pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/cfs security/cfs: Update to 1.5.0b
details: https://anonhg.NetBSD.org/pkgsrc/rev/4eeb07e9d665
branches: trunk
changeset: 390477:4eeb07e9d665
user: gdt <gdt%pkgsrc.org@localhost>
date: Mon Dec 19 23:18:36 2022 +0000
description:
security/cfs: Update to 1.5.0b
Shift to a continution fork of cfs, which has many of our patches
applied, and which is buildable with modern rpcgen.
Tested on NetBSD 9 amd64 with an encrypted directory that was made
with older cfs.
Upstream changes are mainly modernization of the code and removal of
accomodations for the 80s and 90s.
diffstat:
security/cfs/DESCR | 3 +
security/cfs/Makefile | 53 ++++++++++-----
security/cfs/PLIST | 3 +-
security/cfs/distinfo | 24 +++----
security/cfs/files/README.NetBSD.txt | 21 +++--
security/cfs/files/README.netbsd | 49 ++++++++++++++
security/cfs/files/do_make | 8 ++
security/cfs/files/netbsd_make_with_bad_rpcgen | 33 ++++++++++
security/cfs/files/unansi.sh | 22 ------
security/cfs/patches/patch-aa | 85 +++++++++++++------------
security/cfs/patches/patch-ab | 20 +++---
security/cfs/patches/patch-ac | 13 ---
security/cfs/patches/patch-ad | 13 ---
security/cfs/patches/patch-ae | 42 ------------
security/cfs/patches/patch-af | 23 +++---
security/cfs/patches/patch-ag | 17 -----
security/cfs/patches/patch-ah | 41 ------------
security/cfs/patches/patch-cfs.c | 21 ------
security/cfs/patches/patch-cfs__attach.c | 21 ++++++
security/cfs/patches/patch-cfs__cipher.c | 16 ----
security/cfs/patches/patch-cfs__fh.c | 14 ++++
security/cfs/patches/patch-getpass.h | 18 +++++
22 files changed, 270 insertions(+), 290 deletions(-)
diffs (truncated from 784 to 300 lines):
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/DESCR
--- a/security/cfs/DESCR Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/DESCR Mon Dec 19 23:18:36 2022 +0000
@@ -12,3 +12,6 @@
including remote file servers such as NFS. System management
functions, such as file backup, work in a normal manner and without
knowledge of the key.
+
+This is a continuation fork which does not currently intend to make
+substantial changes, but is buildable on modern systems.
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/Makefile
--- a/security/cfs/Makefile Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/Makefile Mon Dec 19 23:18:36 2022 +0000
@@ -1,20 +1,25 @@
-# $NetBSD: Makefile,v 1.39 2022/12/19 15:14:34 gdt Exp $
+# $NetBSD: Makefile,v 1.40 2022/12/19 23:18:36 gdt Exp $
-DISTNAME= cfs-1.4.1
-#DISTNAME= cfs-1.5.0.beta
-PKGREVISION= 7
+VERSION= 1.5.0
+VERSION_SUFFIX_DIST= .beta
+VERSION_SUFFIX_PKG= b
+DISTNAME= cfs-${VERSION}${VERSION_SUFFIX_DIST}
+PKGNAME= cfs-${VERSION}${VERSION_SUFFIX_PKG}
CATEGORIES= security
-MASTER_SITES= https://www.mattblaze.org/software/cfs-1.4.1.tar.gz
-#MASTER_SITES= https://www.bayofrum.net/dist/cfs/
-
-# Thanks to crees%FreeBSD.org@localhost for a continuation fork.
-# https://www.freshports.org/security/cfs/
-# https://www.bayofrum.net/cgi-bin/fossil/cfs/index
+MASTER_SITES= https://www.bayofrum.net/dist/cfs/
+#OLD_MASTER_SITES= https://www.mattblaze.org/software/cfs-1.4.1.tar.gz
MAINTAINER= gdt%NetBSD.org@localhost
HOMEPAGE= https://www.mattblaze.org/software/
#HOMEPAGE+= https://www.bayofrum.net/cgi-bin/fossil/cfs/index
COMMENT= Encrypting file system, using NFS as its interface
+# The LICENSE is clearly free, and like mit, with minor differences in
+# keeping the license in derived works. \todo resolve
+#LICENSE= mit-very-close
+
+# Thanks to crees%FreeBSD.org@localhost for a continuation fork.
