| 1 |
commit: f0db5fca5c8c169394688d630e5dd6cd46afd2e9 |
| 2 |
Author: Salah Coronya <salah.coronya <AT> gmail <DOT> com> |
| 3 |
AuthorDate: Wed Jul 22 04:26:49 2020 +0000 |
| 4 |
Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Aug 5 12:18:39 2020 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f0db5fca |
| 7 |
|
| 8 |
app-crypt/swtpm: Bump to 0.3.2 |
| 9 |
|
| 10 |
Closes: https://bugs.gentoo.org/733400 |
| 11 |
Package-Manager: Portage-2.3.103, Repoman-2.3.23 |
| 12 |
Signed-off-by: Salah Coronya <salah.coronya <AT> gmail.com> |
| 13 |
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> |
| 14 |
|
| 15 |
app-crypt/swtpm/Manifest | 1 + |
| 16 |
...xplicitly-link-libswtpm_libtpms-with-lcry.patch | 49 +++++++++++++ |
| 17 |
...se-AC_COMPILE_IFELSE-to-check-for-unused-.patch | 56 +++++++++++++++ |
| 18 |
app-crypt/swtpm/swtpm-0.3.2.ebuild | 82 ++++++++++++++++++++++ |
| 19 |
4 files changed, 188 insertions(+) |
| 20 |
|
| 21 |
diff --git a/app-crypt/swtpm/Manifest b/app-crypt/swtpm/Manifest |
| 22 |
index ebc321991da..c4ace87338a 100644 |
| 23 |
--- a/app-crypt/swtpm/Manifest |
| 24 |
+++ b/app-crypt/swtpm/Manifest |
| 25 |
@@ -1 +1,2 @@ |
| 26 |
DIST swtpm-0.3.1.tar.gz 308576 BLAKE2B 96c44654b92d453d91594aed6fdd4cb56853973c1215bfb131e750d38a3ed1e64e3283647e54ad9ad84747406f53d7ac4f221fc5b319d7fa80bab758fed04062 SHA512 4b3e58048336ee82a87d17905a7d0dc5fbe13160ebb8f072b91410e782dae7fafc72e572a2f6aa2b1d9f4377074c01afd30505b9e71d92b8d7066365811d3e3f |
| 27 |
+DIST swtpm-0.3.2.tar.gz 308843 BLAKE2B 501c600e36a437fc99f662f1c217169cab15b0d4ec4a4551a29dd83541c9718e182c7eb13a43e541da453fc28c48232354b617525e32d9721e697744eaa5a17a SHA512 5da668cd8091f0db70bec52cd8d26bacf7b18e4c27c83c1cba25e59c69bb2ba7a1d011d9bf4bafa44e1a49065538445eb56683806be6f1875cba383f8edb6a4f |
| 28 |
|
| 29 |
diff --git a/app-crypt/swtpm/files/swtpm-build-sys-Explicitly-link-libswtpm_libtpms-with-lcry.patch b/app-crypt/swtpm/files/swtpm-build-sys-Explicitly-link-libswtpm_libtpms-with-lcry.patch |
| 30 |
new file mode 100644 |
| 31 |
index 00000000000..d4ad9cda0c2 |
| 32 |
--- /dev/null |
| 33 |
+++ b/app-crypt/swtpm/files/swtpm-build-sys-Explicitly-link-libswtpm_libtpms-with-lcry.patch |
| 34 |
@@ -0,0 +1,49 @@ |
| 35 |
+From d9bc718871810d18c70ba9d4e9ee23071bd6db36 Mon Sep 17 00:00:00 2001 |
| 36 |
+From: Stefan Berger <stefanb@××××××××××××××.com> |
| 37 |
+Date: Tue, 21 Jul 2020 18:39:07 -0400 |
| 38 |
+Subject: [PATCH 2/2] build-sys: Explicitly link libswtpm_libtpms with -lcrypto |
