Bug 188564 - [new port] revive archivers/cfv 1.18.3
Summary: [new port] revive archivers/cfv 1.18.3
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Johannes Jost Meixner
Depends on:
Reported: 2014-04-13 19:00 UTC by janow49420
Modified: 2014-04-15 05:40 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description janow49420 2014-04-13 19:00:00 UTC
Today I noticed this was removed from ports:

===>>> The security/cfv port has been deleted: Has expired: Unmaintained since 2001

It was actually updated in 2009-06-07 according to svn:


It's a pretty simple python program, http://sourceforge.net/p/cfv/code/HEAD/tree/tags/cfv-1_18_3/cfv/cfv

It doesn't really get updates because it works, and fulfils it's purpose.

Someone in IRC suggested I take maintainer-ship of it to keep it in ports. I'm happy to do so.
Comment 1 Johannes Jost Meixner freebsd_committer 2014-04-13 19:14:07 UTC
Responsible Changed
From-To: freebsd-ports-bugs->xmj

I'll take it.
Comment 2 janow49420 2014-04-14 06:56:30 UTC
I've reconsidered maintaining this port and recommend it stays dead.

cfv was able to verify a number of different hashes: .sfv, .csv,
.crc, .md5, md5sum, sha1sum, .torrent, par, or par2 files

1. Plenty of good alternatives
   + sfv (bsdsfv, cksfv, gsfv, pure-sfv)
   + md5/sha1 (md5/sha1, GNU coreutils, openssl),
   + par/par2 (par2cmdline and par2cmdline-tbb

2. Alternatives are probably faster
   + In the case of par2 files, the tbb version would be faster.

3. Broken functionality
   + .torrent functionality depends on BitTornado
      http://www.bittornado.com which was removed from ports long ago

   + Required X11 and couldn't be built without

4. Encourages weaker hashes like md5/sha1 when there's more secure
alternatives like sha256, sha512 etc

Maybe we could put a mention of PR 188564 in the removal description.
Comment 3 Johannes Jost Meixner freebsd_committer 2014-04-14 14:28:10 UTC
State Changed
From-To: open->closed

Superseded by ports/188584
Comment 4 Matthew Rezny freebsd_committer 2014-04-14 14:31:26 UTC
I disagree with David's conclusion. I had created ports/188584 (with patch) 
unaware of this PR.

cfv is a complete Checksum File Verifier. It handles much more than just SFV 
files as already mentioned. It is convenient as a single tool to handle all 
these files. I already evaluated alternatives and found them insufficient.

Of the alternatives mentioned for SFV:
bsdsfv & cksfv only handle SFV files
pure-sfv does SFV and PAR, but none of the rest
gsfv is a GTK app, requires X11

Perhaps the best feature of cfv is ability to run through a directory tree and 
varify all files using a variety of hashes. It could be updated to add 
SHA256/512 the same way it handles SHA1.

I fail to see how being able to check a wide variety of hashes encourages use 
of weak hashes. You can only check the hashes you receive with the files in 
Comment 5 dfilter service freebsd_committer 2014-04-14 21:14:10 UTC
Author: xmj
Date: Mon Apr 14 20:14:01 2014
New Revision: 351286
URL: http://svnweb.freebsd.org/changeset/ports/351286
QAT: https://qat.redports.org/buildarchive/r351286/

  security/cfv: Resurrection, stage, assign maintainer
  - Resurrection
  - Assign maintainer to matthew@reztek.cz
  - Stagify
  PR:	ports/188584
  PR:	ports/188564
  Submitted by:	Matthew Rezny
  Approved by:	swills (mentor)

     - copied from r350853, head/security/cfv/

Modified: head/MOVED
--- head/MOVED	Mon Apr 14 20:09:06 2014	(r351285)
+++ head/MOVED	Mon Apr 14 20:14:01 2014	(r351286)
@@ -5992,7 +5992,6 @@ graphics/svg2swf||2014-04-13|Has expired
 devel/flick||2014-04-13|Has expired: Unmaintained since 2001
 mail/smail||2014-04-13|Has expired: Unmaintained since 2001
 net/net-http||2014-04-13|Has expired: Unmaintained since 2001
-security/cfv||2014-04-13|Has expired: Unmaintained since 2001
 graphics/camediaplay||2014-04-13|Has expired: Unmaintained since 2001
 math/umatrix||2014-04-13|Has expired: Unmaintained since 2001
 lang/f77||2014-04-13|Has expired: Unmaintained since 2001

Modified: head/security/Makefile
--- head/security/Makefile	Mon Apr 14 20:09:06 2014	(r351285)
+++ head/security/Makefile	Mon Apr 14 20:14:01 2014	(r351286)
@@ -54,6 +54,7 @@
     SUBDIR += ccrypt
     SUBDIR += ccsrch
     SUBDIR += cfs
+    SUBDIR += cfv
     SUBDIR += chaosreader
     SUBDIR += checkpassword
     SUBDIR += checkpassword-pam

