diff options
author | Kristian Fiskerstrand <k_f@gentoo.org> | 2016-08-09 17:36:33 +0200 |
---|---|---|
committer | Kristian Fiskerstrand <k_f@gentoo.org> | 2016-08-09 17:37:13 +0200 |
commit | 5ca3028d1a392aa98808a72b098651fe22e8493e (patch) | |
tree | 3804d5865a2862f693fccd61314222189e4f6dcd /app-crypt/monkeysphere | |
parent | sys-fs/xfsprogs: drop some older versions (diff) | |
download | gentoo-5ca3028d1a392aa98808a72b098651fe22e8493e.tar.gz gentoo-5ca3028d1a392aa98808a72b098651fe22e8493e.tar.bz2 gentoo-5ca3028d1a392aa98808a72b098651fe22e8493e.zip |
app-crypt/monkeysphere: Version bump to 0.38
Package-Manager: portage-2.3.0
Diffstat (limited to 'app-crypt/monkeysphere')
5 files changed, 258 insertions, 0 deletions
diff --git a/app-crypt/monkeysphere/Manifest b/app-crypt/monkeysphere/Manifest index e905342e9707..44a78ab8cd79 100644 --- a/app-crypt/monkeysphere/Manifest +++ b/app-crypt/monkeysphere/Manifest @@ -1,2 +1,3 @@ DIST monkeysphere_0.36.orig.tar.gz 98876 SHA256 6ae4edeff2cc29b6913346e15b61500ea7cc06d761a9f42e67de83b7d2607be7 SHA512 eb6776bd9996db8a5d6a1d16b5b06e6733069cbb3cb35f4e3965508575e084c6f08576f31c71429432daf93910d145804ecf155c3d7550a0f4550a056cb4f0c8 WHIRLPOOL c163d0be77d3c6d838f752c8f53d967b17aeafd798e4fca694a31bf55628fb57d18b6a4664ca9552bd3daf3b89b6f86452d430529985ca0a31c3c4aa48470bc0 DIST monkeysphere_0.37.orig.tar.gz 99557 SHA256 b510b8a414fb400356e80f1f882488785df72ac54078410b54d4c50a84686e59 SHA512 ebf636caaa0985a2495314375a9d78d131173ccedc116993e02b7bbc0ddc8c43c718dc65cb725619ecf7e72e0b7e11b941f3eb342d7c23d17ca0507b2ab28512 WHIRLPOOL d27a3712ce4cd529986c4ac0af7398f8d69d66c1b5aed9842d3b21f417bab5d2b3afc7be9e069ce0e9f307b17ad33ef9e8d49d7624ec0d7d2aab60949982b9c1 +DIST monkeysphere_0.38.orig.tar.gz 107546 SHA256 6951821d11ad646e6e7651d677bfab8f800fbc52703a0ab9942d03cd13959073 SHA512 fd87460fe16b0133fd507ff93926a5dea6419343b45c3ba33e6e981333646f4fa840c127bb1f3e7750bc3ede66c5e07f4155557a8354cf38d89159422dca390f WHIRLPOOL 26f96f1d845ce1178337cc23e50140576a785536f656e73ceaba4d64192106b2462bb046328758c2771b48de64abe1a3d866cfc2fadc7ac0d0e2341778cd9105 diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch new file mode 100644 index 000000000000..dbf9d5f590ca --- /dev/null +++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-asprintf.patch @@ -0,0 +1,45 @@ +From b756fd2e58ab013b5c9bfc2658ed9ad48868067c Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Sun, 7 Aug 2016 18:24:47 -0400 +Subject: [PATCH] avoid warning about unused asprintf return value +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +some versions of gcc produce this warning, which is treated as an +error due to our conservative defaults in Makefile: + +src/agent-transfer/main.c: In function ‘main’: +src/agent-transfer/main.c:676:5: error: ignoring return value of ‘asprintf’, declared with attribute warn_unused_result [-Werror=unused-result] + asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip); + ^ +cc1: all warnings being treated as errors + +this patch avoids the warning. +--- + src/agent-transfer/main.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/agent-transfer/main.c b/src/agent-transfer/main.c +index 406aaa3..3038f5c 100644 +--- a/src/agent-transfer/main.c ++++ b/src/agent-transfer/main.c +@@ -672,8 +672,13 @@ int main (int argc, const char* argv[]) { + return 1; + } + +- if (!args.comment) +- asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip); ++ if (!args.comment) { ++ err = asprintf (&alt_comment, "GnuPG keygrip %s", args.keygrip); ++ if (err < 0) { ++ fprintf (stderr, "failed to generate key comment\n"); ++ return 1; ++ } ++ } + + err = send_to_ssh_agent (&e, ssh_sock_fd, args.seconds, args.confirm, + args.comment ? args.comment : alt_comment); +-- +2.7.3 + diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch new file mode 100644 index 000000000000..4d98c0a7cf5b --- /dev/null +++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-revert-executable-patch.patch @@ -0,0 +1,98 @@ +From c75c7553a88e387013e2b4310f4c4956adfd8a98 Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Mon, 8 Aug 2016 20:45:07 -0400 +Subject: [PATCH 1/2] avoid treating src/share/common as an executable + +having src/share/common treated as an executable (commit +ed10318d3760b56e57d5e1bef04ab57761ab8bd1) was actually a terrible +idea. + +In addition to causing "monkeysphere version" to print the version +number twice, it meant that any invocation of a monkeysphere command +that sourced src/share/common and had a first argument that happened +to be a function name would accidentally invoke that function. + +This commit reverts that idea. +--- + Makefile | 2 +- + src/share/common | 5 ----- + src/share/ma/add_certifier | 2 +- + src/share/ma/update_users | 2 +- + src/share/mh/add_revoker | 2 +- + 5 files changed, 4 insertions(+), 9 deletions(-) + mode change 100755 => 100644 src/share/common + +diff --git a/Makefile b/Makefile +index 608a317..768564a 100755 +--- a/Makefile ++++ b/Makefile +@@ -55,7 +55,7 @@ install: all installman + install src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin + sed -i 's:__SYSSHAREDIR_PREFIX__:$(PREFIX):' $(DESTDIR)$(PREFIX)/sbin/monkeysphere-authentication + install src/monkeysphere-authentication-keys-for-user $(DESTDIR)$(PREFIX)/share/monkeysphere +- install -m 0755 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere ++ install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere + install -m 0644 src/share/defaultenv $(DESTDIR)$(PREFIX)/share/monkeysphere + sed -i 's:__SYSCONFDIR_PREFIX__:$(ETCPREFIX):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv + sed -i 's:__SYSDATADIR_PREFIX__:$(LOCALSTATEDIR):' $(DESTDIR)$(PREFIX)/share/monkeysphere/defaultenv +diff --git a/src/share/common b/src/share/common +old mode 100755 +new mode 100644 +index 66181a3..b10a040 +--- a/src/share/common ++++ b/src/share/common +@@ -1,4 +1,3 @@ +-#!/usr/bin/env bash + # -*-shell-script-*- + # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +@@ -1022,7 +1021,3 @@ report_cruft() { + printf "The directories above are backups left over from a monkeysphere transition.\nThey may contain copies of sensitive data (host keys, certifier lists), but\nthey are no longer needed by monkeysphere.\nYou may remove them at any time.\n\n" | log info + fi + } +- +-if [ -n "$1" ] && [ "$(type -t "$1" || true)" = "function" ]; then +- "$@" +-fi +diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier +index 1d450e7..5416aa9 100644 +--- a/src/share/ma/add_certifier ++++ b/src/share/ma/add_certifier +@@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$keyID") ++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$keyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +diff --git a/src/share/ma/update_users b/src/share/ma/update_users +index d23c125..4f83e0c 100644 +--- a/src/share/ma/update_users ++++ b/src/share/ma/update_users +@@ -79,7 +79,7 @@ for uname in $unames ; do + + # process authorized_user_ids file, as monkeysphere user + su_monkeysphere_user \ +- /usr/bin/env "STRICT_MODES=$STRICT_MODES" "${SYSSHAREDIR}/common" process_authorized_user_ids - \ ++ /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c ". ${SYSSHAREDIR}/common && process_authorized_user_ids -" \ + < "$authorizedUserIDs" \ + > "$tmpAuthorizedKeys" + +diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker +index 28b11ac..e00ac4e 100644 +--- a/src/share/mh/add_revoker ++++ b/src/share/mh/add_revoker +@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- "${SYSSHAREDIR}/common" list_primary_fingerprints < "$revokerKeyID") ++ bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$revokerKeyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +-- +2.7.3 + diff --git a/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch b/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch new file mode 100644 index 000000000000..65d3ba6a95aa --- /dev/null +++ b/app-crypt/monkeysphere/files/monkeysphere-0.38-syssharedir-whitespace.patch @@ -0,0 +1,53 @@ +From 0e339de4772b6de1849dc55790821c3dd5943be3 Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Tue, 9 Aug 2016 09:39:45 -0400 +Subject: [PATCH 2/2] ensure that this works even if SYSSHAREDIR has whitespace + +--- + src/share/ma/add_certifier | 2 +- + src/share/ma/update_users | 2 +- + src/share/mh/add_revoker | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier +index 5416aa9..9488806 100644 +--- a/src/share/ma/add_certifier ++++ b/src/share/ma/add_certifier +@@ -101,7 +101,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$keyID") ++ bash -c "$(printf ". %q && list_primary_fingerprints" "${SYSSHAREDIR}/common")" < "$keyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +diff --git a/src/share/ma/update_users b/src/share/ma/update_users +index 4f83e0c..a0ec21b 100644 +--- a/src/share/ma/update_users ++++ b/src/share/ma/update_users +@@ -79,7 +79,7 @@ for uname in $unames ; do + + # process authorized_user_ids file, as monkeysphere user + su_monkeysphere_user \ +- /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c ". ${SYSSHAREDIR}/common && process_authorized_user_ids -" \ ++ /usr/bin/env "STRICT_MODES=$STRICT_MODES" bash -c "$(printf ". %q && process_authorized_user_ids -" "${SYSSHAREDIR}/common")"\ + < "$authorizedUserIDs" \ + > "$tmpAuthorizedKeys" + +diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker +index e00ac4e..de08961 100644 +--- a/src/share/mh/add_revoker ++++ b/src/share/mh/add_revoker +@@ -52,7 +52,7 @@ if [ -f "$revokerKeyID" -o "$revokerKeyID" = '-' ] ; then + # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." + fingerprint=$(su_monkeysphere_user \ +- bash -c ". ${SYSSHAREDIR}/common && list_primary_fingerprints" < "$revokerKeyID") ++ bash -c "$(printf ". %q && list_primary_fingerprints" "${SYSSHAREDIR}/common")" < "$revokerKeyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + failure "There was not exactly one gpg key in the file." +-- +2.7.3 + diff --git a/app-crypt/monkeysphere/monkeysphere-0.38.ebuild b/app-crypt/monkeysphere/monkeysphere-0.38.ebuild new file mode 100644 index 000000000000..c67b3093f06c --- /dev/null +++ b/app-crypt/monkeysphere/monkeysphere-0.38.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils user + +DESCRIPTION="Leverage the OpenPGP web of trust for OpenSSH and Web authentication" +HOMEPAGE="http://web.monkeysphere.info/" + +LICENSE="GPL-3" +SLOT="0/0" +IUSE="" +SRC_URI="mirror://debian/pool/monkeysphere/m/monkeysphere/monkeysphere_${PV}.orig.tar.gz http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_${PV}.orig.tar.gz" +KEYWORDS="~amd64 ~arm ~x86" + +DOCS=( README Changelog ) + +# Tests fail upstream for SSH connection. Issue has been reported. +RESTRICT="test" + +DEPEND="app-crypt/gnupg:0= + net-misc/socat:0= + dev-perl/Crypt-OpenSSL-RSA:0= + dev-perl/Digest-SHA1:0= + app-misc/lockfile-progs:0=" + +RDEPEND="${DEPEND}" + +pkg_setup() +{ + einfo "Creating named group and user" + enewgroup monkeysphere + enewuser monkeysphere -1 -1 /var/lib/monkeysphere monkeysphere + # Using fperms and fowner in src_install leave unusable config with error + # Authentication refused: bad ownership or modes for directory /var/lib/monkeysphere + chown root:monkeysphere /var/lib/monkeysphere + chmod 751 /var/lib/monkeysphere +} + +src_prepare() +{ + epatch "${FILESDIR}/${P}-asprintf.patch" \ + "${FILESDIR}/${P}-revert-executable-patch.patch"\ + "${FILESDIR}/${P}-syssharedir-whitespace.patch"\ + "${FILESDIR}/${PN}-0.37_default_shell.patch"\ + "${FILESDIR}/${PN}-0.37_hd_od.patch" + + sed -i "s#share/doc/monkeysphere#share/doc/${PF}#" Makefile || die +} + +src_install() +{ + default + dodir /var/lib/monkeysphere +} + +pkg_postinst() +{ + monkeysphere-authentication setup || die +} |