Merge pull request #23 from marineam/libarchive

bump(app-arch/libarchive): sync with upstream

sdk_container/src/third_party/portage-stable/app-arch/libarchive/Manifest

@@ -1 +1,15 @@
-DIST libarchive-2.8.1.tar.gz 1438009 RMD160 3028dfe7fd306d3246f61894587f4e26fd5cee73 SHA1 7054dacbc37af865e665065d92f7093bedc311f4 SHA256 bb15c5694c2d7909b235a88c8c4fc5f5beb01931db77981e815da2dfa564a1ca
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+AUX libarchive-3.1.2-CVE-2013-0211.patch 1087 SHA256 6e9940a1b148f3ceb43bb172416b332ba922bb951e7832193ff997c2d9026bb4 SHA512 38ef32b30b3eb5a7c68e31086da64b871bae70002600080541ea6d0ea3680f68f9e65760f803a0e96d233e1a21858a83946c1fd63fd67d5eb030120940896c7a WHIRLPOOL 6c9a8586e011a7f392a925261adb9a5b5f8b5a9725b322bd6f8dd56fb3f2bee15b7651c0e6dd3c0a23ddc76c22b84fb6ab041215116076f015ba68aa12ededbe
+DIST libarchive-3.1.2.tar.gz 4527540 SHA256 eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e SHA512 1f3c2a675031f93c7d42ae2ed06742b0b1e2236ff57d9117791d62fb8ae77d6cafffbcb5d45b5bd98daa908bd18c576cf82e01a9b1eba699705e23eff3688114 WHIRLPOOL b90f336afb5264be91fb17d7dae3d5697e3f84e24d276af1d5ac076fe15ef6f5756488f09506fabe470473becb5449cd1f34865309dcf8a914e6e83506e8695f
+EBUILD libarchive-3.1.2-r1.ebuild 2598 SHA256 cb9d4881db35dcc628bd36d67707b807ea03a250b019ea4a72e5e83b65dbae10 SHA512 18fcad4f56b96e20ba27b454c8f43b7eadd2f3a742f336ce7175362d8d3eddbfcbcd78e3dd811405a50ce1ea692e840668266b8814383598982a60cb40c41165 WHIRLPOOL 8c0e66deb4e9b88bb18580043e580dcab9767ab973b17cf3f50baa9e71c238c9d36177cb50984bb4cecda3df6d78bdc2f04e2097539942bf0348bbdd0f750255
+MISC ChangeLog 35557 SHA256 768a7e4ed39d3f3a690a943144449c3a2652805c1cf9753ae9443f3f1b6018be SHA512 4e5521d732d2339a8bcfd387c7e3745145bd7cf80cdf04dc00253bea8a6e8cd9852ce29a510dec82cbf2e92d16fb127afd588f25ed03f5817a807ceefa76aacb WHIRLPOOL c079f298bf273ba26a617b058ff5fa291abd6511b78a826e9b68a93cf762769b8006f8a15ce97288e2d4e98474d6064b38579e385cf510f981dc364146876032
+MISC metadata.xml 1301 SHA256 2cc87bc829db8751ccf9b12057c05539fae80578f0325da9e15c7b4fb15797e1 SHA512 19dc1b85046b7f0da92cb3246c0ee7f58092202ff212a4ee64d27c53f718017f982946ee7db3cd67fff4888b5fa3b4cdd5eae10e5d49c832ffe2e331aa173efe WHIRLPOOL e61bc96069cf9fc659cb07506963885532bf0239646463965fb6840063a6a0b4007e4d4f68e7ce8d29b7c70fed168966a04e1e74de893d19bb45ace6f085c741
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.20 (SunOS)
+
+iEYEAREIAAYFAlHgYCYACgkQX3X2B8XHTokEyQCgon82MnTYGtakLQdOEacrnHYr
+jqsAoIRrHaDBaxU2JPSobQYbATbz5Iy0
+=qlQ6
+-----END PGP SIGNATURE-----

sdk_container/src/third_party/portage-stable/app-arch/libarchive/files/libarchive-2.8.1+openssl.patch

