mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-16 09:26:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #281 from flatcar-linux/krnowak/drop-duplicates

Browse Source 
Drop duplicated packages
This commit is contained in:
Krzesimir Nowak 2022-02-03 09:32:06 +01:00 committed by GitHub
commit e955cf4aac
10 changed files with 0 additions and 409 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/Manifest vendored
View File

@ -1,3 +0,0 @@
DIST sbsigntool-0.8-ccan.tar.gz 113537 BLAKE2B 8fbf27463d30c1895930628a145be2d521ae4f6adb7af3299bf2f5f4319fd643df0a07347ef6851bd41d233af4c3fc5f77002771af1c43aa0f20665aef2390b8 SHA512 6857096879f116f1802eb6b44789cbea7bb24440bc0f16503aeadf5f276fa45943f322f844dbb9abee717655205d82b830143be3a7f4424fd4146b9360674a09
DIST sbsigntool_0.6.orig.tar.gz 212375 BLAKE2B fab9141c7fbfa01ec24f975503ac83be4ae0664251a1311afb3d95124fec3750ce20a5ffab35b6965d4ee4585ab4ee91f25ae49488214a983b6fc006071d0968 SHA512 ed314d1cb7278cf5f27d4c3cd17f2195678419a7f9e47770429b6f95df35f7df035331e60c45970183ddd9b150a9b752f876c777929598b0525872b3255af95c
DIST sbsigntools-0.9.1.tar.gz 56497 BLAKE2B 22791bd4b490f36963a19e82da3ce7b93a56d948bf44d1ffdb62fa3291a3f815b2c19d68f9180b607c2b1438f656367ec1f9002f0b1225734d16a9aadc6d20ec SHA512 ae16232327c098bbc60a9701185d856d851cb7fa8f62be64d3c8f75c8b274b8521fcc4212226189def05db980690878ee6ac9a9b418166c92442aaf35e790d29

29
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/files/0002-image.c-clear-image-variable.patch vendored
View File

@ -1,29 +0,0 @@
From 21e984fa9d93a760cc03f5d9d13d023809227df2 Mon Sep 17 00:00:00 2001
From: James Bottomley <JBottomley@Parallels.com>
Date: Thu, 11 Apr 2013 21:12:17 -0700
Subject: image.c: clear image variable
Not zeroing the image after talloc occasionally leads to a segfault because
the programme thinks it has a signature when in reality it just has a junk
pointer and segfaults.
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
---
src/image.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/image.c b/src/image.c
index cc55791..10eba0e 100644
--- a/src/image.c
+++ b/src/image.c
@@ -401,6 +401,7 @@ struct image *image_load(const char *filename)
return NULL;
}
+ memset(image, 0, sizeof(*image));
rc = fileio_read_file(image, filename, &image->buf, &image->size);
if (rc)
goto err;
--
1.8.2.1

39
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/files/0003-Fix-for-multi-sign.patch vendored
View File

@ -1,39 +0,0 @@
From e58a528ef57e53008222f238cce7c326a14572e2 Mon Sep 17 00:00:00 2001
From: James Bottomley <JBottomley@Parallels.com>
Date: Mon, 30 Sep 2013 19:25:37 -0700
Subject: [PATCH 4/4] Fix for multi-sign
The new Tianocore multi-sign code fails now for images signed with
sbsigntools. The reason is that we don't actually align the signature table,
we just slap it straight after the binary data. Unfortunately, the new
multi-signature code checks that our alignment offsets are correct and fails
the signature for this reason. Fix by adding junk to the end of the image to
align the signature section.
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
---
src/image.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/image.c b/src/image.c
index 10eba0e..519e288 100644
--- a/src/image.c
+++ b/src/image.c
@@ -385,7 +385,13 @@ static int image_find_regions(struct image *image)
/* record the size of non-signature data */
r = &image->checksum_regions[image->n_checksum_regions - 1];
- image->data_size = (r->data - (void *)image->buf) + r->size;
+ /*
+ * The new Tianocore multisign does a stricter check of the signatures
+ * in particular, the signature table must start at an aligned offset
+ * fix this by adding bytes to the end of the text section (which must
+ * be included in the hash)
+ */
+ image->data_size = align_up((r->data - (void *)image->buf) + r->size, 8);
return 0;
}
--
1.8.4

