summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzamat H. Hackimov <azamat.hackimov@gmail.com>2024-04-12 03:35:23 +0300
committerViorel Munteanu <ceamac@gentoo.org>2024-05-27 13:51:32 +0300
commit301391a39941f49b90327ce22bfe2de1a3b7f80e (patch)
treef29e0f8f82de0fbef487b0cdcbb29a05e026001f
parentnet-libs/mbedtls: add 2.28.8 (diff)
downloadgentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.tar.gz
gentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.tar.bz2
gentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.zip
net-libs/mbedtls: add 3.6.0
Fixes CVE-2024-28960. Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: Viorel Munteanu <ceamac@gentoo.org>
-rw-r--r--net-libs/mbedtls/Manifest1
-rw-r--r--net-libs/mbedtls/mbedtls-3.6.0.ebuild95
2 files changed, 96 insertions, 0 deletions
diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest
index 3894c8d34fe7..2eef247ddfff 100644
--- a/net-libs/mbedtls/Manifest
+++ b/net-libs/mbedtls/Manifest
@@ -2,3 +2,4 @@ DIST mbedtls-2.28.5.tar.gz 4005000 BLAKE2B 755287e1a1e0be5d193a8a184a9ae3ab2b6c2
DIST mbedtls-2.28.7.tar.gz 3990571 BLAKE2B 91a11d9d56fc058c3aef797e644c2c141cd70dc96716e75d9074de89717298a10c93e403a2fed9ae6f34c7549753a70d61b6602fbc21bc568c2e260d4f369f65 SHA512 1cf6722d60a49375f857c8d84f06dbb50ea08accaa12b329d75a93b959aef382410e7b6e0a1511407402b3eec5e2208eaf5e9fc2c8574ed0f8f44234bc4401b3
DIST mbedtls-2.28.8.tar.bz2 3343796 BLAKE2B 1efde6698662873c40df9733bae902db4e009f3dd26a937e05707ca1a208b71675df0737b44b5895a60cfbf42f18f92dae88cba62f32b55733947b9c0481880e SHA512 c8e91ec50ab2caf1f33e907279dc30fca2a8cd97e6e531be857149589e52aeffb95b445b2a9fa674886f0071f446381da3bb8107f7e850f3390128b069ac9ea7
DIST mbedtls-3.5.2.tar.gz 5584711 BLAKE2B f1d0e7368ad156cc5cde4cd396ccaf3e1cacfda38f7d7ee89c908245944d22152d141928e8aeebd298437079e7fdb74207875e2f48ce3ef1a6f5fb8840b19df3 SHA512 99f4110d8410415982cb9b71994b069e4d2f89841decccc68b629250c7497c10d5e3ffe867c4ac1518ec7d6edd9703c38fd8afb6c238e9e0e7132def2b09b4e3
+DIST mbedtls-3.6.0.tar.bz2 4811255 BLAKE2B d453f072c39aa2ca5669f0fe84ab01ea826a98e1e48b59b5a788e3ae948c33500e8e0565ed6481ef049ee3efc72eb92828c9d08f5606766cb6c9dbde749459b8 SHA512 5c395890d486144af882aa96c9430103f79df889139969a64a490c0cafbdd5631a72bb668aa59b062204f19a5bb36dfcc5a096b59d76c7ef27f2560cd2388682
diff --git a/net-libs/mbedtls/mbedtls-3.6.0.ebuild b/net-libs/mbedtls/mbedtls-3.6.0.ebuild
new file mode 100644
index 000000000000..4930d2404ccf
--- /dev/null
+++ b/net-libs/mbedtls/mbedtls-3.6.0.ebuild
@@ -0,0 +1,95 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit cmake multilib-minimal python-any-r1
+
+DESCRIPTION="Cryptographic library for embedded systems"
+HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/"
+SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/v${PV}/${P}.tar.bz2"
+
+LICENSE="|| ( Apache-2.0 GPL-2+ )"
+SLOT="0/16.21.7" # ffmpeg subslot naming: SONAME tuple of {libmbedcrypto.so,libmbedtls.so,libmbedx509.so}
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="cpu_flags_x86_sse2 doc programs static-libs test threads"
+RESTRICT="!test? ( test )"
+
+BDEPEND="
+ ${PYTHON_DEPS}
+ doc? (
+ app-text/doxygen
+ media-gfx/graphviz
+ )
+ test? ( dev-lang/perl )
+"
+
+enable_mbedtls_option() {
+ local myopt="$@"
+ # check that config.h syntax is the same at version bump
+ sed -i \
+ -e "s://#define ${myopt}:#define ${myopt}:" \
+ include/mbedtls/mbedtls_config.h || die
+}
+
+src_prepare() {
+ use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_C
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD
+
+ cmake_src_prepare
+}
+
+multilib_src_configure() {
+ local mycmakeargs=(
+ -DENABLE_PROGRAMS=$(multilib_native_usex programs)
+ -DENABLE_TESTING=$(usex test)
+ -DINSTALL_MBEDTLS_HEADERS=ON
+ -DLIB_INSTALL_DIR="${EPREFIX}/usr/$(get_libdir)"
+ -DLINK_WITH_PTHREAD=$(usex threads)
+ -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946
+ -DUSE_SHARED_MBEDTLS_LIBRARY=ON
+ -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs)
+ )
+
+ cmake_src_configure
+}
+
+multilib_src_compile() {
+ cmake_src_compile
+ use doc && multilib_is_native_abi && emake -C "${S}" apidoc
+}
+
+multilib_src_test() {
+ # Disable parallel run, bug #718390
+ # https://github.com/Mbed-TLS/mbedtls/issues/4980
+ LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \
+ cmake_src_test -j1
+}
+
+multilib_src_install() {
+ cmake_src_install
+}
+
+multilib_src_install_all() {
+ use doc && HTML_DOCS=( apidoc )
+
+ einstalldocs
+
+ if use programs ; then
+ # avoid file collisions with sys-apps/coreutils
+ local p e
+ for p in "${ED}"/usr/bin/* ; do
+ if [[ -x "${p}" && ! -d "${p}" ]] ; then
+ mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die
+ fi
+ done
+ for e in aes hash pkey ssl test ; do
+ docinto "${e}"
+ dodoc programs/"${e}"/*.c
+ dodoc programs/"${e}"/*.txt
+ done
+ fi
+}