commit: 0d2ffd3ca0142f69bf52e19f151ae7d2f6c8e707 Author: Stefan Strogin <steils <AT> gentoo <DOT> org> AuthorDate: Fri Jul 26 23:30:43 2019 +0000 Commit: Stefan Strogin <steils <AT> gentoo <DOT> org> CommitDate: Sat Jul 27 00:21:56 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0d2ffd3c
app-crypt/pesign: bump version to 113 Closes: https://bugs.gentoo.org/689590 Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Stefan Strogin <steils <AT> gentoo.org> app-crypt/pesign/Manifest | 1 + app-crypt/pesign/files/pesign-113-nss.patch | 47 ++++++++++++++++++++++++++ app-crypt/pesign/pesign-113.ebuild | 52 +++++++++++++++++++++++++++++ 3 files changed, 100 insertions(+) diff --git a/app-crypt/pesign/Manifest b/app-crypt/pesign/Manifest index 51dcd1c94d6..0dca49cdc75 100644 --- a/app-crypt/pesign/Manifest +++ b/app-crypt/pesign/Manifest @@ -1 +1,2 @@ DIST pesign-0.112.tar.gz 107632 BLAKE2B 737b75aec7efa9f41dbdb509405dede914cd5aa563572f0d2ede96a321f4a669170c696c7bd93bad1a5c1a6f2c65715b66317544fa6fc55d6b7f85436d778e8a SHA512 9a0cd266f973fbd7bbbd23939d0be3c34dbccd9ab20941bf967ca1b18aa5bf5d2c41cdef0799399e09e7b0fc59a0b34bc660afb6da292eb1c127db2893362018 +DIST pesign-113.tar.gz 124618 BLAKE2B 36cdface6ecdf9003251da3058b21b2ee8e94eb655e47a8668b38c4ea576d990a71860952eea277d5e029bb007039c8e3ded9918e89d47f6db404423acbd1cc7 SHA512 e71dc90c2ab8085d1b000c0d2cf9cb00ddaed1ea1393db75c2d19a96f1b1c188a26b76850533ba97ec254a3b48db6b07a69b597c329ac891e64422780a358c24 diff --git a/app-crypt/pesign/files/pesign-113-nss.patch b/app-crypt/pesign/files/pesign-113-nss.patch new file mode 100644 index 00000000000..5a227a87268 --- /dev/null +++ b/app-crypt/pesign/files/pesign-113-nss.patch @@ -0,0 +1,47 @@ +From b535d1ac5cbcdf18a97d97a92581e38080d9e521 Mon Sep 17 00:00:00 2001 +From: Peter Jones <[email protected]> +Date: Tue, 14 May 2019 11:28:38 -0400 +Subject: [PATCH] efikeygen: Fix the build with nss 3.44 + +NSS 3.44 adds some certificate types, which changes a type and makes +some encoding stuff weird. As a result, we get: + +gcc8 -I/wrkdirs/usr/ports/sysutils/pesign/work/pesign-0.110/include -O2 -pipe -fstack-protector-strong -Wl,-rpath=/usr/local/lib/gcc8 -isystem /usr/local/include -fno-strict-aliasing -g -O0 -g -O0 -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants --std=gnu99 -D_GNU_SOURCE -Wno-unused-result -Wno-unused-function -I../include/ -I/usr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include/nspr -Werror -fPIC -isystem /usr/local/include -DCONFIG_amd64 -DCONFIG_amd64 -c efikeygen.c -o efikeygen.o +In file included from /usr/local/include/nss/nss/cert.h:22, + from efikeygen.c:39: +efikeygen.c: In function 'add_cert_type': +/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow] + (NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \ + ^ +efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP' + unsigned char type = NS_CERT_TYPE_APP; + ^~~~~~~~~~~~~~~~ +cc1: all warnings being treated as errors + +This is fixed by just making it an int. + +Fixes github issue #48. + +Signed-off-by: Peter Jones <[email protected]> +Upstream-Status: Accepted +[https://github.com/rhboot/pesign/commit/b535d1ac5cbcdf18a97d97a92581e38080d9e521] +--- + src/efikeygen.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/efikeygen.c b/src/efikeygen.c +index ede76ef..2cd953e 100644 +--- a/src/efikeygen.c ++++ b/src/efikeygen.c +@@ -208,7 +208,7 @@ static int + add_cert_type(cms_context *cms, void *extHandle, int is_ca) + { + SECItem bitStringValue; +- unsigned char type = NS_CERT_TYPE_APP; ++ int type = NS_CERT_TYPE_APP; + + if (is_ca) + type |= NS_CERT_TYPE_SSL_CA | +-- +2.22.0 + diff --git a/app-crypt/pesign/pesign-113.ebuild b/app-crypt/pesign/pesign-113.ebuild new file mode 100644 index 00000000000..40d481c35cc --- /dev/null +++ b/app-crypt/pesign/pesign-113.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils toolchain-funcs + +DESCRIPTION="Tools for manipulating signed PE-COFF binaries" +HOMEPAGE="https://github.com/rhboot/pesign"; +SRC_URI="https://github.com/rhboot/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="libressl" + +RDEPEND=" + dev-libs/nspr + dev-libs/nss + dev-libs/popt + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + sys-apps/util-linux + sys-libs/efivar +" +DEPEND="${RDEPEND} + sys-apps/help2man + sys-boot/gnu-efi + virtual/pkgconfig +" + +PATCHES=( "${FILESDIR}"/${PN}-113-nss.patch ) + +src_compile() { + emake AR="$(tc-is-gcc && echo "$(tc-getCC)-ar" || tc-getAR)" \ + ARFLAGS="-cvqs" \ + AS="$(tc-getAS)" \ + CC="$(tc-getCC)" \ + LD="$(tc-getLD)" \ + OBJCOPY="$(tc-getOBJCOPY)" \ + PKG_CONFIG="$(tc-getPKG_CONFIG)" \ + RANLIB="$(tc-getRANLIB)" +} + +src_install() { + emake DESTDIR="${ED}" VERSION="${PVR}" install + einstalldocs + + # remove some files that don't make sense for Gentoo installs + rm -rf "${ED%/}/etc/" "${ED%/}/var/" \ + "${ED%/}/usr/share/doc/${PF}/COPYING" || die +}
