Revision bump to fix config file; also add OpenSC to the dependencies (since it's always used), add an nss USE flag to use nss as upstream allows (but make sure to have a compatible curl if requested). Update metadata to add pam to the list of maintainers and to update the documentation of pcsc-lite USE flag (now enabled by default).

Package-Manager: portage-2.2.0_alpha2/cvs/Linux x86_64

5 files changed, 51 insertions, 113 deletions

diff --git a/sys-auth/pam_pkcs11/ChangeLog b/sys-auth/pam_pkcs11/ChangeLog
index 1aadf95fc495..b58fa2590f41 100644
--- a/sys-auth/pam_pkcs11/ChangeLog
+++ b/sys-auth/pam_pkcs11/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for sys-auth/pam_pkcs11
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.17 2010/10/24 11:05:20 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.18 2010/10/30 16:22:53 flameeyes Exp $
+
+*pam_pkcs11-0.6.5-r1 (30 Oct 2010)
+
+  30 Oct 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  -pam_pkcs11-0.6.4.ebuild, -pam_pkcs11-0.6.5.ebuild,
+  +pam_pkcs11-0.6.5-r1.ebuild, metadata.xml:
+  Revision bump to fix config file; also add OpenSC to the dependencies
+  (since it's always used), add an nss USE flag to use nss as upstream
+  allows (but make sure to have a compatible curl if requested). Update
+  metadata to add pam to the list of maintainers and to update the
+  documentation of pcsc-lite USE flag (now enabled by default).
 
 *pam_pkcs11-0.6.5 (24 Oct 2010)
 
