1 |
commit: 34abb7faf744a76561db0e7c922e2c6f409da053 |
2 |
Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Apr 30 06:01:29 2019 +0000 |
4 |
Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Apr 30 06:03:25 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=34abb7fa |
7 |
|
8 |
Revert "dev-libs/crypto++: cleanup old" |
9 |
|
10 |
This reverts commit 756f4a7c8eaf896507c32131037492bd1e26e2e5. |
11 |
|
12 |
Used by <sys-cluster/ceph/ceph-13 |
13 |
|
14 |
Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org> |
15 |
|
16 |
dev-libs/crypto++/Manifest | 1 + |
17 |
dev-libs/crypto++/crypto++-5.6.5-r1.ebuild | 60 ++++++++++++++++++++++ |
18 |
.../crypto++/files/crypto++-5.6.4-nonative.patch | 28 ++++++++++ |
19 |
.../files/crypto++-5.6.5-CVE-2017-9434.patch | 45 ++++++++++++++++ |
20 |
4 files changed, 134 insertions(+) |
21 |
|
22 |
diff --git a/dev-libs/crypto++/Manifest b/dev-libs/crypto++/Manifest |
23 |
index afb0e40685e..ddba9587a28 100644 |
24 |
--- a/dev-libs/crypto++/Manifest |
25 |
+++ b/dev-libs/crypto++/Manifest |
26 |
@@ -1 +1,2 @@ |
27 |
+DIST cryptopp565.zip 4220843 BLAKE2B 0c42da3564cdd175c2f2c5c4272caf826f21e47d2271c7f54acab86f5f79dcdad8d6cb946bc88f55fde6189bb2d24ad8fb03dda6b3b8c6f105434b55b8b217d0 SHA512 f13718d02ca69b0129aaf9e767c9d2e0333aa7538355f9c63d9eaf1ff369062084a18dc01489439ebf37797b3ea81b01beb072057d47ec962bfb824ddc72abc7 |
28 |
DIST cryptopp700.zip 7296665 BLAKE2B 1b1a60e240a9d94b4edfea16beef0ec48ec26c61f7f9a3d89d29bd2e77b13a83ce942f81467bb90d3086253560a3c4acd6b89178dcb416ed4328340ad5222dfd SHA512 8fd8d680e5ceaf10b3c32cb1504bda4b32abc9fcaa2c6e61e3b5e67aca805c792579884bc6a749c29a99105304c421d03d7fe7909fc58f750b3155c7c5cec8ec |
29 |
|
30 |
diff --git a/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild b/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild |
31 |
new file mode 100644 |
32 |
index 00000000000..03281fc6285 |
33 |
--- /dev/null |
34 |
+++ b/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild |
35 |
@@ -0,0 +1,60 @@ |
36 |
+# Copyright 1999-2018 Gentoo Foundation |
37 |
+# Distributed under the terms of the GNU General Public License v2 |
38 |
+ |
39 |
+EAPI=7 |
40 |
+ |
41 |
+inherit flag-o-matic toolchain-funcs |
42 |
+ |
43 |
+DESCRIPTION="C++ class library of cryptographic schemes" |
44 |
+HOMEPAGE="https://cryptopp.com" |
45 |
+SRC_URI="https://www.cryptopp.com/cryptopp${PV//.}.zip" |
46 |
+ |
47 |
+LICENSE="Boost-1.0" |
48 |
+SLOT="0/5.6" # subslot is so version |
49 |
+KEYWORDS="alpha amd64 ~arm arm64 hppa ppc ppc64 sparc x86 ~x64-macos" |
50 |
+IUSE="static-libs" |
51 |
+ |
52 |
+BDEPEND="app-arch/unzip" |
53 |
+ |
54 |
+S="${WORKDIR}" |
55 |
+ |
56 |
+PATCHES=( |
57 |
+ "${FILESDIR}/${PN}-5.6.4-nonative.patch" |
58 |
+ "${FILESDIR}/${P}-CVE-2017-9434.patch" |
59 |
+) |
60 |
+ |
61 |
+pkg_setup() { |
62 |
+ export CXX="$(tc-getCXX)" |
63 |
+ export LIBDIR="${EPREFIX}/usr/$(get_libdir)" |
64 |
+ export PREFIX="${EPREFIX}/usr" |
65 |
+} |
66 |
+ |
67 |
+src_compile() { |
68 |
+ # higher optimizations cause problems |
69 |
+ replace-flags -O3 -O2 |
70 |
+ # ASM isn't Darwin/Mach-O ready, #479554, buildsys doesn't grok CPPFLAGS |
71 |
+ [[ ${CHOST} == *-darwin* ]] && append-cxxflags -DCRYPTOPP_DISABLE_ASM |
72 |
+ |
73 |
+ emake -f GNUmakefile all shared |
74 |
+} |
75 |
+ |
76 |
+src_install() { |
77 |
+ default |
78 |
+ |
79 |
+ # remove leftovers as build system sucks |
80 |
+ rm -fr "${ED}"/usr/bin "${ED}"/usr/share/cryptopp |
81 |
+ use static-libs || rm -f "${ED}${EPREFIX}"/usr/$(get_libdir)/*.a |
82 |
+ |
83 |
+ # compatibility |
84 |
+ dosym cryptopp "${EPREFIX}"/usr/include/crypto++ |
85 |
+ for f in "${ED}${EPREFIX}"/usr/$(get_libdir)/*; do |
86 |
+ ln -s "$(basename "${f}")" "$(echo "${f}" | sed 's/cryptopp/crypto++/')" || die |
87 |
+ done |
88 |
+} |
89 |
+ |
90 |
+pkg_preinst() { |
91 |
+ # we switched directory to symlink |
92 |
+ # make sure portage digests that |
93 |
+ rm -fr "${EROOT}/usr/include/crypto++" |
94 |
