pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/cfs security/cfs: Update to 1.5.0b



details:   https://anonhg.NetBSD.org/pkgsrc/rev/4eeb07e9d665
branches:  trunk
changeset: 390477:4eeb07e9d665
user:      gdt <gdt%pkgsrc.org@localhost>
date:      Mon Dec 19 23:18:36 2022 +0000

description:
security/cfs: Update to 1.5.0b

Shift to a continution fork of cfs, which has many of our patches
applied, and which is buildable with modern rpcgen.

Tested on NetBSD 9 amd64 with an encrypted directory that was made
with older cfs.

Upstream changes are mainly modernization of the code and removal of
accomodations for the 80s and 90s.

diffstat:

 security/cfs/DESCR                             |   3 +
 security/cfs/Makefile                          |  53 ++++++++++-----
 security/cfs/PLIST                             |   3 +-
 security/cfs/distinfo                          |  24 +++----
 security/cfs/files/README.NetBSD.txt           |  21 +++--
 security/cfs/files/README.netbsd               |  49 ++++++++++++++
 security/cfs/files/do_make                     |   8 ++
 security/cfs/files/netbsd_make_with_bad_rpcgen |  33 ++++++++++
 security/cfs/files/unansi.sh                   |  22 ------
 security/cfs/patches/patch-aa                  |  85 +++++++++++++------------
 security/cfs/patches/patch-ab                  |  20 +++---
 security/cfs/patches/patch-ac                  |  13 ---
 security/cfs/patches/patch-ad                  |  13 ---
 security/cfs/patches/patch-ae                  |  42 ------------
 security/cfs/patches/patch-af                  |  23 +++---
 security/cfs/patches/patch-ag                  |  17 -----
 security/cfs/patches/patch-ah                  |  41 ------------
 security/cfs/patches/patch-cfs.c               |  21 ------
 security/cfs/patches/patch-cfs__attach.c       |  21 ++++++
 security/cfs/patches/patch-cfs__cipher.c       |  16 ----
 security/cfs/patches/patch-cfs__fh.c           |  14 ++++
 security/cfs/patches/patch-getpass.h           |  18 +++++
 22 files changed, 270 insertions(+), 290 deletions(-)

diffs (truncated from 784 to 300 lines):

diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/DESCR
--- a/security/cfs/DESCR        Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/DESCR        Mon Dec 19 23:18:36 2022 +0000
@@ -12,3 +12,6 @@
 including remote file servers such as NFS.  System management
 functions, such as file backup, work in a normal manner and without
 knowledge of the key.
+
+This is a continuation fork which does not currently intend to make
+substantial changes, but is buildable on modern systems.
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/Makefile
--- a/security/cfs/Makefile     Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/Makefile     Mon Dec 19 23:18:36 2022 +0000
@@ -1,20 +1,25 @@
-# $NetBSD: Makefile,v 1.39 2022/12/19 15:14:34 gdt Exp $
+# $NetBSD: Makefile,v 1.40 2022/12/19 23:18:36 gdt Exp $
 
-DISTNAME=              cfs-1.4.1
-#DISTNAME=             cfs-1.5.0.beta
-PKGREVISION=           7
+VERSION=               1.5.0
+VERSION_SUFFIX_DIST=   .beta
+VERSION_SUFFIX_PKG=    b
+DISTNAME=              cfs-${VERSION}${VERSION_SUFFIX_DIST}
+PKGNAME=               cfs-${VERSION}${VERSION_SUFFIX_PKG}
 CATEGORIES=            security
-MASTER_SITES=          https://www.mattblaze.org/software/cfs-1.4.1.tar.gz
-#MASTER_SITES=         https://www.bayofrum.net/dist/cfs/
-
-# Thanks to crees%FreeBSD.org@localhost for a continuation fork.
-#  https://www.freshports.org/security/cfs/
-#  https://www.bayofrum.net/cgi-bin/fossil/cfs/index
+MASTER_SITES=          https://www.bayofrum.net/dist/cfs/
+#OLD_MASTER_SITES=     https://www.mattblaze.org/software/cfs-1.4.1.tar.gz
 
