Version bump, rewrite ebuild to actually make sense and work, with the help of the one to be found in chromiumos-overlay. Many thanks to Nathan Williams and Chris Masone for their fixes and the patches. Drop all the previous ebuilds and the previous init script as they are totally broken by design.

(Portage version: 2.2.0_alpha6/cvs/Linux x86_64)

11 files changed, 219 insertions, 149 deletions

diff --git a/dev-libs/opencryptoki/ChangeLog b/dev-libs/opencryptoki/ChangeLog
index 2c4d1b32afdc..6770a055fa05 100644
--- a/dev-libs/opencryptoki/ChangeLog
+++ b/dev-libs/opencryptoki/ChangeLog
@@ -1,6 +1,20 @@
 # ChangeLog for dev-libs/opencryptoki
-# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/ChangeLog,v 1.7 2009/06/28 10:48:58 arfrever Exp $
+# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/ChangeLog,v 1.8 2010/12/01 03:25:11 flameeyes Exp $
+
+*opencryptoki-2.3.2 (01 Dec 2010)
+
+  01 Dec 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  -opencryptoki-2.2.4.1.ebuild, -opencryptoki-2.2.8.ebuild,
+  +files/opencryptoki-2.2.8-remove_openlog.patch,
+  +files/opencryptoki-2.2.8-remove_recursive_chmod.patch,
+  +files/opencryptoki-2.2.8-steal_shmem.patch, +opencryptoki-2.3.2.ebuild,
+  +files/opencryptoki-2.3.2-build.patch, +files/pkcsslotd.init.2,
+  -files/pkcsslotd.init, metadata.xml:
+  Version bump, rewrite ebuild to actually make sense and work, with the help
+  of the one to be found in chromiumos-overlay. Many thanks to Nathan Williams
+  and Chris Masone for their fixes and the patches. Drop all the previous
+  ebuilds and the previous init script as they are totally broken by design.
 
 *opencryptoki-2.2.8 (28 Jun 2009)
 
diff --git a/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_openlog.patch b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_openlog.patch
new file mode 100644
index 000000000000..199db5a649d9
--- /dev/null
+++ b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_openlog.patch
@@ -0,0 +1,10 @@
+--- opencryptoki-2.2.8.orig/usr/lib/pkcs11/api/apiutil.c	2010-06-04 17:04:48.000000000 -0400
++++ opencryptoki-2.2.8/usr/lib/pkcs11/api/apiutil.c	2010-06-04 17:06:23.000000000 -0400
+@@ -380,7 +380,6 @@
+ 
+    if (!enabled){
+       enabled=1;
+-      openlog("openCryptokiModule",LOG_PID|LOG_NDELAY,LOG_DAEMON);
+       setlogmask(LOG_UPTO(LOG_DEBUG));
+ 	logit(LOG_DEBUG,"Logging enabled %d enabled",enabled);
+    }
diff --git a/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_recursive_chmod.patch b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_recursive_chmod.patch
new file mode 100644
index 000000000000..c8a22e6bb4bf
--- /dev/null
+++ b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-remove_recursive_chmod.patch
@@ -0,0 +1,28 @@
+Index: opencryptoki-2.3.2/usr/sbin/pkcs_slot/pkcs_slot.in
+===================================================================
+--- opencryptoki-2.3.2.orig/usr/sbin/pkcs_slot/pkcs_slot.in
++++ opencryptoki-2.3.2/usr/sbin/pkcs_slot/pkcs_slot.in
+@@ -356,12 +356,14 @@ fi
+ DEVICE=$1
+ DEPTH=$2
+ 
++# Ensure that any directories created are group-accessible
++umask 002
++
+ # Check for the existance of the directories 
+ if [ ! -d @localstatedir@/lib/opencryptoki ]
+ then
+ 	@MKDIR_P@ @localstatedir@/lib/opencryptoki
+         @CHGRP@ pkcs11 @localstatedir@/lib/opencryptoki
+-	@CHMOD@ -R g+rwX @localstatedir@/lib/opencryptoki
+ fi
+ 
+ 
+@@ -502,7 +504,6 @@ then
+ echo "TRUE|0|$SLOT_DESCRIPTION|$MANUFACTURER|TRUE|FALSE|TRUE|0|0|1|1|NONE|$CCA_DLL_FN|$CCA_INIT" >>$CFGFILE
+ fi
+ 
+-@CHMOD@ -R g+wrX @localstatedir@/lib/opencryptoki
+ 
+ 
+ 
diff --git a/dev-libs/opencryptoki/files/opencryptoki-2.2.8-steal_shmem.patch b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-steal_shmem.patch
