*/*: remove GNU_CONFIGURE_MANPREFIX after move man pages to share/man

Approved by:	portmgr (blanket)

security/trousers: Move man pages to share/man

Approved by:	portmgr (blanket)

security/trousers: Fix tcsd.conf permissions

It turns out that tcsd requires the ownership of tcsd.conf file to be
set to root:_tss.  See trousers-0.3.14_3/src/tcsd/tcsd_conf.c for
details. Otherwise, tcsd fails:

    # service tcsd start
    Starting tcsd.
    /usr/local/etc/rc.d/tcsd: WARNING: failed to start tcsd
    # tail /var/log/messages
    Nov  4 11:24:43 x TCSD[1298]: TrouSerS ERROR: TCSD config file
(/usr/local/etc/tcsd.conf) must be user/group root/_tss
    Nov  4 11:24:43 x 0mp[2372]: /usr/local/etc/rc.d/tcsd: WARNING: failed to
start tcsd

Also, the mode of the configuration file has to be 640.

PR:		253858
Reported by:	unitrunker <unitrunker@gmail.com>
Approved by:	maintainer timeout, portmgr blanket (runtime error)
Sponsored by:	Klara, Inc.

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

security: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Aldis Berjoza <aldis@bsdroot.lv>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Kapranoff <kappa@rambler-co.ru>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexander Botero-Lowry <alex@foxybanana.com>
  *  Alexander Kriventsov <avk@vl.ru>
  *  Alexander Leidinger <netchild@FreeBSD.org>

security/trousers: Add CPE information

Approved by:	portmgr (blanket)

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

security/trousers: fix security issues

Fix three security issues in security/trousers:

* CVE-2020-24332
  If the tcsd daemon is started with root privileges,
  the creation of the system.data file is prone to symlink attacks

* CVE-2020-24330
  If the tcsd daemon is started with root privileges,
  it fails to drop the root gid after it is no longer needed

* CVE-2020-24331
  If the tcsd daemon is started with root privileges,
  the tss user has read and write access to the /etc/tcsd.conf file

Add patches to fix potential use-after-free
Fix build with -fno-common

MFH:		2020Q3
Security:	e37a0a7b-e1a7-11ea-9538-0c9d925bbbc0

Convert to UCL & cleanup pkg-message (categories s)

security/trousers: Fix build with LibreSSl 2.7

 - LibreSSL 2.7 adds OpenSSL 1.1 API

PR:		227169
Approved by:	maintainer time-out

security/trousers: fix distinfo

- see the PR for the diff between the two distfiles

PR:		221105
MFH:		2018Q1
Approved by:	hrs (maintainer timeout)

Update WWW: SF redirects to https://sourceforge.net/projects/<PROJECT_NAME>/

security/trousers: Fix libressl support regression

The CFLAGS and LDFLAGS additions introduced on 9 Sep 16 are critical
to supporting building with LibreSSL.  They were removed with the
last version upgrade, so put them back again.

Approved by:	SSL blanket

security/trousers: Fix compilation with LibreSSL

This was causing the build of security/gnutls to fail when the
TPM option was enabled and make.conf contained
DEFAULT_VERSIONS+=ssl=libressl. The gnutls configure script failed to
successfully link against the libtspi.so library, and therefore
determined the tss library was not suitable and disabled TPM.
/usr/local/lib/libtspi.so: undefined reference to `RSA_set0_key'
This caused the gnutls build to fail during staging due to an incorrect
PLIST (missing bin/tpmtool).

As of version 0.3.14, TrouSerS utilises the new OpenSSL function
RSA_set0_key, which was only introduced in OpenSSL 1.1.0 and is not in
LibreSSL (yet).

Update to 0.3.14.  TrouSerS has been under 3-clause BSDL since 0.3.11.

security/trousers: Set CFLAGS and LDFLAGS for SSL support

Approved by:	SSL blanket

- Fix command in pkg-message
- While here, switch to USES=ssl and silence mkdir

PR:		205649
Submitted by:	teksimian@gmail.com
Approved by:	maintainer timeout (hrs, 8 months)

With the power of USES=dos2unix, get rid of most patches and files
with CRLF.

While there, run make makepatch, rename patches to use the new scheme,
and various fixes.

With hat:	portmgr
Sponsored by:	Absolight

Add -I${top_srcdir}/src/include into CFLAGS for libtcs_emu.a.  This was
forgotten in the previous commit.

Fix tcs/Makefile.am to use -I${top_srcdir}/src/include before
-I@OPENSSL_INCLUDE_DIR@.

Fix an include path issue when security/openssl and
LOCALBASE/include/tddl.h are installed.

- No need to specify master site subdirectory when it's the same as default

Approved by:	portmgr blanket

security/trousers:

- Update to 0.3.13.
- Remove CONFLICTS with emulators/tpm-emulator.

