Opened 9 years ago

Closed 5 years ago

#25914 closed request (duplicate)

truecrypt 7.0 request to add port

Reported by: nonstop.server@… Owned by: l2g@…
Priority: Normal Milestone:
Component: ports Version:
Keywords: crypto security Cc: drkp (Dan Ports)
Port: truecrypt

Description

Request to add the latest version of TrueCrypt to MacPorts.
Sources of information:

Change History (17)

comment:1 Changed 8 years ago by l2g@…

Owner: changed from macports-tickets@… to l2g@…

comment:2 Changed 8 years ago by l2g@…

Status: newassigned
Version: 1.9.1

comment:3 Changed 8 years ago by l2g@…

Status update:

Because the "click-wrap" license page for downloading the source code is nigh impossible to handle with a MacPorts portfile, I made my own mirror for the source code (it doesn't look like the TrueCrypt license forbids this). http://truecrypt-mirror.l2g.to/

The makefile they provide appears to be hard-coded for building on OS X Tiger. It will have to be patched or overridden somehow to make use of the flags normally provided during MacPorts's build phase; that should make it possible to build on Leopard and Snow Leopard, and to make normal universal builds.

comment:4 Changed 8 years ago by l2g@…

Followup to my previous comment: It turns out that running a mirror or file repository is technically against the terms of my agreement with my hosting provider, so I'm looking at using an Arch Linux mirror instead (http://mirrors.kernel.org/archlinux/other/truecrypt/).

comment:5 Changed 8 years ago by anatol (Anatol Pomozov)

Any updates? Truecrypt is very useful application, it would be really great to have it in the macports..

comment:6 Changed 8 years ago by anatol (Anatol Pomozov)

FYI this is the package file for Arch http://projects.archlinux.org/svntogit/packages.git/tree/truecrypt/trunk/PKGBUILD

Indeed they have their own truecrypt source mirror that is located here ftp://ftp.archlinux.org/other/tc/truecrypt-7.0a.tar.gz

comment:7 Changed 8 years ago by anatol (Anatol Pomozov)

I am looking at the Truecrypt sources and trying to make a Portfile. Makefile should be fixed like this to remove dependency to outdated ppc stuff:

index 265bb6f..b4c7a71 100644
--- a/Makefile
+++ b/Makefile
@@ -173,13 +173,7 @@ ifeq "$(shell uname -s)" "Darwin"
        PLATFORM := MacOSX
        APPNAME := TrueCrypt
 
-       TC_OSX_SDK ?= /Developer/SDKs/MacOSX10.4u.sdk
-       CC := gcc-4.0
-       CXX := g++-4.0
-
-       C_CXX_FLAGS += -DTC_UNIX -DTC_BSD -DTC_MACOSX -mmacosx-version-min=10.4 -isysroot $(TC_OSX_SDK)
-       LFLAGS += -mmacosx-version-min=10.4 -Wl,-syslibroot $(TC_OSX_SDK)
-       WX_CONFIGURE_FLAGS += --with-macosx-version-min=10.4 --with-macosx-sdk=$(TC_OSX_SDK)
+       C_CXX_FLAGS += -DTC_UNIX -DTC_BSD -DTC_MACOSX
 
        ifeq "$(CPU_ARCH)" "x64"
                CPU_ARCH = x86
@@ -195,10 +189,9 @@ ifeq "$(shell uname -s)" "Darwin"
                S := $(C_CXX_FLAGS)
                C_CXX_FLAGS = $(subst -MMD,,$(S))
 
-               C_CXX_FLAGS += -gfull -arch i386 -arch ppc
-               LFLAGS += -Wl,-dead_strip -arch i386 -arch ppc
+               C_CXX_FLAGS += -gfull
+               LFLAGS += -Wl,-dead_strip
 
-               WX_CONFIGURE_FLAGS += --enable-universal_binary
                WXCONFIG_CFLAGS += -gfull
                WXCONFIG_CXXFLAGS += -gfull

Now I am stuck with this compile error:

$ make
Compiling Keyfile.cpp
In file included from Keyfile.cpp:10:
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:43:29: error: openssl/pkcs11.h: No such file or directory
In file included from Keyfile.cpp:10:
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:56: error: ‘CK_SLOT_ID’ does not name a type
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:57: error: ‘CK_FLAGS’ does not name a type
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:77: error: ‘CK_OBJECT_HANDLE’ does not name a type
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:80: error: ‘CK_SLOT_ID’ does not name a type
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:86: error: expected `)' before ‘errorCode’
/Users/anatol/tmp/truecrypt/truecrypt-7.0a-source/Common/SecurityToken.h:92: error: expected `)' before ‘errorCode’

Do you know where pkcs11.h is defined. I found only versions 12 and 7 (both in XCode and openssl port).

comment:8 Changed 8 years ago by anatol (Anatol Pomozov)

I found pkcs11.h in "nss" port but unfortunately it does not include all stuff needed for Truecrypt e.g. CKR_NEW_PIN_MODE constant is not defined.

comment:9 Changed 8 years ago by drkp (Dan Ports)

Cc: dports@… added

I would tread very carefully here. TrueCrypt is distributed under a questionable license. It's previously been described as truly horrifying (more details). Note that that was a previous version of the license; it's been revised since then and may be less objectionable.

But we will need to take a close look at it to see if we can mirror the distfile and/or distribute binaries. Normally, not being able to do either wouldn't be a showstopper, but it might be a more serious problem here since we're talking about needing to set up a distfile mirror just to download the thing.

comment:10 Changed 8 years ago by drkp (Dan Ports)

I don't think we currently have a PKCS11 implementation available. If we can get gnutls updated to a more recent version (see #29719) it might have one included. There's also http://www.opensc-project.org/engine_pkcs11

comment:11 Changed 8 years ago by anatol (Anatol Pomozov)

Ok, here is the current status:

  • The issue with pkcs11 is fixed by downloading the header files from ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/ For some reason headers from 'nss' port are not compatible with truecrypt.
  • I was not able to compile truecrypt for 64bit. There is some compilation error in assembler code for x64 (yeah truecrypt has ASM code).
  • Currently I have issues with wxWidget - it does not work on macosx. There is some compilation error with STL<->string conversion.
  • build-time dependencies: nasm,pkg-config; run-time dependencies: wxwidgets

I'll continue investigating it when I have more time. The current diff agains vanilla source is here: http://pastie.org/2461344

comment:12 Changed 6 years ago by neurodroid (Christoph Schmidt-Hieber)

I've put together some updated instructions and a patch to build TrueCrypt with MacPorts. While I agree that the TrueCrypt license is questionable, I don't see that it would prohibit distributing the source and the patch in MacPorts. If there's any interest, I'd be happy to put together a Portfile.

comment:13 Changed 5 years ago by neurodroid (Christoph Schmidt-Hieber)

I've created a Portfile for TrueCrypt. See here for additional information.

comment:14 Changed 5 years ago by mf2k (Frank Schima)

Thanks for making a port, but it would be best to open a new submission ticket and attach the portfile there so it can be properly reviewed.

comment:15 Changed 5 years ago by john@…

Thank you! This is great. What can we do to support this effort? I would very much like to see this as an official port.

comment:16 in reply to:  14 Changed 5 years ago by neurodroid (Christoph Schmidt-Hieber)

Replying to macsforever2000@…:

Thanks for making a port, but it would be best to open a new submission ticket and attach the portfile there so it can be properly reviewed.

#41421

comment:17 Changed 5 years ago by mf2k (Frank Schima)

Resolution: duplicate
Status: assignedclosed
Note: See TracTickets for help on using tickets.