diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /app-crypt/ekeyd | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'app-crypt/ekeyd')
19 files changed, 1053 insertions, 0 deletions
diff --git a/app-crypt/ekeyd/Manifest b/app-crypt/ekeyd/Manifest new file mode 100644 index 000000000000..5c6b80cb12d4 --- /dev/null +++ b/app-crypt/ekeyd/Manifest @@ -0,0 +1,20 @@ +AUX 90-ekeyd.rules 691 BLAKE2B 8c36ca2a6228e2fd6b203513a5f23f3e9b44193c46127c46def7110b0a3a3e020e6959cb4c3dd8bdbe0c057e389c37326011083aae0104b91f247a2932a3c915 SHA512 12d949e90af31992ac671ae42172a2169592dfba9b921ed684a37e7fe330bef44abb2c0a1a5df63ddde940b00fb10fa9cfba493c69614ce0f10aba4de78ea6d3 +AUX ekey-egd-linux.conf.2 266 BLAKE2B 387aa2985ddd362f2c0d9eedbfcd23b24a52b210d853671e3670819e730648b12658b8364fafc39b41cdd1601a8ba1471c7f23b1c8cd9a330a7169049e890420 SHA512 3e8db66552a5c04045226debbf6a7add01301bf98bb26c48033f4bceacde82f25e449fced2d46667009165e9d2f327134e6c963142295d7ef065eaa47b383393 +AUX ekey-egd-linux.init.2 456 BLAKE2B d4e7900bc0e2a089744cc1bf49084cf83c2d8f8ade84bbdea39d6c21f7896bc22e8ef7b650a2efb198b19bea5abb983b20dbafde019d8fc1ec3d57171f491a9f SHA512 55e7be6464b685aa5b290bd310020f4a01926d07a9cb071fc117081bc751a902ebbb9db51a81a5168a34cebc2ecc02360b4917356e25a2e205f57491739ff190 +AUX ekey-ulusbd.conf.2 495 BLAKE2B 16ff2a3dec83f6623a2ed714e18db8c21885014c99d6409c39ec0745979b3ef10ae693114acdcda6697e1bfce9d9ed3cceed8abb2b4319f8ae29904c6e69a369 SHA512 9d4b5d594790d34ed4b513a00b60518c0770ccba87b159e1f9eaac382275658e53f5274ee24743e8d103bbe4a2351ce865157013e0dfeefa32e37fe4d2348677 +AUX ekey-ulusbd.init.2 900 BLAKE2B a9aa95448ff5d65d18689489bc14a2ddedc8f5ac858d28d569a58ae960196342c86893f903975bbe86fd9ea8a27950bbd36df91061fd8f8e146285bb18d27e51 SHA512 cae15995b8d8b66ef4209fe3cd8a14edcc2645b10dbb6f4da54e929a9347db675abcf9232841863c14a450789768247eda5929667021b5bada041365fbc1470d +AUX ekeyd-1.1.4-gentoo.patch 6565 BLAKE2B b7fc5fe83eeb0d8f56d2d2a4ed00970502cac53d5c5e4c485b2b25af672b74f3c263c944a4b2abb2b710655f80276ed6aceec59b22ed76d72d6b280ffd1731d6 SHA512 f65a1cef8bd4e280a8dd8ce51f23661286ed3fd688d34943793eb326d417016a53312c6b344aab3465a8930c7de8cd10d6d572bd67f92cf8f65386f2f5ca1875 +AUX ekeyd-1.1.5-const_char_usage.patch 1094 BLAKE2B e19d837be0652844c95cf87af8381a09f1913471609616ded55e6e3d7e0876f8996d31909e72c0ec759b324e54cc785bbde77c4eaf4f87e81935521d71427176 SHA512 92198522e3dd90d2274d9c5171c216c3a3db9d334b2b14363781456f167a65df5370a7dcf430246d944e1e14e5278bf130e068063e600589f74026ca39e319a5 +AUX ekeyd-1.1.5-enoent.patch 863 BLAKE2B ec953667eaa23dcf91b15b01689c4be6315641dadaf9021240d67039ed88f651a3fe131581b60e71da8a4d9776952bed9db144c1340c98cf119e5746b53a16c9 SHA512 ace451e7aafc61e21422a81e50d3954189f80fec50160002c579db27865b46c95dc6db557533a9aa6ef3ca744394542754ba46f96de90a026e19a14477522e50 +AUX ekeyd-1.1.5-misc.patch 1245 BLAKE2B 555c6406461226ec8867f226e88bb9ca4f39d0a726c241c1638dd3339434b9f1d34620319de42c62e034da12cabebb739c92cc5df96ec9d3c79b339be839d6a2 SHA512 5a1a523fab7146e97f8396ef82d6755e1b209df728ee83dae87619a0a6d84b0b44e41b9e67f287b7f3d54a2ef80a19320650662cca0f1dfe0053eba75d113f04 +AUX ekeyd-1.1.5-path-fixes.patch 1918 BLAKE2B cf29e1f7fbaef728d0c4db2b71b1ac611ba5905c16b20b511f282a649359a0e458d44e0ca9b46db9b9abbd1da8935caa5605312314fb6027589ba03aa23f9759 SHA512 aba7b1cba96e678725fc8b47b56d815d59ce015ff6a4f72eaaf5fe8b7a99ddedf05ef3534a51772330209fb3cef235d76207103ee1e7a1f3315f4a52d2c0c2be +AUX ekeyd-1.1.5-remove-werror.patch 1205 BLAKE2B c10ae2dc785a3bcb98a47af002d3f96b7908046dddc091f8342a7a61d4a38278f05b677445bdf60ad3260af6d723c1a06b3bd0a279b1ba4ffb07e3a5ae2f3c5b SHA512 2ea01bbe642bd52351e8ab9b7b62147c5bec7918305dc2c5be9291e3ae98fdd90f0e6e36c450e4db6220076a45a22cf870c81b3e23beed9170f262c857acecfd +AUX ekeyd-1.1.5-udev-rule.patch 2325 BLAKE2B 5617dd160c6f3617bb93dc97755f22c535ebcaa190cbca0abb456168ebb1579ce7b1db961167230540e03b56f92008a12e846c54200d5354711c64bc7e9c0e6d SHA512 05023ef85c454a9092cecf7f3826430caeda1e66ba5759ffe1e6f4c42f4da32048862dba6c6e19ab32febadc3a9f65cf5e1b8f0562a71fc854134b60df28a80c +AUX ekeyd.init.2 699 BLAKE2B 4ce17a42ffc60b49232cc0bb5a19d36fecc55071df699a7ad7da6a49de352a599b8f0f11fc05fa4159d8975245e7b6181e96303182870519a7f57070a6b54da4 SHA512 3c1fe923e6f08d83d02b9559fa5b817e9abdbc97a50815ab01c7c17e3e953f54701eb1110340dc164bb67ef67905041054cd4fc98c11ea5932a539f4330c8b71 +AUX ekeyd.service 157 BLAKE2B d7976301d7eb0d9be05de574f3b25c13ed3767629dff7024e7621a2d29686045cfd7664e2127a87b92d32e719b470a2795159e45c310bfdcfffa75897341213f SHA512 1082a1dc58b820882015c4f09d5154691d9d8810bfe953049a6853ea5025ec7cff2377ee931ec8ceef295241083c162e582a75fd0b134f7e8789f6d470285445 +DIST ekeyd-1.1.4.tar.gz 100911 BLAKE2B 7b0c6ed31f73ed559ed0a34325680618d700d069b873e7ebc92dc8d8082c9d03e5ea2d7ddfc2b31e927914a0d2cd130faed97ce07eea4af3005f1499b1fd2d1c SHA512 40632722827e07ebc643fa32af9910b28053873329772681dba2b029ad0b3c63d1d6bba3fdd0549b84e23779d2e2ae0323a53e1fdf93eb963570bab2227b63e6 +DIST ekeyd_1.1.5.orig.tar.gz 101366 BLAKE2B 7edd6d291f7553864c9aa96ee3d9533e33b6c94989b2c6b1a56eda42f61afe1633af5e7c3c8f5f57920ac0577f8567d1b09238eae35138ab2023600f01096466 SHA512 c30620d5e54a49929be72ed04448a4f08eb9658dbf7534586c49a3b43bdd5fc95a0659e09cc04b012c339ca20a1e914fa5a4b4d970171c46b64235f284516b9a +EBUILD ekeyd-1.1.4-r2.ebuild 5604 BLAKE2B d3d63f22f9ca5606c1648365461581a294dd6775a2cd1fbcc26bd16ad5f809152afa6164ca24ea35c328f919bcff27dce867b4c9a5dc65751219a11e920f157b SHA512 67f60f6aef075cbe8c8be460f953c66191b0e4e4c88c5b5ed98b2fce9d3cb79290eda3e79668a9b0bc3a02fffab47a4b62fbd9a4ff6c9bb8e0925917f3c12d9b +EBUILD ekeyd-1.1.5-r1.ebuild 4877 BLAKE2B f7b49794d5c43cb8997e2074aa8ece5cf75a24baf6d2b49cf8626e2a96487b9689c887008f43cd9b3a577c8f07533b244abebd406da397baaa38242201fabea1 SHA512 5280b08daee08ee697de152a8db129c180e1d633096431a9511a03c9bfdd552411cf00e088daeef675c70621a30fac069de79ae89d63bd9f071ba134fb4dad55 +EBUILD ekeyd-1.1.5.ebuild 4865 BLAKE2B 794a77bc8907afd614d7fa23a22b76c70e193b09c47b8706a63143ae63810dd7bc6fafed6e87ca03ab63f87daf289afce6f84220dde0ce796df9363c203c878b SHA512 dd6e8b2913eb2628c70aa3d22687982fbbfad2c084a5407f693429c7bacb7c55f5d20f2ffb35df13fcd2f644b1a648c1985b2ec71bdca8c659f2fc5bda6dbce2 +MISC metadata.xml 859 BLAKE2B f300afe133b92ef4d4dd1a6f7bffebdb9ff1b152fd08484d56b327c1eaaaa2a2c5c2bf98a8f98851bd427a1143c1d84537aed47ea6048fb10bd0695ee817a202 SHA512 0b7ac8a9894b69bcf0d16bcae83146ef00c05f1a1ecb41244a03cbb5ee8d64328647eceddcac36a5900e87dd07af81c79c7e62e94f70e67244b2c8dac73f57da diff --git a/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild b/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild new file mode 100644 index 000000000000..70403d447d8e --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild @@ -0,0 +1,185 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils multilib linux-info toolchain-funcs udev + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="http://www.entropykey.co.uk/res/download/${P}.tar.gz" + +LICENSE="MIT GPL-2" # GPL-2 (only) for init script +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="usb kernel_linux munin minimal" +REQUIRED_USE="minimal? ( !munin !usb )" + +EKEYD_RDEPEND="dev-lang/lua + usb? ( virtual/libusb:0 )" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( virtual/udev ) + usb? ( !kernel_linux? ( sys-apps/usbutils ) ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux + sys-apps/openrc" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=$(use usb && echo yes || echo no) \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf.2 ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init.2 ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd $(use usb && echo install-ekey-ulusbd) + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + newinitd "${FILESDIR}"/${PN}.init.2 ${PN} + + if use usb && ! use kernel_linux; then + newinitd "${FILESDIR}"/ekey-ulusbd.init.2 ekey-ulusbd + newconfd "${FILESDIR}"/ekey-ulusbd.conf.2 ekey-ulusbd + fi + + if use kernel_linux; then + local rules=udev/fedora15/60-entropykey.rules + use usb && rules=udev/fedora15/60-entropykey-uds.rules + + udev_newrules ${rules} 