@@ -1,66 +0,0 @@
-commit 18311d1be81d93350a406b641d501e3ced5a2662
-Author: joerg.sonnenberger <joerg.sonnenberger@2e22974a-a639-11dd-bc7a-dd6b2ed99ab5>
-Date:   Sun Feb 21 14:23:09 2010 +0000
-
-    Improve detection of SHA2 functions in OpenSSL to deal with ancient
-    versions like in Mac OS X and FreeBSD 6.x. Fixes #65 and should fix #55.
-    
-    
-    git-svn-id: http://libarchive.googlecode.com/svn/trunk@1940 2e22974a-a639-11dd-bc7a-dd6b2ed99ab5
-
-diff --git a/configure.ac b/configure.ac
-index 45960ad..921ed87 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -281,30 +281,34 @@ if test "x$with_openssl" != "xno"; then
-     AC_CHECK_HEADERS([openssl/sha.h])
-     AC_SEARCH_LIBS([SHA1_Init], [crypto])
-   fi
--  if test "$ac_cv_func_SHA256Init" != "yes" ||
--     test "$ac_cv_func_SHA384Init" != "yes" ||
--     test "$ac_cv_func_SHA512Init" != "yes"; then
--    if test "$ac_cv_func_SHA256_Init" != "yes" ||
--       test "$ac_cv_func_SHA384_Init" != "yes" ||
--       test "$ac_cv_func_SHA512_Init" != "yes"; then
--      AC_CHECK_HEADERS([openssl/sha.h])
--      # TODO: Does AC_SEARCH_LIBS support more than one function at once?
--      #       This appears to always fail.
--      AC_SEARCH_LIBS([SHA256_Init SHA384_Init SHA512_Init], [crypto])
--
--      # TODO: Actually test for these.  Previously our C code did not
--      # test for these at all and just assumed availability.  Now that
--      # the C code tests these macros we preserve previous behavior
--      # for the autotools build by hard-coding availability.
--      if test "$ac_cv_header_openssl_sha_h" = "yes"; then
-+
-+  AC_CHECK_HEADERS([openssl/sha.h])
-+  if test "$ac_cv_func_SHA256Init" != "yes" &&
-+    test "$ac_cv_func_SHA256_Init" != "yes"; then
-+      AC_SEARCH_LIBS([SHA256_Init], [crypto])
-+      if test "$ac_cv_func_SHA256_Init" = "yes" &&
-+        test "$ac_cv_header_openssl_sha_h" = "yes"; then
-         AC_DEFINE(HAVE_OPENSSL_SHA256_INIT, 1,
- 	  [Define to 1 if your openssl has the `SHA256_Init' function.])
-+      fi
-+  fi
-+  if test "$ac_cv_func_SHA384Init" != "yes" &&
-+    test "$ac_cv_func_SHA384_Init" != "yes"; then
-+      AC_SEARCH_LIBS([SHA384_Init], [crypto])
-+      if test "$ac_cv_func_SHA384_Init" = "yes" &&
-+        test "$ac_cv_header_openssl_sha_h" = "yes"; then
-         AC_DEFINE(HAVE_OPENSSL_SHA384_INIT, 1,
- 	  [Define to 1 if your openssl has the `SHA384_Init' function.])
-+      fi
-+  fi
-+  if test "$ac_cv_func_SHA512Init" != "yes" &&
-+    test "$ac_cv_func_SHA512_Init" != "yes"; then
-+      AC_SEARCH_LIBS([SHA512_Init], [crypto])
-+      if test "$ac_cv_func_SHA512_Init" = "yes" &&
-+        test "$ac_cv_header_openssl_sha_h" = "yes"; then
-         AC_DEFINE(HAVE_OPENSSL_SHA512_INIT, 1,
- 	  [Define to 1 if your openssl has the `SHA512_Init' function.])
-       fi
--    fi
-   fi
- fi
- 

sdk_container/src/third_party/portage-stable/app-arch/libarchive/files/libarchive-3.1.2-CVE-2013-0211.patch

@@ -0,0 +1,32 @@
+From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001
+From: Tim Kientzle <kientzle@acm.org>
+Date: Fri, 22 Mar 2013 23:48:41 -0700
+Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a
+ certain common programming error (passing -1 to write) from leading to other
+ problems deeper in the library.
+
+---
+ libarchive/archive_write.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
+index eede5e0..be85621 100644
+--- a/libarchive/archive_write.c
++++ b/libarchive/archive_write.c
+@@ -673,8 +673,13 @@ static ssize_t
+ _archive_write_data(struct archive *_a, const void *buff, size_t s)
+ {
+ 	struct archive_write *a = (struct archive_write *)_a;
++	const size_t max_write = INT_MAX;
++
+ 	archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
+ 	    ARCHIVE_STATE_DATA, "archive_write_data");
++	/* In particular, this catches attempts to pass negative values. */
++	if (s > max_write)
++		s = max_write;
+ 	archive_clear_error(&a->archive);
+ 	return ((a->format_write_data)(a, buff, s));
+ }
+-- 
+1.8.1
+

sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-2.8.1.ebuild

@@ -1,92 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-arch/libarchive/libarchive-2.8.1.ebuild,v 1.1 2010/03/07 18:18:32 flameeyes Exp $
-
-EAPI="2"
-
-inherit eutils libtool toolchain-funcs flag-o-matic autotools
-
-DESCRIPTION="BSD tar command"
-HOMEPAGE="http://people.freebsd.org/~kientzle/libarchive"
-SRC_URI="http://${PN}.googlecode.com/files/${P}.tar.gz
-	http://people.freebsd.org/~kientzle/libarchive/src/${P}.tar.gz"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
-IUSE="static static-libs acl xattr kernel_linux +bzip2 +lzma +zlib"
-
-COMPRESS_LIBS_DEPEND="lzma? ( app-arch/xz-utils )
-		bzip2? ( app-arch/bzip2 )
-		zlib? ( sys-libs/zlib )"
-
-RDEPEND="!dev-libs/libarchive
-	dev-libs/openssl
-	acl? ( virtual/acl )
-	xattr? ( kernel_linux? ( sys-apps/attr ) )
-	!static? ( ${COMPRESS_LIBS_DEPEND} )"
-DEPEND="${RDEPEND}
-	${COMPRESS_LIBS_DEPEND}
-	kernel_linux? ( sys-fs/e2fsprogs
-		virtual/os-headers )"
-
-src_prepare() {
-	epatch "${FILESDIR}/${P}+openssl.patch"
-	eautoreconf
-	elibtoolize
-	epunt_cxx
-}
-
-src_configure() {
-	local myconf
-
-	if ! use static ; then
-		myconf="--enable-bsdtar=shared --enable-bsdcpio=shared"
-	fi
-
-	# force static libs for static binaries
-	if use static && ! use static-libs; then
-		myconf="${myconf} --enable-static"
-	fi
-
-	# Check for need of this in 2.7.1 and later, on 2.7.0, -Werror was
-	# added to the final release, but since it's done in the
-	# Makefile.am we can just work it around this way.
-	append-flags -Wno-error
-
-	# We disable lzmadec because we support the newer liblzma from xz-utils
-	# and not liblzmadec with this version.
-	econf --bindir=/bin \
-		--enable-bsdtar --enable-bsdcpio \
-		$(use_enable acl) $(use_enable xattr) \
-		$(use_with zlib) \
-		$(use_with bzip2 bz2lib) $(use_with lzma) \
-		$(use_enable static-libs static) \
-		--without-lzmadec \
-		${myconf} \
-		--disable-dependency-tracking || die "econf failed."
-}
-
-src_test() {
-	# Replace the default src_test so that it builds tests in parallel
-	emake check || die "tests failed"
-}
-
-src_install() {
-	emake DESTDIR="${D}" install || die "emake install failed."
-
-	# remove useless .a and .la files (only for non static compilation)
-	use static-libs || find "${D}" \( -name '*.a' -or -name '*.la' \) -delete
-
-	# Create tar symlink for FreeBSD
-	if [[ ${CHOST} == *-freebsd* ]]; then
-		dosym bsdtar /bin/tar
-		dosym bsdtar.1 /usr/share/man/man1/tar.1
-		# We may wish to switch to symlink bsdcpio to cpio too one day
-	fi
-
-	dodoc NEWS README
-	dodir /$(get_libdir)
-	mv "${D}"/usr/$(get_libdir)/*.so* "${D}"/$(get_libdir)
-	gen_usr_ldscript libarchive.so
-}

sdk_container/src/third_party/portage-stable/app-arch/libarchive/libarchive-3.1.2-r1.ebuild

