Re: UPDATE: productivity/mcds

Jeremie Courreges-Anglas Sun, 23 Jun 2019 04:45:33 -0700

Hi,


On Tue, Jun 18 2019, Timothy Brown <tbr...@freeshell.org> wrote:
> On Fri, May 10, 2019 at 06:19:59PM -0400, Jeremie Courreges-Anglas wrote:
>> >
>> > New patch generated without any FLAVOURS.
>
> Re-attached the patch.
>
>> >
>> > Thoughts, OK?
>> 
>> LGTM ports-wise.  Maybe Stuart has another opinion?
>> 
>> NB: I did not review the usage of pledge()
>
> Ping?

Here's a review.  Among the pledge promises there's "proc exec".
There's also an unveil("/usr/local/bin", "rx") call.  Is this because of
gpgme executing gnupg2?

If my guesses are right, I would suggest a few changes. First,
/usr/local/bin shouldn't be hardcoded, second, the order of the pledge
promises doesn't help review.  This is addressed by the updated diff
below.

There are still open questions, I think.  Does gpgme respect PATH?  Does
it allow the user to override the executed gnupg program?

Another problem is you can't use a password_file that is not under $HOME,
since mcds is the program opening said file.


Index: Makefile
===================================================================
RCS file: /cvs/ports/productivity/mcds/Makefile,v
retrieving revision 1.2
diff -u -p -r1.2 Makefile
--- Makefile    20 May 2019 22:15:22 -0000      1.2
+++ Makefile    23 Jun 2019 11:34:33 -0000
@@ -2,7 +2,7 @@
 
 COMMENT =              tty-based carddav search tool
 
-V =                    0.9
+V =                    1.2
 DISTNAME =             mcds-${V}
 CATEGORIES =           productivity
 REVISION =             0
@@ -12,16 +12,21 @@ MAINTAINER =                Timothy Brown <tbrown@free
 # GPLv3+
 PERMIT_PACKAGE_CDROM = Yes
 
-WANTLIB =              c curl iconv intl xml2
+# uses pledge()
+WANTLIB =              assuan c curl gpg-error gpgme iconv intl xml2
 
 MASTER_SITES =         https://github.com/t-brown/mcds/releases/download/v${V}/
 
 LIB_DEPENDS =          devel/gettext,-runtime \
                        net/curl \
-                       textproc/libxml
+                       textproc/libxml \
+                       security/gpgme
 
 CONFIGURE_STYLE =      gnu
 
 NO_TEST =              Yes
+
+post-configure:
+       ${SUBST_CMD} ${WRKSRC}/src/rc.c
 
 .include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/productivity/mcds/distinfo,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 distinfo
--- distinfo    2 May 2019 15:52:58 -0000       1.1.1.1
+++ distinfo    23 Jun 2019 11:34:33 -0000
@@ -1,2 +1,2 @@
-SHA256 (mcds-0.9.tar.gz) = p+H8Q94kiHDDo/pV570uCXZki5YnyC41tUDx8HgARKc=
-SIZE (mcds-0.9.tar.gz) = 194620
+SHA256 (mcds-1.2.tar.gz) = XvOuh5IgjdWF1BPE/mowwCv8BKY4l/nvmnzZEK4Pbx4=
+SIZE (mcds-1.2.tar.gz) = 201027
Index: patches/patch-src_main_c
===================================================================
RCS file: patches/patch-src_main_c
diff -N patches/patch-src_main_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_main_c    23 Jun 2019 11:34:33 -0000
@@ -0,0 +1,14 @@
+$OpenBSD$
+
+Index: src/main.c
+--- src/main.c.orig
++++ src/main.c
+@@ -86,7 +86,7 @@ main(int argc, char **argv)
+       CURL *hdl = NULL;       /* Curl handle */
+ 
+ #ifdef HAVE_PLEDGE
+-      if (pledge("dns exec inet proc stdio rpath unveil", NULL) == -1) {
++      if (pledge("stdio rpath inet dns proc exec unveil", NULL) == -1) {
+               err(1, "pledge");
+       }
+ #endif
Index: patches/patch-src_rc_c
===================================================================
RCS file: patches/patch-src_rc_c
diff -N patches/patch-src_rc_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_rc_c      23 Jun 2019 11:34:33 -0000
@@ -0,0 +1,20 @@
+$OpenBSD$
+
+Index: src/rc.c
+--- src/rc.c.orig
++++ src/rc.c
+@@ -85,11 +85,11 @@ read_rc(void)
+               return(EXIT_FAILURE);
+       }
+       if (unveil("/etc/ssl", "r") == -1) {
+-              warn(_("Unable to unveil /etc/ssl/"));
++              warn(_("Unable to unveil %s"), "/etc/ssl/");
+               return(EXIT_FAILURE);
+       }
+-      if (unveil("/usr/local/bin", "rx") == -1) {
+-              warn(_("Unable to unveil /usr/local/bin"));
++      if (unveil("${LOCALBASE}/bin", "rx") == -1) {
++              warn(_("Unable to unveil %s"), "${LOCALBASE}/bin");
+               return(EXIT_FAILURE);
+       }
+       if (unveil(NULL, NULL) == -1) {
Index: pkg/DESCR
===================================================================
RCS file: /cvs/ports/productivity/mcds/pkg/DESCR,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 DESCR
--- pkg/DESCR   2 May 2019 15:52:58 -0000       1.1.1.1
+++ pkg/DESCR   23 Jun 2019 11:34:33 -0000
@@ -1,2 +1,2 @@
 Mcds is a command line tool primarily used as a search query plugin for mutt
-to query a carddav server.
+to query a CardDav server.

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: UPDATE: productivity/mcds

Reply via email to