70-${PN}.rules + + exeinto "$(get_udevdir)" + doexe udev/entropykey.sh + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + ewarn "Since version 1.1.4-r1, ekey-egd-linux will *not* set the watermark for" + ewarn "you, instead you'll have to configure the sysctl in /etc/sysctl.conf" + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use usb; then + if use kernel_linux; then + elog "You're going to use the userland USB daemon, the udev rules" + elog "will be used accordingly. If you want to use the CDC driver" + elog "please disable the usb USE flag." + else + elog "You're going to use the userland USB daemon, since your OS" + elog "does not support udev, you should start the ekey-ulusbd" + elog "service before ekeyd." + fi + + ewarn "The userland USB daemon has multiple known issues. If you can," + ewarn "please consider disabling the 'usb' USE flag and instead use the" + ewarn "CDC-ACM access method." + else + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" + fi +} diff --git a/app-crypt/ekeyd/ekeyd-1.1.5-r1.ebuild b/app-crypt/ekeyd/ekeyd-1.1.5-r1.ebuild new file mode 100644 index 000000000000..cd17249ebd07 --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.5-r1.ebuild @@ -0,0 +1,164 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils multilib linux-info toolchain-funcs udev systemd + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="mirror://ubuntu/pool/universe/e/ekeyd/ekeyd_${PV}.orig.tar.gz" + +LICENSE="MIT GPL-2" # GPL-2 (only) for init script +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="kernel_linux munin minimal usb" +REQUIRED_USE="minimal? ( !munin )" + +EKEYD_RDEPEND="dev-lang/lua" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( virtual/udev ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux + virtual/service-manager" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}/${P}-const_char_usage.patch"; + epatch "${FILESDIR}/${P}-enoent.patch"; + epatch "${FILESDIR}/${P}-path-fixes.patch"; + epatch "${FILESDIR}/${P}-udev-rule.patch"; + epatch "${FILESDIR}/${P}-remove-werror.patch"; + epatch "${FILESDIR}/${P}-misc.patch"; +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=no \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf.2 ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init.2 ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + systemd_dounit "${FILESDIR}/ekeyd.service" + + newinitd "${FILESDIR}"/${PN}.init.2 ${PN} + + if use kernel_linux; then + local rules="${FILESDIR}/90-ekeyd.rules" + udev_newrules ${rules} 90-${PN}.rules + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + ewarn "Since version 1.1.4-r1, ekey-egd-linux will *not* set the watermark for" + ewarn "you, instead you'll have to configure the sysctl in /etc/sysctl.conf" + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" +} diff --git a/app-crypt/ekeyd/ekeyd-1.1.5.ebuild b/app-crypt/ekeyd/ekeyd-1.1.5.ebuild new file mode 100644 index 000000000000..f03ac2d0a62f --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.5.ebuild @@ -0,0 +1,164 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils multilib linux-info toolchain-funcs udev systemd + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="mirror://ubuntu/pool/universe/e/ekeyd/ekeyd_${PV}.orig.tar.gz" + +LICENSE="MIT GPL-2" # GPL-2 (only) for init script +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="kernel_linux munin minimal" +REQUIRED_USE="minimal? ( !munin )" + +EKEYD_RDEPEND="dev-lang/lua" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( virtual/udev ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux + sys-apps/openrc" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}/${P}-const_char_usage.patch"; + epatch "${FILESDIR}/${P}-enoent.patch"; + epatch "${FILESDIR}/${P}-path-fixes.patch"; + epatch "${FILESDIR}/${P}-udev-rule.patch"; + epatch "${FILESDIR}/${P}-remove-werror.patch"; + epatch "${FILESDIR}/${P}-misc.patch"; +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=no \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf.2 ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init.2 ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + systemd_dounit "${FILESDIR}/ekeyd.service" + + newinitd "${FILESDIR}"/${PN}.init.2 ${PN} + + if use kernel_linux; then + local rules="${FILESDIR}/90-ekeyd.rules" + udev_newrules ${rules} 90-${PN}.rules + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + ewarn "Since version 1.1.4-r1, ekey-egd-linux will *not* set the watermark for" + ewarn "you, instead you'll have to configure the sysctl in /etc/sysctl.conf" + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" +} diff --git a/app-crypt/ekeyd/files/90-ekeyd.rules b/app-crypt/ekeyd/files/90-ekeyd.rules new file mode 100644 index 000000000000..2532ba852efc --- /dev/null +++ b/app-crypt/ekeyd/files/90-ekeyd.rules @@ -0,0 +1,16 @@ +# Entropy key udev rules +# +# Centos/RHEL 6 rules for udev version 147 +# +# These rules create devices under /dev/entropykey/<serialnumber> +# +# Copyright 2011-2014 Simtec Electronics +# +# For licence terms refer to the COPYING file distributed with the source. + +ACTION=="add", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", SYMLINK+="entropykey/$env{ID_SERIAL_SHORT}" + +ACTION=="add", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", RUN+="/usr/sbin/ekeydctl add /dev/entropykey/$env{ID_SERIAL_SHORT}" + +ACTION=="remove", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", RUN+="/usr/sbin/ekeydctl remove $env{ID_SERIAL_SHORT}" + diff --git a/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 b/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 new file mode 100644 index 000000000000..8c0b089d94b5 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 @@ -0,0 +1,10 @@ +# Configuration file for ekey-egd-linux + +# Hostname or IP address to connect to. +#HOST="localhost" +# Port number to connect to. +#PORT="8888" +# Time between reconnect attempts. +#RECONNECTINTERVAL=10 +# Set the number of 1024 bit blocks to request each time +#BLOCKS=2 diff --git a/app-crypt/ekeyd/files/ekey-egd-linux.init.2 b/app-crypt/ekeyd/files/ekey-egd-linux.init.2 new file mode 100644 index 000000000000..4aac23e59507 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-egd-linux.init.2 @@ -0,0 +1,22 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +: ${HOST:=localhost} +: ${PORT:=8888} +: ${RECONNECTINTERVAL:=10} +: ${BLOCKS:=2} + +description="EntropyKey EGD client" + +pidfile=/var/run/$SVCNAME.pid + +command=/usr/libexec/ekey-egd-linux +command_args="-H ${HOST} -p ${PORT} -r ${RECONNECTINTERVAL} -b ${BLOCKS} -D ${pidfile}" + +depend() { + use net + after ekeyd + + provide entropy +} diff --git a/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 b/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 new file mode 100644 index 000000000000..15a641fa3ffe --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 @@ -0,0 +1,16 @@ +# Copyright 2009-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# The userland USB daemon has to know the USB path of the EntopyKey to +# work properly; in alternative to providing these statically, they +# can be found by giving the serial of the key. +# +# The serial will also be used to set the default path to open the +# socket to. + +EKEY_SERIAL="" +#USB_BUS="" +#USB_DEV="" + +# this is set by default +# SOCKET_PATH="/var/run/ekey-ulusbd-${EKEY_SERIAL}" diff --git a/app-crypt/ekeyd/files/ekey-ulusbd.init.2 b/app-crypt/ekeyd/files/ekey-ulusbd.init.2 new file mode 100644 index 000000000000..ef52db2a6685 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-ulusbd.init.2 @@ -0,0 +1,40 @@ +#!/sbin/openrc-run +# Copyright 2009-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +INSTANCE="${SVCNAME#*.