osunix / osunix-overlay / changeset / 892349c9df7d

osunix / osunix-overlay (http://osunix.org/)

This is all the build scripts, patches and misc bits for the osunix build tree. Please file any bug reports @ http://bugs.osunix.org

Clone this repository (size: 4.6 MB): HTTPS / SSH

$ hg clone http://hg.pathscale.com/osunix-overlay

$ hg clone ssh://hg@bitbucket.org/osunix/osunix-overlay

commit 247:	892349c9df7d
parent 246:	a211947ed6b9
branch:	default

# Added the tpm trousers dep

ro...@crash
16 months ago

Changed (Δ61.8 KB):

raw changeset »

app-crypt/trousers/ChangeLog (115 lines added, 0 lines removed)

app-crypt/trousers/Manifest (9 lines added, 0 lines removed)

app-crypt/trousers/files/Makefile.in.patch (127 lines added, 0 lines removed)

app-crypt/trousers/files/configure.in.patch (83 lines added, 0 lines removed)

app-crypt/trousers/files/dist-no-useradd-Makefile.am.patch (20 lines added, 0 lines removed)

app-crypt/trousers/files/dist-no-useradd-Makefile.in.patch (10 lines added, 0 lines removed)

app-crypt/trousers/files/hosttable.c.patch (17 lines added, 0 lines removed)

app-crypt/trousers/files/platform.c.patch (51 lines added, 0 lines removed)

app-crypt/trousers/files/ps_utils.c.patch (36 lines added, 0 lines removed)

app-crypt/trousers/files/ssl_ui.c.patch (94 lines added, 0 lines removed)

app-crypt/trousers/files/svrside.c.patch (164 lines added, 0 lines removed)

app-crypt/trousers/files/symmetric.c.patch (14 lines added, 0 lines removed)

app-crypt/trousers/files/tcs_auth_mgr.c.patch (76 lines added, 0 lines removed)

app-crypt/trousers/files/tcs_key_mem_cache.c.patch (27 lines added, 0 lines removed)

app-crypt/trousers/files/tcs_pbg.c.patch (61 lines added, 0 lines removed)

app-crypt/trousers/files/tcsd.8.in.patch (104 lines added, 0 lines removed)

app-crypt/trousers/files/tcsd.h.patch (28 lines added, 0 lines removed)

app-crypt/trousers/files/tcsd_conf.c.patch (126 lines added, 0 lines removed)

app-crypt/trousers/files/tcslog.h.patch (15 lines added, 0 lines removed)

app-crypt/trousers/files/tcsps.c.patch (141 lines added, 0 lines removed)

app-crypt/trousers/files/tcsps.h.patch (21 lines added, 0 lines removed)

app-crypt/trousers/files/tddl.c.patch (79 lines added, 0 lines removed)

app-crypt/trousers/files/trousers.c.patch (36 lines added, 0 lines removed)

app-crypt/trousers/files/tsp_auth.c.patch (47 lines added, 0 lines removed)

app-crypt/trousers/files/tsp_policy.c.patch (85 lines added, 0 lines removed)

app-crypt/trousers/files/tsp_ps.c.patch (14 lines added, 0 lines removed)

app-crypt/trousers/files/tspi_Makefile.in.patch (19 lines added, 0 lines removed)

app-crypt/trousers/files/tspi_aik.c.patch (14 lines added, 0 lines removed)

app-crypt/trousers/files/tspi_delegate.c.patch (86 lines added, 0 lines removed)

app-crypt/trousers/files/tspi_makefile.am.patch (15 lines added, 0 lines removed)

app-crypt/trousers/files/tspps.c.patch (278 lines added, 0 lines removed)

app-crypt/trousers/files/tspps.h.patch (35 lines added, 0 lines removed)

app-crypt/trousers/metadata.xml (9 lines added, 0 lines removed)

app-crypt/trousers/trousers-0.3.1.ebuild (102 lines added, 0 lines removed)

Up to file-list app-crypt/trousers/ChangeLog:

 # ChangeLog for app-crypt/trousers
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
 # $Header: /var/cvsroot/gentoo-x86/app-crypt/trousers/ChangeLog,v 1.21 2009/03/29 15:19:32 arfrever Exp $
 Mar 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>
   trousers-0.3.1.ebuild:
   Add ~amd64 keyword.
 Mar 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>
   trousers-0.3.1.ebuild:
   Don't use -Werror (bug #260873).
 Feb 2009; Daniel Black <dragonheart@gentoo.org> trousers-0.3.1.ebuild:
   app-crypt/tpm-module being purged
 Jul 2008; Peter Alfredsen <loki_val@gentoo.org>
   files/trousers-0.2.3-nouseradd.patch, +files/trousers-0.3.1-gcc43.patch,
   trousers-0.3.1.ebuild:
   Fix for gcc-4.3, tidy up ebuild. Bug #232521. Thanks to Shvetsov Alexey
   <alexxyum@gmail.com>
 Jun 2008; Diego Pettenò <flameeyes@gentoo.org> trousers-0.3.1.ebuild:
   Remove unused inherits that were used to patch and re-autotools before.
 Nov 2007; Alon Bar-Lev <alonbl@gentoo.org>
   +files/trousers-0.3.1-qa.patch, trousers-0.3.1.ebuild:
   Fix 64bit issue, bug#200218, thanks to dev-zero
 *trousers-0.3.1 (10 Nov 2007)
 Nov 2007; Alon Bar-Lev <alonbl@gentoo.org>
   -files/trousers-0.2.1-nouseradd.patch, -files/trousers-0.2.3-ldadd.patch,
   -files/trousers-0.2.6-as-needed.patch, -trousers-0.2.1.ebuild,
   -trousers-0.2.3.ebuild, -trousers-0.2.5.ebuild, -trousers-0.2.6.ebuild,
   -trousers-0.2.8.ebuild, +trousers-0.3.1.ebuild:
   Version bump, cleanup
 Jan 2007; Marius Mauch <genone@gentoo.org> trousers-0.2.1.ebuild,
   trousers-0.2.3.ebuild, trousers-0.2.5.ebuild, trousers-0.2.6.ebuild,
   trousers-0.2.8.ebuild:
   Replacing einfo with elog
 Jan 2007; Alon Bar-Lev <alonbl@gentoo.org> trousers-0.2.8.ebuild:
   Remove WANT_AUTO*
 *trousers-0.2.8 (06 Jan 2007)
 Jan 2007; Alon Bar-Lev <alonbl@gentoo.org> +trousers-0.2.8.ebuild:
   Version bump
 *trousers-0.2.6 (06 May 2006)
 May 2006; Daniel Black <dragonheart@gentoo.org>
   +files/trousers-0.2.6-as-needed.patch, +trousers-0.2.6.ebuild:
   version bump
 Apr 2006; Alec Warner <antarus@gentoo.org> files/digest-trousers-0.2.1,
   files/digest-trousers-0.2.3, Manifest:
   Fixing duff SHA256 digests: Bug # 131293
 *trousers-0.2.5 (02 Feb 2006)
 Feb 2006; Daniel Black <dragonheart@gentoo.org> +trousers-0.2.5.ebuild:
   version bump
 *trousers-0.2.3 (17 Sep 2005)
 Sep 2005; Daniel Black <dragonheart@gentoo.org>
   -files/trousers-0.2.0-nouseradd.patch, +files/trousers-0.2.3-ldadd.patch,
   +files/trousers-0.2.3-nouseradd.patch, -trousers-0.1.11-r1.ebuild,
   -trousers-0.2.0.ebuild, +trousers-0.2.3.ebuild:
   version bump. remove old versions - inspiried by bug #105799 thanks to Felix
   Dorner
 Aug 2005; Daniel Black <dragonheart@gentoo.org>
   trousers-0.1.11-r1.ebuild, trousers-0.2.0.ebuild, trousers-0.2.1.ebuild:
   QA fix removing /bin/false from enewuser - bug #103421
 *trousers-0.2.1 (30 Jul 2005)
 Jul 2005; Daniel Black <dragonheart@gentoo.org>
   +files/trousers-0.2.1-nouseradd.patch, +trousers-0.2.1.ebuild:
   version bump
 *trousers-0.2.0 (06 Jul 2005)
 Jul 2005; Daniel Black <dragonheart@gentoo.org>
   +files/trousers-0.2.0-nouseradd.patch, +trousers-0.2.0.ebuild:
   version bump. tpm udev is now part of udev-060
 Jun 2005; Daniel Black <dragonheart@gentoo.org>
   trousers-0.1.11-r1.ebuild:
   udev fix thanks to latexer
 *trousers-0.1.11-r1 (23 Jun 2005)
 Jun 2005; Daniel Black <dragonheart@gentoo.org>
   -files/0.1.7-makefile-statedir.patch, files/tcsd.initd,
   -trousers-0.1.7.ebuild, -trousers-0.1.11.ebuild,
   +trousers-0.1.11-r1.ebuild:
   added udev permissions. Added tpm-emulator as optional dependancy. script
   file fixes and old version cleanout
 *trousers-0.1.11 (19 Jun 2005)
 Jun 2005; Daniel Black <dragonheart@gentoo.org> +files/tcsd.confd,
   +files/tcsd.initd, +trousers-0.1.11.ebuild:
   Version bump as per bug #95764. Thankyou TGL
 *trousers-0.1.7 (06 Feb 2005)
 Feb 2005; Daniel Black <dragonheart@gentoo.org> +metadata.xml,
   +files/0.1.7-makefile-statedir.patch, +trousers-0.1.7.ebuild:
   Initial import

Up to file-list app-crypt/trousers/Manifest:

 AUX tcsd.confd 372 RMD160 d265222136e80a0fe0cdb535abba0e07078f08c2 SHA1 05a81dc90a2df80b3c0ea7a8cefc3c59098aadd8 SHA256 5a1f9150ce0d8cc3e9e80971e073ee0b1db018ec3af6809087a7c626b9ffa327
 AUX tcsd.initd 958 RMD160 f90e6d4ec4d2dd0bd8218b3b2ef28328461d50b6 SHA1 34ab9b7cbf60e58b1f7b732891d30e053f2039a1 SHA256 388cef25be74c6263b9cb0e5de3bd08fbc0613e1a9fef958b006c571e4b691c8
 AUX trousers-0.2.3-nouseradd.patch 1008 RMD160 dc1d81d6ceaf18d8464c5d7418b6733fae5fb6ab SHA1 404467a26d2e736ac3853969678d47a881579aec SHA256 5fa359ba96ac0c3e6130af1c9269f26fb28551ac6c0b76a4796aa0dfb1ce6dc2
 AUX trousers-0.3.1-gcc43.patch 852 RMD160 9392a7ef5f24dfeb0a7af78e83a7e738891b44cd SHA1 0c65705193adc4153f0e57b91ab98b3c73ca44fe SHA256 fe937a9dd111f60614c53308937a037c57ec22a96a9bdcf2c65c996cffad09ed
 AUX trousers-0.3.1-qa.patch 568 RMD160 918120a32124e3bf1b9a677698da1a6fb6a9e38f SHA1 27e7f1d1d3cbd23d63800e0e0f0a086fbeb83137 SHA256 518f14dc01c225b02f009cbfa34ff07f9fee91a9ad510f751acc929a13afdb6c
 DIST trousers-0.3.1.tar.gz 1306672 RMD160 1dc088249b4fc4aaf354caa216ffe25c8cecc9aa SHA1 0598efbb2282556a5edf0ce8c074175a33573951 SHA256 79d190a214584ceedd3900b4bc7484244d6e0d74289de5a38adcc7415cde3500
 EBUILD trousers-0.3.1.ebuild 2457 RMD160 4c6dcf919e773e07f59eda581ca367ad66bf6121 SHA1 206c1617eab865371be3e63c68989808239b02b3 SHA256 f0bfb0fd6766b12df4e9d6ee421c62eb1008529f8623f127c7728f7fd045b2b6
 MISC ChangeLog 4116 RMD160 da96d43390f7c7bb61e29e2b927dbebbe29ed308 SHA1 53cb9da8edca27f5a4c6910d738021f617c74b14 SHA256 6fe914dc1ae947d92f85eef34863df1703b5c36886fb797e876f1891bc18fb3c
 MISC metadata.xml 251 RMD160 9c13ff790c7419d4e0d2d370036b7f4e4594ea4f SHA1 563aa19984b291a6cade6d6487dbf4a2a17e6874 SHA256 1739a4e8833a2a5b9501182eb830cbd3e26014ccef5e9ae1b4d7a0686c665c1b

