mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-15 00:46:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #353 from flatcar-linux/dongsu/gnutls-3.7.7

Browse Source 
net-libs/gnutls: update to 3.7.7
This commit is contained in:
Dongsu Park 2022-08-25 16:47:24 +02:00 committed by GitHub
commit 32d9c36a6f
8 changed files with 85 additions and 274 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/portage-stable/changelog/security/2022-08-24-gnutls-3.7.7.md vendored Normal file
View File

@ -0,0 +1 @@
- gnutls ([CVE-2022-2509](https://nvd.nist.gov/vuln/detail/CVE-2022-2509))

1
sdk_container/src/third_party/portage-stable/changelog/updates/2022-08-24-gnutls-3.7.7.md vendored Normal file
View File

@ -0,0 +1 @@
- gnutls ([3.7.7](https://gitlab.com/gnutls/gnutls/-/tags/3.7.7))

8
sdk_container/src/third_party/portage-stable/net-libs/gnutls/Manifest vendored
View File

@ -1,4 +1,4 @@
DIST gnutls-3.7.2.tar.xz 6091508 BLAKE2B f408ff65f2e08cf294b449dfac64a272a8ba40e987618960f57ee36c167a25974711ab8d11bdbd6335fbf18ac902a79b5c6b40bb6a37f4ee07549832d0611df2 SHA512 5d01d561a05379da71e4847e30ba13c2abe09f7a5c4359fd539d8bd19abad0ce87120f82ee7b6264e787bd3edbc5ae16beffa892983cbc3d59f11a1811c10329 DIST gnutls-3.7.6.tar.xz 6338276 BLAKE2B 9f3cce8dfc0b88f2c42d1d2633417dac649a265407b620b6d15967e5210debb99d287ef31d2b9dc37a527ac1e5b9db4c240b98a63293078fbd2e26ac694bf3d3 SHA512 f872339df80ec31d292821ff00eaafbe50e0bd4cdbb86e21e4f78541cd0a26d843596d5e69c91de4db8ce7d027fc639ae6462b57d89fb116162ae63c5a97486a
DIST gnutls-3.7.3.tar.xz 6119292 BLAKE2B 811e6fbb62fbd35fa63e66cfcbfc3bf899cea5cece1d2a68bc650f507df0f7be9f59c707c90fa19b7ef5a52455a663da49682704e0884af06075c566afbfc0bf SHA512 3ace744affe23e284342658d6d2d2de49dd50065489cbc8be18fc7d38187253e5268ca54027ce5cd517056c249ac039a7481e4548cec04325de37ae85617d077 DIST gnutls-3.7.6.tar.xz.sig 685 BLAKE2B eae022d6cb0d772e465257411381afd97f3dfd19d6f794a1c3e0f8c3c1232a8a1b91269ca7252a5662782183b11ca393c31efe3f88171a526884400fd0534528 SHA512 c969da9a938b9d29a70cea3b00cce337f9a4c4304aae7f501ef6263894f81a420395ddbe1b005f35dff2e900d3fac75e288f10bbfde0ebea034f7e257bb16d0e
DIST gnutls-3.7.4.tar.xz 6131772 BLAKE2B 1c44528952275f48e4e458558c4e03c5b90dfb267482d6815f6c836f9530abb486a23ae5ea70ba2db7e272eee8e2066b259374f02a9bb9e714487466fd5994c9 SHA512 38b488ca1223d9aa8fc25756df08db6f29aaf76fb5816fdeaa14bd89fb431a2e1c495fefc64094f726337d5b89e198146ec7dc22e9a1bca6841a9d881b0d99e6 DIST gnutls-3.7.7.tar.xz 6351664 BLAKE2B a66037ecc6da660ff12949f50012840263c2e0b174079e41b62a2d884f060cee56f0c64a2815d07321a54b08cce016d2b4c8f0e059636c1ab5f7db9c8d64c7c6 SHA512 ba00b20126379ec7e96c6bfa606cfb7bb0d9a5853318b29b5278a42a85ae40d39d8442778938e1f165debcdb1adaf9c63bcec59a4eb3387dd1ac99b08bcc5c08
DIST gnutls-3.7.4.tar.xz.sig 685 BLAKE2B ad485450abb916a229984f8f0d74fe7c46a0a87627f9d739f8121dccf36f4ca454007178f2a4e9bd5fffa2813363481bf80eaeee40f86e1b9c23b1f25dff7b4c SHA512 74b8badd67e215313583bd25c7b639207860af45d6f5cbcb81f1aaf46dacf0992b6d06876979594688e13dac5b8b27ba39935626374b4ddaa3e48118bbc2e7de DIST gnutls-3.7.7.tar.xz.sig 685 BLAKE2B 53d76a06ed5a74664d6c193459eb310f06e87dd3db97aca9e9fa78837677df58d8de66f187c182b9375786ee0308c5da55f08414183c959c7acb4527c38cd7c7 SHA512 6463bc4661e20051ff9f31c1a557cece34d06b748f4e24f98e807ddc72a3daa9348aa9f0afa83a0f9cd226421c575210eec1936fbeb9a55849e2c397ace9d03d

