commit d24858dd94a4a15265ab36201047177de3bc4861 Author: Steffen Nurpmeso <steffen@sdaoden.eu> Date: Fri Aug 28 14:46:42 2020 +0000 signify: use source from outils, closes FS#1797 diff --git a/signify/.footprint b/signify/.footprint index 37078843..0d2a9ce3 100644 --- a/signify/.footprint +++ b/signify/.footprint @@ -4,4 +4,4 @@ drwxr-xr-x root/root usr/bin/ drwxr-xr-x root/root usr/share/ drwxr-xr-x root/root usr/share/man/ drwxr-xr-x root/root usr/share/man/man1/ --rwxr-xr-x root/root usr/share/man/man1/signify.1.gz +-rw-r--r-- root/root usr/share/man/man1/signify.1.gz diff --git a/signify/.signature b/signify/.signature index d12b8967..ca1e8036 100644 --- a/signify/.signature +++ b/signify/.signature @@ -1,5 +1,6 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqp2rnDpeLrUIQIHJcIs75ytSsjK6BUuUK0i8dZ/GhsfLeTsyMxapW8zR2wbrv+uelaeykVj2q7Ba9kkwPgTJkAs= -SHA256 (Pkgfile) = 571db77c9475f0a1ce88034ade93c190f95d3cbb5ae2b5755be3c58b670eb3c4 -SHA256 (.footprint) = c9c25d94c541a49fa3823d13d447c6170d3a675f145d7d7bd8ac648a5916df6f -SHA256 (signify-0.1p2.tar.xz) = 79ae7b9911d22a7f72b2922a0f91f5b843623a5856f74d3eb29dbeaffe620f8f +RWRJc1FUaeVeqre3G0qPrxGrJb6IodLz9wkyWUoGmxdmHSCW1H6bavJv86NctJ+6+lTfIzGq6ow0gR8AIRdrPC6fOYJjmfVdqwk= +SHA256 (Pkgfile) = b7adc335395d92325bf730b5c2e1ff44dc154674a592a3527f148251b41b61fe +SHA256 (.footprint) = 7254b9c6417527154751eece07f12711fa68773b4d8cad5e659e552f6adf39bc +SHA256 (outils-20200707.tar.gz) = 499a754d42c3f52faa1e23ac14940fd3d451cfeea1fbbdc8bee0a52e99eb57c8 +SHA256 (cruxify.patch) = d2f254f066d26273716a69c7fbb902c8fba7a8e441cd5285594a27df8bf5a752 diff --git a/signify/Pkgfile b/signify/Pkgfile index caafb3f4..611ba5dd 100644 --- a/signify/Pkgfile +++ b/signify/Pkgfile @@ -1,17 +1,23 @@ # Description: Elliptic curve based signing and verification tool -# URL: http://www.tedunangst.com/flak/post/signify +# URL: https://github.com/leahneukirchen/outils # Maintainer: CRUX System Team, core-ports at crux dot nu name=signify -version=0.1p2 +version=20200707 +gitversion=1f93b1027c4be9f27f3a4b8dabb2ae3132e1cb6a release=1 -source=(https://crux.nu/files/distfiles/$name-$version.tar.xz) +source=(https://github.com/leahneukirchen/outils/archive/$gitversion/outils-$version... + cruxify.patch) build() { - cd $name-$version + cd outils-$gitversion - make CFLAGS='-Wall -O2 -I. -DSIGNIFYROOT=\"/etc/ports\"' + patch -p0 -i $SRC/cruxify.patch - install -D signify $PKG/usr/bin/signify - install -D signify.1 $PKG/usr/share/man/man1/signify.1 + export CFLAGS+=' -DSIGNIFYROOT=\"/etc/ports\"' + make PREFIX=/usr src/usr.bin/signify/signify + + install -d $PKG/usr/{bin,share/man/man1} + install -m 0755 src/usr.bin/signify/signify $PKG/usr/bin + install -m 0644 src/usr.bin/signify/signify.1 $PKG/usr/share/man/man1 } diff --git a/signify/cruxify.patch b/signify/cruxify.patch new file mode 100644 index 00000000..927de148 --- /dev/null +++ b/signify/cruxify.patch @@ -0,0 +1,47 @@ +diff -Napru pfefferminzbonbon +--- src.orig/usr.bin/signify/signify.c 2020-08-22 20:11:21.055823405 +0200 ++++ src/usr.bin/signify/signify.c 2020-08-22 20:15:28.105818708 +0200 +@@ -49,6 +49,10 @@ + #define COMMENTMAXLEN 1024 + #define VERIFYWITH "verify with " + ++#ifndef SIGNIFYROOT ++# define SIGNIFYROOT "/etc/signify" ++#endif ++ + struct enckey { + uint8_t pkalg[2]; + uint8_t kdfalg[2]; +@@ -411,7 +415,7 @@ createsig(const char *seckeyfile, const + else + keyname++; + nr = snprintf(sigcomment, sizeof(sigcomment), +- VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname); ++ VERIFYWITH "%s/%.*s.pub", SIGNIFYROOT, (int)strlen(keyname) - 4, keyname); + if (nr == -1 || nr >= sizeof(sigcomment)) + errx(1, "comment too long"); + } else { +@@ -518,13 +522,20 @@ static void + readpubkey(const char *pubkeyfile, struct pubkey *pubkey, + const char *sigcomment, const char *keytype) + { +- const char *safepath = "/etc/signify"; ++ const char *safepath = SIGNIFYROOT "/"; + char keypath[PATH_MAX]; + + if (!pubkeyfile) { ++ size_t spl; ++ + pubkeyfile = strstr(sigcomment, VERIFYWITH); +- if (pubkeyfile && strchr(pubkeyfile, '/') == NULL) { +- pubkeyfile += strlen(VERIFYWITH); ++ if (!pubkeyfile) ++ usage("must specify pubkey"); ++ pubkeyfile += strlen(VERIFYWITH); ++ spl = strlen(safepath); ++ if (strncmp(pubkeyfile, safepath, spl) == 0) ++ pubkeyfile += spl; ++ if (*pubkeyfile != '\0' && strchr(pubkeyfile, '/') == NULL) { + if (keytype) + check_keytype(pubkeyfile, keytype); + if (snprintf(keypath, sizeof(keypath), "%s/%s",