3
-man/man3/sc_delete_record.3
-man/man3/sc_der_clear.3
-man/man3/sc_der_copy.3
-man/man3/sc_detect_card_presence.3
-man/man3/sc_disconnect_card.3
-man/man3/sc_enum_apps.3
-man/man3/sc_establish_context.3
-man/man3/sc_file_dup.3
-man/man3/sc_file_free.3
-man/man3/sc_file_new.3
-man/man3/sc_file_t.3
-man/man3/sc_find_app_by_aid.3
-man/man3/sc_find_pkcs15_app.3
-man/man3/sc_format_apdu.3
-man/man3/sc_format_asn1_entry.3
-man/man3/sc_free_apps.3
-man/man3/sc_get_cache_dir.3
-man/man3/sc_get_challenge.3
-man/man3/sc_get_data.3
-man/man3/sc_list_files.3
-man/man3/sc_lock.3
-man/man3/sc_make_cache_dir.3
-man/man3/sc_put_data.3
-man/man3/sc_read_binary.3
-man/man3/sc_read_record.3
-man/man3/sc_release_context.3
-man/man3/sc_select_file.3
-man/man3/sc_set_card_driver.3
-man/man3/sc_strerror.3
-man/man3/sc_transmit_apdu.3
-man/man3/sc_unlock.3
-man/man3/sc_update_binary.3
-man/man3/sc_update_dir.3
-man/man3/sc_update_record.3
-man/man3/sc_wait_for_event.3
-man/man3/sc_write_binary.3
-man/man3/sc_write_record.3
 man/man5/pkcs15-profile.5
 share/doc/opensc/NEWS
-share/doc/opensc/README
 share/examples/opensc/opensc.conf
 share/opensc/asepcos.profile
+share/opensc/authentic.profile
 share/opensc/cardos.profile
 share/opensc/cyberflex.profile
 share/opensc/entersafe.profile
 share/opensc/flex.profile
 share/opensc/gpk.profile
+share/opensc/ias_adele_admin1.profile
+share/opensc/ias_adele_admin2.profile
+share/opensc/ias_adele_common.profile
+share/opensc/iasecc.profile
+share/opensc/iasecc_admin_eid.profile
+share/opensc/iasecc_generic_oberthur.profile
+share/opensc/iasecc_generic_pki.profile
 share/opensc/incrypto34.profile
 share/opensc/jcop.profile
 share/opensc/miocos.profile
diff --git a/security/opensc/distinfo b/security/opensc/distinfo
index e3a51b6c525..fa2c90944ad 100644
--- a/security/opensc/distinfo
+++ b/security/opensc/distinfo
@@ -1,17 +1,12 @@
-$NetBSD: distinfo,v 1.9 2012/10/24 08:33:51 manu Exp $
+$NetBSD: distinfo,v 1.10 2012/11/30 14:44:34 gdt Exp $
 
-SHA1 (opensc-0.11.13.tar.gz) = 408b374286004c3df15ec17856f69fd4c2a1aceb
-RMD160 (opensc-0.11.13.tar.gz) = cd900866e51cd64fa7c5a3287cd58193dec26528
-Size (opensc-0.11.13.tar.gz) = 1513327 bytes
-SHA1 (patch-aa) = ad1c02161590c43170137d1deeaf5e88e7fef1ce
-SHA1 (patch-ab) = 6d3d055abd1b94c7024838b9b25cc6005af0d36a
-SHA1 (patch-ac) = 6c77415312d1ab149a9cbae9c49f4cf31c950502
-SHA1 (patch-ad) = a618df0e8bc59af9ccea3f3b423b363e09ab0a4c
-SHA1 (patch-ae) = 94ca059a2e9bf5689f4193587247e443213df9a4
-SHA1 (patch-af) = 3b8db1b680c833940973f11b8abb47e34fa5ecd0
-SHA1 (patch-ag) = 1d2de187008d4ce9aac1f97f829aafd035324082
-SHA1 (patch-ah) = e9a8e3aa06af5a7ce47015f8eba41fd2bb12b32d
-SHA1 (patch-configure) = 65af2389d4a3b875ea206542ac94446e0bfc4796
-SHA1 (patch-src_libopensc_card-setcos.c) = 209bf0a92f9872635ea06d5ea9a7742c7874d61d
