Date: Thu, 28 Feb 2013 15:04:28 GMT From: Andrei Lavreniyuk <andy.lavr@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/176505: [NEW PORT] www/crx-dnssec: DNSSEC Validator extension for Chromium Message-ID: <201302281504.r1SF4SLh042593@red.freebsd.org> Resent-Message-ID: <201302281510.r1SFA0B4086176@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 176505 >Category: ports >Synopsis: [NEW PORT] www/crx-dnssec: DNSSEC Validator extension for Chromium >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Feb 28 15:10:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Andrei Lavreniyuk >Release: FreeBSD 10.0-CURRENT amd64 >Organization: Technica-03,Inc. >Environment: FreeBSD 59.informalians.local 10.0-CURRENT FreeBSD 10.0-CURRENT #0 r247144M(clang-r170710): Fri Feb 22 10:52:25 EET 2013 root@59.informalians.local:/usr/obj/usr/src/sys/Kernel amd64 >Description: DNSSEC Validator extension for Chromium adds a new functionality to your browser. This extension is able to check the DNSSEC status of the page you are visiting and it will present the status of DNSSEC security using color keys and information texts in the URL bar. WWW: https://labs.nic.cz/page/990/rozsireni-dnssec-validator-pro-google-chrome/ >How-To-Repeat: >Fix: Patch attached with submission follows: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # crx-dnssec # crx-dnssec/distinfo # crx-dnssec/Makefile # crx-dnssec/pkg-descr # crx-dnssec/pkg-message # crx-dnssec/files # crx-dnssec/files/patch-chrome # echo c - crx-dnssec mkdir -p crx-dnssec > /dev/null 2>&1 echo x - crx-dnssec/distinfo sed 's/^X//' >crx-dnssec/distinfo << '32afef24a84ad1bc34a9713383b2e495' XSHA256 (dnssec-chromium-1.1.6.tar.gz) = 0cea1cada3f01f86f77318db9a138321aef4eacb2251e87422f284f42b73857f XSIZE (dnssec-chromium-1.1.6.tar.gz) = 353504 32afef24a84ad1bc34a9713383b2e495 echo x - crx-dnssec/Makefile sed 's/^X//' >crx-dnssec/Makefile << 'e781db691e9652364d5653129948be32' X# Created by: Andrei Lavreniyuk <andy.lavr@gmail.com> X# $FreeBSD$ X XPORTNAME= dnssec-chromium XPORTVERSION= 1.1.6 XCATEGORIES= www XMASTER_SITES= https://labs.nic.cz/page/990/rozsireni-dnssec-validator-pro-google-chrome/ \ X https://chrome.google.com/webstore/detail/hpmbmjbcmglolhjdcbicfdhmgmcoeknm/ X XMAINTAINER= andy.lavr@gmail.com XCOMMENT= DNSSEC Validator extension for Chromium X XLIB_DEPENDS= ldns:${PORTSDIR}/dns/ldns XFETCH_DEPENDS= dnssec-validator>=1.1.6:${PORTSDIR}/www/dnssec-validator XBUILD_DEPENDS= crxmake:${PORTSDIR}/devel/crxmake X XONLY_FOR_ARCHS= amd64 XUSE_RUBY= yes X XLICENSE_PERMS_GPL3= yes X XPLIST_FILES= ${DISTDIR}/crx/dnssec-validator-1.1.6.pem \ X ${DISTDIR}/crx/dnssec-validator-1.1.6.crx \ X ${DISTDIR}/crx/dnssec-validator-1.1.6.zip X X.include <bsd.port.options.mk> X X.if ${OSVERSION} < 900000 XIGNORE= the port has not been tested with this version FreeBSD! Upgrade to FreeBSD 9.1 or higher X.endif X XMAKE_CRX= ${RUBY} ${LOCALBASE}/bin/crxmake \ X --pack-extension=chrome --extension-output=dnssec-validator-1.1.6.crx \ X --key-output=dnssec-validator-1.1.6.pem --mode=crx XMAKE_ZIP= ${RUBY} ${LOCALBASE}/bin/crxmake \ X --pack-extension=chrome --zip-output=dnssec-validator-1.1.6.zip \ X --pack-extension-key=dnssec-validator-1.1.6.pem --mode=zip X Xpost-patch: X @${FIND} ${WRKSRC} -name '*.orig' -delete X Xdo-build: X @cd ${WRKSRC}/ && exec ${MAKE_CRX} X @cd ${WRKSRC}/ && exec ${MAKE_ZIP} X Xdo-install: X.if !exists(${DISTDIR}/crx) X @${MKDIR} ${DISTDIR}/crx X.endif X @${INSTALL_DATA} ${WRKSRC}/dnssec-validator-1.1.6.