- Add license

- Use @sample
- Update to 1.3.7
Bugfixes:
SOFTHSM-94: umask affecting the calling application.
SOFTHSM-96: Check if Botan has already been initialised.

PR:		190368
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by:	DK Hostmaster A/S

4 files changed, 6 insertions, 125 deletions

diff --git a/security/softhsm/Makefile b/security/softhsm/Makefile
index f0ecd9bbd534..5a5f1741c560 100644
--- a/security/softhsm/Makefile
+++ b/security/softhsm/Makefile
@@ -2,14 +2,15 @@
 # $FreeBSD$
 
 PORTNAME=	softhsm
-PORTVERSION=	1.3.6
-PORTREVISION=	1
+PORTVERSION=	1.3.7
 CATEGORIES=	security
 MASTER_SITES=	http://dist.opendnssec.org/source/
 
 MAINTAINER=	jaap@NLnetLabs.nl
 COMMENT=	Software implementation of a Hardware Security Module (HSM)
 
+LICENSE=	BSD2CLAUSE
+
 LIB_DEPENDS=	libbotan-1.10.so:${PORTSDIR}/security/botan110 \
 		libsqlite3.so:${PORTSDIR}/databases/sqlite3
 
diff --git a/security/softhsm/distinfo b/security/softhsm/distinfo
index f304c7c7905c..1e6daab13542 100644
--- a/security/softhsm/distinfo
+++ b/security/softhsm/distinfo
@@ -1,2 +1,2 @@
-SHA256 (softhsm-1.3.6.tar.gz) = e39ac8e851220edd2b2afbe4d9e06d956bccc20bc72752740eabf95692359486
-SIZE (softhsm-1.3.6.tar.gz) = 435893
+SHA256 (softhsm-1.3.7.tar.gz) = d12d6456a85561266d9da427565f3ee3746a35df6670d5e6be75de253c2810a4
+SIZE (softhsm-1.3.7.tar.gz) = 438437
diff --git a/security/softhsm/files/patch-SOFTHSM-94 b/security/softhsm/files/patch-SOFTHSM-94
deleted file mode 100644
index 7de10f8e6ed3..000000000000
--- a/security/softhsm/files/patch-SOFTHSM-94
+++ /dev/null
@@ -1,119 +0,0 @@
-From 39b1e1115501a042597ce0c2bc17659c4082fc9e Mon Sep 17 00:00:00 2001
-From: Rickard Bellgrim <rickard@opendnssec.org>
-Date: Thu, 3 Apr 2014 13:19:02 +0200
-Subject: [PATCH] SOFTHSM-94: umask affecting the calling application.
-
----
- NEWS                      |  6 ++++++
- src/lib/SoftDatabase.cpp  | 20 +++++++++++++++-----
- src/lib/tokenhandling.cpp | 21 ++++++++++++++++-----
- 3 files changed, 37 insertions(+), 10 deletions(-)
-
-diff --git NEWS NEWS
-index a69e16f..04473dd 100644
---- NEWS
-+++ NEWS
-@@ -1,5 +1,11 @@
- NEWS for SoftHSM -- History of user visible changes
- 
-+SoftHSM 1.3 develop
-+
-+Bugfixes:
-+* SOFTHSM-94: umask affecting the calling application.
-+
-+
- SoftHSM 1.3.6 - 2014-02-24
- 
- * SOFTHSM-51: Call umask to restrict created files.
-diff --git src/lib/SoftDatabase.cpp src/lib/SoftDatabase.cpp
-index 492883e..aac5fe1 100644
---- src/lib/SoftDatabase.cpp
-+++ src/lib/SoftDatabase.cpp
-@@ -40,6 +40,9 @@
- #include <sched.h>
- #include <sys/types.h>
- #include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
- 
- using std::string;
- 
-@@ -115,15 +118,22 @@ static int db_is_locked(void* /*data*/, int /*retry*/) {
- }
- 
- CK_RV SoftDatabase::init(char *dbPath) {
--  // Circumvent the sqlite3 reliance on umask to enforce secure permissions
--  mode_t saved_umask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
-+  // Create and set file permissions if the DB does not exist.
