1 |
commit: 01d7096ca1ab0c79e5bbf442188d13ab6aadefff |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Jun 27 07:31:26 2019 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Jun 27 08:17:49 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=01d7096c |
7 |
|
8 |
net-misc/aria2: Attempt to correct crazy crypto-lib logic |
9 |
|
10 |
Attempt to rework crypto-lib dependencies to correctly indicate |
11 |
libraries needed for program operation. The new logic involves using |
12 |
OpenSSL only with USE=ssl+!gnutls but using it both for TLS & MD. |
13 |
In all other circumstances, GnuTLS is used for TLS (if USE=ssl), |
14 |
and nettle/libgcrypt is used for MD. The latter is needed independently |
15 |
of bittorrent support; it only affects additional libgmp dependency. |
16 |
|
17 |
Closes: https://bugs.gentoo.org/688780 |
18 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
19 |
|
20 |
net-misc/aria2/aria2-1.34.0-r2.ebuild | 184 ++++++++++++++++++++++++++++++++++ |
21 |
net-misc/aria2/metadata.xml | 3 +- |
22 |
2 files changed, 186 insertions(+), 1 deletion(-) |
23 |
|
24 |
diff --git a/net-misc/aria2/aria2-1.34.0-r2.ebuild b/net-misc/aria2/aria2-1.34.0-r2.ebuild |
25 |
new file mode 100644 |
26 |
index 00000000000..025e6d10b73 |
27 |
--- /dev/null |
28 |
+++ b/net-misc/aria2/aria2-1.34.0-r2.ebuild |
29 |
@@ -0,0 +1,184 @@ |
30 |
+# Copyright 1999-2019 Gentoo Authors |
31 |
+# Distributed under the terms of the GNU General Public License v2 |
32 |
+ |
33 |
+EAPI="6" |
34 |
+ |
35 |
+inherit bash-completion-r1 |
36 |
+ |
37 |
+DESCRIPTION="A download utility with segmented downloading with BitTorrent support" |
38 |
+HOMEPAGE="https://aria2.github.io/" |
39 |
+SRC_URI="https://github.com/aria2/${PN}/releases/download/release-${PV}/${P}.tar.xz" |
40 |
+ |
41 |
+LICENSE="GPL-2+-with-openssl-exception" |
42 |
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux" |
43 |
+SLOT="0" |
44 |
+IUSE="adns bittorrent +gnutls jemalloc libuv +libxml2 metalink +nettle nls sqlite scripts ssh ssl tcmalloc test xmlrpc" |
45 |
+ |
46 |
+# Crazy GnuTLS/OpenSSL/etc. logic below: |
47 |
+# 1. Those libraries are used for two purposes: TLS & MD. |
48 |
+# 2. Upstream preferences are: |
49 |
+# 1) gnutls [tls] |
50 |
+# 2) !gnutls? -> openssl [tls+md] |
51 |
+# 3) !openssl? -> nettle [md] |
52 |
+# 4) !openssl? !nettle? -> gcrypt [md] |
53 |
+# 5) !*? -> bundled md routines (we don't use them) |
54 |
+# 3. There's also gmp usage for bittorrent with nettle. |
55 |
+# 4. You can't really control features, just dependencies. |
56 |
+# (we are skipping native Apple/Windows TLS support) |
57 |
+# |
58 |
+# We map this into: |
59 |
+# ssl? -> openssl || (gnutls + (nettle || libgcrypt )) |
60 |
+# !ssl? -> nettle || libgcrypt |
61 |
+ |
62 |
+CDEPEND="sys-libs/zlib:0= |
63 |
+ adns? ( >=net-dns/c-ares-1.5.0:0= ) |
64 |
+ jemalloc? ( dev-libs/jemalloc ) |
65 |
+ libuv? ( >=dev-libs/libuv-1.13:0= ) |
66 |
+ metalink? ( |
67 |
+ libxml2? ( >=dev-libs/libxml2-2.6.26:2= ) |
68 |
+ !libxml2? ( dev-libs/expat:0= ) ) |
69 |
+ sqlite? ( dev-db/sqlite:3= ) |
70 |
+ ssh? ( net-libs/libssh2:= ) |
