From b3c033cf9fc2695e35c44f837a0fc0b477cf30cf Mon Sep 17 00:00:00 2001 From: Thomas Deutschmann Date: Thu, 2 Apr 2020 23:54:33 +0200 Subject: [PATCH] net-libs/gnutls: security cleanup Bug: https://bugs.gentoo.org/715602 Package-Manager: Portage-2.3.96, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann --- net-libs/gnutls/Manifest | 2 - net-libs/gnutls/gnutls-3.6.12.ebuild | 132 ------------------------- net-libs/gnutls/gnutls-3.6.7-r1.ebuild | 129 ------------------------ 3 files changed, 263 deletions(-) delete mode 100644 net-libs/gnutls/gnutls-3.6.12.ebuild delete mode 100644 net-libs/gnutls/gnutls-3.6.7-r1.ebuild diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest index b8520ec7a230..c87cb4c26fc2 100644 --- a/net-libs/gnutls/Manifest +++ b/net-libs/gnutls/Manifest @@ -1,3 +1 @@ -DIST gnutls-3.6.12.tar.xz 5942064 BLAKE2B e3440e914982c0ea0a7ecf9da3784090a1d5767dc026c4c8a5dfd0218d8d4478d316635328667792c853a97bf95667cc1dc53ed850b3d0e9525a29452b42156f SHA512 e1031fd1239d8b0f056a6b736e4c72c9268fb635f273527f310771c608b841cad7b6631401382ec3040d9b539180bf421882bf43427ad3549a5787d2864c2fa5 DIST gnutls-3.6.13.tar.xz 5958956 BLAKE2B de67f96198b6456f397bf203f13bf1f906b69c7ce632dd96b72539fea12f2bd8ee8b2c608d1ed8b06d3b189023fa81e9a2cfcdd6c9bbd174e5bd2b0673f6ca47 SHA512 23581952cb72c9a34f378c002bb62413d5a1243b74b48ad8dc49eaea4020d33c550f8dc1dd374cf7fbfa4187b0ca1c5698c8a0430398268a8b8a863f8633305c -DIST gnutls-3.6.7.tar.xz 8153728 BLAKE2B 993a45edff335e75f36de27373d5db01094c81ebc5eb13d9e04a01f7f32ce6189f71f05a18c90c2e57aec688750e917ee948261726acdd7752d9d7d42a9c7ac2 SHA512 ae9b8996eb9b7269d28213f0aca3a4a17890ba8d47e3dc3b8e754ab8e2b4251e9412aaaa161a8bf56167f04cc169b4cada46f55a7bde92b955eb36cd717a99f3 diff --git a/net-libs/gnutls/gnutls-3.6.12.ebuild b/net-libs/gnutls/gnutls-3.6.12.ebuild deleted file mode 100644 index 1ceb87d0c505..000000000000 --- a/net-libs/gnutls/gnutls-3.6.12.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit libtool multilib-minimal - -DESCRIPTION="A TLS 1.2 and SSL 3.0 implementation for the GNU project" -HOMEPAGE="http://www.gnutls.org/" -SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz" - -LICENSE="GPL-3 LGPL-2.1+" -SLOT="0/30" # libgnutls.so number -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind" - -REQUIRED_USE=" - test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )" -RESTRICT="!test? ( test )" - -# NOTICE: sys-devel/autogen is required at runtime as we -# use system libopts -RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}] - dev-libs/libunistring:=[${MULTILIB_USEDEP}] - >=dev-libs/nettle-3.4.1:=[gmp,${MULTILIB_USEDEP}] - >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}] - tools? ( sys-devel/autogen:= ) - dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] ) - guile? ( >=dev-scheme/guile-2:=[networking] ) - nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] ) - pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] ) - idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - test? ( - seccomp? ( sys-libs/libseccomp ) - )" -BDEPEND=">=virtual/pkgconfig-0-r1 - doc? ( dev-util/gtk-doc ) - nls? ( sys-devel/gettext ) - tools? ( sys-devel/autogen ) - valgrind? ( dev-util/valgrind ) - test-full? ( - app-crypt/dieharder - >=app-misc/datefudge-1.22 - dev-libs/softhsm:2[-bindist] - net-dialup/ppp - net-misc/socat - )" - -DOCS=( - README.md - doc/certtool.cfg -) - -HTML_DOCS=() - -pkg_setup() { - # bug#520818 - export TZ=UTC - - use doc && HTML_DOCS+=( - doc/gnutls.html - ) -} - -src_prepare() { - default - - # force regeneration of autogen-ed files - local file - for file in $(grep -l AutoGen-ed src/*.c) ; do - rm src/$(basename ${file} .c).{c,h} || die - done - - # Use sane .so versioning on FreeBSD. - elibtoolize -} - -multilib_src_configure() { - LINGUAS="${LINGUAS//en/en@boldquot en@quot}" - - local libconf=() - - # TPM needs to be tested before being enabled - libconf+=( --without-tpm ) - - # hardware-accell is disabled on OSX because the asm files force - # GNU-stack (as doesn't support that) and when that's removed ld - # complains about duplicate symbols - [[ ${CHOST} == *-darwin* ]] && libconf+=( --disable-hardware-acceleration ) - - # Cygwin as does not understand these asm files at all - [[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration ) - - local myeconfargs=( - $(multilib_native_enable manpages) - $(multilib_native_use_enable doc gtk-doc) - $(multilib_native_use_enable doc) - $(multilib_native_use_enable guile) - $(multilib_native_use_enable seccomp seccomp-tests) - $(multilib_native_use_enable test tests) - $(multilib_native_use_enable test-full full-test-suite) - $(multilib_native_use_enable