--- /dev/null
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit versionator
+
+MY_P="${PN}-$(replace_version_separator 2 b)"
+S=${WORKDIR}/${MY_P}
+DESCRIPTION="Dump/restore ext2fs backup utilities"
+HOMEPAGE="http://dump.sourceforge.net/"
+SRC_URI="mirror://sourceforge/dump/${MY_P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+# We keep uuid USE flag default dsiabled for this version. Don't forget
+# to default enable it for later versions as this is the upstream default.
+IUSE="bzip2 debug ermt libressl lzo readline selinux sqlite ssl static test uuid zlib"
+REQUIRED_USE="
+ ermt? ( ssl )
+ ssl? ( zlib )
+ test? ( sqlite? ( uuid ) )
+"
+
+RDEPEND=">=sys-fs/e2fsprogs-1.27:=
+ >=sys-libs/e2fsprogs-libs-1.27:=
+ sys-apps/util-linux
+ bzip2? ( >=app-arch/bzip2-1.0.2:= )
+ zlib? ( >=sys-libs/zlib-1.1.4:= )
+ lzo? ( dev-libs/lzo:2= )
+ sqlite? ( dev-db/sqlite:3= )
+ ermt? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ readline? (
+ sys-libs/readline:0=
+ sys-libs/ncurses:=
+ static? ( sys-libs/ncurses:=[static-libs] )
+ )"
+DEPEND="${RDEPEND}
+ virtual/pkgconfig
+ virtual/os-headers"
+
+PATCHES=( "${FILESDIR}"/${P}-openssl11.patch )
+
+src_configure() {
+ local myeconfargs=(
+ --with-dumpdatespath=/etc/dumpdates
+ --with-rmtpath='$(sbindir)/rmt'
+ --enable-blkid
+ $(use_enable bzip2)
+ $(use_enable debug)
+ $(use_enable ermt)
+ $(use_enable lzo)
+ $(use_enable readline)
+ $(use_enable selinux)
+ $(use_enable sqlite)
+ $(use_enable ssl)
+ $(use_enable static static-progs)
+ $(use_enable uuid)
+ $(use_enable zlib)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+ mv "${ED}"/usr/sbin/{,dump-}rmt || die
+ mv "${ED}"/usr/share/man/man8/{,dump-}rmt.8 || die
+ use ermt && newsbin rmt/ermt dump-ermt
+
+ dodoc KNOWNBUGS MAINTAINERS REPORTING-BUGS
+ dodoc -r examples
+}
+
+pkg_postinst() {
+ if [[ -z ${REPLACING_VERSIONS} ]] ; then
+ ewarn "app-arch/dump installs 'rmt' as 'dump-rmt'."
+ ewarn "This is to avoid conflicts with app-arch/tar 'rmt'."