152
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/files/sbsigntools-0.9.1-openssl-1.1.0-compat.patch vendored
View File

@ -1,152 +0,0 @@
diff --git a/src/fileio.c b/src/fileio.c
index 032eb1e..09bc3aa 100644
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -40,6 +40,7 @@
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/engine.h>
+#include <openssl/ui.h>
#include <ccan/talloc/talloc.h>
#include <ccan/read_write_all/read_write_all.h>
diff --git a/src/idc.c b/src/idc.c
index 236cefd..6d87bd4 100644
--- a/src/idc.c
+++ b/src/idc.c
@@ -238,7 +238,11 @@ struct idc *IDC_get(PKCS7 *p7, BIO *bio)
/* extract the idc from the signed PKCS7 'other' data */
str = p7->d.sign->contents->d.other->value.asn1_string;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
idcbuf = buf = ASN1_STRING_data(str);
+#else
+ idcbuf = buf = ASN1_STRING_get0_data(str);
+#endif
idc = d2i_IDC(NULL, &buf, ASN1_STRING_length(str));
/* If we were passed a BIO, write the idc data, minus type and length,
@@ -289,7 +293,11 @@ int IDC_check_hash(struct idc *idc, struct image *image)
}
/* check hash against the one we calculated from the image */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
buf = ASN1_STRING_data(str);
+#else
+ buf = ASN1_STRING_get0_data(str);
+#endif
if (memcmp(buf, sha, sizeof(sha))) {
fprintf(stderr, "Hash doesn't match image\n");
fprintf(stderr, " got: %s\n", sha256_str(buf));
diff --git a/src/sbattach.c b/src/sbattach.c
index a0c01b8..e89a23e 100644
--- a/src/sbattach.c
+++ b/src/sbattach.c
@@ -231,6 +231,7 @@ int main(int argc, char **argv)
return EXIT_FAILURE;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OPENSSL_config(NULL);
@@ -239,6 +240,7 @@ int main(int argc, char **argv)
* module isn't present). In either case ignore the errors
* (malloc will cause other failures out lower down */
ERR_clear_error();
+#endif
image = image_load(image_filename);
if (!image) {
diff --git a/src/sbkeysync.c b/src/sbkeysync.c
index 7b17f40..419b1e7 100644
--- a/src/sbkeysync.c
+++ b/src/sbkeysync.c
@@ -208,7 +208,11 @@ static int x509_key_parse(struct key *key, uint8_t *data, size_t len)
goto out;
key->id_len = ASN1_STRING_length(serial);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len);
+#else
+ key->id = talloc_memdup(key, ASN1_STRING_get0_data(serial), key->id_len);
+#endif
key->description = talloc_array(key, char, description_len);
X509_NAME_oneline(X509_get_subject_name(x509),
@@ -927,6 +931,7 @@ int main(int argc, char **argv)
return EXIT_FAILURE;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
@@ -936,6 +941,7 @@ int main(int argc, char **argv)
* module isn't present). In either case ignore the errors
* (malloc will cause other failures out lower down */
ERR_clear_error();
+#endif
ctx->filesystem_keys = init_keyset(ctx);
ctx->firmware_keys = init_keyset(ctx);
diff --git a/src/sbsign.c b/src/sbsign.c
index ff1fdfd..78d8d64 100644
--- a/src/sbsign.c
+++ b/src/sbsign.c
@@ -188,6 +188,7 @@ int main(int argc, char **argv)
talloc_steal(ctx, ctx->image);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
@@ -197,6 +198,7 @@ int main(int argc, char **argv)
* module isn't present). In either case ignore the errors
* (malloc will cause other failures out lower down */
ERR_clear_error();
+#endif
if (engine)
pkey = fileio_read_engine_key(engine, keyfilename);
else
diff --git a/src/sbvarsign.c b/src/sbvarsign.c
index 7dcbe51..9319c8b 100644
--- a/src/sbvarsign.c
+++ b/src/sbvarsign.c
@@ -509,6 +509,7 @@ int main(int argc, char **argv)
return EXIT_FAILURE;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* initialise openssl */
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
@@ -519,6 +520,7 @@ int main(int argc, char **argv)
* module isn't present). In either case ignore the errors
* (malloc will cause other failures out lower down */
ERR_clear_error();
+#endif
/* set up the variable signing context */
varname = argv[optind];
diff --git a/src/sbverify.c b/src/sbverify.c
index 3920d91..d0b203a 100644
--- a/src/sbverify.c
+++ b/src/sbverify.c
@@ -250,6 +250,7 @@ int main(int argc, char **argv)
verbose = false;
detached_sig_filename = NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
OPENSSL_config(NULL);
@@ -258,6 +259,7 @@ int main(int argc, char **argv)
* module isn't present). In either case ignore the errors
* (malloc will cause other failures out lower down */
ERR_clear_error();
+#endif
for (;;) {
int idx;

