diff options
| author | pi <pi@FreeBSD.org> | 2016-06-04 12:55:45 +0800 |
|---|---|---|
| committer | pi <pi@FreeBSD.org> | 2016-06-04 12:55:45 +0800 |
| commit | 0c1d3e5de1893eae85576c737bfcc0c41563ab91 (patch) | |
| tree | b3b169798fbe71ef9fbd7fe975418cb85c70f362 /security | |
| parent | cca338ddd2379f610f7803bb751f8f40f892919d (diff) | |
| download | freebsd-ports-graphics-0c1d3e5de1893eae85576c737bfcc0c41563ab91.tar.gz freebsd-ports-graphics-0c1d3e5de1893eae85576c737bfcc0c41563ab91.tar.zst freebsd-ports-graphics-0c1d3e5de1893eae85576c737bfcc0c41563ab91.zip | |
security/signify: change upstream, submitter becomes maintainer
This updates signify to the version included in
https://github.com/chneukirchen/outils
I've also included all OpenBSD public keys, so that OpenBSD images
can be verified out of the box. A man page is now also installed.
PR: 210004
Submitted by: Tobias Kortkamp <t@tobik.me>
Diffstat (limited to 'security')
| -rw-r--r-- | security/signify/Makefile | 44 | ||||
| -rw-r--r-- | security/signify/distinfo | 5 | ||||
| -rw-r--r-- | security/signify/files/openbsd-58-base.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-58-fw.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-58-pkg.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-59-base.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-59-fw.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-59-pkg.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-60-base.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-60-fw.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-60-pkg.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-61-base.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-61-fw.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/openbsd-61-pkg.pub | 2 | ||||
| -rw-r--r-- | security/signify/files/patch-Makefile | 21 | ||||
| -rw-r--r-- | security/signify/files/patch-readpassphrase.c | 13 | ||||
| -rw-r--r-- | security/signify/files/patch-src_usr.bin_signify_signify.1 | 11 | ||||
| -rw-r--r-- | security/signify/pkg-descr | 11 | ||||
| -rw-r--r-- | security/signify/pkg-plist | 14 |
19 files changed, 104 insertions, 39 deletions
diff --git a/security/signify/Makefile b/security/signify/Makefile index b87e8fa2661..b54bf60c665 100644 --- a/security/signify/Makefile +++ b/security/signify/Makefile @@ -1,21 +1,47 @@ # $FreeBSD$ PORTNAME= signify -PORTVERSION= 1 +PORTVERSION= 0.4.2 +DISTVERSIONPREFIX= v +PORTEPOCH= 1 CATEGORIES= security -MASTER_SITES= http://www.fefe.de/signify/ -DISTNAME= ${PORTNAME} -MAINTAINER= pi@FreeBSD.org -COMMENT= OpenBSD signify ported by Felix von Leitner +MAINTAINER= t@tobik.me +COMMENT= Create and verify cryptographic signatures -LICENSE= BSD2CLAUSE +# outils includes signify from OpenBSD's base system which is under an +# ISC license. The parts of liboutils that signify uses are licensed +# under ISCL/BSD3/BSD4. +LICENSE= ISCL BSD4CLAUSE BSD3CLAUSE +LICENSE_COMB= multi +LICENSE_FILE= ${WRKSRC}/LICENSE -USES= gmake compiler:c11 +# gmake is required on FreeBSD 9.3, on FreeBSD >= 10 we get away with +# regular make with tiny changes in the Makefile. +USES= gmake +USE_GITHUB= yes +GH_ACCOUNT= chneukirchen +GH_PROJECT= outils -PLIST_FILES= bin/signify +ALL_TARGET= src/usr.bin/signify/signify + +post-patch: +# sys/cdefs.h and sys/limits.h override is not needed on FreeBSD + ${RM} ${WRKSRC}/src/liboutils/include/sys/cdefs.h + ${RM} ${WRKSRC}/src/liboutils/include/sys/limits.h +# Replace /etc/signify paths in man page and signify's safe path to +# point to /usr/local/etc/signify + ${REINPLACE_CMD} 's|/etc/signify/|${ETCDIR}/|g' \ + ${WRKSRC}/src/usr.bin/signify/signify.c \ + ${WRKSRC}/src/usr.bin/signify/signify.1 do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/signify ${STAGEDIR}${PREFIX}/bin + ${INSTALL_PROGRAM} ${WRKSRC}/src/usr.bin/signify/signify \ + ${STAGEDIR}${PREFIX}/bin + ${INSTALL_DATA} ${WRKSRC}/src/usr.bin/signify/signify.1 \ + ${STAGEDIR}${PREFIX}/man/man1 + ${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_DATA} ${FILESDIR}/openbsd-*.pub \ + ${STAGEDIR}${ETCDIR} .include <bsd.port.mk> diff --git a/security/signify/distinfo b/security/signify/distinfo index 4df000472bb..6ccc22633a1 100644 --- a/security/signify/distinfo +++ b/security/signify/distinfo @@ -1,2 +1,3 @@ -SHA256 (signify.tar.gz) = 72cbe892edbe8e14b314fc91f6422d6cede8f689a2db4d8b34d9bfaed56ff4ec -SIZE (signify.tar.gz) = 88236 +TIMESTAMP = 1464977461 +SHA256 (chneukirchen-outils-v0.4.2_GH0.tar.gz) = 7eb65dc4734f1db1c2d251f62ac26b6fb947bb68fe177af79107d4ea3d627704 +SIZE (chneukirchen-outils-v0.4.2_GH0.tar.gz) = 292388 diff --git a/security/signify/files/openbsd-58-base.pub b/security/signify/files/openbsd-58-base.pub new file mode 100644 index 00000000000..7ae2b353848 --- /dev/null +++ b/security/signify/files/openbsd-58-base.pub @@ -0,0 +1,2 @@ +untrusted comment: openbsd 5.8 base public key +RWQNNZXtC/MqP3Eiu+6FBz/qrxiWQwDhd+9Yljzp62UP4KzFmmvzVk60 diff --git a/security/signify/files/openbsd-58-fw.pub b/security/signify/files/openbsd-58-fw.pub new file mode 100644 index 00000000000..f9bb97f589a --- /dev/null +++ b/security/signify/files/openbsd-58-fw.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 5.8 firmware public key +RWTpkvg4fhJCDx9yL4bUCou/vtAecPVTfcaaGESQeBruwX/qHToMvWh6 diff --git a/security/signify/files/openbsd-58-pkg.pub b/security/signify/files/openbsd-58-pkg.pub new file mode 100644 index 00000000000..b9960073131 --- /dev/null +++ b/security/signify/files/openbsd-58-pkg.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 5.8 packages public key +RWRlkI2aFHvL/XGqD+lFerD/xUi/jnAXKwdFQwZDekYwDrEPSpSWgpI9 diff --git a/security/signify/files/openbsd-59-base.pub b/security/signify/files/openbsd-59-base.pub new file mode 100644 index 00000000000..0fed7032d06 --- /dev/null +++ b/security/signify/files/openbsd-59-base.pub @@ -0,0 +1,2 @@ +untrusted comment: openbsd 5.9 base public key +RWQJVNompF3pwfIqbg+5sxfpxmZMa3tTBaW4qbUhWje/H/M7glrA6oVn diff --git a/security/signify/files/openbsd-59-fw.pub b/security/signify/files/openbsd-59-fw.pub new file mode 100644 index 00000000000..7406203d44c --- /dev/null +++ b/security/signify/files/openbsd-59-fw.