+ fi
+}
--- /dev/null
+Index: dump-0.4b46/common/transformation_ssl.c\r
+===================================================================\r
+--- dump-0.4b46.orig/common/transformation_ssl.c\r
++++ dump-0.4b46/common/transformation_ssl.c\r
+@@ -215,7 +215,10 @@ generateIV(Transformation *xform, unsign\r
+ /* to be exposed to any attacker anyway. */\r
+ *saltlen = 16;\r
+ if (xform->enc == 1) {\r
+- RAND_pseudo_bytes(salt, *saltlen);\r
++ if (!RAND_bytes(salt, *saltlen) != 1) {\r
++ /* PRNG not sufficiently seeded */\r
++ return -1;\r
++ }\r
+ }\r
+ memcpy(ivbuffer, salt, 16);\r
+ \r
+@@ -274,7 +277,7 @@ ssl_compress(Transformation *xform, stru\r
+ digestlen = sizeof(digest);\r
+ \r
+ /* generate salt, put it in header */\r
+- generateIV(xform, salt, &saltlen, iv, &ivlen);\r
++ generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */\r
+ memcpy(tpbin->buf, salt, saltlen);\r
+ \r
+ /* compress the buffer first - increase the entropy */\r
+@@ -351,7 +354,7 @@ ssl_decompress(Transformation *xform, st\r
+ \r
+ // how to know salt length?\r
+ memcpy(salt, src, saltlen);\r
+- generateIV(xform, salt, &saltlen, iv, &ivlen);\r
++ generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */\r
+ \r
+ EVP_DecryptInit_ex(xform->state.ssl.dataCtx, xform->state.ssl.cipher, xform->state.ssl.engine, NULL, NULL);\r
+ //EVP_CIPHER_CTX_set_key_length(&ctx, 8);\r
+@@ -515,7 +518,7 @@ Transformation\r
+ //EVP_CIPHER_CTX_rand_key(ctx, t->state.ssl.key);\r
+ //EVP_CIPHER_CTX_cleanup(ctx);\r
+ //EVP_CIPHER_CTX_free(ctx);\r
+- RAND_bytes(t->state.ssl.key, t->state.ssl.cipher->key_len);\r
++ RAND_bytes(t->state.ssl.key, EVP_CIPHER_key_length(t->state.ssl.cipher));\r
+ } else {\r
+ // how do we get keys?\r
+ }\r
+Index: dump-0.4b46/rmt/cipher.c\r
+===================================================================\r
+--- dump-0.4b46.orig/rmt/cipher.c\r
++++ dump-0.4b46/rmt/cipher.c\r
+@@ -23,7 +23,7 @@\r
+ char *\r
+ cipher(char *buf, int buflen, int do_encrypt)\r
+ {\r
+- static EVP_CIPHER_CTX ctx;\r
++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();\r
+ static char *out = NULL; /* return value, grown as necessary */\r
+ static int outlen = 0;\r
+ static int init = 0, which, blocksize;\r
+@@ -71,13 +71,13 @@ cipher(char *buf, int buflen, int do_enc\r
+ }\r
+ EVP_BytesToKey(cipher, EVP_md5(), NULL,\r
+ buf, strlen(buf), 1, key, iv);\r
+- EVP_CIPHER_CTX_init(&ctx);\r
+- EVP_CipherInit_ex(&ctx, cipher, NULL, key, iv, do_encrypt);\r
+- EVP_CIPHER_CTX_set_padding(&ctx, 0); // -nopad\r
++ EVP_CIPHER_CTX_init(ctx);\r
++ EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, do_encrypt);\r
++ EVP_CIPHER_CTX_set_padding(ctx, 0); // -nopad\r
+ OPENSSL_cleanse(buf, sizeof buf);\r
+ OPENSSL_cleanse(key, sizeof key);\r
+ OPENSSL_cleanse(iv, sizeof iv);\r
+- blocksize = EVP_CIPHER_CTX_block_size(&ctx);\r
++ blocksize = EVP_CIPHER_CTX_block_size(ctx);\r
+ which = do_encrypt;\r
+ init = 1;\r
+ }\r
+@@ -95,7 +95,7 @@ cipher(char *buf, int buflen, int do_enc\r
+ outlen = (buflen+blocksize) * 2;\r
+ out = realloc(out, outlen);\r
+ }\r
+- if (!EVP_CipherUpdate(&ctx, out, &n, buf, buflen)) {\r
++ if (!EVP_CipherUpdate(ctx, out, &n, buf, buflen)) {\r
+ syslog(LOG_ERR, "EVP_CipherUpdate failed");\r
+ errno = EINVAL;\r
+ return NULL;\r
+@@ -106,6 +106,7 @@ cipher(char *buf, int buflen, int do_enc\r
+ return NULL;\r
+ }\r
+ // assert(ctx->buf_len == 0);\r
++ EVP_CIPHER_CTX_free(ctx);\r
+ return out;\r
+ }\r
+ \r
projects / gentoo.git / commitdiff