projects / gentoo.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6922f21)
sys-apps/rng-tools: bump to 6.7 #679122
authorGöktürk Yüksek <gokturk@gentoo.org>
Wed, 13 Mar 2019 00:24:24 +0000 (20:24 -0400)
committerGöktürk Yüksek <gokturk@gentoo.org>
Wed, 13 Mar 2019 00:41:39 +0000 (20:41 -0400)
Closes: https://bugs.gentoo.org/679122
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Göktürk Yüksek <gokturk@gentoo.org>
sys-apps/rng-tools/Manifest patch | blob | history
sys-apps/rng-tools/files/rngd-confd-6.7 [new file with mode: 0644] patch | blob
sys-apps/rng-tools/files/rngd-initd-6.7 [new file with mode: 0644] patch | blob
sys-apps/rng-tools/metadata.xml patch | blob | history
sys-apps/rng-tools/rng-tools-6.7.ebuild [new file with mode: 0644] patch | blob

diff --git a/sys-apps/rng-tools/Manifest b/sys-apps/rng-tools/Manifest
index a941e025d1f07a714b8f4f33c078da18ba701a25..d17b7055c3c1a191e7250f5e0484def8f11db5f6 100644 (file)
--- a/sys-apps/rng-tools/Manifest
+++ b/sys-apps/rng-tools/Manifest
@@ -6,4 +6,5 @@ DIST rng-tools-6.3.tar.gz 31474 BLAKE2B 4d3924b3ca85d31d1999ceb45908cf64e8d2978d
 DIST rng-tools-6.4.tar.gz 41248 BLAKE2B 16000e0779cf7aa25936a95661a0c40d4f0f12ed91fa36160924782d22a1057838bfb466f60614f91ef6c5576e0a29b6c1028bb72d5f5403c9a61d8f5ec16edd SHA512 12da9819b6e9a9ea688e82d1689642a690f6c9d78ad5fcf159a71b37a49f79120c8f62d4e1b8e81a496eac46a28137c5c87973499b31e1881a7866de99a168f0
 DIST rng-tools-6.5.tar.gz 51484 BLAKE2B 92700cbe1b48244effeae4f058507c27f8c9714f9bb5435ee7c6c08e260ce57891084208ea62391ab68b6551a3d95997c91d88020e9541564488abcf2041e479 SHA512 ae356ae18cb8584a594519038789d17e0f1b3d30122c058f86f3919a9c5ebfe0c48f8d7bfa6154b37d4f92d89c8b8a4a91007de0d1262ce5b86af19248c57bd0
 DIST rng-tools-6.6.tar.gz 51468 BLAKE2B 47231c60d78a48ade07855dfe8a807d6c10b8e27dc662ff7d98cf232b50e6c32f24197291a813d6ed6d15325a33fe9683d82943109a80cac1d9e348fc30cb849 SHA512 00bbe7f817d8f228f357a79ca270c27c62c0e588a99cd76917ecb7e88dfb627028c66497a59c9918205f3551aaf631963c8fd6504cb4198ddf57f714204c21c4
+DIST rng-tools-6.7.tar.gz 52792 BLAKE2B 3789aa4c6e2f024dcaef6b9b51521e206d65500a94ab456db61dc45c69ac5e4849a1e74abbe0f7640827ffb4bb20675c1f639a5be852d21d0d1a3c6b2e96bb5e SHA512 2f09edacb5448087041257326faf570c303b42f90bb695a1999b2c7543f20a28b15cdf705a2eca55cae8e9cf9fb5205c056fc26cfaf6af958bcda2cde1952b4d
 DIST rng-tools-6.tar.gz 26024 BLAKE2B a523328fcce56997e2847940cdc096abd5a539135f857f0a4cd3d782a1659f4d2978870149caac47b839c80788df6a3d891adcd39371d5968149dd29bc46bc62 SHA512 2aea947c4dba5e8c4df33396957f7224b62200be0e3d10aac08c84155fa473a67df5f49e07a07b2cbea4dfd772d90c1b194e8fce3d8eea762463a7f4a16d6ce4
diff --git a/sys-apps/rng-tools/files/rngd-confd-6.7 b/sys-apps/rng-tools/files/rngd-confd-6.7
new file mode 100644 (file)
index 0000000..20aa328
