Revision bump to fix config file; also add OpenSC to the dependencies (since it's always used), add an nss USE flag to use nss as upstream allows (but make sure to have a compatible curl if requested). Update metadata to add pam to the list of maintainers and to update the documentation of pcsc-lite USE flag (now enabled by default).

(Portage version: 2.2.0_alpha2/cvs/Linux x86_64)

4 files changed, 38 insertions, 108 deletions

diff --git a/sys-auth/pam_pkcs11/ChangeLog b/sys-auth/pam_pkcs11/ChangeLog
index 1aadf95fc495..b58fa2590f41 100644
--- a/sys-auth/pam_pkcs11/ChangeLog
+++ b/sys-auth/pam_pkcs11/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for sys-auth/pam_pkcs11
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.17 2010/10/24 11:05:20 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.18 2010/10/30 16:22:53 flameeyes Exp $
+
+*pam_pkcs11-0.6.5-r1 (30 Oct 2010)
+
+  30 Oct 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+  -pam_pkcs11-0.6.4.ebuild, -pam_pkcs11-0.6.5.ebuild,
+  +pam_pkcs11-0.6.5-r1.ebuild, metadata.xml:
+  Revision bump to fix config file; also add OpenSC to the dependencies
+  (since it's always used), add an nss USE flag to use nss as upstream
+  allows (but make sure to have a compatible curl if requested). Update
+  metadata to add pam to the list of maintainers and to update the
+  documentation of pcsc-lite USE flag (now enabled by default).
 
 *pam_pkcs11-0.6.5 (24 Oct 2010)
 
diff --git a/sys-auth/pam_pkcs11/metadata.xml b/sys-auth/pam_pkcs11/metadata.xml
index 6dd3800ee724..ef57df14fec2 100644
--- a/sys-auth/pam_pkcs11/metadata.xml
+++ b/sys-auth/pam_pkcs11/metadata.xml
@@ -1,9 +1,16 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<herd>crypto</herd>
-<use>
-	<flag name='pcsc-lite'>build with <pkg>sys-apps/pcsc-lite</pkg> instead of
-		<pkg>dev-libs/openct</pkg></flag>
-</use>
+  <herd>crypto</herd>
+  <herd>pam</herd>
+  <use>
+    <flag name='pcsc-lite'>
+      Build the card_eventmanager binary used to detect card removal and lock the sessions. This
+      needs <pkg>sys-apps/pcsc-lite</pkg>.
+    </flag>
+    <flag name='nss'>
+      Use Mozilla NSS (<pkg>dev-libs/nss</pkg>) as provider for PKCS#11 access, rather than using
+      OpenSSL with a custom implementation of the PKC#11 protocol.
+    </flag>
+  </use>
 </pkgmetadata>
diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild
deleted file mode 100644
index 95b754fc9fc9..000000000000
--- a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.4.ebuild,v 1.1 2010/06/14 21:59:21 arfrever Exp $
-
-EAPI="3"
-
-inherit multilib pam
-
-DESCRIPTION="PKCS#11 PAM library"
-HOMEPAGE="http://www.opensc-project.org/pam_pkcs11"
-SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="curl ldap pcsc-lite"
-
-RDEPEND="sys-libs/pam
-	dev-libs/openssl
-	curl? ( net-misc/curl )
-	ldap? ( net-nds/openldap )
-	pcsc-lite? ( sys-apps/pcsc-lite )"
-DEPEND="${RDEPEND}
-	dev-util/pkgconfig"
-
-src_prepare() {
-	# Fix the example files to be somewhat decent, and usable as
-	# default configuration
-	sed -i \
-		-e '/try_first_pass/s:false:true:' \
-		-e '/debug =/s:true:false:' \
-		-e "s:/usr/lib:/usr/$(get_libdir):g" \
-		etc/pam_pkcs11.conf.example.in \
-		etc/pkcs11_eventmgr.conf.example || die "sed failed"
-}
-
-src_configure() {
-	econf \
-		$(use_with curl) \
-		$(use_with pcsc-lite pcsclite) \
-		$(use_with ldap) \
-		--docdir=/usr/share/doc/${PF}
-}
-
-src_install() {
-	emake DESTDIR="${D}" pamdir="$(getpam_mod_dir)" install || die "emake install failed"
-
-	# These are all dlopened plugins, so .la files are useless.
-	find "${D}" -name '*.la' -delete || die
-
-	dodoc AUTHORS ChangeLog NEWS README TODO || die
-
-	# Move the make_hash_link script somehwere safe, it's _way_ too
-	# generic of a name to use.
-	dodir /usr/share/${PN}
-	mv "${D}"/usr/bin/make_hash_link.sh "${D}"/usr/share/${PN} || die
-
-	# Provide some basic configuration
-	keepdir /etc/pam_pkcs11{,/{cacerts,crl}}
-
-	insinto /etc/pam_pkcs11
-	newins etc/pam_pkcs11.conf.example pam_pkcs11.conf || die
-	newins etc/pkcs11_eventmgr.conf.example pkcs11_eventmgr.conf || die
-}
-
-pkg_config() {
-	local dir
-	for dir in "${ROOT}"/etc/${PN}/{cacerts,crl}; do
-		pushd "${dir}" &> /dev/null
-		ebegin "Creating hash links in '${dir}'"
-		"${ROOT}"/usr/share/${PN}/make_hash_link.sh || die
-		eend $?
-		popd &> /dev/null
-	done
-}
-
-pkg_postinst() {
-	elog "You probably want to configure the /etc/${PN}/${PN}.conf file."
-	elog "with the settings for your pkcs11 provider."
-	elog ""
-	elog "You might also want to set up /etc/${PN}/pkcs11_eventmgr.conf"
-	elog "with the settings for the event manager, and start it up at"
-	elog "user login."
-}
-
-# TODO list!
-#
-# - we need to find a way allow the user to choose whether to start the
-#   event manager at _all_ the logins, and if that's the case, lock all
-#   kind of sessions (terminal _and_ X);
-# - upstream should probably migrate the configuration of the event
-#   manager on a per-user basis, since it makes little sense to be _all_
-#   system-level configuration;
-# - we should probably provide some better config support that ensures
-#   the configuration to be valid, as well as creating the symlinks;
-# - we should probably add support for nss;
-# - we should move the configuration in /etc/security as for the rest
-#   of PAM-related configuration.
diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild
index c963db26f532..728f80474a94 100644
--- a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild
+++ b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5.ebuild,v 1.1 2010/10/24 11:05:20 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild,v 1.1 2010/10/30 16:22:53 flameeyes Exp $
 