* ${DISTDIR}/crx X X.include <bsd.port.mk> e781db691e9652364d5653129948be32 echo x - crx-dnssec/pkg-descr sed 's/^X//' >crx-dnssec/pkg-descr << '8e14f9b1722f74bdf5666fdc2eec78f0' X DNSSEC Validator extension for Chromium adds a new functionality Xto your browser. X XThis extension is able to check the DNSSEC status of the page Xyou are visiting and it will present the status of DNSSEC security Xusing color keys and information texts in the URL bar. X XWWW: https://labs.nic.cz/page/990/rozsireni-dnssec-validator-pro-google-chrome/ 8e14f9b1722f74bdf5666fdc2eec78f0 echo x - crx-dnssec/pkg-message sed 's/^X//' >crx-dnssec/pkg-message << '9e70b73ba0be573bd18a44d84865b7fe' XDNSSEC Validator extension for Chromium XURL: <http://www.dnssec-validator.cz>; X------------------------------------------------------------------------------- X XINSTALLATION X--------------- X X1. Open the Extensions page on the browser (chrome://extensions/) X2. Locate the "validator-1.6.1.crx" extension file on your computer X ( ports/distfiles/crx/validator-1.6.1.crx )- drag and drop the file X onto the Extensions page from step 2 and click Install. 9e70b73ba0be573bd18a44d84865b7fe echo c - crx-dnssec/files mkdir -p crx-dnssec/files > /dev/null 2>&1 echo x - crx-dnssec/files/patch-chrome sed 's/^X//' >crx-dnssec/files/patch-chrome << 'e4e3f580937e2e4cace20a1697021383' Xdiff -urN chrome/DNSSECValidatorPlugin.plugin/Contents/Info.plist dnssec-validator/DNSSECValidatorPlugin.plugin/Contents/Info.plist X--- chrome/DNSSECValidatorPlugin.plugin/Contents/Info.plist 1970-01-01 03:00:00.000000000 +0300 X+++ dnssec-validator/DNSSECValidatorPlugin.plugin/Contents/Info.plist 2013-02-19 14:38:18.000000000 +0200 X@@ -0,0 +1,58 @@ X+<?xml version="1.0" encoding="UTF-8"?> X+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">; X+<plist version="1.0"> X+<dict> X+ <key>CFBundleDevelopmentRegion</key> X+ <string>English</string> X+ <key>CFBundleExecutable</key> X+ <string>DNSSECValidatorPlugin</string> X+ <key>CFBundleGetInfoString</key> X+ <string>DNSSECValidatorPlugin 1.0.2, Copyright 2010, 2011 CZ.NIC Labs</string> X+ <key>CFBundleIdentifier</key> X+ <string>com.DNSSECValidatorPluginLib.DNSSEC Validator Plug-in</string> X+ <key>CFBundleInfoDictionaryVersion</key> X+ <string>6.0</string> X+ <key>CFBundlePackageType</key> X+ <string>BRPL</string> X+ <key>CFBundleShortVersionString</key> X+ <string>DNSSECValidatorPlugin 1.0.2</string> X+ <key>CFBundleSignature</key> X+ <string>????</string> X+ <key>CFBundleVersion</key> X+ <string>1.0.2</string> X+ <key>CFPlugInDynamicRegisterFunction</key> X+ <string></string> X+ <key>CFPlugInDynamicRegistration</key> X+ <string>NO</string> X+ <key>CFPlugInFactories</key> X+ <dict> X+ <key>00000000-0000-0000-0000-000000000000</key> X+ <string>MyFactoryFunction</string> X+ </dict> X+ <key>CFPlugInTypes</key> X+ <dict> X+ <key>00000000-0000-0000-0000-000000000000</key> X+ <array> X+ <string>00000000-0000-0000-0000-000000000000</string> X+ </array> X+ </dict> X+ <key>CFPlugInUnloadFunction</key> X+ <string></string> X+ <key>WebPluginDescription</key> X+ <string>Plug-in used by DNSSEC Validator extension</string> X+ <key>WebPluginMIMETypes</key> X+ <dict> X+ <key>application/x-dnssecvalidator</key> X+ <dict> X+ <key>WebPluginExtensions</key> X+ <array> X+ <string></string> X+ </array> X+ <key>WebPluginTypeDescription</key> X+ <string>Plug-in used by DNSSEC Validator extension</string> X+ </dict> X+ </dict> X+ <key>WebPluginName</key> X+ <string>DNSSEC Validator Plug-in</string> X+</dict> X+</plist> Xdiff -urN chrome/DNSSECValidatorPlugin.plugin/Contents/Resources/English.lproj/InfoPlist.strings dnssec-validator/DNSSECValidatorPlugin.plugin/Contents/Resources/English.lproj/InfoPlist.strings