+# https://www.freshports.org/security/cfs/
+# https://www.bayofrum.net/cgi-bin/fossil/cfs/index
BUILD_TARGET= cfs
INSTALL_TARGET= install_cfs
@@ -35,9 +40,13 @@
MAKE_ENV+= OPSYS=${OPSYS:Q}
+# \todo evaluate
+
# Required settings necessary to build CFS on various platforms. This is
# copied from ${WRKSRC}/Makefile and from browsing the various README files.
#
+# By default, we assume that the makefile is ok and we can just call it.
+CFS_BUILD_SCRIPT= do_make
.if ${OPSYS} == "NetBSD"
CFLAGS+= -DPROTOTYPES=1
CFLAGS+= -DBSD44 -DANYPORT -DCFS_PORT=2049 -DSHORTLINKS
@@ -50,7 +59,6 @@
#
CFS_SUBST+= getpassword->getpass
CFLAGS+= -DHAVE_GETPASS
-CFS_BUILD_SCRIPT= ${WRKSRC}/netbsd_make_with_bad_rpcgen
.elif ${OPSYS} == "SunOS"
. if ${CC_VERSION} == gcc
CFLAGS+= -traditional
@@ -61,7 +69,6 @@
MAKE_ENV+= LIBS="-lsocket -lnsl"
MAKE_ENV+= COMPAT=
MAKE_ENV+= RPCOPTS=
-CFS_BUILD_SCRIPT= ${WRKSRC}/make_with_bad_rpcgen
.elif ${OPSYS} == "Linux"
. if ${CC_VERSION} == gcc
CFLAGS+= -traditional
@@ -72,32 +79,40 @@
MAKE_ENV+= LIBS=
MAKE_ENV+= COMPAT=
MAKE_ENV+= RPCOPTS="-k -b"
-CFS_BUILD_SCRIPT= ${WRKSRC}/make_with_bad_rpcgen
.endif
+# Turn the list of transformations into a sed expression.
CFS_SUBST_SED= ${CFS_SUBST:S/->/!/:S/$/!g/:S/^/ -e s!/}
DOCDIR= ${PREFIX}/share/doc/cfs
RCD_SCRIPTS= cfsd
+# We install *.1 manually, because the cfs_install target doesn't
+# install man pages. However, we aren't building esm, because no one
+# has made it work and it probably isn't that useful in a post-ssh
+# world, so just remove the man page to avoid it being installed later.
post-extract:
@${RM} -f ${WRKSRC}/esm.1
-post-patch:
+# Rename cfoo to cfs_foo, literally everywhere. Use pre-configure so
+# that one can "make patch" and then mkpatches without the patches
+# ending up carrying this change.
+pre-configure:
@cd ${WRKSRC}; for file in *; do \
${MV} -f $${file} $${file}.presubst; \
dest=`${ECHO} $${file} | ${SED} ${CFS_SUBST_SED}`; \
${SED} ${CFS_SUBST_SED} $${file}.presubst > $${dest}; \
${RM} -f $${file}.presubst; \
done
- @${CHMOD} +x ${CFS_BUILD_SCRIPT}
+ # We use SH, do it doesn't need to be x
+ #@${CHMOD} +x ${CFS_BUILD_SCRIPT}
+
+# Copy our make non-wrapper script for use later.