71 |
+ ssl? ( |
72 |
+ app-misc/ca-certificates |
73 |
+ gnutls? ( |
74 |
+ >=net-libs/gnutls-1.2.9:0= |
75 |
+ nettle? ( |
76 |
+ >=dev-libs/nettle-2.4:0= |
77 |
+ bittorrent? ( |
78 |
+ >=dev-libs/nettle-2.4:0=[gmp] |
79 |
+ >=dev-libs/gmp-6:0= |
80 |
+ ) |
81 |
+ ) |
82 |
+ !nettle? ( >=dev-libs/libgcrypt-1.2.2:0= ) |
83 |
+ ) |
84 |
+ !gnutls? ( |
85 |
+ dev-libs/openssl:0= |
86 |
+ ) |
87 |
+ ) |
88 |
+ !ssl? ( |
89 |
+ nettle? ( |
90 |
+ >=dev-libs/nettle-2.4:0= |
91 |
+ bittorrent? ( |
92 |
+ >=dev-libs/nettle-2.4:0=[gmp] |
93 |
+ >=dev-libs/gmp-6:0= |
94 |
+ ) |
95 |
+ ) |
96 |
+ !nettle? ( >=dev-libs/libgcrypt-1.2.2:0= ) |
97 |
+ ) |
98 |
+ tcmalloc? ( dev-util/google-perftools ) |
99 |
+ xmlrpc? ( |
100 |
+ libxml2? ( >=dev-libs/libxml2-2.6.26:2= ) |
101 |
+ !libxml2? ( dev-libs/expat:0= ) )" |
102 |
+ |
103 |
+DEPEND="${CDEPEND} |
104 |
+ app-arch/xz-utils |
105 |
+ virtual/pkgconfig |
106 |
+ nls? ( sys-devel/gettext ) |
107 |
+ test? ( >=dev-util/cppunit-1.12.0:0 )" |
108 |
+RDEPEND="${CDEPEND} |
109 |
+ nls? ( virtual/libiconv virtual/libintl ) |
110 |
+ scripts? ( dev-lang/ruby )" |
111 |
+ |
112 |
+# xmlrpc has no explicit switch, it's turned out by any XML library |
113 |
+# so metalink implicitly forces it on |
114 |
+REQUIRED_USE="?? ( jemalloc tcmalloc ) |
115 |
+ metalink? ( xmlrpc )" |
116 |
+RESTRICT="!test? ( test )" |
117 |
+ |
118 |
+pkg_setup() { |
119 |
+ if use scripts && ! use xmlrpc; then |
120 |
+ ewarn "Please note that you may need to enable USE=xmlrpc to run the aria2rpc" |
121 |
+ ewarn "and aria2mon scripts against the local aria2." |
122 |
+ fi |
123 |
+} |
124 |
+ |
125 |
+src_prepare() { |
126 |
+ eapply "${FILESDIR}"/${P}-make_unique.patch |
127 |
+ # https://bugs.gentoo.org/674622 (CVE-2019-3500) |
128 |
+ eapply "${FILESDIR}"/${P}-mask-headers.patch |
129 |
+ default |
130 |
+ sed -i -e "s|/tmp|${T}|" test/*.cc test/*.txt || die "sed failed" |
131 |
+} |
132 |
+ |
133 |
+src_configure() { |
134 |
+ local myconf=( |
135 |
+ # threads, epoll: check for best portability |
136 |
+ |
137 |
+ # do not try to compile and run a test LIBXML program |
138 |
+ --disable-xmltest |
139 |
+ # enable the shared library |
140 |
+ --enable-libaria2 |
141 |
+ # zlib should always be available anyway |
142 |
+ --with-libz |
143 |
+ --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt" |
144 |
+ |
145 |
+ # optional features |
146 |
+ $(use_enable bittorrent) |
147 |
+ $(use_enable metalink) |
148 |
+ $(use_enable nls) |
149 |
+ $(use_with adns libcares) |
150 |
+ $(use_with jemalloc) |
151 |
+ $(use_with libuv) |
152 |
+ $(use_with sqlite sqlite3) |
153 |
+ $(use_with ssh libssh2) |
154 |
+ $(use_with tcmalloc) |
155 |
+ ) |
156 |
+ |
157 |
+ # See TLS/MD logic described above deps. |
158 |
+ if use ssl && ! use gnutls; then |
159 |
+ # 1. if ssl & !gnutls, use openssl and disable gnutls |
160 |
+ myconf+=( --without-gnutls --with-openssl ) |
161 |
+ else |
162 |
+ myconf+=( |
163 |
+ # 2. otherwise, disable openssl |
164 |
+ --without-openssl |
165 |
+ # 3. if ssl & gnutls, use gnutls |
166 |
+ $(use_with ssl gnutls) |
