pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/keychain
Module Name: pkgsrc
Committed By: vins
Date: Sat May 3 16:08:16 UTC 2025
Modified Files:
pkgsrc/security/keychain: DESCR Makefile distinfo
Log Message:
security/keychain: update to 2.9.2
# pkgsrc changes
* Project's Makefile is now bmake compatible. Use it to generate script and
man page at build stage.
* Taking maintainership.
# upstream changes (since release 2.8.5)
## keychain 2.9.2 (2 May 2025)
This is primarily a bug fix release, but also introduces the new `--extended`
option -- see below:
* Deprecate `--confhost` option and replace with `--extended` option. The old
`--confhost myhost` would now be `--extended host:myhost`. This also allows
specifying SSH keys (`sshk:` prefix), GPG keys ( `gpgk:` prefix) and hosts
(`host:` prefix) together without confusion.
* Well, I became intimately familiar with `IFS` the hard way. Fix 2.9.1 bug
[#159](http://github.com/funtoo/keychain/issues/159) by reworking IFS settings and
adding proper documentation to the right places. This fixes the `--timeout` option
and also now allows `--stop` to work properly which was broken.
* Improve `--agents` deprecation warning.
* Have keychain properly adopt a currently-running gpg-agent providing ssh-agent
functionality when `--ssh-use-gpg` is specified.
* Explicitly clean up known-bad pidfiles during processing.
* Deprecate `--confhost` option and replace with new `--extended` option.
* Improve host-based key processing by using `ssh -G` to officially extract
host-based keys.
* Make `Makefile` BSD-compatible.
## keychain 2.9.1 (1 May 2025)
This release fixes a major bug related to the `--eval` option with non-Bourne shells.
* Fix `--eval` option so it works with non-Bourne shells ([#158](http://github.com/funtoo/keychain/issues/158)).
* Last-minute option change: replace `--ssh-wipe` and `--gpg-wipe` with `--wipe [ssh|gpg|all]`.
* Deprecate `--attempts` option which doesn't work with gpg-agent pinentry nor modern OpenSSH.
* More script rewriting -- default to IFS of newline in the script, totally rework SSH and GPG
key adding code.
* Remove undocumented and likely unused `--` option.
* Script is now at a svelte 1049 lines of code.
## keychain 2.9.0 (30 Apr 2025)
These release notes contain a summary of all changes, including cumulative
changes in pre-releases:
* A new release after 8 years, with Daniel Robbins (script creator) returning as maintainer.
* 60% of the script has been rewritten, and is now compliant with
[ShellCheck](http://shellcheck.net).
* `--agents` and `--inherit` options have been deprecated to improve ease-of-use.
* `gpg-agent` no longer started by default -- only when a GPG key has been provided on the
command-line. GnuPG 2.1+ supported.
* GnuPG pidfiles with `-gpg` extension are deprecated and no longer used.
* Better GnuPG integration: `gpg-agent` can be used for SSH key storage. This can be enabled
by specifying one of the new `--ssh-allow-gpg` and `--ssh-spawn-gpg` options. Agent information
for `gpg-agent`'s SSH socket will be stored in the regular pidfile for compatibility.
* Add `--ssh-rm`, `--ssh-wipe`, `--gpg-wipe` options for removing/wiping SSH and GPG keys. This addresses
GitHub Issue [#153](http://github.com/funtoo/keychain/issues/153).
* `--clear` option is now designed to be used for "initial clearing" of keys only.
* Many user interface output improvements, to provide additional detail.
* `--debug` option which can be used to troubleshoot issues with keychain.
* Manual page significantly improved: New section on invocation, as well as documentation of
the startup and agent detection algorithm.
* Addition of `--ssh-agent-socket` option to manually specify desired path of the ssh-agent socket
when starting.
* Addition of `--confallhosts` to load identity files for all hosts.
* Various bug fixes and improvements.
* Script size reduced from 1500 to 1133 lines.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/keychain/DESCR
cvs rdiff -u -r1.40 -r1.41 pkgsrc/security/keychain/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/keychain/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/keychain/DESCR
diff -u pkgsrc/security/keychain/DESCR:1.2 pkgsrc/security/keychain/DESCR:1.3
--- pkgsrc/security/keychain/DESCR:1.2 Tue Dec 24 00:47:43 2002
+++ pkgsrc/security/keychain/DESCR Sat May 3 16:08:16 2025
@@ -1,6 +1,7 @@
-Keychain is a shell script which acts as user-friendly front-end to
-ssh-agent(1), allowing you to have one long-running ssh-agent process per
-system rather than per login session.
