diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-crypt/ekeyd | |
reinit the tree, so we can have metadata
Diffstat (limited to 'app-crypt/ekeyd')
| -rw-r--r-- | app-crypt/ekeyd/Manifest | 21 | ||||
| -rw-r--r-- | app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild | 185 | ||||
| -rw-r--r-- | app-crypt/ekeyd/ekeyd-1.1.5.ebuild | 164 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/90-ekeyd.rules | 16 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekey-egd-linux.conf.2 | 10 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekey-egd-linux.init.2 | 22 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekey-ulusbd.conf.2 | 16 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekey-ulusbd.init.2 | 40 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch | 133 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch | 32 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch | 23 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch | 50 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch | 49 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch | 29 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch | 36 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd.init.2 | 29 | ||||
| -rw-r--r-- | app-crypt/ekeyd/files/ekeyd.service | 8 | ||||
| -rw-r--r-- | app-crypt/ekeyd/metadata.xml | 27 |
18 files changed, 890 insertions, 0 deletions
diff --git a/app-crypt/ekeyd/Manifest b/app-crypt/ekeyd/Manifest new file mode 100644 index 000000000000..409b4ed33a2c --- /dev/null +++ b/app-crypt/ekeyd/Manifest @@ -0,0 +1,21 @@ +AUX 90-ekeyd.rules 691 SHA256 73e779a2e421b79882309120f4039809063f73f0cccc3c57d491134f1c6f8414 SHA512 12d949e90af31992ac671ae42172a2169592dfba9b921ed684a37e7fe330bef44abb2c0a1a5df63ddde940b00fb10fa9cfba493c69614ce0f10aba4de78ea6d3 WHIRLPOOL e4583a9c56c827a2e9b37644edafe3288359aea57c016e844ac2a478135a72aaf599549673c753e88216cf30b8b27639bb4eef463351324e606c3f21bd33a13f +AUX ekey-egd-linux.conf.2 266 SHA256 89b5cf30b7cad64503f85c6bfc7e3868245870aae659d79dd05cc50869b5eaa8 SHA512 3e8db66552a5c04045226debbf6a7add01301bf98bb26c48033f4bceacde82f25e449fced2d46667009165e9d2f327134e6c963142295d7ef065eaa47b383393 WHIRLPOOL 2a34d84d96a53c5f8c39bff0d5b39c6a88f1cfeca44d1b52c7e7c3aece453bcb51cf00e9f1f1c6ed2a91cddc944857eae31bed67980805e9dcbef020c7de081e +AUX ekey-egd-linux.init.2 456 SHA256 1ccf667df6fa449934d60dd1f90aea389634411fbd50766e3621c0c4345dcd83 SHA512 55e7be6464b685aa5b290bd310020f4a01926d07a9cb071fc117081bc751a902ebbb9db51a81a5168a34cebc2ecc02360b4917356e25a2e205f57491739ff190 WHIRLPOOL e50c57a54e8a89f0221b873dc29a4de2f1ad4586f86b99448aee5a92bdf6fb8e5b5b243bd418ed2afc7429413946dfc9cac2154625a58710ea570367bf5a21de +AUX ekey-ulusbd.conf.2 495 SHA256 f3c246cd68840e48e39ba211fb8b49dea779a7fa660a7fc0854c6be000680ffc SHA512 9d4b5d594790d34ed4b513a00b60518c0770ccba87b159e1f9eaac382275658e53f5274ee24743e8d103bbe4a2351ce865157013e0dfeefa32e37fe4d2348677 WHIRLPOOL 54b831fa3b3b9c79d3a4d259ef28ca971e72c29320152ff546dd5da8b275952a4fefdeb990627467493dc0de266fcbfadf3f4dcf9e48a857bd780d112cfbd5a4 +AUX ekey-ulusbd.init.2 900 SHA256 da05b3819c08511d3c71046f277c23407526d325a8490cf2b51e84fba0d38cd4 SHA512 cae15995b8d8b66ef4209fe3cd8a14edcc2645b10dbb6f4da54e929a9347db675abcf9232841863c14a450789768247eda5929667021b5bada041365fbc1470d WHIRLPOOL b3134dbbed5a114e257e05d09ece4dfb36766a2f992d34f488612f2ebce51c8abb26ad64b4d4c7ae29c2e8ad8bac966977e6f0bfbed7372db97a43a1da07342c +AUX ekeyd-1.1.4-gentoo.patch 6565 SHA256 ed663baf91af89db437150e04a1ec8dacfeb990c6c0659b632d8e895e2230f1d SHA512 f65a1cef8bd4e280a8dd8ce51f23661286ed3fd688d34943793eb326d417016a53312c6b344aab3465a8930c7de8cd10d6d572bd67f92cf8f65386f2f5ca1875 WHIRLPOOL 40e642b074031a538f2e2bba0a55a7d9c2ed83a22492c0cf1f3e4cb8fe2a360fd021ec0370264c81f611531748f1e1887a18df6665a1f8bff7938f56da9197e6 +AUX ekeyd-1.1.5-const_char_usage.patch 1094 SHA256 5cca2edeacb1ff188a47d73b7df8f63d15debca4f6fca61e2f7e1a95dcf9f69a SHA512 92198522e3dd90d2274d9c5171c216c3a3db9d334b2b14363781456f167a65df5370a7dcf430246d944e1e14e5278bf130e068063e600589f74026ca39e319a5 WHIRLPOOL 1562ad67c31d4ea9903a67651d3dbfce49b848c7a5a4f5da6ef46f33527f6762dc58e579ff3e831852c484a091af1dd9d924355d7a628e740d3604b8fee57cc3 +AUX ekeyd-1.1.5-enoent.patch 863 SHA256 8055cffd030a97c9011b9f3aba9ee4558a93e2da919c25c8cd7d73c3a571423b SHA512 ace451e7aafc61e21422a81e50d3954189f80fec50160002c579db27865b46c95dc6db557533a9aa6ef3ca744394542754ba46f96de90a026e19a14477522e50 WHIRLPOOL 270b12c836ce9231ce5bcc5331feb9261a541e251b553dd08cabc5dfe6ea0c9707724b4d42c631a36e51b1c626a2431565c175445cfd9446c4cbc41dd9fc55fe +AUX ekeyd-1.1.5-misc.patch 1245 SHA256 9643e1e185447afaa713375dd4e5ff768223580c9fa917e61eb87ce5e00e560d SHA512 