-SHA1 (patch-src_libopensc_cards.h) = ebc1db10feda1b2f6a666842120772908c778db7
-SHA1 (patch-src_pkcs11_pkcs11-global.c) = 06c93969a04c930a87a607f6d48a13197c1307bf
+SHA1 (opensc-0.12.2.tar.gz) = 8c34be52eb94025eb181c02b466223901bef744c
+RMD160 (opensc-0.12.2.tar.gz) = 45504135db05fd404a357ebd8bea047c5c8604dc
+Size (opensc-0.12.2.tar.gz) = 1738553 bytes
+SHA1 (patch-aa) = f7993647c19d3cca3b976d66a97ee18fca12f8b2
+SHA1 (patch-ab) = 4d19b0990b227aceb3ab4bf8c1f222f337ee1ff7
+SHA1 (patch-configure) = fcd938ec3f269642fbd577868768c8ac67270be6
+SHA1 (patch-src_common_compat__getopt.c) = a1a473a6d2690dacb968be7991e6218233b20e7f
+SHA1 (patch-src_common_compat__getopt.h) = cdd04e708f249a3969a47c4ed458d6b86a11d2f1
+SHA1 (patch-src_common_compat__getopt__main.c) = 0a9a608434ec8f274627b2f65f5c53a6ceb79f2a
+SHA1 (patch-src_pkcs11_pkcs11-global.c) = 5d0d23706f932f10a63d8da82ab34d3c00e470f5
diff --git a/security/opensc/options.mk b/security/opensc/options.mk
index d0d2c9c59a2..094f1c54a9f 100644
--- a/security/opensc/options.mk
+++ b/security/opensc/options.mk
@@ -1,7 +1,10 @@
-# $NetBSD: options.mk,v 1.1.1.1 2009/02/26 10:50:05 hasso Exp $
+# $NetBSD: options.mk,v 1.2 2012/11/30 14:44:34 gdt Exp $
 
 PKG_OPTIONS_VAR=	PKG_OPTIONS.opensc
-PKG_SUPPORTED_OPTIONS=	openct pcsc-lite
+
+# Really this should be an options group; exactly one of openct,
+# pcsc-lite, or ctapi must be specified.
+PKG_SUPPORTED_OPTIONS=	pcsc-lite openct
 PKG_SUGGESTED_OPTIONS=	pcsc-lite
 
 .include "../../mk/bsd.options.mk"
diff --git a/security/opensc/patches/patch-aa b/security/opensc/patches/patch-aa
index acbd987a214..2c69de0150e 100644
--- a/security/opensc/patches/patch-aa
+++ b/security/opensc/patches/patch-aa
@@ -1,8 +1,11 @@
-$NetBSD: patch-aa,v 1.2 2010/09/01 15:59:23 drochner Exp $
+$NetBSD: patch-aa,v 1.3 2012/11/30 14:44:34 gdt Exp $
 
---- etc/Makefile.in.orig	2010-02-16 09:32:17.000000000 +0000
+Disable installation of config file, because pkgsrc installs config
+files as examples.
+
+--- etc/Makefile.in.orig	2011-07-15 10:47:01.000000000 +0000
 +++ etc/Makefile.in
-@@ -471,12 +471,7 @@ opensc.conf: opensc.conf.in force
+@@ -466,12 +466,7 @@ opensc.conf: opensc.conf.in force
  		-e 's|@pkgdatadir[@]|$(pkgdatadir)|g' \
  		-e 's|@DEFAULT_PCSC_PROVIDER[@]|$(DEFAULT_PCSC_PROVIDER)|g' \
  		< $< > $@
diff --git a/security/opensc/patches/patch-ab b/security/opensc/patches/patch-ab
index 7acb810b364..e1f5778a228 100644
--- a/security/opensc/patches/patch-ab
+++ b/security/opensc/patches/patch-ab
@@ -1,29 +1,14 @@
-$NetBSD: patch-ab,v 1.2 2010/09/01 15:59:23 drochner Exp $
+$NetBSD: patch-ab,v 1.3 2012/11/30 14:44:34 gdt Exp $
 
---- etc/opensc.conf.in.orig	2010-02-16 09:03:28.000000000 +0000
+This patch was added 2009-09-10 by hasso@, with comment:
+  More userfriendly default configuration.