Up to file-list app-crypt/trousers/files/Makefile.in.patch:

 *** src/tcsd/Makefile.in.old	Mon Dec 22 14:59:00 2008
 --- src/tcsd/Makefile.in	Mon Dec 22 14:59:26 2008
 ***************
 *** 50,56 ****
   	$(ACLOCAL_M4)
   mkinstalldirs = $(install_sh) -d
   CONFIG_CLEAN_FILES =
 ! am__installdirs = "$(DESTDIR)$(sbindir)"
   sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
   PROGRAMS = $(sbin_PROGRAMS)
   am_tcsd_OBJECTS = tcsd-svrside.$(OBJEXT) tcsd-tcsd_conf.$(OBJEXT) \
 --- 50,56 ----
   	$(ACLOCAL_M4)
   mkinstalldirs = $(install_sh) -d
   CONFIG_CLEAN_FILES =
 ! am__installdirs = "$(DESTDIR)$(libdir)"
   sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
   PROGRAMS = $(sbin_PROGRAMS)
   am_tcsd_OBJECTS = tcsd-svrside.$(OBJEXT) tcsd-tcsd_conf.$(OBJEXT) \
 ***************
 *** 281,287 ****
   target_vendor = @target_vendor@
   tcsd_CFLAGS = -DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" \
   	-DETC_PREFIX=\"@sysconfdir@\" $(am__append_1) $(am__append_2)
 ! tcsd_LDADD = ../tcs/libtcs.a ../tddl/libtddl.a -lpthread @CRYPTOLIB@
   tcsd_SOURCES = svrside.c tcsd_conf.c tcsd_threads.c platform.c
   all: all-am
 --- 281,287 ----
   target_vendor = @target_vendor@
   tcsd_CFLAGS = -DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" \
   	-DETC_PREFIX=\"@sysconfdir@\" $(am__append_1) $(am__append_2)
 ! tcsd_LDADD = ../tcs/libtcs.a ../tddl/libtddl.a -lpthread -lscf -lresolv @CRYPTOLIB@
   tcsd_SOURCES = svrside.c tcsd_conf.c tcsd_threads.c platform.c
   all: all-am
 ***************
 *** 318,324 ****
   	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
   install-sbinPROGRAMS: $(sbin_PROGRAMS)
   	@$(NORMAL_INSTALL)
 ! 	test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)"
   	@list='$(sbin_PROGRAMS)'; for p in $$list; do \
   	  p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
   	  if test -f $$p \
 --- 318,324 ----
   	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
   install-sbinPROGRAMS: $(sbin_PROGRAMS)
   	@$(NORMAL_INSTALL)
 ! 	test -z "$(libdir)" || $(mkdir_p) "$(DESTDIR)$(libdir)"
   	@list='$(sbin_PROGRAMS)'; for p in $$list; do \
   	  p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
   	  if test -f $$p \
 ***************
 *** 325,332 ****
   	     || test -f $$p1 \
   	  ; then \
   	    f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
 ! 	   echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
 ! 	   $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
   	  else :; fi; \
   	done
 --- 325,332 ----
   	     || test -f $$p1 \
   	  ; then \
   	    f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
 ! 	   echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
 ! 	   $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libdir)/$$f" || exit 1; \
   	  else :; fi; \
   	done
 ***************
 *** 334,341 ****
   	@$(NORMAL_UNINSTALL)
   	@list='$(sbin_PROGRAMS)'; for p in $$list; do \
   	  f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
 ! 	  echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
 ! 	  rm -f "$(DESTDIR)$(sbindir)/$$f"; \
   	done
   clean-sbinPROGRAMS:
 --- 334,341 ----
   	@$(NORMAL_UNINSTALL)
   	@list='$(sbin_PROGRAMS)'; for p in $$list; do \
   	  f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
 ! 	  echo " rm -f '$(DESTDIR)$(libdir)/$$f'"; \
 ! 	  rm -f "$(DESTDIR)$(libdir)/$$f"; \
   	done
   clean-sbinPROGRAMS:
 ***************
 *** 525,531 ****
   check: check-am
   all-am: Makefile $(PROGRAMS)
   installdirs:
 ! 	for dir in "$(DESTDIR)$(sbindir)"; do \
   	  test -z "$$dir" || $(mkdir_p) "$$dir"; \
   	done
   install: install-am
 --- 525,531 ----
   check: check-am
   all-am: Makefile $(PROGRAMS)
   installdirs:
 ! 	for dir in "$(DESTDIR)$(libdir)"; do \
   	  test -z "$$dir" || $(mkdir_p) "$$dir"; \
   	done
   install: install-am
 *** src/tcsd/Makefile.am.old	Tue Feb 17 07:49:16 2009
 --- src/tcsd/Makefile.am	Tue Feb 17 07:49:30 2009
 ***************
 *** 1,7 ****
   sbin_PROGRAMS=tcsd
   tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\"
 ! tcsd_LDADD=../tcs/libtcs.a ../tddl/libtddl.a -lpthread @CRYPTOLIB@
   tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c
 --- 1,7 ----
   sbin_PROGRAMS=tcsd
   tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\"
 ! tcsd_LDADD=../tcs/libtcs.a ../tddl/libtddl.a -lpthread -lscf -lresolv @CRYPTOLIB@
   tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c

Up to file-list app-crypt/trousers/files/configure.in.patch:

 *** configure.in.old	Fri Nov  2 14:55:35 2007
 --- configure.in	Wed Dec 17 11:11:17 2008
 ***************
 *** 100,106 ****
   esac
   CFLAGS="$CFLAGS -D$MATH_DEFINE"
 ! GUI=gtk
   AC_ARG_WITH(gui,
   	    [AC_HELP_STRING([--with-gui], [type of gui popup (gtk/none) [default=gtk]])],
   	    [GUI=$withval],
 --- 100,106 ----
   esac
   CFLAGS="$CFLAGS -D$MATH_DEFINE"
 ! GUI=openssl
   AC_ARG_WITH(gui,
   	    [AC_HELP_STRING([--with-gui], [type of gui popup (gtk/none) [default=gtk]])],
   	    [GUI=$withval],
 ***************
 *** 113,121 ****
   		[$pkg_modules],
   		AM_CONDITIONAL(HAVE_GTK, true),
   		[AM_CONDITIONAL(HAVE_GTK, false)
 ! 		AC_MSG_ERROR([GTK libs are currently the only supported GUI library for trousers. Please install the gtk2-devel package for your distro.]) ])
   	AC_SUBST(GTK_CFLAGS)
   	AC_SUBST(GTK_LIBS)
   elif test "x$GUI" == "xnone"; then
   	if test $SPEC_COMP -eq 1; then
   		AC_MSG_ERROR([Popups must be enabled in strict spec compliance mode])
 --- 113,127 ----
   		[$pkg_modules],
   		AM_CONDITIONAL(HAVE_GTK, true),
   		[AM_CONDITIONAL(HAVE_GTK, false)
 ! 		AC_MSG_ERROR([Please install the gtk2-devel package for your distro or select another gui option.]) ]
 ! 		[AM_CONDITIONAL(OPENSSL_UI, false)]
 ! )
   	AC_SUBST(GTK_CFLAGS)
   	AC_SUBST(GTK_LIBS)
 + elif test "x$GUI" = "xopenssl"; then
 + 	# We know we have OpenSSL
 + 	AM_CONDITIONAL(OPENSSL_UI, true)
 + 	AM_CONDITIONAL(HAVE_GTK, false)
   elif test "x$GUI" == "xnone"; then
   	if test $SPEC_COMP -eq 1; then
   		AC_MSG_ERROR([Popups must be enabled in strict spec compliance mode])
 ***************
 *** 124,131 ****
   	AC_MSG_RESULT([*** WARNING: This may break apps! ***])
   	CFLAGS="$CFLAGS -DTSS_NO_GUI"
   	AM_CONDITIONAL(HAVE_GTK, false)
   else
 ! 	AC_MSG_ERROR(["gtk" and "none" are the only supported gui options for trousers])
   fi
+  #
 --- 130,138 ----
   	AC_MSG_RESULT([*** WARNING: This may break apps! ***])
   	CFLAGS="$CFLAGS -DTSS_NO_GUI"
   	AM_CONDITIONAL(HAVE_GTK, false)
 + 	AM_CONDITIONAL(OPENSSL_UI, false)
   else
 ! 	AC_MSG_ERROR(["gtk", "openssl" and "none" are the only supported gui options for trousers])
   fi
+  #
 ***************
 *** 337,343 ****
   AC_PROG_CC
   AC_PROG_LIBTOOL
 ! CFLAGS="$CFLAGS -I../include -W -Wall -Werror -Wno-unused-parameter \
   	-DTCSD_DEFAULT_PORT=${TCSD_DEFAULT_PORT} -DTSS_VER_MAJOR=${TSS_VER_MAJOR} \
   	-DTSS_VER_MINOR=${TSS_VER_MINOR} -DTSS_SPEC_MAJOR=${TSS_SPEC_MAJOR} \
   	-DTSS_SPEC_MINOR=${TSS_SPEC_MINOR}"
 --- 344,350 ----
   AC_PROG_CC
   AC_PROG_LIBTOOL
 ! CFLAGS="$CFLAGS -I../include -errwarn=%none \
   	-DTCSD_DEFAULT_PORT=${TCSD_DEFAULT_PORT} -DTSS_VER_MAJOR=${TSS_VER_MAJOR} \
   	-DTSS_VER_MINOR=${TSS_VER_MINOR} -DTSS_SPEC_MAJOR=${TSS_SPEC_MAJOR} \
   	-DTSS_SPEC_MINOR=${TSS_SPEC_MINOR}"

Up to file-list app-crypt/trousers/files/dist-no-useradd-Makefile.am.patch:

 --- dist/Makefile.am.old	2009-05-16 01:17:21.210063257 -0700
 +++ dist/Makefile.am	2009-05-16 01:18:10.097439702 -0700
@@ -1,17 +1,7 @@
  install: install-exec-hook
  	if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi
 -	/bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf
 -	/bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf
  install-exec-hook:
 -	/usr/sbin/groupadd tss || true
 -	/usr/sbin/useradd -r tss -g tss || true
 -	/bin/chown tss:tss ${DESTDIR}/@sbindir@/tcsd
 -	/bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi'
 -	/bin/chown tss:tss ${DESTDIR}/@localstatedir@/lib/tpm
 -	/bin/chmod 0700 ${DESTDIR}/@localstatedir@/lib/tpm
  uninstall-hook:
 -	/usr/sbin/userdel tss
 -	/usr/sbin/groupdel tss

Up to file-list app-crypt/trousers/files/dist-no-useradd-Makefile.in.patch:

 --- dist/Makefile.in.old	2009-05-16 01:12:53.731934702 -0700
 +++ dist/Makefile.in	2009-05-16 01:13:05.419662448 -0700
@@ -291,7 +291,6 @@
  install-exec-am:
  	@$(NORMAL_INSTALL)
 -	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
  install-html: install-html-am