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 5.9 firmware public key +RWSdmaNkytzh6BApmPSNSDLNg26ZaXlY8g/879UvLdo3rjbsby76Eda1 diff --git a/security/signify/files/openbsd-59-pkg.pub b/security/signify/files/openbsd-59-pkg.pub new file mode 100644 index 00000000000..691db3d52c2 --- /dev/null +++ b/security/signify/files/openbsd-59-pkg.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 5.9 packages public key +RWSLRYDCTJeWLIScncqwGuXK6JVXDcIyRT0q+0m30MXXG4W2xWS4NZBP diff --git a/security/signify/files/openbsd-60-base.pub b/security/signify/files/openbsd-60-base.pub new file mode 100644 index 00000000000..2356a4b6191 --- /dev/null +++ b/security/signify/files/openbsd-60-base.pub @@ -0,0 +1,2 @@ +untrusted comment: openbsd 6.0 base public key +RWSho3oKSqgLQy+NpIhFXZJDtkE65tzlmtC24mStf8DoJd2OPMgna4u8 diff --git a/security/signify/files/openbsd-60-fw.pub b/security/signify/files/openbsd-60-fw.pub new file mode 100644 index 00000000000..47462ce4a69 --- /dev/null +++ b/security/signify/files/openbsd-60-fw.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 6.0 firmware public key +RWRWf7GJKFvJTWEMIaw9wld0DujiqL1mlrC6HisE6i78C+2SRArV1Iyo diff --git a/security/signify/files/openbsd-60-pkg.pub b/security/signify/files/openbsd-60-pkg.pub new file mode 100644 index 00000000000..cd766d03a76 --- /dev/null +++ b/security/signify/files/openbsd-60-pkg.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 6.0 packages public key +RWQHIajRlT2mX7tmRgb6oN6mfJu3AgQ/TU38acrWABO8lz90dR3rNmey diff --git a/security/signify/files/openbsd-61-base.pub b/security/signify/files/openbsd-61-base.pub new file mode 100644 index 00000000000..d596134b5ec --- /dev/null +++ b/security/signify/files/openbsd-61-base.pub @@ -0,0 +1,2 @@ +untrusted comment: openbsd 6.1 base public key +RWQEQa33SgQSEsMwwVV1+GjzdcQfRNV2Bgo48Ztd2KiZ9bAodz9c+Maa diff --git a/security/signify/files/openbsd-61-fw.pub b/security/signify/files/openbsd-61-fw.pub new file mode 100644 index 00000000000..781d1861c68 --- /dev/null +++ b/security/signify/files/openbsd-61-fw.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 6.1 firmware public key +RWS91POk0QZXfsqi4aI7MotYz8CPzoHjYg4a1IDi56cftacjsq+ZL/KY diff --git a/security/signify/files/openbsd-61-pkg.pub b/security/signify/files/openbsd-61-pkg.pub new file mode 100644 index 00000000000..15c6416069d --- /dev/null +++ b/security/signify/files/openbsd-61-pkg.pub @@ -0,0 +1,2 @@ +untrusted comment: OpenBSD 6.1 packages public key +RWQbTjGFHEvnOckqY7u9iABhXAkEpF/6TQ3Mr6bMrWbT1wOM/HnbV9ov diff --git a/security/signify/files/patch-Makefile b/security/signify/files/patch-Makefile index 08329ce9ba6..cea5fb63540 100644 --- a/security/signify/files/patch-Makefile +++ b/security/signify/files/patch-Makefile @@ -1,12 +1,11 @@ ---- Makefile.orig 2014-07-16 16:15:20.000000000 +0200 -+++ Makefile 2014-07-16 16:15:47.000000000 +0200 -@@ -3,8 +3,7 @@ - SRCS=signify.c ohash.c strlcpy.c base64.c explicit_bzero.c readpassphrase.c bcrypt_pbkdf.c ed25519.c sc25519.c ge25519.c fe25519.c arc4random.c blowfish.c hash.c blocks.c getentropy.c verify.c sha2.c shafile.c - OBJS=$(patsubst %.c,%.o,$(SRCS)) - --CC=gcc -D_GNU_SOURCE -D_BSD_SOURCE -DHAVE_SYS_SYSCALL_H --CFLAGS=-Os -pipe -+CFLAGS=-Os -pipe -D_GNU_SOURCE -D_BSD_SOURCE -DHAVE_SYS_SYSCALL_H - LDFLAGS=-s - LDLIBS=-lcrypto +--- Makefile.orig 2016-04-06 20:14:30 UTC ++++ Makefile +@@ -21,7 +21,7 @@ src/bin/md5/md5: src/bin/md5/md5.o src/b + + src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/usr.bin/rs/utf8.