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-confd-6.7
@@ -0,0 +1,90 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# /etc/conf.d/rngd
+# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
+
+# Space-delimited list of entropy sources to enable
+# Note that some of the entropy sources may require certain USE flags
+# to be enabled or require hardware support to function properly
+# Entropy sources not specified here (or in the exclude list below)
+# will be enabled/disabled based on rngd default behavior
+#
+# Choose from the list:
+#         hwrng:  Hardware RNG Device
+#         tpm:    TPM RNG Device (Deprecated)
+#         rdrand: Intel RDRAND Instruction RNG
+#         darn:   Power9 DARN Instruction RNG
+#         nist:   NIST Network Entropy Beacon
+#                 (UNSAFE for cryptographic operations)
+#         jitter: JITTER Entropy Generator
+#         pkcs11: PKCS11 Entropy Generator
+#
+#INCLUDE_ENTROPY_SOURCES="hwrng tpm rdrand darn nist jitter pkcs11"
+
+
+# Space-delimited list of entropy sources to disable
+# This is useful for disabling certain entropy sources even
+# when they are supported on the system
+#
+#EXCLUDE_ENTROPY_SOURCES="nist tpm"
+
+
+# Entropy source specific options:
+#
+#
+# hwrng device used for random number input:
+#
+#HWRNG_DEVICE="/dev/hwrng"
+#
+#
+# rdrand options:
+#         use_aes:(BOOLEAN)
+#
+#RDRAND_OPTIONS="use_aes:1"
+#
+#
+# darn options:
+#         use_aes:(BOOLEAN)
+#
+#DARN_OPTIONS="use_aes:1"
+#
+#
+# jitter options:
+#         thread_count:(INTEGER)
+#         buffer_size:(INTEGER)
+#         refill_thresh:(INTEGER)
+#         retry_count:(INTEGER)
+#         retry_delay:(INTEGER)
+#         use_aes:(BOOLEAN)
+#
+#JITTER_OPTIONS="thread_count:4 buffer_size:16535 refill_thresh:16535"
+#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1 use_aes:1"
+#
+#
+# pkcs11 options:
+#         engine_path:(STRING)
+#         chunk_size:(INTEGER)
+#
+#PKCS11_OPTIONS="engine_path:/usr/lib64/opensc-pkcs11.so chunk_size:1"
+
+
+# Kernel device used for random number output
+#
+#RANDOM_DEVICE="/dev/random"
+
+
+# Random step (Number of bytes written to random-device at a time):
+#
+#STEP=64
+
+
+# Fill watermark
+# 0 <= n <= `sysctl kernel.random.poolsize`
+#
+#WATERMARK=2048
+
+
+# Any extra arguments for rngd
+#
+#EXTRA_ARGS=""
diff --git a/sys-apps/rng-tools/files/rngd-initd-6.7 b/sys-apps/rng-tools/files/rngd-initd-6.7
new file mode 100644 (file)
index 0000000..e85581b
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-initd-6.7
@@ -0,0 +1,64 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+       need localmount
+       after urandom
+       provide entropy
+}
+
+command="/usr/sbin/rngd"
+description="Check and feed random data from hardware device to kernel entropy pool."