-+  int fd = open(dbPath, O_CREAT, S_IRUSR | S_IWUSR);
-+  if(fd == -1) {
-+    char warnMsg[1024];
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database. errno=%i. "
-+                                       "Probably wrong privileges: %s", errno, dbPath);
-+    ERROR_MSG("init", warnMsg);
-+    return CKR_TOKEN_NOT_PRESENT;
-+  }
-+  close(fd);
-+
-   // Open the database
-   int result = sqlite3_open(dbPath, &db);
--  // Restore umask to avoid side effects
--  (void) umask(saved_umask);
-   if(result) {
-     char warnMsg[1024];
--    snprintf(warnMsg, sizeof(warnMsg), "Could not open token database. Probably wrong privileges: %s", dbPath);
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database: %s", dbPath);
-     ERROR_MSG("init", warnMsg);
-     return CKR_TOKEN_NOT_PRESENT;
-   }
-diff --git src/lib/tokenhandling.cpp src/lib/tokenhandling.cpp
-index 8857574..ac3d7ed 100644
---- src/lib/tokenhandling.cpp
-+++ src/lib/tokenhandling.cpp
-@@ -40,6 +40,9 @@
- #include <sqlite3.h>
- #include <sys/types.h>
- #include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
- 
- #define EXEC_DB(db, sql) \
-   if(sqlite3_exec(db, sql, NULL, NULL, NULL)) { \
-@@ -99,19 +102,27 @@ CK_RV softInitToken(SoftSlot *currentSlot, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinL
-     }
-   }
- 
--  // Circumvent the sqlite3 reliance on umask to enforce secure permissions
--  mode_t saved_umask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
-+  // Create and set file permissions if the DB does not exist.
-+  int fd = open(currentSlot->dbPath, O_CREAT, S_IRUSR | S_IWUSR);
-+  if(fd == -1) {
-+    free(soPIN);
-+    char warnMsg[1024];
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database. errno=%i. "
-+                                       "Probably wrong privileges: %s", errno, currentSlot->dbPath);
-+    DEBUG_MSG("C_InitToken", warnMsg);
-+    return CKR_DEVICE_ERROR;
-+  }
-+  close(fd);
-+
-   // Open the database
-   sqlite3 *db = NULL;
-   int result = sqlite3_open(currentSlot->dbPath, &db);
--  // Restore umask to avoid side effects
--  (void) umask(saved_umask);
-   if(result){
-     if(db != NULL) {
-       sqlite3_close(db);
-     }
-     free(soPIN);
--    DEBUG_MSG("C_InitToken", "Could not open the token database file");
-+    DEBUG_MSG("C_InitToken", "Could not open the token database");
-     return CKR_DEVICE_ERROR;
-   }
- 
--- 
-1.9.1
-
diff --git a/security/softhsm/pkg-plist b/security/softhsm/pkg-plist
index 56e7c89d463e..22d998e9a6dd 100644
--- a/security/softhsm/pkg-plist
+++ b/security/softhsm/pkg-plist
@@ -4,8 +4,7 @@ bin/softhsm-keyconv
 lib/softhsm/libsofthsm.a
 lib/softhsm/libsofthsm.la
 lib/softhsm/libsofthsm.so
-etc/softhsm.conf.sample
-@exec if [ ! -f %D/etc/softhsm.conf ]; then cp %D/etc/softhsm.conf.sample %D/etc/softhsm.conf; fi
+@sample etc/softhsm.conf.sample
 @dirrm lib/softhsm
 @exec install -d -o root -g wheel -m 700 %D/var/lib/softhsm
 man/man1/softhsm-keyconv.1.gz