+ rm -fr "${EROOT}/usr/include/cryptopp" |
95 |
+} |
96 |
|
97 |
diff --git a/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch b/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch |
98 |
new file mode 100644 |
99 |
index 00000000000..77d74ee729e |
100 |
--- /dev/null |
101 |
+++ b/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch |
102 |
@@ -0,0 +1,28 @@ |
103 |
+Index: work/GNUmakefile |
104 |
+=================================================================== |
105 |
+--- work.orig/GNUmakefile |
106 |
++++ work/GNUmakefile |
107 |
+@@ -125,23 +125,6 @@ ifeq ($(IS_X86)$(IS_X32)$(IS_CYGWIN)$(IS |
108 |
+ endif |
109 |
+ endif |
110 |
+ |
111 |
+-# Guard use of -march=native |
112 |
+-ifeq ($(GCC42_OR_LATER)$(IS_NETBSD),10) |
113 |
+- CXXFLAGS += -march=native |
114 |
+-else ifneq ($(CLANG_COMPILER)$(INTEL_COMPILER),00) |
115 |
+- CXXFLAGS += -march=native |
116 |
+-else |
117 |
+- # GCC 3.3 and "unknown option -march=" |
118 |
+- # Ubuntu GCC 4.1 compiler crash with -march=native |
119 |
+- # NetBSD GCC 4.8 compiler and "bad value (native) for -march= switch" |
120 |
+- # Sun compiler is handled below |
121 |
+- ifeq ($(SUN_COMPILER)$(IS_X64),01) |
122 |
+- CXXFLAGS += -m64 |
123 |
+- else ifeq ($(SUN_COMPILER)$(IS_X86),01) |
124 |
+- CXXFLAGS += -m32 |
125 |
+- endif # X86/X32/X64 |
126 |
+-endif |
127 |
+- |
128 |
+ # Aligned access required for -O3 and above due to vectorization |
129 |
+ UNALIGNED_ACCESS := $(shell $(EGREP) -c "^[[:space:]]*//[[:space:]]*\#[[:space:]]*define[[:space:]]*CRYPTOPP_NO_UNALIGNED_DATA_ACCESS" config.h) |
130 |
+ ifneq ($(UNALIGNED_ACCESS),0) |
131 |
|
132 |
diff --git a/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch b/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch |
133 |
new file mode 100644 |
134 |
index 00000000000..428f48901a3 |
135 |
--- /dev/null |
136 |
+++ b/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch |
137 |
@@ -0,0 +1,45 @@ |
138 |
+From 07dbcc3d9644b18e05c1776db2a57fe04d780965 Mon Sep 17 00:00:00 2001 |
139 |
+From: Jeffrey Walton <noloader@×××××.com> |
140 |
+Date: Wed, 10 May 2017 18:17:12 -0400 |
141 |
+Subject: [PATCH] Add Inflator::BadDistanceErr exception (Issue 414) The |
142 |
+ improved validation and excpetion clears the Address Sanitizer and Undefined |
143 |
+ Behavior Sanitizer findings |
144 |
+ |
145 |
+--- |
146 |
+ zinflate.cpp | 8 +++++++- |
147 |
+ zinflate.h | 4 ++++ |
148 |
+ 3 files changed, 14 insertions(+), 4 deletions(-) |
149 |
+ |
150 |
+diff --git a/zinflate.cpp b/zinflate.cpp |
151 |
+index 664efe6..fbd7505 100644 |
152 |
+--- a/zinflate.cpp |
153 |
++++ b/zinflate.cpp |
154 |
+@@ -550,12 +550,16 @@ bool Inflator::DecodeBody() |
155 |
+ break; |
156 |
+ } |
157 |
+ case DISTANCE_BITS: |
158 |
++ if (m_distance >= COUNTOF(distanceExtraBits)) |
159 |
++ throw BadDistanceErr(); |
160 |
+ bits = distanceExtraBits[m_distance]; |
161 |
+ if (!m_reader.FillBuffer(bits)) |
162 |
+ { |
163 |
+ m_nextDecode = DISTANCE_BITS; |
164 |
+ break; |
165 |
+ } |
166 |
++ if (m_distance >= COUNTOF(distanceStarts)) |
167 |
++ throw BadDistanceErr(); |
168 |
+ m_distance = m_reader.GetBits(bits) + distanceStarts[m_distance]; |
169 |
+ OutputPast(m_literal, m_distance); |
170 |
+ } |
171 |
+diff --git a/zinflate.h b/zinflate.h |
172 |
+index e2fd237..c47d2f6 100644 |
173 |
+--- a/zinflate.h |
174 |
++++ b/zinflate.h |
175 |
+@@ -96,6 +96,7 @@ public: |
176 |
+ }; |
177 |
+ class UnexpectedEndErr : public Err {public: UnexpectedEndErr() : Err(INVALID_DATA_FORMAT, "Inflator: unexpected end of compressed block") {}}; |
178 |
+ class BadBlockErr : public Err {public: BadBlockErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in compressed block") {}}; |
179 |
++ class BadDistanceErr : public Err {public: BadDistanceErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in bit distance") {}}; |
180 |
+ |
181 |
+ //! \brief RFC 1951 Decompressor |
182 |
+ //! \param attachment the filter's attached transformation |