[gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/

Mon, 27 May 2024 03:58:35 -0700 

commit:     301391a39941f49b90327ce22bfe2de1a3b7f80e
Author:     Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Fri Apr 12 00:35:23 2024 +0000
Commit:     Viorel Munteanu <ceamac <AT> gentoo <DOT> org>
CommitDate: Mon May 27 10:51:32 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=301391a3

net-libs/mbedtls: add 3.6.0

Fixes CVE-2024-28960.

Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com>
Signed-off-by: Viorel Munteanu <ceamac <AT> gentoo.org>

 net-libs/mbedtls/Manifest             |  1 +
 net-libs/mbedtls/mbedtls-3.6.0.ebuild | 95 +++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+)

diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest
index 3894c8d34fe7..2eef247ddfff 100644
--- a/net-libs/mbedtls/Manifest
+++ b/net-libs/mbedtls/Manifest
@@ -2,3 +2,4 @@ DIST mbedtls-2.28.5.tar.gz 4005000 BLAKE2B 
755287e1a1e0be5d193a8a184a9ae3ab2b6c2
 DIST mbedtls-2.28.7.tar.gz 3990571 BLAKE2B 
91a11d9d56fc058c3aef797e644c2c141cd70dc96716e75d9074de89717298a10c93e403a2fed9ae6f34c7549753a70d61b6602fbc21bc568c2e260d4f369f65
 SHA512 
1cf6722d60a49375f857c8d84f06dbb50ea08accaa12b329d75a93b959aef382410e7b6e0a1511407402b3eec5e2208eaf5e9fc2c8574ed0f8f44234bc4401b3
 DIST mbedtls-2.28.8.tar.bz2 3343796 BLAKE2B 
1efde6698662873c40df9733bae902db4e009f3dd26a937e05707ca1a208b71675df0737b44b5895a60cfbf42f18f92dae88cba62f32b55733947b9c0481880e
 SHA512 
c8e91ec50ab2caf1f33e907279dc30fca2a8cd97e6e531be857149589e52aeffb95b445b2a9fa674886f0071f446381da3bb8107f7e850f3390128b069ac9ea7
 DIST mbedtls-3.5.2.tar.gz 5584711 BLAKE2B 
f1d0e7368ad156cc5cde4cd396ccaf3e1cacfda38f7d7ee89c908245944d22152d141928e8aeebd298437079e7fdb74207875e2f48ce3ef1a6f5fb8840b19df3
 SHA512 
99f4110d8410415982cb9b71994b069e4d2f89841decccc68b629250c7497c10d5e3ffe867c4ac1518ec7d6edd9703c38fd8afb6c238e9e0e7132def2b09b4e3
+DIST mbedtls-3.6.0.tar.bz2 4811255 BLAKE2B 
d453f072c39aa2ca5669f0fe84ab01ea826a98e1e48b59b5a788e3ae948c33500e8e0565ed6481ef049ee3efc72eb92828c9d08f5606766cb6c9dbde749459b8
 SHA512 
5c395890d486144af882aa96c9430103f79df889139969a64a490c0cafbdd5631a72bb668aa59b062204f19a5bb36dfcc5a096b59d76c7ef27f2560cd2388682

diff --git a/net-libs/mbedtls/mbedtls-3.6.0.ebuild 
b/net-libs/mbedtls/mbedtls-3.6.0.ebuild
new file mode 100644
index 000000000000..4930d2404ccf
--- /dev/null
+++ b/net-libs/mbedtls/mbedtls-3.6.0.ebuild
@@ -0,0 +1,95 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit cmake multilib-minimal python-any-r1
+
+DESCRIPTION="Cryptographic library for embedded systems"
+HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/";
+SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/v${PV}/${P}.tar.bz2";
+
+LICENSE="|| ( Apache-2.0 GPL-2+ )"
+SLOT="0/16.21.7" # ffmpeg subslot naming: SONAME tuple of 
{libmbedcrypto.so,libmbedtls.so,libmbedx509.so}
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 
~riscv ~s390 ~sparc ~x86"
+IUSE="cpu_flags_x86_sse2 doc programs static-libs test threads"
+RESTRICT="!test? ( test )"
+
+BDEPEND="
+       ${PYTHON_DEPS}
+       doc? (
+               app-text/doxygen
+               media-gfx/graphviz
+       )
+       test? ( dev-lang/perl )
+"
+
+enable_mbedtls_option() {
+       local myopt="$@"
+       # check that config.h syntax is the same at version bump
+       sed -i \
+               -e "s://#define ${myopt}:#define ${myopt}:" \
+               include/mbedtls/mbedtls_config.h || die
+}
+
+src_prepare() {
+       use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
+       use threads && enable_mbedtls_option MBEDTLS_THREADING_C
+       use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD
+
+       cmake_src_prepare
+}
+
+multilib_src_configure() {
+       local mycmakeargs=(
+               -DENABLE_PROGRAMS=$(multilib_native_usex programs)
+               -DENABLE_TESTING=$(usex test)
+               -DINSTALL_MBEDTLS_HEADERS=ON
+               -DLIB_INSTALL_DIR="${EPREFIX}/usr/$(get_libdir)"
+               -DLINK_WITH_PTHREAD=$(usex threads)
+               -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946
+               -DUSE_SHARED_MBEDTLS_LIBRARY=ON
+               -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs)
+       )
+
+       cmake_src_configure
+}
+
+multilib_src_compile() {
+       cmake_src_compile
+       use doc && multilib_is_native_abi && emake -C "${S}" apidoc
+}
+
+multilib_src_test() {
+       # Disable parallel run, bug #718390
+       # https://github.com/Mbed-TLS/mbedtls/issues/4980
+       LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \
+               cmake_src_test -j1
+}
+
+multilib_src_install() {
+       cmake_src_install
+}
+
+multilib_src_install_all() {
+       use doc && HTML_DOCS=( apidoc )
+
+       einstalldocs
+
+       if use programs ; then
+               # avoid file collisions with sys-apps/coreutils
+               local p e
+               for p in "${ED}"/usr/bin/* ; do
+                       if [[ -x "${p}" && ! -d "${p}" ]] ; then
+                               mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || 
die
+                       fi
+               done
+               for e in aes hash pkey ssl test ; do
+                       docinto "${e}"
+                       dodoc programs/"${e}"/*.c
+                       dodoc programs/"${e}"/*.txt
+               done
+       fi
+}

Reply via email to