reinit the tree, so we can have metadata

5 files changed, 252 insertions, 0 deletions

diff --git a/dev-libs/opencryptoki/Manifest b/dev-libs/opencryptoki/Manifest
new file mode 100644
index 000000000000..4e5318199ed1
--- /dev/null
+++ b/dev-libs/opencryptoki/Manifest
@@ -0,0 +1,8 @@
+AUX pkcsslotd.init.2 664 SHA256 03650b52801d2cb6d6ac85bdc60b92ff2388a95c982a9ecaf352f033734da20a SHA512 3bdc6d2f87b2209163ad08915afa900f9c14324d3e48619cffe462c3c651996fe0e0b485eb6331552fcb22297cfa7bda9b6440a8bad9419d6835a047f1b2a0e9 WHIRLPOOL c5bf3e62f640e57e304f9b023f1851166edae013baf8ebaca33e5f8cf74874cd31e3b1331dcea3687e56be219c28970b860189b36349f40bb4b14115375ce13e
+DIST opencryptoki-3.6.1.tgz 1068197 SHA256 163dd6419963c834e57423168aa92a9f68f867baf523212f66eff428853ef9df SHA512 1874fabba6d3da49596622c7f8142a37329df95f129cb08319bb3900a944dde1ae5ce9d845d400726f4bda4579c730012b9bfd6c69c6d5a16b1f75b28a0ba4af WHIRLPOOL 2a42d34717c5a66794406ce0b41aa47285b682da30e66396be1a3db9bc36bc17c45e28775e2f3da74f91342054683991c3eaa1a1d05c541b052309dcfc39a385
+DIST opencryptoki-v3.4.1.tgz 1014416 SHA256 018ea402f3a1b38b203282fb047dfac209d94bf2988f2c29793eca65455452c4 SHA512 98643463102f70226255f17a7c49cc454cce377404155b9624e77e36c9f03fb30c216d1769177666489a539e0886b071103a089c565f8fbf120c2a53239a2dd6 WHIRLPOOL c05b61c220e87af361cf67c5223f5745e305c5039a610bb740d2e729299517363d5d7d03175869ab517519857a526ac0272f1556bd9e1cd9dea84bd500595f7e
+EBUILD opencryptoki-3.4.1.ebuild 3168 SHA256 19535c4bbb8651a8fd8af45a77d9a426a5cd1d7573e91c20379848587997bf87 SHA512 eb08ca2434ba2deabf7c76318d0743b12c72fb7c7cc00b614fa26834d28ae4bf1ce9ddf6f1ca4ab2ab5324dac5201f3d985939e846f8e1298f110c25d92b26ad WHIRLPOOL 756a0d7d98dc3f7b67472123e5e75cbb7e287c343079320ef66d5fc7cd15fdc364422c09889354382c48f9f3a64646065d22d28ad6a853c31f7636694f0e1cfc
+EBUILD opencryptoki-3.6.1.ebuild 3060 SHA256 3235d612003e51996a9eba79f3b0f5f7d5a55a53b285b337d512134bdc18da02 SHA512 83afe598c8cd2180f365110991415da4ef3ba0a3a6ec769b17c1093d9e8592ca3c945f186525966c9564d8a49aae901aa2dbbab194ec3d64ed73db15879d2190 WHIRLPOOL e97e2dccc752ef95446efd8f94f58f5b20de6134a73aabf52dae12439ac5a1f496711cab2a601edee83c1e5deccd12cfc14b642e30bb4520818501516fcb6a6a
+MISC ChangeLog 3637 SHA256 28e517b594c9f9d9ab909538b1e2c1b9dd42003a67d5d2da0eac2f6f955dcfe9 SHA512 f04b37347dfd63375b82ea506f1e0e6253ba33085f76ddc79878f6729682ecdcbe982b7ed7538dc051b7b9bab55e353ddedc6857965a747bc861785be94e3fe7 WHIRLPOOL 30a4c0af62e19ad2a17fbe5878f31ee1d4819663229b4f098d6b7f183db06d67dc58f43f0d014e2408d494aaa38cd652ec668e5abf82219e21ea871f66dcf495
+MISC ChangeLog-2015 5767 SHA256 0ee0e67974a21780d7ea397dc3f9230be4e32b9efba65693ccb78bee1dd0f22d SHA512 629b771f547d8231ea971302288a0d7176ca6e82b2e8fe3068ba6d93be19eb070f35864759030f5f3c3355feca1d72f3d5cd618577bebd35176fedc21851e734 WHIRLPOOL a84c95ac9071cb0eca02287208e2a8f37a17fe1ae3cadf6fbbe279d877e076f4e71d47c5c28239928dc5704f537cb6e3f8316935bd84daef28297233ab0f8080
+MISC metadata.xml 460 SHA256 a60f5cc58e3e8ababba146d950a2099bf238ef2654e4bf6d9637b6bbebdfbf75 SHA512 cd380f82209398f08589354641ead4008d4e00de272c3649da01cbc8931bccc089bb9205d65a9e63cb3cf39efab696b29dc5407ce621c9f2ba54cc406352c2f3 WHIRLPOOL dbce0c104f817fccb6dc9aad1339a7bf1d7446610dbb0f2f45cc936aa2b29af91e202f1ddded6fa3184c6d33e8cab49b55d485f330a1a4b3bf3cb8aca353d084
diff --git a/dev-libs/opencryptoki/files/pkcsslotd.init.2 b/dev-libs/opencryptoki/files/pkcsslotd.init.2
new file mode 100644
index 000000000000..44056b0e50b7
--- /dev/null
+++ b/dev-libs/opencryptoki/files/pkcsslotd.init.2
@@ -0,0 +1,27 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	need localmount
+
+	# Optional services (see ebuild)
+	use tcsd
+}
+
+start() {