Up to file-list app-crypt/trousers/files/hosttable.c.patch:

 *** src/tspi/rpc/hosttable.c.old	Wed Dec 17 14:31:33 2008
 --- src/tspi/rpc/hosttable.c	Wed Dec 17 14:30:57 2008
 ***************
 *** 35,41 ****
 --- 35,46 ----
   	return TSS_SUCCESS;
+  }
 + #ifdef SOLARIS
 + #pragma init(_init)
 + void _init(void)
 + #else
   void __attribute__ ((constructor)) my_init(void)
 + #endif
+  {
   	host_table_init();
   	obj_list_init();

Up to file-list app-crypt/trousers/files/platform.c.patch:

 *** src/tcsd/platform.c.old	Tue Jul 17 11:29:14 2007
 --- src/tcsd/platform.c	Fri Dec  5 09:10:52 2008
 ***************
 *** 30,36 ****
 --- 30,40 ----
+  {
   	char runlevel;
   	struct utmp ut, save, *next = NULL;
 + #ifdef SOLARIS
 + 	time_t tv = 0;
 + #else
   	struct timeval tv;
 + #endif /* SOLARIS */
   	int flag = 0, counter = 0;
   	MUTEX_LOCK(utmp_lock);
 ***************
 *** 37,43 ****
 --- 41,49 ----
   	memset(&ut, 0, sizeof(struct utmp));
   	memset(&save, 0, sizeof(struct utmp));
 + #ifndef SOLARIS
   	memset(&tv, 0, sizeof(struct timeval));
 + #endif
   	ut.ut_type = RUN_LVL;
 ***************
 *** 44,57 ****
 --- 50,69 ----
   	next = getutid(&ut);
   	while (next != NULL) {
 + #ifdef SOLARIS
 + 		if (next->ut_time >= tv) {
 + #else
   		if (next->ut_tv.tv_sec > tv.tv_sec) {
 + #endif
   			memcpy(&save, next, sizeof(*next));
   			flag = 1;
 + #ifndef SOLARIS
   		} else if (next->ut_tv.tv_sec == tv.tv_sec) {
   			if (next->ut_tv.tv_usec > tv.tv_usec) {
   				memcpy(&save, next, sizeof(*next));
   				flag = 1;
+  			}
 + #endif /* SOLARIS */
+  		}
   		counter++;

Up to file-list app-crypt/trousers/files/ps_utils.c.patch:

 *** src/tcs/ps/ps_utils.c.old	Wed Aug 29 14:10:43 2007
 --- src/tcs/ps/ps_utils.c	Wed Dec 17 12:27:21 2008
 ***************
 *** 31,37 ****
   struct key_disk_cache *key_disk_cache_head = NULL;
 ! inline TSS_RESULT
   read_data(int fd, void *data, UINT32 size)
+  {
   	int rc;
 --- 31,37 ----
   struct key_disk_cache *key_disk_cache_head = NULL;
 ! TSS_RESULT
   read_data(int fd, void *data, UINT32 size)
+  {
   	int rc;
 ***************
 *** 49,55 ****
+  }
 ! inline TSS_RESULT
   write_data(int fd, void *data, UINT32 size)
+  {
   	int rc;
 --- 49,55 ----
+  }
 ! TSS_RESULT
   write_data(int fd, void *data, UINT32 size)
+  {
   	int rc;

Up to file-list app-crypt/trousers/files/ssl_ui.c.patch:

 *** /dev/null	Mon Dec 22 18:27:36 2008
 --- src/tspi/ssl_ui.c	Mon Dec 22 18:26:44 2008
 ***************
 *** 0 ****
 --- 1,89 ----
 + #include <sys/types.h>
 + #include <string.h>
++
 + #include <openssl/ui.h>
++
 + #include "trousers/tss.h"
 + #include "spi_utils.h"
++
 + static TSS_RESULT do_ui(BYTE *string, UINT32 *string_len, BYTE *popup, int verify)
 + {
 + 	char pin_buf[UI_MAX_SECRET_STRING_LENGTH];
 + 	char verify_buf[UI_MAX_SECRET_STRING_LENGTH];
 + 	char *popup_nl;
 + 	UI *ui;
 + 	int len;
 + 	BYTE *unicode;
 + 	TSS_RESULT ret = TSS_E_FAIL;
++
 + 	len = strlen((char *)popup) + 2;
 + 	popup_nl = malloc(len);
 + 	if (!popup_nl)
 + 		return TSS_E_OUTOFMEMORY;
++
 + 	ui = UI_new();
 + 	if (!ui)
 + 		goto no_ui;
++
 + 	snprintf(popup_nl, len, "%s\n", (char *)popup);
 + 	if (!UI_add_info_string(ui, popup_nl)) {
 + 		printf("add info fail\n");
 + 		goto out;
 + 	}
++
 + 	if (!UI_add_input_string(ui, "Enter PIN:",
 + 	    0, pin_buf, 1, UI_MAX_SECRET_STRING_LENGTH)) {
 + 		printf("add input fail\n");
 + 		goto out;
 + 	}
++
 + 	if (verify &&
 + 	    !UI_add_verify_string(ui, "Verify PIN:", 0,
 + 		verify_buf, 1, UI_MAX_SECRET_STRING_LENGTH, pin_buf)) {
 + 		printf("Add verify fail\n");
 + 		goto out;
 + 	}
++
 + 	if (UI_process(ui))
 + 		goto out;
++
 + 	ret = TSS_SUCCESS;
++
 + 	unicode = Trspi_Native_To_UNICODE((BYTE *)pin_buf, string_len);
 + 	memset(string, 0, UI_MAX_SECRET_STRING_LENGTH);
 + 	memcpy(string, unicode, *string_len);
 + out:
 + 	UI_free(ui);
 + no_ui:
 + 	free(popup_nl);
 + 	return ret;
 + }
++
 + /*
 +  * DisplayPINWindow()
 +  *
 +  * Popup the dialog to collect an existing password.
 +  *
 +  * string - buffer that the password will be passed back to caller in
 +  * popup - UTF-8 string to be displayed in the title bar of the dialog box
 +  *
 +  */
 + TSS_RESULT DisplayPINWindow(BYTE *string, UINT32 *string_len, BYTE *popup)
 + {
 + 	return do_ui(string, string_len, popup, 0);
 + }
++
 + /*
 +  * DisplayNewPINWindow()
 +  *
 +  * Popup the dialog to collect a new password.
 +  *
 +  * string - buffer that the password will be passed back to caller in
 +  * popup - UTF-8 string to be displayed in the title bar of the dialog box
 +  *
 +  */
 + TSS_RESULT DisplayNewPINWindow(BYTE *string, UINT32 *string_len, BYTE *popup)
 + {
 + 	return do_ui(string, string_len, popup, 1);
 + }
++

Up to file-list app-crypt/trousers/files/svrside.c.patch:

 *** src/tcsd/svrside.c.old	Wed Aug 29 14:11:13 2007
 --- src/tcsd/svrside.c	Mon Dec 22 13:46:50 2008
 ***************
 *** 23,28 ****
 --- 23,32 ----
   #include <arpa/inet.h>
   #include <errno.h>
   #include <getopt.h>
 + #ifdef SOLARIS
 + #include <fcntl.h>
 + #include <priv.h>
 + #endif /* SOLARIS */
   #include "trousers/tss.h"
   #include "trousers_types.h"
 ***************
 *** 210,221 ****
   	fprintf(stderr, "\n");
+  }
   int
   main(int argc, char **argv)
+  {
   	struct sockaddr_in serv_addr, client_addr;
   	TSS_RESULT result;
 ! 	int sd, newsd, c, option_index = 0;
   	unsigned client_len;
   	char *hostname = NULL;
   	struct hostent *client_hostent = NULL;
 --- 214,304 ----
   	fprintf(stderr, "\n");
+  }
 + #ifdef SOLARIS
++
 + /*
 +  * For Solaris, make the tcsd privilege aware and drop
 +  * risky privileges if they are not needed.
 +  */
 + static int
 + drop_privs()
 + {
 + 	priv_set_t *myprivs;
 + 	int rv;
++
 + 	/*
 + 	 * Drop unneeded privs such as fork/exec.
 + 	 *
 + 	 * Get "basic" privs and remove the ones we don't want.
 + 	 */
 + 	if ((myprivs = priv_str_to_set("basic", ",", NULL)) == NULL) {
 + 		LogError("priv_str_to_set failed: %s", strerror(errno));
 + 		return (1);
 + 	} else {
 + 		(void) priv_delset(myprivs, PRIV_PROC_EXEC);
 + 		(void) priv_delset(myprivs, PRIV_PROC_FORK);
 + 		(void) priv_delset(myprivs, PRIV_FILE_LINK_ANY);
 + 		(void) priv_delset(myprivs, PRIV_PROC_INFO);
 + 		(void) priv_delset(myprivs, PRIV_PROC_SESSION);
 + 		(void) priv_delset(myprivs, PRIV_PROC_SETID);
++
 + 		/* for BSM auditing */
 + 		(void) priv_addset(myprivs, PRIV_PROC_AUDIT);
++
 + 		if ((rv = setppriv(PRIV_SET, PRIV_PERMITTED, myprivs)))
 + 			return (rv);
 + 		if ((rv = setppriv(PRIV_SET, PRIV_LIMIT, myprivs)))
 + 			return (rv);
 + 		if ((rv = setppriv(PRIV_SET, PRIV_INHERITABLE, myprivs)))
 + 			return (rv);
++
 + 		(void) priv_freeset(myprivs);
 + 	}
 + 	return (0);
 + }
++
 + static int
 + daemon(int nochdir, int noclose) {
 + 	int rv, fd;
++
 + 	switch (fork()) {
 + 		case -1:
 + 			return (-1);
 + 		case 0:
 + 			break;
 + 		default:
 + 		exit (0);
 + 	}
 + 	/*
 + 	 * Run TCSD as root:sys on Solaris so it can
 + 	 * perform auditing if necessary, but drop privileges
 + 	 * for extra protection.
 + 	 */
 + 	rv = drop_privs();
 + 	if (rv)
 + 		return (rv);
++
 + 	if (setsid() == -1)
 + 		return (-1);
 + 	if (!nochdir)
 + 		(void) chdir("/");
 + 	if (!noclose && (fd = open("/dev/null", O_RDWR, 0)) != -1) {
 + 		(void) dup2(fd, STDIN_FILENO);
 + 		(void) dup2(fd, STDOUT_FILENO);
 + 		(void) dup2(fd, STDERR_FILENO);
 + 		if (fd > 2)
 + 			(void)close (fd);
 + 	}
 + 	return (0);
 + }
 + #endif /* SOLARIS */
++
   int
   main(int argc, char **argv)
+  {
   	struct sockaddr_in serv_addr, client_addr;
   	TSS_RESULT result;
 ! 	int sd, newsd, c, rv, option_index = 0;
   	unsigned client_len;
   	char *hostname = NULL;
   	struct hostent *client_hostent = NULL;
 ***************
 *** 225,231 ****
   		{0, 0, 0, 0}
   	};
+-
   	while ((c = getopt_long(argc, argv, "fh", long_options, &option_index)) != -1) {
   		switch (c) {
   			case 'f':
 --- 308,313 ----
 ***************
 *** 249,255 ****
 --- 331,347 ----
   			tcsd_shutdown();
   			return -1;
+  		}
 + #ifndef SOLARIS
+  	}
 + #else
 + 	/* For Solaris, drop privileges in foreground mode */
 + 	} else {
++
 + 		rv = drop_privs();
 + 		if (rv)
 + 			return (rv);
 + 	}
 + #endif /* SOLARIS */
   	sd = socket(AF_INET, SOCK_STREAM, 0);
   	if (sd < 0) {
 ***************
 *** 268,273 ****
 --- 360,369 ----
   	else
   		serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
 + 	c = 1;
 + 	if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof (c)) < 0)
 + 		perror("Error setting REUSEADDR option");
++
   	if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
   		LogError("Failed bind: %s", strerror(errno));
   		return -1;