63
sdk_container/src/third_party/portage-stable/net-libs/gnutls/files/gnutls-3.7.4-configure-compression.patch vendored
View File

@ -1,63 +0,0 @@
https://gitlab.com/gnutls/gnutls/-/merge_requests/1557
From: Sam James <sam@gentoo.org>
Date: Fri, 18 Mar 2022 05:40:28 +0000
Subject: [PATCH 1/2] configure.ac: fix brotli/zstd configure argument name
The old `./configure` arguments for brotli and zstd respectively
were inconsistent with the `./configure --help` output.
Old: --without-libbrotli --without-libzstd (also --with-*)
New: --without-brotli --without-zstd (also --with-*)
Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1342
Signed-off-by: Sam James <sam@gentoo.org>
--- a/configure.ac
+++ b/configure.ac
@@ -1010,7 +1010,7 @@ if test x$ac_zlib != xno; then
fi
AC_SUBST(LIBZ_PC)
-AC_ARG_WITH(libbrotli,
+AC_ARG_WITH(brotli,
AS_HELP_STRING([--without-brotli], [disable brotli compression support]),
ac_brotli=$withval, ac_brotli=yes)
AC_MSG_CHECKING([whether to include brotli compression support])
@@ -1033,7 +1033,7 @@ else
fi
AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" != "no" && test "$with_libbrotlidec" != "no")
-AC_ARG_WITH(libzstd,
+AC_ARG_WITH(zstd,
AS_HELP_STRING([--without-zstd], [disable zstd compression support]),
ac_zstd=$withval, ac_zstd=yes)
AC_MSG_CHECKING([whether to include zstd compression support])
GitLab
From: Sam James <sam@gentoo.org>
Date: Fri, 18 Mar 2022 05:51:29 +0000
Subject: [PATCH 2/2] configure.ac: fix zstd detection
Fixes typo in zstd detection.
None of the used autoconf macros will define `has_zstd_h` so
configure will (AFAICT) always fail to find zstd, even if it succeeded
via pkg-config moments before.
Drop it and rely solely on pkg-config as that's the only search
we're actually doing.
Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1343
Signed-off-by: Sam James <sam@gentoo.org>
--- a/configure.ac
+++ b/configure.ac
@@ -1040,7 +1040,7 @@ AC_MSG_CHECKING([whether to include zstd compression support])
if test x$ac_zstd != xno; then
AC_MSG_RESULT(yes)
PKG_CHECK_MODULES(LIBZSTD, [libzstd >= 1.3.0], [with_libzstd=yes], [with_libzstd=no])
- if test "${with_libzstd}" = "yes" && test "${has_zstd_h}" = "yes"; then
+ if test "${with_libzstd}" = "yes"; then
AC_DEFINE([HAVE_LIBZSTD], 1, [Define if ZSTD compression is enabled.])
if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
GNUTLS_REQUIRES_PRIVATE="Requires.private: libzstd"
GitLab

