[gentoo-commits] repo/gentoo:master commit in: profiles/base/, net-libs/gnutls/

Mon, 10 Oct 2022 15:06:59 -0700 

commit:     b05770f31c02eeba93143907ed1592e49636af4f
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 10 22:02:32 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Oct 10 22:06:07 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b05770f3

net-libs/gnutls: add 3.7.8

Bug: https://bugs.gentoo.org/873211
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-libs/gnutls/Manifest            |   2 +
 net-libs/gnutls/gnutls-3.7.8.ebuild | 144 ++++++++++++++++++++++++++++++++++++
 profiles/base/package.use.mask      |   6 ++
 3 files changed, 152 insertions(+)

diff --git a/net-libs/gnutls/Manifest b/net-libs/gnutls/Manifest
index f468c56dbed9..20aefd7eca78 100644
--- a/net-libs/gnutls/Manifest
+++ b/net-libs/gnutls/Manifest
@@ -2,3 +2,5 @@ DIST gnutls-3.7.6.tar.xz 6338276 BLAKE2B 
9f3cce8dfc0b88f2c42d1d2633417dac649a265
 DIST gnutls-3.7.6.tar.xz.sig 685 BLAKE2B 
eae022d6cb0d772e465257411381afd97f3dfd19d6f794a1c3e0f8c3c1232a8a1b91269ca7252a5662782183b11ca393c31efe3f88171a526884400fd0534528
 SHA512 
c969da9a938b9d29a70cea3b00cce337f9a4c4304aae7f501ef6263894f81a420395ddbe1b005f35dff2e900d3fac75e288f10bbfde0ebea034f7e257bb16d0e
 DIST gnutls-3.7.7.tar.xz 6351664 BLAKE2B 
a66037ecc6da660ff12949f50012840263c2e0b174079e41b62a2d884f060cee56f0c64a2815d07321a54b08cce016d2b4c8f0e059636c1ab5f7db9c8d64c7c6
 SHA512 
ba00b20126379ec7e96c6bfa606cfb7bb0d9a5853318b29b5278a42a85ae40d39d8442778938e1f165debcdb1adaf9c63bcec59a4eb3387dd1ac99b08bcc5c08
 DIST gnutls-3.7.7.tar.xz.sig 685 BLAKE2B 
53d76a06ed5a74664d6c193459eb310f06e87dd3db97aca9e9fa78837677df58d8de66f187c182b9375786ee0308c5da55f08414183c959c7acb4527c38cd7c7
 SHA512 
6463bc4661e20051ff9f31c1a557cece34d06b748f4e24f98e807ddc72a3daa9348aa9f0afa83a0f9cd226421c575210eec1936fbeb9a55849e2c397ace9d03d
+DIST gnutls-3.7.8.tar.xz 6029220 BLAKE2B 
0a21e63c7cb0ba4eeff23593c7282e0b4d704fa2d2a1cd5289998fd04b58ea36fc343f872225ad05478e278b1cdebbcd0fd376459abcb58547f8fa1488485530
 SHA512 
4199bcf7c9e3aab2f52266aadceefc563dfe2d938d0ea1f3ec3be95d66f4a8c8e5494d3a800c03dd02ad386dec1738bd63e1fe0d8b394a2ccfc7d6c6a0cc9359
+DIST gnutls-3.7.8.tar.xz.sig 1250 BLAKE2B 
66c6a335c3b2290a4e44ffa6ae715ad71d2bcd7df485c1d2d9490985d9dcd445768d6eb021ad3a61614431183c6652254c63ebd8abd0f0a03d3164a6193b6192
 SHA512 
cecf9843e8683a278d065b663dc98ac2b5fcad1905ee25333038c93c2289b518c974629367e77e66552ac1c9d122d551616edba35cb0c4204202ec676f1a2db7