 MAINTAINER=            gdt%NetBSD.org@localhost
 HOMEPAGE=              https://www.mattblaze.org/software/
 #HOMEPAGE+=            https://www.bayofrum.net/cgi-bin/fossil/cfs/index
 COMMENT=               Encrypting file system, using NFS as its interface
+# The LICENSE is clearly free, and like mit, with minor differences in
+# keeping the license in derived works.  \todo resolve
+#LICENSE=              mit-very-close
+
+# Thanks to crees%FreeBSD.org@localhost for a continuation fork.
+#  https://www.freshports.org/security/cfs/
+#  https://www.bayofrum.net/cgi-bin/fossil/cfs/index
 
 BUILD_TARGET=          cfs
 INSTALL_TARGET=                install_cfs
@@ -35,9 +40,13 @@
 
 MAKE_ENV+=             OPSYS=${OPSYS:Q}
 
+# \todo evaluate
+
 # Required settings necessary to build CFS on various platforms.  This is
 # copied from ${WRKSRC}/Makefile and from browsing the various README files.
 #
+# By default, we assume that the makefile is ok and we can just call it.
+CFS_BUILD_SCRIPT=      do_make
 .if ${OPSYS} == "NetBSD"
 CFLAGS+=               -DPROTOTYPES=1
 CFLAGS+=               -DBSD44 -DANYPORT -DCFS_PORT=2049 -DSHORTLINKS
@@ -50,7 +59,6 @@
 #
 CFS_SUBST+=            getpassword->getpass
 CFLAGS+=               -DHAVE_GETPASS
-CFS_BUILD_SCRIPT=      ${WRKSRC}/netbsd_make_with_bad_rpcgen
 .elif ${OPSYS} == "SunOS"
 .  if ${CC_VERSION} == gcc
 CFLAGS+=               -traditional
@@ -61,7 +69,6 @@
 MAKE_ENV+=             LIBS="-lsocket -lnsl"
 MAKE_ENV+=             COMPAT=
 MAKE_ENV+=             RPCOPTS=
-CFS_BUILD_SCRIPT=      ${WRKSRC}/make_with_bad_rpcgen
 .elif ${OPSYS} == "Linux"
 .  if ${CC_VERSION} == gcc
 CFLAGS+=               -traditional
@@ -72,32 +79,40 @@
 MAKE_ENV+=             LIBS=
 MAKE_ENV+=             COMPAT=
 MAKE_ENV+=             RPCOPTS="-k -b"
-CFS_BUILD_SCRIPT=      ${WRKSRC}/make_with_bad_rpcgen
 .endif
 
+# Turn the list of transformations into a sed expression.
 CFS_SUBST_SED=         ${CFS_SUBST:S/->/!/:S/$/!g/:S/^/ -e s!/}
 
 DOCDIR=                        ${PREFIX}/share/doc/cfs
 
 RCD_SCRIPTS=           cfsd
 
+# We install *.1 manually, because the cfs_install target doesn't
+# install man pages.  However, we aren't building esm, because no one
+# has made it work and it probably isn't that useful in a post-ssh
+# world, so just remove the man page to avoid it being installed later.
 post-extract:
        @${RM} -f ${WRKSRC}/esm.1
 
-post-patch:
+# Rename cfoo to cfs_foo, literally everywhere.  Use pre-configure so
+# that one can "make patch" and then mkpatches without the patches
+# ending up carrying this change.
+pre-configure:
        @cd ${WRKSRC}; for file in *; do                                \
                ${MV} -f $${file} $${file}.presubst;                    \
                dest=`${ECHO} $${file} | ${SED} ${CFS_SUBST_SED}`;      \
                ${SED} ${CFS_SUBST_SED} $${file}.presubst > $${dest};   \
                ${RM} -f $${file}.presubst;                             \
        done
-       @${CHMOD} +x ${CFS_BUILD_SCRIPT}
+       # We use SH, do it doesn't need to be x
+       #@${CHMOD} +x ${CFS_BUILD_SCRIPT}
 
