Overview
| Comment: | Added CACKey Uninstaller for macOS into the installer package (/usr/local/bin/cackey_osx_uninstall.sh), removed the extra macOS uninstaller script from the build tree, and updated the macOS build script to use the new SHA-256 hash of the external PKCS11.tokend (which now supports SHA-2 (256/384/512)) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
a8231fc3777f178dd80df798c426baac |
| User & Date: | kvanals on 2016-10-18 18:14:49 |
| Other Links: | manifest | tags |
Context
|
2016-10-18
| ||
| 18:23 | CACKey 0.7.7 check-in: 458e2fe6b9 user: kvanals tags: 0.7.7, trunk | |
| 18:14 | Added CACKey Uninstaller for macOS into the installer package (/usr/local/bin/cackey_osx_uninstall.sh), removed the extra macOS uninstaller script from the build tree, and updated the macOS build script to use the new SHA-256 hash of the external PKCS11.tokend (which now supports SHA-2 (256/384/512)) check-in: a8231fc377 user: kvanals tags: trunk | |
|
2016-09-22
| ||
| 19:59 | Updated CACKey macOS Install and Uninstall Scripts to try harder to disable CryptoTokenKit support after the GM release started ignoring some methods check-in: 56006440a0 user: kvanals tags: trunk | |
Changes
Modified build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh from [e76bd4c2b0] to [f124b9f8c8].
1 2 3 4 5 6 7 8 9 | #!/bin/bash chmod -R go+rX /Library/Security/tokend/PKCS11.tokend chown -R root:wheel /Library/Security/tokend/PKCS11.tokend # If on Sierra or newer, disable the pivtoken CryptoTokenKit if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then security smartcards token -d com.apple.CryptoTokenKit.pivtoken defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken fi | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
#!/bin/bash
chmod -R go+rX /Library/Security/tokend/PKCS11.tokend
chown -R root:wheel /Library/Security/tokend/PKCS11.tokend
# Write Out Uninstaller (For our users' convenience)
cat << 'EOF' >> /usr/local/bin/cackey_osx_uninstall.sh
#!/bin/bash
# Script to remove current and previous releases of CACKey from Mac OS X
if [ "`whoami`" != "root" ]; then
echo "Please rerun this script with sudo or directly as root."
exit 1
fi
# Remove Directories and Files
echo "Removing CACKey-related files and directories, if they exist..."
rm -rf /usr/lib/pkcs11/*cackey*
rm -rf /usr/local/lib/pkcs11/*cackey*
rm -rf /Library/CACKey
rm -rf /System/Library/Security/tokend/PKCS11.tokend
rm -rf /Library/Security/tokend/PKCS11.tokend
# Forget about packages installed
echo "Removing saved Mac OS X package information for CACKey..."
for package in `pkgutil --pkgs | grep -i CACKey`; do
pkgutil --forget ${package}
done
# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
echo "Reenabling the builtin pivtoken CryptoTokenKit..."
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
defaults delete /Library/Preferences/com.apple.security.smartcard
security smartcards token -e com.apple.CryptoTokenKit.pivtoken
fi
# Remove myself
rm -f /usr/local/bin/cackey_osx_uninstall.sh
EOF
chown root:wheel /usr/local/bin/cackey_osx_uninstall.sh
chmod 755 /usr/local/bin/cackey_osx_uninstall.sh
# If on Sierra or newer, disable the pivtoken CryptoTokenKit
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
security smartcards token -d com.apple.CryptoTokenKit.pivtoken
defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken
fi
|
Modified build/cackey_osx_build/build_osx.sh from [37f2acc21e] to [b6fc0d5cbb].
| ︙ | ︙ | |||
144 145 146 147 148 149 150 |
ln macbuild/${OSX}/libcackey.dylib build/cackey_osx_build/cackey.dylib
rm -rf build/cackey_osx_build/PKCS11.tokend
if [ "${LIONBUILD}" = 1 ]; then
TAR=gnutar
else
TAR=tar
fi
| | | 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
ln macbuild/${OSX}/libcackey.dylib build/cackey_osx_build/cackey.dylib
rm -rf build/cackey_osx_build/PKCS11.tokend
if [ "${LIONBUILD}" = 1 ]; then
TAR=gnutar
else
TAR=tar
fi
TOKENDSHA256="f4a27bcec02effc39f1bc9a6dc7943b8c1c3e570431782a874a1082bb1332ef3"
curl http://devel.kvanals.org/PKCS11_Tokend/PKCS11_tokend-latest.tar.gz > PKCS11_tokend-latest.tar.gz
if [ "${TOKENDSHA256}" != "`shasum -a 256 PKCS11_tokend-latest.tar.gz | awk '{print $1}'`" ]; then
echo "SHA-256 Checksum does NOT match for TokenD! Verify there was a new upstream release and update the build script!"
rm -f PKCS11_tokend-latest.tar.gz
exit 1
fi
if [ "${OSX}" = "Leopard" ]; then
|
| ︙ | ︙ |
Deleted build/cackey_osx_build/cackey_osx_uninstall.sh version [92a8124c4c].
|
| < < < < < < < < < < < < < < < < < < < < < < < < < < < < |