X--- chrome/DNSSECValidatorPlugin.plugin/Contents/Resources/English.lproj/InfoPlist.strings 1970-01-01 03:00:00.000000000 +0300 X+++ dnssec-validator/DNSSECValidatorPlugin.plugin/Contents/Resources/English.lproj/InfoPlist.strings 2013-02-19 14:38:18.000000000 +0200 X@@ -0,0 +1,4 @@ X+/* Localized versions of Info.plist keys */ X+ X+CFBundleName = "DNSSECValidatorPlugin.plugin"; X+NSHumanReadableCopyright = "Copyright 2010, 2011 CZ.NIC Labs"; Xdiff -urN chrome/_locales/en/messages.json dnssec-validator/_locales/en/messages.json X--- chrome/_locales/en/messages.json 2013-02-26 13:33:17.000000000 +0200 X+++ dnssec-validator/_locales/en/messages.json 2013-02-19 14:38:18.000000000 +0200 X@@ -1,24 +1,68 @@ X { X- "domain": {"message": "Domain"}, X- "securedConnectionDomain": {"message": "Domain is secured by DNSSEC."}, X- "securedConnectionDomainInvIPaddr": {"message": "Domain and also connection are secured but browser's IP address is invalid!"}, X- "securedConnectionNoDomain": {"message": "Domain's non-existence proven by DNSSEC."}, X- "securedConnectionNoDomainInvIPaddr": {"message": "Non-existent domain proven by DNSSEC but browser's IP address is invalid!"}, X- "securedConnectionInvSigDomain": {"message": "Domain's DNSSEC signature is invalid."}, X- "securedConnectionInvSigDomainInvIPaddr": {"message": "Domain's DNSSEC signature is invalid and browser's IP adress is invalid as well!"}, X- "validDomainSignature": {"message": "Domain is signed, but chain of trust can not be established."}, X- "validAuthDomainSignature": {"message": "Your resolver is authoritative DNS server for this domain name, so it cannot be validated by DNSSEC."}, X- "validDomainSignatureInvIPaddr": {"message": "Domain is signed, but browser's IP is invalid!"}, X- "invalidDomainSignature": {"message": "Domain name has invalid signature, so it could indicate spoofed name!"}, X- "invalidDomainSignatureInvIPaddr": {"message": "Domain name has invalid signature in addition, and browser's and DNSSEC add-on's IP addresses of the server mismatch, so it could indicate spoofed domain name!"}, X- "unsecuredDomain": {"message": "Domain has no DNSSEC signature."}, X- "unsecuredNoDomain": {"message": "Domain appears not to exist, but proof by NSEC/NSEC3 is missing!"}, X- "validNoDomainSignature": {"message": "Non-existent domain is secured and has a valid signature, but chain of trust can not be established."}, X- "validAuthNoDomainSignature": {"message": "Your resolver is authoritative DNS server for this domain name, so its non-existence cannot be validated by DNSSEC."}, X- "validNoDomainSignatureInvIPaddr": {"message": "Domain's non-existence is signed by DNSSEC, but browser indicates domain exists!"}, X- "invalidNoDomainSignature": {"message": "Proof of domain's non-existence is not valid, so it probably indicates that domain may actually exist!"}, X- "invalidNoDomainSignatureInvIPaddr": {"message": "In addition proof of domain name non-existence is not valid, therefore browser's IP address is probably spoofed!"}, X- "actionDnssec": {"message": "Retrieving DNSSEC status..."}, X- "inactionDnssec": {"message": "Idle."}, X- "errorDnssec": {"message": "Error verifying DNSSEC status of domain."