+
+# Copy our make non-wrapper script for use later.
 pre-build:
-       @${SED} -e "s|@AWK@|${AWK}|g"                                   \
-               -e "s|@MV@|${MV}|g"                                     \
-               ${FILESDIR}/unansi.sh > ${WRKSRC}/unansi
-       @${CHMOD} +x ${WRKSRC}/unansi
+       ${CP} ${FILESDIR}/do_make ${WRKSRC}
+
 
 do-build:
        @cd ${WRKSRC}; ${SETENV} ${MAKE_ENV}                            \
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/PLIST
--- a/security/cfs/PLIST        Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/PLIST        Mon Dec 19 23:18:36 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2014/03/11 14:05:13 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.6 2022/12/19 23:18:36 gdt Exp $
 bin/cfs_attach
 bin/cfs_cat
 bin/cfs_detach
@@ -17,4 +17,5 @@
 man/man8/cfs_name.8
 man/man8/cfsd.8
 sbin/cfsd
+share/doc/cfs/README.NetBSD.txt
 share/doc/cfs/notes.ms
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/distinfo
--- a/security/cfs/distinfo     Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/distinfo     Mon Dec 19 23:18:36 2022 +0000
@@ -1,15 +1,11 @@
-$NetBSD: distinfo,v 1.16 2021/10/26 11:17:01 nia Exp $
+$NetBSD: distinfo,v 1.17 2022/12/19 23:18:36 gdt Exp $
 
-BLAKE2s (cfs-1.4.1.tar.gz) = 8d259001109b0f371058df1721a1b201862d609a8f35e23c27dbcf3e96deac46
-SHA512 (cfs-1.4.1.tar.gz) = d2bd3bd7add01eccbdb6e459847185ae9ee067b266ec908dfb5fb6a713875f655e2208ad0790020647c4952044ba252e09f4e503292b0a0f11bc1117a64e02ff
-Size (cfs-1.4.1.tar.gz) = 98943 bytes
-SHA1 (patch-aa) = 7df79a1e84c0866edc11496a4b2cd438ed725936
-SHA1 (patch-ab) = 1ff2d2e32b87332ec66cc8f01299fa4b1ddac81a
-SHA1 (patch-ac) = 354290ff606fab97b73980e6e512f10ef1397f01
-SHA1 (patch-ad) = 2ed5967d59d8f91948b2dd9ed4b18c5073d63615
-SHA1 (patch-ae) = 57fd63e8def95b809ed1ac6ba98567fc1def4150
-SHA1 (patch-af) = 9cc2e69c45c1653843b116207e598d821ec7d8e9
-SHA1 (patch-ag) = 3c0236d65fbf01d68c590fcecc264ac269e66a7a
-SHA1 (patch-ah) = 5a57ca471dae4e05895cf6995d7d2c2617fd44ab
-SHA1 (patch-cfs.c) = 5cb7cda91f2838668e4e8e0fe40d835bc3ec9982
-SHA1 (patch-cfs__cipher.c) = cdf80e8657dc346e04968ce2731491e2a9f84785
+BLAKE2s (cfs-1.5.0.beta.tar.gz) = 92d58624292cecaa6c76d079914a7936d7847696e7a229876e2a17de5f35076d
+SHA512 (cfs-1.5.0.beta.tar.gz) = 2c4c91a357f845b9db0365c1f580dc1e267a51dc63690e7a389090fc9d937ee859025c680fa0fb490a7904c686c2fc05d10d81bae732478d4de869b0ec10fefe
+Size (cfs-1.5.0.beta.tar.gz) = 108992 bytes
+SHA1 (patch-aa) = ae76f3cfc4e6f45c6e468b724c8d33e003bf2f57
+SHA1 (patch-ab) = e1b0f40fea62ba4ea5f4d284e8e6b33626b1ab78
+SHA1 (patch-af) = 4d58687bf1f12caf63f8b501806c3e973fbf3c3b
+SHA1 (patch-cfs__attach.c) = 19318ac7832c2c49d8b0a6ab357726cd38139691
+SHA1 (patch-cfs__fh.c) = 365bc16161c9633fc17cb0188212175112cbcc25
+SHA1 (patch-getpass.h) = dbc8174b4ec173ad9c5734a1f22488e7608960fc
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/README.NetBSD.txt
--- a/security/cfs/files/README.NetBSD.txt      Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/files/README.NetBSD.txt      Mon Dec 19 23:18:36 2022 +0000
@@ -1,18 +1,24 @@
-===========================================================================
-$NetBSD: README.NetBSD.txt,v 1.1 2022/12/19 14:54:10 gdt Exp $
+$NetBSD: README.NetBSD.txt,v 1.2 2022/12/19 23:18:37 gdt Exp $
+
+The following fstab entry works with NetBSD 9:
+
+127.0.0.1:/null /crypt  nfs     rw,noauto,-u,-2,-i,-s,-r=1024,-w=1024   0 0
 
