commit: 4f42b8888d0f4f0557ef13e92738a71fb8006663 Author: Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com> AuthorDate: Wed May 28 12:34:05 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Wed May 28 14:45:31 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4f42b888
net-libs/mbedtls: add 3.6.3.1 Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com> Part-of: https://github.com/gentoo/gentoo/pull/42294 Signed-off-by: Sam James <sam <AT> gentoo.org> net-libs/mbedtls/Manifest | 1 + ...ersion-suffix-for-all-installable-targets.patch | 79 +++++++++++++ .../files/mbedtls-3.6.3.1-slotted-version.patch | 131 +++++++++++++++++++++ net-libs/mbedtls/mbedtls-3.6.3.1.ebuild | 114 ++++++++++++++++++ 4 files changed, 325 insertions(+) diff --git a/net-libs/mbedtls/Manifest b/net-libs/mbedtls/Manifest index d351c26800e3..56796e87c7c2 100644 --- a/net-libs/mbedtls/Manifest +++ b/net-libs/mbedtls/Manifest @@ -1,3 +1,4 @@ DIST mbedtls-2.28.10.tar.bz2 3489179 BLAKE2B 30243e3100428f1e7e5deb1199c774b8b6a1fc58253990d80bbd33d71da32fbf73e285fbd403596e08ac9b0569ef28105cfe08ffb281670d21ca31bb80b65ee7 SHA512 e97d4f5dc71e0db8ff53c1b521057e95ec0cdadcf4555fc2491288defea73d2ae265fc5a02f83ff8143281c9dec88bee4cb62c670eef786f9a714c77958a29df DIST mbedtls-2.28.9.tar.bz2 3357068 BLAKE2B 14b845f826c3a1953ca3ab82d2f557d8fe6f1a2f57b31134c89933571a87ab9027de50f8f094d4086509d60e38d4c82ac67180f848aa6d06f3ce9f390c8ed63c SHA512 305f97c0b0ba7d57639532a24600234d8f849a4a5795773673b31cc1fdcd1cd56aea42bec2ff87439296e1528dcc2bed5e2a29fbdbf7edad4f5c4da232079d99 DIST mbedtls-3.6.2.tar.bz2 4979769 BLAKE2B dbf34ca3cffca7a9bdb10191bd58971583ae3f2cdef3e350ccda08eae2e7b52f5fd4d1aff5582ee120b6e35e6843d7dd323ba7da5f1428c16130e5ed7c0d689e SHA512 7ab3b1ec179681949e1b0d171e04f75a605ae9ed8177cf3f6f27c401efca4aff930437ecc425c9a994d36f50ddd6f0f0dd7feeb42251128ac875b4c57fe3811b +DIST mbedtls-3.6.3.1.tar.bz2 5108003 BLAKE2B 73f18ece25042cb8248871945e64b664cb21215e485a88b5e9a88ef0d21f37e1cc9b2441992e45ec016ec4eecebb2aa412ffb9867cb8f8e73451fc1007106630 SHA512 795d0aee31970cd96b131090557f98ba4fbcdaf09ccd12232329a316b10ba33de9fb404e946e709dd5f3e26714405c9133e69fdcdb638fbe1df931de4d8c5f1e diff --git a/net-libs/mbedtls/files/mbedtls-3.6.3.1-add-version-suffix-for-all-installable-targets.patch b/net-libs/mbedtls/files/mbedtls-3.6.3.1-add-version-suffix-for-all-installable-targets.patch new file mode 100644 index 000000000000..d20367ff496f --- /dev/null +++ b/net-libs/mbedtls/files/mbedtls-3.6.3.1-add-version-suffix-for-all-installable-targets.patch @@ -0,0 +1,79 @@ +https://github.com/Mbed-TLS/mbedtls/pull/9876 +From: "Azamat H. Hackimov" <[email protected]> +Date: Sun, 1 Dec 2024 00:49:15 +0300 +Subject: Add version suffix for all installable targets + +Convert main library targets to slottable versions. This allows to +install major versions of MbedTLS simultaneously. + +Dependent packages should use `find_package(MbedTLS 3 [REQUIRED])` and +`MbedTLS::<component>` in order to use requested libraries. +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -478,7 +478,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) + install( + FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" + "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake" +- DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS") ++ DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS-${PROJECT_VERSION_MAJOR}") + + export( + EXPORT MbedTLSTargets +@@ -488,7 +488,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) + install( + EXPORT MbedTLSTargets + NAMESPACE MbedTLS:: +- DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS" ++ DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS-${PROJECT_VERSION_MAJOR}" + FILE "MbedTLSTargets.cmake") + + if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15) +--- a/library/CMakeLists.txt ++++ b/library/CMakeLists.txt +@@ -277,7 +277,7 @@ set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + + if(USE_STATIC_MBEDTLS_LIBRARY) + add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) +- set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) ++ set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) + + if(TARGET ${everest_target}) +@@ -289,11 +289,11 @@ if(USE_STATIC_MBEDTLS_LIBRARY) + endif() + + add_library(${mbedx509_static_target} STATIC ${src_x509}) +- set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) ++ set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) + + add_library(${mbedtls_static_target} STATIC ${src_tls}) +- set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) ++ set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target}) + endif(USE_STATIC_MBEDTLS_LIBRARY) + +@@ -301,6 +301,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY) + set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) + add_library(${mbedcrypto_target} SHARED ${src_crypto}) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.6.3 SOVERSION 16) ++ set_target_properties(${mbedcrypto_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) + + if(TARGET ${everest_target}) +@@ -313,10 +314,12 @@ if(USE_SHARED_MBEDTLS_LIBRARY) + + add_library(${mbedx509_target} SHARED ${src_x509}) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.6.3 SOVERSION 7) ++ set_target_properties(${mbedx509_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) + + add_library(${mbedtls_target} SHARED ${src_tls}) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.6.3 SOVERSION 21) ++ set_target_properties(${mbedtls_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR}) + target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) + endif(USE_SHARED_MBEDTLS_LIBRARY) + +-- +2.45.2 + diff --git a/net-libs/mbedtls/files/mbedtls-3.6.3.1-slotted-version.patch b/net-libs/mbedtls/files/mbedtls-3.6.3.1-slotted-version.patch new file mode 100644 index 000000000000..5325317727ae --- /dev/null +++ b/net-libs/mbedtls/files/mbedtls-3.6.3.1-slotted-version.patch @@ -0,0 +1,131 @@ +https://github.com/Mbed-TLS/mbedtls/pull/9876 +From 3e51f0c1c04a9b62c4c27228c273693386f81c66 Mon Sep 17 00:00:00 2001 +From: "Azamat H. Hackimov" <[email protected]> +Date: Sun, 26 Jan 2025 22:21:33 +0300 +Subject: [PATCH] Add ENABLE_SLOTTED_VERSION to cmake project + +Make version suffix appending optional. Change suffix to include dash symbol to comply pkg-config naming conventions. + +Signed-off-by: Azamat H. Hackimov <[email protected]> +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -76,6 +76,12 @@ else() + endif() + + option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${MBEDTLS_AS_SUBPROJECT}) ++option(ENABLE_SLOTTED_VERSION "Enable slotted installation in order to install multiple versions of Mbed TLS" OFF) ++ ++set(VERSION_SUFFIX "") ++if(ENABLE_SLOTTED_VERSION) ++ set(VERSION_SUFFIX "-${PROJECT_VERSION_MAJOR}") ++endif() + + if (CMAKE_C_SIMULATE_ID) + set(COMPILER_ID ${CMAKE_C_SIMULATE_ID}) + +--- a/library/CMakeLists.txt ++++ b/library/CMakeLists.txt +@@ -277,7 +277,7 @@ set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + + if(USE_STATIC_MBEDTLS_LIBRARY) + add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) +- set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto${VERSION_SUFFIX}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) + + if(TARGET ${everest_target}) +@@ -289,11 +289,11 @@ if(USE_STATIC_MBEDTLS_LIBRARY) + endif() + + add_library(${mbedx509_static_target} STATIC ${src_x509}) +- set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509${VERSION_SUFFIX}) + target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) + + add_library(${mbedtls_static_target} STATIC ${src_tls}) +- set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls${VERSION_SUFFIX}) + target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target}) + endif(USE_STATIC_MBEDTLS_LIBRARY) + +@@ -301,7 +301,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY) + set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) + add_library(${mbedcrypto_target} SHARED ${src_crypto}) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.6.3 SOVERSION 16) +- set_target_properties(${mbedcrypto_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedcrypto_target} PROPERTIES OUTPUT_NAME mbedcrypto${VERSION_SUFFIX}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) + + if(TARGET ${everest_target}) +@@ -314,12 +314,12 @@ if(USE_SHARED_MBEDTLS_LIBRARY) + + add_library(${mbedx509_target} SHARED ${src_x509}) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.6.3 SOVERSION 7) +- set_target_properties(${mbedx509_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedx509_target} PROPERTIES OUTPUT_NAME mbedx509${VERSION_SUFFIX}) + target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) + + add_library(${mbedtls_target} SHARED ${src_tls}) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.6.3 SOVERSION 21) +- set_target_properties(${mbedtls_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR}) ++ set_target_properties(${mbedtls_target} PROPERTIES OUTPUT_NAME mbedtls${VERSION_SUFFIX}) + target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) + endif(USE_SHARED_MBEDTLS_LIBRARY) + +--- a/pkgconfig/CMakeLists.txt ++++ b/pkgconfig/CMakeLists.txt +@@ -8,18 +8,18 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) + set(PKGCONFIG_PROJECT_DESCRIPTION "Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.") + set(PKGCONFIG_PROJECT_HOMEPAGE_URL "https://www.trustedfirmware.org/projects/mbed-tls/";) + +- configure_file(mbedcrypto.pc.in mbedcrypto${PROJECT_VERSION_MAJOR}.pc @ONLY) ++ configure_file(mbedcrypto.pc.in mbedcrypto${VERSION_SUFFIX}.pc @ONLY) + install(FILES +- ${CMAKE_CURRENT_BINARY_DIR}/mbedcrypto${PROJECT_VERSION_MAJOR}.pc ++ ${CMAKE_CURRENT_BINARY_DIR}/mbedcrypto${VERSION_SUFFIX}.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) + +- configure_file(mbedtls.pc.in mbedtls${PROJECT_VERSION_MAJOR}.pc @ONLY) ++ configure_file(mbedtls.pc.in mbedtls${VERSION_SUFFIX}.pc @ONLY) + install(FILES +- ${CMAKE_CURRENT_BINARY_DIR}/mbedtls${PROJECT_VERSION_MAJOR}.pc ++ ${CMAKE_CURRENT_BINARY_DIR}/mbedtls${VERSION_SUFFIX}.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) + +- configure_file(mbedx509.pc.in mbedx509${PROJECT_VERSION_MAJOR}.pc @ONLY) ++ configure_file(mbedx509.pc.in mbedx509${VERSION_SUFFIX}.pc @ONLY) + install(FILES +- ${CMAKE_CURRENT_BINARY_DIR}/mbedx509${PROJECT_VERSION_MAJOR}.pc ++ ${CMAKE_CURRENT_BINARY_DIR}/mbedx509${VERSION_SUFFIX}.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) + endif() +--- a/pkgconfig/mbedcrypto.pc.in ++++ b/pkgconfig/mbedcrypto.pc.in +@@ -7,4 +7,4 @@ Description: @PKGCONFIG_PROJECT_DESCRIPTION@ + URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ + Version: @PROJECT_VERSION@ + Cflags: -I"${includedir}" +-Libs: -L"${libdir}" -lmbedcrypto@PROJECT_VERSION_MAJOR@ ++Libs: -L"${libdir}" -lmbedcrypto@VERSION_SUFFIX@ +--- a/pkgconfig/mbedtls.pc.in ++++ b/pkgconfig/mbedtls.pc.in +@@ -6,6 +6,6 @@ Name: @PROJECT_NAME@ + Description: @PKGCONFIG_PROJECT_DESCRIPTION@ + URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ + Version: @PROJECT_VERSION@ +-Requires.private: mbedcrypto@PROJECT_VERSION_MAJOR@ mbedx509@PROJECT_VERSION_MAJOR@ ++Requires.private: mbedcrypto@VERSION_SUFFIX@ mbedx509@VERSION_SUFFIX@ + Cflags: -I"${includedir}" +-Libs: -L"${libdir}" -lmbedtls@PROJECT_VERSION_MAJOR@ ++Libs: -L"${libdir}" -lmbedtls@VERSION_SUFFIX@ +--- a/pkgconfig/mbedx509.pc.in ++++ b/pkgconfig/mbedx509.pc.in +@@ -6,6 +6,6 @@ Name: @PROJECT_NAME@ + Description: @PKGCONFIG_PROJECT_DESCRIPTION@ + URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ + Version: @PROJECT_VERSION@ +-Requires.private: mbedcrypto@PROJECT_VERSION_MAJOR@ ++Requires.private: mbedcrypto@VERSION_SUFFIX@ + Cflags: -I"${includedir}" +-Libs: -L"${libdir}" -lmbedx509@PROJECT_VERSION_MAJOR@ ++Libs: -L"${libdir}" -lmbedx509@VERSION_SUFFIX@ diff --git a/net-libs/mbedtls/mbedtls-3.6.3.1.ebuild b/net-libs/mbedtls/mbedtls-3.6.3.1.ebuild new file mode 100644 index 000000000000..b51ca303a93e --- /dev/null +++ b/net-libs/mbedtls/mbedtls-3.6.3.1.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..14} ) + +inherit cmake flag-o-matic multilib-minimal python-any-r1 + +DESCRIPTION="Cryptographic library for embedded systems" +HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/"; +SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/v${PV}/${P}.tar.bz2"; + +LICENSE="|| ( Apache-2.0 GPL-2+ )" +SLOT="3/16.21.7" # ffmpeg subslot naming: SONAME tuple of {libmbedcrypto.so,libmbedtls.so,libmbedx509.so} +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="cpu_flags_x86_sse2 doc programs static-libs test threads" +RESTRICT="!test? ( test )" + +RDEPEND="!>net-libs/mbedtls-3:0" +BDEPEND=" + ${PYTHON_DEPS} + doc? ( + app-text/doxygen + media-gfx/graphviz + ) + test? ( dev-lang/perl ) +" + +PATCHES=( + "${FILESDIR}/mbedtls-3.6.2-allow-install-headers-to-different-location.patch" + "${FILESDIR}/mbedtls-3.6.3.1-add-version-suffix-for-all-installable-targets.patch" + "${FILESDIR}/mbedtls-3.6.2-add-version-suffix-for-pkg-config-files.patch" + "${FILESDIR}/mbedtls-3.6.2-exclude-static-3dparty.patch" + "${FILESDIR}/mbedtls-3.6.3.1-slotted-version.patch" +) + +enable_mbedtls_option() { + local myopt="$@" + # check that config.h syntax is the same at version bump + sed -i \ + -e "s://#define ${myopt}:#define ${myopt}:" \ + include/mbedtls/mbedtls_config.h || die +} + +src_prepare() { + use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2 + use threads && enable_mbedtls_option MBEDTLS_THREADING_C + use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD + + sed -i -e "s:VERSION 3.5.1:VERSION 3.10:g" CMakeLists.txt || die + + cmake_src_prepare +} + +src_configure() { + # Workaround for https://github.com/Mbed-TLS/mbedtls/issues/9814 + # (https://github.com/Mbed-TLS/mbedtls/pull/10179, bug #946544) + append-flags $(test-flags-CC -fzero-init-padding-bits=unions) + multilib-minimal_src_configure +} + +multilib_src_configure() { + local mycmakeargs=( + -DENABLE_PROGRAMS=$(multilib_native_usex programs) + -DENABLE_TESTING=$(usex test) + -DENABLE_SLOTTED_VERSION=ON + -DINSTALL_MBEDTLS_HEADERS=ON + -DCMAKE_INSTALL_INCLUDEDIR="include/mbedtls3" + -DLINK_WITH_PTHREAD=$(usex threads) + -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946 + -DUSE_SHARED_MBEDTLS_LIBRARY=ON + -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs) + ) + + cmake_src_configure +} + +multilib_src_compile() { + cmake_src_compile + use doc && multilib_is_native_abi && emake -C "${S}" apidoc +} + +multilib_src_test() { + # Disable parallel run, bug #718390 + # https://github.com/Mbed-TLS/mbedtls/issues/4980 + LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \ + cmake_src_test -j1 +} + +multilib_src_install() { + cmake_src_install +} + +multilib_src_install_all() { + use doc && HTML_DOCS=( apidoc ) + + einstalldocs + + if use programs ; then + # avoid file collisions with sys-apps/coreutils + local p e + for p in "${ED}"/usr/bin/* ; do + if [[ -x "${p}" && ! -d "${p}" ]] ; then + mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die + fi + done + for e in aes hash pkey ssl test ; do + docinto "${e}" + dodoc programs/"${e}"/*.c + dodoc programs/"${e}"/*.txt + done + fi +}