+
+--- etc/opensc.conf.in.orig	2011-07-05 11:28:53.000000000 +0000
 +++ etc/opensc.conf.in
-@@ -47,6 +47,7 @@ app default {
- 	# last entry in reader_drivers list
- 	#
- 	# reader_drivers = openct, pcsc, ctapi;
-+	reader_drivers = pcsc, ctapi;
- 
- 	reader_driver ctapi {
- 		# module /usr/local/towitoko/lib/libtowitoko.so {
-@@ -87,7 +88,7 @@ app default {
- 		#
- 		# Enable pinpad if detected (PC/SC v2.0.2 Part 10)
- 		# Default: false
--		# enable_pinpad = true;
-+		enable_pinpad = true;
+@@ -309,6 +309,7 @@ app default {
  		#
- 		# Use specific pcsc provider.
- 		# Default: @DEFAULT_PCSC_PROVIDER@
-@@ -265,7 +266,7 @@ app default {
- 		# Prefer pkcs15 emulation code before
- 		# the normal pkcs15 processing.
  		# Default: no
--		# try_emulation_first = yes;
+ 		# try_emulation_first = yes;
 +		try_emulation_first = yes;
  		
  		# Enable builtin emulators.
diff --git a/security/opensc/patches/patch-ac b/security/opensc/patches/patch-ac
deleted file mode 100644
index aa155db89aa..00000000000
--- a/security/opensc/patches/patch-ac
+++ /dev/null
@@ -1,99 +0,0 @@
-$NetBSD: patch-ac,v 1.1 2010/09/01 15:59:23 drochner Exp $
-
---- src/signer/dialog.c.orig	2010-02-16 09:03:25.000000000 +0000
-+++ src/signer/dialog.c
-@@ -15,31 +15,31 @@ struct entry_parm_s {
-   char *buffer;
- };
- 
--static AssuanError
-+static gpg_error_t
- getpin_cb (void *opaque, const void *buffer, size_t length)
- {
-   struct entry_parm_s *parm = (struct entry_parm_s *) opaque;
- 
-   /* we expect the pin to fit on one line */
-   if (parm->lines || length >= parm->size)
--    return ASSUAN_Too_Much_Data;
-+    return gpg_error(GPG_ERR_ASS_TOO_MUCH_DATA);
- 
-   /* fixme: we should make sure that the assuan buffer is allocated in
-      secure memory or read the response byte by byte */
-   memcpy(parm->buffer, buffer, length);
-   parm->buffer[length] = 0;
-   parm->lines++;
--  return (AssuanError) 0;
-+  return gpg_error(GPG_ERR_NO_ERROR);
- }
- 
- int ask_and_verify_pin_code(struct sc_pkcs15_card *p15card,
- 			    struct sc_pkcs15_object *pin)
- {
--	int r;
-+	gpg_error_t r;
- 	size_t len;
- 	const char *argv[3];
- 	const char *pgmname = PIN_ENTRY;
--	ASSUAN_CONTEXT ctx;
-+	assuan_context_t ctx = NULL;
- 	char buf[500];
- 	char errtext[100];
- 	struct entry_parm_s parm;
-@@ -48,16 +48,26 @@ int ask_and_verify_pin_code(struct sc_pk
- 	argv[0] = pgmname;
- 	argv[1] = NULL;
- 	
--	r = assuan_pipe_connect(&ctx, pgmname, (char **) argv, NULL);
-+	assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
-+
-+	r = assuan_new(&ctx);
-+	if (r) {
-+		printf("Can't initialize assuan context: %s\n)",
-+			gpg_strerror(r));
-+		goto err;
-+	}
-+	
-+	r = assuan_pipe_connect(ctx, pgmname, (const char **) argv, \
-+				NULL, NULL, NULL, 0);
- 	if (r) {
- 		printf("Can't connect to the PIN entry module: %s\n",
--		       assuan_strerror((AssuanError) r));
-+		       gpg_strerror(r));
- 		goto err;
- 	}
- 	sprintf(buf, "SETDESC Enter PIN [%s] for digital signing  ", pin->label);
- 	r = assuan_transact(ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL);
- 	if (r) {
--		printf("SETDESC: %s\n", assuan_strerror((AssuanError) r));
-+		printf("SETDESC: %s\n", gpg_strerror(r));
- 		goto err;
- 	}
- 	errtext[0] = 0;
-@@ -71,12 +81,12 @@ int ask_and_verify_pin_code(struct sc_pk
- 		parm.size = sizeof(buf);
- 		parm.buffer = buf;
- 		r = assuan_transact(ctx, "GETPIN", getpin_cb, &parm, NULL, NULL, NULL, NULL);
--		if (r == ASSUAN_Canceled) {
--			assuan_disconnect(ctx);
-+		if (gpg_err_code(r) == GPG_ERR_ASS_CANCELED) {
-+			assuan_release(ctx);
- 			return -2;
- 		}
- 		if (r) {
--			printf("GETPIN: %s\n", assuan_strerror((AssuanError) r));
-+			printf("GETPIN: %s\n", gpg_strerror(r));
- 			goto err;
- 		}
- 		len = strlen(buf);
-@@ -104,9 +114,9 @@ int ask_and_verify_pin_code(struct sc_pk
- 			break;
- 	}
- 
--	assuan_disconnect(ctx);	
-+	assuan_release(ctx);