137
sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.7.2.ebuild vendored
View File

@ -1,137 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit libtool multilib-minimal
DESCRIPTION="A secure communications library implementing the SSL, TLS and DTLS protocols"
HOMEPAGE="https://www.gnutls.org/"
SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
LICENSE="GPL-3 LGPL-2.1+"
SLOT="0/30" # libgnutls.so number
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind"
REQUIRED_USE="
test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )"
RESTRICT="!test? ( test )"
# NOTICE: sys-devel/autogen is required at runtime as we
# use system libopts
RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}]
dev-libs/libunistring:=[${MULTILIB_USEDEP}]
>=dev-libs/nettle-3.6:=[gmp,${MULTILIB_USEDEP}]
>=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}]
tools? ( sys-devel/autogen:= )
dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] )
guile? ( >=dev-scheme/guile-2:=[networking] )
nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] )
pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] )
idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND}
test? (
seccomp? ( sys-libs/libseccomp )
)"
BDEPEND=">=virtual/pkgconfig-0-r1
doc? ( dev-util/gtk-doc )
nls? ( sys-devel/gettext )
tools? ( sys-devel/autogen )
valgrind? ( dev-util/valgrind )
test-full? (
app-crypt/dieharder
>=app-misc/datefudge-1.22
dev-libs/softhsm:2[-bindist(-)]
net-dialup/ppp
net-misc/socat
)"
DOCS=(
README.md
doc/certtool.cfg
)
HTML_DOCS=()
pkg_setup() {
# bug#520818
export TZ=UTC
use doc && HTML_DOCS+=(
doc/gnutls.html
)
}
src_prepare() {
default
# force regeneration of autogen-ed files
local file
for file in $(grep -l AutoGen-ed src/*.c) ; do
rm src/$(basename ${file} .c).{c,h} || die
done
# don't try to use system certificate store on macOS, it is
# confusingly ignoring our ca-certificates and more importantly
# fails to compile in certain configurations
sed -i -e 's/__APPLE__/__NO_APPLE__/' lib/system/certs.c || die
# Use sane .so versioning on FreeBSD.
elibtoolize
}
multilib_src_configure() {
LINGUAS="${LINGUAS//en/en@boldquot en@quot}"
local libconf=()
# TPM needs to be tested before being enabled
libconf+=( --without-tpm )
# hardware-accell is disabled on OSX because the asm files force
# GNU-stack (as doesn't support that) and when that's removed ld
# complains about duplicate symbols
[[ ${CHOST} == *-darwin* ]] && libconf+=( --disable-hardware-acceleration )
# Cygwin as does not understand these asm files at all
[[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration )
local myeconfargs=(
$(multilib_native_enable manpages)
$(multilib_native_use_enable doc gtk-doc)
$(multilib_native_use_enable doc)
$(multilib_native_use_enable guile)
$(multilib_native_use_enable seccomp seccomp-tests)
$(multilib_native_use_enable test tests)
$(multilib_native_use_enable test-full full-test-suite)
$(multilib_native_use_enable tools)
$(multilib_native_use_enable valgrind valgrind-tests)
$(use_enable cxx)
$(use_enable dane libdane)
$(use_enable nls)
$(use_enable openssl openssl-compatibility)
$(use_enable sslv2 ssl2-support)
$(use_enable sslv3 ssl3-support)
$(use_enable static-libs static)
$(use_enable tls-heartbeat heartbeat-support)
$(use_with idn)
$(use_with pkcs11 p11-kit)
--disable-rpath
--with-default-trust-store-file="${EPREFIX}/etc/ssl/certs/ca-certificates.crt"
--with-unbound-root-key-file="${EPREFIX}/etc/dnssec/root-anchors.txt"
--without-included-libtasn1
$("${S}/configure" --help | grep -o -- '--without-.*-prefix')
)
ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
if use examples; then
docinto examples
dodoc doc/examples/*.c
fi
}