| 39 |
+ (Gentoo) |
| 40 |
+ |
| 41 |
+This patch fixes the following linker issue reported for Gentoo in |
| 42 |
+issue #280. |
| 43 |
+ |
| 44 |
+ld.lld: error: /var/tmp/portage/app-crypt/swtpm-0.3.1-r1/work/swtpm-0.3.1/src/swtpm/.libs/libswtpm_libtpms.so: undefined reference to EVP_sha512 |
| 45 |
+ld.lld: error: /var/tmp/portage/app-crypt/swtpm-0.3.1-r1/work/swtpm-0.3.1/src/swtpm/.libs/libswtpm_libtpms.so: undefined reference to PKCS5_PBKDF2_HMAC |
| 46 |
+ld.lld: error: /var/tmp/portage/app-crypt/swtpm-0.3.1-r1/work/swtpm-0.3.1/src/swtpm/.libs/libswtpm_libtpms.so: undefined reference to SHA512 |
| 47 |
+ |
| 48 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
| 49 |
+--- |
| 50 |
+ configure.ac | 2 ++ |
| 51 |
+ src/swtpm/Makefile.am | 3 ++- |
| 52 |
+ 2 files changed, 4 insertions(+), 1 deletion(-) |
| 53 |
+ |
| 54 |
+diff --git a/configure.ac b/configure.ac |
| 55 |
+index 56d3f09..7aaa201 100644 |
| 56 |
+--- a/configure.ac |
| 57 |
++++ b/configure.ac |
| 58 |
+@@ -150,6 +150,8 @@ openssl) |
| 59 |
+ AC_CHECK_HEADERS([openssl/aes.h],[], |
| 60 |
+ AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?)) |
| 61 |
+ AC_MSG_RESULT([Building with openssl crypto library]) |
| 62 |
++ LIBCRYPTO_LIBS=$(pkg-config --libs libcrypto) |
| 63 |
++ AC_SUBST([LIBCRYPTO_LIBS]) |
| 64 |
+ ;; |
| 65 |
+ esac |
| 66 |
+ |
| 67 |
+diff --git a/src/swtpm/Makefile.am b/src/swtpm/Makefile.am |
| 68 |
+index dd2a63a..b5f15e3 100644 |
| 69 |
+--- a/src/swtpm/Makefile.am |
| 70 |
++++ b/src/swtpm/Makefile.am |
| 71 |
+@@ -69,7 +69,8 @@ libswtpm_libtpms_la_LIBADD = \ |
| 72 |
+ $(LIBTPMS_LIBS) \ |
| 73 |
+ $(GLIB_LIBS) \ |
| 74 |
+ $(LIBRT_LIBS) \ |
| 75 |
+- $(LIBSECCOMP_LIBS) |
| 76 |
++ $(LIBSECCOMP_LIBS) \ |
| 77 |
++ $(LIBCRYPTO_LIBS) |
| 78 |
+ |
| 79 |
+ bin_PROGRAMS = swtpm |
| 80 |
+ if WITH_CUSE |
| 81 |
+-- |
| 82 |
+2.26.2 |
| 83 |
+ |
| 84 |
|
| 85 |
diff --git a/app-crypt/swtpm/files/swtpm-build-sys-Use-AC_COMPILE_IFELSE-to-check-for-unused-.patch b/app-crypt/swtpm/files/swtpm-build-sys-Use-AC_COMPILE_IFELSE-to-check-for-unused-.patch |
| 86 |
new file mode 100644 |
| 87 |
index 00000000000..58219970805 |
| 88 |
--- /dev/null |
| 89 |
+++ b/app-crypt/swtpm/files/swtpm-build-sys-Use-AC_COMPILE_IFELSE-to-check-for-unused-.patch |
| 90 |
@@ -0,0 +1,56 @@ |
| 91 |
+From b6d16129a525f572ef37d20ba1cd70d59ca4f079 Mon Sep 17 00:00:00 2001 |
| 92 |
+From: Stefan Berger <stefanb@××××××××××××××.com> |
| 93 |
+Date: Tue, 21 Jul 2020 17:38:10 -0400 |