pre-build:
- @${SED} -e "s|@AWK@|${AWK}|g" \
- -e "s|@MV@|${MV}|g" \
- ${FILESDIR}/unansi.sh > ${WRKSRC}/unansi
- @${CHMOD} +x ${WRKSRC}/unansi
+ ${CP} ${FILESDIR}/do_make ${WRKSRC}
+
do-build:
@cd ${WRKSRC}; ${SETENV} ${MAKE_ENV} \
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/PLIST
--- a/security/cfs/PLIST Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/PLIST Mon Dec 19 23:18:36 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2014/03/11 14:05:13 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.6 2022/12/19 23:18:36 gdt Exp $
bin/cfs_attach
bin/cfs_cat
bin/cfs_detach
@@ -17,4 +17,5 @@
man/man8/cfs_name.8
man/man8/cfsd.8
sbin/cfsd
+share/doc/cfs/README.NetBSD.txt
share/doc/cfs/notes.ms
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/distinfo
--- a/security/cfs/distinfo Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/distinfo Mon Dec 19 23:18:36 2022 +0000
@@ -1,15 +1,11 @@
-$NetBSD: distinfo,v 1.16 2021/10/26 11:17:01 nia Exp $
+$NetBSD: distinfo,v 1.17 2022/12/19 23:18:36 gdt Exp $
-BLAKE2s (cfs-1.4.1.tar.gz) = 8d259001109b0f371058df1721a1b201862d609a8f35e23c27dbcf3e96deac46
-SHA512 (cfs-1.4.1.tar.gz) = d2bd3bd7add01eccbdb6e459847185ae9ee067b266ec908dfb5fb6a713875f655e2208ad0790020647c4952044ba252e09f4e503292b0a0f11bc1117a64e02ff
-Size (cfs-1.4.1.tar.gz) = 98943 bytes
-SHA1 (patch-aa) = 7df79a1e84c0866edc11496a4b2cd438ed725936
-SHA1 (patch-ab) = 1ff2d2e32b87332ec66cc8f01299fa4b1ddac81a
-SHA1 (patch-ac) = 354290ff606fab97b73980e6e512f10ef1397f01
-SHA1 (patch-ad) = 2ed5967d59d8f91948b2dd9ed4b18c5073d63615
-SHA1 (patch-ae) = 57fd63e8def95b809ed1ac6ba98567fc1def4150
-SHA1 (patch-af) = 9cc2e69c45c1653843b116207e598d821ec7d8e9
-SHA1 (patch-ag) = 3c0236d65fbf01d68c590fcecc264ac269e66a7a
-SHA1 (patch-ah) = 5a57ca471dae4e05895cf6995d7d2c2617fd44ab
-SHA1 (patch-cfs.c) = 5cb7cda91f2838668e4e8e0fe40d835bc3ec9982
-SHA1 (patch-cfs__cipher.c) = cdf80e8657dc346e04968ce2731491e2a9f84785
+BLAKE2s (cfs-1.5.0.beta.tar.gz) = 92d58624292cecaa6c76d079914a7936d7847696e7a229876e2a17de5f35076d
+SHA512 (cfs-1.5.0.beta.tar.gz) = 2c4c91a357f845b9db0365c1f580dc1e267a51dc63690e7a389090fc9d937ee859025c680fa0fb490a7904c686c2fc05d10d81bae732478d4de869b0ec10fefe
+Size (cfs-1.5.0.beta.tar.gz) = 108992 bytes
+SHA1 (patch-aa) = ae76f3cfc4e6f45c6e468b724c8d33e003bf2f57
+SHA1 (patch-ab) = e1b0f40fea62ba4ea5f4d284e8e6b33626b1ab78
+SHA1 (patch-af) = 4d58687bf1f12caf63f8b501806c3e973fbf3c3b
+SHA1 (patch-cfs__attach.c) = 19318ac7832c2c49d8b0a6ab357726cd38139691
+SHA1 (patch-cfs__fh.c) = 365bc16161c9633fc17cb0188212175112cbcc25
+SHA1 (patch-getpass.h) = dbc8174b4ec173ad9c5734a1f22488e7608960fc
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/README.NetBSD.txt
--- a/security/cfs/files/README.NetBSD.txt Mon Dec 19 21:06:40 2022 +0000
+++ b/security/cfs/files/README.NetBSD.txt Mon Dec 19 23:18:36 2022 +0000
@@ -1,18 +1,24 @@
-===========================================================================
-$NetBSD: README.NetBSD.txt,v 1.1 2022/12/19 14:54:10 gdt Exp $
+$NetBSD: README.NetBSD.txt,v 1.2 2022/12/19 23:18:37 gdt Exp $
+
+The following fstab entry works with NetBSD 9:
+
+127.0.0.1:/null /crypt nfs rw,noauto,-u,-2,-i,-s,-r=1024,-w=1024 0 0
-The following mail from Steve Bellovin, which can also be viewed at
+Note that it is necessary to specify UDP, because recent NetBSD
+defaults to TCP.