} X+ "actionDnssec": { X+ "message": "Retrieving DNSSEC status..." X+ }, X+ "domain": { X+ "message": "Domain" X+ }, X+ "errorDnssec": { X+ "message": "Error verifying DNSSEC status of domain." X+ }, X+ "inactionDnssec": { X+ "message": "Idle." X+ }, X+ "invalidDomainSignature": { X+ "message": "Domain name has invalid signature, so it could indicate spoofed name!" X+ }, X+ "invalidDomainSignatureInvIPaddr": { X+ "message": "Domain name has invalid signature in addition, and browser's and DNSSEC add-on's IP addresses of the server mismatch, so it could indicate spoofed domain name!" X+ }, X+ "invalidNoDomainSignature": { X+ "message": "Proof of domain's non-existence is not valid, so it probably indicates that domain may actually exist!" X+ }, X+ "invalidNoDomainSignatureInvIPaddr": { X+ "message": "In addition proof of domain name non-existence is not valid, therefore browser's IP address is probably spoofed!" X+ }, X+ "securedConnectionDomain": { X+ "message": "Domain is secured by DNSSEC." X+ }, X+ "securedConnectionDomainInvIPaddr": { X+ "message": "Domain and also connection are secured but browser's IP address is invalid!" X+ }, X+ "securedConnectionInvSigDomain": { X+ "message": "Domain's DNSSEC signature is invalid." X+ }, X+ "securedConnectionInvSigDomainInvIPaddr": { X+ "message": "Domain's DNSSEC signature is invalid and browser's IP adress is invalid as well!" X+ }, X+ "securedConnectionNoDomain": { X+ "message": "Domain's non-existence proven by DNSSEC." X+ }, X+ "securedConnectionNoDomainInvIPaddr": { X+ "message": "Non-existent domain proven by DNSSEC but browser's IP address is invalid!" X+ }, X+ "unsecuredDomain": { X+ "message": "Domain has no DNSSEC signature." X+ }, X+ "unsecuredNoDomain": { X+ "message": "Domain appears not to exist, but proof by NSEC/NSEC3 is missing!" X+ }, X+ "validAuthDomainSignature": { X+ "message": "Your resolver is authoritative DNS server for this domain name, so it cannot be validated by DNSSEC." X+ }, X+ "validAuthNoDomainSignature": { X+ "message": "Your resolver is authoritative DNS server for this domain name, so its non-existence cannot be validated by DNSSEC." X+ }, X+ "validDomainSignature": { X+ "message": "Domain is signed, but chain of trust can not be established." X+ }, X+ "validDomainSignatureInvIPaddr": { X+ "message": "Domain is signed, but browser's IP is invalid!" X+ }, X+ "validNoDomainSignature": { X+ "message": "Non-existent domain is secured and has a valid signature, but chain of trust can not be established." X+ }, X+ "validNoDomainSignatureInvIPaddr": { X+ "message": "Domain's non-existence is signed by DNSSEC, but browser indicates domain exists!" X+ } X } Xdiff -urN chrome/_locales/ru/messages.json dnssec-validator/_locales/ru/messages.json X--- chrome/_locales/ru/messages.json 1970-01-01 03:00:00.000000000 +0300 X+++ dnssec-validator/_locales/ru/messages.json 2012-10-04 15:00:48.000000000 +0300 X@@ -0,0 +1,68 @@ X+{ X+ "actionDnssec": { X+ "message": "Получение статуса DNSSEC ..." X+ }, X+ "domain": { X+ "message": "Домен" X+ }, X+ "errorDnssec": { X+ "message": "Ошибка проверки DNSSEC статуса домена." X+ }, X+ "inactionDnssec": { X+ "message": "Ожидание." X+ }, X+ "invalidDomainSignature": { X+ "message": "Доменное имя имеет неверную подпись, так что это может свидетельствовать о поддельном имени!" X+ }, X+ "invalidDomainSignatureInvIPaddr": { X+ "message": "Доменное имя имеет неверную подпись, кроме того, и браузер, и DNSSEC IP-адреса серверов несоответствуют, так что это может свидетельствовать о поддельном доменном имени!" X+ }, X+ "invalidNoDomainSignature": { X+ "message": "Подпись домена не соответствует, так что, вероятно домен может на самом деле существует!" X+ }, X+ "invalidNoDomainSignatureInvIPaddr": { X+ "message": "Подпись доменного имени не соответствует, поэтому IP-адреса браузера, вероятно, поддельные!" X+ }, X+ "securedConnectionDomain": { X+ "message": "Домен обеспечивается DNSSEC." X+ }, X+ "securedConnectionDomainInvIPaddr": { X+ "message": "Домен, и соединение защищены, но IP адрес браузера является