5a1a523fab7146e97f8396ef82d6755e1b209df728ee83dae87619a0a6d84b0b44e41b9e67f287b7f3d54a2ef80a19320650662cca0f1dfe0053eba75d113f04 WHIRLPOOL 6d5ac6e136814ec155c5a557bae12ff9b3c980049ee5e9c50ca2338bf74b6c3649b0a80c1d0f8667c8bfaed6fb873ee85872692d1e55e6b6fc7cb01c0028bc0a +AUX ekeyd-1.1.5-path-fixes.patch 1918 SHA256 cea37f22aac5264eacecf640bd7199cc9b2adf116024ad8ecaf2dd3b926e823b SHA512 aba7b1cba96e678725fc8b47b56d815d59ce015ff6a4f72eaaf5fe8b7a99ddedf05ef3534a51772330209fb3cef235d76207103ee1e7a1f3315f4a52d2c0c2be WHIRLPOOL 23c101d3bf410c76d7bf09230f0564415c32fa44a1de92b64dc369dd0c3c495b3b76ab97bd8dd901056f4e15d87d48da866826e8c27b5de13db1efb481f1246d +AUX ekeyd-1.1.5-remove-werror.patch 1205 SHA256 98cdb0271ed3f97f00120ff26e480ec0515662062f3059467ddf41b50bc57212 SHA512 2ea01bbe642bd52351e8ab9b7b62147c5bec7918305dc2c5be9291e3ae98fdd90f0e6e36c450e4db6220076a45a22cf870c81b3e23beed9170f262c857acecfd WHIRLPOOL 1a242838e5ddf710841313542d30e4111320d406139747d73d0ba770155fb87a6c151b01b87b7f8d9f4cb75a4cfa2d2e2386ac314a039c8852188712b16c0c63 +AUX ekeyd-1.1.5-udev-rule.patch 2325 SHA256 cc233ecb5ad894e5a8585028b4ed5679f1d99997393fd4acc1373b18f3ab78bd SHA512 05023ef85c454a9092cecf7f3826430caeda1e66ba5759ffe1e6f4c42f4da32048862dba6c6e19ab32febadc3a9f65cf5e1b8f0562a71fc854134b60df28a80c WHIRLPOOL 8f9ad5c55836e2370bb88a2721869f7212c8e652e6cbb6c1b424aa712fcdc69b3e6704ea27ec9547b2e5d451abe999009ba141ce455e96fcf075959b9b734ef0 +AUX ekeyd.init.2 699 SHA256 93084107879d8513e9ccfa825c01b95f86f397d5f452a33c5551faf3cf6d834e SHA512 3c1fe923e6f08d83d02b9559fa5b817e9abdbc97a50815ab01c7c17e3e953f54701eb1110340dc164bb67ef67905041054cd4fc98c11ea5932a539f4330c8b71 WHIRLPOOL 31954b74514877ebcf56e73e74007519b2a590066d82ef1edd5234e66957be1a9fefd66b5a908b6c8e3e7589672c936d500c1bdf87eb980042800a566fc4c767 +AUX ekeyd.service 117 SHA256 4b676db5443cf088256add409414e944da3ce9f00f9b7ca55a8d0fbfd1802d86 SHA512 3372ed067594cd7e1c0f02402ced141fe9e9c96e6df0dbfeae2ed707c837e48860450ec1971689245d62f79351c294c222456dcb489629095e7707a7026a878d WHIRLPOOL 67a93e965c938bcb0d816b4b2072357392166de546d292251da67739c66ace97e218e8aa29ff92c745cac6966b265037b85772f7233ed80f2b254cfb17305663 +DIST ekeyd-1.1.4.tar.gz 100911 SHA256 147ca4ff964ab7b344a08d3cd6f9b1bf03ba18776a1941d603681d8102cce0c8 SHA512 40632722827e07ebc643fa32af9910b28053873329772681dba2b029ad0b3c63d1d6bba3fdd0549b84e23779d2e2ae0323a53e1fdf93eb963570bab2227b63e6 WHIRLPOOL 1dc89c735befeeb8fb2d840d27ddcce0b8b15cffb8be0b9e6fa978f0c14bc9cef8345b8b1f4a3c6140031b1a01d92c26674e011acec3c6605ddf7b5c2e56d248 +DIST ekeyd_1.1.5.orig.tar.gz 101366 SHA256 4aa8abe4bd8bb4517be3f751a75ae270ac2855ba4ba465099a3f29a2c8602ec4 SHA512 c30620d5e54a49929be72ed04448a4f08eb9658dbf7534586c49a3b43bdd5fc95a0659e09cc04b012c339ca20a1e914fa5a4b4d970171c46b64235f284516b9a WHIRLPOOL bfa6cbea82bea8aeed7a86cc5cc0e8e95bd9ceba00d57f78a0bd5bcf6694d4c37db1a43ff01a92493d83a33b41c2a17ddac366c6d2281b848d5f239b4240ea39 +EBUILD ekeyd-1.1.4-r2.ebuild 5604 SHA256 fbdbb221c58dbff2f821702481ca4ac6a3105540e24a2c8a2e79c77b28c10531 SHA512 67f60f6aef075cbe8c8be460f953c66191b0e4e4c88c5b5ed98b2fce9d3cb79290eda3e79668a9b0bc3a02fffab47a4b62fbd9a4ff6c9bb8e0925917f3c12d9b WHIRLPOOL 3c83f5b7f32362415385ff25bbe8e7c1f4125f8ef8f947633048023758888b24e92f63e8ac23f1e5406a0b18c5ad40438a8c2073c0b3e531ea6104c476bfebcf +EBUILD ekeyd-1.1.5.ebuild 4865 SHA256 2790597ca52fa8c0f4c19d6dcd00c8317465c2ea3b997d2fe2ff40634da03d94 SHA512 dd6e8b2913eb2628c70aa3d22687982fbbfad2c084a5407f693429c7bacb7c55f5d20f2ffb35df13fcd2f644b1a648c1985b2ec71bdca8c659f2fc5bda6dbce2 WHIRLPOOL 1c358605f0a33c826cac5f5d28c3bf8a1cf9ee6494fa575dea682811be63967180beb299edbbf6d794afb838bf2056cbe01f48a578583498f05dac3440bfef31 +MISC ChangeLog 3249 SHA256 4224ea2c3909ad8dd91fcd0079084b39cfaf27e86beecc8dd180f84ca8a1ec6a SHA512 2a5227fd992d948e88b3328d3eebc1561485ff4630148b55c9590fbb3553143ddd30ca9bb0fdb6440460424bb08aaac1287715b32b7561c6046b200c74e12e7d WHIRLPOOL afeb007631d25b3b923efe040b9a25039ebb0cb15062df80dba6b390227ecba71ea69af09b986d0dfe2af87539362e21a8308c27011ad10455f26ec6e62bd746 +MISC ChangeLog-2015 8657 SHA256 5ef046dadee3586af77b50473e25b9aa891035a3fcdff52c61a133d0571d4e22 SHA512 ef13f0aa8947076d394c5d7666f3eb536cb1c84be8fad47a0b2e2f596a194a2a7e46e2073bc892953e4709bd774ab4eccf30c28bc888da04074f5c7eae6db85d WHIRLPOOL d4e423df01bcc8d7e23c6cd057e79fac7653e77f28fd5d4e6e7c1cec2ec267cc4311a15913c279a94888ce7e4945163fb5d4fca95475efb6920d12de50e66a35 +MISC metadata.xml 904 SHA256 490111f22e49c1ce205398f642501a190c5bd0e5f2de1f400af9435ef46c3315 SHA512 506c932025deaba744e1a06b75821fa3f65b0770b94f5abdc76c4f1647fbb888e1217d1bcf6046d11cd49f12d53235b419e6935735e08d447ae886513cdc052e WHIRLPOOL 1c7e42a0e644263d83dddc2654aca4d89f09fa1054ec7fe1aeccc592de055ec67aab5904dc02410bafa59e61f006b1dfe5154ebf48905a941728b5584370f3e4 