main/abuild: upgrade to 3.11.0

2026-05-05 04:16:46 +02:00 · 2023-05-09 13:17:01 +00:00 · 2023-05-09 13:17:01 +00:00 · 4e70e96f22
commit 4e70e96f22
parent 9a6e96b3e0
3 changed files with 3 additions and 207 deletions
--- a/main/abuild/0001-abuild-keygen-add-support-for-creating-kernel-signin.patch
+++ b/main/abuild/0001-abuild-keygen-add-support-for-creating-kernel-signin.patch
@ -1,166 +0,0 @@
-From f2978eb33fcf961412169cbca757d42386899955 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Fri, 5 May 2023 12:03:01 +0200
-Subject: [PATCH] abuild-keygen: add support for creating kernel signing key
-
-We need to have a key that can be used to sign kernel modules and
-specifically 3rd party kernel modules. Add support for creating this key
-in abuild-keygen.
-
-ref: https://gitlab.alpinelinux.org/alpine/aports/-/issues/14873
---
- abuild-keygen.in         | 44 +++++++++++++++++++++++++++++++++++++++-
- tests/abuild_keygen_test | 14 ++++++++++++-
- tests/bin/openssl        | 17 +++++++++++++++-
- 3 files changed, 72 insertions(+), 3 deletions(-)
-
-diff --git a/abuild-keygen.in b/abuild-keygen.in
-index d9ac0bc..1d1c775 100644
--- a/abuild-keygen.in
-+++ b/abuild-keygen.in
-@@ -90,6 +90,41 @@ do_keygen() {
- 	msg ""
- }
- 
-+do_kernel_key() {
-+	mkdir -p "$ABUILD_USERDIR"
-+	pem="$ABUILD_USERDIR"/kernel_signing_key.pem
-+	(
-+	umask 0007
-+	# https://www.kernel.org/doc/html/v6.1/admin-guide/module-signing.html#generating-signing-keys
-+	openssl req -verbose -new -nodes -utf8 -sha256 -days 36500 -batch -x509 \
-+		-outform PEM -out "$pem" \
-+		-keyout "$pem" -config - <<-EOF
-+			[ req ]
-+			default_bits = 4096
-+			distinguished_name = req_distinguished_name
-+			prompt = no
-+			string_mask = utf8only
-+			x509_extensions = myexts
-+
-+			[ req_distinguished_name ]
-+			O = alpinelinux.org
-+			CN = Alpine Linux kernel key
-+			#emailAddress = unspecified.user@unspecified.company
-+
-+			[ myexts ]
-+			basicConstraints=critical,CA:FALSE
-+			keyUsage=digitalSignature
-+			subjectKeyIdentifier=hash
-+			authorityKeyIdentifier=keyid
-+		EOF
-+	)
-+	msg "Kernel signing key was created: $pem"
-+	if ! grep -q "^KERNEL_SIGNING_KEY=" "$ABUILD_USERCONF" 2>/dev/null; then
-+		echo "KERNEL_SIGNING_KEY='$pem'" >> "$ABUILD_USERCONF"
-+	fi
-+	msg "KERNEL_SIGNING_KEY='$pem' was added to $ABUILD_USERCONF"
-+}
-+
- usage() {
- 	cat <<-__EOF__
- 		$program $program_version - generate signing keys
-@@ -100,6 +135,7 @@ usage() {
- 
- 		  -i, --install        Install public key into /etc/apk/keys using doas
- 		  -n                   Non-interactive. Use defaults
-+		      --kernel         Generate a key for kernel modules
- 		  -b, --numbits [BITS] The size of the private key to generate in bits.
- 		  -q, --quiet
- 		  -h, --help           Show this help
-@@ -116,8 +152,9 @@ install_pubkey=
- interactive=1
- numbits=4096
- quiet=
-+kernel_key=
- 
-args=$(getopt -o ab:inqh --long append,numbits:,install,quiet,help -n "$program" -- "$@")
-+args=$(getopt -o ab:inqh --long append,numbits:,install,quiet,help,kernel -n "$program" -- "$@")
- if [ $? -ne 0 ]; then
- 	usage
- 	exit 2
-@@ -127,6 +164,7 @@ while true; do
- 	case $1 in
- 		-a|--append) append_config=1;;
- 		-i|--install) install_pubkey=1;;
-+		--kernel) kernel_key=1;;
- 		-n) unset interactive ;;
- 		-b|--numbits) numbits="$2"; shift 1;;
- 		-q|--quiet) quiet=1;; # suppresses msg
-@@ -141,4 +179,8 @@ if [ $# -ne 0 ]; then
- 	exit 2
- fi
- 
-+if [ -n "$kernel_key" ]; then
-+	do_kernel_key
-+	exit
-+fi
- do_keygen
-diff --git a/tests/abuild_keygen_test b/tests/abuild_keygen_test
-index 09026a5..be266fb 100755
--- a/tests/abuild_keygen_test
-+++ b/tests/abuild_keygen_test
-@@ -11,7 +11,8 @@ init_tests \
- 	abuild_keygen_install_without_sudo \
- 	abuild_keygen_install_interactive \
- 	abuild_keygen_install_non_interactive \
-	abuild_keygen_install_doas
-+	abuild_keygen_install_doas \
-+	abuild_keygen_kernel \
- 