}" +if [ -z "${INSTANCE}" -o "${SVCNAME}" = "ekey-ulusbd" ]; then + INSTANCE="ekey-ulusbd" +fi + +: ${SOCKET_PATH:=/var/run/ekey-ulusbd-${EKEY_SERIAL}} + +description="EntropyKey Userland USB Daemon" + +pidfile=/var/run/$SVCNAME.pid +command=/usr/libexec/ekey-ulusbd +command_args="-P ${pidfile} -p ${SOCKET_PATH}" + +depend() { + need localmount +} + +start() { + if [ -z ${USB_BUS} ]; then + set -- $(lsusb -v -d 20df:0001 | \ + egrep '(^Bus|iSerial)' | \ + grep -B1 "${EKEY_SERIAL}" | \ + head -n 1 | \ + cut -c 5-7,15-18) + USB_BUS=$1 + USB_DEV=$2 + fi + + ebegin "Starting ${description}" + start-stop-daemon \ + --start --pidfile ${pidfile} \ + --exec ${command} -- \ + ${command_args} \ + -b $(printf %03d ${USB_BUS}) -d $(printf %03d ${USB_DEV}) -D + eend $? +} diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch new file mode 100644 index 000000000000..f1491362e83f --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch @@ -0,0 +1,133 @@ +Index: ekeyd-1.1.4/host/ekeyd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekeyd.c ++++ ekeyd-1.1.4/host/ekeyd.c +@@ -209,7 +209,7 @@ open_foldback_output(void) + return (output_stream != NULL); + } + +-static const char *usage= ++static const char usage[]= + "Usage: %s [-f <configfile>] [-p <pidfile>] [-v] [-h]\n" + "Entropy Key Daemon\n\n" + "\t-f Read configuration from configfile\n" +Index: ekeyd-1.1.4/host/ekey-setkey.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-setkey.c ++++ ekeyd-1.1.4/host/ekey-setkey.c +@@ -79,7 +79,7 @@ calc_mac(uint8_t *snum, uint8_t *mkey, u + return mac; + } + +-static const char *usage = ++static const char usage[] = + "Usage: %s [-d] [-h] [-n] [-f <keyring>] [-m <master>]\n" + " [-s <serial>] <path>\n" + "Entropy key device long term session key tool\n\n" +Index: ekeyd-1.1.4/host/ekey-ulusbd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-ulusbd.c ++++ ekeyd-1.1.4/host/ekey-ulusbd.c +@@ -100,7 +100,8 @@ find_usb_device(char *busmatch, char *de + + #if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP + if ((r = usb_detach_kernel_driver_np(devh, EKEY_IFACE)) != 0) { +- if (r != -ENODATA) { ++ /* libusb_compat-0.1.3 mistakenly translate ENODATA to ENOENT */ ++ if (r != -ENODATA && r != -ENOENT) { + fprintf(stderr, + "Unable to detach Entropy Key at %s/%s from kernel\n", + busmatch, devmatch); +Index: ekeyd-1.1.4/udev/entropykey.sh +=================================================================== +--- ekeyd-1.1.4.orig/udev/entropykey.sh ++++ ekeyd-1.1.4/udev/entropykey.sh +@@ -19,9 +19,9 @@ wait_for_usb () { + COUNTER=$(( ${COUNTER} + 1 )) + test ${COUNTER} -ge 10 && exit 1 + done +- $BINPATH/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid -p/var/run/entropykeys/${ENTROPY_KEY_SERIAL} -D ++ /usr/libexec/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid -p/dev/entropykey/${ENTROPY_KEY_SERIAL} -D + sleep 1 +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + exit 0 + } + +@@ -34,18 +34,18 @@ else + if test "x${BUSNUM}" = "x" -o "x${DEVNUM}" = "x"; then + exit 0 + fi +- if test -r "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid"; then +- kill $(cat "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid") || true ++ if test -r "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid"; then ++ kill $(< "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid") || true + fi +- mkdir -p /var/run/entropykeys ++ mkdir -p /dev/entropykey /dev/.ekeyd-ulusb + wait_for_usb & + exit 0 + fi + # Update ekeyd with device operation +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + if test "x$ACTION" = "xremove"; then +- rm "/var/run/ekey-ulusbd-${ENTROPYKEY_KEY_SERIAL}.pid" +- rm "/var/run/entropykeys/${ENTROPYKEY_KEY_SERIAL}" ++ rm "/dev/.ekey-ulusbd/${ENTROPYKEY_KEY_SERIAL}.pid" ++ rm "/dev/entropykey/${ENTROPYKEY_KEY_SERIAL}" + fi + fi + +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +@@ -9,10 +9,10 @@ + # For licence terms refer to the COPYING file distributed with the source. + + # Detect an Entropy Key being inserted and add info values to environment +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # Add the /dev/entropykey/<serialnumber> symbolic link + ENV{ENTROPY_KEY_SERIAL}!="", SYMLINK+="entropykey/$env{ENTROPY_KEY_SERIAL}" +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey-uds.