- 	return 0;
- err:	
--	assuan_disconnect(ctx);
-+	assuan_release(ctx);
- 	return -1;
- }
diff --git a/security/opensc/patches/patch-ad b/security/opensc/patches/patch-ad
deleted file mode 100644
index 60ce19b89b1..00000000000
--- a/security/opensc/patches/patch-ad
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2010/09/01 15:59:23 drochner Exp $
-
---- configure.orig	2010-02-16 09:32:16.000000000 +0000
-+++ configure
-@@ -14239,7 +14239,7 @@ fi
- 
- 
- 
--  tmp=1:0.9.2
-+  tmp=2:2.0.0
-   if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
-     req_libassuan_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
-     min_libassuan_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
diff --git a/security/opensc/patches/patch-ae b/security/opensc/patches/patch-ae
deleted file mode 100644
index 993a51ca273..00000000000
--- a/security/opensc/patches/patch-ae
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2010/12/16 18:00:59 drochner Exp $
-
---- src/libopensc/card-acos5.c.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/card-acos5.c
-@@ -140,8 +140,8 @@ static int acos5_get_serialnr(sc_card_t 
- 	/*
- 	 * Cache serial number.
- 	 */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 
- 	/*
- 	 * Copy and return serial number.
diff --git a/security/opensc/patches/patch-af b/security/opensc/patches/patch-af
deleted file mode 100644
index 81d122fc066..00000000000
--- a/security/opensc/patches/patch-af
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-af,v 1.1 2010/12/16 18:00:59 drochner Exp $
-
---- src/libopensc/card-atrust-acos.c.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/card-atrust-acos.c
-@@ -853,8 +853,8 @@ static int acos_get_serialnr(sc_card_t *
- 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- 		return SC_ERROR_INTERNAL;
- 	/* cache serial number */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 	/* copy and return serial number */
- 	memcpy(serial, &card->serialnr, sizeof(*serial));
- 	return SC_SUCCESS;
diff --git a/security/opensc/patches/patch-ag b/security/opensc/patches/patch-ag
deleted file mode 100644
index dc51e79344b..00000000000
--- a/security/opensc/patches/patch-ag
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-ag,v 1.1 2010/12/16 18:00:59 drochner Exp $
-
---- src/libopensc/card-starcos.c.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/card-starcos.c
-@@ -1289,8 +1289,8 @@ static int starcos_get_serialnr(sc_card_
- 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- 		return SC_ERROR_INTERNAL;
- 	/* cache serial number */
--	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
--	card->serialnr.len = apdu.resplen;
-+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- 	/* copy and return serial number */
- 	memcpy(serial, &card->serialnr, sizeof(*serial));
- 	return SC_SUCCESS;
diff --git a/security/opensc/patches/patch-ah b/security/opensc/patches/patch-ah
deleted file mode 100644
index c88b2301c89..00000000000
--- a/security/opensc/patches/patch-ah
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-ah,v 1.1 2010/12/16 18:00:59 drochner Exp $
-
---- src/libopensc/internal.h.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/internal.h
-@@ -39,6 +39,10 @@ extern "C" {
- #include <windows.h>
- #endif
- 
-+#ifndef MIN
-+#define MIN(a,b) ((a) < (b) ? (a) : (b))
-+#endif
-+
- #define SC_FILE_MAGIC			0x14426950
- #define SC_CARD_MAGIC			0x27182818
- #define SC_CTX_MAGIC			0x0A550335
diff --git a/security/opensc/patches/patch-configure b/security/opensc/patches/patch-configure
index 98a8dfabdcf..3d72797462e 100644
--- a/security/opensc/patches/patch-configure
+++ b/security/opensc/patches/patch-configure
@@ -1,4 +1,4 @@
-$NetBSD: patch-configure,v 1.1 2012/10/24 08:33:51 manu Exp $
+$NetBSD: patch-configure,v 1.2 2012/11/30 14:44:35 gdt Exp $
 
 Make sure we do not link against -lpthread, as we only need mutexes
 that can be found in libc.