- export ABUILD_SHAREDIR="$SRCDIR"/..
- export GIT=false
-@@ -103,3 +104,14 @@ abuild_keygen_install_doas_body() {
- 		abuild-keygen --install -n
- }
- 
-+abuild_keygen_kernel_body() {
-+	atf_check -s exit:0 \
-+		-e match:"(Generating|writing) RSA" \
-+		-e match:"signing key was created:.*kernel_signing_key.pem" \
-+		-e match:"KERNEL_SIGNING_KEY=.*was added to.*abuild.conf" \
-+		abuild-keygen --kernel
-+	grep '^KERNEL_SIGNING_KEY=.*' "$HOME"/.abuild/abuild.conf \
-+			|| atf_fail 'KERNEL_SIGNING_KEY not set in abuild.conf'
-+	test -f "$HOME"/.abuild/kernel_signing_key.pem \
-+			|| atf_fail '$HOME/.abuild/kernel_signing_key.pem was not created'
-+}
-diff --git a/tests/bin/openssl b/tests/bin/openssl
-index 231bad4..e0b4049 100755
--- a/tests/bin/openssl
-+++ b/tests/bin/openssl
-@@ -3,9 +3,13 @@
- # fake openssl
- while [ $# -gt 0 ]; do
- 	case "$1" in
-		genrsa|rsa)
-+		genrsa|rsa|req)
- 			cmd="$1"
- 			;;
-+		-config)
-+			shift
-+			config="$1"
-+			;;
- 		-out)
- 			shift
- 			outfile="$1"
-@@ -25,5 +29,16 @@ case "$cmd" in
- 		echo "writing RSA key" >&2
- 		cat "$FAKEKEYPUB" > "$outfile"
- 		;;
-+	req)
-+		echo "Using configuration from $config" >&2
-+		echo "Generating RSA key with 4096 bits" >&2
-+		echo "Writing private key to '$outfile'" >&2
-+		cat "$FAKEKEY" "$FAKEKEYPUB" > "$outfile"
-+		;;
-+	*)
-+		echo "unimplemented fake openssl command: $cmd" >&2
-+		exit 1
-+		;;
-+
- esac
- 
-- 
-2.40.1
-
--- a/main/abuild/0001-functions-set-sharedir-properly.patch
+++ b/main/abuild/0001-functions-set-sharedir-properly.patch
@ -1,34 +0,0 @@
-From 15c557a7e5189f316c2517ddbeee16a4efd1382a Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Tue, 18 Apr 2023 17:55:50 +0200
-Subject: [PATCH] functions: set sharedir properly
-
-fixes loading of default.conf
---
- functions.sh.in | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/functions.sh.in b/functions.sh.in
-index 784be0f..4d029f8 100644
--- a/functions.sh.in
-+++ b/functions.sh.in
-@@ -1,6 +1,7 @@
- # /usr/share/abuild/functions.sh
- 
- sysconfdir=@sysconfdir@
-+sharedir=@sharedir@
- program=${0##*/}
- 
- arch_to_hostspec() {
-@@ -96,7 +97,7 @@ readconfig() {
- 	[ -n "${PACKAGER+x}" ] && _PACKAGER=$PACKAGER
- 	[ -n "${USE_COLORS+x}" ] && _USE_COLORS="$USE_COLORS"
- 	[ -n "${USE_CCACHE+x}" ] && _USE_CCACHE="$USE_CCACHE"
-	: ${ABUILD_DEFCONF:=$ABUILD_SHAREDIR/default.conf}
-+	: ${ABUILD_DEFCONF:=${ABUILD_SHAREDIR:-$sharedir}/default.conf}
- 	: ${ABUILD_CONF:=$sysconfdir/abuild.conf}
- 	: ${ABUILD_USERDIR:=$HOME/.abuild}
- 	: ${ABUILD_USERCONF:=$ABUILD_USERDIR/abuild.conf}
-- 
-2.40.0
-
--- a/main/abuild/APKBUILD
+++ b/main/abuild/APKBUILD
@ -1,8 +1,8 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=abuild
-pkgver=3.11.0_rc13
+pkgver=3.11.0
 _ver=${pkgver%_git*}
-pkgrel=1
+pkgrel=0
 pkgdesc="Script to build Alpine Packages"
 url="https://git.alpinelinux.org/cgit/abuild/"
 arch="all"
@ -27,8 +27,6 @@ subpackages="
 options="suid"
 pkggroups="abuild"
 source="https://gitlab.alpinelinux.org/alpine/abuild/-/archive/$pkgver/abuild-$pkgver.tar.gz
-	0001-functions-set-sharedir-properly.patch
-	0001-abuild-keygen-add-support-for-creating-kernel-signin.patch
 	"
 builddir="$srcdir"/abuild-$pkgver

@ -91,7 +89,5 @@ _rootbld() {
 }

 sha512sums="
-a097e21aa79035b75386f644aa9b43200a7e4d5e8f48227230b4d7bd2d4c97b2eb38915890163cef59100623f6bb117a6e1550557cf2a7edbf16e9f40c95ed2c  abuild-3.11.0_rc13.tar.gz
-5c6b5564d41dd450a508ecda54c8582de96e7c0bc812ff64809928ba3cf98cfdb180acc9a97d18c32d7948d473064821eec8a625caeb781c391462aab4660045  0001-functions-set-sharedir-properly.patch
-105bcc0343639067ce661413ae983fec494012697c6c59918c95a4e638d9a62b57037a1ccfbff66730509a947be82e4eacac9572a2a1eed413aab123284f6483  0001-abuild-keygen-add-support-for-creating-kernel-signin.patch
+42be0463e633e34e1e54d1c058824c6527eb822b8ef8fdbe0d5dfe043a94c69a2fa768c1f732d49f87068af8f0dd09a038ba6944077c23fea11e27fdf245c2f0  abuild-3.11.0.tar.gz
 "