1 |
commit: 871179913c778d4f66d9c4f5f5a70cb93b3c97b0 |
2 |
Author: Matthias Maier <tamiko <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Jun 29 03:56:15 2018 +0000 |
4 |
Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Jun 29 04:01:39 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87117991 |
7 |
|
8 |
app-crypt/sbsigntool: version bump to 0.9.1 |
9 |
|
10 |
* version bump to 0.9.1 |
11 |
* use new upstream repository |
12 |
* openssl-1.1.0 patches, thanks to Quentin Minster |
13 |
* multiple compilation fixes |
14 |
|
15 |
Closes: https://bugs.gentoo.org/647914 |
16 |
Closes: https://bugs.gentoo.org/652094 |
17 |
Closes: https://bugs.gentoo.org/629992 |
18 |
Closes: https://bugs.gentoo.org/632068 |
19 |
Closes: https://bugs.gentoo.org/657648 |
20 |
Package-Manager: Portage-2.3.41, Repoman-2.3.9 |
21 |
|
22 |
app-crypt/sbsigntool/Manifest | 1 + |
23 |
.../sbsigntool-0.9.1-openssl-1.1.0-compat.patch | 152 +++++++++++++++++++++ |
24 |
app-crypt/sbsigntool/sbsigntool-0.8.ebuild | 2 +- |
25 |
...signtool-0.8.ebuild => sbsigntool-0.9.1.ebuild} | 24 ++-- |
26 |
4 files changed, 169 insertions(+), 10 deletions(-) |
27 |
|
28 |
diff --git a/app-crypt/sbsigntool/Manifest b/app-crypt/sbsigntool/Manifest |
29 |
index da74645d423..b6ff136f716 100644 |
30 |
--- a/app-crypt/sbsigntool/Manifest |
31 |
+++ b/app-crypt/sbsigntool/Manifest |
32 |
@@ -1,3 +1,4 @@ |
33 |
DIST sbsigntool-0.8-ccan.tar.gz 113537 BLAKE2B 8fbf27463d30c1895930628a145be2d521ae4f6adb7af3299bf2f5f4319fd643df0a07347ef6851bd41d233af4c3fc5f77002771af1c43aa0f20665aef2390b8 SHA512 6857096879f116f1802eb6b44789cbea7bb24440bc0f16503aeadf5f276fa45943f322f844dbb9abee717655205d82b830143be3a7f4424fd4146b9360674a09 |
34 |
DIST sbsigntool-0.8.tar.gz 55537 BLAKE2B f81a530995b90f4030ae2bb36cdf4c5bab8fde5bbc4646029af008df9368968c1f1774317e8b0f94e6c75a33f0d79892f26d99c2987c92766f520a3b9a8e2e57 SHA512 ffc2661135dcdbdd218640f0a0657127c5519ade7ddaaa894898e382b4898829e5b877be51fce48bddd186667bf533f779cd5a323c79aad8b0e63b74f7a2c128 |
35 |
+DIST sbsigntool-0.9.1.tar.gz 56497 BLAKE2B 22791bd4b490f36963a19e82da3ce7b93a56d948bf44d1ffdb62fa3291a3f815b2c19d68f9180b607c2b1438f656367ec1f9002f0b1225734d16a9aadc6d20ec SHA512 ae16232327c098bbc60a9701185d856d851cb7fa8f62be64d3c8f75c8b274b8521fcc4212226189def05db980690878ee6ac9a9b418166c92442aaf35e790d29 |
36 |
DIST sbsigntool_0.6.orig.tar.gz 212375 BLAKE2B fab9141c7fbfa01ec24f975503ac83be4ae0664251a1311afb3d95124fec3750ce20a5ffab35b6965d4ee4585ab4ee91f25ae49488214a983b6fc006071d0968 SHA512 ed314d1cb7278cf5f27d4c3cd17f2195678419a7f9e47770429b6f95df35f7df035331e60c45970183ddd9b150a9b752f876c777929598b0525872b3255af95c |
37 |
|
38 |
diff --git a/app-crypt/sbsigntool/files/sbsigntool-0.9.1-openssl-1.1.0-compat.patch b/app-crypt/sbsigntool/files/sbsigntool-0.9.1-openssl-1.1.0-compat.patch |
39 |
new file mode 100644 |
40 |
index 00000000000..2f9364f246e |
41 |
--- /dev/null |
42 |
