[pkgsrc/trunk]: pkgsrc/security security: Add lua-arc4random

[nia <nia%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/6601368a6a3f
branches:  trunk
changeset: 435239:6601368a6a3f
user:      nia <nia%pkgsrc.org@localhost>
date:      Thu Jul 02 17:46:26 2020 +0000

description:
security: Add lua-arc4random

The arc4random family of functions provides a cryptographic pseudorandom
number generator automatically seeded from the system entropy pool and
safe to use from multiple threads.  arc4random is designed to prevent an
adversary from guessing outputs, unlike rand(3) and random(3), and is
faster and more convenient than reading from /dev/urandom directly.

This is a Lua wrapper for arc4random(3), portable to systems that
do and don't have it natively in libc. On systems where arc4random
may be insecure it provides a replacement.

diffstat:

 security/Makefile                                   |   3 +-
 security/lua-arc4random/DESCR                       |   9 ++++++++
 security/lua-arc4random/Makefile                    |  23 +++++++++++++++++++++
 security/lua-arc4random/PLIST                       |   2 +
 security/lua-arc4random/distinfo                    |   7 ++++++
 security/lua-arc4random/patches/patch-Makefile.mess |  17 +++++++++++++++
 6 files changed, 60 insertions(+), 1 deletions(-)

diffs (95 lines):

diff -r 00f11381ab96 -r 6601368a6a3f security/Makefile
--- a/security/Makefile Thu Jul 02 17:30:37 2020 +0000
+++ b/security/Makefile Thu Jul 02 17:46:26 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.769 2020/07/02 14:02:36 nia Exp $
+# $NetBSD: Makefile,v 1.770 2020/07/02 17:46:26 nia Exp $
 #
 
 COMMENT=       Security tools
@@ -206,6 +206,7 @@
 SUBDIR+=       log2timeline
 SUBDIR+=       logcheck
 SUBDIR+=       lsh
+SUBDIR+=       lua-arc4random
 SUBDIR+=       lua-argon2
 SUBDIR+=       lua-sec
 SUBDIR+=       lxqt-openssh-askpass
diff -r 00f11381ab96 -r 6601368a6a3f security/lua-arc4random/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/lua-arc4random/DESCR     Thu Jul 02 17:46:26 2020 +0000
@@ -0,0 +1,9 @@
+The arc4random family of functions provides a cryptographic pseudorandom
+number generator automatically seeded from the system entropy pool and
+safe to use from multiple threads.  arc4random is designed to prevent an
+adversary from guessing outputs, unlike rand(3) and random(3), and is
+faster and more convenient than reading from /dev/urandom directly.
+
+This is a Lua wrapper for arc4random(3), portable to systems that
+do and don't have it natively in libc. On systems where arc4random
+may be insecure it provides a replacement.
diff -r 00f11381ab96 -r 6601368a6a3f security/lua-arc4random/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/lua-arc4random/Makefile  Thu Jul 02 17:46:26 2020 +0000
@@ -0,0 +1,23 @@
+# $NetBSD: Makefile,v 1.1 2020/07/02 17:46:26 nia Exp $
+
+DISTNAME=      lua-arc4random-1.3.4
+PKGNAME=       ${DISTNAME:S/lua-/${LUA_PKGPREFIX}-/1}
+CATEGORIES=    security lua
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=mikejsavage/}
+GITHUB_PROJECT=        lua-arc4random
+GITHUB_TAG=    v1.3-4
+
+MAINTAINER=    nia%NetBSD.org@localhost
+HOMEPAGE=      https://github.com/jgm/cmark-lua
+COMMENT=       Lua wrapper for arc4random(3)
+LICENSE=       mit
+
+USE_TOOLS+=    gmake
+
+INSTALLATION_DIRS+=    ${LUA_CDIR}
+
+do-install:
+       ${INSTALL_LIB} ${WRKSRC}/arc4random.so ${DESTDIR}${PREFIX}/${LUA_CDIR}
+
+.include "../../lang/lua/module.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r 00f11381ab96 -r 6601368a6a3f security/lua-arc4random/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/lua-arc4random/PLIST     Thu Jul 02 17:46:26 2020 +0000
@@ -0,0 +1,2 @@
+@comment $NetBSD: PLIST,v 1.1 2020/07/02 17:46:26 nia Exp $
+${LUA_CDIR}/arc4random.so
diff -r 00f11381ab96 -r 6601368a6a3f security/lua-arc4random/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/lua-arc4random/distinfo  Thu Jul 02 17:46:26 2020 +0000
@@ -0,0 +1,7 @@
+$NetBSD: distinfo,v 1.1 2020/07/02 17:46:26 nia Exp $
+
+SHA1 (lua-arc4random-1.3.4.tar.gz) = 300c7397ea4bf44dd970fca9eb58c4c04f87e0c9
+RMD160 (lua-arc4random-1.3.4.tar.gz) = c4e42556458ac82cbfccecdcc0791a0509abb726
+SHA512 (lua-arc4random-1.3.4.tar.gz) = 8af54d0b44a823e39a5dfdfef0e8e74883a170cce7bf94a7093734b4a35050b5eada12b14ff17a7c3a8fb0b7849a98e8d542b25b1b4f993fd76919a52c16c87a
+Size (lua-arc4random-1.3.4.tar.gz) = 23194 bytes
+SHA1 (patch-Makefile.mess) = 8571ccd75bb392c0f595f35da53410a1a74d82cc
diff -r 00f11381ab96 -r 6601368a6a3f security/lua-arc4random/patches/patch-Makefile.mess
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/lua-arc4random/patches/patch-Makefile.mess       Thu Jul 02 17:46:26 2020 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-Makefile.mess,v 1.1 2020/07/02 17:46:26 nia Exp $
+
+Use libc on NetBSD too.
+
+--- Makefile.mess.orig 2017-04-13 21:00:05.000000000 +0000
++++ Makefile.mess
+@@ -12,7 +12,9 @@ else
+       LDFLAGS += -bundle -undefined dynamic_lookup
+ endif
+ 
+-ifneq ($(uname),OpenBSD)
++ifeq ($(uname),NetBSD)
++else ifeq ($(uname),OpenBSD)
++else
+       # This is more or less what libressl does
+       # See http://openbsd.cs.toronto.edu/cgi-bin/cvsweb/src/lib/libssl/src/crypto/mem_clr.c?rev=1.4&content-type=text/x-cvsweb-markup
+       CFLAGS += -DOPENSSL_cleanse=explicit_bzero