 EAPI="3"
 
@@ -13,15 +13,24 @@ SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz"
 LICENSE="LGPL-2.1"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-IUSE="curl ldap pcsc-lite"
+IUSE="curl ldap +pcsc-lite nss"
 
 RDEPEND="sys-libs/pam
-	dev-libs/openssl
+	!nss? (
+		dev-libs/openssl
+		curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,-nss,-gnutls] ) )
+	)
+	nss? (
+		dev-libs/nss
+		curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,nss,-gnutls] ) )
+	)
 	curl? ( net-misc/curl )
 	ldap? ( net-nds/openldap )
 	pcsc-lite? ( sys-apps/pcsc-lite )"
 DEPEND="${RDEPEND}
 	dev-util/pkgconfig"
+RDEPEND="${RDEPEND}
+	dev-libs/opensc"
 
 src_prepare() {
 	# Fix the example files to be somewhat decent, and usable as
@@ -29,7 +38,7 @@ src_prepare() {
 	sed -i \
 		-e '/try_first_pass/s:false:true:' \
 		-e '/debug =/s:true:false:' \
-		-e "s:/usr/lib:/usr/$(get_libdir):g" \
+		-e 's:\(/usr\|\${exec_prefix}\)/lib/:/usr/'$(get_libdir)/':g' \
 		etc/pam_pkcs11.conf.example.in \
 		etc/pkcs11_eventmgr.conf.example || die "sed failed"
 
@@ -42,6 +51,7 @@ src_configure() {
 		$(use_with curl) \
 		$(use_with pcsc-lite pcsclite) \
 		$(use_with ldap) \
+		$(use_with nss) \
 		--docdir=/usr/share/doc/${PF}
 }