-
-Please study the documentation on the keychain website carefully since
-incorrect usage of this script may have certain security implications.
+Keychain helps you to manage SSH and GPG keys in a convenient and secure
+manner. It acts as a frontend to ssh-agent and ssh-add, but allows you
+to easily have one long running ssh-agent process per system, rather
+than the norm of one ssh-agent per login session. Keychain also makes
+it easy for remote cron jobs to securely "hook in" to a long-running
+ssh-agent process, allowing your scripts to take advantage of key-based
+logins.
Index: pkgsrc/security/keychain/Makefile
diff -u pkgsrc/security/keychain/Makefile:1.40 pkgsrc/security/keychain/Makefile:1.41
--- pkgsrc/security/keychain/Makefile:1.40 Wed Apr 18 19:25:27 2018
+++ pkgsrc/security/keychain/Makefile Sat May 3 16:08:16 2025
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.40 2018/04/18 19:25:27 kamil Exp $
+# $NetBSD: Makefile,v 1.41 2025/05/03 16:08:16 vins Exp $
-DISTNAME= keychain-2.8.5
+DISTNAME= keychain-2.9.2
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_GITHUB:=funtoo/}
-MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+MAINTAINER= vins%NetBSD.org@localhost
HOMEPAGE= http://www.funtoo.org/Keychain
COMMENT= Nice ssh-agent front-end
LICENSE= gnu-gpl-v2
@@ -13,15 +13,15 @@ LICENSE= gnu-gpl-v2
DEPENDS+= openssh-[0-9]*:../../security/openssh
.endif
-NO_BUILD= yes
+USE_TOOLS+= groff perl:build pod2man
INSTALLATION_DIRS= bin ${PKGMANDIR}/man1 share/doc/${PKGBASE}
do-install:
- ${INSTALL_SCRIPT} ${WRKSRC}/keychain ${DESTDIR}${PREFIX}/bin
- ${INSTALL_MAN} ${WRKSRC}/keychain.1 \
+ ${INSTALL_SCRIPT} ${WRKSRC}/keychain ${DESTDIR}${PREFIX}/bin/keychain
+ ${INSTALL_MAN} ${WRKSRC}/keychain.1 \
${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
- ${INSTALL_DATA} ${WRKSRC}/README.md \
+ ${INSTALL_DATA} ${WRKSRC}/README.md \
${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/keychain/distinfo
diff -u pkgsrc/security/keychain/distinfo:1.26 pkgsrc/security/keychain/distinfo:1.27
--- pkgsrc/security/keychain/distinfo:1.26 Tue Oct 26 11:17:11 2021
+++ pkgsrc/security/keychain/distinfo Sat May 3 16:08:16 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.26 2021/10/26 11:17:11 nia Exp $
+$NetBSD: distinfo,v 1.27 2025/05/03 16:08:16 vins Exp $
-BLAKE2s (keychain-2.8.5.tar.gz) = 4f9c4c8c1b935d5fa2a739cadf16343fffda62d3fd3919cd8f1ca325ab1ca1ce
-SHA512 (keychain-2.8.5.tar.gz) = 2b98a9937b058267150d62d4f95653c4bbab6117a0774ac266abf95020c41905412b1522a82abf71722f25f6af31ba3498f6d54622009498c845802bf2df6024
-Size (keychain-2.8.5.tar.gz) = 66446 bytes
+BLAKE2s (keychain-2.9.2.tar.gz) = 29f3179b43e128641b730bc6bd0338b34de6381a3c2f69ccf34180f8e3b94b06
+SHA512 (keychain-2.9.2.tar.gz) = 1b4aa06037cb3f89f4cfa6a4c1a1104ca6a757175a636043b7fb4776773a81f20b38b058b86618b8e6b89cf7c61af86e6441da70ed92b0c18d31fb50b3dd8a96
+Size (keychain-2.9.2.tar.gz) = 41401 bytes
Home |
Main Index |
Thread Index |
Old Index