[crux-commits] ports/core (3.6): signify: use source from outils, closes FS#1797

crux at crux.nu crux at crux.nu
Fri Aug 28 14:47:20 UTC 2020


commit d24858dd94a4a15265ab36201047177de3bc4861
Author: Steffen Nurpmeso <steffen at sdaoden.eu>
Date:   Fri Aug 28 14:46:42 2020 +0000

    signify: use source from outils, closes FS#1797

diff --git a/signify/.footprint b/signify/.footprint
index 37078843..0d2a9ce3 100644
--- a/signify/.footprint
+++ b/signify/.footprint
@@ -4,4 +4,4 @@ drwxr-xr-x	root/root	usr/bin/
 drwxr-xr-x	root/root	usr/share/
 drwxr-xr-x	root/root	usr/share/man/
 drwxr-xr-x	root/root	usr/share/man/man1/
--rwxr-xr-x	root/root	usr/share/man/man1/signify.1.gz
+-rw-r--r--	root/root	usr/share/man/man1/signify.1.gz
diff --git a/signify/.signature b/signify/.signature
index d12b8967..ca1e8036 100644
--- a/signify/.signature
+++ b/signify/.signature
@@ -1,5 +1,6 @@
 untrusted comment: verify with /etc/ports/core.pub
-RWRJc1FUaeVeqp2rnDpeLrUIQIHJcIs75ytSsjK6BUuUK0i8dZ/GhsfLeTsyMxapW8zR2wbrv+uelaeykVj2q7Ba9kkwPgTJkAs=
-SHA256 (Pkgfile) = 571db77c9475f0a1ce88034ade93c190f95d3cbb5ae2b5755be3c58b670eb3c4
-SHA256 (.footprint) = c9c25d94c541a49fa3823d13d447c6170d3a675f145d7d7bd8ac648a5916df6f
-SHA256 (signify-0.1p2.tar.xz) = 79ae7b9911d22a7f72b2922a0f91f5b843623a5856f74d3eb29dbeaffe620f8f
+RWRJc1FUaeVeqre3G0qPrxGrJb6IodLz9wkyWUoGmxdmHSCW1H6bavJv86NctJ+6+lTfIzGq6ow0gR8AIRdrPC6fOYJjmfVdqwk=
+SHA256 (Pkgfile) = b7adc335395d92325bf730b5c2e1ff44dc154674a592a3527f148251b41b61fe
+SHA256 (.footprint) = 7254b9c6417527154751eece07f12711fa68773b4d8cad5e659e552f6adf39bc
+SHA256 (outils-20200707.tar.gz) = 499a754d42c3f52faa1e23ac14940fd3d451cfeea1fbbdc8bee0a52e99eb57c8
+SHA256 (cruxify.patch) = d2f254f066d26273716a69c7fbb902c8fba7a8e441cd5285594a27df8bf5a752
diff --git a/signify/Pkgfile b/signify/Pkgfile
index caafb3f4..611ba5dd 100644
--- a/signify/Pkgfile
+++ b/signify/Pkgfile
@@ -1,17 +1,23 @@
 # Description: Elliptic curve based signing and verification tool
-# URL:         http://www.tedunangst.com/flak/post/signify
+# URL:         https://github.com/leahneukirchen/outils
 # Maintainer:  CRUX System Team, core-ports at crux dot nu
 
 name=signify
-version=0.1p2
+version=20200707
+gitversion=1f93b1027c4be9f27f3a4b8dabb2ae3132e1cb6a
 release=1
-source=(https://crux.nu/files/distfiles/$name-$version.tar.xz)
+source=(https://github.com/leahneukirchen/outils/archive/$gitversion/outils-$version.tar.gz 
+        cruxify.patch)
 
 build() {
-	cd $name-$version
+	cd outils-$gitversion
 
-	make CFLAGS='-Wall -O2 -I. -DSIGNIFYROOT=\"/etc/ports\"'
+	patch -p0 -i $SRC/cruxify.patch
 
-	install -D signify $PKG/usr/bin/signify
-	install -D signify.1 $PKG/usr/share/man/man1/signify.1
+	export CFLAGS+=' -DSIGNIFYROOT=\"/etc/ports\"'
+	make PREFIX=/usr src/usr.bin/signify/signify
+
+	install -d $PKG/usr/{bin,share/man/man1}
+	install -m 0755 src/usr.bin/signify/signify $PKG/usr/bin
+	install -m 0644 src/usr.bin/signify/signify.1 $PKG/usr/share/man/man1
 }
diff --git a/signify/cruxify.patch b/signify/cruxify.patch
new file mode 100644
index 00000000..927de148
--- /dev/null
+++ b/signify/cruxify.patch
@@ -0,0 +1,47 @@
+diff -Napru pfefferminzbonbon
+--- src.orig/usr.bin/signify/signify.c	2020-08-22 20:11:21.055823405 +0200
++++ src/usr.bin/signify/signify.c	2020-08-22 20:15:28.105818708 +0200
+@@ -49,6 +49,10 @@
+ #define COMMENTMAXLEN 1024
+ #define VERIFYWITH "verify with "
+ 
++#ifndef SIGNIFYROOT
++# define SIGNIFYROOT "/etc/signify"
++#endif
++
+ struct enckey {
+ 	uint8_t pkalg[2];
+ 	uint8_t kdfalg[2];
+@@ -411,7 +415,7 @@ createsig(const char *seckeyfile, const
+ 		else
+ 			keyname++;
+ 		nr = snprintf(sigcomment, sizeof(sigcomment),
+-		    VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname);
++		    VERIFYWITH "%s/%.*s.pub", SIGNIFYROOT, (int)strlen(keyname) - 4, keyname);
+ 		if (nr == -1 || nr >= sizeof(sigcomment))
+ 			errx(1, "comment too long");
+ 	} else {
+@@ -518,13 +522,20 @@ static void
+ readpubkey(const char *pubkeyfile, struct pubkey *pubkey,
+     const char *sigcomment, const char *keytype)
+ {
+-	const char *safepath = "/etc/signify";
++	const char *safepath = SIGNIFYROOT "/";
+ 	char keypath[PATH_MAX];
+ 
+ 	if (!pubkeyfile) {
++		size_t spl;
++
+ 		pubkeyfile = strstr(sigcomment, VERIFYWITH);
+-		if (pubkeyfile && strchr(pubkeyfile, '/') == NULL) {
+-			pubkeyfile += strlen(VERIFYWITH);
++		if (!pubkeyfile)
++			usage("must specify pubkey");
++		pubkeyfile += strlen(VERIFYWITH);
++		spl = strlen(safepath);
++		if (strncmp(pubkeyfile, safepath, spl) == 0)
++			pubkeyfile += spl;
++		if (*pubkeyfile != '\0' && strchr(pubkeyfile, '/') == NULL) {
+ 			if (keytype)
+ 				check_keytype(pubkeyfile, keytype);
+ 			if (snprintf(keypath, sizeof(keypath), "%s/%s",


More information about the crux-commits mailing list