28
sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.7.4.ebuild → sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.7.6.ebuild vendored
View File

@ -4,7 +4,7 @@
EAPI=7 EAPI=7
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/gnutls.asc VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/gnutls.asc
inherit autotools multilib-minimal verify-sig inherit libtool multilib-minimal verify-sig
DESCRIPTION="A secure communications library implementing the SSL, TLS and DTLS protocols" DESCRIPTION="A secure communications library implementing the SSL, TLS and DTLS protocols"
HOMEPAGE="https://www.gnutls.org/" HOMEPAGE="https://www.gnutls.org/"
@ -12,10 +12,8 @@ SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
SRC_URI+=" verify-sig? ( mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz.sig )" SRC_URI+=" verify-sig? ( mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz.sig )"
LICENSE="GPL-3 LGPL-2.1+" LICENSE="GPL-3 LGPL-2.1+"
SLOT="0/30" # libgnutls.so number SLOT="0/30.30" # <libgnutls.so number>.<libgnutlsxx.so number>
# Drop keywords while figuring out what to do (if anything) about USE=cxx ABI break KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
# https://gitlab.com/gnutls/gnutls/-/commit/f746f7d4be0070395834bef8e7f7b6f9c8d3158b
#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="brotli +cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind zlib zstd" IUSE="brotli +cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind zlib zstd"
REQUIRED_USE="test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )" REQUIRED_USE="test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )"
@ -56,10 +54,6 @@ DOCS=( README.md doc/certtool.cfg )
HTML_DOCS=() HTML_DOCS=()
PATCHES=(
"${FILESDIR}"/${P}-configure-compression.patch
)
pkg_setup() { pkg_setup() {
# bug #520818 # bug #520818
export TZ=UTC export TZ=UTC
@ -78,16 +72,7 @@ src_prepare() {
sed -i -e 's/__APPLE__/__NO_APPLE__/' lib/system/certs.c || die sed -i -e 's/__APPLE__/__NO_APPLE__/' lib/system/certs.c || die
# Use sane .so versioning on FreeBSD. # Use sane .so versioning on FreeBSD.
#elibtoolize elibtoolize
# Need eautoreconf for:
# 1) gtk-doc macro fix
# (once fixed, we can drop unconditional gtk-doc-am BDEPEND too)
# see https://gitlab.com/gnutls/gnutls/-/issues/1341
#
# 2) configure fixes for brotli, zstd
# see https://gitlab.com/gnutls/gnutls/-/issues/1343
eautoreconf
} }
multilib_src_configure() { multilib_src_configure() {
@ -110,6 +95,11 @@ multilib_src_configure() {
# Cygwin as does not understand these asm files at all # Cygwin as does not understand these asm files at all
[[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration ) [[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration )
# -fanalyzer substantially slows down the build and isn't useful for
# us. It's useful for upstream as it's static analysis, but it's not
# useful when just getting something built.
export gl_cv_warn_c__fanalyzer=no
local myeconfargs=( local myeconfargs=(
$(multilib_native_enable manpages) $(multilib_native_enable manpages)
$(multilib_native_use_enable doc gtk-doc) $(multilib_native_use_enable doc gtk-doc)

36
sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.7.3-r1.ebuild → sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.7.7.ebuild vendored
View File