new file mode 100644
index 000000000000..45e1e7104411
--- /dev/null
+++ b/dev-libs/opencryptoki/files/opencryptoki-2.2.8-steal_shmem.patch
@@ -0,0 +1,28 @@
+diff -Naur opencryptoki-2.2.8.orig/usr/sbin/pkcsslotd/shmem.c opencryptoki-2.2.8/usr/sbin/pkcsslotd/shmem.c
+--- opencryptoki-2.2.8.orig/usr/sbin/pkcsslotd/shmem.c	2010-06-02 09:18:27.000000000 -0700
++++ opencryptoki-2.2.8/usr/sbin/pkcsslotd/shmem.c	2010-06-02 11:41:31.000000000 -0700
+@@ -374,10 +374,20 @@
+ 
+ 
+    if ( shmid < 0 ) {
+-      ErrLog(SLOTD_MSG(SHMEMCR, 
+-              "Shared memory creation failed (0x%X)\n"), errno);
+-      ErrLog(SLOTD_MSG(IPCRM, "perform ipcrm -M 0x%X\n"), tok);
+-      return FALSE;
++      ErrLog(SLOTD_MSG(SHMEMCR,
++                       "Shared memory creation failed (0x%X)\n"), errno);
++      ErrLog(SLOTD_MSG(SHMEMCR, "Reclaiming 0x%X\n"), tok);
++      shmid = shmget( tok, sizeof( Slot_Mgr_Shr_t ), 0 );
++      DestroySharedMemory();
++      shmid = shmget( tok, sizeof( Slot_Mgr_Shr_t ),
++                      IPC_CREAT | IPC_EXCL |  S_IRUSR |
++	              S_IRGRP  | S_IWUSR | S_IWGRP   );
++      if ( shmid < 0 ) {
++          ErrLog(SLOTD_MSG(SHMEMCR,
++                           "Shared memory reclamation failed (0x%X)\n"), errno);
++          ErrLog(SLOTD_MSG(IPCRM, "perform ipcrm -M 0x%X\n"), tok);
++          return FALSE;
++      }
+    }
+ 
+    // SAB Set the group ownership of the shared mem segment..
diff --git a/dev-libs/opencryptoki/files/opencryptoki-2.3.2-build.patch b/dev-libs/opencryptoki/files/opencryptoki-2.3.2-build.patch
new file mode 100644
index 000000000000..c54a02157bf3
--- /dev/null
+++ b/dev-libs/opencryptoki/files/opencryptoki-2.3.2-build.patch
@@ -0,0 +1,24 @@
+Index: opencryptoki-2.3.2/usr/lib/pkcs11/api/Makefile.am
+===================================================================
+--- opencryptoki-2.3.2.orig/usr/lib/pkcs11/api/Makefile.am
++++ opencryptoki-2.3.2/usr/lib/pkcs11/api/Makefile.am
+@@ -15,17 +15,17 @@ opencryptoki_libopencryptoki_la_CFLAGS =
+ opencryptoki_libopencryptoki_la_SOURCES = api_interface.c shrd_mem.c apiutil.c
+ 
+ install-data-hook:
++	$(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll
++	$(MKDIR_P) $(DESTDIR)$(libdir)/pkcs11
+ 	cd $(DESTDIR)$(libdir)/opencryptoki && \
+ 		ln -sf libopencryptoki.so PKCS11_API.so 
+ 	cd $(DESTDIR)$(libdir)/opencryptoki && \
+ 		ln -sf $(sbindir) methods
+-	$(MKDIR_P) $(DESTDIR)$(libdir)/pkcs11
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+ 		ln -sf $(sbindir) methods
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+ 		ln -sf ../opencryptoki/libopencryptoki.so PKCS11_API.so
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+ 		ln -sf ../opencryptoki/libopencryptoki.so libopencryptoki.so
+-	$(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll
+ 	cd $(DESTDIR)$(libdir)/pkcs11 && \
+ 		ln -sf ../opencryptoki/stdll/ stdll
diff --git a/dev-libs/opencryptoki/files/pkcsslotd.init b/dev-libs/opencryptoki/files/pkcsslotd.init
deleted file mode 100755
index 3bf1c0328df8..000000000000
--- a/dev-libs/opencryptoki/files/pkcsslotd.init
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-PKCSSLOTDPID="/var/run/pkcsslotd.pid"
-
-depend() {
-	need tcsd
-}
-
-start() {
-	ebegin "Starting ${SVCNAME}"
-
-	# detect available tokens and 
-	# set up /var/lib/opencryptoki/pk_config_data
-	/usr/sbin/pkcs11_startup
-
-	start-stop-daemon --start --exec /usr/sbin/pkcsslotd --pidfile "${PKCSSLOTDPID}"
-	eend $? "Check your logs to see why startup failed"
-}
-
-stop() {
-	ebegin "Stopping ${SVCNAME}"
-	start-stop-daemon --stop --exec /usr/sbin/pkcsslotd --pidfile "${PKCSSLOTDPID}"
-	eend $?