10
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/metadata.xml vendored
View File

@ -1,10 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>tamiko@gentoo.org</email>
</maintainer>
<upstream>
<remote-id type="launchpad">ubuntu</remote-id>
</upstream>
</pkgmetadata>

43
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/sbsigntools-0.6-r2.ebuild vendored
View File

@ -1,43 +0,0 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
MY_PN="${PN::-1}"
inherit eutils toolchain-funcs
DESCRIPTION="Utilities for signing and verifying files for UEFI Secure Boot"
HOMEPAGE="https://launchpad.net/ubuntu/+source/sbsigntool"
SRC_URI="https://launchpad.net/ubuntu/+archive/primary/+files/${MY_PN}_${PV}.orig.tar.gz"
LICENSE="GPL-3"
SLOT="0"
KEYWORDS="amd64 x86"
IUSE=""
RDEPEND="
dev-libs/openssl:0=
sys-apps/util-linux"
DEPEND="${RDEPEND}
sys-apps/help2man
sys-boot/gnu-efi
sys-libs/binutils-libs
virtual/pkgconfig"
S="${WORKDIR}/${MY_PN}-${PV}"
src_prepare() {
local iarch
case ${ARCH} in
ia64) iarch=ia64 ;;
x86) iarch=ia32 ;;
amd64) iarch=x86_64 ;;
*) die "unsupported architecture: ${ARCH}" ;;
esac
sed -i "/^EFI_ARCH=/s:=.*:=${iarch}:" configure || die
sed -i 's/-m64$/& -march=x86-64/' tests/Makefile.in || die
sed -i "/^AR /s:=.*:= $(tc-getAR):" lib/ccan/Makefile.in || die #481480
epatch "${FILESDIR}"/0002-image.c-clear-image-variable.patch
epatch "${FILESDIR}"/0003-Fix-for-multi-sign.patch
}

51
sdk_container/src/third_party/portage-stable/app-crypt/sbsigntools/sbsigntools-0.9.1-r1.ebuild vendored
View File

@ -1,51 +0,0 @@
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="6"
MY_PN="${PN::-1}"
inherit eutils autotools
DESCRIPTION="Utilities for signing and verifying files for UEFI Secure Boot"
HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/sbsigntools.git/"
SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/${PN}.git/snapshot/${P}.tar.gz
https://dev.gentoo.org/~tamiko/distfiles/${MY_PN}-0.8-ccan.tar.gz"
LICENSE="GPL-3 LGPL-3 LGPL-2.1 CC0-1.0"
SLOT="0"
KEYWORDS="~amd64 ~arm64 ~x86"
IUSE=""
RDEPEND="
dev-libs/openssl:0=
sys-apps/util-linux"
DEPEND="${RDEPEND}
sys-apps/help2man
sys-boot/gnu-efi
sys-libs/binutils-libs
virtual/pkgconfig"
PATCHES=(
"${FILESDIR}"/${P}-openssl-1.1.0-compat.patch
)
src_prepare() {
mv "${WORKDIR}"/lib/ccan "${S}"/lib || die "mv failed"
rmdir "${WORKDIR}"/lib || die "rmdir failed"
local iarch
case ${ARCH} in
amd64) iarch=x86_64 ;;
arm64) iarch=aarch64 ;;
ia64) iarch=ia64 ;;
x86) iarch=ia32 ;;
*) die "unsupported architecture: ${ARCH}" ;;
esac
sed -i "/^EFI_ARCH=/s:=.*:=${iarch}:" configure.ac || die
sed -i 's/-m64$/& -march=x86-64/' tests/Makefile.am || die
sed -i "/^AR /s:=.*:= $(tc-getAR):" lib/ccan/Makefile.in || die #481480
default
eautoreconf
}

