From: Jakov Smolic Date: Sun, 24 May 2020 11:26:40 +0000 (+0200) Subject: net-libs/mbedtls: security cleanup X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a75bfcf78192b3c2341ef8b93416e05388ab202c;p=gentoo.git net-libs/mbedtls: security cleanup Bug: https://bugs.gentoo.org/714582 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Jakov Smolic Signed-off-by: Anthony G. Basile --- diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest index 69b2642974f8..403c222c2c1f 100644 --- a/net-libs/mbedtls/Manifest +++ b/net-libs/mbedtls/Manifest @@ -1,4 +1,2 @@ -DIST mbedcrypto-2.0.0.tar.gz 3001813 BLAKE2B 35a01b7cb11a94cb5ef333f5939945b40ecd0da482959980931e389ac5aec3c1c1b2f40970bbde4587454aee5957dce220593bfc31943ec3deddfa70d2386a25 SHA512 3a8fa6b7160065ef175139ba9cb4c8599be11f9d0df5fd60f9f96c425400a0a40eaa31d571ce61d4a00e3b10c1e2b81756c1ad31df6fc32777f40ade7806948a DIST mbedtls-2.16.6.tar.gz 2603563 BLAKE2B a4011bb2b7e3eca554cded05c4650fc16b48d86ae1ac7fefe29df6b29e38c1e76c880f082be83759b4dddd96f831a1238c2df41671bd9794b028402b3dd63f60 SHA512 a4c2e70c0cc6b1f1571a9f2ec27ede2620eb1937361599cab0e05b807068397d25695d5cd23931fd0f4cc051de6367c2b6c77f3507ed8b33cd492589c51eebac -DIST mbedtls-2.19.1.tar.gz 1165843 BLAKE2B c8e6764b493a6ca011e74d7b297d5ae5140d7bdf17c1cfd5b9d37913d615ad3c5a6dbf71d44cbf14c938646e51bbf04cd63cc1657eb3775addb2dee3ee94c587 SHA512 07ec1cdf98e51ed35bb2940e485d7d8422e9fd440d2077d5cd4c80781d73848228386fe9064773ef8bb1a02c1bc060185b9c8310349d695926bd2c9b7cf6582b DIST mbedtls-2.22.0.tar.gz 3822997 BLAKE2B 0857479e89f9850f611cb8c946c489f715a83edba88673b874cd3e6530a7f72c48671e02435087a48aa9a550d0901a5fd2990f9b3a4d69edceecf1fa01772ab6 SHA512 391b99a59ed4edf9625e71e610ea71c6cefa4ea1210d306eb595d85f7408d5decf5fc995d4a411698f1536651ee1230b305dd354df15dbeef9469aa6a7980e09 diff --git a/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild b/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild deleted file mode 100644 index f8d6153e9705..000000000000 --- a/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit cmake-utils multilib-minimal - -DESCRIPTION="Cryptographic library for embedded systems" -HOMEPAGE="https://tls.mbed.org/" -CRYPTO_SUBMODULE="mbedcrypto-2.0.0" -SRC_URI="https://github.com/ARMmbed/mbedtls/archive/${P}.tar.gz - https://github.com/ARMmbed/mbed-crypto/archive/${CRYPTO_SUBMODULE}.tar.gz" -S=${WORKDIR}/${PN}-${P} - -LICENSE="Apache-2.0" -SLOT="0/13" # slot for libmbedtls.so -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sparc x86" -IUSE="cpu_flags_x86_sse2 doc havege libressl programs -static-libs test threads zlib" -RESTRICT="!test? ( test )" - -RDEPEND=" - programs? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) - ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - doc? ( app-doc/doxygen media-gfx/graphviz ) - test? ( dev-lang/perl )" - -enable_mbedtls_option() { - local myopt="$@" - # check that config.h syntax is the same at version bump - sed -i \ - -e "s://#define ${myopt}:#define ${myopt}:" \ - include/mbedtls/config.h || die -} - -PATCHES=( - "${FILESDIR}"/${PN}-dont-overwrite-headers.patch - "${FILESDIR}"/${PN}-un-pebcak-705038-wrong-file.patch - "${FILESDIR}"/${PN}-2.19.1-zlib.patch #706112 -) - -src_prepare() { - use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2 - use zlib && enable_mbedtls_option MBEDTLS_ZLIB_SUPPORT - use havege && enable_mbedtls_option MBEDTLS_HAVEGE_C - use threads && enable_mbedtls_option MBEDTLS_THREADING_C - use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD - - # pretend to be git submodule - rmdir "${S}"/crypto - mv "${WORKDIR}"/mbed-crypto-${CRYPTO_SUBMODULE} "${S}"/crypto - - cmake-utils_src_prepare -} - -multilib_src_configure() { - local mycmakeargs=( - -DENABLE_PROGRAMS=$(multilib_native_usex programs) - -DENABLE_ZLIB_SUPPORT=$(usex zlib) - -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs) - -DENABLE_TESTING=$(usex test) - -DUSE_SHARED_MBEDTLS_LIBRARY=ON - -DINSTALL_MBEDTLS_HEADERS=ON - -DLIB_INSTALL_DIR="/usr/$(get_libdir)" - ) - - cmake-utils_src_configure -} - -multilib_src_compile() { - cmake-utils_src_compile - use doc && multilib_is_native_abi && cd "${S}" && emake apidoc -} - -multilib_src_test() { - LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \ - cmake-utils_src_test -} - -multilib_src_install() { - cmake-utils_src_install -} - -multilib_src_install_all() { - use doc && HTML_DOCS=( apidoc ) - - einstalldocs - - if use programs ; then - # avoid file collisions with sys-apps/coreutils - local p e - for p in "${ED}"/usr/bin/* ; do - if [[ -x "${p}" && ! -d "${p}" ]] ; then - mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die - fi - done - for e in aes hash pkey ssl test ; do - docinto "${e}" - dodoc programs/"${e}"/*.c - dodoc programs/"${e}"/*.txt - done - fi -}