-}
-
diff --git a/dev-libs/opencryptoki/files/pkcsslotd.init.2 b/dev-libs/opencryptoki/files/pkcsslotd.init.2
new file mode 100644
index 000000000000..148253f26923
--- /dev/null
+++ b/dev-libs/opencryptoki/files/pkcsslotd.init.2
@@ -0,0 +1,27 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	need localmount
+
+	# Optional services (see ebuild)
+	need tcsd
+}
+
+start() {
+	# detect available tokens and set up
+	# /var/lib/opencryptoki/pk_config_data
+	ebegin "Preparing pkcs configuration"
+	/usr/sbin/pkcs11_startup
+
+	ebegin "Starting pkcsslotd"
+	start-stop-daemon --start --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+	ebegin "Stopping pkcsslotd"
+	start-stop-daemon --stop --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $?
+}
diff --git a/dev-libs/opencryptoki/metadata.xml b/dev-libs/opencryptoki/metadata.xml
index 0c0d0f72d683..daee907f52fd 100644
--- a/dev-libs/opencryptoki/metadata.xml
+++ b/dev-libs/opencryptoki/metadata.xml
@@ -1,11 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<herd>crypto</herd>
-<longdescription>
-  PKCS#11 provider for IBM cryptographic hardware.
-</longdescription>
-<use>
-  <flag name='tpmtok'>Offer support for TPM token</flag>
-</use>
+  <herd>crypto</herd>
+  <use>
+    <flag name='tpm'>
+      Enable support for Trusted Platform Module (TPM) using <pkg>app-crypt/trousers</pkg>
+    </flag>
+  </use>
 </pkgmetadata>
diff --git a/dev-libs/opencryptoki/opencryptoki-2.2.4.1.ebuild b/dev-libs/opencryptoki/opencryptoki-2.2.4.1.ebuild
deleted file mode 100644
index c2fa90d10284..000000000000
--- a/dev-libs/opencryptoki/opencryptoki-2.2.4.1.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/opencryptoki-2.2.4.1.ebuild,v 1.4 2007/11/11 06:28:29 mr_bones_ Exp $
-
-inherit autotools eutils multilib
-
-DESCRIPTION="PKCS#11 provider for IBM cryptographic hardware"
-HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
-SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.bz2
-		 mirror://gentoo/opencryptoki-tpm_stdll-sw_fallback-June012006.patch.bz2"
-LICENSE="CPL-0.5"
-SLOT="0"
-KEYWORDS="~x86"
-IUSE="tpmtok"
-
-RDEPEND=""
-DEPEND="${RDEPEND}"
-
-pkg_setup() {
-	enewgroup pkcs11
-}
-
-src_unpack() {
-	unpack ${A}
-	cd "${S}"
-	sed -i '/groupadd/d' usr/lib/pkcs11/api/Makefile.am
-	sed -i 's|$(DESTDIR)||' usr/include/pkcs11/Makefile.am
-
-	# enable fallback operation mode for imported keys
-	# patch written by Kent Yoder
-	epatch "${WORKDIR}/opencryptoki-tpm_stdll-sw_fallback-June012006.patch" || die
-	epatch "${FILESDIR}/opencryptoki-2.2.4.1-tpm_util.c.patch" || die
-	eautoreconf
-}
-
-src_compile() {
-	econf $(use_enable tpmtok) || die "econf failed"
-	emake || die "emake failed"
-}
-
-src_install() {
-	emake install DESTDIR="${D}" || die "emake install failed"
-
-	newinitd "${FILESDIR}/pkcsslotd.init" pkcsslotd
-
-	# no need for this
-	rm -rf "${D}/etc/ld.so.conf.d"
-
-	# tpmtoken_* binaries expect to find the libs in /usr/lib/
-	dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so"
-	dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so"
-
-	# we have no man pages so at least these should be installed
-	dodoc doc/openCryptoki-HOWTO.pdf
-	dodoc doc/opencryptoki_man.txt
-	dodoc doc/pk_config_data_man.txt
-	dodoc doc/pkcs11_startup_man.txt
-	dodoc doc/pkcsconf_man.txt
-	dodoc doc/pkcsslotd_man.txt
-}
diff --git a/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild b/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild
deleted file mode 100644
index 8ce6b68634e5..000000000000