Up to file-list app-crypt/trousers/files/symmetric.c.patch:

 *** src/trspi/crypto/openssl/symmetric.c.old	Tue Jul 17 14:25:24 2007
 --- src/trspi/crypto/openssl/symmetric.c	Tue Sep  2 11:03:30 2008
 ***************
 *** 16,21 ****
 --- 16,24 ----
    */
   #include <string.h>
 + #ifdef SOLARIS
 + #include <limits.h>
 + #endif
   #include <openssl/evp.h>
   #include <openssl/err.h>

Up to file-list app-crypt/trousers/files/tcs_auth_mgr.c.patch:

 *** src/tcs/tcs_auth_mgr.c.old	Tue Jul 17 11:19:23 2007
 --- src/tcs/tcs_auth_mgr.c	Mon Feb  9 07:39:31 2009
 ***************
 *** 169,177 ****
   	TSS_RESULT result;
   	for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
 ! 		if (auth_mgr.auth_mapper[i].full == TRUE &&
 ! 		    auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
 ! 			result = internal_TerminateHandle(auth_mgr.auth_mapper[i].tpm_handle);
   			if (result == TCPA_E_INVALID_AUTHHANDLE) {
   				LogDebug("Tried to close an invalid auth handle: %x",
   					 auth_mgr.auth_mapper[i].tpm_handle);
 --- 169,179 ----
   	TSS_RESULT result;
   	for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
 ! 		if (auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
 ! 			/* Only termininate when still in use */
 ! 			/* Use FlushSpecific - TerminateHandle is deprecated */
 ! 			result = TCSP_FlushSpecific_Common(auth_mgr.auth_mapper[i].tpm_handle,
 ! 				TPM_RT_AUTH);
   			if (result == TCPA_E_INVALID_AUTHHANDLE) {
   				LogDebug("Tried to close an invalid auth handle: %x",
   					 auth_mgr.auth_mapper[i].tpm_handle);
 ***************
 *** 178,185 ****
   			} else if (result != TCPA_SUCCESS) {
   				LogDebug("TPM_TerminateHandle returned %d", result);
+  			}
 ! 			auth_mgr.open_auth_sessions--;
 ! 			auth_mgr.auth_mapper[i].full = FALSE;
   			LogDebug("released auth for TCS %x TPM %x", tcs_handle,
   				 auth_mgr.auth_mapper[i].tpm_handle);
   			auth_mgr_swap_in();
 --- 180,189 ----
   			} else if (result != TCPA_SUCCESS) {
   				LogDebug("TPM_TerminateHandle returned %d", result);
+  			}
 ! 			if (auth_mgr.auth_mapper[i].full) {
 ! 				auth_mgr.open_auth_sessions--;
 ! 				auth_mgr.auth_mapper[i].full = FALSE;
 ! 			}
   			LogDebug("released auth for TCS %x TPM %x", tcs_handle,
   				 auth_mgr.auth_mapper[i].tpm_handle);
   			auth_mgr_swap_in();
 ***************
 *** 215,227 ****
   		    auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
   			if (cont) {
   				/* Only termininate when still in use */
 ! 				result = internal_TerminateHandle(
 ! 								auth_mgr.auth_mapper[i].tpm_handle);
   				if (result == TCPA_E_INVALID_AUTHHANDLE) {
   					LogDebug("Tried to close an invalid auth handle: %x",
   						 auth_mgr.auth_mapper[i].tpm_handle);
   				} else if (result != TCPA_SUCCESS) {
 ! 					LogDebug("TPM_TerminateHandle returned %d", result);
+  				}
+  			}
   			auth_mgr.open_auth_sessions--;
 --- 219,232 ----
   		    auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
   			if (cont) {
   				/* Only termininate when still in use */
 ! 				/* Use FlushSpecific - TerminateHandle is deprecated */
 ! 				result = TCSP_FlushSpecific_Common(tpm_auth_handle,
 ! 					TPM_RT_AUTH);
   				if (result == TCPA_E_INVALID_AUTHHANDLE) {
   					LogDebug("Tried to close an invalid auth handle: %x",
   						 auth_mgr.auth_mapper[i].tpm_handle);
   				} else if (result != TCPA_SUCCESS) {
 ! 					LogDebug("TPM_FlushSpecific returned %d", result);
+  				}
+  			}
   			auth_mgr.open_auth_sessions--;

Up to file-list app-crypt/trousers/files/tcs_key_mem_cache.c.patch:

 *** src/tcs/tcs_key_mem_cache.c.old	Sat Dec 13 11:44:35 2008
 --- src/tcs/tcs_key_mem_cache.c	Sat Dec 13 11:45:37 2008
 ***************
 *** 1080,1088 ****
   		LoadBlob_UINT32(&offset, keyList.handle[i], (BYTE *)&keyHandle);
   		/* get the ownerEvict flag for this key handle */
 ! 		if ((result = TCSP_GetCapability_Internal(InternalContext, TPM_CAP_KEY_STATUS,
   							  sizeof(UINT32), (BYTE *)&keyHandle,
 ! 							  &respDataSize, &respData))) {
   			free(keyList.handle);
   			return result;
+  		}
 --- 1080,1092 ----
   		LoadBlob_UINT32(&offset, keyList.handle[i], (BYTE *)&keyHandle);
   		/* get the ownerEvict flag for this key handle */
 ! 		result = TCSP_GetCapability_Internal(InternalContext, TPM_CAP_KEY_STATUS,
   							  sizeof(UINT32), (BYTE *)&keyHandle,
 ! 							  &respDataSize, &respData);
 ! 		/* special case, invalid keys are automatically evicted later */
 ! 		if (result == TPM_E_INVALID_KEYHANDLE)
 ! 			continue;
 ! 		if (result != TSS_SUCCESS) {
   			free(keyList.handle);
   			return result;
+  		}

Up to file-list app-crypt/trousers/files/tcs_pbg.c.patch:

 *** src/tcs/tcs_pbg.c.old	Thu Dec 18 20:37:19 2008
 --- src/tcs/tcs_pbg.c	Fri Dec 19 06:09:43 2008
 ***************
 *** 17,22 ****
 --- 17,23 ----
   #include <sys/types.h>
   #include <sys/stat.h>
   #include <sys/mman.h>
 + #include <sys/varargs.h>
   #include <fcntl.h>
   #include <errno.h>
 ***************
 *** 587,593 ****
   	case TPM_ORD_DAA_Sign:
   	case TPM_ORD_ChangeAuth:
   	case TPM_ORD_GetCapability:
 - 	case TPM_ORD_UnBind:
   	case TPM_ORD_LoadMaintenanceArchive:
   	case TPM_ORD_ConvertMigrationBlob:
   	case TPM_ORD_NV_ReadValue:
 --- 588,593 ----
 ***************
 *** 622,627 ****
 --- 622,657 ----
+  		}
   		offset1 = TSS_TPM_TXBLOB_HDR_LEN;
 + 		UnloadBlob_UINT32(&offset1, data_len, b);
 + 		if ((*data = malloc(*data_len)) == NULL) {
 + 			LogError("malloc of %u bytes failed", *data_len);
 + 			return TCSERR(TSS_E_OUTOFMEMORY);
 + 		}
++
 + 		UnloadBlob(&offset1, *data_len, b, *data);
 + 		break;
 + 	}
 + 	/* TPM BLOB: 1 UINT32, 1 BLOB, 1 optional AUTH
 + 	 * return: UINT32 *, BYTE**, 1 optional AUTH*/
 + 	case TPM_ORD_UnBind:
 + 	{
 + 		UINT32 *data_len = va_arg(ap, UINT32 *);
 + 		BYTE **data = va_arg(ap, BYTE **);
 + 		TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
 + 		TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
 + 		va_end(ap);
++
 + 		if (!data || !data_len) {
 + 			LogError("Internal error for ordinal 0x%x", ordinal);
 + 			return TCSERR(TSS_E_INTERNAL_ERROR);
 + 		}
++
 + 		if (auth1) {
 + 			offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
 + 			UnloadBlob_Auth(&offset1, b, auth1);
 + 		}
++
 + 		offset1 = TSS_TPM_TXBLOB_HDR_LEN;
   		UnloadBlob_UINT32(&offset1, data_len, b);
   		if ((*data = malloc(*data_len)) == NULL) {
   			LogError("malloc of %u bytes failed", *data_len);

Up to file-list app-crypt/trousers/files/tcsd.8.in.patch:

 *** man/man8/tcsd.8.in.old	Thu Dec 18 07:09:04 2008
 --- man/man8/tcsd.8.in	Thu Dec 18 07:37:35 2008
 ***************
 *** 74,85 ****
   the TCS and stays valid across application lifetimes, \fBtcsd\fR restarts and
   system resets. Data registered in system PS stays valid until an application
   requests that it be removed. User PS files are by default stored as
 ! /var/tpm/user.{pid} and the system PS file by default is /var/tpm/system.data.
   The system PS file is initially created when ownership of the TPM is first
   taken.
   .SH "CONFIGURATION"
 ! \fBtcsd\fR configuration is stored by default in /etc/tcsd.conf
   .SH "DEBUG OUTPUT"
   If TrouSerS has been compiled with debugging enabled, the debugging output
 --- 74,105 ----
   the TCS and stays valid across application lifetimes, \fBtcsd\fR restarts and
   system resets. Data registered in system PS stays valid until an application
   requests that it be removed. User PS files are by default stored as
 ! $HOME/.trousers/user.data and the system PS file by default is /var/tpm/system/system.data.
   The system PS file is initially created when ownership of the TPM is first
   taken.
 + .PP
 + \fB/var/tpm/system/system.data\fR
 + .ad
 + .RS 4n
 + Contains the system PS (persistent storage) data controlled by the TCS.  By default,
 + the SRK key is installed in PS and does not require owner authorization to use.  If the
 + TPM has previously been provisioned and owner-auth is required to load the SRK,
 + then the /var/tpm/system/system.data.auth file should be moved to
 + /var/tpm/system/system.data before starting the TCS (See NOTES).
 + .RE
 + .sp
 + .PP
 + \fB/var/tpm/system/system.data.auth\fR
 + .ad
 + .RS 4n
 + This is the default PS data file to use if the TPM has been previously
 + configured to require owner-auth to access the SRK.  Copy this file
 + to /var/tpm/system/system.data prior to starting the TCS if owner-auth is
 + needed, otherwise this file can be ignored.
 + .RE
   .SH "CONFIGURATION"
 ! \fBtcsd\fR configuration is stored by default in /etc/security/tcsd.conf
   .SH "DEBUG OUTPUT"
   If TrouSerS has been compiled with debugging enabled, the debugging output
 ***************
 *** 88,95 ****
   .SH "DEVICE DRIVERS"
   .PP
   \fBtcsd\fR is compatible with the IBM Research TPM device driver available
 ! from http://www.research.ibm.com/gsal/tcpa and the TPM device driver available
 ! from http://sf.net/projects/tmpdd
   .SH "CONFORMING TO"
   .PP
 --- 108,116 ----
   .SH "DEVICE DRIVERS"
   .PP
   \fBtcsd\fR is compatible with the IBM Research TPM device driver available
 ! from http://www.research.ibm.com/gsal/tcpa and the TPM device driver for
 ! Linux available from http://sf.net/projects/tmpdd.  It is also compatible
 ! with the TPM device driver for Solaris which is available in the SUNWtpm package.
   .SH "CONFORMING TO"
   .PP
 ***************
 *** 98,105 ****
   .SH "SEE ALSO"
   .PP
 ! \fBtcsd.conf\fR(5)
   .SH "AUTHOR"
   Kent Yoder
 --- 119,142 ----
   .SH "SEE ALSO"
   .PP
 ! \fBtcsd.conf\fR(5), \fBsvcadm\fR(1M), \fBsmf\fR(5)
 + .SH "NOTES"
 + .sp
 + .LP
 + The \fBtcsd\fR service is managed by the service management facility, \fBsmf\fR(5), under
 + the service identifier:
 + .sp
 + .in +2
 + .nf
 + svc:/application/security/tcsd:default
 + .fi
 + .in -2
 + .sp
 + .LP
 + Administrative actions on this service, such as enabling, disabling, or requesting restart, can be
 + performed using \fBsvcadm\fR(1M). The service's status can be queried using the \fBsvcs\fR(1) command.
++
   .SH "AUTHOR"
   Kent Yoder

