commit: 3fe8e9910002b6523d995512a646b063565d0447 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Fri Jan 4 20:51:46 2019 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Fri Jan 4 20:54:06 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3fe8e991
sys-block/partimage: add OpenSSL 1.1+ compatibility - EAPI bumped to EAPI=6 - OpenSSL 1.1+ compatibility added Closes: https://bugs.gentoo.org/674074 Package-Manager: Portage-2.3.53, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> ...partimage-0.6.9-openssl-1.1-compatibility.patch | 41 ++++++ sys-block/partimage/partimage-0.6.9-r1.ebuild | 144 +++++++++++++++++++++ 2 files changed, 185 insertions(+) diff --git a/sys-block/partimage/files/partimage-0.6.9-openssl-1.1-compatibility.patch b/sys-block/partimage/files/partimage-0.6.9-openssl-1.1-compatibility.patch new file mode 100644 index 00000000000..af4d9c153df --- /dev/null +++ b/sys-block/partimage/files/partimage-0.6.9-openssl-1.1-compatibility.patch @@ -0,0 +1,41 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -240,7 +240,7 @@ if test "$SSL" = "yes"; then + AC_CHECKING([ for SSL Library and Header files ... ]) + AC_SEARCH_HEADERS(rsa.h crypto.h x509.h pem.h ssl.h err.h, + $SSL_HDR_DIR /usr/include/ssl /usr/include/openssl /usr/include, +- [ AC_CHECK_LIB(crypto, CRYPTO_lock, [LIBS="$LIBS -lcrypto"], ++ [ AC_CHECK_LIB(crypto, X509_new, [LIBS="$LIBS -lcrypto"], + AC_MSG_ERROR([ Required for SSL Crypto Library not found. ]) + ) + AC_CHECK_LIB(ssl, SSL_CTX_new, +--- a/src/client/netclient.cpp ++++ b/src/client/netclient.cpp +@@ -43,7 +43,11 @@ CNetClient::CNetClient(bool bMustLogin, bool bUseSSL):CNet() + { + showDebug(3, "initializing client ssl\n"); + SSLeay_add_ssl_algorithms(); +- meth = SSLv2_client_method(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000 ++ meth = TLSv1_client_method(); ++#else ++ meth = TLS_client_method(); ++#endif + SSL_load_error_strings(); + ctx = SSL_CTX_new(meth); + if (!ctx) +--- a/src/server/netserver.cpp ++++ b/src/server/netserver.cpp +@@ -39,7 +39,11 @@ CNetServer::CNetServer(unsigned short int port):CNet() + { + SSL_load_error_strings(); + SSLeay_add_ssl_algorithms(); +- meth = SSLv23_server_method(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000 ++ meth = TLSv1_server_method(); ++#else ++ meth = TLS_server_method(); ++#endif + ctx = SSL_CTX_new(meth); + if (!ctx) + { diff --git a/sys-block/partimage/partimage-0.6.9-r1.ebuild b/sys-block/partimage/partimage-0.6.9-r1.ebuild new file mode 100644 index 00000000000..5828263d381 --- /dev/null +++ b/sys-block/partimage/partimage-0.6.9-r1.ebuild @@ -0,0 +1,144 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit autotools flag-o-matic pam user + +DESCRIPTION="Console-based application to efficiently save raw partition data to image file" +HOMEPAGE="http://www.partimage.org/"; +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="nls nologin pam ssl static" + +LIBS_DEPEND="app-arch/bzip2 + >=dev-libs/newt-0.52 + >=sys-libs/slang-2 + sys-libs/zlib:= + ssl? ( dev-libs/openssl:0= )" +PAM_DEPEND="!static? ( pam? ( virtual/pam ) )" +RDEPEND="${PAM_DEPEND} + !static? ( ${LIBS_DEPEND} )" +DEPEND="${PAM_DEPEND} + ${LIBS_DEPEND} + nls? ( sys-devel/gettext )" + +pkg_setup() { + enewgroup partimag 91 + enewuser partimag 91 -1 /var/lib/partimage partimag +} + +src_prepare() { + eapply -p0 "${FILESDIR}"/${P}-zlib-1.2.5.2.patch #405323 + eapply "${FILESDIR}"/${P}-minor-typo.patch #580290 + eapply "${FILESDIR}"/${P}-openssl-1.1-compatibility.patch + + eapply_user + + eautoreconf +} + +src_configure() { + # XXX: Do we still need these? + filter-flags -fno-exceptions + use ppc && append-flags -fsigned-char + + local myconf + + use nologin && myconf="${myconf} --disable-login" + + if use pam && ! use static; then + myconf="${myconf} --enable-pam" + fi + + econf \ + --docdir="${EPREFIX%/}"/usr/share/doc/${PF} \ + --sysconfdir="${EPREFIX%/}"/etc \ + $(use_enable nls) \ + $(use_enable ssl) \ + --disable-pam \ + $(use_enable static all-static) \ + --with-log-dir="${EPREFIX%/}"/var/log/partimage \ + ${myconf} +} + +src_install() { + default + + keepdir /var/lib/partimage + keepdir /var/log/partimage + + newinitd "${FILESDIR}"/partimaged.init.2 partimaged + newconfd "${FILESDIR}"/partimaged.conf partimaged + + if use ssl; then + insinto /etc/partimaged + doins "${FILESDIR}"/servercert.cnf + fi + + if use pam; then + newpamd "${FILESDIR}"/partimaged.pam.2 partimaged + fi +} + +confdir=${EROOT%/}/etc/partimaged +privkey=${confdir}/partimaged.key +cnf=${confdir}/servercert.cnf +csr=${confdir}/partimaged.csr +cert=${confdir}/partimaged.cert + +pkg_config() { + if use ssl; then + ewarn "Please customize /etc/partimaged/servercert.cnf before you continue!" + ewarn "Press Ctrl-C to break now for it, or press enter to continue." + read + if [ ! -f ${privkey} ]; then + einfo "Generating unencrypted private key: ${privkey}" + openssl genrsa -out ${privkey} 1024 || die + else + einfo "Private key already exists: ${privkey}" + fi + if [ ! -f ${csr} ]; then + einfo "Generating certificate request: ${csr}" + openssl req -new -x509 -outform PEM -out ${csr} -key ${privkey} -config ${cnf} || die + else + einfo "Certificate request already exists: ${csr}" + fi + if [ ! -f ${cert} ]; then + einfo "Generating self-signed certificate: ${cert}" + openssl x509 -in ${csr} -out ${cert} -signkey ${privkey} || die + else + einfo "Self-signed certifcate already exists: ${cert}" + fi + einfo "Setting permissions" + partimagesslperms || die + einfo "Done" + else + einfo "SSL is disabled, not building certificates" + fi +} + +partimagesslperms() { + local ret=0 + chmod 600 ${privkey} 2>/dev/null + ret=$((${ret}+$?)) + chown partimag:0 ${privkey} 2>/dev/null + ret=$((${ret}+$?)) + chmod 644 ${cert} ${csr} 2>/dev/null + ret=$((${ret}+$?)) + chown root:0 ${cert} ${csr} 2>/dev/null + ret=$((${ret}+$?)) + return $ret +} + +pkg_postinst() { + if use ssl; then + einfo "To create the required SSL certificates, please do:" + einfo "emerge --config =${PF}" + partimagesslperms + return 0 + fi + chown partimag:0 "${EROOT%/}"/etc/partimaged/partimagedusers || die +}
