- Add license

- Use @sample - Update to 1.3.7 Bugfixes: SOFTHSM-94: umask affecting the calling application. SOFTHSM-96: Check if Botan has already been initialised. PR: 190368 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Sponsored by: DK Hostmaster A/S
svn path=/head/; revision=355801
2014-05-30 08:30:12 +00:00 · 2014-05-30 08:30:12 +00:00 · 13a3a1b93c · 2021-03-31 03:12:20 +00:00
commit 13a3a1b93c
parent ced114a7f4
4 changed files with 6 additions and 125 deletions
--- a/security/softhsm/Makefile
+++ b/security/softhsm/Makefile
@ -2,14 +2,15 @@
 # $FreeBSD$

 PORTNAME=	softhsm
-PORTVERSION=	1.3.6
-PORTREVISION=	1
+PORTVERSION=	1.3.7
 CATEGORIES=	security
 MASTER_SITES=	http://dist.opendnssec.org/source/

 MAINTAINER=	jaap@NLnetLabs.nl
 COMMENT=	Software implementation of a Hardware Security Module (HSM)

+LICENSE=	BSD2CLAUSE
+
 LIB_DEPENDS=	libbotan-1.10.so:${PORTSDIR}/security/botan110 \
 		libsqlite3.so:${PORTSDIR}/databases/sqlite3

--- a/security/softhsm/distinfo
+++ b/security/softhsm/distinfo
@ -1,2 +1,2 @@
-SHA256 (softhsm-1.3.6.tar.gz) = e39ac8e851220edd2b2afbe4d9e06d956bccc20bc72752740eabf95692359486
-SIZE (softhsm-1.3.6.tar.gz) = 435893
+SHA256 (softhsm-1.3.7.tar.gz) = d12d6456a85561266d9da427565f3ee3746a35df6670d5e6be75de253c2810a4
+SIZE (softhsm-1.3.7.tar.gz) = 438437
--- a/security/softhsm/files/patch-SOFTHSM-94
+++ b/security/softhsm/files/patch-SOFTHSM-94
@ -1,119 +0,0 @@
-From 39b1e1115501a042597ce0c2bc17659c4082fc9e Mon Sep 17 00:00:00 2001
-From: Rickard Bellgrim <rickard@opendnssec.org>
-Date: Thu, 3 Apr 2014 13:19:02 +0200
-Subject: [PATCH] SOFTHSM-94: umask affecting the calling application.
-
---
- NEWS                      |  6 ++++++
- src/lib/SoftDatabase.cpp  | 20 +++++++++++++++-----
- src/lib/tokenhandling.cpp | 21 ++++++++++++++++-----
- 3 files changed, 37 insertions(+), 10 deletions(-)
-
-diff --git NEWS NEWS
-index a69e16f..04473dd 100644
--- NEWS
-+++ NEWS
-@@ -1,5 +1,11 @@
- NEWS for SoftHSM -- History of user visible changes
- 
-+SoftHSM 1.3 develop
-+
-+Bugfixes:
-+* SOFTHSM-94: umask affecting the calling application.
-+
-+
- SoftHSM 1.3.6 - 2014-02-24
- 
- * SOFTHSM-51: Call umask to restrict created files.
-diff --git src/lib/SoftDatabase.cpp src/lib/SoftDatabase.cpp
-index 492883e..aac5fe1 100644
--- src/lib/SoftDatabase.cpp
-+++ src/lib/SoftDatabase.cpp
-@@ -40,6 +40,9 @@
- #include <sched.h>
- #include <sys/types.h>
- #include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
- 
- using std::string;
- 
-@@ -115,15 +118,22 @@ static int db_is_locked(void* /*data*/, int /*retry*/) {
- }
- 
- CK_RV SoftDatabase::init(char *dbPath) {
-  // Circumvent the sqlite3 reliance on umask to enforce secure permissions
-  mode_t saved_umask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
-+  // Create and set file permissions if the DB does not exist.
-+  int fd = open(dbPath, O_CREAT, S_IRUSR | S_IWUSR);
-+  if(fd == -1) {
-+    char warnMsg[1024];
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database. errno=%i. "
-+                                       "Probably wrong privileges: %s", errno, dbPath);
-+    ERROR_MSG("init", warnMsg);
-+    return CKR_TOKEN_NOT_PRESENT;
-+  }
-+  close(fd);
-+
-   // Open the database
-   int result = sqlite3_open(dbPath, &db);
-  // Restore umask to avoid side effects
-  (void) umask(saved_umask);
-   if(result) {
-     char warnMsg[1024];
-    snprintf(warnMsg, sizeof(warnMsg), "Could not open token database. Probably wrong privileges: %s", dbPath);
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database: %s", dbPath);
-     ERROR_MSG("init", warnMsg);
-     return CKR_TOKEN_NOT_PRESENT;
-   }
-diff --git src/lib/tokenhandling.cpp src/lib/tokenhandling.cpp
-index 8857574..ac3d7ed 100644
--- src/lib/tokenhandling.cpp
-+++ src/lib/tokenhandling.cpp
-@@ -40,6 +40,9 @@
- #include <sqlite3.h>
- #include <sys/types.h>
- #include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
- 
- #define EXEC_DB(db, sql) \
-   if(sqlite3_exec(db, sql, NULL, NULL, NULL)) { \
-@@ -99,19 +102,27 @@ CK_RV softInitToken(SoftSlot *currentSlot, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinL
-     }
-   }
- 
-  // Circumvent the sqlite3 reliance on umask to enforce secure permissions
-  mode_t saved_umask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
-+  // Create and set file permissions if the DB does not exist.
-+  int fd = open(currentSlot->dbPath, O_CREAT, S_IRUSR | S_IWUSR);
-+  if(fd == -1) {
-+    free(soPIN);
-+    char warnMsg[1024];
-+    snprintf(warnMsg, sizeof(warnMsg), "Could not open the token database. errno=%i. "
-+                                       "Probably wrong privileges: %s", errno, currentSlot->dbPath);
-+    DEBUG_MSG("C_InitToken", warnMsg);
-+    return CKR_DEVICE_ERROR;
-+  }
-+  close(fd);
-+
-   // Open the database
-   sqlite3 *db = NULL;
-   int result = sqlite3_open(currentSlot->dbPath, &db);
-  // Restore umask to avoid side effects
-  (void) umask(saved_umask);
-   if(result){
-     if(db != NULL) {
-       sqlite3_close(db);
-     }
-     free(soPIN);
-    DEBUG_MSG("C_InitToken", "Could not open the token database file");
-+    DEBUG_MSG("C_InitToken", "Could not open the token database");
-     return CKR_DEVICE_ERROR;
-   }
- 
-- 
-1.9.1
-
--- a/security/softhsm/pkg-plist
+++ b/security/softhsm/pkg-plist
@ -4,8 +4,7 @@ bin/softhsm-keyconv
 lib/softhsm/libsofthsm.a
 lib/softhsm/libsofthsm.la
 lib/softhsm/libsofthsm.so
-etc/softhsm.conf.sample
-@exec if [ ! -f %D/etc/softhsm.conf ]; then cp %D/etc/softhsm.conf.sample %D/etc/softhsm.conf; fi
+@sample etc/softhsm.conf.sample
@dirrm lib/softhsm
@exec install -d -o root -g wheel -m 700 %D/var/lib/softhsm
 man/man1/softhsm-keyconv.1.gz