+++ b/app-crypt/sbsigntool/files/sbsigntool-0.9.1-openssl-1.1.0-compat.patch |
43 |
@@ -0,0 +1,152 @@ |
44 |
+diff --git a/src/fileio.c b/src/fileio.c |
45 |
+index 032eb1e..09bc3aa 100644 |
46 |
+--- a/src/fileio.c |
47 |
++++ b/src/fileio.c |
48 |
+@@ -40,6 +40,7 @@ |
49 |
+ #include <openssl/pem.h> |
50 |
+ #include <openssl/err.h> |
51 |
+ #include <openssl/engine.h> |
52 |
++#include <openssl/ui.h> |
53 |
+ |
54 |
+ #include <ccan/talloc/talloc.h> |
55 |
+ #include <ccan/read_write_all/read_write_all.h> |
56 |
+diff --git a/src/idc.c b/src/idc.c |
57 |
+index 236cefd..6d87bd4 100644 |
58 |
+--- a/src/idc.c |
59 |
++++ b/src/idc.c |
60 |
+@@ -238,7 +238,11 @@ struct idc *IDC_get(PKCS7 *p7, BIO *bio) |
61 |
+ |
62 |
+ /* extract the idc from the signed PKCS7 'other' data */ |
63 |
+ str = p7->d.sign->contents->d.other->value.asn1_string; |
64 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
65 |
+ idcbuf = buf = ASN1_STRING_data(str); |
66 |
++#else |
67 |
++ idcbuf = buf = ASN1_STRING_get0_data(str); |
68 |
++#endif |
69 |
+ idc = d2i_IDC(NULL, &buf, ASN1_STRING_length(str)); |
70 |
+ |
71 |
+ /* If we were passed a BIO, write the idc data, minus type and length, |
72 |
+@@ -289,7 +293,11 @@ int IDC_check_hash(struct idc *idc, struct image *image) |
73 |
+ } |
74 |
+ |
75 |
+ /* check hash against the one we calculated from the image */ |
76 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
77 |
+ buf = ASN1_STRING_data(str); |
78 |
++#else |
79 |
++ buf = ASN1_STRING_get0_data(str); |
80 |
++#endif |
81 |
+ if (memcmp(buf, sha, sizeof(sha))) { |
82 |
+ fprintf(stderr, "Hash doesn't match image\n"); |
83 |
+ fprintf(stderr, " got: %s\n", sha256_str(buf)); |
84 |
+diff --git a/src/sbattach.c b/src/sbattach.c |
85 |
+index a0c01b8..e89a23e 100644 |
86 |
+--- a/src/sbattach.c |
87 |
++++ b/src/sbattach.c |
88 |
+@@ -231,6 +231,7 @@ int main(int argc, char **argv) |
89 |
+ return EXIT_FAILURE; |
90 |
+ } |
91 |
+ |
92 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
93 |
+ ERR_load_crypto_strings(); |
94 |
+ OpenSSL_add_all_digests(); |
95 |
+ OPENSSL_config(NULL); |
96 |
+@@ -239,6 +240,7 @@ int main(int argc, char **argv) |
97 |
+ * module isn't present). In either case ignore the errors |
98 |
+ * (malloc will cause other failures out lower down */ |
99 |
+ ERR_clear_error(); |
100 |
++#endif |
101 |
+ |
102 |
+ image = image_load(image_filename); |
103 |
+ if (!image) { |
104 |
+diff --git a/src/sbkeysync.c b/src/sbkeysync.c |
105 |
+index 7b17f40..419b1e7 100644 |
106 |
+--- a/src/sbkeysync.c |
107 |
++++ b/src/sbkeysync.c |
108 |
+@@ -208,7 +208,11 @@ static int x509_key_parse(struct key *key, uint8_t *data, size_t len) |
109 |
+ goto out; |
110 |
+ |
111 |
+ key->id_len = ASN1_STRING_length(serial); |
112 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
113 |
+ key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len); |
114 |
++#else |
115 |