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +@@ -9,7 +9,7 @@ + # For licence terms refer to the COPYING file. + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" ++ACTION=="add|change|remove", SUBSYSTEM=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # And tell the ekeyd about the device action. + ENV{ENTROPY_KEY_SERIAL}!="", RUN+="/lib/udev/entropykey.sh" +Index: ekeyd-1.1.4/host/Makefile +=================================================================== +--- ekeyd-1.1.4.orig/host/Makefile ++++ ekeyd-1.1.4/host/Makefile +@@ -107,7 +107,7 @@ OPT ?= -O2 + CFLAGS += $(INCLUDES) + CFLAGS += -g -Wall $(OPT) + CFLAGS += -fno-strict-aliasing +-CFLAGS += -std=c99 -Wall -pedantic -Wshadow -Werror -D_GNU_SOURCE ++CFLAGS += -std=c99 -Wall -pedantic -Wshadow -D_GNU_SOURCE + CFLAGS += '-DCONFIGFILE="$(SYSCONFPREFIX)/ekeyd.conf"' + CFLAGS += '-DPIDFILE="$(RUNTIMEPREFIX)/ekeyd.pid"' + CFLAGS += '-DKEYRINGFILE="$(SYSCONFPREFIX)/keyring"' +@@ -148,7 +148,7 @@ daemonise_ulusbd.o: daemonise.c + $(COMPILE.c) $(OUTPUT_OPTION) $(PTHFLAGS) $^ + + egd-linux: egd-linux.o daemonise.o +- $(CC) $(CFLAGS) -o $@ $^ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + ekeyd: ekeyd.o daemonise.o lstate.o connection.o stream.o frame.o packet.o keydb.o util.o fds.o krnlop.o foldback.o stats.o nonce.o ../device/frames/pem.o ../device/skeinwrap.o ../device/skein/skein.o ../device/skein/skein_block.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch new file mode 100644 index 000000000000..81ad8e6a5337 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch @@ -0,0 +1,32 @@ +# HG changeset patch +# User kristianf +# Date 1382916823 -3600 +# Mon Oct 28 00:33:43 2013 +0100 +# Node ID 0d99149615ec5ec70a6d03c685291ddc55babff6 +# Parent fd192324ff9ae4c4c92cdb9c27f5ae100da136a6 +Rewrite static const char *usage + +diff -r fd192324ff9a -r 0d99149615ec host/ekey-setkey.c +--- a/host/ekey-setkey.c Mon Oct 28 00:31:59 2013 +0100 ++++ b/host/ekey-setkey.c Mon Oct 28 00:33:43 2013 +0100 +@@ -79,7 +79,7 @@ + return mac; + } + +-static const char *usage = ++static const char usage[] = + "This is a low level tool. You probably wanted to use ekey-rekey instead.\n\n" + "Usage: %s [-d] [-h] [-n] [-f <keyring>] [-m <master>]\n" + " [-s <serial>] <path>\n" +diff -r fd192324ff9a -r 0d99149615ec host/ekeyd.c +--- a/host/ekeyd.c Mon Oct 28 00:31:59 2013 +0100 ++++ b/host/ekeyd.c Mon Oct 28 00:33:43 2013 +0100 +@@ -209,7 +209,7 @@ + return (output_stream != NULL); + } + +-static const char *usage= ++static const char usage[] = + "Usage: %s [-f <configfile>] [-p <pidfile>] [-v] [-h]\n" + "Entropy Key Daemon\n\n" + "\t-f Read configuration from configfile\n" diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch new file mode 100644 index 000000000000..2d4cccbafafa --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch @@ -0,0 +1,23 @@ +# HG changeset patch +# User kristianf +# Date 1382916946 -3600 +# Mon Oct 28 00:35:46 2013 +0100 +# Node ID 0a9e41a05aafb98cc8c21562931cb1cbb5e30c1f +# Parent 0d99149615ec5ec70a6d03c685291ddc55babff6 +libusb_compat + +diff -r 0d99149615ec -r 0a9e41a05aaf host/ekey-ulusbd.c +--- a/host/ekey-ulusbd.c Mon Oct 28 00:33:43 2013 +0100 ++++ b/host/ekey-ulusbd.c Mon Oct 28 00:35:46 2013 +0100 +@@ -100,8 +100,9 @@ + + #if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP + if ((r = usb_detach_kernel_driver_np(devh, EKEY_IFACE)) != 0) { +- if (r != -ENODATA) { +- fprintf(stderr, ++ /* libusb_compat-0.1.3 mistakenly translate ENODATA to ENOENT */ ++ if (r != -ENODATA && r != -ENOENT) { ++ fprintf(stderr, + "Unable to detach Entropy Key at %s/%s from kernel\n", + busmatch, devmatch); + usb_close(devh); diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch new file mode 100644 index 000000000000..660f0bacf0ac --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch @@ -0,0 +1,50 @@ +diff -r 724cf5abf164 host/Makefile +--- a/host/Makefile Mon Oct 28 00:43:49 2013 +0100 ++++ b/host/Makefile Mon Oct 28 00:54:01 2013 +0100 +@@ -19,7 +19,7 @@ + RM ?= rm -f + LUA_V ?= 5.1 + EXTRA_INC ?= +-LUA_INC ?= -I/usr/include/lua5.1 ++LUA_INC ?= -I/usr/include + LIBDL ?= -ldl + PTHFLAGS ?= + PTHLIBS ?