@@ -6,10 +6,9 @@ that can be found in libc.
 Linking with -lpthread hurst with opensc-pkcs11.so since NetBSD-6.0
 libpthread cannot be loaded by dlopen()
 
---- configure.orig	2012-10-19 11:29:36.000000000 +0200
-+++ configure	2012-10-19 14:57:03.000000000 +0200
-@@ -12821,8 +12821,17 @@
- ac_compiler_gnu=$ac_cv_c_compiler_gnu
+--- configure.orig	2011-07-15 10:46:59.000000000 +0000
++++ configure
+@@ -12903,6 +12903,15 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
  
  acx_pthread_ok=no
  
@@ -25,4 +24,3 @@ libpthread cannot be loaded by dlopen()
  # We used to check for pthread.h first, but this fails if pthread.h
  # requires special compiler flags (e.g. on True64 or Sequent).
  # It gets checked for in the link test anyway.
- 
diff --git a/security/opensc/patches/patch-src_common_compat__getopt.c b/security/opensc/patches/patch-src_common_compat__getopt.c
new file mode 100644
index 00000000000..9191b525901
--- /dev/null
+++ b/security/opensc/patches/patch-src_common_compat__getopt.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_common_compat__getopt.c,v 1.1 2012/11/30 14:44:35 gdt Exp $
+
+See comment in patch-src_common_compat__getopt.h.
+
+--- src/common/compat_getopt.c.orig	2011-07-05 11:28:53.000000000 +0000
++++ src/common/compat_getopt.c
+@@ -25,7 +25,7 @@
+ 
+ #include "config.h"
+ 
+-#if ! ( defined(HAVE_GETOPT_H) && defined(HAVE_GETOPT_LONG) && defined(HAVE_GETOPT_LONG_ONLY) )
++#if ! ( defined(HAVE_GETOPT_H) && defined(HAVE_GETOPT_LONG) )
+ 
+ #include <sys/types.h>
+ #include <stdlib.h>
diff --git a/security/opensc/patches/patch-src_common_compat__getopt.h b/security/opensc/patches/patch-src_common_compat__getopt.h
new file mode 100644
index 00000000000..976c8504031
--- /dev/null
+++ b/security/opensc/patches/patch-src_common_compat__getopt.h
@@ -0,0 +1,37 @@
+$NetBSD: patch-src_common_compat__getopt.h,v 1.1 2012/11/30 14:44:35 gdt Exp $
+
+NetBSD has getopt_long but not getopt_long_only.  Replacing
+getopt_long causes a type conflict with the built-in implementation.
+The replacement is unnecesssary because getopt_long_only is not
+actually used.
+
+Reported upstream:
+https://www.opensc-project.org/pipermail/opensc-devel/2012-November/018668.html
+
+--- src/common/compat_getopt.h.orig	2011-07-05 11:28:53.000000000 +0000
++++ src/common/compat_getopt.h
+@@ -30,7 +30,7 @@
+ #include "config.h"
+ #endif
+ 
+-#if defined(HAVE_GETOPT_H) && defined(HAVE_GETOPT_LONG) && defined(HAVE_GETOPT_LONG_ONLY)
++#if defined(HAVE_GETOPT_H) && defined(HAVE_GETOPT_LONG)
+ #include <getopt.h>
+ #else
+ 
+@@ -43,7 +43,6 @@ extern "C" {
+ 
+ #define getopt my_getopt
+ #define getopt_long my_getopt_long
+-#define getopt_long_only my_getopt_long_only
+ #define _getopt_internal _my_getopt_internal
+ #define opterr my_opterr
+ #define optind my_optind
+@@ -86,6 +85,6 @@ extern int _my_getopt_internal(int argc,
+ }
+ #endif
+ 
+-#endif /* HAVE_GETOPT_H && HAVE_GETOPT_LONG && HAVE_GETOPT_LONG_ONLY */
++#endif /* HAVE_GETOPT_H && HAVE_GETOPT_LONG */
+ 
+ #endif /* MY_GETOPT_H_INCLUDED */
diff --git a/security/opensc/patches/patch-src_common_compat__getopt__main.c b/security/opensc/patches/patch-src_common_compat__getopt__main.c
new file mode 100644
index 00000000000..101d1bb10ee
--- /dev/null
+++ b/security/opensc/patches/patch-src_common_compat__getopt__main.c
@@ -0,0 +1,17 @@
+$NetBSD: patch-src_common_compat__getopt__main.c,v 1.1 2012/11/30 14:44:35 gdt Exp $
+
+See comment in patch-src_common_compat__getopt.h.  In addition, a
+kludge is added here to get the test file to build, pending a new
+release from upstream with the issue properly addressed.