Modified: head/security/cfv/Makefile
--- head/security/cfv/Makefile	Thu Apr 10 20:57:50 2014	(r350853)
+++ head/security/cfv/Makefile	Mon Apr 14 20:14:01 2014	(r351286)
@@ -6,20 +6,16 @@ PORTVERSION=	1.18.3
 CATEGORIES=	security
-MAINTAINER=	ports@FreeBSD.org
+MAINTAINER=	matthew@reztek.cz
 COMMENT=	Utility to both test and create .sfv, .csv, and md5sum files
-DEPRECATED=	Unmaintained since 2001
-EXPIRATION_DATE=	2014-04-12
 ALL_TARGET=	cfv.wrapper
 INSTALL_TARGET=	install-wrapper
-MAN1=	cfv.1
-NO_STAGE=	yes
-	@${REINPLACE_CMD} -e "s,%%PREFIX%%,${PREFIX},g" ${WRKSRC}/Makefile
+	        -e "s,%%PREFIX%%,${PREFIX},g" ${WRKSRC}/Makefile
 .include <bsd.port.mk>

Modified: head/security/cfv/files/patch-Makefile
--- head/security/cfv/files/patch-Makefile	Thu Apr 10 20:57:50 2014	(r350853)
+++ head/security/cfv/files/patch-Makefile	Mon Apr 14 20:14:01 2014	(r351286)
@@ -1,9 +1,37 @@
 --- Makefile.orig	Fri Dec  7 17:01:19 2001
 +++ Makefile	Fri Dec  7 17:01:56 2001
-@@ -1,5 +1,5 @@
+@@ -1,10 +1,7 @@
+-#finds the site-packages dir that matches the selected prefix, or if none do, falls back to wherever it can find one..
+-pkgdir=`$(PYTHON) -c 'import sys,re; x=filter(lambda x: re.match("$(prefix).*site-packages",x),sys.path); y=filter(lambda y: re.search("site-packages",y),sys.path); x.sort(lambda x,y: cmp(len(x),len(y))); y.sort(lambda x,y: cmp(len(x),len(y))); x.extend(y); print x[0]'`
+-#nice little expression, huh? ;)
- #finds the site-packages dir that matches the selected prefix, or if none do, falls back to wherever it can find one..
+ bindir=${exec_prefix}/bin
+ mandir=${prefix}/man
+@@ -39,16 +36,16 @@
+ cfv.wrapper:
+ 	$(PYTHON) -c 'import string,os; py=filter(lambda x: os.path.isfile(x),map(lambda x: os.path.join(x,"$(PYTHON)"),string.split(os.environ["PATH"],":"))); py.append(" /usr/bin/env $(PYTHON)"); open("cfv.wrapper","w").write("#!%s\nimport cfv\ncfv.main()\n"%py[0])'
+-$(DESTDIR)$(mandir)/man1 $(DESTDIR)$(bindir):
++$(DESTDIR)$(mandir)/man1 $(DESTDIR)$(bindir) $(DESTDIR)$(pkgdir):
+ 	$(install_dir) $@
+-install-wrapper-only: $(DESTDIR)$(bindir) cfv.wrapper install_man
++install-wrapper-only: $(DESTDIR)$(pkgdir) $(DESTDIR)$(bindir) cfv.wrapper
+ 	$(install_data) cfv $(DESTDIR)$(pkgdir)/cfv.py
+ 	$(install_script) cfv.wrapper $(DESTDIR)$(bindir)/cfv
+-install-wrapper: install-wrapper-only
+-	$(PYTHON) -c "import py_compile; py_compile.compile('$(DESTDIR)$(pkgdir)/cfv.py')" 
+-	$(PYTHON) -O -c "import py_compile; py_compile.compile('$(DESTDIR)$(pkgdir)/cfv.py')" 
++install-wrapper: install-wrapper-only install_man
++	$(PYTHON) -m compileall -d $(pkgdir) -l $(DESTDIR)$(pkgdir) 
++	$(PYTHON) -O -m compileall -d $(pkgdir) -l $(DESTDIR)$(pkgdir) 
+ install: $(DESTDIR)$(bindir) install_man
+ 	$(install_script) cfv $(DESTDIR)$(bindir)/cfv

Modified: head/security/cfv/pkg-plist
--- head/security/cfv/pkg-plist	Thu Apr 10 20:57:50 2014	(r350853)
+++ head/security/cfv/pkg-plist	Mon Apr 14 20:14:01 2014	(r351286)
@@ -2,3 +2,4 @@ bin/cfv
svn-ports-all@freebsd.org mailing list
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 6 janow49420 2014-04-15 05:31:49 UTC
If someone is going to develop it further to include other hashes
then great. :D I was sad to see it go when it wasn't hurting anyone.

The points you raise about multiple checksum varieties in the same
file is not something I thought of.

I could also see how it would be useful for the input/output to be
the same for different for each hash type.

Also I made a mistake originally this should be in security/cfv, not

It would be great to see the .torrent checking functionality restored
without the need of Bittornado, something you might want to investigate.

Other fact: other distributions/package managers (Debian, MacPorts,
Redhat) have not seen need to remove it.