diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2011-09-05 20:10:09 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2011-09-05 20:10:09 +0000 |
| commit | 275b006b30cfa60ebd3bea4b327951d4de9a14c7 (patch) | |
| tree | 42d947adf75fdc42b56cd3630d6608f5bf7ad9a0 /app-crypt/ekeyd | |
| parent | Version bump. Respect CC and update to EAPI 4. (diff) | |
| download | gentoo-2-275b006b30cfa60ebd3bea4b327951d4de9a14c7.tar.gz gentoo-2-275b006b30cfa60ebd3bea4b327951d4de9a14c7.tar.bz2 gentoo-2-275b006b30cfa60ebd3bea4b327951d4de9a14c7.zip | |
Bump to version 1.1.4; the patches have been collapsed into one, big gentoo patch for now.
(Portage version: 2.2.0_alpha53/cvs/Linux x86_64)
Diffstat (limited to 'app-crypt/ekeyd')
| -rw-r--r-- | app-crypt/ekeyd/ChangeLog | 9 | ||||
| -rw-r--r-- | app-crypt/ekeyd/ekeyd-1.1.4.ebuild | 190 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch | 129 |
3 files changed, 327 insertions, 1 deletions
diff --git a/app-crypt/ekeyd/ChangeLog b/app-crypt/ekeyd/ChangeLog index f625daaf914d..1c0d7be8a5ed 100644 --- a/app-crypt/ekeyd/ChangeLog +++ b/app-crypt/ekeyd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-crypt/ekeyd # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/ekeyd/ChangeLog,v 1.23 2011/04/08 11:14:49 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/ekeyd/ChangeLog,v 1.24 2011/09/05 20:10:09 flameeyes Exp $ + +*ekeyd-1.1.4 (05 Sep 2011) + + 05 Sep 2011; Diego E. Pettenò <flameeyes@gentoo.org> +ekeyd-1.1.4.ebuild, + +files/ekeyd-1.1.4-gentoo.patch: + Bump to version 1.1.4; the patches have been collapsed into one, big gentoo + patch for now. 08 Apr 2011; Diego E. Pettenò <flameeyes@gentoo.org> ekeyd-1.1.3-r4.ebuild: Fix DEPEND value. diff --git a/app-crypt/ekeyd/ekeyd-1.1.4.ebuild b/app-crypt/ekeyd/ekeyd-1.1.4.ebuild new file mode 100644 index 000000000000..25ab3039075e --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.4.ebuild @@ -0,0 +1,190 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-crypt/ekeyd/ekeyd-1.1.4.ebuild,v 1.1 2011/09/05 20:10:09 flameeyes Exp $ + +EAPI=4 + +inherit multilib linux-info toolchain-funcs + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="http://www.entropykey.co.uk/res/download/${P}.tar.gz" + +LICENSE="as-is" # yes, truly + +SLOT="0" + +KEYWORDS="~amd64 ~x86" + +IUSE="usb kernel_linux munin minimal" + +EKEYD_RDEPEND="dev-lang/lua + usb? ( virtual/libusb:0 )" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( >=sys-fs/udev-147 ) + usb? ( !kernel_linux? ( sys-apps/usbutils ) ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +REQUIRED_USE="minimal? ( !munin !usb )" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=$(use usb && echo yes || echo no) \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd $(use usb && echo install-ekey-ulusbd) + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + newinitd "${FILESDIR}"/${PN}.init ${PN} + + if use usb && ! use kernel_linux; then + newinitd "${FILESDIR}"/ekey-ulusbd.init ekey-ulusbd + newconfd "${FILESDIR}"/ekey-ulusbd.conf ekey-ulusbd + fi + + if use kernel_linux; then + local rules=udev/fedora15/60-entropykey.rules + use usb && rules=udev/fedora15/60-entropykey-uds.rules + + insinto /lib/udev/rules.d + newins ${rules} 70-${PN}.rules + + exeinto /lib/udev + doexe udev/entropykey.sh + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + elog "You can change the watermark in /etc/conf.d/ekey-egd-linux; if you do" + elog "it will require write access to the kernel's sysctl." + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use usb; then + if use kernel_linux; then + elog "You're going to use the userland USB daemon, the udev rules" + elog "will be used accordingly. If you want to use the CDC driver" + elog "please disable the usb USE flag." + else + elog "You're going to use the userland USB daemon, since your OS" + elog "does not support udev, you should start the ekey-ulusbd" + elog "service before ekeyd." + fi + + ewarn "The userland USB daemon has multiple known issues. If you can," + ewarn "please consider disabling the 'usb' USE flag and instead use the" + ewarn "CDC-ACM access method." + else + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" + fi +} diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch new file mode 100644 index 000000000000..f5f9695abcc3 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch @@ -0,0 +1,129 @@ +Index: ekeyd-1.1.4/host/ekeyd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekeyd.c ++++ ekeyd-1.1.4/host/ekeyd.c +@@ -209,7 +209,7 @@ open_foldback_output(void) + return (output_stream != NULL); + } + +-static const char *usage= ++static const char usage[]= + "Usage: %s [-f <configfile>] [-p <pidfile>] [-v] [-h]\n" + "Entropy Key Daemon\n\n" + "\t-f Read configuration from configfile\n" +Index: ekeyd-1.1.4/host/ekey-setkey.