commit: 8f5b54c8a93ddcfda53a4275acf577ec228eb0a2 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Thu May 1 03:58:38 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Thu May 1 04:00:00 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f5b54c8
app-crypt/yubihsm-shell: add 2.6.0 Bug: https://bugs.gentoo.org/955141 Closes: https://bugs.gentoo.org/946066 Signed-off-by: Sam James <sam <AT> gentoo.org> app-crypt/yubihsm-shell/Manifest | 1 + .../yubihsm-shell-2.6.0-pcsc-lite-pkgconfig.patch | 40 ++++++++++++++++++++ ...hell-2.6.0-remove-hardcoded-compiler-opts.patch | 14 +++++++ app-crypt/yubihsm-shell/yubihsm-shell-2.6.0.ebuild | 43 ++++++++++++++++++++++ 4 files changed, 98 insertions(+) diff --git a/app-crypt/yubihsm-shell/Manifest b/app-crypt/yubihsm-shell/Manifest index 06ca5892b1cc..de17eb2b5059 100644 --- a/app-crypt/yubihsm-shell/Manifest +++ b/app-crypt/yubihsm-shell/Manifest @@ -1 +1,2 @@ DIST yubihsm-shell-2.4.0.tar.gz 334956 BLAKE2B 93a86baa1e463aa5200e31e9cc657642f37e05ec6e9897bb35f0b518df83b38c69e365766170d76aeeae6da357f3c2fce736c03665861c7ed4f2b56805a7eb3a SHA512 2b08e6e8932ff3bc12d1233d88147264a9875ce145290e29fb6b8f25eeb8e502afff9e7d02714a50454b85b0f01b09c0321d830a483d6b4f7afb962adce882d5 +DIST yubihsm-shell-2.6.0.tar.gz 426458 BLAKE2B f36a44c054fc30b548a71fc50e4fe3c59fac297d747c52b31997034b538208fc128ae1ec57a2976de247302710b44ad1f3eba518be268e5996d4c3e33069c6d8 SHA512 04335fffa110fe43df2f1e46231e0ca7fcfe4f6a7305f8630dd346f7ed5d6d57bab53f6c268010bf7358729a429b05c52ffd273fe021cf60cfe97a6941ab0f56 diff --git a/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-pcsc-lite-pkgconfig.patch b/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-pcsc-lite-pkgconfig.patch new file mode 100644 index 000000000000..1c473d2942a4 --- /dev/null +++ b/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-pcsc-lite-pkgconfig.patch @@ -0,0 +1,40 @@ +https://bugs.gentoo.org/946066 +https://github.com/Yubico/yubihsm-shell/issues/404 +https://github.com/Yubico/yubihsm-shell/pull/411 + +From 440ba3ad140732ab51bc2df56ae0c82684d02922 Mon Sep 17 00:00:00 2001 +From: Jakub Jelen <[email protected]> +Date: Tue, 30 Jul 2024 10:18:02 +0200 +Subject: [PATCH] cmake: Fix build against pcsc-lite >= 2.2 + +The pcsc-lite 2.2.0 switched from autotools to meson and reworked the +pkgconfig files. The new pkg config provides CFLAGS that work ok, but +the yubihsm-shell ignores them and hopes that all included files are in +the default include directory (with the PCSC prefix). + +Note, the value ${LIBPCSC_CFLAGS} is a semicolon separated list which +we need to split to separate items here. + +This solution works with both old and new versions. + +Fixes: #404 + +Signed-off-by: Jakub Jelen <[email protected]> +--- + CMakeLists.txt | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index acbb3926..ecf3df85 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -194,6 +194,8 @@ if(NOT BUILD_ONLY_LIB) + + if(${CMAKE_SYSTEM_NAME} MATCHES "Linux") + pkg_search_module (LIBPCSC REQUIRED libpcsclite) ++ string (REPLACE ";" " " MY_LIBPCSC_CFLAGS "${LIBPCSC_CFLAGS}") ++ string (APPEND CMAKE_C_FLAGS " ${MY_LIBPCSC_CFLAGS}") + elseif(${CMAKE_SYSTEM_NAME} MATCHES "Windows") + set (LIBPCSC_LDFLAGS "winscard.lib") + elseif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") + diff --git a/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-remove-hardcoded-compiler-opts.patch b/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-remove-hardcoded-compiler-opts.patch new file mode 100644 index 000000000000..12f7115499b5 --- /dev/null +++ b/app-crypt/yubihsm-shell/files/yubihsm-shell-2.6.0-remove-hardcoded-compiler-opts.patch @@ -0,0 +1,14 @@ +We don't want -Werror or other stuff forced on us and our toolchain already +defaults to various hardening options. +--- a/cmake/SecurityFlags.cmake ++++ b/cmake/SecurityFlags.cmake +@@ -1,8 +1,6 @@ + include(CheckCCompilerFlag) + +-if (CMAKE_C_COMPILER_ID STREQUAL "Clang" OR +- CMAKE_C_COMPILER_ID STREQUAL "AppleClang" OR +- CMAKE_C_COMPILER_ID STREQUAL "GNU") ++if (FALSE) + + add_compile_options (-Wall -Wextra -Werror) + add_compile_options (-Wformat -Wformat-nonliteral -Wformat-security) diff --git a/app-crypt/yubihsm-shell/yubihsm-shell-2.6.0.ebuild b/app-crypt/yubihsm-shell/yubihsm-shell-2.6.0.ebuild new file mode 100644 index 000000000000..e3ab00ef57ef --- /dev/null +++ b/app-crypt/yubihsm-shell/yubihsm-shell-2.6.0.ebuild @@ -0,0 +1,43 @@ +# Copyright 2023-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake + +DESCRIPTION="Components used to interact with the YubiHSM 2" +HOMEPAGE="https://developers.yubico.com/yubihsm-shell/"; +SRC_URI="https://developers.yubico.com/${PN}/Releases/${P}.tar.gz"; + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" +RESTRICT="test" + +DEPEND=" + dev-libs/openssl:= + net-misc/curl + dev-libs/libedit + sys-apps/pcsc-lite + virtual/libusb:1 +" +RDEPEND="${DEPEND}" +BDEPEND=" + dev-util/gengetopt + sys-apps/help2man + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}"/${PN}-2.6.0-pcsc-lite-pkgconfig.patch + "${FILESDIR}"/${PN}-2.6.0-remove-hardcoded-compiler-opts.patch +) + +src_configure() { + local mycmakeargs=( + # Allow users to set this, don't force it. + -DDISABLE_LTO=ON + ) + + cmake_src_configure +}