@@ -0,0 +1,91 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-arch/libarchive/libarchive-3.1.2-r1.ebuild,v 1.13 2013/07/12 19:59:33 grobian Exp $
+
+EAPI=5
+inherit eutils libtool multilib toolchain-funcs
+
+DESCRIPTION="BSD tar command"
+HOMEPAGE="http://www.libarchive.org/"
+SRC_URI="http://www.libarchive.org/downloads/${P}.tar.gz"
+
+LICENSE="BSD BSD-2 BSD-4 public-domain"
+SLOT="0/13"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="acl +bzip2 +e2fsprogs expat +iconv kernel_linux +lzma lzo nettle static-libs xattr +zlib"
+
+RDEPEND="dev-libs/openssl:0
+	acl? ( virtual/acl )
+	bzip2? ( app-arch/bzip2 )
+	expat? ( dev-libs/expat )
+	!expat? ( dev-libs/libxml2 )
+	iconv? ( virtual/libiconv )
+	kernel_linux? (
+		xattr? ( sys-apps/attr )
+		)
+	lzma? ( app-arch/xz-utils )
+	lzo? ( >=dev-libs/lzo-2 )
+	nettle? ( dev-libs/nettle )
+	zlib? ( sys-libs/zlib )"
+DEPEND="${RDEPEND}
+	kernel_linux? (
+		virtual/os-headers
+		e2fsprogs? ( sys-fs/e2fsprogs )
+		)"
+
+DOCS="NEWS README"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-CVE-2013-0211.patch
+	elibtoolize
+}
+
+src_configure() {
+	export ac_cv_header_ext2fs_ext2_fs_h=$(usex e2fsprogs) #354923
+
+	# We disable lzmadec because we support the newer liblzma from xz-utils
+	# and not liblzmadec with this version.
+	econf \
+		$(use_enable static-libs static) \
+		--enable-bsdtar=$(tc-is-static-only && echo static || echo shared) \
+		--enable-bsdcpio=$(tc-is-static-only && echo static || echo shared) \
+		$(use_enable xattr) \
+		$(use_enable acl) \
+		$(use_with zlib) \
+		$(use_with bzip2 bz2lib) \
+		--without-lzmadec \
+		$(use_with iconv) \
+		$(use_with lzma) \
+		$(use_with lzo lzo2) \
+		$(use_with nettle) \
+		$(use_with !expat xml2) \
+		$(use_with expat)
+}
+
+src_test() {
+	# Replace the default src_test so that it builds tests in parallel
+	emake check
+}
+
+src_install() {
+	default
+
+	# Libs.private: should be used from libarchive.pc instead
+	prune_libtool_files
+
+	# Create tar symlink for FreeBSD
+	if ! use prefix && [[ ${CHOST} == *-freebsd* ]]; then
+		dosym bsdtar /usr/bin/tar
+		echo '.so bsdtar.1' > "${T}"/tar.1
+		doman "${T}"/tar.1
+		# We may wish to switch to symlink bsdcpio to cpio too one day
+	fi
+}
+
+pkg_preinst() {
+	preserve_old_lib /usr/$(get_libdir)/${PN}$(get_libname 12)
+}
+
+pkg_postinst() {
+	preserve_old_lib_notify /usr/$(get_libdir)/${PN}$(get_libname 12)
+}

sdk_container/src/third_party/portage-stable/app-arch/libarchive/metadata.xml

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>bsd</herd>
+  <maintainer>
+    <email>ssuominen@gentoo.org</email>
+    <name>Samuli Suominen</name>
+  </maintainer>
+  <longdescription lang='en'>
+    The bsdtar program creates and manipulates streaming archive files.
+    It has a number of advantages over previous tar implementations.
+  </longdescription>
+  <use>
+    <flag name='zlib'>
+      Allow accessing gzip-compressed archives through
+      <pkg>sys-libs/zlib</pkg>. This only affects libarchive's native
+      support: bsdtar will keep using gunzip as a filter if that's not
+      built-in. It's also needed for supporting extraction of ZIP
+      files.
+    </flag>
+    <flag name='bzip2'>
+      Allow accessing bzip2-compressed archives through libbz2 (which
+      comes with <pkg>app-arch/bzip2</pkg>). This only affects
+      libarchive's native support: bsdtar will keep using bunzip2 as a
+      filter if that's not built-in.
+    </flag>
+    <flag name='nettle'>
+      Use <pkg>dev-libs/nettle</pkg> as crypto backend
+    </flag>
+    <flag name='e2fsprogs'>
+      Use file flags from <pkg>sys-fs/e2fsprogs</pkg> headers instead of <pkg>virtual/os-headers</pkg> headers
+    </flag>
+  </use>
+</pkgmetadata>