Up to file-list app-crypt/trousers/files/tcsd.h.patch:

 *** src/include/tcsd.h.old	Fri Dec  5 07:47:11 2008
 --- src/include/tcsd.h	Fri Dec  5 07:48:44 2008
 ***************
 *** 48,61 ****
 --- 48,70 ----
   							of this TCS System */
   };
 + #ifdef SOLARIS
 + #define TCSD_CONFIG_FILE	"/etc/security/tcsd.conf"
 + #else
   #define TCSD_CONFIG_FILE	ETC_PREFIX "/tcsd.conf"
 + #endif
   #define TSS_USER_NAME		"tss"
   #define TSS_GROUP_NAME		"tss"
   #define TCSD_DEFAULT_MAX_THREADS	10
 + #ifdef SOLARIS
 + #define TCSD_DEFAULT_SYSTEM_PS_FILE	"/var/tpm/system/system.data"
 + #define TCSD_DEFAULT_SYSTEM_PS_DIR	"/var/tpm/system"
 + #else
   #define TCSD_DEFAULT_SYSTEM_PS_FILE	VAR_PREFIX "/lib/tpm/system.data"
   #define TCSD_DEFAULT_SYSTEM_PS_DIR	VAR_PREFIX "/lib/tpm"
 + #endif /* SOLARIS */
   #define TCSD_DEFAULT_FIRMWARE_LOG_FILE	"/sys/kernel/security/tpm0/binary_bios_measurements"
   #define TCSD_DEFAULT_KERNEL_LOG_FILE	"/sys/kernel/security/ima/binary_runtime_measurements"
   #define TCSD_DEFAULT_FIRMWARE_PCRS	0x00000000

Up to file-list app-crypt/trousers/files/tcsd_conf.c.patch:

 *** src/tcsd/tcsd_conf.c.old	Thu Aug 30 14:57:42 2007
 --- src/tcsd/tcsd_conf.c	Mon Dec 22 14:33:03 2008
 ***************
 *** 21,26 ****
 --- 21,30 ----
   #include <grp.h>
   #include <stdlib.h>
 + #ifdef SOLARIS
 + #include <libscf.h>
 + #endif
++
   #include "trousers/tss.h"
   #include "trousers_types.h"
   #include "tcs_tsp.h"
 ***************
 *** 674,691 ****
 --- 678,728 ----
   	free_platform_lists(conf->all_platform_classes);
+  }
 + #ifdef SOLARIS
 + static int
 + get_smf_prop(const char *var, boolean_t def_val)
 + {
 + 	scf_simple_prop_t *prop;
 + 	uint8_t *val;
 + 	boolean_t res = def_val;
 + 	prop = scf_simple_prop_get(NULL, "svc:/application/security/tcsd:default",
 + 		"config", var);
 + 	if (prop) {
 + 		if ((val = scf_simple_prop_next_boolean(prop)) != NULL)
 + 			res = (*val == 0) ? B_FALSE : B_TRUE;
 + 		scf_simple_prop_free(prop);
 + 	}
 + 	if (prop == NULL || val == NULL) {
 + 		syslog(LOG_ALERT, "no value for config/%s (%s). "
 + 		    "Using default \"%s\"", var, scf_strerror(scf_error()),
 + 		    def_val ? "true" : "false");
 + 	}
 + 	return (res);
 + }
 + #endif
++
   TSS_RESULT
   conf_file_init(struct tcsd_config *conf)
+  {
   	FILE *f = NULL;
   	struct stat stat_buf;
 + #ifndef SOLARIS
   	struct group *grp;
   	struct passwd *pw;
   	mode_t mode = (S_IRUSR|S_IWUSR);
 + #endif /* SOLARIS */
   	TSS_RESULT result;
   	init_tcsd_config(conf);
 + #ifdef SOLARIS
 + 	/*
 + 	 * Solaris runs as root:sys but with reduced privileges
 + 	 * so we don't need to create a new user/group and also so
 + 	 * we can have auditing support.  The permissions on
 + 	 * the tcsd configuration file are not checked on Solaris.
 + 	 */
 + #endif
   	/* look for a config file, create if it doesn't exist */
   	if (stat(TCSD_CONFIG_FILE, &stat_buf) == -1) {
   		if (errno == ENOENT) {
 ***************
 *** 699,704 ****
 --- 736,742 ----
+  		}
+  	}
 + #ifndef SOLARIS
   	/* find the gid that owns the conf file */
   	errno = 0;
   	grp = getgrnam(TSS_GROUP_NAME);
 ***************
 *** 736,741 ****
 --- 774,780 ----
   		LogError("TCSD config file (%s) must be mode 0600", TCSD_CONFIG_FILE);
   		return TCSERR(TSS_E_INTERNAL_ERROR);
+  	}
 + #endif /* SOLARIS */
   	if ((f = fopen(TCSD_CONFIG_FILE, "r")) == NULL) {
   		LogError("fopen(%s): %s", TCSD_CONFIG_FILE, strerror(errno));
 ***************
 *** 748,753 ****
 --- 787,803 ----
   	/* fill out any uninitialized options */
   	config_set_defaults(conf);
 + #ifdef SOLARIS
 + 	/*
 + 	 * The SMF value for "local_only" overrides the config file and
 + 	 * disables all remote operations.
 + 	 */
 + 	if (get_smf_prop("local_only", B_TRUE)) {
 + 		(void) memset(conf->remote_ops, 0, sizeof(conf->remote_ops));
 + 		conf->unset |= TCSD_OPTION_REMOTE_OPS;
++
 + 	}
 + #endif
   	return result;
+  }
 ***************
 *** 789,795 ****
   	} else if (((stat_buf.st_mode & 0777) ^ mode) != 0) {
   		/* This path is likely to be hit since open &'s mode with ~umask */
   		LogInfo("resetting mode of %s from %o to: %o", tcsd_options.system_ps_dir,
 ! 			stat_buf.st_mode, mode);
   		if (chmod(tcsd_options.system_ps_dir, mode) == -1) {
   			LogError("chmod(%s) failed: %s", tcsd_options.system_ps_dir,
   				 strerror(errno));
 --- 839,845 ----
   	} else if (((stat_buf.st_mode & 0777) ^ mode) != 0) {
   		/* This path is likely to be hit since open &'s mode with ~umask */
   		LogInfo("resetting mode of %s from %o to: %o", tcsd_options.system_ps_dir,
 ! 			(unsigned int)stat_buf.st_mode, (unsigned int)mode);
   		if (chmod(tcsd_options.system_ps_dir, mode) == -1) {
   			LogError("chmod(%s) failed: %s", tcsd_options.system_ps_dir,
   				 strerror(errno));

Up to file-list app-crypt/trousers/files/tcslog.h.patch:

 *** src/include/tcslog.h.old	Wed Aug 22 13:08:35 2007
 --- src/include/tcslog.h	Wed Dec 17 11:30:35 2008
 ***************
 *** 20,25 ****
 --- 20,29 ----
   /* log to syslog -- change your syslog destination here */
   #define TSS_SYSLOG_LVL	LOG_LOCAL5
 + #ifndef __FUNCTION__
 + #define __FUNCTION__ __func__
 + #endif
++
   #define LogMessage(dest, priority, layer, fmt, ...) \
           do { \
   		if (foreground) { \

Up to file-list app-crypt/trousers/files/tcsps.c.patch:

 *** src/tcs/ps/tcsps.c.old	Wed Aug 22 11:21:05 2007
 --- src/tcs/ps/tcsps.c	Wed Dec 10 09:00:27 2008
 ***************
 *** 18,23 ****
 --- 18,27 ----
   #include <sys/file.h>
   #include <sys/stat.h>
   #include <assert.h>
 + #ifdef SOLARIS
 + #include <fcntl.h>
 + #include <limits.h>
 + #endif
   #include "trousers/tss.h"
   #include "trousers_types.h"
 ***************
 *** 32,48 ****
   int system_ps_fd = -1;
   MUTEX_DECLARE(disk_cache_lock);
   int
   get_file()
+  {
 ! 	int rc = 0;
+!
   	/* check the global file handle first.  If it exists, lock it and return */
   	if (system_ps_fd != -1) {
   		if ((rc = flock(system_ps_fd, LOCK_EX))) {
   			LogError("failed to get system PS lock: %s", strerror(errno));
   			return -1;
+  		}
   		return system_ps_fd;
+  	}
 --- 36,72 ----
   int system_ps_fd = -1;
   MUTEX_DECLARE(disk_cache_lock);
 + #ifdef SOLARIS
 + static struct flock fl = {
 + 	0,	/* l_type */
 + 	0,	/* l_whence */
 + 	0,	/* l_start */
 + 	0,	/* l_len */
 + 	0,	/* l_sysid */
 + 	0,	/* l_pid */
 + 	{0,0,0,0}
 + 	};
 + #endif
++
   int
   get_file()
+  {
 ! 	int rc;
   	/* check the global file handle first.  If it exists, lock it and return */
   	if (system_ps_fd != -1) {
 + 		int rc = 0;
 + #ifdef SOLARIS
 + 		fl.l_type = F_WRLCK;
 + 		if ((rc = fcntl(system_ps_fd, F_SETLKW, &fl))) {
 + 			LogError("failed to get system PS lock: %s", strerror(errno));
 + 			return -1;
 + 		}
 + #else
   		if ((rc = flock(system_ps_fd, LOCK_EX))) {
   			LogError("failed to get system PS lock: %s", strerror(errno));
   			return -1;
+  		}
 + #endif /* SOLARIS */
   		return system_ps_fd;
+  	}
 ***************
 *** 55,65 ****
   		return -1;
+  	}
   	if ((rc = flock(system_ps_fd, LOCK_EX))) {
   		LogError("failed to get system PS lock of file %s: %s",
 ! 				tcsd_options.system_ps_file, strerror(errno));
   		return -1;
+  	}
   	return system_ps_fd;
+  }
 --- 79,98 ----
   		return -1;
+  	}
 + #ifdef SOLARIS
 + 	fl.l_type = F_WRLCK;
 + 	if ((rc = fcntl(system_ps_fd, F_SETLKW, &fl))) {
 + 		LogError("failed to get system PS lock of file %s: %s",
 + 			tcsd_options.system_ps_file, strerror(errno));
 + 		return -1;
 + 	}
 + #else
   	if ((rc = flock(system_ps_fd, LOCK_EX))) {
   		LogError("failed to get system PS lock of file %s: %s",
 ! 			tcsd_options.system_ps_file, strerror(errno));
   		return -1;
+  	}
 + #endif /* SOLARIS */
   	return system_ps_fd;
+  }
 ***************
 *** 68,79 ****
   put_file(int fd)
+  {
   	int rc = 0;
+-
   	/* release the file lock */
   	if ((rc = flock(fd, LOCK_UN))) {
   		LogError("failed to unlock system PS file: %s", strerror(errno));
   		return -1;
+  	}
   	return rc;
+  }
 --- 101,120 ----
   put_file(int fd)
+  {
   	int rc = 0;
   	/* release the file lock */
 + #ifdef SOLARIS
 + 	fl.l_type = F_UNLCK;
 + 	if ((rc = fcntl(fd, F_SETLKW, &fl))) {
 + 		LogError("failed to unlock system PS file: %s",
 + 			strerror(errno));
 + 		return -1;
 + 	}
 + #else
   	if ((rc = flock(fd, LOCK_UN))) {
   		LogError("failed to unlock system PS file: %s", strerror(errno));
   		return -1;
+  	}
 + #endif /* SOLARIS */
   	return rc;
+  }