= -lpthread +@@ -31,7 +31,7 @@ + MANZEXT := .gz + + # Current tool version as returned from tools +-EKEYD_VERSION_S="1.1.4" ++EKEYD_VERSION_S="1.1.5" + + # Attempt to detect an OS and set build options as appropriate + OSNAME=$(shell uname -s | tr A-Z a-z | tr -d /) +@@ -91,10 +91,7 @@ + override MANZCMD:=cat + override MANZEXT:= + endif +-override LUA_INC:=-I/usr/local/include/lua51 + override LIBDL:= +-LIBDIRS += -L/usr/local/lib +-INCLUDES += -I/usr/local/include + endif + endif + endif +@@ -114,7 +111,7 @@ + CFLAGS += '-DEKEYD_VERSION_S=""$(EKEYD_VERSION_S)""' + CFLAGS += $(EXTRA_CFLAGS) + +-LIBS += -llua$(LUA_V) -lm $(LIBDL) ++LIBS += -llua -lm $(LIBDL) + LDFLAGS += $(LIBDIRS) + + +@@ -157,7 +154,7 @@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + control.inc: bin2c.lua control.lua +- lua$(LUA_V) bin2c.lua +control.lua result > control.inc.new ++ lua bin2c.lua +control.lua result > control.inc.new + mv control.inc.new control.inc + + lstate.o: lstate.c control.inc diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch new file mode 100644 index 000000000000..0a9a59186d1d --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch @@ -0,0 +1,49 @@ +# HG changeset patch +# User kristianf +# Date 1382917171 -3600 +# Mon Oct 28 00:39:31 2013 +0100 +# Node ID d96c42b36cb125e6e52cff623b7bdad1910284b4 +# Parent 0a9e41a05aafb98cc8c21562931cb1cbb5e30c1f +entropykey.sh + +diff -r 0a9e41a05aaf -r d96c42b36cb1 udev/entropykey.sh +--- a/udev/entropykey.sh Mon Oct 28 00:35:46 2013 +0100 ++++ b/udev/entropykey.sh Mon Oct 28 00:39:31 2013 +0100 +@@ -19,9 +19,10 @@ + COUNTER=$(( ${COUNTER} + 1 )) + test ${COUNTER} -ge 10 && exit 1 + done +- $BINPATH/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid -p/var/run/entropykeys/${ENTROPY_KEY_SERIAL} -D ++ /usr/libexec/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid -p/dev/entropykey/${ENTROPY_KEY_SERIAL} -D ++ + sleep 1 +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + exit 0 + } + +@@ -34,18 +35,18 @@ + if test "x${BUSNUM}" = "x" -o "x${DEVNUM}" = "x"; then + exit 0 + fi +- if test -r "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid"; then +- kill $(cat "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid") || true ++ if test -r "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid"; then ++ kill $(< "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid") || true + fi +- mkdir -p /var/run/entropykeys ++ mkdir -p /dev/entropykey /dev/.ekeyd-ulusb + wait_for_usb & + exit 0 + fi + # Update ekeyd with device operation +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + if test "x$ACTION" = "xremove"; then +- rm "/var/run/ekey-ulusbd-${ENTROPYKEY_KEY_SERIAL}.pid" +- rm "/var/run/entropykeys/${ENTROPYKEY_KEY_SERIAL}" ++ rm "/dev/.ekey-ulusbd/${ENTROPYKEY_KEY_SERIAL}.pid" ++ rm "/dev/entropykey/${ENTROPYKEY_KEY_SERIAL}" + fi + fi + diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch new file mode 100644 index 000000000000..bb5862dee986 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch @@ -0,0 +1,29 @@ +# HG changeset patch +# User kristianf +# Date 1382917429 -3600 +# Mon Oct 28 00:43:49 2013 +0100 +# Node ID 724cf5abf164dd5889a7c72916aa524c3822b8bd +# Parent 902b9c6908618864319835d69981f9ea902be324 +Makefile + +diff -r 902b9c690861 -r 724cf5abf164 host/Makefile +--- a/host/Makefile Mon Oct 28 00:41:59 2013 +0100 ++++ b/host/Makefile Mon Oct 28 00:43:49 2013 +0100 +@@ -107,7 +107,7 @@ + CFLAGS += $(INCLUDES) + CFLAGS += -g -Wall $(OPT) + CFLAGS += -fno-strict-aliasing +-CFLAGS += -std=c99 -Wall -pedantic -Wshadow -Werror -D_GNU_SOURCE ++CFLAGS += -std=c99 -Wall -pedantic -Wshadow -D_GNU_SOURCE + CFLAGS += '-DCONFIGFILE="$(SYSCONFPREFIX)/ekeyd.conf"' + CFLAGS += '-DPIDFILE="$(RUNTIMEPREFIX)/ekeyd.pid"' + CFLAGS += '-DKEYRINGFILE="$(SYSCONFPREFIX)/keyring"' +@@ -148,7 +148,7 @@ + $(COMPILE.c) $(OUTPUT_OPTION) $(PTHFLAGS) $^ + + egd-linux: egd-linux.o daemonise.o +- $(CC) $(CFLAGS) -o $@ $^ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + ekeyd: ekeyd.o daemonise.o lstate.o connection.o stream.o frame.o packet.o keydb.o util.o fds.o krnlop.o foldback.o stats.o nonce.o ../device/frames/pem.o ../device/skeinwrap.o ../device/skein/skein.o ../device/skein/skein_block.