+
+--- src/common/compat_getopt_main.c.orig	2011-07-05 11:28:53.000000000 +0000
++++ src/common/compat_getopt_main.c
+@@ -173,6 +173,8 @@ main(int argc, char * argv[])
+               progname);
+     }
+ 
++#define getopt_long_only getopt_long
++
+   /* parse all options from the command line */
+   while ((opt =
+           getopt_long_only(argc, argv, shortopts, longopts, &longind)) != -1)
diff --git a/security/opensc/patches/patch-src_libopensc_card-setcos.c b/security/opensc/patches/patch-src_libopensc_card-setcos.c
deleted file mode 100644
index d3e6d34e91f..00000000000
--- a/security/opensc/patches/patch-src_libopensc_card-setcos.c
+++ /dev/null
@@ -1,55 +0,0 @@
-$NetBSD: patch-src_libopensc_card-setcos.c,v 1.1 2011/05/27 10:05:52 kivinen Exp $
-
---- src/libopensc/card-setcos.c.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/card-setcos.c
-@@ -46,6 +46,8 @@ static struct sc_atr_table setcos_atrs[]
- 	/* FINEID 2264 (EIDApplet/7816-15, OPK/EMV/AVANT) */
- 	{ "3b:6e:00:00:00:62:00:00:57:41:56:41:4e:54:10:81:90:00", NULL, NULL, SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
- 	{ "3b:7b:94:00:00:80:62:11:51:56:46:69:6e:45:49:44", NULL, NULL, SC_CARD_TYPE_SETCOS_FINEID_V2, 0, NULL },
-+	/* New FINEID cards which support 2048 bit keys. */
-+	{ "3b:7b:94:00:00:80:62:12:51:56:46:69:6e:45:49:44", NULL, NULL, SC_CARD_TYPE_SETCOS_FINEID_V2_2048, 0, NULL },
- 	/* Swedish NIDEL card */
- 	{ "3b:9f:94:80:1f:c3:00:68:10:44:05:01:46:49:53:45:31:c8:07:90:00:18", NULL, NULL, SC_CARD_TYPE_SETCOS_NIDEL, 0, NULL },
- 	/* Setcos 4.4.1 */
-@@ -168,6 +170,7 @@ static int setcos_init(sc_card_t *card)
- 	switch (card->type) {
- 	case SC_CARD_TYPE_SETCOS_FINEID:
- 	case SC_CARD_TYPE_SETCOS_FINEID_V2:
-+	case SC_CARD_TYPE_SETCOS_FINEID_V2_2048:
- 	case SC_CARD_TYPE_SETCOS_NIDEL:
- 		card->cla = 0x00;
- 		select_pkcs15_app(card);
-@@ -203,6 +206,17 @@ static int setcos_init(sc_card_t *card)
- 			_sc_card_add_rsa_alg(card, 1024, flags, 0);
- 		}
- 		break;
-+	case SC_CARD_TYPE_SETCOS_FINEID_V2_2048:
-+		{
-+			unsigned long flags;
-+
-+			flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_PAD_PKCS1;
-+			flags |= SC_ALGORITHM_RSA_HASH_NONE | SC_ALGORITHM_RSA_HASH_SHA1;
-+
-+			_sc_card_add_rsa_alg(card, 1024, flags, 0);
-+			_sc_card_add_rsa_alg(card, 2048, flags, 0);
-+		}
-+		break;
- 	case SC_CARD_TYPE_SETCOS_44:
- 	case SC_CARD_TYPE_SETCOS_NIDEL:
- 	case SC_CARD_TYPE_SETCOS_EID_V2_0:
-@@ -596,6 +610,7 @@ static int setcos_set_security_env2(sc_c
- 	case SC_SEC_OPERATION_SIGN:
- 		/* Should be 0x41 */
- 		apdu.p1 = ((card->type == SC_CARD_TYPE_SETCOS_FINEID_V2) ||
-+			   (card->type == SC_CARD_TYPE_SETCOS_FINEID_V2_2048) ||