Up to file-list app-crypt/trousers/files/tcsps.h.patch:

 *** src/include/tcsps.h.old	Wed Aug 22 11:21:04 2007
 --- src/include/tcsps.h		Wed Dec 17 12:23:29 2008
 ***************
 *** 23,30 ****
   int		   put_file(int);
   void		   close_file(int);
   void		   ps_destroy();
 ! inline TSS_RESULT  read_data(int, void *, UINT32);
 ! inline TSS_RESULT  write_data(int, void *, UINT32);
   int		   write_key_init(int, UINT32, UINT32, UINT32);
   TSS_RESULT	   cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32);
   TSS_RESULT	   UnloadBlob_KEY_PS(UINT16 *, BYTE *, TSS_KEY *);
 --- 23,30 ----
   int		   put_file(int);
   void		   close_file(int);
   void		   ps_destroy();
 ! TSS_RESULT         read_data(int, void *, UINT32);
 ! TSS_RESULT         write_data(int, void *, UINT32);
   int		   write_key_init(int, UINT32, UINT32, UINT32);
   TSS_RESULT	   cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32);
   TSS_RESULT	   UnloadBlob_KEY_PS(UINT16 *, BYTE *, TSS_KEY *);

Up to file-list app-crypt/trousers/files/tddl.c.patch:

 *** src/tddl/tddl.c.old	Fri Dec  5 08:13:11 2008
 --- src/tddl/tddl.c	Fri Dec  5 08:16:20 2008
 ***************
 *** 18,30 ****
 --- 18,34 ----
   #include "trousers/tss.h"
   #include "trousers_types.h"
 + #ifndef SOLARIS
   #include "linux/tpm.h"
 + #endif
   #include "tcslog.h"
   #include "tddl.h"
   struct tpm_device_node tpm_device_nodes[] = {
 + #ifndef SOLARIS
   	{"/dev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
   	{"/udev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
 + #endif
   	{"/dev/tpm", TDDL_UNDEF, TDDL_UNDEF},
   	{NULL, 0, 0}
   };
 ***************
 *** 41,48 ****
   	/* tpm_device_paths is filled out in tddl.h */
   	for (i = 0; tpm_device_nodes[i].path != NULL; i++) {
   		errno = 0;
 ! 		if ((tpm_device_nodes[i].fd = open(tpm_device_nodes[i].path, O_RDWR)) < 0)
   			continue;
   		opened_device = &(tpm_device_nodes[i]);
   		return opened_device->fd;
 --- 45,55 ----
   	/* tpm_device_paths is filled out in tddl.h */
   	for (i = 0; tpm_device_nodes[i].path != NULL; i++) {
   		errno = 0;
 ! 		if ((tpm_device_nodes[i].fd = open(tpm_device_nodes[i].path, O_RDWR)) < 0) {
 ! 			fprintf(stderr, "Error opening %s: %s\n",
 ! 				tpm_device_nodes[i].path, strerror(errno));
   			continue;
 + 		}
   		opened_device = &(tpm_device_nodes[i]);
   		return opened_device->fd;
 ***************
 *** 109,119 ****
 --- 116,128 ----
   			/* fall through */
   		case TDDL_TRANSMIT_IOCTL:
   			errno = 0;
 + #ifndef SOLARIS
   			if ((sizeResult = ioctl(opened_device->fd, TPMIOC_TRANSMIT, txBuffer)) != -1) {
   				opened_device->transmit = TDDL_TRANSMIT_IOCTL;
   				break;
+  			}
   			LogWarn("ioctl: (%d) %s", errno, strerror(errno));
 + #endif
   			LogInfo("Falling back to Read/Write device support.");
   			/* fall through */
   		case TDDL_TRANSMIT_RW:
 ***************
 *** 183,188 ****
 --- 192,198 ----
   TSS_RESULT Tddli_Cancel(void)
+  {
 + #ifndef SOLARIS
   	int rc;
   	if (opened_device->transmit == TDDL_TRANSMIT_IOCTL) {
 ***************
 *** 198,201 ****
 --- 208,213 ----
   	} else {
   		return TDDLERR(TSS_E_NOTIMPL);
+  	}
 + #endif /* SOLARIS */
 + 	return TDDLERR(TSS_E_NOTIMPL);
+  }

Up to file-list app-crypt/trousers/files/trousers.c.patch:

 *** src/trspi/trousers.c.old	Fri Oct 26 16:34:31 2007
 --- src/trspi/trousers.c	Mon Oct 27 12:13:18 2008
 ***************
 *** 1538,1544 ****
   		ptr = (char *)string;
   		errno = 0;
 ! 		rc = iconv(cd, &ptr, &inbytesleft, &outbuf, &outbytesleft);
   	} while (rc == (size_t)-1 && errno == E2BIG);
   	if (len > MAX_BUF_SIZE) {
 --- 1538,1544 ----
   		ptr = (char *)string;
   		errno = 0;
 ! 		rc = iconv(cd, (const char **)&ptr, &inbytesleft, &outbuf, &outbytesleft);
   	} while (rc == (size_t)-1 && errno == E2BIG);
   	if (len > MAX_BUF_SIZE) {
 ***************
 *** 1599,1605 ****
   		ptr = (char *)string;
   		errno = 0;
 ! 		rc = iconv(cd, &ptr, &inbytesleft, &outbuf, &outbytesleft);
   	} while (rc == (size_t)-1 && errno == E2BIG);
   	/* add terminating bytes of the correct width */
 --- 1599,1605 ----
   		ptr = (char *)string;
   		errno = 0;
 ! 		rc = iconv(cd, (const char **)&ptr, &inbytesleft, &outbuf, &outbytesleft);
   	} while (rc == (size_t)-1 && errno == E2BIG);
   	/* add terminating bytes of the correct width */

Up to file-list app-crypt/trousers/files/tsp_auth.c.patch:

 *** src/tspi/tsp_auth.c.old	Tue Feb  3 12:46:07 2009
 --- src/tspi/tsp_auth.c	Thu Feb  5 11:01:42 2009
 ***************
 *** 359,365 ****
   	memcpy(digest, &auth->HMAC, 20);
   	HMAC_Auth(secret, hash, auth);
 ! 	return (TSS_BOOL) memcmp(digest, &auth->HMAC, 20);
+  }
   void
 --- 359,365 ----
   	memcpy(digest, &auth->HMAC, 20);
   	HMAC_Auth(secret, hash, auth);
 ! 	return ((TSS_BOOL) memcmp(digest, &auth->HMAC, 20) != 0);
+  }
   void
 ***************
 *** 753,758 ****
 --- 753,760 ----
   		Trspi_HMAC(TSS_HASH_SHA1, ulSizeDigestHmac, sess->sharedSecret.digest, offset, Blob,
   			   hmacVerify.digest);
   		result = memcmp(rgbHmacData, hmacVerify.digest, ulSizeDigestHmac);
 + 		if (result)
 + 			result = TPM_E_AUTHFAIL;
+  	}
   	return result;
 ***************
 *** 906,912 ****
   			/* According to the spec, we must fall back on the TSP context's policy for
   			 * auth if none is set in the NV object */
   			if (!sess->hUsageChild) {
 ! 				if ((result = obj_context_get_policy(obj_child, TSS_POLICY_USAGE,
   								     &sess->hUsageChild)))
   					goto error;
+  			}
 --- 908,914 ----
   			/* According to the spec, we must fall back on the TSP context's policy for
   			 * auth if none is set in the NV object */
   			if (!sess->hUsageChild) {
 ! 				if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE,
   								     &sess->hUsageChild)))
   					goto error;
+  			}

Up to file-list app-crypt/trousers/files/tsp_policy.c.patch:

 *** src/tspi/tsp_policy.c.old	Wed Mar 18 08:06:00 2009
 --- src/tspi/tsp_policy.c	Thu Mar 19 14:46:10 2009
 ***************
 *** 50,56 ****
   		popup_str = dflt;
   	/* pin the area where the secret will be put in memory */
 ! 	if (pin_mem(&secret, UI_MAX_SECRET_STRING_LENGTH)) {
   		LogError("Failed to pin secret in memory.");
   		return TSPERR(TSS_E_INTERNAL_ERROR);
+  	}
 --- 50,56 ----
   		popup_str = dflt;
   	/* pin the area where the secret will be put in memory */
 ! 	if (pin_mem(secret, UI_MAX_SECRET_STRING_LENGTH)) {
   		LogError("Failed to pin secret in memory.");
   		return TSPERR(TSS_E_INTERNAL_ERROR);
+  	}
 ***************
 *** 61,67 ****
   		DisplayPINWindow(secret, &secret_len, popup_str);
   	if (!secret_len) {
 ! 		unpin_mem(&secret, UI_MAX_SECRET_STRING_LENGTH);
   		return TSPERR(TSS_E_POLICY_NO_SECRET);
+  	}
 --- 61,67 ----
   		DisplayPINWindow(secret, &secret_len, popup_str);
   	if (!secret_len) {
 ! 		unpin_mem(secret, UI_MAX_SECRET_STRING_LENGTH);
   		return TSPERR(TSS_E_POLICY_NO_SECRET);
+  	}
 ***************
 *** 74,80 ****
   	/* zero, then unpin the memory */
   	memset(secret, 0, secret_len);
 ! 	unpin_mem(&secret, UI_MAX_SECRET_STRING_LENGTH);
   	return result;
+  }
 --- 74,80 ----
   	/* zero, then unpin the memory */
   	memset(secret, 0, secret_len);
 ! 	unpin_mem(secret, UI_MAX_SECRET_STRING_LENGTH);
   	return result;
+  }
 ***************
 *** 88,93 ****
 --- 88,96 ----
   		return 0;
+  	}
 + 	len += (uintptr_t)addr & PAGEOFFSET;
 + 	addr = (void *)((uintptr_t)addr & PAGEMASK);
++
   	if (mlock(addr, len) == -1) {
   		LogError("mlock: %s", strerror(errno));
   		return 1;
 ***************
 *** 99,109 ****
 --- 102,118 ----
   int
   unpin_mem(void *addr, size_t len)
+  {
 + 	caddr_t addr1;
 + 	size_t  len1;
++
   	/* only root can lock pages into RAM */
   	if (getuid() != (uid_t)0) {
   		return 0;
+  	}
 + 	len += (uintptr_t)addr & PAGEOFFSET;
 + 	addr = (void *)((uintptr_t)addr & PAGEMASK);
++
   	if (munlock(addr, len) == -1) {
   		LogError("mlock: %s", strerror(errno));
   		return 1;

Up to file-list app-crypt/trousers/files/tsp_ps.c.patch:

 *** src/tspi/tsp_ps.c.old	Thu Jul 19 14:00:05 2007
 --- src/tspi/tsp_ps.c	Tue Sep  2 11:23:33 2008
 ***************
 *** 15,20 ****
 --- 15,23 ----
   #include <string.h>
   #include <unistd.h>
   #include <stdio.h>
 + #ifdef SOLARIS
 + #include <limits.h>
 + #endif
   #include "trousers/tss.h"
   #include "trousers/trousers.h"

Up to file-list app-crypt/trousers/files/tspi_Makefile.in.patch:

 *** src/tspi/Makefile.in.old	Wed Dec 17 14:28:57 2008
 --- src/tspi/Makefile.in	Wed Dec 17 14:29:43 2008
 ***************
 *** 372,378 ****
   	$(AM_CFLAGS) $(CFLAGS)
   CCLD = $(CC)
   LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 ! 	$(AM_LDFLAGS) $(LDFLAGS) -o $@
   SOURCES = $(libtspi_la_SOURCES)
   DIST_SOURCES = $(am__libtspi_la_SOURCES_DIST)
   ETAGS = etags
 --- 372,378 ----
   	$(AM_CFLAGS) $(CFLAGS)
   CCLD = $(CC)
   LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 ! 	$(AM_LDFLAGS) $(LDFLAGS) -z initarray=_init -o $@
   SOURCES = $(libtspi_la_SOURCES)
   DIST_SOURCES = $(am__libtspi_la_SOURCES_DIST)
   ETAGS = etags

Up to file-list app-crypt/trousers/files/tspi_aik.c.patch:

 *** src/tspi/tspi_aik.c.old	Tue Sep 25 14:57:58 2007
 --- src/tspi/tspi_aik.c	Tue Sep  2 11:23:56 2008
 ***************
 *** 12,17 ****
 --- 12,20 ----
   #include <stdio.h>
   #include <string.h>
   #include <inttypes.h>
 + #ifdef SOLARIS
 + #include <limits.h>
 + #endif
   #include "trousers/tss.h"
   #include "trousers/trousers.h"

Up to file-list app-crypt/trousers/files/tspi_delegate.c.patch:

 *** src/tspi/tspi_delegate.c.old	Wed Feb 18 16:02:47 2009
 --- src/tspi/tspi_delegate.c	Thu Feb 19 13:27:32 2009
 ***************
 *** 348,353 ****
 --- 348,354 ----
   	UINT64 tpmOffset;
   	UINT64 tssOffset;
   	TSS_RESULT result;
 + 	int i = 0;
   	if (!pulFamilyTableSize || !ppFamilyTable || !pulDelegateTableSize || !ppDelegateTable)
   		return TSPERR(TSS_E_BAD_PARAMETER);
 ***************
 *** 376,382 ****
   			result = TSPERR(TSS_E_OUTOFMEMORY);
   			goto done;
+  		}
 ! 		for (tpmOffset = 0, tssOffset = 0; tpmOffset < tpmFamilyTableSize; tssFamilyTableSize++) {
   			Trspi_UnloadBlob_TPM_FAMILY_TABLE_ENTRY(&tpmOffset, tpmFamilyTable,
   				&tpmFamilyEntry);
 --- 377,383 ----
   			result = TSPERR(TSS_E_OUTOFMEMORY);
   			goto done;
+  		}
 ! 		for (i = 0, tpmOffset = 0; tpmOffset < tpmFamilyTableSize; tssFamilyTableSize++, i++) {
   			Trspi_UnloadBlob_TPM_FAMILY_TABLE_ENTRY(&tpmOffset, tpmFamilyTable,
   				&tpmFamilyEntry);
 ***************
 *** 387,394 ****
   				(tpmFamilyEntry.flags & TPM_FAMFLAG_ENABLE) ? TRUE : FALSE;
   			tssFamilyEntry.locked =
   				(tpmFamilyEntry.flags & TPM_FAMFLAG_DELEGATE_ADMIN_LOCK) ? TRUE : FALSE;
 ! 			Trspi_LoadBlob_TSS_FAMILY_TABLE_ENTRY(&tssOffset, (BYTE *)tssFamilyTable,
 ! 				&tssFamilyEntry);
+  		}
+  	}
 --- 388,395 ----
   				(tpmFamilyEntry.flags & TPM_FAMFLAG_ENABLE) ? TRUE : FALSE;
   			tssFamilyEntry.locked =
   				(tpmFamilyEntry.flags & TPM_FAMFLAG_DELEGATE_ADMIN_LOCK) ? TRUE : FALSE;
+!
 ! 			tssFamilyTable[i] = tssFamilyEntry;
+  		}
+  	}
 ***************
 *** 424,430 ****
   			result = TSPERR(TSS_E_OUTOFMEMORY);
   			goto done;
+  		}
 ! 		for (tpmOffset = 0, tssOffset = 0; tpmOffset < tpmDelegateTableSize; tssDelegateTableSize++) {
   			Trspi_UnloadBlob_UINT32(&tpmOffset, &tableIndex, tpmDelegateTable);
   			if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(&tpmOffset,
   					tpmDelegateTable, &tpmDelegatePublic))) {
 --- 425,431 ----
   			result = TSPERR(TSS_E_OUTOFMEMORY);
   			goto done;
+  		}
 ! 		for (i =0, tpmOffset = 0; tpmOffset < tpmDelegateTableSize; tssDelegateTableSize++, i++) {
   			Trspi_UnloadBlob_UINT32(&tpmOffset, &tableIndex, tpmDelegateTable);
   			if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(&tpmOffset,
   					tpmDelegateTable, &tpmDelegatePublic))) {
 ***************
 *** 449,457 ****
   			tssDelegateEntry.per2 = tpmDelegatePublic.permissions.per2;
   			tssDelegateEntry.familyID = tpmDelegatePublic.familyID;
   			tssDelegateEntry.verificationCount = tpmDelegatePublic.verificationCount;
 - 			Trspi_LoadBlob_TSS_DELEGATION_TABLE_ENTRY(&tssOffset,
 - 				(BYTE *)tssDelegateTable, &tssDelegateEntry);
   			free(tpmDelegatePublic.pcrInfo.pcrSelection.pcrSelect);
+  		}
+  	}
 --- 450,458 ----
   			tssDelegateEntry.per2 = tpmDelegatePublic.permissions.per2;
   			tssDelegateEntry.familyID = tpmDelegatePublic.familyID;
   			tssDelegateEntry.verificationCount = tpmDelegatePublic.verificationCount;
 + 			tssDelegateTable[i] = tssDelegateEntry;
++
   			free(tpmDelegatePublic.pcrInfo.pcrSelection.pcrSelect);
+  		}
+  	}

Up to file-list app-crypt/trousers/files/tspi_makefile.am.patch:

 *** src/tspi/Makefile.am.old	Tue Sep 25 18:15:01 2007
 --- src/tspi/Makefile.am	Mon Oct 27 13:46:45 2008
 ***************
 *** 215,220 ****
 --- 215,224 ----
   libtspi_la_LDFLAGS+=@GTK_LIBS@
   libtspi_la_SOURCES+=gtk/main.c gtk/support.c gtk/interface.c gtk/callbacks.c
   endif
 + if OPENSSL_UI
 + libtspi_la_LDFLAGS+=
 + libtspi_la_SOURCES+=ssl_ui.c
 + endif
   if TSS_BUILD_NV
   libtspi_la_SOURCES+=tspi_nv.c obj_nv.c tsp_nv.c rpc/@RPC@/rpc_nv.c

Up to file-list app-crypt/trousers/files/tspps.c.patch:

 *** src/tspi/ps/tspps.c.old	Thu Dec 18 08:37:58 2008
 --- src/tspi/ps/tspps.c	Thu Dec 18 08:56:13 2008
 ***************
 *** 19,24 ****
 --- 19,29 ----
   #include <sys/file.h>
   #include <sys/stat.h>
   #include <assert.h>
 + #ifdef SOLARIS
 + #include <fcntl.h>
 + #include <limits.h>
 + #include <netdb.h>
 + #endif
   #include "trousers/tss.h"
   #include "trousers/trousers.h"
 ***************
 *** 30,35 ****
 --- 35,51 ----
   static int user_ps_fd = -1;
   static MUTEX_DECLARE_INIT(user_ps_lock);
 + #ifdef SOLARIS
 + static struct flock fl = {
 + 	0,
 + 	0,
 + 	0,
 + 	0,
 + 	0,
 + 	0,
 + 	{0, 0, 0, 0}
 + 	};
 + #endif
   /*
    * Determine the default path to the persistent storage file and create it if it doesn't exist.
 ***************
 *** 38,47 ****
   get_user_ps_path(char **file)
+  {
   	TSS_RESULT result = TSPERR(TSS_E_INTERNAL_ERROR);
 ! 	char *file_name = NULL, *home_dir = NULL;
   	struct passwd pw, *pwp;
   	struct stat stat_buf;
   	char buf[PASSWD_BUFSIZE];
   	uid_t euid;
   	int rc;
 --- 54,64 ----
   get_user_ps_path(char **file)
+  {
   	TSS_RESULT result = TSPERR(TSS_E_INTERNAL_ERROR);
 ! 	char *file_name = NULL, *psdir = NULL;
   	struct passwd pw, *pwp;
   	struct stat stat_buf;
   	char buf[PASSWD_BUFSIZE];
 + 	char hostname[MAXHOSTNAMELEN];
   	uid_t euid;
   	int rc;
 ***************
 *** 49,80 ****
   		*file = strdup(file_name);
   		return (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
+  	}
+-
   	euid = geteuid();
+!
   	setpwent();
   	while (1) {
   		rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp);
   		if (rc) {
 ! 			LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s",
   				   strerror(rc));
 ! 			endpwent();
 ! 			return TSPERR(TSS_E_INTERNAL_ERROR);
 ! 		}
 ! 		if (euid == pwp->pw_uid) {
 ! 			home_dir = strdup(pwp->pw_dir);
 ! 			break;
+  		}
+  	}
   	endpwent();
+!
 ! 	if (!home_dir)
   		return TSPERR(TSS_E_OUTOFMEMORY);
 ! 	/* Tack on TSS_USER_PS_DIR and see if it exists */
 ! 	rc = snprintf(buf, PASSWD_BUFSIZE, "%s/%s", home_dir, TSS_USER_PS_DIR);
 ! 	if (rc == PASSWD_BUFSIZE) {
   		LogDebugFn("USER PS: Path to file too long! (> %d bytes)", PASSWD_BUFSIZE);
   		goto done;
+  	}
 --- 66,108 ----
   		*file = strdup(file_name);
   		return (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
+  	}
   	euid = geteuid();
 ! #ifdef SOLARIS
 ! 	/*
 ! 	 * Solaris keeps user PS in a local directory to avoid NFS problems
 ! 	 * and potential conflicts when sharing the same PS file among
 ! 	 * multiple machines with different TPMs.
 ! 	 *
 ! 	 * The directory path is /var/tpm/userps/[EUID]/
 ! 	 */
 ! 	rc = snprintf(buf, sizeof (buf), "%s/%d", TSS_USER_PS_DIR, euid);
 ! #else
   	setpwent();
   	while (1) {
   		rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp);
   		if (rc) {
 ! 			pwp = getpwent_r(&pw, buf, PASSWD_BUFSIZE);
 ! 			if (pwp == NULL) {
 ! 				LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s",
   				   strerror(rc));
 ! 				endpwent();
 ! 				return TSPERR(TSS_E_INTERNAL_ERROR);
 ! 			}
 ! 			if (euid == pwp->pw_uid) {
 ! 				psdir = strdup(pwp->pw_dir);
 ! 				break;
 ! 			}
+  		}
+  	}
   	endpwent();
 ! 	if (!psdir)
   		return TSPERR(TSS_E_OUTOFMEMORY);
 ! 	rc = snprintf(buf, sizeof (buf), "%s/%s", psdir, TSS_USER_PS_DIR);
 ! #endif /* SOLARIS */
+!
 ! 	if (rc == sizeof (buf)) {
   		LogDebugFn("USER PS: Path to file too long! (> %d bytes)", PASSWD_BUFSIZE);
   		goto done;
+  	}
 ***************
 *** 83,89 ****
   	if ((rc = stat(buf, &stat_buf)) == -1) {
   		if (errno == ENOENT) {
   			errno = 0;
 ! 			/* Create the base directory, $HOME/.trousers */
   			if ((rc = mkdir(buf, 0700)) == -1) {
   				LogDebugFn("USER PS: Error creating dir: %s: %s", buf,
   					   strerror(errno));
 --- 111,117 ----
   	if ((rc = stat(buf, &stat_buf)) == -1) {
   		if (errno == ENOENT) {
   			errno = 0;
 ! 			/* Create the user's ps directory if it is not there. */
   			if ((rc = mkdir(buf, 0700)) == -1) {
   				LogDebugFn("USER PS: Error creating dir: %s: %s", buf,
   					   strerror(errno));
 ***************
 *** 90,103 ****
   				goto done;
+  			}
   		} else {
 ! 			LogDebugFn("USER PS: Error stating dir: %s: %s", buf, strerror(errno));
   			goto done;
+  		}
+  	}
   	/* Directory exists or has been created, return the path to the file */
 ! 	rc = snprintf(buf, PASSWD_BUFSIZE, "%s/%s/%s", home_dir, TSS_USER_PS_DIR,
   		      TSS_USER_PS_FILE);
   	if (rc == PASSWD_BUFSIZE) {
   		LogDebugFn("USER PS: Path to file too long! (> %d bytes)", PASSWD_BUFSIZE);
   	} else
 --- 118,137 ----
   				goto done;
+  			}
   		} else {
 ! 			LogDebugFn("USER PS: Error stating dir: %s: %s",
 ! 			    buf, strerror(errno));
   			goto done;
+  		}
+  	}
   	/* Directory exists or has been created, return the path to the file */
 ! #ifdef SOLARIS
 ! 	rc = snprintf(buf, sizeof(buf), "%s/%d/%s", TSS_USER_PS_DIR, euid,
   		      TSS_USER_PS_FILE);
 + #else
 + 	rc = snprintf(buf, sizeof(buf), "%s/%s/%s", psdir, TSS_USER_PS_DIR,
 + 		      TSS_USER_PS_FILE);
 + #endif
   	if (rc == PASSWD_BUFSIZE) {
   		LogDebugFn("USER PS: Path to file too long! (> %d bytes)", PASSWD_BUFSIZE);
   	} else
 ***************
 *** 105,111 ****
   	result = (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
   done:
 ! 	free(home_dir);
   	return result;
+  }
 --- 139,145 ----
   	result = (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
   done:
 ! 	free(psdir);
   	return result;
+  }
 ***************
 *** 120,131 ****
   	/* check the global file handle first.  If it exists, lock it and return */
   	if (user_ps_fd != -1) {
   		if ((rc = flock(user_ps_fd, LOCK_EX))) {
   			LogDebug("USER PS: failed to lock file: %s", strerror(errno));
   			MUTEX_UNLOCK(user_ps_lock);
   			return TSPERR(TSS_E_INTERNAL_ERROR);
+  		}
+-
   		*fd = user_ps_fd;
   		return TSS_SUCCESS;
+  	}
 --- 154,169 ----
   	/* check the global file handle first.  If it exists, lock it and return */
   	if (user_ps_fd != -1) {
 + #ifdef SOLARIS
 + 		fl.l_type = F_WRLCK;
 + 		if ((rc = fcntl(user_ps_fd, F_SETLKW, &fl))) {
 + #else
   		if ((rc = flock(user_ps_fd, LOCK_EX))) {
 + #endif /* SOLARIS */
   			LogDebug("USER PS: failed to lock file: %s", strerror(errno));
   			MUTEX_UNLOCK(user_ps_lock);
   			return TSPERR(TSS_E_INTERNAL_ERROR);
+  		}
   		*fd = user_ps_fd;
   		return TSS_SUCCESS;
+  	}
 ***************
 *** 144,151 ****
   		MUTEX_UNLOCK(user_ps_lock);
   		return TSPERR(TSS_E_INTERNAL_ERROR);
+  	}
+!
   	if ((rc = flock(user_ps_fd, LOCK_EX))) {
   		LogDebug("USER PS: failed to get lock of %s: %s", file_name, strerror(errno));
   		free(file_name);
   		close(user_ps_fd);
 --- 182,193 ----
   		MUTEX_UNLOCK(user_ps_lock);
   		return TSPERR(TSS_E_INTERNAL_ERROR);
+  	}
 ! #ifdef SOLARIS
 ! 	fl.l_type = F_WRLCK;
 ! 	if ((rc = fcntl(user_ps_fd, F_SETLKW, &fl))) {
 ! #else
   	if ((rc = flock(user_ps_fd, LOCK_EX))) {
 + #endif /* SOLARIS */
   		LogDebug("USER PS: failed to get lock of %s: %s", file_name, strerror(errno));
   		free(file_name);
   		close(user_ps_fd);
 ***************
 *** 167,173 ****
 --- 209,220 ----
   	fsync(fd);
   	/* release the file lock */
 + #ifdef SOLARIS
 + 	fl.l_type = F_UNLCK;
 + 	if ((rc = fcntl(fd, F_SETLKW, &fl))) {
 + #else
   	if ((rc = flock(fd, LOCK_UN))) {
 + #endif /* SOLARIS */
   		LogDebug("USER PS: failed to unlock file: %s", strerror(errno));
   		rc = -1;
+  	}

Up to file-list app-crypt/trousers/files/tspps.h.patch:

 *** src/include/tspps.h.old	Thu Dec 18 08:40:21 2008
 --- src/include/tspps.h	Thu Dec 18 08:41:51 2008
 ***************
 *** 13,25 ****
   #define PASSWD_BUFSIZE		4096
   #define TSS_USER_PS_DIR		".trousers"
   #define TSS_USER_PS_FILE	"user.data"
   TSS_RESULT	   get_file(int *);
   int		   put_file(int);
 ! inline TSS_RESULT  read_data(int, void *, UINT32);
 ! inline TSS_RESULT  write_data(int, void *, UINT32);
   UINT32		   psfile_get_num_keys(int);
   TSS_RESULT	   psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
   TSS_RESULT	   psfile_remove_key_by_uuid(int, TSS_UUID *);
 --- 13,29 ----
   #define PASSWD_BUFSIZE		4096
 + #ifdef SOLARIS
 + #define TSS_USER_PS_DIR		"/var/tpm/userps"
 + #else
   #define TSS_USER_PS_DIR		".trousers"
 + #endif
   #define TSS_USER_PS_FILE	"user.data"
   TSS_RESULT	   get_file(int *);
   int		   put_file(int);
 ! TSS_RESULT         read_data(int, void *, UINT32);
 ! TSS_RESULT         write_data(int, void *, UINT32);
   UINT32		   psfile_get_num_keys(int);
   TSS_RESULT	   psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
   TSS_RESULT	   psfile_remove_key_by_uuid(int, TSS_UUID *);

Up to file-list app-crypt/trousers/metadata.xml:

 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
 	<herd>crypto</herd>
 	<maintainer>
 		<email>crypto@gentoo.org</email>
 		<name>Crypto Herd</name>
 	</maintainer>
 </pkgmetadata>

Up to file-list app-crypt/trousers/trousers-0.3.1.ebuild:

 # Copyright 1999-2009 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/app-crypt/trousers/trousers-0.3.1.ebuild,v 1.7 2009/03/29 15:19:32 arfrever Exp $
 inherit autotools base eutils flag-o-matic
 #linux-info
 DESCRIPTION="An open-source TCG Software Stack (TSS) v1.1 implementation"
 HOMEPAGE="http://trousers.sf.net"
 SRC_URI="mirror://sourceforge/trousers/${P}.tar.gz"
 LICENSE="CPL-1.0"
 SLOT="0"
 KEYWORDS="~amd64 ~x86"
 IUSE="doc"
 # >=dev-libs/glib-2
 RDEPEND="
 	>=dev-libs/openssl-0.9.7"
 DEPEND="${RDEPEND}
 	dev-util/pkgconfig"
 #PATCHES=(	"${FILESDIR}/${PN}-0.2.3-nouseradd.patch"
 #		"${FILESDIR}/${P}-qa.patch"
 #		"${FILESDIR}/${P}-gcc43.patch"	)
 PATCHES=(
 "${FILESDIR}/Makefile.in.patch"
 "${FILESDIR}/configure.in.patch"
 "${FILESDIR}/hosttable.c.patch"
 "${FILESDIR}/platform.c.patch"
 "${FILESDIR}/ps_utils.c.patch"
 "${FILESDIR}/ssl_ui.c.patch"
 "${FILESDIR}/svrside.c.patch"
 "${FILESDIR}/tcs_auth_mgr.c.patch"
 "${FILESDIR}/tcs_key_mem_cache.c.patch"
 "${FILESDIR}/tcs_pbg.c.patch"
 "${FILESDIR}/tcsd.8.in.patch"
 "${FILESDIR}/tcsd.h.patch"
 "${FILESDIR}/tcsd_conf.c.patch"
 "${FILESDIR}/tcslog.h.patch"
 "${FILESDIR}/tcsps.c.patch"
 "${FILESDIR}/tcsps.h.patch"
 "${FILESDIR}/tddl.c.patch"
 "${FILESDIR}/trousers.c.patch"
 "${FILESDIR}/tsp_auth.c.patch"
 "${FILESDIR}/tsp_policy.c.patch"
 "${FILESDIR}/tsp_ps.c.patch"
 "${FILESDIR}/tspi_Makefile.in.patch"
 "${FILESDIR}/tspi_aik.c.patch"
 "${FILESDIR}/tspi_delegate.c.patch"
 "${FILESDIR}/tspi_makefile.am.patch"
 "${FILESDIR}/tspps.c.patch"
 "${FILESDIR}/tspps.h.patch"
 "${FILESDIR}/symmetric.c.patch"
 "${FILESDIR}/dist-no-useradd-Makefile.am.patch"
+)
 #pkg_setup() {
 	#enewgroup tss
 	#enewuser tss -1 -1 /var/lib/tpm tss
 #}
 src_unpack() {
 	base_src_unpack
 	#sed -e "s/-Werror //" -i configure.in
 	#eautoreconf
 	cd ${WORKDIR}/${P}/src/include/ || die
 	for f in `ls *.h` ;  do
         /usr/bin/dos2unix $f $f
 	done
 	cd ${WORKDIR}/${P}/src/include/tss || die
 	for f in `ls *.h` ;  do
         /usr/bin/dos2unix $f $f
 	done
 	cd ${WORKDIR}/${P}/src/include/trousers || die
 	for f in `ls *.h` ;  do
         /usr/bin/dos2unix $f $f
 	done
+}
 src_compile() {
 	aclocal
 	automake
 	autoreconf
 	append-cflags -DSOLARIS
 	econf \
 		--with-gui=none \
 		LIBS='-lnsl -lsocket' \
 		| die "configure failed"
 	emake | die
+}
 src_install() {
 	keepdir /var/lib/tpm
 	make DESTDIR="${D}" install || die
 	dodoc AUTHORS ChangeLog NICETOHAVES README TODO
 	use doc && dodoc doc/*
 #	newinitd "${FILESDIR}/tcsd.initd" tcsd
 #	newconfd "${FILESDIR}/tcsd.confd" tcsd
+}