signify: use source from outils, closes FS#1797
This commit is contained in:
parent
55cbeffbdc
commit
d24858dd94
@ -4,4 +4,4 @@ drwxr-xr-x root/root usr/bin/
|
||||
drwxr-xr-x root/root usr/share/
|
||||
drwxr-xr-x root/root usr/share/man/
|
||||
drwxr-xr-x root/root usr/share/man/man1/
|
||||
-rwxr-xr-x root/root usr/share/man/man1/signify.1.gz
|
||||
-rw-r--r-- root/root usr/share/man/man1/signify.1.gz
|
||||
|
@ -1,5 +1,6 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqp2rnDpeLrUIQIHJcIs75ytSsjK6BUuUK0i8dZ/GhsfLeTsyMxapW8zR2wbrv+uelaeykVj2q7Ba9kkwPgTJkAs=
|
||||
SHA256 (Pkgfile) = 571db77c9475f0a1ce88034ade93c190f95d3cbb5ae2b5755be3c58b670eb3c4
|
||||
SHA256 (.footprint) = c9c25d94c541a49fa3823d13d447c6170d3a675f145d7d7bd8ac648a5916df6f
|
||||
SHA256 (signify-0.1p2.tar.xz) = 79ae7b9911d22a7f72b2922a0f91f5b843623a5856f74d3eb29dbeaffe620f8f
|
||||
RWRJc1FUaeVeqre3G0qPrxGrJb6IodLz9wkyWUoGmxdmHSCW1H6bavJv86NctJ+6+lTfIzGq6ow0gR8AIRdrPC6fOYJjmfVdqwk=
|
||||
SHA256 (Pkgfile) = b7adc335395d92325bf730b5c2e1ff44dc154674a592a3527f148251b41b61fe
|
||||
SHA256 (.footprint) = 7254b9c6417527154751eece07f12711fa68773b4d8cad5e659e552f6adf39bc
|
||||
SHA256 (outils-20200707.tar.gz) = 499a754d42c3f52faa1e23ac14940fd3d451cfeea1fbbdc8bee0a52e99eb57c8
|
||||
SHA256 (cruxify.patch) = d2f254f066d26273716a69c7fbb902c8fba7a8e441cd5285594a27df8bf5a752
|
||||
|
@ -1,17 +1,23 @@
|
||||
# Description: Elliptic curve based signing and verification tool
|
||||
# URL: http://www.tedunangst.com/flak/post/signify
|
||||
# URL: https://github.com/leahneukirchen/outils
|
||||
# Maintainer: CRUX System Team, core-ports at crux dot nu
|
||||
|
||||
name=signify
|
||||
version=0.1p2
|
||||
version=20200707
|
||||
gitversion=1f93b1027c4be9f27f3a4b8dabb2ae3132e1cb6a
|
||||
release=1
|
||||
source=(https://crux.nu/files/distfiles/$name-$version.tar.xz)
|
||||
source=(https://github.com/leahneukirchen/outils/archive/$gitversion/outils-$version.tar.gz
|
||||
cruxify.patch)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
cd outils-$gitversion
|
||||
|
||||
make CFLAGS='-Wall -O2 -I. -DSIGNIFYROOT=\"/etc/ports\"'
|
||||
patch -p0 -i $SRC/cruxify.patch
|
||||
|
||||
install -D signify $PKG/usr/bin/signify
|
||||
install -D signify.1 $PKG/usr/share/man/man1/signify.1
|
||||
export CFLAGS+=' -DSIGNIFYROOT=\"/etc/ports\"'
|
||||
make PREFIX=/usr src/usr.bin/signify/signify
|
||||
|
||||
install -d $PKG/usr/{bin,share/man/man1}
|
||||
install -m 0755 src/usr.bin/signify/signify $PKG/usr/bin
|
||||
install -m 0644 src/usr.bin/signify/signify.1 $PKG/usr/share/man/man1
|
||||
}
|
||||
|
47
signify/cruxify.patch
Normal file
47
signify/cruxify.patch
Normal file
@ -0,0 +1,47 @@
|
||||
diff -Napru pfefferminzbonbon
|
||||
--- src.orig/usr.bin/signify/signify.c 2020-08-22 20:11:21.055823405 +0200
|
||||
+++ src/usr.bin/signify/signify.c 2020-08-22 20:15:28.105818708 +0200
|
||||
@@ -49,6 +49,10 @@
|
||||
#define COMMENTMAXLEN 1024
|
||||
#define VERIFYWITH "verify with "
|
||||
|
||||
+#ifndef SIGNIFYROOT
|
||||
+# define SIGNIFYROOT "/etc/signify"
|
||||
+#endif
|
||||
+
|
||||
struct enckey {
|
||||
uint8_t pkalg[2];
|
||||
uint8_t kdfalg[2];
|
||||
@@ -411,7 +415,7 @@ createsig(const char *seckeyfile, const
|
||||
else
|
||||
keyname++;
|
||||
nr = snprintf(sigcomment, sizeof(sigcomment),
|
||||
- VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname);
|
||||
+ VERIFYWITH "%s/%.*s.pub", SIGNIFYROOT, (int)strlen(keyname) - 4, keyname);
|
||||
if (nr == -1 || nr >= sizeof(sigcomment))
|
||||
errx(1, "comment too long");
|
||||
} else {
|
||||
@@ -518,13 +522,20 @@ static void
|
||||
readpubkey(const char *pubkeyfile, struct pubkey *pubkey,
|
||||
const char *sigcomment, const char *keytype)
|
||||
{
|
||||
- const char *safepath = "/etc/signify";
|
||||
+ const char *safepath = SIGNIFYROOT "/";
|
||||
char keypath[PATH_MAX];
|
||||
|
||||
if (!pubkeyfile) {
|
||||
+ size_t spl;
|
||||
+
|
||||
pubkeyfile = strstr(sigcomment, VERIFYWITH);
|
||||
- if (pubkeyfile && strchr(pubkeyfile, '/') == NULL) {
|
||||
- pubkeyfile += strlen(VERIFYWITH);
|
||||
+ if (!pubkeyfile)
|
||||
+ usage("must specify pubkey");
|
||||
+ pubkeyfile += strlen(VERIFYWITH);
|
||||
+ spl = strlen(safepath);
|
||||
+ if (strncmp(pubkeyfile, safepath, spl) == 0)
|
||||
+ pubkeyfile += spl;
|
||||
+ if (*pubkeyfile != '\0' && strchr(pubkeyfile, '/') == NULL) {
|
||||
if (keytype)
|
||||
check_keytype(pubkeyfile, keytype);
|
||||
if (snprintf(keypath, sizeof(keypath), "%s/%s",
|
Loading…
Reference in New Issue
Block a user