From c74dc17c6fa35eb92701f8398a25c0099f881d57 Mon Sep 17 00:00:00 2001 From: manu Date: Mon, 14 Aug 2023 16:08:32 +0000 Subject: [PATCH] Fix for security/opensc regression When security/opensc was updated to 0.23.0, it gained a --enable-notify configure flag. The feature adds a libopensc dependency on libglib, which in turns brings libpthread into the game. When using the opensc-pkcs11.so module with a non threaded program such as ssh(1), libopensc will load some thread-enabled glib function that attemps to initialize pthread stuff. That would require libpthread to be linked in, and if it is not the case, module load aborts. Here is the crash in action: Program received signal SIGABRT, Aborted. 0x000072403899c46a in _lwp_kill () from /lib/libc.so.12 (gdb) bt #0 0x000072403899c46a in _lwp_kill () from /lib/libc.so.12 #1 0x0000724038849223 in __libc_thr_create_stub () from /lib/libc.so.12 #2 0x0000724036a9c3ee in ?? () #3 0x0000000000000000 in ?? () This change turns the notify feature into a disabled by default option so that opensc-pkcs11.so can work agan with ssh(1). --- security/opensc/Makefile | 6 ++---- security/opensc/PLIST | 4 ++-- security/opensc/options.mk | 16 +++++++++++++++- 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/security/opensc/Makefile b/security/opensc/Makefile index 1563c6c89de7..d777ac48da3e 100644 --- a/security/opensc/Makefile +++ b/security/opensc/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.40 2023/06/06 12:42:14 riastradh Exp $ +# $NetBSD: Makefile,v 1.41 2023/08/14 16:08:32 manu Exp $ DISTNAME= opensc-0.23.0 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=OpenSC/} @@ -20,7 +20,6 @@ GNU_CONFIGURE= yes CONFIGURE_ARGS+= --disable-autostart-items CONFIGURE_ARGS+= --disable-cmocka CONFIGURE_ARGS+= --disable-strict # avoid -Werror -CONFIGURE_ARGS+= --enable-notify CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} # The stylesheets are not found without this. CONFIGURE_ARGS+= --with-xsl-stylesheetsdir=${PREFIX}/share/xsl/docbook @@ -37,7 +36,6 @@ INSTALLATION_DIRS= ${EGDIR} post-install: ${INSTALL_DATA} ${WRKSRC}/etc/opensc.conf.example ${DESTDIR}${EGDIR}/opensc.conf -.include "../../devel/glib2/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../security/openssl/buildlink3.mk" # build tools for doc; should be TOOLS diff --git a/security/opensc/PLIST b/security/opensc/PLIST index a7db554539f3..549606a01452 100644 --- a/security/opensc/PLIST +++ b/security/opensc/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.14 2023/02/21 17:23:07 adam Exp $ +@comment $NetBSD: PLIST,v 1.15 2023/08/14 16:08:32 manu Exp $ bin/cardos-tool bin/cryptoflex-tool bin/dnie-tool @@ -11,7 +11,7 @@ bin/netkey-tool bin/openpgp-tool bin/opensc-asn1 bin/opensc-explorer -bin/opensc-notify +${NOTIFY}bin/opensc-notify bin/opensc-tool bin/piv-tool bin/pkcs11-register diff --git a/security/opensc/options.mk b/security/opensc/options.mk index e03f3c9ec4e4..83027d30b5b4 100644 --- a/security/opensc/options.mk +++ b/security/opensc/options.mk @@ -1,4 +1,4 @@ -# $NetBSD: options.mk,v 1.6 2023/02/21 17:23:07 adam Exp $ +# $NetBSD: options.mk,v 1.7 2023/08/14 16:08:32 manu Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.opensc @@ -6,6 +6,11 @@ PKG_OPTIONS_VAR= PKG_OPTIONS.opensc # that exactly one be chosen. PKG_OPTIONS_REQUIRED_GROUPS= cardreader PKG_OPTIONS_GROUP.cardreader= pcsc-lite openct + +# The notify option will cause programs not linked with libpthread +# to abort when loading the opensc-pkcs11.so module. The most notable +# example of such a program is ssh(1). +PKG_SUPPORTED_OPTIONS= notify PKG_SUGGESTED_OPTIONS= pcsc-lite .include "../../mk/bsd.options.mk" @@ -38,3 +43,12 @@ CONFIGURE_ARGS+= --enable-openct .else CONFIGURE_ARGS+= --disable-openct .endif + +.if !empty(PKG_OPTIONS:Mnotify) +.include "../../devel/glib2/buildlink3.mk" +CONFIGURE_ARGS+= --enable-notify +PLIST_SUBST+= NOTIFY="" +.else +CONFIGURE_ARGS+= --disable-notify +PLIST_SUBST+= NOTIFY="@comment " +.endif