| 94 |
+Subject: [PATCH 1/2] build-sys: Use AC_COMPILE_IFELSE to check for unused |
| 95 |
+ linker flags (clang) |
| 96 |
+ |
| 97 |
+This patch fixes a clang issue report in issue #280. |
| 98 |
+ |
| 99 |
+clang does not use ld, so we cannot grep for support of certain linker |
| 100 |
+flags but have to test-compile. |
| 101 |
+ |
| 102 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
| 103 |
+--- |
| 104 |
+ configure.ac | 26 +++++++++++++++++++------- |
| 105 |
+ 1 file changed, 19 insertions(+), 7 deletions(-) |
| 106 |
+ |
| 107 |
+diff --git a/configure.ac b/configure.ac |
| 108 |
+index b4d4258..56d3f09 100644 |
| 109 |
+--- a/configure.ac |
| 110 |
++++ b/configure.ac |
| 111 |
+@@ -357,13 +357,25 @@ if test "x$enable_hardening" != "xno"; then |
| 112 |
+ if test -z "$TMP1" && test -n "$TPM2"; then |
| 113 |
+ HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2 " |
| 114 |
+ fi |
| 115 |
+- dnl Check ld for 'relro' and 'now' |
| 116 |
+- if $LD --help 2>&1 | $GREP '\-z relro ' > /dev/null; then |
| 117 |
+- HARDENING_CFLAGS="$HARDENING_CFLAGS -Wl,-z,relro " |
| 118 |
+- fi |
| 119 |
+- if $LD --help 2>&1 | $GREP '\-z now ' > /dev/null; then |
| 120 |
+- HARDENING_CFLAGS="$HARDENING_CFLAGS -Wl,-z,now " |
| 121 |
+- fi |
| 122 |
++ dnl Check linker for 'relro' and 'now' |
| 123 |
++ save_CFLAGS="$CFLAGS" |
| 124 |
++ CFLAGS="-Wl,-z,relro -Werror" |
| 125 |
++ AC_MSG_CHECKING([whether linker supports -Wl,-z,relro]) |
| 126 |
++ AC_COMPILE_IFELSE( |
| 127 |
++ [AC_LANG_SOURCE([[int main() { return 0; }]])], |
| 128 |
++ [HARDENING_CFLAGS="$HARDENING_CFLAGS -Wl,-z,relro" |
| 129 |
++ AC_MSG_RESULT(yes)], |
| 130 |
++ [AC_MSG_RESULT(no)] |
| 131 |
++ ) |
| 132 |
++ CFLAGS="-Wl,-z,now -Werror" |
| 133 |
++ AC_MSG_CHECKING([whether linker supports -Wl,-z,now]) |
| 134 |
++ AC_COMPILE_IFELSE( |
| 135 |
++ [AC_LANG_SOURCE([[int main() { return 0; }]])], |
| 136 |
++ [HARDENING_CFLAGS="$HARDENING_CFLAGS -Wl,-z,now" |
| 137 |
++ AC_MSG_RESULT(yes)], |
| 138 |
++ [AC_MSG_RESULT(no)] |
| 139 |
++ ) |
| 140 |
++ CFLAGS="$save_CFLAGS" |
| 141 |
+ AC_SUBST([HARDENING_CFLAGS]) |
| 142 |
+ fi |
| 143 |
+ |
| 144 |
+-- |
| 145 |
+2.26.2 |
| 146 |
+ |
| 147 |
|
| 148 |
diff --git a/app-crypt/swtpm/swtpm-0.3.2.ebuild b/app-crypt/swtpm/swtpm-0.3.2.ebuild |
| 149 |
new file mode 100644 |
| 150 |
index 00000000000..00ff234d61a |
| 151 |
--- /dev/null |
| 152 |
+++ b/app-crypt/swtpm/swtpm-0.3.2.ebuild |
| 153 |
@@ -0,0 +1,82 @@ |
| 154 |