+	# detect available tokens and set up
+	# /var/lib/opencryptoki/pk_config_data
+	ebegin "Preparing pkcs configuration"
+	/usr/sbin/pkcs11_startup
+
+	ebegin "Starting pkcsslotd"
+	start-stop-daemon --start --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+	ebegin "Stopping pkcsslotd"
+	start-stop-daemon --stop --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $?
+}
diff --git a/dev-libs/opencryptoki/metadata.xml b/dev-libs/opencryptoki/metadata.xml
new file mode 100644
index 000000000000..9709f51f5332
--- /dev/null
+++ b/dev-libs/opencryptoki/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>crypto@gentoo.org</email>
+		<name>Crypto</name>
+	</maintainer>
+	<use>
+		<flag name="tpm">
+      Enable support for Trusted Platform Module (TPM) using <pkg>app-crypt/trousers</pkg>
+    </flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">opencryptoki</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/dev-libs/opencryptoki/opencryptoki-3.4.1.ebuild b/dev-libs/opencryptoki/opencryptoki-3.4.1.ebuild
new file mode 100644
index 000000000000..f0786c997b52
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-3.4.1.ebuild
@@ -0,0 +1,100 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit autotools multilib flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="https://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${PV}/${PN}-v${PV}.tgz"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+IUSE="debug libressl +tpm"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	mv configure.in configure.ac || die
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-ccatok
+}
+
+src_install() {
+	emake install DESTDIR="${ED}"
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${D}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${D}"/usr/$(get_libdir) || die
+	rm "${D}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${D}" -name 'PKCS11_*' -delete
+
+	# doesn't use libltdl; only dlopen()-based interfaces
+	find "${D}" -name '*.la' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	# We create /var dirs at runtime as needed, so don't bother installing
+	# our own.
+	rm -r "${D}"/var/{lib,lock} || die
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf
+}
diff --git a/dev-libs/opencryptoki/opencryptoki-3.6.1.ebuild b/dev-libs/opencryptoki/opencryptoki-3.6.1.ebuild
new file mode 100644
index 000000000000..4f6f1383102a
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-3.6.1.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools multilib ltprune flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="https://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${PV}/${P}.tgz"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+IUSE="debug libressl +tpm"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+	>=dev-libs/openssl-1.1.0:0="
+DEPEND="${RDEPEND}"
+
+DOCS=(
+	README AUTHORS FAQ TODO
+	doc/openCryptoki-HOWTO.pdf
+)
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+S="${WORKDIR}/${PN}"
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	default
+	mv configure.in configure.ac || die
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-ccatok
+}
+
+src_install() {
+	default
+	prune_libtool_files --all
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${ED}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${ED}"/usr/$(get_libdir) || die
+	rm "${ED}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${ED}" -name 'PKCS11_*' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${ED}"/etc/ld.so.conf.d "${ED}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	# We create /var dirs at runtime as needed, so don't bother installing
+	# our own.
+	rm -r "${ED}"/var/{lib,lock} || die
+}