+
+
+Beware that the message below may no longer be accurate, as it was
+written some time ago. See also the following mail from Steve
+Bellovin, which can also be viewed at
http://mail-index.netbsd.org/current-users/2002/07/15/0006.html
-is relevant to users of this package:
-
Delivered-To: current-users%netbsd.org@localhost
From: "Steven M. Bellovin" <smb%research.att.com@localhost>
To: current-users%netbsd.org@localhost
Subject: Re: CFS with NetBSD 1.6
Date: Mon, 15 Jul 2002 14:00:59 +0900
-Precedence: list
In message <20020630000510.2a034cf4.520079546242-0001%t-online.de@localhost>, Michael Cor
e writes:
@@ -37,6 +43,3 @@
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)
-
-
-===========================================================================
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/README.netbsd
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/README.netbsd Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,49 @@
+This file is from upstream but missing in the distribution tarball.
+It is very old and likely not longer accurate.
+
+
+----------------------------------------
+There are a number of little details you have to pay attention to
+when building CFS on NetBSD 1.5 or later.
+
+First, read and follow the generic instructions. Note in particular
+the Makefile lines that need to be changed.
+
+Second, check for a bug in your distribution of NetBSD. In
+/usr/include/netdb.h and /usr/include/sys/socket.h, there are
+#define's for socklen_t. They should read
+
+ #define socklen_t __socklen_t
+
+but some versions say
+
+ #define socklen_t socklen_t
+
+The compiler doesn't like that version...
+
+Third, the rpcgen on NetBSD 1.5 is a variant not covered by the
+generic instructions with CFS. Use the shell script
+
+ ./netbsd_make_with_bad_rpcgen cfs
+
+to build CFS with the proper options.
+
+To run CFS, set
+
+ rpcbind=YES
+
+in /etc/rc.conf. Make sure that nfs_server is set to NO (the default).
+Because NFS apparently must live on port 2049 on NetBSD, it is not
+possible to run an NFS server on the same machine.
+
+To mount /crypt, use
+
+ mountd && \
+ cfsd && \
+ mount -o intr,-2 127.0.0.1:/null /crypt
+
+The -2 specifies version 2 of NFS. It isn't completely clear
+why you have to say 127.0.0.1 instead of localhost, but it seems
+to be related to v6 support.
+
+I have made no attempt to compile esm.
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/do_make
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/do_make Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# This file exists just so that we can "sh do_make" instead of calling
+# make, to fit into an awkward build flow that sometimes needs a
+# wrapper script.
+
+make $*
+
diff -r 04758bc228fe -r 4eeb07e9d665 security/cfs/files/netbsd_make_with_bad_rpcgen
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/cfs/files/netbsd_make_with_bad_rpcgen Mon Dec 19 23:18:36 2022 +0000
@@ -0,0 +1,33 @@
+#!/bin/sh
+# This file is missing from the upstream distfile.
+# this will make CFS for NetBSD (and other) systems with the
+# wrong version of rpcgen
+make CC="cc -traditional \
+ -Dnfsproc_null_2_svc=nfsproc_null_2 \
+ -Dnfsproc_getattr_2_svc=nfsproc_getattr_2 \
+ -Dnfsproc_setattr_2_svc=nfsproc_setattr_2 \
+ -Dnfsproc_root_2_svc=nfsproc_root_2 \
+ -Dnfsproc_lookup_2_svc=nfsproc_lookup_2 \
+ -Dnfsproc_readlink_2_svc=nfsproc_readlink_2 \
+ -Dnfsproc_read_2_svc=nfsproc_read_2 \
+ -Dnfsproc_writecache_2_svc=nfsproc_writecache_2 \
+ -Dnfsproc_write_2_svc=nfsproc_write_2 \
+ -Dnfsproc_create_2_svc=nfsproc_create_2 \
+ -Dnfsproc_remove_2_svc=nfsproc_remove_2 \
+ -Dnfsproc_rename_2_svc=nfsproc_rename_2 \
+ -Dnfsproc_link_2_svc=nfsproc_link_2 \
+ -Dnfsproc_symlink_2_svc=nfsproc_symlink_2 \
Home |
Main Index |
Thread Index |
Old Index