diff options
author | Azamat H. Hackimov <azamat.hackimov@gmail.com> | 2024-04-12 03:35:23 +0300 |
---|---|---|
committer | Viorel Munteanu <ceamac@gentoo.org> | 2024-05-27 13:51:32 +0300 |
commit | 301391a39941f49b90327ce22bfe2de1a3b7f80e (patch) | |
tree | f29e0f8f82de0fbef487b0cdcbb29a05e026001f | |
parent | net-libs/mbedtls: add 2.28.8 (diff) | |
download | gentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.tar.gz gentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.tar.bz2 gentoo-301391a39941f49b90327ce22bfe2de1a3b7f80e.zip |
net-libs/mbedtls: add 3.6.0
Fixes CVE-2024-28960.
Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com>
Signed-off-by: Viorel Munteanu <ceamac@gentoo.org>
-rw-r--r-- | net-libs/mbedtls/Manifest | 1 | ||||
-rw-r--r-- | net-libs/mbedtls/mbedtls-3.6.0.ebuild | 95 |
2 files changed, 96 insertions, 0 deletions
diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest index 3894c8d34fe7..2eef247ddfff 100644 --- a/net-libs/mbedtls/Manifest +++ b/net-libs/mbedtls/Manifest @@ -2,3 +2,4 @@ DIST mbedtls-2.28.5.tar.gz 4005000 BLAKE2B 755287e1a1e0be5d193a8a184a9ae3ab2b6c2 DIST mbedtls-2.28.7.tar.gz 3990571 BLAKE2B 91a11d9d56fc058c3aef797e644c2c141cd70dc96716e75d9074de89717298a10c93e403a2fed9ae6f34c7549753a70d61b6602fbc21bc568c2e260d4f369f65 SHA512 1cf6722d60a49375f857c8d84f06dbb50ea08accaa12b329d75a93b959aef382410e7b6e0a1511407402b3eec5e2208eaf5e9fc2c8574ed0f8f44234bc4401b3 DIST mbedtls-2.28.8.tar.bz2 3343796 BLAKE2B 1efde6698662873c40df9733bae902db4e009f3dd26a937e05707ca1a208b71675df0737b44b5895a60cfbf42f18f92dae88cba62f32b55733947b9c0481880e SHA512 c8e91ec50ab2caf1f33e907279dc30fca2a8cd97e6e531be857149589e52aeffb95b445b2a9fa674886f0071f446381da3bb8107f7e850f3390128b069ac9ea7 DIST mbedtls-3.5.2.tar.gz 5584711 BLAKE2B f1d0e7368ad156cc5cde4cd396ccaf3e1cacfda38f7d7ee89c908245944d22152d141928e8aeebd298437079e7fdb74207875e2f48ce3ef1a6f5fb8840b19df3 SHA512 99f4110d8410415982cb9b71994b069e4d2f89841decccc68b629250c7497c10d5e3ffe867c4ac1518ec7d6edd9703c38fd8afb6c238e9e0e7132def2b09b4e3 +DIST mbedtls-3.6.0.tar.bz2 4811255 BLAKE2B d453f072c39aa2ca5669f0fe84ab01ea826a98e1e48b59b5a788e3ae948c33500e8e0565ed6481ef049ee3efc72eb92828c9d08f5606766cb6c9dbde749459b8 SHA512 5c395890d486144af882aa96c9430103f79df889139969a64a490c0cafbdd5631a72bb668aa59b062204f19a5bb36dfcc5a096b59d76c7ef27f2560cd2388682 diff --git a/net-libs/mbedtls/mbedtls-3.6.0.ebuild b/net-libs/mbedtls/mbedtls-3.6.0.ebuild new file mode 100644 index 000000000000..4930d2404ccf --- /dev/null +++ b/net-libs/mbedtls/mbedtls-3.6.0.ebuild @@ -0,0 +1,95 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit cmake multilib-minimal python-any-r1 + +DESCRIPTION="Cryptographic library for embedded systems" +HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/" +SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/v${PV}/${P}.tar.bz2" + +LICENSE="|| ( Apache-2.0 GPL-2+ )" +SLOT="0/16.21.7" # ffmpeg subslot naming: SONAME tuple of {libmbedcrypto.so,libmbedtls.so,libmbedx509.so} +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="cpu_flags_x86_sse2 doc programs static-libs test threads" +RESTRICT="!test? ( test )" + +BDEPEND=" + ${PYTHON_DEPS} + doc? ( + app-text/doxygen + media-gfx/graphviz + ) + test? ( dev-lang/perl ) +" + +enable_mbedtls_option() { + local myopt="$@" + # check that config.h syntax is the same at version bump + sed -i \ + -e "s://#define ${myopt}:#define ${myopt}:" \ + include/mbedtls/mbedtls_config.h || die +} + +src_prepare() { + use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2 + use threads && enable_mbedtls_option MBEDTLS_THREADING_C + use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD + + cmake_src_prepare +} + +multilib_src_configure() { + local mycmakeargs=( + -DENABLE_PROGRAMS=$(multilib_native_usex programs) + -DENABLE_TESTING=$(usex test) + -DINSTALL_MBEDTLS_HEADERS=ON + -DLIB_INSTALL_DIR="${EPREFIX}/usr/$(get_libdir)" + -DLINK_WITH_PTHREAD=$(usex threads) + -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946 + -DUSE_SHARED_MBEDTLS_LIBRARY=ON + -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs) + ) + + cmake_src_configure +} + +multilib_src_compile() { + cmake_src_compile + use doc && multilib_is_native_abi && emake -C "${S}" apidoc +} + +multilib_src_test() { + # Disable parallel run, bug #718390 + # https://github.com/Mbed-TLS/mbedtls/issues/4980 + LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \ + cmake_src_test -j1 +} + +multilib_src_install() { + cmake_src_install +} + +multilib_src_install_all() { + use doc && HTML_DOCS=( apidoc ) + + einstalldocs + + if use programs ; then + # avoid file collisions with sys-apps/coreutils + local p e + for p in "${ED}"/usr/bin/* ; do + if [[ -x "${p}" && ! -d "${p}" ]] ; then + mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die + fi + done + for e in aes hash pkey ssl test ; do + docinto "${e}" + dodoc programs/"${e}"/*.c + dodoc programs/"${e}"/*.txt + done + fi +} |