++ key->id = talloc_memdup(key, ASN1_STRING_get0_data(serial), key->id_len); |
116 |
++#endif |
117 |
+ |
118 |
+ key->description = talloc_array(key, char, description_len); |
119 |
+ X509_NAME_oneline(X509_get_subject_name(x509), |
120 |
+@@ -927,6 +931,7 @@ int main(int argc, char **argv) |
121 |
+ return EXIT_FAILURE; |
122 |
+ } |
123 |
+ |
124 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
125 |
+ ERR_load_crypto_strings(); |
126 |
+ OpenSSL_add_all_digests(); |
127 |
+ OpenSSL_add_all_ciphers(); |
128 |
+@@ -936,6 +941,7 @@ int main(int argc, char **argv) |
129 |
+ * module isn't present). In either case ignore the errors |
130 |
+ * (malloc will cause other failures out lower down */ |
131 |
+ ERR_clear_error(); |
132 |
++#endif |
133 |
+ |
134 |
+ ctx->filesystem_keys = init_keyset(ctx); |
135 |
+ ctx->firmware_keys = init_keyset(ctx); |
136 |
+diff --git a/src/sbsign.c b/src/sbsign.c |
137 |
+index ff1fdfd..78d8d64 100644 |
138 |
+--- a/src/sbsign.c |
139 |
++++ b/src/sbsign.c |
140 |
+@@ -188,6 +188,7 @@ int main(int argc, char **argv) |
141 |
+ |
142 |
+ talloc_steal(ctx, ctx->image); |
143 |
+ |
144 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
145 |
+ ERR_load_crypto_strings(); |
146 |
+ OpenSSL_add_all_digests(); |
147 |
+ OpenSSL_add_all_ciphers(); |
148 |
+@@ -197,6 +198,7 @@ int main(int argc, char **argv) |
149 |
+ * module isn't present). In either case ignore the errors |
150 |
+ * (malloc will cause other failures out lower down */ |
151 |
+ ERR_clear_error(); |
152 |
++#endif |
153 |
+ if (engine) |
154 |
+ pkey = fileio_read_engine_key(engine, keyfilename); |
155 |
+ else |
156 |
+diff --git a/src/sbvarsign.c b/src/sbvarsign.c |
157 |
+index 7dcbe51..9319c8b 100644 |
158 |
+--- a/src/sbvarsign.c |
159 |
++++ b/src/sbvarsign.c |
160 |
+@@ -509,6 +509,7 @@ int main(int argc, char **argv) |
161 |
+ return EXIT_FAILURE; |
162 |
+ } |
163 |
+ |
164 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
165 |
+ /* initialise openssl */ |
166 |
+ OpenSSL_add_all_digests(); |
167 |
+ OpenSSL_add_all_ciphers(); |
168 |
+@@ -519,6 +520,7 @@ int main(int argc, char **argv) |
169 |
+ * module isn't present). In either case ignore the errors |
170 |
+ * (malloc will cause other failures out lower down */ |
171 |
+ ERR_clear_error(); |
172 |
++#endif |
173 |
+ |
174 |
+ /* set up the variable signing context */ |
175 |
+ varname = argv[optind]; |
176 |
+diff --git a/src/sbverify.c b/src/sbverify.c |
177 |
+index 3920d91..d0b203a 100644 |
178 |
+--- a/src/sbverify.c |
179 |
++++ b/src/sbverify.c |
180 |
+@@ -250,6 +250,7 @@ int main(int argc, char **argv) |
181 |
+ verbose = false; |
182 |
+ detached_sig_filename = NULL; |
183 |
+ |
184 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L |
185 |
+ OpenSSL_add_all_digests(); |
186 |
+ ERR_load_crypto_strings(); |
187 |
+ OPENSSL_config(NULL); |
188 |
+@@ -258,6 +259,7 @@ int main(int argc, char **argv) |
189 |