diff --git a/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild b/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild new file mode 100644 index 000000000000..70403d447d8e --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.4-r2.ebuild @@ -0,0 +1,185 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils multilib linux-info toolchain-funcs udev + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="http://www.entropykey.co.uk/res/download/${P}.tar.gz" + +LICENSE="MIT GPL-2" # GPL-2 (only) for init script +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="usb kernel_linux munin minimal" +REQUIRED_USE="minimal? ( !munin !usb )" + +EKEYD_RDEPEND="dev-lang/lua + usb? ( virtual/libusb:0 )" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( virtual/udev ) + usb? ( !kernel_linux? ( sys-apps/usbutils ) ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux + sys-apps/openrc" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=$(use usb && echo yes || echo no) \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf.2 ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init.2 ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd $(use usb && echo install-ekey-ulusbd) + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + newinitd "${FILESDIR}"/${PN}.init.2 ${PN} + + if use usb && ! use kernel_linux; then + newinitd "${FILESDIR}"/ekey-ulusbd.init.2 ekey-ulusbd + newconfd "${FILESDIR}"/ekey-ulusbd.conf.2 ekey-ulusbd + fi + + if use kernel_linux; then + local rules=udev/fedora15/60-entropykey.rules + use usb && rules=udev/fedora15/60-entropykey-uds.rules + + udev_newrules ${rules} 70-${PN}.rules + + exeinto "$(get_udevdir)" + doexe udev/entropykey.sh + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + ewarn "Since version 1.1.4-r1, ekey-egd-linux will *not* set the watermark for" + ewarn "you, instead you'll have to configure the sysctl in /etc/sysctl.conf" + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use usb; then + if use kernel_linux; then + elog "You're going to use the userland USB daemon, the udev rules" + elog "will be used accordingly. If you want to use the CDC driver" + elog "please disable the usb USE flag." + else + elog "You're going to use the userland USB daemon, since your OS" + elog "does not support udev, you should start the ekey-ulusbd" + elog "service before ekeyd." + fi + + ewarn "The userland USB daemon has multiple known issues. If you can," + ewarn "please consider disabling the 'usb' USE flag and instead use the" + ewarn "CDC-ACM access method." + else + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" + fi +} diff --git a/app-crypt/ekeyd/ekeyd-1.1.5.ebuild b/app-crypt/ekeyd/ekeyd-1.1.5.ebuild new file mode 100644 index 000000000000..f03ac2d0a62f --- /dev/null +++ b/app-crypt/ekeyd/ekeyd-1.1.5.ebuild @@ -0,0 +1,164 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils multilib linux-info toolchain-funcs udev systemd + +DESCRIPTION="Entropy Key userspace daemon" +HOMEPAGE="http://www.entropykey.co.uk/" +SRC_URI="mirror://ubuntu/pool/universe/e/ekeyd/ekeyd_${PV}.orig.tar.gz" + +LICENSE="MIT GPL-2" # GPL-2 (only) for init script +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="kernel_linux munin minimal" +REQUIRED_USE="minimal? ( !munin )" + +EKEYD_RDEPEND="dev-lang/lua" +EKEYD_DEPEND="${EKEYD_RDEPEND}" +EKEYD_RDEPEND="${EKEYD_RDEPEND} + dev-lua/luasocket + kernel_linux? ( virtual/udev ) + munin? ( net-analyzer/munin )" + +RDEPEND="!minimal? ( ${EKEYD_RDEPEND} ) + !app-crypt/ekey-egd-linux + sys-apps/openrc" +DEPEND="!minimal? ( ${EKEYD_DEPEND} )" + +CONFIG_CHECK="~USB_ACM" + +pkg_setup() { + if ! use minimal && use kernel_linux && ! use usb && linux_config_exists; then + check_extra_config + fi +} + +src_prepare() { + epatch "${FILESDIR}/${P}-const_char_usage.patch"; + epatch "${FILESDIR}/${P}-enoent.patch"; + epatch "${FILESDIR}/${P}-path-fixes.patch"; + epatch "${FILESDIR}/${P}-udev-rule.patch"; + epatch "${FILESDIR}/${P}-remove-werror.patch"; + epatch "${FILESDIR}/${P}-misc.patch"; +} + +src_compile() { + local osname + + # Override automatic detection: upstream provides this with uname, + # we don't like using uname. + case ${CHOST} in + *-linux-*) + osname=linux;; + *-freebsd*) + osname=freebsd;; + *-kfrebsd-gnu) + osname=gnukfreebsd;; + *-openbsd*) + osname=openbsd;; + *) + die "Unsupported operating system!" + ;; + esac + + # We don't slot LUA so we don't really need to have the variables + # set at all. + emake -C host \ + CC="$(tc-getCC)" \ + LUA_V= LUA_INC= \ + OSNAME=${osname} \ + OPT="${CFLAGS}" \ + BUILD_ULUSBD=no \ + $(use minimal && echo egd-linux) +} + +src_install() { + exeinto /usr/libexec + newexe host/egd-linux ekey-egd-linux + newman