@ -1,18 +1,20 @@
# Copyright 1999-2022 Gentoo Authors # Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI=7 EAPI=8
inherit libtool multilib-minimal VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/gnutls.asc
inherit libtool multilib-minimal verify-sig
DESCRIPTION="A secure communications library implementing the SSL, TLS and DTLS protocols" DESCRIPTION="A secure communications library implementing the SSL, TLS and DTLS protocols"
HOMEPAGE="https://www.gnutls.org/" HOMEPAGE="https://www.gnutls.org/"
SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz" SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
SRC_URI+=" verify-sig? ( mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz.sig )"
LICENSE="GPL-3 LGPL-2.1+" LICENSE="GPL-3 LGPL-2.1+"
SLOT="0/30" # libgnutls.so number SLOT="0/30.30" # <libgnutls.so number>.<libgnutlsxx.so number>
KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="+cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind" IUSE="brotli +cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind zlib zstd"
REQUIRED_USE="test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )" REQUIRED_USE="test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 seccomp tls-heartbeat tools )"
RESTRICT="!test? ( test )" RESTRICT="!test? ( test )"
@ -21,16 +23,21 @@ RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}]
dev-libs/libunistring:=[${MULTILIB_USEDEP}] dev-libs/libunistring:=[${MULTILIB_USEDEP}]
>=dev-libs/nettle-3.6:=[gmp,${MULTILIB_USEDEP}] >=dev-libs/nettle-3.6:=[gmp,${MULTILIB_USEDEP}]
>=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}] >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}]
brotli? ( >=app-arch/brotli-1.0.0:=[${MULTILIB_USEDEP}] )
dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] ) dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] )
guile? ( >=dev-scheme/guile-2:=[networking] ) guile? ( >=dev-scheme/guile-2:=[networking] )
nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] ) nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] )
pkcs11? ( >=app-crypt/p11-kit-0.23.1:=[${MULTILIB_USEDEP}] ) pkcs11? ( >=app-crypt/p11-kit-0.23.1[${MULTILIB_USEDEP}] )
idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )" idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )
zlib? ( sys-libs/zlib[${MULTILIB_USEDEP}] )
zstd? ( >=app-arch/zstd-1.3.0:=[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND} DEPEND="${RDEPEND}
test? ( test? (
seccomp? ( sys-libs/libseccomp ) seccomp? ( sys-libs/libseccomp )
)" )"
BDEPEND=">=virtual/pkgconfig-0-r1 BDEPEND="
dev-util/gtk-doc-am
>=virtual/pkgconfig-0-r1
doc? ( dev-util/gtk-doc ) doc? ( dev-util/gtk-doc )
nls? ( sys-devel/gettext ) nls? ( sys-devel/gettext )
valgrind? ( dev-util/valgrind ) valgrind? ( dev-util/valgrind )
@ -40,7 +47,8 @@ BDEPEND=">=virtual/pkgconfig-0-r1
dev-libs/softhsm:2[-bindist(-)] dev-libs/softhsm:2[-bindist(-)]
net-dialup/ppp net-dialup/ppp
net-misc/socat net-misc/socat
)" )
verify-sig? ( >=sec-keys/openpgp-keys-gnutls-20220320 )"
DOCS=( README.md doc/certtool.cfg ) DOCS=( README.md doc/certtool.cfg )
@ -73,6 +81,7 @@ multilib_src_configure() {
local libconf=() local libconf=()
# TPM needs to be tested before being enabled # TPM needs to be tested before being enabled
# Note that this may add a libltdl dep when enabled. Check configure.ac.
libconf+=( libconf+=(
--without-tpm --without-tpm
--without-tpm2 --without-tpm2
@ -86,6 +95,11 @@ multilib_src_configure() {
# Cygwin as does not understand these asm files at all # Cygwin as does not understand these asm files at all
[[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration ) [[ ${CHOST} == *-cygwin* ]] && libconf+=( --disable-hardware-acceleration )
# -fanalyzer substantially slows down the build and isn't useful for
# us. It's useful for upstream as it's static analysis, but it's not
# useful when just getting something built.
export gl_cv_warn_c__fanalyzer=no
local myeconfargs=( local myeconfargs=(
$(multilib_native_enable manpages) $(multilib_native_enable manpages)
$(multilib_native_use_enable doc gtk-doc) $(multilib_native_use_enable doc gtk-doc)
@ -104,14 +118,18 @@ multilib_src_configure() {
$(use_enable sslv3 ssl3-support) $(use_enable sslv3 ssl3-support)
$(use_enable static-libs static) $(use_enable static-libs static)
$(use_enable tls-heartbeat heartbeat-support) $(use_enable tls-heartbeat heartbeat-support)
$(use_with brotli)
$(use_with idn) $(use_with idn)
$(use_with pkcs11 p11-kit) $(use_with pkcs11 p11-kit)
$(use_with zlib)
$(use_with zstd)
--disable-rpath --disable-rpath
--with-default-trust-store-file="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt --with-default-trust-store-file="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt
--with-unbound-root-key-file="${EPREFIX}"/etc/dnssec/root-anchors.txt --with-unbound-root-key-file="${EPREFIX}"/etc/dnssec/root-anchors.txt
--without-included-libtasn1 --without-included-libtasn1
$("${S}/configure" --help | grep -o -- '--without-.*-prefix') $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
) )
ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}" ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}"
} }

