[MacPorts] #61884: yubico-piv-tool fails to build after libressl upgrade to 3.2.3

MacPorts noreply at macports.org
Mon Dec 21 04:04:17 UTC 2020 

#61884: yubico-piv-tool fails to build after libressl upgrade to 3.2.3
------------------------------+--------------------
  Reporter:  bK4gYuRo         |      Owner:  (none)
      Type:  defect           |     Status:  new
  Priority:  Normal           |  Milestone:
 Component:  ports            |    Version:
Resolution:                   |   Keywords:
      Port:  yubico-piv-tool  |
------------------------------+--------------------

Comment (by bK4gYuRo):

 Shouldn't build process use something like this to point to the library in
 a temporary location:
 {{{
 $
 DYLD_FALLBACK_LIBRARY_PATH=/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports
 .org_macports_release_tarballs_ports_security_yubico-piv-tool/yubico-piv-
 tool/work/Yubico-yubico-piv-tool-6752c30/lib ./yubico-piv-tool --help
 yubico-piv-tool 2.1.1

 Usage: yubico-piv-tool [OPTIONS]...

   -h, --help               Print help and exit
       --full-help          Print help, including hidden options, and exit
   -V, --version            Print version and exit
   -v, --verbose[=INT]      Print more information  (default=`0')
   -r, --reader=STRING      Only use a matching reader  (default=`Yubikey')
   -k, --key[=STRING]       Management key to use, if no value is specified
 key
                              will be asked for
 (default=`010203040506070801020304050607080102030405060708')
   -a, --action=ENUM        Action to take  (possible values="version",
                              "generate", "set-mgm-key", "reset",
                              "pin-retries", "import-key",
                              "import-certificate", "set-chuid",
                              "request-certificate", "verify-pin",
                              "change-pin", "change-puk", "unblock-pin",
                              "selfsign-certificate", "delete-certificate",
                              "read-certificate", "status",
                              "test-signature", "test-decipher",
                              "list-readers", "set-ccc", "write-object",
                              "read-object", "attest")

        Multiple actions may be given at once and will be executed in order
        for example --action=verify-pin --action=request-certificate

   -s, --slot=ENUM          What key slot to operate on  (possible
                              values="9a", "9c", "9d", "9e", "82",
                              "83", "84", "85", "86", "87", "88",
                              "89", "8a", "8b", "8c", "8d", "8e",
                              "8f", "90", "91", "92", "93", "94",
                              "95", "f9")

        9a is for PIV Authentication
        9c is for Digital Signature (PIN always checked)
        9d is for Key Management
        9e is for Card Authentication (PIN never checked)
        82-95 is for Retired Key Management
        f9 is for Attestation

   -A, --algorithm=ENUM     What algorithm to use  (possible
 values="RSA1024",
                              "RSA2048", "ECCP256", "ECCP384"
                              default=`RSA2048')
   -H, --hash=ENUM          Hash to use for signatures  (possible
                              values="SHA1", "SHA256", "SHA384",
                              "SHA512" default=`SHA256')
   -n, --new-key=STRING     New management key to use for action set-mgm-
 key, if
                              omitted key will be asked for
       --pin-retries=INT    Number of retries before the pin code is
 blocked
       --puk-retries=INT    Number of retries before the puk code is
 blocked
   -i, --input=STRING       Filename to use as input, - for stdin
 (default=`-')
   -o, --output=STRING      Filename to use as output, - for stdout
                              (default=`-')
   -K, --key-format=ENUM    Format of the key being read/written  (possible
                              values="PEM", "PKCS12", "GZIP", "DER",
                              "SSH" default=`PEM')
   -p, --password=STRING    Password for decryption of private key file, if
                              omitted password will be asked for
   -S, --subject=STRING     The subject to use for certificate request

        The subject must be written as:
        /CN=host.example.com/OU=test/O=example.com/

       --serial=INT         Serial number of the self-signed certificate
       --valid-days=INT     Time (in days) until the self-signed
 certificate
                              expires  (default=`365')
   -P, --pin=STRING         Pin/puk code for verification, if omitted
 pin/puk
                              will be asked for
   -N, --new-pin=STRING     New pin/puk code for changing, if omitted
 pin/puk
                              will be asked for
       --pin-policy=ENUM    Set pin policy for action generate or import-
 key.
                              Only available on YubiKey 4  (possible
                              values="never", "once", "always")
       --touch-policy=ENUM  Set touch policy for action generate, import-
 key or
                              set-mgm-key. Only available on YubiKey 4
                              (possible values="never", "always",
                              "cached")
       --id=INT             Id of object for write/read object
   -f, --format=ENUM        Format of data for write/read object  (possible
                              values="hex", "base64", "binary"
                              default=`hex')
       --attestation        Add attestation cross-signature  (default=off)
 }}}

-- 
Ticket URL: <https://trac.macports.org/ticket/61884#comment:3>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list