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch new file mode 100644 index 000000000000..c4b53a802bf6 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch @@ -0,0 +1,36 @@ +# HG changeset patch +# User kristianf +# Date 1382917319 -3600 +# Mon Oct 28 00:41:59 2013 +0100 +# Node ID 902b9c6908618864319835d69981f9ea902be324 +# Parent d96c42b36cb125e6e52cff623b7bdad1910284b4 +udev rule + +diff -r d96c42b36cb1 -r 902b9c690861 udev/fedora15/60-entropykey-uds.rules +--- a/udev/fedora15/60-entropykey-uds.rules Mon Oct 28 00:39:31 2013 +0100 ++++ b/udev/fedora15/60-entropykey-uds.rules Mon Oct 28 00:41:59 2013 +0100 +@@ -9,7 +9,7 @@ + # For licence terms refer to the COPYING file. + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" ++ACTION=="add|change|remove", SUBSYSTEM=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c /bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" + + # And tell the ekeyd about the device action. + ENV{ENTROPY_KEY_SERIAL}!="", RUN+="/lib/udev/entropykey.sh" +diff -r d96c42b36cb1 -r 902b9c690861 udev/fedora15/60-entropykey.rules +--- a/udev/fedora15/60-entropykey.rules Mon Oct 28 00:39:31 2013 +0100 ++++ b/udev/fedora15/60-entropykey.rules Mon Oct 28 00:41:59 2013 +0100 +@@ -9,10 +9,10 @@ + # For licence terms refer to the COPYING file distributed with the source. + + # Detect an Entropy Key being inserted and add info values to environment +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{builtin}="usb_id" + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c /bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" + + # Add the /dev/entropykey/<serialnumber> symbolic link + ENV{ENTROPY_KEY_SERIAL}!="", SYMLINK+="entropykey/$env{ENTROPY_KEY_SERIAL}" diff --git a/app-crypt/ekeyd/files/ekeyd.init.2 b/app-crypt/ekeyd/files/ekeyd.init.2 new file mode 100644 index 000000000000..5c8bc7658af1 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd.init.2 @@ -0,0 +1,29 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +INSTANCE="${SVCNAME#*.}" +if [ -z "${INSTANCE}" -o "${SVCNAME}" = "ekeyd" ]; then + INSTANCE="ekeyd" +fi + +description="EntropyKey daemon" + +pidfile=/var/run/$SVCNAME.pid +cfgfile=/etc/entropykey/${INSTANCE}.conf + +command=/usr/libexec/ekeyd +command_args="-f ${cfgfile} -p ${pidfile}" + +depend() { + config $cfgfile + + use udev ekey-ulusbd + need localmount + + # quickly parse the configuration file; we only provide entropy + # if we're not using the egd server/client split method. + if sed -e 's:--.*::' "${cfgfile}" | grep -q SetOutputToKernel; then + provide entropy + fi +} diff --git a/app-crypt/ekeyd/files/ekeyd.service b/app-crypt/ekeyd/files/ekeyd.service new file mode 100644 index 000000000000..0529574db5cb --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd.service @@ -0,0 +1,10 @@ +[Unit] +Description=Entropy key daemon + +[Service] +ExecStart=/usr/libexec/ekeyd +Type=forking +PIDFile=/var/run/ekeyd.pid + +[Install] +WantedBy=multi-user.target diff --git a/app-crypt/ekeyd/metadata.xml b/app-crypt/ekeyd/metadata.xml new file mode 100644 index 000000000000..3e3574ab1036 --- /dev/null +++ b/app-crypt/ekeyd/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>k_f@gentoo.org</email> + <name>Kristian Fiskerstrand</name> + </maintainer> + <use> + <flag name="usb"> + Build the libusb-based userland daemon for accessing the + EntropyKey (alternative to the CDC USB driver). It is suggested + to use this option by default, as the CDC driver in the kernel + often seems to be fragile (or the gadget implementation on the + EntropyKey is too buggy), and can cause various problems. + </flag> + <flag name="munin"> + Install a plugin for <pkg>net-analyzer/munin</pkg> to graph + statistical data from ekeyd. + </flag> + <flag name="minimal"> + Only install the ekey-egd-linux service rather than the full + ekeyd package. + </flag> + </use> +</pkgmetadata> |