  Two separate binaries, sbin/tcsd (for actual TPM device) and
  sbin/tcsd_emu (for TPM emulator) are now installed.  rc.d/tcsd chooses
  one of them depending on $tcsd_mode.  When tcsd_mode="native" (default)
  it runs sbin/tcsd, and when tcsd_mode="emulator" it runs sbin/tcsd_emu.
  Note that sbin/tcsd_emu depends on tpmd in emulators/tpm-emulator.

- Simplify @sample.

emulators/tpm-emulator:

- Remove CONFLICTS with security/trousers.
- Simplify rc.d/tpmd.

Convert to @sample

Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight

Convert to USES=autoreconf

Cleanup plist

Add USES=alias to several ports

Alias is a new USES tool that allows DragonFly to masquerade as FreeBSD
by setting CFLAGS+= -D__FreeBSD__.  For some ports, this fixes the build
without the need for additional patches.

Approved by:	portmgr (bapt, blanket)

Fix build when security/openssl is installed.

PR:	193583

Remove reference to my_init and my_fini.  These functions were causing
symbol conflicts with other software like MySQL.

PR:	192156

- Convert security/trousers to USES=libtool and bump dependent ports
- Use standard USE_AUTOTOOLS
- Add INSTALL_TARGET=install-strip
- Drop PTHREAD_LIBS

- Fix build (ranlib: fatal: Failed to open 'libtddl.a') [*].
- Fix build when EMULATOR is enabled.

Reported by:	John Hein[*] and Andrzej Tobola[*]

Fix rc script: Use proper SERVERS dependency.

Fix properties on pkg-plist

Set tcsd_enable=NO by default if unset.

Pointed out by:	olgeni

Fix iconv and pthread dependency.

- Fix pkg-plist [*].
- Use new syntax in LIB_DEPENDS.

Spotted by:	hiren [*]

Fix build.

Reported by:	pkg-fallout

Add STAGEDIR support.

Add NO_STAGE all over the place in preparation for the staging support (cat:
security)

- Make ports use the libc provided iconv implementation on 10-CURRENT
  after r254273
- Fix a bunch of ports to properly work after this
- Mark converters/libiconv as IGNORE for systems with iconv in libc

Reviewed by:	bapt
Approved by:	portmgr (bapt)
Discussed with:	bapt, bsam (who both contributed ideas and code)

- Unbreak clang build.
- Remove PORTEXAMPLES.  pkg-plist was broken due to it[*].
- Add extra patches for EMULATOR option.
- Create /var/run/{tpm,ima} in rc.d/tcsd script.

Spotted by:	antoine [*]

Update to 0.3.10.

- Add WWW: line to pkg-descr.
- Style cleanups.
- Take maintainership.

- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
  USE_GETTEXT=yes to USES=gettext while here

Finish converting the whole ports tree to USES=pkgconfig

Variable that start with _ are considered private to the defining
makefile and may not be used by ports makefiles.
In addition, avoid problems should the defaults ever change.

Approved by:	portmgr (tabthorpe)

Force numerous ports that fail to build with clang over to instead always
rely on gcc.  The patch uses the new USE_GCC=any code in Mk/bsd.gcc.mk to
accomplish this.

The ports chosen were ports that blocked 2 or more ports from building with
clang.  (There are several hundred other ports that still fail to build with
clang, even with this patch.  This is merely one step along the way.)

Those interested in fixing these ports with clang, and have clang as their
default compiler, can simply set FORCE_BASE_CC_FOR_TESTING=yes.

For those who have gcc as their default compiler, this change is believed
to cause no change.

Hat:		portmgr
Tested with:	multiple runs on amd64-8-exp-bcm and 9-exp-clang, with various
		combinations of patch/no-patch and flag settings.

Convert to new options framework

- Reassign nork@ ports to the heap
- Thank you for your years of service, we hope to see you back

Approved by:	portmgr

new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)

In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.

All cleanup done (PREFIX clean, permission clean), and bump PORTREVISION.

o Fix start-up point before openssl clients like named, hastd, kerberos...
o Add required tpmd (ports/emulators/tpm-emulator).
o Bump PORTREVISION, accordingly.

Fix build error WITH_EMULATOR.

Sync to new bsd.autotools.mk

Build static library.

Pointed out by:         QAT and pointyhat via pav/edwin

UnBROKEN.
o Add implicit dependency on pkg-config.
o Don't run-autotools-*, twice.

- Mark BROKEN: does not configure

Reported by:    pointyhat

Fix build dependency on automake.

Reported by:    QAT

Fix dependency on tpm-emulator.

Pointy hat to:  myself

Add trousers 0.3.6, is a CPL (Common Public License) licensed Trusted
Computing Software Stack.  It is mostly compliant with the TSS 1.2
specification.

Obtained from:  http://bsssd.sourceforge.net/