- 		           (card->type == SC_CARD_TYPE_SETCOS_44) ||
- 			   (card->type == SC_CARD_TYPE_SETCOS_NIDEL) || 
- 			   SETCOS_IS_EID_APPLET(card)) ? 0x41 : 0x81;
-@@ -678,6 +693,7 @@ static int setcos_set_security_env(sc_ca
- 		case SC_CARD_TYPE_SETCOS_PKI:
- 		case SC_CARD_TYPE_SETCOS_FINEID:
- 		case SC_CARD_TYPE_SETCOS_FINEID_V2:
-+		case SC_CARD_TYPE_SETCOS_FINEID_V2_2048:
- 		case SC_CARD_TYPE_SETCOS_NIDEL:
- 		case SC_CARD_TYPE_SETCOS_44:
- 		case SC_CARD_TYPE_SETCOS_EID_V2_0:
diff --git a/security/opensc/patches/patch-src_libopensc_cards.h b/security/opensc/patches/patch-src_libopensc_cards.h
deleted file mode 100644
index ee5273b7d42..00000000000
--- a/security/opensc/patches/patch-src_libopensc_cards.h
+++ /dev/null
@@ -1,12 +0,0 @@
-$NetBSD: patch-src_libopensc_cards.h,v 1.1 2011/05/27 10:05:52 kivinen Exp $
-
---- src/libopensc/cards.h.orig	2010-02-16 09:03:28.000000000 +0000
-+++ src/libopensc/cards.h
-@@ -80,6 +80,7 @@ enum {
- 	SC_CARD_TYPE_SETCOS_PKI,
- 	SC_CARD_TYPE_SETCOS_FINEID,
- 	SC_CARD_TYPE_SETCOS_FINEID_V2,
-+	SC_CARD_TYPE_SETCOS_FINEID_V2_2048,
- 	SC_CARD_TYPE_SETCOS_NIDEL,
- 	SC_CARD_TYPE_SETCOS_44 = 6100,
- 	SC_CARD_TYPE_SETCOS_EID_V2_0,
diff --git a/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c b/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
index e05d6c28e15..7776a9e7b67 100644
--- a/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
+++ b/security/opensc/patches/patch-src_pkcs11_pkcs11-global.c
@@ -1,13 +1,17 @@
---- src/pkcs11/pkcs11-global.c.orig	2012-10-22 09:11:56.000000000 +0200
-+++ src/pkcs11/pkcs11-global.c	2012-10-22 09:12:14.000000000 +0200
-@@ -43,9 +43,9 @@
- #if defined(HAVE_PTHREAD) && defined(PKCS11_THREAD_LOCKING)
+$NetBSD: patch-src_pkcs11_pkcs11-global.c,v 1.2 2012/11/30 14:44:35 gdt Exp $
+
+Use correct size for malloc.
+
+Not yet reported upstream.
+
+--- src/pkcs11/pkcs11-global.c.orig	2011-07-05 11:28:53.000000000 +0000
++++ src/pkcs11/pkcs11-global.c
+@@ -42,7 +42,7 @@ extern CK_FUNCTION_LIST pkcs11_function_
  #include <pthread.h>
  CK_RV mutex_create(void **mutex)
  {
--	pthread_mutex_t *m = (pthread_mutex_t *) malloc(sizeof(*mutex));
-+	pthread_mutex_t *m = (pthread_mutex_t *) malloc(sizeof(*m));
+-	pthread_mutex_t *m = malloc(sizeof(*mutex));
++	pthread_mutex_t *m = malloc(sizeof(*m));
  	if (m == NULL)
  		return CKR_GENERAL_ERROR;;
  	pthread_mutex_init(m, NULL);
- 	*mutex = m;
author	gdt <gdt>	2012-11-30 14:44:34 +0000
committer	gdt <gdt>	2012-11-30 14:44:34 +0000
commit	73957c075dff2b0a26f6b49971ea1032dcb08133 (patch)
tree	a8d0bafdb545caa01c394ac40500dc0ca761a912 /security
parent	ebcc6ca2983acaed0fda42145693709de83bfbe3 (diff)
download	pkgsrc-73957c075dff2b0a26f6b49971ea1032dcb08133.tar.gz