--- a/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright 1999-2009 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild,v 1.1 2009/06/28 10:48:58 arfrever Exp $
-
-EAPI="2"
-
-inherit autotools eutils multilib
-
-DESCRIPTION="PKCS#11 provider for IBM cryptographic hardware"
-HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
-SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.bz2
-		 mirror://gentoo/opencryptoki-tpm_stdll-sw_fallback-June012006.patch.bz2"
-LICENSE="CPL-0.5"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="tpmtok"
-
-RDEPEND=""
-DEPEND="${RDEPEND}"
-
-pkg_setup() {
-	enewgroup pkcs11
-}
-
-src_prepare() {
-	sed -i '/groupadd/d' usr/lib/pkcs11/api/Makefile.am
-	sed -i 's|$(DESTDIR)||' usr/include/pkcs11/Makefile.am
-
-	# Enable fallback operation mode for imported keys.
-	# Patch written by Kent Yoder.
-	epatch "${WORKDIR}/opencryptoki-tpm_stdll-sw_fallback-June012006.patch"
-	epatch "${FILESDIR}/opencryptoki-2.2.4.1-tpm_util.c.patch"
-	eautoreconf
-}
-
-src_configure() {
-	econf $(use_enable tpmtok)
-}
-
-src_install() {
-	emake install DESTDIR="${D}" || die "emake install failed"
-
-	newinitd "${FILESDIR}/pkcsslotd.init" pkcsslotd
-
-	# No need for this.
-	rm -rf "${D}/etc/ld.so.conf.d"
-
-	# tpmtoken_* binaries expect to find the libraries in /usr/lib/.
-	dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so"
-	dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so"
-
-	dodoc doc/openCryptoki-HOWTO.pdf
-}
diff --git a/dev-libs/opencryptoki/opencryptoki-2.3.2.ebuild b/dev-libs/opencryptoki/opencryptoki-2.3.2.ebuild
new file mode 100644
index 000000000000..07db4eaadcbe
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-2.3.2.ebuild
@@ -0,0 +1,80 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/opencryptoki-2.3.2.ebuild,v 1.1 2010/12/01 03:25:11 flameeyes Exp $
+
+EAPI="2"
+
+inherit autotools eutils multilib
+
+DESCRIPTION="PKCS#11 provider for IBM cryptographic hardware"
+HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.bz2
+		 mirror://gentoo/opencryptoki-tpm_stdll-sw_fallback-June012006.patch.bz2"
+
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+		 dev-libs/openssl"
+DEPEND="${RDEPEND}"
+
+IUSE="+tpm debug"
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	# Enable fallback operation mode for imported keys.
+	# Patch written by Kent Yoder.
+	epatch "${WORKDIR}/opencryptoki-tpm_stdll-sw_fallback-June012006.patch"
+	epatch "${FILESDIR}/opencryptoki-2.2.4.1-tpm_util.c.patch"
+	epatch "${FILESDIR}/opencryptoki-2.2.8-steal_shmem.patch"
+	epatch "${FILESDIR}/opencryptoki-2.2.8-remove_openlog.patch"
+	epatch "${FILESDIR}/opencryptoki-2.2.8-remove_recursive_chmod.patch"
+	epatch "${FILESDIR}/opencryptoki-2.3.2-build.patch"
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		$(use_enable debug) \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-icctok \
+		--disable-aeptok \
+		--disable-bcomtok \
+		--disable-crtok \
+		--disable-pkcscca_migrate
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die "emake install failed"
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	sed -n \
+		$(use tpm || echo '-e /need tcsd/d') \
+		-e 'p' \
+		"${FILESDIR}/pkcsslotd.init.2" \
+		> "${T}"/pkcsslotd.init || die
+
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	dodir /etc/env.d
+	cat - > "${D}"/etc/env.d/50${PN} <<EOF
+LDPATH=/usr/$(get_libdir)/opencryptoki:/usr/$(get_libdir)/opencryptoki/stdll
+EOF
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf || die
+}