diff options
| author |   Azamat H. Hackimov <azamat.hackimov@gmail.com> | 2024-04-12 03:33:21 +0300 |
|---|---|---|
| committer |   Viorel Munteanu <ceamac@gentoo.org> | 2024-05-27 13:51:31 +0300 |
| commit | 2c83922e6bd0289e72494a6f513986f94fa2f2bd (patch) | |
| tree | 978eadd44601127d441c9dd5749233ba8422793e /net-libs | |
| parent | dev-libs/opensc: drop 0.24.0, 0.25.0, 0.25.0-r1 (diff) | |
| download | gentoo-2c83922e6bd0289e72494a6f513986f94fa2f2bd.tar.gz gentoo-2c83922e6bd0289e72494a6f513986f94fa2f2bd.tar.bz2 gentoo-2c83922e6bd0289e72494a6f513986f94fa2f2bd.zip | |
net-libs/mbedtls: add 2.28.8
Fixes CVE-2024-28960.
Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com>
Signed-off-by: Viorel Munteanu <ceamac@gentoo.org>
Diffstat (limited to 'net-libs')
| -rw-r--r-- | net-libs/mbedtls/Manifest | 1 | ||||
| -rw-r--r-- | net-libs/mbedtls/mbedtls-2.28.8.ebuild | 103 |
2 files changed, 104 insertions, 0 deletions
diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest index b424ead33b61..3894c8d34fe7 100644 --- a/net-libs/mbedtls/Manifest +++ b/net-libs/mbedtls/Manifest @@ -1,3 +1,4 @@ DIST mbedtls-2.28.5.tar.gz 4005000 BLAKE2B 755287e1a1e0be5d193a8a184a9ae3ab2b6c216235657f7f2e422fe06226cd4c7d11811bcb53519018137e7ed838b241704c955872e28f133bb17a5f42222acb SHA512 339911d244b4e6e4d77b344c796f018d9ad4c56249530b8a56e0dc305ddf30bc709dca96a19c5a06710e92d167ef22893e9e17e20837e9daee0d0be00a8ccae9 DIST mbedtls-2.28.7.tar.gz 3990571 BLAKE2B 91a11d9d56fc058c3aef797e644c2c141cd70dc96716e75d9074de89717298a10c93e403a2fed9ae6f34c7549753a70d61b6602fbc21bc568c2e260d4f369f65 SHA512 1cf6722d60a49375f857c8d84f06dbb50ea08accaa12b329d75a93b959aef382410e7b6e0a1511407402b3eec5e2208eaf5e9fc2c8574ed0f8f44234bc4401b3 +DIST mbedtls-2.28.8.tar.bz2 3343796 BLAKE2B 1efde6698662873c40df9733bae902db4e009f3dd26a937e05707ca1a208b71675df0737b44b5895a60cfbf42f18f92dae88cba62f32b55733947b9c0481880e SHA512 c8e91ec50ab2caf1f33e907279dc30fca2a8cd97e6e531be857149589e52aeffb95b445b2a9fa674886f0071f446381da3bb8107f7e850f3390128b069ac9ea7 DIST mbedtls-3.5.2.tar.gz 5584711 BLAKE2B f1d0e7368ad156cc5cde4cd396ccaf3e1cacfda38f7d7ee89c908245944d22152d141928e8aeebd298437079e7fdb74207875e2f48ce3ef1a6f5fb8840b19df3 SHA512 99f4110d8410415982cb9b71994b069e4d2f89841decccc68b629250c7497c10d5e3ffe867c4ac1518ec7d6edd9703c38fd8afb6c238e9e0e7132def2b09b4e3 diff --git a/net-libs/mbedtls/mbedtls-2.28.8.ebuild b/net-libs/mbedtls/mbedtls-2.28.8.ebuild new file mode 100644 index 000000000000..3a5fad9968c5 --- /dev/null +++ b/net-libs/mbedtls/mbedtls-2.28.8.ebuild @@ -0,0 +1,103 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit cmake multilib-minimal python-any-r1 + +DESCRIPTION="Cryptographic library for embedded systems" +HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/" +SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/v${PV}/${P}.tar.bz2" + +LICENSE="|| ( Apache-2.0 GPL-2+ )" +SLOT="0/7.14.1" # ffmpeg subslot naming: SONAME tuple of {libmbedcrypto.so,libmbedtls.so,libmbedx509.so} +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="cmac cpu_flags_x86_sse2 doc havege programs static-libs test threads zlib" +RESTRICT="!test? ( test )" + +RDEPEND=" + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + doc? ( + app-text/doxygen + media-gfx/graphviz + ) + test? ( dev-lang/perl ) +" + +enable_mbedtls_option() { + local myopt="$@" + # check that config.h syntax is the same at version bump + sed -i \ + -e "s://#define ${myopt}:#define ${myopt}:" \ + include/mbedtls/config.h || die +} + +src_prepare() { + use cmac && enable_mbedtls_option MBEDTLS_CMAC_C + use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2 + use zlib && enable_mbedtls_option MBEDTLS_ZLIB_SUPPORT + use havege && enable_mbedtls_option MBEDTLS_HAVEGE_C + use threads && enable_mbedtls_option MBEDTLS_THREADING_C + use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD + + cmake_src_prepare +} + +multilib_src_configure() { + local mycmakeargs=( + -DENABLE_PROGRAMS=$(multilib_native_usex programs) + -DENABLE_TESTING=$(usex test) + -DENABLE_ZLIB_SUPPORT=$(usex zlib) + -DINSTALL_MBEDTLS_HEADERS=ON + -DLIB_INSTALL_DIR="${EPREFIX}/usr/$(get_libdir)" + -DLINK_WITH_PTHREAD=$(usex threads) + -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946 + -DUSE_SHARED_MBEDTLS_LIBRARY=ON + -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs) + ) + + cmake_src_configure +} + +multilib_src_compile() { + cmake_src_compile + use doc && multilib_is_native_abi && emake -C "${S}" apidoc +} + +multilib_src_test() { + # Disable parallel run, bug #718390 + # https://github.com/Mbed-TLS/mbedtls/issues/4980 + LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \ + cmake_src_test -j1 +} + +multilib_src_install() { + cmake_src_install +} + +multilib_src_install_all() { + use doc && HTML_DOCS=( apidoc ) + + einstalldocs + + if use programs ; then + # avoid file collisions with sys-apps/coreutils + local p e + for p in "${ED}"/usr/bin/* ; do + if [[ -x "${p}" && ! -d "${p}" ]] ; then + mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die + fi + done + for e in aes hash pkey ssl test ; do + docinto "${e}" + dodoc programs/"${e}"/*.c + dodoc programs/"${e}"/*.txt + done + fi +} |