1
sdk_container/src/third_party/portage-stable/sys-process/tini/Manifest vendored
View File

@ -1 +0,0 @@
DIST tini-0.18.0.tar.gz 32152 BLAKE2B d676f0f1b4d9f6dca98cdb626aa7c525ec55e090cfeb1cf0e9ab167f1ef4285123223873e92e81d5d62ceb631e26e9012f16b28b1d35813ac801f8e4594be70b SHA512 83279180b6a875aaff9b6b7446ee7e71fd05357279744afcb4db67c76572dc871acfba86c035857009b5dd88ca75d9f2e815d6a925563cdb3e6e771eb83be9b1

22
sdk_container/src/third_party/portage-stable/sys-process/tini/metadata.xml vendored
View File

@ -1,22 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<upstream>
<remote-id type="github">krallin/tini</remote-id>
</upstream>
<maintainer type="person">
<email>zmedico@gentoo.org</email>
<name>Zac Medico</name>
</maintainer>
<maintainer type="person">
<email>mrueg@gentoo.org</email>
<name>Manuel Rüger</name>
</maintainer>
<maintainer type="person">
<email>williamh@gentoo.org</email>
<name>William Hubbs</name>
</maintainer>
<use>
<flag name="args">Enable argument parsing.</flag>
</use>
</pkgmetadata>

59
sdk_container/src/third_party/portage-stable/sys-process/tini/tini-0.18.0.ebuild vendored
View File

@ -1,59 +0,0 @@
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit cmake-utils flag-o-matic
GIT_COMMIT=fec3683b971d9c3ef73f284f176672c44b448662
DESCRIPTION="A tiny but valid init for containers"
HOMEPAGE="https://github.com/krallin/tini"
SRC_URI="https://github.com/krallin/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="MIT"
SLOT="0"
KEYWORDS="amd64 ~arm ~arm64 ~x86"
IUSE="+args +static"
src_prepare() {
cmake-utils_src_prepare
local sed_args=(
# Do not strip binary
-e 's/-Wl,-s")$/")/'
# Remove -Werror and -pedantic-errors in order to allow macro
# redefinition, so that CFLAGS="-U_FORTIFY_SOURCE" does not
# trigger an error due to add_definitions(-D_FORTIFY_SOURCE=2)
# in CMakeLists.txt (bug 626438).
-e "s/ -Werror / /"
-e "s/ -pedantic-errors / /"
)
sed -i "${sed_args[@]}" \
-e "s/git.*status --porcelain.*/true/" \
-e "s/git.*log -n 1.*/true/" \
-e "s/git.\${tini_VERSION_GIT}/git.${GIT_COMMIT}/" \
CMakeLists.txt || die
}
src_configure() {
local mycmakeargs=()
use args || mycmakeargs+=(-DMINIMAL=ON)
cmake-utils_src_configure
}
src_compile() {
append-cflags -DPR_SET_CHILD_SUBREAPER=36 -DPR_GET_CHILD_SUBREAPER=37
cmake-utils_src_compile
}
src_install() {
cmake-utils_src_install
if use static; then
mv "${ED%/}"/usr/bin/{${PN}-static,${PN}} || die
else
rm "${ED%/}"/usr/bin/${PN}-static || die
fi
}