host/egd-linux.8 ekey-egd-linux.8 + + newconfd "${FILESDIR}"/ekey-egd-linux.conf.2 ekey-egd-linux + newinitd "${FILESDIR}"/ekey-egd-linux.init.2 ekey-egd-linux + + dodoc doc/* AUTHORS ChangeLog THANKS + + use minimal && return + # from here on, install everything that is not part of the minimal + # support. + + emake -C host \ + DESTDIR="${D}" \ + MANZCMD=cat MANZEXT= \ + install-ekeyd + + # We move the daemons around to avoid polluting the available + # commands. + dodir /usr/libexec + mv "${D}"/usr/sbin/ekey*d "${D}"/usr/libexec + + systemd_dounit "${FILESDIR}/ekeyd.service" + + newinitd "${FILESDIR}"/${PN}.init.2 ${PN} + + if use kernel_linux; then + local rules="${FILESDIR}/90-ekeyd.rules" + udev_newrules ${rules} 90-${PN}.rules + fi + + if use munin; then + exeinto /usr/libexec/munin/plugins + doexe munin/ekeyd_stat_ + + insinto /etc/munin/plugin-conf.d + newins munin/plugin-conf.d_ekeyd ekeyd + fi +} + +pkg_postinst() { + elog "${CATEGORY}/${PN} now install also the EGD client service ekey-egd-linux." + elog "To use this service, you need enable EGDTCPSocket for the ekeyd service" + elog "managing the key(s)." + elog "" + elog "The daemon will send more entropy to the kernel once the available pool" + elog "falls below the value set in the kernel.random.write_wakeup_threshold" + elog "sysctl entry." + elog "" + ewarn "Since version 1.1.4-r1, ekey-egd-linux will *not* set the watermark for" + ewarn "you, instead you'll have to configure the sysctl in /etc/sysctl.conf" + + use minimal && return + # from here on, document everything that is not part of the minimal + # support. + + elog "" + elog "To make use of your EntropyKey, make sure to execute ekey-rekey" + elog "the first time, and then start the ekeyd service." + elog "" + elog "By default ekeyd will feed the entropy directly to the kernel's pool;" + elog "if your system has jumps in load average, you might prefer using the" + elog "EGD compatibility mode, by enabling EGDTCPSocket for ekeyd and then" + elog "starting the ekey-egd-linux service." + elog "" + elog "The same applies if you intend to provide entropy for multiple hosts" + elog "over the network. If you want to have the ekey-egd-linux service on" + elog "other hosts, you can enable the 'minimal' USE flag." + elog "" + elog "The service supports multiplexing if you wish to use multiple" + elog "keys, just symlink /etc/init.d/ekeyd → /etc/init.d/ekeyd.identifier" + elog "and it'll be looking for /etc/entropykey/identifier.conf" + elog "" + + if use kernel_linux; then + elog "Some versions of Linux have a faulty CDC ACM driver that stops" + elog "EntropyKey from working properly; please check the compatibility" + elog "table at http://www.entropykey.co.uk/download/" + else + elog "Make sure your operating system supports the CDC ACM driver" + elog "or otherwise you won't be able to use the EntropyKey." + fi + elog "" + elog "If you're unsure about the working state of the CDC ACM driver" + elog "enable the usb USE flag and use the userland USB daemon" +} diff --git a/app-crypt/ekeyd/files/90-ekeyd.rules b/app-crypt/ekeyd/files/90-ekeyd.rules new file mode 100644 index 000000000000..2532ba852efc --- /dev/null +++ b/app-crypt/ekeyd/files/90-ekeyd.rules @@ -0,0 +1,16 @@ +# Entropy key udev rules +# +# Centos/RHEL 6 rules for udev version 147 +# +# These rules create devices under /dev/entropykey/<serialnumber> +# +# Copyright 2011-2014 Simtec Electronics +# +# For licence terms refer to the COPYING file distributed with the source. + +ACTION=="add", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", SYMLINK+="entropykey/$env{ID_SERIAL_SHORT}" + +ACTION=="add", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", RUN+="/usr/sbin/ekeydctl add /dev/entropykey/$env{ID_SERIAL_SHORT}" + +ACTION=="remove", SUBSYSTEM=="tty", ENV{ID_VENDOR_ID}=="20df", ENV{ID_MODEL_ID}=="0001", RUN+="/usr/sbin/ekeydctl remove $env{ID_SERIAL_SHORT}" + diff --git a/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 b/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 new file mode 100644 index 000000000000..8c0b089d94b5 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-egd-linux.conf.2 @@ -0,0 +1,10 @@ +# Configuration file for ekey-egd-linux + +# Hostname or IP address to connect to. +#HOST="localhost" +# Port number to connect to. +#PORT="8888" +# Time between reconnect attempts. +#RECONNECTINTERVAL=10 +# Set the number of 1024 bit blocks to request each time +#BLOCKS=2 diff --git a/app-crypt/ekeyd/files/ekey-egd-linux.init.2 b/app-crypt/ekeyd/files/ekey-egd-linux.init.2 new file mode 100644 index 000000000000..4aac23e59507 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-egd-linux.init.2 @@ -0,0 +1,22 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +: ${HOST:=localhost} +: ${PORT:=8888} +: ${RECONNECTINTERVAL:=10} +: ${BLOCKS:=2} + +description="EntropyKey EGD client" + +pidfile=/var/run/$SVCNAME.pid + +command=/usr/libexec/ekey-egd-linux +command_args="-H ${HOST} -p ${PORT} -r ${RECONNECTINTERVAL} -b ${BLOCKS} -D ${pidfile}" + +depend() { + use net + after ekeyd + + provide entropy +} diff --git a/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 b/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 new file mode 100644 index 000000000000..15a641fa3ffe --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-ulusbd.conf.2 @@ -0,0 +1,16 @@ +# Copyright 2009-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# The userland USB daemon has to know the USB path of the EntopyKey to +# work properly; in alternative to providing these statically, they +# can be found by giving the serial of the key. +# +# The serial will also be used to set the default path to open the +# socket to. + +EKEY_SERIAL="" +#USB_BUS="" +#USB_DEV="" + +# this is set by default +# SOCKET_PATH="/var/run/ekey-ulusbd-${EKEY_SERIAL}" diff --git a/app-crypt/ekeyd/files/ekey-ulusbd.init.2 b/app-crypt/ekeyd/files/ekey-ulusbd.init.2 new file mode 100644 index 000000000000..ef52db2a6685 --- /dev/null +++ b/app-crypt/ekeyd/files/ekey-ulusbd.init.2 @@ -0,0 +1,40 @@ +#!/sbin/openrc-run +# Copyright 2009-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +INSTANCE="${SVCNAME#*.}" +if [ -z "${INSTANCE}" -o "${SVCNAME}" = "ekey-ulusbd" ]; then + INSTANCE="ekey-ulusbd" +fi + +: ${SOCKET_PATH:=/var/run/ekey-ulusbd-${EKEY_SERIAL}} + +description="EntropyKey Userland USB Daemon" + +pidfile=/var/run/$SVCNAME.pid +command=/usr/libexec/ekey-ulusbd +command_args="-P ${pidfile} -p ${SOCKET_PATH}" + +depend() { + need localmount +} + +start() { + if [ -z ${USB_BUS} ]; then + set -- $(lsusb -v -d 20df:0001 | \ + egrep '(^Bus|iSerial)' | \ + grep -B1 "${EKEY_SERIAL}" | \ + head -n 1 | \ + cut -c 5-7,15-18) + USB_BUS=$1 + USB_DEV=$2 + fi + + ebegin "Starting ${description}" + start-stop-daemon \ + --start --pidfile ${pidfile} \ + --exec ${command} -- \ + ${command_args} \ + -b $(printf %03d ${USB_BUS}) -d $(printf %03d ${USB_DEV}) -D + eend $? +} diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch new file mode 100644 index 000000000000..f1491362e83f --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.4-gentoo.patch @@ -0,0 +1,133 @@ +Index: ekeyd-1.1.4/host/ekeyd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekeyd.c ++++ ekeyd-1.1.4/host/ekeyd.c +@@ -209,7 +209,7 @@ open_foldback_output(void) + return (output_stream != NULL); + } + +-static const char *usage= ++static const char usage[]= + "Usage: %s [-f <configfile>] [-p <pidfile>] [-v] [-h]\n" + "Entropy Key Daemon\n\n" + "\t-f Read configuration from configfile\n" +Index: ekeyd-1.1.4/host/ekey-setkey.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-setkey.c ++++ ekeyd-1.1.4/host/ekey-setkey.c +@@ -79,7 +79,7 @@ calc_mac(uint8_t *snum, uint8_t *mkey, u + return mac; + } + +-static const char *usage = ++static const char usage[] = + "Usage: %s [-d] [-h] [-n] [-f <keyring>] [-m <master>]\n" + " [-s <serial>] <path>\n" + "Entropy key device long term session key tool\n\n" +Index: ekeyd-1.1.4/host/ekey-ulusbd.c +=================================================================== +--- ekeyd-1.1.4.orig/host/ekey-ulusbd.c ++++ ekeyd-1.1.4/host/ekey-ulusbd.c +@@ -100,7 +100,8 @@ find_usb_device(char *busmatch, char *de + + #if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP + if ((r = usb_detach_kernel_driver_np(devh, EKEY_IFACE)) != 0) { +- if (r != -ENODATA) { ++ /* libusb_compat-0.1.3 mistakenly translate ENODATA to ENOENT */ ++ if (r != -ENODATA && r != -ENOENT) { + fprintf(stderr, + "Unable to detach Entropy Key at %s/%s from kernel\n", + busmatch, devmatch); +Index: ekeyd-1.1.4/udev/entropykey.sh +=================================================================== +--- ekeyd-1.1.4.orig/udev/entropykey.sh ++++ ekeyd-1.1.4/udev/entropykey.sh +@@ -19,9 +19,9 @@ wait_for_usb () { + COUNTER=$(( ${COUNTER} + 1 )) + test ${COUNTER} -ge 10 && exit 1 + done +- $BINPATH/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid -p/var/run/entropykeys/${ENTROPY_KEY_SERIAL} -D ++ /usr/libexec/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid -p/dev/entropykey/${ENTROPY_KEY_SERIAL} -D + sleep 1 +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + exit 0 + } + +@@ -34,18 +34,18 @@ else + if test "x${BUSNUM}" = "x" -o "x${DEVNUM}" = "x"; then + exit 0 + fi +- if test -r "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid"; then +- kill $(cat "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid") || true ++ if test -r "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid"; then ++ kill $(< "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid") || true + fi +- mkdir -p /var/run/entropykeys ++ mkdir -p /dev/entropykey /dev/.ekeyd-ulusb + wait_for_usb & + exit 0 + fi + # Update ekeyd with device operation +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + if test "x$ACTION" = "xremove"; then +- rm "/var/run/ekey-ulusbd-${ENTROPYKEY_KEY_SERIAL}.pid" +- rm "/var/run/entropykeys/${ENTROPYKEY_KEY_SERIAL}" ++ rm "/dev/.ekey-ulusbd/${ENTROPYKEY_KEY_SERIAL}.pid" ++ rm "/dev/entropykey/${ENTROPYKEY_KEY_SERIAL}" + fi + fi + +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey.rules +@@ -9,10 +9,10 @@ + # For licence terms refer to the COPYING file distributed with the source. + + # Detect an Entropy Key being inserted and add info values to environment +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # Add the /dev/entropykey/<serialnumber> symbolic link + ENV{ENTROPY_KEY_SERIAL}!="", SYMLINK+="entropykey/$env{ENTROPY_KEY_SERIAL}" +Index: ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +=================================================================== +--- ekeyd-1.1.4.orig/udev/fedora15/60-entropykey-uds.rules ++++ ekeyd-1.1.4/udev/fedora15/60-entropykey-uds.rules +@@ -9,7 +9,7 @@ + # For licence terms refer to the COPYING file. + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" ++ACTION=="add|change|remove", SUBSYSTEM=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c '/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT} | /bin/sed -e s:/:_:g'" + + # And tell the ekeyd about the device action. + ENV{ENTROPY_KEY_SERIAL}!="", RUN+="/lib/udev/entropykey.sh" +Index: ekeyd-1.1.4/host/Makefile +=================================================================== +--- ekeyd-1.1.4.orig/host/Makefile ++++ ekeyd-1.1.4/host/Makefile +@@ -107,7 +107,7 @@ OPT ?= -O2 + CFLAGS += $(INCLUDES) + CFLAGS += -g -Wall $(OPT) + CFLAGS += -fno-strict-aliasing +-CFLAGS += -std=c99 -Wall -pedantic -Wshadow -Werror -D_GNU_SOURCE ++CFLAGS += -std=c99 -Wall -pedantic -Wshadow -D_GNU_SOURCE + CFLAGS += '-DCONFIGFILE="$(SYSCONFPREFIX)/ekeyd.conf"' + CFLAGS += '-DPIDFILE="$(RUNTIMEPREFIX)/ekeyd.pid"' + CFLAGS += '-DKEYRINGFILE="$(SYSCONFPREFIX)/keyring"' +@@ -148,7 +148,7 @@ daemonise_ulusbd.o: daemonise.c + $(COMPILE.c) $(OUTPUT_OPTION) $(PTHFLAGS) $^ + + egd-linux: egd-linux.o daemonise.o +- $(CC) $(CFLAGS) -o $@ $^ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + ekeyd: ekeyd.o daemonise.o lstate.o connection.o stream.o frame.o packet.o keydb.o util.o fds.o krnlop.o foldback.o stats.o nonce.o ../device/frames/pem.o ../device/skeinwrap.o ../device/skein/skein.o ../device/skein/skein_block.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch new file mode 100644 index 000000000000..81ad8e6a5337 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-const_char_usage.patch @@ -0,0 +1,32 @@ +# HG changeset patch +# User kristianf +# Date 1382916823 -3600 +# Mon Oct 28 00:33:43 2013 +0100 +# Node ID 0d99149615ec5ec70a6d03c685291ddc55babff6 +# Parent fd192324ff9ae4c4c92cdb9c27f5ae100da136a6 +Rewrite static const char *usage + +diff -r fd192324ff9a -r 0d99149615ec host/ekey-setkey.c +--- a/host/ekey-setkey.c Mon Oct 28 00:31:59 2013 +0100 ++++ b/host/ekey-setkey.c Mon Oct 28 00:33:43 2013 +0100 +@@ -79,7 +79,7 @@ + return mac; + } + +-static const char *usage = ++static const char usage[] = + "This is a low level tool. You probably wanted to use ekey-rekey instead.\n\n" + "Usage: %s [-d] [-h] [-n] [-f <keyring>] [-m <master>]\n" + " [-s <serial>] <path>\n" +diff -r fd192324ff9a -r 0d99149615ec host/ekeyd.c +--- a/host/ekeyd.c Mon Oct 28 00:31:59 2013 +0100 ++++ b/host/ekeyd.c Mon Oct 28 00:33:43 2013 +0100 +@@ -209,7 +209,7 @@ + return (output_stream != NULL); + } + +-static const char *usage= ++static const char usage[] = + "Usage: %s [-f <configfile>] [-p <pidfile>] [-v] [-h]\n" + "Entropy Key Daemon\n\n" + "\t-f Read configuration from configfile\n" diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch new file mode 100644 index 000000000000..2d4cccbafafa --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-enoent.patch @@ -0,0 +1,23 @@ +# HG changeset patch +# User kristianf +# Date 1382916946 -3600 +# Mon Oct 28 00:35:46 2013 +0100 +# Node ID 0a9e41a05aafb98cc8c21562931cb1cbb5e30c1f +# Parent 0d99149615ec5ec70a6d03c685291ddc55babff6 +libusb_compat + +diff -r 0d99149615ec -r 0a9e41a05aaf host/ekey-ulusbd.c +--- a/host/ekey-ulusbd.c Mon Oct 28 00:33:43 2013 +0100 ++++ b/host/ekey-ulusbd.c Mon Oct 28 00:35:46 2013 +0100 +@@ -100,8 +100,9 @@ + + #if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP + if ((r = usb_detach_kernel_driver_np(devh, EKEY_IFACE)) != 0) { +- if (r != -ENODATA) { +- fprintf(stderr, ++ /* libusb_compat-0.1.3 mistakenly translate ENODATA to ENOENT */ ++ if (r != -ENODATA && r != -ENOENT) { ++ fprintf(stderr, + "Unable to detach Entropy Key at %s/%s from kernel\n", + busmatch, devmatch); + usb_close(devh); diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch new file mode 100644 index 000000000000..660f0bacf0ac --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-misc.patch @@ -0,0 +1,50 @@ +diff -r 724cf5abf164 host/Makefile +--- a/host/Makefile Mon Oct 28 00:43:49 2013 +0100 ++++ b/host/Makefile Mon Oct 28 00:54:01 2013 +0100 +@@ -19,7 +19,7 @@ + RM ?