diff --git a/sys-auth/pam_pkcs11/Manifest b/sys-auth/pam_pkcs11/Manifest
index 675d4950989c..8e2121df51f3 100644
--- a/sys-auth/pam_pkcs11/Manifest
+++ b/sys-auth/pam_pkcs11/Manifest
@@ -1,7 +1,15 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
 AUX pam_pkcs11-0.6.5-pcsclite_detection.patch 330 RMD160 3f62af01b29966b371608eec8fdda3c0c58017ed SHA1 bb976da87d0167fe8dfadf94b6994a02b780506c SHA256 af5d3242992122e9a57b638b325e3e33dc7472d5848f7545ab92a64c9bee946d
-DIST pam_pkcs11-0.6.4.tar.gz 1072708 RMD160 5e88a932a73cfff4119126432e7a0114b81f9e52 SHA1 9cfd91eedd8849125a578e784404359cdb6a1c02 SHA256 4a9d7b669951dcade219b9907f58b5f8ad0419c0ee72ee1fcc76a93ec3c831a5
 DIST pam_pkcs11-0.6.5.tar.gz 1083799 RMD160 c0821c56b22e04278e3a18d81c1883492438a2bc SHA1 5cc98cb76295cc71dd76a6ba13b719c0feb21ff7 SHA256 d6807b58714fc808e3cd2cc41279f5d5ed5b2941ef35341712f94174c0518f6d
-EBUILD pam_pkcs11-0.6.4.ebuild 3065 RMD160 cca6c17fd77ecdcb9467d1edaa1163bebdca1e8d SHA1 c489dc86cf06155eb4b0d15141aff84fee5af863 SHA256 a461aea01292d952fbbc677913668e31ba176acf7fd2f26e6d6c476911829584
-EBUILD pam_pkcs11-0.6.5.ebuild 3148 RMD160 a083f16adb29f5f928ad03f90c5a9cd36dc36b91 SHA1 23179c82c4cce9c0542733a20778d1155bdbc3b0 SHA256 91dbf290a55cba166c4683ce5a76e12f501a69c7fc7c61e3ea64815ce901fb00
-MISC ChangeLog 4254 RMD160 ebbdb9a6abae91d32514b68552e29cfbd5ea1161 SHA1 f75d8a77b94a119e13d4ce55ffe3057dd7fa9ec0 SHA256 90e1679fceeb23d9883d34ca789a8b41e35f39b34ad532cce9192e3ab49ed531
-MISC metadata.xml 284 RMD160 b0607ad99ae057035b8bbebddff8e0f23c827419 SHA1 26791feb3d20cdd9ebfb2a72df6df2748227bdc6 SHA256 03a9dfc325a823b47959050ee52c9403711c91d692cb5dca857385f7f86c4f2b
+EBUILD pam_pkcs11-0.6.5-r1.ebuild 3420 RMD160 cb78e6f87d1e4d4f8f5e87b5ed59211243b40027 SHA1 e3534facb1180ba35dcba9d602bc6a07d258e541 SHA256 84135d94f9e0983c7e0e69a55ba6ca967f25755ccef36a6c0f62be1aa7b8cfe9
+MISC ChangeLog 4793 RMD160 ec082fdc47b8382c57ff1b4250683d0539ba16c7 SHA1 6ccd25120460adefe8d4d6503b066730301dabc5 SHA256 b83d3f7d3f459d39826ff261ceb6a66ce6678d10daeb58e1a411afc12d6e0ddf
+MISC metadata.xml 576 RMD160 ccc72792edd288aa12e2025710eb40894bfc74dd SHA1 80cfa4bc8bb877fd12c985b768905ad6b6799678 SHA256 a48c85248e8e85094efc1fc43f4aae9f5ee6f0ce194a1c9dede170b5b5108819
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.16 (GNU/Linux)
+
+iEYEARECAAYFAkzMRlgACgkQAiZjviIA2Xgk6gCfWkxLUGfbkN6U8HyK4ysa8t1s
+RAUAnA4QzhV+dgOf2+hW/q6pA8x6c0WN
+=21yk
+-----END PGP SIGNATURE-----
diff --git a/sys-auth/pam_pkcs11/metadata.xml b/sys-auth/pam_pkcs11/metadata.xml
index 6dd3800ee724..ef57df14fec2 100644
--- a/sys-auth/pam_pkcs11/metadata.xml
+++ b/sys-auth/pam_pkcs11/metadata.xml
@@ -1,9 +1,16 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<herd>crypto</herd>
-<use>
-	<flag name='pcsc-lite'>build with <pkg>sys-apps/pcsc-lite</pkg> instead of
-		<pkg>dev-libs/openct</pkg></flag>
-</use>
+  <herd>crypto</herd>
+  <herd>pam</herd>
+  <use>
+    <flag name='pcsc-lite'>
+      Build the card_eventmanager binary used to detect card removal and lock the sessions. This
+      needs <pkg>sys-apps/pcsc-lite</pkg>.
+    </flag>
+    <flag name='nss'>
+      Use Mozilla NSS (<pkg>dev-libs/nss</pkg>) as provider for PKCS#11 access, rather than using
+      OpenSSL with a custom implementation of the PKC#11 protocol.
+    </flag>
+  </use>
 </pkgmetadata>
diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild
deleted file mode 100644
index 95b754fc9fc9..000000000000
--- a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild,v 1.1 2010/06/14 21:59:21 arfrever Exp $
-
-EAPI="3"
-
-inherit multilib pam
-
-DESCRIPTION="PKCS#11 PAM library"
-HOMEPAGE="http://www.opensc-project.org/pam_pkcs11"
-SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="curl ldap pcsc-lite"
-
-RDEPEND="sys-libs/pam
-	dev-libs/openssl
-	curl? ( net-misc/curl )
-	ldap? ( net-nds/openldap )
-	pcsc-lite? ( sys-apps/pcsc-lite )"
-DEPEND="${RDEPEND}
-	dev-util/pkgconfig"
-
-src_prepare() {
-	# Fix the example files to be somewhat decent, and usable as
-	# default configuration
-	sed -i \
-		-e '/try_first_pass/s:false:true:' \
-		-e '/debug =/s:true:false:' \
-		-e "s:/usr/lib:/usr/$(get_libdir):g" \
-		etc/pam_pkcs11.conf.example.in \
-		etc/pkcs11_eventmgr.conf.example || die "sed failed"
-}
-
-src_configure() {
-	econf \
-		$(use_with curl) \
-		$(use_with pcsc-lite pcsclite) \
-		$(use_with ldap) \
-		--docdir=/usr/share/doc/${PF}
-}
-
-src_install() {
-	emake DESTDIR="${D}" pamdir="$(getpam_mod_dir)" install || die "emake install failed"
-
-	# These are all dlopened plugins, so .la files are useless.
-	find "${D}" -name '*.la' -delete || die
-
-	dodoc AUTHORS ChangeLog NEWS README TODO || die
-
-	# Move the make_hash_link script somehwere safe, it's _way_ too
-	# generic of a name to use.
-	dodir /usr/share/${PN}
-	mv "${D}"/usr/bin/make_hash_link.sh "${D}"/usr/share/${PN} || die
-
-	# Provide some basic configuration
-	keepdir /etc/pam_pkcs11{,/{cacerts,crl}}
-
-	insinto /etc/pam_pkcs11
-	newins etc/pam_pkcs11.conf.example pam_pkcs11.conf || die
-	newins etc/pkcs11_eventmgr.conf.example pkcs11_eventmgr.conf || die
-}
-
-pkg_config() {
-	local dir
-	for dir in "${ROOT}"/etc/${PN}/{cacerts,crl}; do
-		pushd "${dir}" &> /dev/null
-		ebegin "Creating hash links in '${dir}'"
-		"${ROOT}"/usr/share/${PN}/make_hash_link.sh || die
-		eend $?
-		popd &> /dev/null
-	done
-}
-
-pkg_postinst() {
-	elog "You probably want to configure the /etc/${PN}/${PN}.conf file."
-	elog "with the settings for your pkcs11 provider."
-	elog ""
-	elog "You might also want to set up /etc/${PN}/pkcs11_eventmgr.conf"
-	elog "with the settings for the event manager, and start it up at"
-	elog "user login."
-}
-
-# TODO list!
-#
-# - we need to find a way allow the user to choose whether to start the
-#   event manager at _all_ the logins, and if that's the case, lock all
-#   kind of sessions (terminal _and_ X);
-# - upstream should probably migrate the configuration of the event
-#   manager on a per-user basis, since it makes little sense to be _all_
-#   system-level configuration;
-# - we should probably provide some better config support that ensures
-#   the configuration to be valid, as well as creating the symlinks;
-# - we should probably add support for nss;
-# - we should move the configuration in /etc/security as for the rest
-#   of PAM-related configuration.
diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild
index c963db26f532..728f80474a94 100644
--- a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild
+++ b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild,v 1.1 2010/10/24 11:05:20 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild,v 1.1 2010/10/30 16:22:53 flameeyes Exp $
 
