commit: 163afe017bcc932e043a5422af897e5073df37da Author: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com> AuthorDate: Wed Feb 27 03:35:45 2019 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Sat Mar 2 17:46:04 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=163afe01
app-admin/sudo: add USE=system-digest & USE=libressl Add system-digest USE flag for building with support of using message digest functions from libgcrypt, LibreSSL or OpenSSL, depending on USE gcrypt or libressl, instead of sudo's own implementation. Minor amend of USE flag descriptions as per descriptions from sudo's configure.ac and ChangeLog. Closes: https://bugs.gentoo.org/678888 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11168 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> app-admin/sudo/metadata.xml | 9 +++++++-- app-admin/sudo/sudo-1.8.27-r1.ebuild | 20 +++++++++++++++----- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/app-admin/sudo/metadata.xml b/app-admin/sudo/metadata.xml index de20459ab49..8e31d55ef94 100644 --- a/app-admin/sudo/metadata.xml +++ b/app-admin/sudo/metadata.xml @@ -12,12 +12,17 @@ arguments. </longdescription> <use> - <flag name="gcrypt">Use SHA2 from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's internal SHA2</flag> + <flag name="gcrypt">Use message digest functions from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's</flag> + <flag name="libressl">Use message digest functions from <pkg>dev-libs/libressl</pkg> instead of sudo's</flag> <flag name="offensive">Let sudo print insults when the user types the wrong password</flag> - <flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag> + <flag name="openssl">Use message digest functions from <pkg>dev-libs/openssl</pkg> instead of sudo's</flag> <flag name="sendmail">Allow sudo to send emails with sendmail</flag> <flag name="sssd">Add System Security Services Daemon support</flag> <flag name="secure-path">Replace PATH variable with compile time secure paths</flag> + <flag name="system-digest"> + Use message digest functions from <pkg>dev-libs/libgcrypt</pkg>, <pkg>dev-libs/libressl</pkg> + or <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2 implementation + </flag> </use> <upstream> <remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id> diff --git a/app-admin/sudo/sudo-1.8.27-r1.ebuild b/app-admin/sudo/sudo-1.8.27-r1.ebuild index 39da1e74a42..7dded75d56c 100644 --- a/app-admin/sudo/sudo-1.8.27-r1.ebuild +++ b/app-admin/sudo/sudo-1.8.27-r1.ebuild @@ -31,20 +31,25 @@ fi # 3-clause BSD license LICENSE="ISC BSD" SLOT="0" -IUSE="gcrypt ldap nls offensive openssl pam sasl +secure-path selinux +sendmail skey sssd" +IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest" CDEPEND=" sys-libs/zlib:= - gcrypt? ( dev-libs/libgcrypt:= ) ldap? ( >=net-nds/openldap-2.1.30-r1 dev-libs/cyrus-sasl ) - openssl? ( dev-libs/openssl:0= ) pam? ( virtual/pam ) sasl? ( dev-libs/cyrus-sasl ) skey? ( >=sys-auth/skey-1.1.5-r1 ) sssd? ( sys-auth/sssd[sudo] ) + system-digest? ( + gcrypt? ( dev-libs/libgcrypt:= ) + !gcrypt? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + ) + ) " RDEPEND=" ${CDEPEND} @@ -65,7 +70,6 @@ S="${WORKDIR}/${MY_P}" REQUIRED_USE=" pam? ( !skey ) skey? ( !pam ) - ?? ( gcrypt openssl ) " MAKEOPTS+=" SAMPLES=" @@ -145,7 +149,6 @@ src_configure() { --without-opie $(use_enable gcrypt) $(use_enable nls) - $(use_enable openssl) $(use_enable sasl) $(use_with offensive insults) $(use_with offensive all-insults) @@ -157,6 +160,13 @@ src_configure() { $(use_with selinux) $(use_with sendmail) ) + + if use system-digest && ! use gcrypt; then + myeconfargs+=("--enable-openssl") + else + myeconfargs+=("--disable-openssl") + fi + econf "${myeconfargs[@]}" }