tools) - $(multilib_native_use_enable valgrind valgrind-tests) - $(use_enable cxx) - $(use_enable dane libdane) - $(use_enable nls) - $(use_enable openssl openssl-compatibility) - $(use_enable sslv2 ssl2-support) - $(use_enable sslv3 ssl3-support) - $(use_enable static-libs static) - $(use_enable tls-heartbeat heartbeat-support) - $(use_with idn) - $(use_with pkcs11 p11-kit) - --disable-rpath - --with-default-trust-store-file="${EPREFIX}/etc/ssl/certs/ca-certificates.crt" - --with-unbound-root-key-file="${EPREFIX}/etc/dnssec/root-anchors.txt" - --without-included-libtasn1 - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}" -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - - if use examples; then - docinto examples - dodoc doc/examples/*.c - fi -} diff --git a/net-libs/gnutls/gnutls-3.6.7-r1.ebuild b/net-libs/gnutls/gnutls-3.6.7-r1.ebuild deleted file mode 100644 index 9d27ca1f72fa..000000000000 --- a/net-libs/gnutls/gnutls-3.6.7-r1.ebuild +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit libtool multilib-minimal - -DESCRIPTION="A TLS 1.2 and SSL 3.0 implementation for the GNU project" -HOMEPAGE="http://www.gnutls.org/" -SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz" - -LICENSE="GPL-3 LGPL-2.1+" -SLOT="0/30" # libgnutls.so number -KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind" - -REQUIRED_USE=" - test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )" -RESTRICT="!test? ( test )" - -# NOTICE: sys-devel/autogen is required at runtime as we -# use system libopts -RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}] - dev-libs/libunistring:=[${MULTILIB_USEDEP}] - >=dev-libs/nettle-3.4.1:=[gmp,${MULTILIB_USEDEP}] - >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}] - tools? ( sys-devel/autogen:= ) - dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] ) - guile? ( >=dev-scheme/guile-2:=[networking] ) - nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] ) - pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] ) - idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - test? ( - seccomp? ( sys-libs/libseccomp ) - )" -BDEPEND=">=virtual/pkgconfig-0-r1 - doc? ( dev-util/gtk-doc ) - nls? ( sys-devel/gettext ) - tools? ( sys-devel/autogen ) - valgrind? ( dev-util/valgrind ) - test-full? ( - app-crypt/dieharder - >=app-misc/datefudge-1.22 - dev-libs/softhsm:2[-bindist] - net-dialup/ppp - net-misc/socat - )" - -DOCS=( - README.md - doc/certtool.cfg -) - -HTML_DOCS=() - -pkg_setup() { - # bug#520818 - export TZ=UTC - - use doc && HTML_DOCS+=( - doc/gnutls.html - ) -} - -src_prepare() { - default - - # force regeneration of autogen-ed files - local file - for file in $(grep -l AutoGen-ed src/*.c) ; do - rm src/$(basename ${file} .c).{c,h} || die - done - - # Use sane .so versioning on FreeBSD. - elibtoolize -} - -multilib_src_configure() { - LINGUAS="${LINGUAS//en/en@boldquot en@quot}" - - # TPM needs to be tested before being enabled - libconf+=( --without-tpm ) - - # hardware-accell is disabled on OSX because the asm files force - # GNU-stack (as doesn't support that) and when that's removed ld - # complains about duplicate symbols - [[ ${CHOST} == *-darwin* ]] && libconf+=( --disable-hardware-acceleration ) - - # Cygwin as does not understand these asm files at all - [[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration ) - - ECONF_SOURCE=${S} econf \ - $(multilib_native_enable manpages) \ - $(multilib_native_use_enable doc gtk-doc) \ - $(multilib_native_use_enable doc) \ - $(multilib_native_use_enable guile) \ - $(multilib_native_use_enable seccomp seccomp-tests) \ - $(multilib_native_use_enable test tests) \ - $(multilib_native_use_enable test-full full-test-suite) \ - $(multilib_native_use_enable tools) \ - $(multilib_native_use_enable valgrind valgrind-tests) \ - $(use_enable cxx) \ - $(use_enable dane libdane) \ - $(use_enable nls) \ - $(use_enable openssl openssl-compatibility) \ - $(use_enable sslv2 ssl2-support) \ - $(use_enable sslv3 ssl3-support) \ - $(use_enable static-libs static) \ - $(use_enable tls-heartbeat heartbeat-support) \ - $(use_with idn) \ - $(use_with pkcs11 p11-kit) \ - --disable-rpath \ - --with-default-trust-store-file="${EPREFIX}/etc/ssl/certs/ca-certificates.crt" \ - --with-unbound-root-key-file="${EPREFIX}/etc/dnssec/root-anchors.txt" \ - --without-included-libtasn1 \ - "${libconf[@]}" \ - $("${S}/configure" --help | grep -- '--without-.*-prefix' | sed -e 's/^ *\([^ ]*\) .*/\1/g') -} - -multilib_src_install_all() { - einstalldocs - find "${D}" -name '*.la' -delete || die - - if use examples; then - docinto examples - dodoc doc/examples/*.c - fi -} -- 2.26.2