+# Copyright 1999-2020 Gentoo Authors |
| 155 |
+# Distributed under the terms of the GNU General Public License v2 |
| 156 |
+ |
| 157 |
+EAPI=7 |
| 158 |
+ |
| 159 |
+PYTHON_COMPAT=( python3_{6,7,8} ) |
| 160 |
+ |
| 161 |
+inherit autotools python-any-r1 |
| 162 |
+ |
| 163 |
+DESCRIPTION="Libtpms-based TPM emulator" |
| 164 |
+HOMEPAGE="https://github.com/stefanberger/swtpm" |
| 165 |
+SRC_URI="https://github.com/stefanberger/swtpm/archive/v${PV}.tar.gz -> ${P}.tar.gz" |
| 166 |
+ |
| 167 |
+LICENSE="BSD" |
| 168 |
+SLOT="0" |
| 169 |
+KEYWORDS="~amd64" |
| 170 |
+IUSE="fuse gnutls libressl seccomp test" |
| 171 |
+ |
| 172 |
+RESTRICT="!test? ( test )" |
| 173 |
+ |
| 174 |
+COMMON_DEPEND=" |
| 175 |
+ fuse? ( |
| 176 |
+ dev-libs/glib:2 |
| 177 |
+ sys-fs/fuse:0 |
| 178 |
+ ) |
| 179 |
+ gnutls? ( |
| 180 |
+ dev-libs/libtasn1:= |
| 181 |
+ >=net-libs/gnutls-3.1.0[tools] |
| 182 |
+ ) |
| 183 |
+ !libressl? ( |
| 184 |
+ dev-libs/openssl:0= |
| 185 |
+ dev-libs/libtpms[-libressl] |
| 186 |
+ ) |
| 187 |
+ libressl? ( |
| 188 |
+ dev-libs/libressl:0= |
| 189 |
+ dev-libs/libtpms[libressl] |
| 190 |
+ ) |
| 191 |
+ seccomp? ( sys-libs/libseccomp ) |
| 192 |
+" |
| 193 |
+ |
| 194 |
+DEPEND="${COMMON_DEPEND} |
| 195 |
+ test? ( |
| 196 |
+ net-misc/socat |
| 197 |
+ ${PYTHON_DEPS} |
| 198 |
+ ) |
| 199 |
+" |
| 200 |
+ |
| 201 |
+RDEPEND="${COMMON_DEPEND} |
| 202 |
+ acct-group/tss |
| 203 |
+ acct-user/tss |
| 204 |
+ app-crypt/tpm-tools |
| 205 |
+ app-crypt/trousers |
| 206 |
+ dev-tcltk/expect" |
| 207 |
+ |
| 208 |
+PATCHES=( |
| 209 |
+ "${FILESDIR}/${PN}-fix-localca-path.patch" |
| 210 |
+ "${FILESDIR}/${PN}-build-sys-Explicitly-link-libswtpm_libtpms-with-lcry.patch" |
| 211 |
+ "${FILESDIR}/${PN}-build-sys-Use-AC_COMPILE_IFELSE-to-check-for-unused-.patch" |
| 212 |
+ ) |
| 213 |
+ |
| 214 |
+src_prepare() { |
| 215 |
+ use test || eapply "${FILESDIR}/${PN}-disable-test-dependencies.patch" |
| 216 |
+ default |
| 217 |
+ eautoreconf |
| 218 |
+} |
| 219 |
+ |
| 220 |
+src_configure() { |
| 221 |
+ econf \ |
| 222 |
+ --disable-static \ |
| 223 |
+ --with-openssl \ |
| 224 |
+ --without-selinux \ |
| 225 |
+ $(use_with fuse cuse) \ |
| 226 |
+ $(use_with gnutls) \ |
| 227 |
+ $(use_with seccomp) |
| 228 |
+} |
| 229 |
+ |
| 230 |
+src_install() { |
| 231 |
+ default |
| 232 |
+ fowners tss:tss /var/lib/swtpm-localca |
| 233 |
+ keepdir /var/lib/swtpm-localca |
| 234 |
+ find "${D}" -name '*.la' -delete || die |
| 235 |
+} |
Archives