+ * module isn't present). In either case ignore the errors |
190 |
+ * (malloc will cause other failures out lower down */ |
191 |
+ ERR_clear_error(); |
192 |
++#endif |
193 |
+ |
194 |
+ for (;;) { |
195 |
+ int idx; |
196 |
|
197 |
diff --git a/app-crypt/sbsigntool/sbsigntool-0.8.ebuild b/app-crypt/sbsigntool/sbsigntool-0.8.ebuild |
198 |
index 853bb524454..5ee27f8cf23 100644 |
199 |
--- a/app-crypt/sbsigntool/sbsigntool-0.8.ebuild |
200 |
+++ b/app-crypt/sbsigntool/sbsigntool-0.8.ebuild |
201 |
@@ -1,4 +1,4 @@ |
202 |
-# Copyright 1999-2017 Gentoo Foundation |
203 |
+# Copyright 1999-2018 Gentoo Foundation |
204 |
# Distributed under the terms of the GNU General Public License v2 |
205 |
|
206 |
EAPI="5" |
207 |
|
208 |
diff --git a/app-crypt/sbsigntool/sbsigntool-0.8.ebuild b/app-crypt/sbsigntool/sbsigntool-0.9.1.ebuild |
209 |
similarity index 66% |
210 |
copy from app-crypt/sbsigntool/sbsigntool-0.8.ebuild |
211 |
copy to app-crypt/sbsigntool/sbsigntool-0.9.1.ebuild |
212 |
index 853bb524454..83cf4a6bf77 100644 |
213 |
--- a/app-crypt/sbsigntool/sbsigntool-0.8.ebuild |
214 |
+++ b/app-crypt/sbsigntool/sbsigntool-0.9.1.ebuild |
215 |
@@ -1,14 +1,14 @@ |
216 |
-# Copyright 1999-2017 Gentoo Foundation |
217 |
+# Copyright 1999-2018 Gentoo Foundation |
218 |
# Distributed under the terms of the GNU General Public License v2 |
219 |
|
220 |
-EAPI="5" |
221 |
+EAPI="6" |
222 |
|
223 |
-inherit eutils toolchain-funcs autotools-utils |
224 |
+inherit eutils autotools |
225 |
|
226 |
DESCRIPTION="Utilities for signing and verifying files for UEFI Secure Boot" |
227 |
HOMEPAGE="https://git.kernel.org/cgit/linux/kernel/git/jejb/sbsigntools.git/" |
228 |
-SRC_URI="https://dev.gentoo.org/~tamiko/distfiles/${P}.tar.gz |
229 |
- https://dev.gentoo.org/~tamiko/distfiles/${P}-ccan.tar.gz" |
230 |
+SRC_URI="https://git.kernel.org/pub/scm/linux/kernel/git/jejb/${PN}s.git/snapshot/${PN}s-${PV}.tar.gz -> ${P}.tar.gz |
231 |
+ https://dev.gentoo.org/~tamiko/distfiles/${PN}-0.8-ccan.tar.gz" |
232 |
|
233 |
LICENSE="GPL-3 LGPL-3 LGPL-2.1 CC0-1.0" |
234 |
SLOT="0" |
235 |
@@ -25,9 +25,16 @@ DEPEND="${RDEPEND} |
236 |
sys-libs/binutils-libs |
237 |
virtual/pkgconfig" |
238 |
|
239 |
-S="${WORKDIR}" |
240 |
+S="${WORKDIR}/${PN}s-${PV}" |
241 |
+ |
242 |
+PATCHES=( |
243 |
+ "${FILESDIR}"/${P}-openssl-1.1.0-compat.patch |
244 |
+) |
245 |
|
246 |
src_prepare() { |
247 |
+ mv "${WORKDIR}"/lib/ccan "${S}"/lib || die "mv failed" |
248 |
+ rmdir "${WORKDIR}"/lib || die "rmdir failed" |
249 |
+ |
250 |
local iarch |
251 |
case ${ARCH} in |
252 |
amd64) iarch=x86_64 ;; |
253 |
@@ -40,7 +47,6 @@ src_prepare() { |
254 |
sed -i 's/-m64$/& -march=x86-64/' tests/Makefile.am || die |
255 |
sed -i "/^AR /s:=.*:= $(tc-getAR):" lib/ccan/Makefile.in || die #481480 |
256 |
|
257 |
- AUTOTOOLS_IN_SOURCE_BUILD=1 |
258 |
- AUTOTOOLS_AUTORECONF=true |
259 |
- autotools-utils_src_prepare |
260 |
+ default |
261 |
+ eautoreconf |
262 |
} |