167 |
+ |
168 |
+ # 4. switch between nettle & libgcrypt |
169 |
+ $(use_with nettle libnettle) |
170 |
+ $(use_with !nettle libgcrypt) |
171 |
+ ) |
172 |
+ |
173 |
+ # 5. if bittorrent is used along with nettle, use libgmp |
174 |
+ if use bittorrent && use nettle; then |
175 |
+ myconf+=( --with-libgmp ) |
176 |
+ else |
177 |
+ myconf+=( --without-libgmp ) |
178 |
+ fi |
179 |
+ fi |
180 |
+ |
181 |
+ # metalink+xmlrpc := libxml2 / expat |
182 |
+ # USE=(metalink || xmlrpc) |
183 |
+ # + USE=libxml2 -> libxml2 |
184 |
+ # + USE=-libxml2 -> expat |
185 |
+ |
186 |
+ if use metalink || use xmlrpc; then |
187 |
+ myconf+=( $(use_with !libxml2 libexpat) $(use_with libxml2) ) |
188 |
+ else |
189 |
+ myconf+=( --without-libexpat --without-libxml2 ) |
190 |
+ fi |
191 |
+ |
192 |
+ # Note: |
193 |
+ # - always enable gzip/http compression since zlib should always be available anyway |
194 |
+ # - always enable epoll since we can assume kernel 2.6.x |
195 |
+ # - other options for threads: solaris, pth, win32 |
196 |
+ econf "${myconf[@]}" |
197 |
+} |
198 |
+ |
199 |
+src_install() { |
200 |
+ default |
201 |
+ rm -rf "${D}"/usr/share/doc/aria2 \ |
202 |
+ "${D}"/usr/share/doc/${PF}/README{,.html} |
203 |
+ |
204 |
+ dobashcomp doc/bash_completion/aria2c |
205 |
+ use scripts && dobin doc/xmlrpc/aria2{mon,rpc} |
206 |
+} |
207 |
+ |
208 |
+pkg_postinst() { |
209 |
+ if use xmlrpc; then |
210 |
+ elog "If you would like to use the additional aria2mon and aria2rpc tools," |
211 |
+ elog "you need to have \033[1mdev-lang/ruby\033[0m installed." |
212 |
+ fi |
213 |
+} |
214 |
|
215 |
diff --git a/net-misc/aria2/metadata.xml b/net-misc/aria2/metadata.xml |
216 |
index e5e58f42b40..27fefc92719 100644 |
217 |
--- a/net-misc/aria2/metadata.xml |
218 |
+++ b/net-misc/aria2/metadata.xml |
219 |
@@ -11,10 +11,11 @@ |
220 |
</maintainer> |
221 |
<use> |
222 |
<flag name="bittorrent">Enable support for the bittorrent protocol.</flag> |
223 |
+ <flag name="gnutls">Use <pkg>net-libs/gnutls</pkg> as TLS provider (preferred). Otherwise, <pkg>dev-libs/openssl</pkg> will be used as TLS provider. Both apply only with USE=ssl.</flag> |
224 |
<flag name="libuv">Use <pkg>dev-libs/libuv</pkg> backend.</flag> |
225 |
<flag name="libxml2">Use <pkg>dev-libs/libxml2</pkg> for XML parsing (preferred) instead of <pkg>dev-libs/expat</pkg>.</flag> |
226 |
- <flag name="nettle">Use <pkg>dev-libs/nettle</pkg> and <pkg>dev-libs/gmp</pkg> for bittorrent/metalink crypto instead of <pkg>dev-libs/libgcrypt</pkg> (when <pkg>dev-libs/openssl</pkg> is not being used).</flag> |
227 |
<flag name="metalink">Enable support for metalink.</flag> |
228 |
+ <flag name="nettle">Use <pkg>dev-libs/nettle</pkg> for message digests, plus <pkg>dev-libs/gmp</pkg> for bittorrent (if enabled). If this flag is disabled, <pkg>dev-libs/libgcrypt</pkg> is used instead. This flag is ignored if <pkg>dev-libs/openssl</pkg> is used.</flag> |
229 |
<flag name="scripts">Install additional scripts which use aria2's xmlrpc functionality.</flag> |
230 |
<flag name="ssh">Enable SFTP support.</flag> |
231 |
</use> |