-The following mail from Steve Bellovin, which can also be viewed at
+Note that it is necessary to specify UDP, because recent NetBSD
+defaults to TCP.
+
+
+Beware that the message below may no longer be accurate, as it was
+written some time ago.  See also the following mail from Steve
+Bellovin, which can also be viewed at
 
        http://mail-index.netbsd.org/current-users/2002/07/15/0006.html
 
-is relevant to users of this package:
-
 Delivered-To: current-users%netbsd.org@localhost
 From: "Steven M. Bellovin" <smb%research.att.com@localhost>
 To: current-users%netbsd.org@localhost
 Subject: Re: CFS with NetBSD 1.6
 Date: Mon, 15 Jul 2002 14:00:59 +0900
-Precedence: list
 
 In message <20020630000510.2a034cf4.520079546242-0001%t-online.de@localhost>, Michael Cor
 e writes:
@@ -37,6 +43,3 @@
 
                 --Steve Bellovin, http://www.research.att.com/~smb (me)
                 http://www.wilyhacker.com ("Firewalls" book)
-
-
-===========================================================================
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/README.netbsd
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/README.netbsd  Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,49 @@
+This file is from upstream but missing in the distribution tarball.
+It is very old and likely not longer accurate.
+
+
+----------------------------------------
+There are a number of little details you have to pay attention to
+when building CFS on NetBSD 1.5 or later.
+
+First, read and follow the generic instructions.  Note in particular
+the Makefile lines that need to be changed.
+
+Second, check for a bug in your distribution of NetBSD.  In
+/usr/include/netdb.h and /usr/include/sys/socket.h, there are
+#define's for socklen_t.  They should read
+
+       #define socklen_t       __socklen_t
+
+but some versions say
+
+       #define socklen_t       socklen_t
+
+The compiler doesn't like that version...
+
+Third, the rpcgen on NetBSD 1.5 is a variant not covered by the
+generic instructions with CFS.  Use the shell script
+
+       ./netbsd_make_with_bad_rpcgen cfs
+
+to build CFS with the proper options.
+
+To run CFS, set
+
+       rpcbind=YES
+
+in /etc/rc.conf.  Make sure that nfs_server is set to NO (the default).
+Because NFS apparently must live on port 2049 on NetBSD, it is not
+possible to run an NFS server on the same machine.
+
+To mount /crypt, use
+
+       mountd && \
+       cfsd && \
+       mount -o intr,-2 127.0.0.1:/null /crypt
+
+The -2 specifies version 2 of NFS.  It isn't completely clear
+why you have to say 127.0.0.1 instead of localhost, but it seems
+to be related to v6 support.
+
+I have made no attempt to compile esm.
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/do_make
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/do_make        Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# This file exists just so that we can "sh do_make" instead of calling
+# make, to fit into an awkward build flow that sometimes needs a
+# wrapper script.
+
+make $*
+
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/netbsd_make_with_bad_rpcgen
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/netbsd_make_with_bad_rpcgen    Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,33 @@
+#!/bin/sh
+# This file is missing from the upstream distfile.
+# this will make CFS for NetBSD (and other) systems with the
+# wrong version of rpcgen
+make CC="cc -traditional \
+        -Dnfsproc_null_2_svc=nfsproc_null_2     \
+        -Dnfsproc_getattr_2_svc=nfsproc_getattr_2       \
+        -Dnfsproc_setattr_2_svc=nfsproc_setattr_2       \
+        -Dnfsproc_root_2_svc=nfsproc_root_2     \
+        -Dnfsproc_lookup_2_svc=nfsproc_lookup_2 \
+        -Dnfsproc_readlink_2_svc=nfsproc_readlink_2     \
+        -Dnfsproc_read_2_svc=nfsproc_read_2     \
+        -Dnfsproc_writecache_2_svc=nfsproc_writecache_2 \
+        -Dnfsproc_write_2_svc=nfsproc_write_2   \
+        -Dnfsproc_create_2_svc=nfsproc_create_2 \
+        -Dnfsproc_remove_2_svc=nfsproc_remove_2 \
+        -Dnfsproc_rename_2_svc=nfsproc_rename_2 \
+        -Dnfsproc_link_2_svc=nfsproc_link_2     \
+        -Dnfsproc_symlink_2_svc=nfsproc_symlink_2       \



Home | Main Index | Thread Index | Old Index