Check-in [a8231fc377]
Overview
SHA1:a8231fc3777f178dd80df798c426baac47428c4d
Date: 2016-10-18 18:14:49
User: kvanals
Comment:Added CACKey Uninstaller for macOS into the installer package (/usr/local/bin/cackey_osx_uninstall.sh), removed the extra macOS uninstaller script from the build tree, and updated the macOS build script to use the new SHA-256 hash of the external PKCS11.tokend (which now supports SHA-2 (256/384/512))
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2016-10-18
18:23
[458e2fe6b9] CACKey 0.7.7 (user: kvanals, tags: trunk, 0.7.7)
18:14
[a8231fc377] Added CACKey Uninstaller for macOS into the installer package (/usr/local/bin/cackey_osx_uninstall.sh), removed the extra macOS uninstaller script from the build tree, and updated the macOS build script to use the new SHA-256 hash of the external PKCS11.tokend (which now supports SHA-2 (256/384/512)) (user: kvanals, tags: trunk)
2016-09-22
19:59
[56006440a0] Updated CACKey macOS Install and Uninstall Scripts to try harder to disable CryptoTokenKit support after the GM release started ignoring some methods (user: kvanals, tags: trunk)
Changes

Modified build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh from [e76bd4c2b0] to [f124b9f8c8].

     1      1   #!/bin/bash
     2      2   chmod -R go+rX /Library/Security/tokend/PKCS11.tokend
     3      3   chown -R root:wheel /Library/Security/tokend/PKCS11.tokend
            4  +
            5  +# Write Out Uninstaller (For our users' convenience)
            6  +cat << 'EOF' >> /usr/local/bin/cackey_osx_uninstall.sh
            7  +#!/bin/bash
            8  +# Script to remove current and previous releases of CACKey from Mac OS X
            9  +
           10  +if [ "`whoami`" != "root" ]; then
           11  +	echo "Please rerun this script with sudo or directly as root."
           12  +	exit 1
           13  +fi
           14  +
           15  +# Remove Directories and Files
           16  +echo "Removing CACKey-related files and directories, if they exist..."
           17  +rm -rf /usr/lib/pkcs11/*cackey*
           18  +rm -rf /usr/local/lib/pkcs11/*cackey*
           19  +rm -rf /Library/CACKey
           20  +rm -rf /System/Library/Security/tokend/PKCS11.tokend
           21  +rm -rf /Library/Security/tokend/PKCS11.tokend
           22  +
           23  +# Forget about packages installed
           24  +echo "Removing saved Mac OS X package information for CACKey..."
           25  +for package in `pkgutil --pkgs | grep -i CACKey`; do
           26  +	pkgutil --forget ${package}
           27  +done
           28  +
           29  +# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
           30  +echo "Reenabling the builtin pivtoken CryptoTokenKit..."
           31  +if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
           32  +	defaults delete /Library/Preferences/com.apple.security.smartcard
           33  +	security smartcards token -e com.apple.CryptoTokenKit.pivtoken
           34  +fi
           35  +
           36  +# Remove myself
           37  +rm -f /usr/local/bin/cackey_osx_uninstall.sh
           38  +EOF
           39  +
           40  +chown root:wheel /usr/local/bin/cackey_osx_uninstall.sh
           41  +chmod 755 /usr/local/bin/cackey_osx_uninstall.sh
     4     42   
     5     43   # If on Sierra or newer, disable the pivtoken CryptoTokenKit
     6     44   if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
     7     45   	security smartcards token -d com.apple.CryptoTokenKit.pivtoken
     8     46   	defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken
     9     47   fi

Modified build/cackey_osx_build/build_osx.sh from [37f2acc21e] to [b6fc0d5cbb].

   144    144   	ln macbuild/${OSX}/libcackey.dylib build/cackey_osx_build/cackey.dylib
   145    145   	rm -rf build/cackey_osx_build/PKCS11.tokend
   146    146   	if [ "${LIONBUILD}" = 1 ]; then
   147    147   		TAR=gnutar
   148    148   	else
   149    149   		TAR=tar
   150    150   	fi
   151         -	TOKENDSHA256="800a1d307df4117b2096a824dfc7ccca1ebecb5caf5fa98c1e531ac6f6b672a0"
          151  +	TOKENDSHA256="f4a27bcec02effc39f1bc9a6dc7943b8c1c3e570431782a874a1082bb1332ef3"
   152    152   	curl http://devel.kvanals.org/PKCS11_Tokend/PKCS11_tokend-latest.tar.gz > PKCS11_tokend-latest.tar.gz
   153    153   	if [ "${TOKENDSHA256}" != "`shasum -a 256 PKCS11_tokend-latest.tar.gz | awk '{print $1}'`" ]; then
   154    154   		echo "SHA-256 Checksum does NOT match for TokenD!  Verify there was a new upstream release and update the build script!"
   155    155   		rm -f PKCS11_tokend-latest.tar.gz
   156    156   		exit 1
   157    157   	fi
   158    158   	if [ "${OSX}" = "Leopard" ]; then

Deleted build/cackey_osx_build/cackey_osx_uninstall.sh version [92a8124c4c].

     1         -#!/bin/bash
     2         -# Script to remove current and previous releases of CACKey from Mac OS X
     3         -
     4         -if [ "`whoami`" != "root" ]; then
     5         -	echo "Please rerun this script with sudo or directly as root."
     6         -	exit 1
     7         -fi
     8         -
     9         -# Remove Directories and Files
    10         -echo "Removing CACKey-related files and directories, if they exist..."
    11         -rm -rf /usr/lib/pkcs11/*cackey*
    12         -rm -rf /usr/local/lib/pkcs11/*cackey*
    13         -rm -rf /Library/CACKey
    14         -rm -rf /System/Library/Security/tokend/PKCS11.tokend
    15         -rm -rf /Library/Security/tokend/PKCS11.tokend
    16         -
    17         -# Forget about packages installed
    18         -echo "Removing saved Mac OS X package information for CACKey..."
    19         -for package in `pkgutil --pkgs | grep -i CACKey`; do
    20         -	pkgutil --forget ${package}
    21         -done
    22         -
    23         -# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
    24         -echo "Reenabling the builtin pivtoken CryptoTokenKit..."
    25         -if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
    26         -	security smartcards token -e com.apple.CryptoTokenKit.pivtoken
    27         -	defaults delete /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken
    28         -fi