недействительным!" X+ }, X+ "securedConnectionInvSigDomain": { X+ "message": "Поднись DNSSEC домена неправильная." X+ }, X+ "securedConnectionInvSigDomainInvIPaddr": { X+ "message": "Подпись DNSSEC домена неправильная. IP адрес не соответствует!" X+ }, X+ "securedConnectionNoDomain": { X+ "message": "Домен не существует в DNSSEC." X+ }, X+ "securedConnectionNoDomainInvIPaddr": { X+ "message": "Домен не существует в DNSSEC. IP адрес не соответствует!" X+ }, X+ "unsecuredDomain": { X+ "message": "Домен не имеет DNSSEC подписи." X+ }, X+ "unsecuredNoDomain": { X+ "message": "Домен не существует, проверка NSEC/NSEC3 не пройдена!" X+ }, X+ "validAuthDomainSignature": { X+ "message": "Ваш резолвер является авторитетным сервером DNS для этого домена, поэтому он не может быть валидатором DNSSEC." X+ }, X+ "validAuthNoDomainSignature": { X+ "message": "Ваш резолвер является авторитетным сервером DNS для этого домена, подпись не может быть проверена DNSSEC." X+ }, X+ "validDomainSignature": { X+ "message": "Домен подписан, но цепочка доверия не может быть проверена." X+ }, X+ "validDomainSignatureInvIPaddr": { X+ "message": "Домен подписан, но IP адрес неправильный!" X+ }, X+ "validNoDomainSignature": { X+ "message": "Несуществующий домен защищен и имеет действительную подпись, но цепочка доверия не может быть установлена." X+ }, X+ "validNoDomainSignatureInvIPaddr": { X+ "message": "Домен подписан в DNSSEC, но браузер показывает несоттветствие домена и IP адреса!" X+ } X+} Xdiff -urN chrome/background.html dnssec-validator/background.html X--- chrome/background.html 2013-02-26 13:33:17.000000000 +0200 X+++ dnssec-validator/background.html 2013-02-19 14:38:18.000000000 +0200 X@@ -202,9 +202,7 @@ X } X X var resolver = this.getResolver(); X- //Old regular expresion with port number X- //var domain = tab.url.match(/^[\w-]+:\/*\[?([\w\.:-]+)\]?(?::\d+)?/)[1]; /**/ X- var domain = tab.url.match(/^(?:[\w-]+:\/+)?\[?([\w\.-]+)\]?(?::)*(?::\d+)?/)[1]; /**/ X+ var domain = tab.url.match(/^[\w-]+:\/*\[?([\w\.:-]+)\]?(?::\d+)?/)[1]; /**/ X var plugin = document.getElementById("dnssec-plugin"); X var result = plugin.Validate(domain, X this.dnssecExtNPAPIConst.NPAPI_INPUT_FLAG_RESOLVIPV4 | XFiles chrome/icon.png and dnssec-validator/icon.png differ XFiles chrome/icon_unknown.png and dnssec-validator/icon_unknown.png differ Xdiff -urN chrome/manifest.json dnssec-validator/manifest.json X--- chrome/manifest.json 2013-02-26 13:33:17.000000000 +0200 X+++ dnssec-validator/manifest.json 2013-02-27 11:28:15.000000000 +0200 X@@ -7,7 +7,8 @@ X "32": "icon.png", X "48": "icon.png" X }, X- "name": "DNSSEC Validator", X+ "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLg7uLMbBIZxLUJOIaXOVdNKqYXWtxiIa4bnF2o3gjIH5IKdmPg62K9uTKuiElPR0U/y7z+t8D3RY5JvgKyxImf4RADuLwxYw0gQyjR0t4ZQICQ4Ulw80GSmirHPMqrX+C9WqnFyFH90USpM9ApVnfSL7JIiouTnTpBkSAyaTudwIDAQAB", X+ "name": "DNSSEC Validator FreeBSD Edition", X "options_page": "options.html", X "page_action": { X "default_icon": "icon_unknown.png", X@@ -16,14 +17,9 @@ X }, X "permissions": [ "tabs" ], X "plugins": [ { X- "path": "npDNSSECValidatorPlugin_x86.so" X- }, { X "path": "npDNSSECValidatorPlugin_x86-64.so" X }, { X- "path": "npDNSSECValidatorPlugin_win32.dll" X- }, { X "path": "DNSSECValidatorPlugin.plugin" X } ], X- "update_url": "http://clients2.google.com/service/update2/crx", X- "version": "0.1.2" X+ "version": "1.1.6" X } XFiles chrome/npDNSSECValidatorPlugin_x86-64.so and dnssec-validator/npDNSSECValidatorPlugin_x86-64.so differ e4e3f580937e2e4cace20a1697021383 exit >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201302281504.r1SF4SLh042593>