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-setkey.c ++++ ekeyd-1.1.4/host/ekey-setkey.c +@@ -79,7 +79,7 @@ calc_mac(uint8_t *snum, uint8_t *mkey, u + return mac; + } + +-static const char *usage = ++static const char usage[] = + "Usage: %s [-d] [-h] [-n] [-f <keyring>] [-m <master>]\n" + " [-s <serial>] <path>\n" + "Entropy key device long term session key tool\n\n" +Index: ekeyd-1.1.4/host/ekey-ulusbd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-ulusbd.c ++++ ekeyd-1.1.4/host/ekey-ulusbd.c +@@ -100,7 +100,8 @@ find_usb_device(char *busmatch, char *de + + #if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP + if ((r = usb_detach_kernel_driver_np(devh, EKEY_IFACE)) != 0) { +- if (r != -ENODATA) { ++ /* libusb_compat-0.1.3 mistakenly translate ENODATA to ENOENT */ ++ if (r != -ENODATA && r != -ENOENT) { + fprintf(stderr, + "Unable to detach Entropy Key at %s/%s from kernel\n", + busmatch, devmatch); +Index: ekeyd-1.1.4/udev/entropykey.sh +=================================================================== +--- ekeyd-1.1.4.orig/udev/entropykey.sh ++++ ekeyd-1.1.4/udev/entropykey.sh +@@ -19,9 +19,9 @@ wait_for_usb () { + COUNTER=$(( ${COUNTER} + 1 )) + test ${COUNTER} -ge 10 && exit 1 + done +- $BINPATH/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid -p/var/run/entropykeys/${ENTROPY_KEY_SERIAL} -D ++ /usr/libexec/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid -p/dev/entropykey/${ENTROPY_KEY_SERIAL} -D + sleep 1 +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + exit 0 + } + +@@ -34,18 +34,18 @@ else + if test "x${BUSNUM}" = "x" -o "x${DEVNUM}" = "x"; then + exit 0 + fi +- if test -r "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid"; then +- kill $(cat "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid") || true ++ if test -r "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid"; then ++ kill $(< "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid") || true + fi +- mkdir -p /var/run/entropykeys ++ mkdir -p /dev/entropykey /dev/.ekeyd-ulusb + wait_for_usb & + exit 0 + fi + # Update ekeyd with device operation +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + if test "x$ACTION" = "xremove"; then +- rm "/var/run/ekey-ulusbd-${ENTROPYKEY_KEY_SERIAL}.pid" +- rm "/var/run/entropykeys/${ENTROPYKEY_KEY_SERIAL}" ++ rm "/dev/.ekey-ulusbd/${ENTROPYKEY_KEY_SERIAL}.pid" ++ rm "/dev/entropykey/${ENTROPYKEY_KEY_SERIAL}" + fi + fi + +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +@@ -12,7 +12,7 @@ + ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # Add the /dev/entropykey/<serialnumber> symbolic link + ENV{ENTROPY_KEY_SERIAL}!="", SYMLINK+="entropykey/$env{ENTROPY_KEY_SERIAL}" +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey-uds.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +@@ -9,7 +9,7 @@ + # For licence terms refer to the COPYING file. + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" ++ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # And tell the ekeyd about the device action. + ENV{ENTROPY_KEY_SERIAL}!="", RUN+="/lib/udev/entropykey.sh" +Index: ekeyd-1.1.4/host/Makefile +=================================================================== +--- ekeyd-1.1.4.orig/host/Makefile ++++ ekeyd-1.1.4/host/Makefile +@@ -107,7 +107,7 @@ OPT ?= -O2 + CFLAGS += $(INCLUDES) + CFLAGS += -g -Wall $(OPT) + CFLAGS += -fno-strict-aliasing +-CFLAGS += -std=c99 -Wall -pedantic -Wshadow -Werror -D_GNU_SOURCE ++CFLAGS += -std=c99 -Wall -pedantic -Wshadow -D_GNU_SOURCE + CFLAGS += '-DCONFIGFILE="$(SYSCONFPREFIX)/ekeyd.conf"' + CFLAGS += '-DPIDFILE="$(RUNTIMEPREFIX)/ekeyd.pid"' + CFLAGS += '-DKEYRINGFILE="$(SYSCONFPREFIX)/keyring"' +@@ -148,7 +148,7 @@ daemonise_ulusbd.o: daemonise.c + $(COMPILE.c) $(OUTPUT_OPTION) $(PTHFLAGS) $^ + + egd-linux: egd-linux.o daemonise.o +- $(CC) $(CFLAGS) -o $@ $^ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + ekeyd: ekeyd.o daemonise.o lstate.o connection.o stream.o frame.o packet.o keydb.o util.o fds.o krnlop.o foldback.o stats.o nonce.o ../device/frames/pem.o ../device/skeinwrap.o ../device/skein/skein.o ../device/skein/skein_block.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) |