https://github.com/OpenSC/OpenSC/releases/tag/0.23.0
my smart card keeps working with the opensc-pkcs11.so module as tested in firefox, chrome and qdigidoc4. Upstream tries to find a library to link against for dlopen(3) unless LDL_LIB is already set, so instead of patching it for systems like ours where dlopen(3) comes from libc, pass the empty string to skip detection; I can upstream a proper fix later. LibreSSL macro guards needed fixing, but I'm not 100% sure I got them right. major bump due to symbol removal. Feedback? OK? Index: Makefile =================================================================== RCS file: /cvs/ports/security/opensc/Makefile,v retrieving revision 1.63 diff -u -p -r1.63 Makefile --- Makefile 5 Nov 2022 17:07:24 -0000 1.63 +++ Makefile 20 Jun 2023 10:49:04 -0000 @@ -1,10 +1,9 @@ COMMENT= set of libraries and utilities to access smart cards -V= 0.22.0 -REVISION= 3 +V= 0.23.0 DISTNAME= opensc-${V} -SHARED_LIBS += opensc 7.3 # 8.0 +SHARED_LIBS += opensc 8.0 # 9.0 SHARED_LIBS += smm-local 3.1 CATEGORIES= security @@ -14,8 +13,7 @@ HOMEPAGE= https://github.com/OpenSC/Open # LGPLv2.1+ PERMIT_PACKAGE= Yes -WANTLIB= c crypto curses ffi gio-2.0 glib-2.0 gmodule-2.0 gobject-2.0 \ - iconv intl pcre2-8 pthread readline z +WANTLIB= c crypto curses gio-2.0 gobject-2.0 iconv pthread readline z MASTER_SITES= https://github.com/OpenSC/OpenSC/releases/download/${V}/ @@ -24,7 +22,8 @@ BUILD_DEPENDS= security/pcsc-lite \ textproc/docbook-xsl RUN_DEPENDS= devel/desktop-file-utils \ security/ccid -TEST_DEPENDS= shells/bash +TEST_DEPENDS= security/softhsm2 \ + shells/bash LIB_DEPENDS= devel/glib2 LIBTOOL_FLAGS= --tag=disable-static @@ -37,7 +36,8 @@ CONFIGURE_ARGS= --enable-static \ --disable-cryptotokenkit \ --with-pkcs11-provider=${LOCALBASE}/lib/pkcs11/opensc-pkcs11.so \ --with-xsl-stylesheetsdir=${LOCALBASE}/share/xsl/docbook -CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include/PCSC" +CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include/PCSC" \ + LDL_LIBS=' ' FAKE_FLAGS= mandir="${PREFIX}/man/" \ sysconfdir="${PREFIX}/share/examples/opensc/" Index: distinfo =================================================================== RCS file: /cvs/ports/security/opensc/distinfo,v retrieving revision 1.17 diff -u -p -r1.17 distinfo --- distinfo 10 Mar 2022 14:37:15 -0000 1.17 +++ distinfo 20 Jun 2023 07:38:18 -0000 @@ -1,2 +1,2 @@ -SHA256 (opensc-0.22.0.tar.gz) = jU5TRxlevqMyvlhd9h3MRwMxwmlp5LBEfIUfsIRMcYY= -SIZE (opensc-0.22.0.tar.gz) = 2287020 +SHA256 (opensc-0.23.0.tar.gz) = pIRKbqA6Ui7PNeSWWXFtrLa+A/fAEKGlg6rz65Fe0uA= +SIZE (opensc-0.23.0.tar.gz) = 2366469 Index: patches/patch-configure_ac =================================================================== RCS file: /cvs/ports/security/opensc/patches/patch-configure_ac,v retrieving revision 1.14 diff -u -p -r1.14 patch-configure_ac --- patches/patch-configure_ac 28 Jun 2022 10:13:51 -0000 1.14 +++ patches/patch-configure_ac 20 Jun 2023 10:38:19 -0000 @@ -1,7 +1,7 @@ Index: configure.ac --- configure.ac.orig +++ configure.ac -@@ -414,7 +414,7 @@ AC_FUNC_STAT +@@ -427,7 +427,7 @@ AC_FUNC_STAT AC_FUNC_VPRINTF AC_CHECK_FUNCS([ \ getpass gettimeofday getline memset mkdir \ Index: patches/patch-src_libopensc_card-iasecc_c =================================================================== RCS file: patches/patch-src_libopensc_card-iasecc_c diff -N patches/patch-src_libopensc_card-iasecc_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_libopensc_card-iasecc_c 20 Jun 2023 10:38:44 -0000 @@ -0,0 +1,16 @@ +LibreSSL does provide an EVP_MD_CTX_md_data() accessor + +Index: src/libopensc/card-iasecc.c +--- src/libopensc/card-iasecc.c.orig ++++ src/libopensc/card-iasecc.c +@@ -45,10 +45,6 @@ + * LibreSSL + */ + +-#if defined(LIBRESSL_VERSION_NUMBER) +-# define EVP_MD_CTX_md_data(x) (x->md_data) +-#endif +- + #include "internal.h" + #include "asn1.h" + #include "cardctl.h" Index: patches/patch-src_libopensc_sc-ossl-compat_h =================================================================== RCS file: /cvs/ports/security/opensc/patches/patch-src_libopensc_sc-ossl-compat_h,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_libopensc_sc-ossl-compat_h --- patches/patch-src_libopensc_sc-ossl-compat_h 10 Mar 2022 14:37:15 -0000 1.6 +++ patches/patch-src_libopensc_sc-ossl-compat_h 20 Jun 2023 10:40:03 -0000 @@ -1,12 +1,18 @@ +LibreSSL does provide EVP_sha3_*() and EVP_PKEY_new(3) + Index: src/libopensc/sc-ossl-compat.h --- src/libopensc/sc-ossl-compat.h.orig +++ src/libopensc/sc-ossl-compat.h -@@ -71,7 +71,7 @@ extern "C" { - #define EVP_PKEY_base_id(x) (x->type) +@@ -49,12 +49,6 @@ extern "C" { + #if LIBRESSL_VERSION_NUMBER < 0x30500000L + #define FIPS_mode() (0) + #endif +-#define EVP_sha3_224() (NULL) +-#define EVP_sha3_256() (NULL) +-#define EVP_sha3_384() (NULL) +-#define EVP_sha3_512() (NULL) +-#define EVP_PKEY_new_raw_public_key(t, e, p, l) (NULL) +-#define EVP_PKEY_get_raw_public_key(p, pu, l) (0) #endif --#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - #define RSA_PKCS1_OpenSSL RSA_PKCS1_SSLeay - - #define X509_get_extension_flags(x) (x->ex_flags) + /* OpenSSL 1.1.1 has FIPS_mode function */ Index: patches/patch-src_libopensc_sc_c =================================================================== RCS file: /cvs/ports/security/opensc/patches/patch-src_libopensc_sc_c,v retrieving revision 1.4 diff -u -p -r1.4 patch-src_libopensc_sc_c --- patches/patch-src_libopensc_sc_c 13 Oct 2022 13:11:27 -0000 1.4 +++ patches/patch-src_libopensc_sc_c 20 Jun 2023 09:29:45 -0000 @@ -7,7 +7,7 @@ but we might as well use this which conc Index: src/libopensc/sc.c --- src/libopensc/sc.c.orig +++ src/libopensc/sc.c -@@ -912,14 +912,18 @@ void *sc_mem_secure_alloc(size_t len) +@@ -923,14 +923,18 @@ void *sc_mem_secure_alloc(size_t len) len = pages * page_size; } @@ -28,7 +28,7 @@ Index: src/libopensc/sc.c #endif return p; -@@ -927,10 +931,14 @@ void *sc_mem_secure_alloc(size_t len) +@@ -938,10 +942,14 @@ void *sc_mem_secure_alloc(size_t len) void sc_mem_secure_free(void *ptr, size_t len) { Index: patches/patch-src_pkcs11_Makefile_am =================================================================== RCS file: /cvs/ports/security/opensc/patches/patch-src_pkcs11_Makefile_am,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_pkcs11_Makefile_am --- patches/patch-src_pkcs11_Makefile_am 28 Jun 2022 10:13:51 -0000 1.6 +++ patches/patch-src_pkcs11_Makefile_am 20 Jun 2023 10:41:38 -0000 @@ -1,3 +1,6 @@ +- Fix lib and pkgconfig directories +- Neuter install-exec-hook target + Index: src/pkcs11/Makefile.am --- src/pkcs11/Makefile.am.orig +++ src/pkcs11/Makefile.am @@ -9,9 +12,9 @@ Index: src/pkcs11/Makefile.am MAINTAINERCLEANFILES = $(srcdir)/Makefile.in $(srcdir)/versioninfo-pkcs11.rc $(srcdir)/versioninfo-pkcs11-spy.rc EXTRA_DIST = Makefile.mak versioninfo-pkcs11.rc.in versioninfo-pkcs11-spy.rc.in opensc-pkcs11.pc.in opensc-pkcs11.dll.manifest onepin-opensc-pkcs11.dll.manifest -@@ -24,10 +26,6 @@ OPENSC_PKCS11_LIBS = \ - $(top_builddir)/src/common/libcompat.la \ - $(OPENPACE_LIBS) $(OPTIONAL_OPENSSL_LIBS) $(PTHREAD_LIBS) +@@ -27,10 +29,6 @@ if WIN32 + OPENSC_PKCS11_LIBS += -lshlwapi + endif -pkgconfigdir = $(libdir)/pkgconfig -pkgconfig_DATA = opensc-pkcs11.pc @@ -20,19 +23,11 @@ Index: src/pkcs11/Makefile.am opensc_pkcs11_la_SOURCES = $(OPENSC_PKCS11_SRC) $(OPENSC_PKCS11_INC) opensc_pkcs11_la_CFLAGS = $(OPENSC_PKCS11_CFLAGS) opensc_pkcs11_la_LIBADD = $(OPENSC_PKCS11_LIBS) -@@ -69,15 +67,6 @@ install-exec-hook: - for l in opensc-pkcs11.dll pkcs11-spy.dll; do \ - mv "$(DESTDIR)$(libdir)/$$l" "$(DESTDIR)$(bindir)/$$l"; \ - done --else --# see http://wiki.cacert.org/wiki/Pkcs11TaskForce --install-exec-hook: -- $(MKDIR_P) "$(DESTDIR)$(pkcs11dir)" -- for l in opensc-pkcs11$(DYN_LIB_EXT) onepin-opensc-pkcs11$(DYN_LIB_EXT) pkcs11-spy$(DYN_LIB_EXT); do \ -- rm -f "$(DESTDIR)$(pkcs11dir)/$$l"; \ -- $(LN_S) ../$$l "$(DESTDIR)$(pkcs11dir)/$$l"; \ -- done -- - endif - - TIDY_FLAGS = $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) $(OPENSC_PKCS11_CFLAGS) +@@ -81,6 +79,7 @@ uninstall-hook: + else + # see http://wiki.cacert.org/wiki/Pkcs11TaskForce + install-exec-hook: ++neutered: + $(MKDIR_P) "$(DESTDIR)$(pkcs11dir)" + for l in opensc-pkcs11$(DYN_LIB_EXT) onepin-opensc-pkcs11$(DYN_LIB_EXT) pkcs11-spy$(DYN_LIB_EXT); do \ + rm -f "$(DESTDIR)$(pkcs11dir)/$$l"; \ Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/security/opensc/pkg/PLIST,v retrieving revision 1.16 diff -u -p -r1.16 PLIST --- pkg/PLIST 16 Mar 2022 10:16:26 -0000 1.16 +++ pkg/PLIST 20 Jun 2023 10:31:55 -0000 @@ -7,7 +7,6 @@ @bin bin/goid-tool @bin bin/iasecc-tool @bin bin/netkey-tool -@bin bin/npa-tool @bin bin/openpgp-tool @bin bin/opensc-asn1 @bin bin/opensc-explorer @@ -106,8 +105,6 @@ share/opensc/iasecc_generic_oberthur.pro share/opensc/iasecc_generic_pki.profile share/opensc/incrypto34.profile share/opensc/isoApplet.profile -share/opensc/jcop.profile -share/opensc/miocos.profile share/opensc/muscle.profile share/opensc/myeid.profile share/opensc/oberthur.profile