commit: 4630f8211339cd3b4e21f23f482b3235cc384edf Author: Pacho Ramos <pacho <AT> gentoo <DOT> org> AuthorDate: Sat Nov 9 12:45:33 2024 +0000 Commit: Pacho Ramos <pacho <AT> gentoo <DOT> org> CommitDate: Sat Nov 9 12:52:22 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4630f821
app-crypt/libsecret: Handle crypto implementations in a more consistent way This allow to more easily switch among implementations. Use gcrypt as default (following upstream and most of the other distributions). Also fix pam dependency (as pam module building also checks for libpam) Thanks-to: Michał Górny Closes: https://bugs.gentoo.org/943031 Signed-off-by: Pacho Ramos <pacho <AT> gentoo.org> app-crypt/libsecret/libsecret-0.21.4-r1.ebuild | 165 +++++++++++++++++++++++++ app-crypt/libsecret/metadata.xml | 3 +- 2 files changed, 167 insertions(+), 1 deletion(-) diff --git a/app-crypt/libsecret/libsecret-0.21.4-r1.ebuild b/app-crypt/libsecret/libsecret-0.21.4-r1.ebuild new file mode 100644 index 000000000000..3abed3946b52 --- /dev/null +++ b/app-crypt/libsecret/libsecret-0.21.4-r1.ebuild @@ -0,0 +1,165 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +PYTHON_COMPAT=( python3_{10..13} ) + +inherit bash-completion-r1 gnome2 meson-multilib python-any-r1 vala virtualx + +DESCRIPTION="GObject library for accessing the freedesktop.org Secret Service API" +HOMEPAGE="https://wiki.gnome.org/Projects/Libsecret"; + +LICENSE="LGPL-2.1+ Apache-2.0" # Apache-2.0 license is used for tests only +SLOT="0" + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +IUSE="+crypt +gcrypt gnutls gtk-doc +introspection pam test test-rust tpm +vala" + +RESTRICT="!test? ( test )" +REQUIRED_USE=" + vala? ( introspection ) + gtk-doc? ( crypt ) + crypt? ( || ( gcrypt gnutls ) ) +" + +DEPEND=" + >=dev-libs/glib-2.44:2[${MULTILIB_USEDEP}] + gcrypt? ( >=dev-libs/libgcrypt-1.2.2:0=[${MULTILIB_USEDEP}] ) + gnutls? ( >=net-libs/gnutls-3.8.2:0=[${MULTILIB_USEDEP}] ) + pam? ( + sys-libs/pam + sys-libs/pam_wrapper ) + tpm? ( >=app-crypt/tpm2-tss-3.0.3:= ) + introspection? ( >=dev-libs/gobject-introspection-1.54:= ) +" +RDEPEND="${DEPEND}" +PDEPEND="virtual/secret-service" +BDEPEND=" + app-text/docbook-xml-dtd:4.2 + dev-libs/libxslt + dev-util/gdbus-codegen + dev-util/glib-utils + >=sys-devel/gettext-0.19.8 + virtual/pkgconfig + gtk-doc? ( + app-text/docbook-xml-dtd:4.1.2 + >=dev-util/gi-docgen-2021.7 + ) + test? ( + $(python_gen_any_dep ' + dev-python/dbus-python[${PYTHON_USEDEP}] + introspection? ( dev-python/pygobject:3[${PYTHON_USEDEP}] )') + test-rust? ( introspection? ( >=dev-libs/gjs-1.32 ) ) + tpm? ( + app-crypt/swtpm + app-crypt/tpm2-abrmd + >=app-crypt/tpm2-tss-3.2.0:= + ) + ) + vala? ( $(vala_depend) ) +" + +dbus_run() { + ( + # start isolated dbus session bus + dbus_data=$(dbus-launch --sh-syntax) || exit + eval "${dbus_data}" + + $@ + ret=${?} + + kill "${DBUS_SESSION_BUS_PID}" + exit "${ret}" + ) || die +} + +tpm2_run_with_emulator() { + export XDG_CONFIG_HOME=${T}/.config/swtpm + "${BROOT}"/usr/share/swtpm/swtpm-create-user-config-files --overwrite || die + + mkdir -p ${XDG_CONFIG_HOME}/mytpm1 || die + swtpm_setup_args=( + --tpm2 + --tpmstate ${XDG_CONFIG_HOME}/mytpm1 + --createek + --allow-signing + --decryption + --create-ek-cert + --create-platform-cert + --lock-nvram + --overwrite + --display + ) + swtpm_setup "${swtpm_setup_args[@]}" || die + + swtpm_socket_args=( + --tpm2 + --tpmstate dir=${XDG_CONFIG_HOME}/mytpm1 + --flags startup-clear + --ctrl type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket.ctrl + --server type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket + --pid file=${XDG_CONFIG_HOME}/mytpm1/swtpm.pid + --daemon + ) + swtpm socket "${swtpm_socket_args[@]}" || die + + tpm2_abrmd_args=( + --logger=stdout + --tcti=swtpm:path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket + --session + --flush-all + ) + tpm2-abrmd "${tpm2_abrmd_args[@]}" & + export TCTI=tabrmd:bus_type=session + + $@ || die + + # When swtpm dies, tmp2-abrmd will exit + kill $(< ${XDG_CONFIG_HOME}/mytpm1/swtpm.pid) || die +} + +python_check_deps() { + if use introspection; then + python_has_version "dev-python/pygobject:3[${PYTHON_USEDEP}]" || return + fi + python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" +} + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + use vala && vala_setup + default +} + +multilib_src_configure() { + local emesonargs=( + $(meson_native_true manpage) + $(meson_native_use_bool vala vapi) + $(meson_native_use_bool gtk-doc gtk_doc) + $(meson_native_use_bool introspection) + -Dbashcompdir="$(get_bashcompdir)" + $(meson_native_enabled bash_completion) + $(meson_native_use_bool tpm tpm2) + $(meson_native_use_bool pam) + ) + + if use crypt ; then + use gcrypt && emesonargs+=( -Dcrypto=libgcrypt ) + use gnutls && emesonargs+=( -Dcrypto=gnutls ) + else + emesonargs+=( -Dcrypto=disabled ) + fi + + meson_src_configure +} + +multilib_src_test() { + if use tpm; then + dbus_run tpm2_run_with_emulator virtx meson test -C "${BUILD_DIR}" + else + virtx dbus-run-session meson test -C "${BUILD_DIR}" + fi +} diff --git a/app-crypt/libsecret/metadata.xml b/app-crypt/libsecret/metadata.xml index ad92e2ecff7a..933dcfcc68ba 100644 --- a/app-crypt/libsecret/metadata.xml +++ b/app-crypt/libsecret/metadata.xml @@ -6,7 +6,8 @@ <name>Gentoo GNOME Desktop</name> </maintainer> <use> - <flag name="crypt">Enable Backend library to implement transport encryption via <pkg>dev-libs/libgcrypt</pkg></flag> + <flag name="crypt">Enable transport encryption</flag> + <flag name="gcrypt">Enable Backend library to implement transport encryption via <pkg>dev-libs/libgcrypt</pkg></flag> <flag name="gnutls">Enable Backend library to implement transport encryption via <pkg>net-libs/gnutls</pkg></flag> <flag name="pam">Build PAM module</flag> <flag name="tpm">Enable Trusted Platform Module support via <pkg>app-crypt/tpm2-tss</pkg></flag>