85
sdk_container/src/third_party/portage-stable/net-libs/gnutls/metadata.xml vendored
View File

@ -1,46 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata> <pkgmetadata>
<maintainer type="project"> <maintainer type="project">
<email>base-system@gentoo.org</email> <email>base-system@gentoo.org</email>
</maintainer> </maintainer>
<use> <use>
<flag name="brotli"> <flag name="brotli">
Enable brotli decompression support via <pkg>app-arch/brotli</pkg> Enable brotli decompression support via <pkg>app-arch/brotli</pkg>
</flag> </flag>
<flag name="dane"> <flag name="dane">
Build libgnutls-dane, implementing DNS-based Authentication of Build libgnutls-dane, implementing DNS-based Authentication of
Named Entities. Requires <pkg>net-dns/unbound</pkg> Named Entities. Requires <pkg>net-dns/unbound</pkg>
</flag> </flag>
<flag name="openssl"> <flag name="openssl">
Build openssl compatibility libraries Build openssl compatibility libraries
</flag> </flag>
<flag name="pkcs11"> <flag name="pkcs11">
Add support for PKCS#11 through <pkg>app-crypt/p11-kit</pkg> Add support for PKCS#11 through <pkg>app-crypt/p11-kit</pkg>
</flag> </flag>
<flag name="tools"> <flag name="tools">
Build extra tools Build extra tools
</flag> </flag>
<flag name="tls-heartbeat"> <flag name="tls-heartbeat">
Enable the Heartbeat Extension in TLS and DTLS Enable the Heartbeat Extension in TLS and DTLS
</flag> </flag>
<flag name="sslv2"> <flag name="sslv2">
Support for the old/insecure SSLv2 protocol Support for the old/insecure SSLv2 protocol
</flag> </flag>
<flag name="sslv3"> <flag name="sslv3">
Support for the old/insecure SSLv3 protocol Support for the old/insecure SSLv3 protocol
</flag> </flag>
<flag name="test-full"> <flag name="test-full">
Enable full test mode Enable full test mode
</flag> </flag>
<flag name="valgrind"> <flag name="valgrind">
Enable usage of <pkg>dev-util/valgrind</pkg> in debug Enable usage of <pkg>dev-util/valgrind</pkg> in debug
</flag> </flag>
</use> </use>
<slots> <slots>
<subslots>Reflect ABI compatibility of libgnutls.so</subslots> <subslots>Reflect ABI compatibility of libgnutls.so</subslots>
</slots> </slots>
<upstream> <upstream>
<remote-id type="cpe">cpe:/a:gnu:gnutls</remote-id> <remote-id type="cpe">cpe:/a:gnu:gnutls</remote-id>
</upstream> <remote-id type="gitlab">gnutls/gnutls</remote-id>
</upstream>
</pkgmetadata> </pkgmetadata>