 EAPI="3"
 
@@ -13,15 +13,24 @@ SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz"
 LICENSE="LGPL-2.1"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="curl ldap pcsc-lite"
+IUSE="curl ldap +pcsc-lite nss"
 
 RDEPEND="sys-libs/pam
-	dev-libs/openssl
+	!nss? (
+		dev-libs/openssl
+		curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,-nss,-gnutls] ) )
+	)
+	nss? (
+		dev-libs/nss
+		curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,nss,-gnutls] ) )
+	)
 	curl? ( net-misc/curl )
 	ldap? ( net-nds/openldap )
 	pcsc-lite? ( sys-apps/pcsc-lite )"
 DEPEND="${RDEPEND}
 	dev-util/pkgconfig"
+RDEPEND="${RDEPEND}
+	dev-libs/opensc"
 
 src_prepare() {
 	# Fix the example files to be somewhat decent, and usable as
@@ -29,7 +38,7 @@ src_prepare() {
 	sed -i \
 		-e '/try_first_pass/s:false:true:' \
 		-e '/debug =/s:true:false:' \
-		-e "s:/usr/lib:/usr/$(get_libdir):g" \
+		-e 's:\(/usr\|\${exec_prefix}\)/lib/:/usr/'$(get_libdir)/':g' \
 		etc/pam_pkcs11.conf.example.in \
 		etc/pkcs11_eventmgr.conf.example || die "sed failed"
 
@@ -42,6 +51,7 @@ src_configure() {
 		$(use_with curl) \
 		$(use_with pcsc-lite pcsclite) \
 		$(use_with ldap) \
+		$(use_with nss) \
 		--docdir=/usr/share/doc/${PF}
 }