= rm -f + LUA_V ?= 5.1 + EXTRA_INC ?= +-LUA_INC ?= -I/usr/include/lua5.1 ++LUA_INC ?= -I/usr/include + LIBDL ?= -ldl + PTHFLAGS ?= + PTHLIBS ?= -lpthread +@@ -31,7 +31,7 @@ + MANZEXT := .gz + + # Current tool version as returned from tools +-EKEYD_VERSION_S="1.1.4" ++EKEYD_VERSION_S="1.1.5" + + # Attempt to detect an OS and set build options as appropriate + OSNAME=$(shell uname -s | tr A-Z a-z | tr -d /) +@@ -91,10 +91,7 @@ + override MANZCMD:=cat + override MANZEXT:= + endif +-override LUA_INC:=-I/usr/local/include/lua51 + override LIBDL:= +-LIBDIRS += -L/usr/local/lib +-INCLUDES += -I/usr/local/include + endif + endif + endif +@@ -114,7 +111,7 @@ + CFLAGS += '-DEKEYD_VERSION_S=""$(EKEYD_VERSION_S)""' + CFLAGS += $(EXTRA_CFLAGS) + +-LIBS += -llua$(LUA_V) -lm $(LIBDL) ++LIBS += -llua -lm $(LIBDL) + LDFLAGS += $(LIBDIRS) + + +@@ -157,7 +154,7 @@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + control.inc: bin2c.lua control.lua +- lua$(LUA_V) bin2c.lua +control.lua result > control.inc.new ++ lua bin2c.lua +control.lua result > control.inc.new + mv control.inc.new control.inc + + lstate.o: lstate.c control.inc diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch new file mode 100644 index 000000000000..0a9a59186d1d --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-path-fixes.patch @@ -0,0 +1,49 @@ +# HG changeset patch +# User kristianf +# Date 1382917171 -3600 +# Mon Oct 28 00:39:31 2013 +0100 +# Node ID d96c42b36cb125e6e52cff623b7bdad1910284b4 +# Parent 0a9e41a05aafb98cc8c21562931cb1cbb5e30c1f +entropykey.sh + +diff -r 0a9e41a05aaf -r d96c42b36cb1 udev/entropykey.sh +--- a/udev/entropykey.sh Mon Oct 28 00:35:46 2013 +0100 ++++ b/udev/entropykey.sh Mon Oct 28 00:39:31 2013 +0100 +@@ -19,9 +19,10 @@ + COUNTER=$(( ${COUNTER} + 1 )) + test ${COUNTER} -ge 10 && exit 1 + done +- $BINPATH/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid -p/var/run/entropykeys/${ENTROPY_KEY_SERIAL} -D ++ /usr/libexec/ekey-ulusbd -b${BUSNUM} -d${DEVNUM} -P/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid -p/dev/entropykey/${ENTROPY_KEY_SERIAL} -D ++ + sleep 1 +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + exit 0 + } + +@@ -34,18 +35,18 @@ + if test "x${BUSNUM}" = "x" -o "x${DEVNUM}" = "x"; then + exit 0 + fi +- if test -r "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid"; then +- kill $(cat "/var/run/ekey-ulusbd-${ENTROPY_KEY_SERIAL}.pid") || true ++ if test -r "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid"; then ++ kill $(< "/dev/.ekey-ulusbd/${ENTROPY_KEY_SERIAL}.pid") || true + fi +- mkdir -p /var/run/entropykeys ++ mkdir -p /dev/entropykey /dev/.ekeyd-ulusb + wait_for_usb & + exit 0 + fi + # Update ekeyd with device operation +- $BINPATH/ekeydctl ${ACTION} /var/run/entropykeys/${ENTROPY_KEY_SERIAL} ++ $BINPATH/ekeydctl ${ACTION} /dev/entropykey/${ENTROPY_KEY_SERIAL} + if test "x$ACTION" = "xremove"; then +- rm "/var/run/ekey-ulusbd-${ENTROPYKEY_KEY_SERIAL}.pid" +- rm "/var/run/entropykeys/${ENTROPYKEY_KEY_SERIAL}" ++ rm "/dev/.ekey-ulusbd/${ENTROPYKEY_KEY_SERIAL}.pid" ++ rm "/dev/entropykey/${ENTROPYKEY_KEY_SERIAL}" + fi + fi + diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch new file mode 100644 index 000000000000..bb5862dee986 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-remove-werror.patch @@ -0,0 +1,29 @@ +# HG changeset patch +# User kristianf +# Date 1382917429 -3600 +# Mon Oct 28 00:43:49 2013 +0100 +# Node ID 724cf5abf164dd5889a7c72916aa524c3822b8bd +# Parent 902b9c6908618864319835d69981f9ea902be324 +Makefile + +diff -r 902b9c690861 -r 724cf5abf164 host/Makefile +--- a/host/Makefile Mon Oct 28 00:41:59 2013 +0100 ++++ b/host/Makefile Mon Oct 28 00:43:49 2013 +0100 +@@ -107,7 +107,7 @@ + CFLAGS += $(INCLUDES) + CFLAGS += -g -Wall $(OPT) + CFLAGS += -fno-strict-aliasing +-CFLAGS += -std=c99 -Wall -pedantic -Wshadow -Werror -D_GNU_SOURCE ++CFLAGS += -std=c99 -Wall -pedantic -Wshadow -D_GNU_SOURCE + CFLAGS += '-DCONFIGFILE="$(SYSCONFPREFIX)/ekeyd.conf"' + CFLAGS += '-DPIDFILE="$(RUNTIMEPREFIX)/ekeyd.pid"' + CFLAGS += '-DKEYRINGFILE="$(SYSCONFPREFIX)/keyring"' +@@ -148,7 +148,7 @@ + $(COMPILE.c) $(OUTPUT_OPTION) $(PTHFLAGS) $^ + + egd-linux: egd-linux.o daemonise.o +- $(CC) $(CFLAGS) -o $@ $^ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + ekeyd: ekeyd.o daemonise.o lstate.o connection.o stream.o frame.o packet.o keydb.o util.o fds.o krnlop.o foldback.o stats.o nonce.o ../device/frames/pem.o ../device/skeinwrap.o ../device/skein/skein.o ../device/skein/skein_block.o + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) diff --git a/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch b/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch new file mode 100644 index 000000000000..c4b53a802bf6 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd-1.1.5-udev-rule.patch @@ -0,0 +1,36 @@ +# HG changeset patch +# User kristianf +# Date 1382917319 -3600 +# Mon Oct 28 00:41:59 2013 +0100 +# Node ID 902b9c6908618864319835d69981f9ea902be324 +# Parent d96c42b36cb125e6e52cff623b7bdad1910284b4 +udev rule + +diff -r d96c42b36cb1 -r 902b9c690861 udev/fedora15/60-entropykey-uds.rules +--- a/udev/fedora15/60-entropykey-uds.rules Mon Oct 28 00:39:31 2013 +0100 ++++ b/udev/fedora15/60-entropykey-uds.rules Mon Oct 28 00:41:59 2013 +0100 +@@ -9,7 +9,7 @@ + # For licence terms refer to the COPYING file. + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="usb", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" ++ACTION=="add|change|remove", SUBSYSTEM=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c /bin/echo ENTROPY_KEY_SERIAL=$attr{serial}" + + # And tell the ekeyd about the device action. + ENV{ENTROPY_KEY_SERIAL}!="", RUN+="/lib/udev/entropykey.sh" +diff -r d96c42b36cb1 -r 902b9c690861 udev/fedora15/60-entropykey.rules +--- a/udev/fedora15/60-entropykey.rules Mon Oct 28 00:39:31 2013 +0100 ++++ b/udev/fedora15/60-entropykey.rules Mon Oct 28 00:41:59 2013 +0100 +@@ -9,10 +9,10 @@ + # For licence terms refer to the COPYING file distributed with the source. + + # Detect an Entropy Key being inserted and add info values to environment +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", BUS=="usb", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="usb_id --export %p" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{builtin}="usb_id" + + # Detect an Entropy Key being inserted and extract serial number +-ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" ++ACTION=="add|change|remove", SUBSYSTEM=="tty", KERNEL=="ttyACM[0-9]*", ATTRS{idVendor}=="20df", ATTRS{idProduct}=="0001", IMPORT{program}="/bin/sh -c /bin/echo ENTROPY_KEY_SERIAL=$env{ID_SERIAL_SHORT}" + + # Add the /dev/entropykey/<serialnumber> symbolic link + ENV{ENTROPY_KEY_SERIAL}!="", SYMLINK+="entropykey/$env{ENTROPY_KEY_SERIAL}" diff --git a/app-crypt/ekeyd/files/ekeyd.init.2 b/app-crypt/ekeyd/files/ekeyd.init.2 new file mode 100644 index 000000000000..5c8bc7658af1 --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd.init.2 @@ -0,0 +1,29 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +INSTANCE="${SVCNAME#*.}" +if [ -z "${INSTANCE}" -o "${SVCNAME}" = "ekeyd" ]; then + INSTANCE="ekeyd" +fi + +description="EntropyKey daemon" + +pidfile=/var/run/$SVCNAME.pid +cfgfile=/etc/entropykey/${INSTANCE}.conf + +command=/usr/libexec/ekeyd +command_args="-f ${cfgfile} -p ${pidfile}" + +depend() { + config $cfgfile + + use udev ekey-ulusbd + need localmount + + # quickly parse the configuration file; we only provide entropy + # if we're not using the egd server/client split method. + if sed -e 's:--.*::' "${cfgfile}" | grep -q SetOutputToKernel; then + provide entropy + fi +} diff --git a/app-crypt/ekeyd/files/ekeyd.service b/app-crypt/ekeyd/files/ekeyd.service new file mode 100644 index 000000000000..637b424b703d --- /dev/null +++ b/app-crypt/ekeyd/files/ekeyd.service @@ -0,0 +1,8 @@ +[Unit] +Description=Entropy key daemon + +[Service] +ExecStart=/usr/libexec/ekeyd + +[Install] +WantedBy=multi-user.target diff --git a/app-crypt/ekeyd/metadata.xml b/app-crypt/ekeyd/metadata.xml new file mode 100644 index 000000000000..e97586d5296e --- /dev/null +++ b/app-crypt/ekeyd/metadata.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>k_f@gentoo.org</email> + <name>Kristian Fiskerstrand</name> + </maintainer> + <use> + <flag name="usb"> + Build the libusb-based userland daemon for accessing the + EntropyKey (alternative to the CDC USB driver). It is suggested + to use this option by default, as the CDC driver in the kernel + often seems to be fragile (or the gadget implementation on the + EntropyKey is too buggy), and can cause various problems. + </flag> + + <flag name="munin"> + Install a plugin for <pkg>net-analyzer/munin</pkg> to graph + statistical data from ekeyd. + </flag> + + <flag name="minimal"> + Only install the ekey-egd-linux service rather than the full + ekeyd package. + </flag> + </use> +</pkgmetadata> |