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/reallocarray.o + +-src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o ++src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/pledge.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o + + src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/pledge.o src/liboutils/sha2.o src/liboutils/strtonum.o diff --git a/security/signify/files/patch-readpassphrase.c b/security/signify/files/patch-readpassphrase.c deleted file mode 100644 index f05dbf6758a..00000000000 --- a/security/signify/files/patch-readpassphrase.c +++ /dev/null @@ -1,13 +0,0 @@ ---- readpassphrase.c-orig 2014-07-15 19:27:23.000000000 +0200 -+++ readpassphrase.c 2014-07-15 19:28:20.000000000 +0200 -@@ -32,6 +32,10 @@ - #include <unistd.h> - #include <readpassphrase.h> - -+#ifndef _NSIG -+#define _NSIG NSIG -+#endif -+ - static volatile sig_atomic_t signo[_NSIG]; - - static void handler(int); diff --git a/security/signify/files/patch-src_usr.bin_signify_signify.1 b/security/signify/files/patch-src_usr.bin_signify_signify.1 new file mode 100644 index 00000000000..a2650ada538 --- /dev/null +++ b/security/signify/files/patch-src_usr.bin_signify_signify.1 @@ -0,0 +1,11 @@ +--- src/usr.bin/signify/signify.1.orig 2016-06-03 19:03:47 UTC ++++ src/usr.bin/signify/signify.1 +@@ -156,8 +156,6 @@ Verify a bsd.rd before an upgrade: + $ signify -C -p /etc/signify/openbsd-60-base.pub -x SHA256.sig bsd.rd + .Ed + .Sh SEE ALSO +-.Xr fw_update 1 , +-.Xr pkg_add 1 , + .Xr sha256 1 + .Sh HISTORY + The diff --git a/security/signify/pkg-descr b/security/signify/pkg-descr index f192942fe09..8cf9d7031e8 100644 --- a/security/signify/pkg-descr +++ b/security/signify/pkg-descr @@ -1,6 +1,9 @@ -'signify' from OpenBSD as of July 15 2014, with the necessary plumbing -cobbled together from the OpenBSD CVS to make it compile under Linux. +The signify utility creates and verifies cryptographic signatures. -Since the CVS itself is not signed, the author provides no guarantees. +This version of signify is part of outils, a portable collection of +non-standard OpenBSD tools. -WWW: http://www.fefe.de/signify/ +This port comes with OpenBSD's release public keys allowing you to +verify an OpenBSD release before installation. + +WWW: https://github.com/chneukirchen/outils/ diff --git a/security/signify/pkg-plist b/security/signify/pkg-plist new file mode 100644 index 00000000000..e297dbe109e --- /dev/null +++ b/security/signify/pkg-plist @@ -0,0 +1,14 @@ +bin/signify +%%ETCDIR%%/openbsd-58-base.pub +%%ETCDIR%%/openbsd-58-fw.pub +%%ETCDIR%%/openbsd-58-pkg.pub +%%ETCDIR%%/openbsd-59-base.pub +%%ETCDIR%%/openbsd-59-fw.pub +%%ETCDIR%%/openbsd-59-pkg.pub +%%ETCDIR%%/openbsd-60-base.pub +%%ETCDIR%%/openbsd-60-fw.pub +%%ETCDIR%%/openbsd-60-pkg.pub +%%ETCDIR%%/openbsd-61-base.pub +%%ETCDIR%%/openbsd-61-fw.pub +%%ETCDIR%%/openbsd-61-pkg.pub +man/man1/signify.1.gz |