+pidfile="/var/run/${RC_SVCNAME}.pid"
+command_args=""
+command_args_background="--pid-file ${pidfile} --background"
+start_stop_daemon_args="--wait 1000"
+retry="SIGKILL/5000"
+
+
+# Parse rngd confd file for extra command line arguments
+start_pre() {
+    for entsrc in ${INCLUDE_ENTROPY_SOURCES}; do
+       command_args="${command_args} -n ${entsrc}"
+    done
+
+    for entsrc in ${EXCLUDE_ENTROPY_SOURCES}; do
+       command_args="${command_args} -x ${entsrc}"
+    done
+
+    if [ "x${HWRNG_DEVICE}" != "x" ]; then
+       command_args="${command_args} --rng-device=${HWRNG_DEVICE}"
+    fi
+
+    for entsrc_opt in ${RDRAND_OPTIONS}; do
+       command_args="${command_args} -O rdrand:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${DARN_OPTIONS}; do
+       command_args="${command_args} -O darn:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${JITTER_OPTIONS}; do
+       command_args="${command_args} -O jitter:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${PKCS11_OPTIONS}; do
+       command_args="${command_args} -O pkcs11:${entsrc_opt}"
+    done
+
+    if [ "x${RANDOM_DEVICE}" != "x" ]; then
+       command_args="${command_args} --random-device=${RANDOM_DEVICE}"
+    fi
+
+    if [ "x${STEP}" != "x" ]; then
+       command_args="${command_args} --random-step=${STEP}"
+    fi
+
+    if [ "x${WATERMARK}" != "x" ]; then
+       command_args="${command_args} --fill-watermark=${WATERMARK}"
+    fi
+
+    command_args="${command_args} ${EXTRA_ARGS}"
+    return 0
+}
diff --git a/sys-apps/rng-tools/metadata.xml b/sys-apps/rng-tools/metadata.xml
index 911b7587f660902403c730c37e329260e9619995..69907447109caf2f376ca385b3d36a3725f068ea 100644 (file)
--- a/sys-apps/rng-tools/metadata.xml
+++ b/sys-apps/rng-tools/metadata.xml
@@ -16,6 +16,9 @@
        <flag name="nistbeacon">
                Enable NIST beacon entropy support
        </flag>
+       <flag name="pkcs11">
+               Enable PKCS11 entropy support
+       </flag>
 </use>
 <upstream>
        <remote-id type="github">nhorman/rng-tools</remote-id>
diff --git a/sys-apps/rng-tools/rng-tools-6.7.ebuild b/sys-apps/rng-tools/rng-tools-6.7.ebuild
new file mode 100644 (file)
index 0000000..3259cb0
--- /dev/null
+++ b/sys-apps/rng-tools/rng-tools-6.7.ebuild
@@ -0,0 +1,89 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools systemd readme.gentoo-r1 toolchain-funcs
+
+DESCRIPTION="Daemon to use hardware random number generators"
+HOMEPAGE="https://github.com/nhorman/rng-tools"
+SRC_URI="https://github.com/nhorman/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~x86"
+IUSE="jitterentropy nistbeacon pkcs11 selinux"
+
+DEPEND="dev-libs/libgcrypt:0
+       dev-libs/libgpg-error
+       sys-fs/sysfsutils
+       jitterentropy? (
+               app-crypt/jitterentropy:=
+       )
+       nistbeacon? (
+               net-misc/curl[ssl]
+               dev-libs/libxml2:2=
+               dev-libs/openssl:0=
+       )
+       pkcs11? (
+               dev-libs/libp11:=
+       )
+       elibc_musl? ( sys-libs/argp-standalone )
+"
+RDEPEND="${DEPEND}
+       selinux? ( sec-policy/selinux-rngd )"
+DEPEND="${DEPEND}
+       nistbeacon? (
+               virtual/pkgconfig
+       )
+"
+
+PATCHES=(
+       "${FILESDIR}"/test-for-argp.patch
+       "${FILESDIR}"/${PN}-5-fix-textrels-on-PIC-x86.patch #469962
+)
+
+src_prepare() {
+       echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am || die
+       default
+
+       mv README.md README || die
+
+       eautoreconf
+
+       sed -i '/^AR /d' Makefile.in || die
+       tc-export AR
+}
+
+src_configure() {
+       local myeconfargs=(
+               $(use_enable jitterentropy)
+               $(use_with nistbeacon)
+               $(use_with pkcs11)
+       )
+
+       econf "${myeconfargs[@]}"
+}
+
+src_install() {
+       default
+       newinitd "${FILESDIR}"/rngd-initd-6.7 rngd
+       newconfd "${FILESDIR}"/rngd-confd-6.7 rngd
+       systemd_dounit "${FILESDIR}"/rngd.service
+
+       if use pkcs11; then
+               local DISABLE_AUTOFORMATTING=1
+               local DOC_CONTENTS="
+The PKCS11 entropy source may require extra packages (e.g. 'dev-libs/opensc')
+to support various smartcard readers. Make sure 'PKCS11_OPTIONS' in:
+       '${EROOT%/}/etc/conf.d/rngd'
+reflects the correct PKCS11 engine path to be used by rngd.
+"
+               readme.gentoo_create_doc
+       fi
+
+}
+
+pkg_postinst() {
+       use pkcs11 && readme.gentoo_print_elog
+}
Unnamed repository; edit this file 'description' to name the repository.