diff --git a/net-libs/gnutls/gnutls-3.7.8.ebuild 
b/net-libs/gnutls/gnutls-3.7.8.ebuild
new file mode 100644
index 000000000000..2257a4122b73
--- /dev/null
+++ b/net-libs/gnutls/gnutls-3.7.8.ebuild
@@ -0,0 +1,144 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/gnutls.asc
+inherit libtool multilib-minimal verify-sig
+
+DESCRIPTION="A secure communications library implementing the SSL, TLS and 
DTLS protocols"
+HOMEPAGE="https://www.gnutls.org/";
+SRC_URI="mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz"
+SRC_URI+=" verify-sig? ( mirror://gnupg/gnutls/v$(ver_cut 1-2)/${P}.tar.xz.sig 
)"
+
+LICENSE="GPL-3 LGPL-2.1+"
+SLOT="0/30.30" # <libgnutls.so number>.<libgnutlsxx.so number>
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 
~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos 
~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="brotli +cxx dane doc examples guile +idn nls +openssl pkcs11 seccomp 
sslv2 sslv3 static-libs test test-full +tls-heartbeat tools valgrind zlib zstd"
+
+REQUIRED_USE="test-full? ( cxx dane doc examples guile idn nls openssl pkcs11 
seccomp tls-heartbeat tools )"
+RESTRICT="!test? ( test )"
+
+RDEPEND=">=dev-libs/libtasn1-4.9:=[${MULTILIB_USEDEP}]
+       dev-libs/libunistring:=[${MULTILIB_USEDEP}]
+       >=dev-libs/nettle-3.6:=[gmp,${MULTILIB_USEDEP}]
+       >=dev-libs/gmp-5.1.3-r1:=[${MULTILIB_USEDEP}]
+       brotli? ( >=app-arch/brotli-1.0.0:=[${MULTILIB_USEDEP}] )
+       dane? ( >=net-dns/unbound-1.4.20:=[${MULTILIB_USEDEP}] )
+       guile? ( >=dev-scheme/guile-2:=[networking] )
+       nls? ( >=virtual/libintl-0-r1:=[${MULTILIB_USEDEP}] )
+       pkcs11? ( >=app-crypt/p11-kit-0.23.1[${MULTILIB_USEDEP}] )
+       idn? ( >=net-dns/libidn2-0.16-r1:=[${MULTILIB_USEDEP}] )
+       zlib? ( sys-libs/zlib[${MULTILIB_USEDEP}] )
+       zstd? ( >=app-arch/zstd-1.3.0:=[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+       test? (
+               seccomp? ( sys-libs/libseccomp )
+       )"
+BDEPEND="
+       dev-util/gtk-doc-am
+       >=virtual/pkgconfig-0-r1
+       doc? ( dev-util/gtk-doc )
+       nls? ( sys-devel/gettext )
+       valgrind? ( dev-util/valgrind )
+       test-full? (
+               app-crypt/dieharder
+               >=app-misc/datefudge-1.22
+               dev-libs/softhsm:2[-bindist(-)]
+               net-dialup/ppp
+               net-misc/socat
+       )
+       verify-sig? ( >=sec-keys/openpgp-keys-gnutls-20220320 )"
+
+DOCS=( README.md doc/certtool.cfg )
+
+HTML_DOCS=()
+
+pkg_setup() {
+       # bug #520818
+       export TZ=UTC
+
+       use doc && HTML_DOCS+=(
+               doc/gnutls.html
+       )
+}
+
+src_prepare() {
+       default
+
+       # don't try to use system certificate store on macOS, it is
+       # confusingly ignoring our ca-certificates and more importantly
+       # fails to compile in certain configurations
+       sed -i -e 's/__APPLE__/__NO_APPLE__/' lib/system/certs.c || die
+
+       # Use sane .so versioning on FreeBSD.
+       elibtoolize
+}
+
+multilib_src_configure() {
+       LINGUAS="${LINGUAS//en/en@boldquot en@quot}"
+
+       local libconf=()
+
+       # TPM needs to be tested before being enabled
+       # Note that this may add a libltdl dep when enabled. Check configure.ac.
+       libconf+=(
+               --without-tpm
+               --without-tpm2
+       )
+
+       # hardware-accel is disabled on OSX because the asm files force
+       #   GNU-stack (as doesn't support that) and when that's removed ld
+       #   complains about duplicate symbols
+       [[ ${CHOST} == *-darwin* ]] && libconf+=( 
--disable-hardware-acceleration )
+
+       # Cygwin as does not understand these asm files at all
+       [[ ${CHOST} == *-cygwin* ]] && libconf+=( 
--disable-hardware-acceleration )
+
+       # -fanalyzer substantially slows down the build and isn't useful for
+       # us. It's useful for upstream as it's static analysis, but it's not
+       # useful when just getting something built.
+       export gl_cv_warn_c__fanalyzer=no
+
+       local myeconfargs=(
+               $(multilib_native_enable manpages)
+               $(multilib_native_use_enable doc gtk-doc)
+               $(multilib_native_use_enable doc)
+               $(multilib_native_use_enable guile)
+               $(multilib_native_use_enable seccomp seccomp-tests)
+               $(multilib_native_use_enable test tests)
+               $(multilib_native_use_enable test-full full-test-suite)
+               $(multilib_native_use_enable tools)
+               $(multilib_native_use_enable valgrind valgrind-tests)
+               $(use_enable cxx)
+               $(use_enable dane libdane)
+               $(use_enable nls)
+               $(use_enable openssl openssl-compatibility)
+               $(use_enable sslv2 ssl2-support)
+               $(use_enable sslv3 ssl3-support)
+               $(use_enable static-libs static)
+               $(use_enable tls-heartbeat heartbeat-support)
+               $(use_with brotli)
+               $(use_with idn)
+               $(use_with pkcs11 p11-kit)
+               $(use_with zlib)
+               $(use_with zstd)
+               --disable-rpath
+               
--with-default-trust-store-file="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt
+               
--with-unbound-root-key-file="${EPREFIX}"/etc/dnssec/root-anchors.txt
+               --without-included-libtasn1
+               $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
+       )
+
+       ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}"
+}
+
+multilib_src_install_all() {
+       einstalldocs
+       find "${ED}" -type f -name '*.la' -delete || die
+
+       if use examples; then
+               docinto examples
+               dodoc doc/examples/*.c
+       fi
+}

diff --git a/profiles/base/package.use.mask b/profiles/base/package.use.mask
index dca32ba381a0..4236d64c0e81 100644
--- a/profiles/base/package.use.mask
+++ b/profiles/base/package.use.mask
@@ -6,6 +6,12 @@
 # This file is only for generic masks. For arch-specific masks (i.e.
 # mask everywhere, unmask on arch/*) use arch/base.
 
+# Sam James <[email protected]> (2022-10-10)
+# These releases *are* signed by the needed people, but have an additional
+# signature not present in the official release keychain, so verify-sig.eclass
+# fails: bug #873211.
+~net-libs/gnutls-3.7.8 verify-sig
+
 # Sam Jame <[email protected]> (2022-10-08)
 # Older versions of libvirt need a vulnerable version of wireshark
 <app-emulation/libvirt-8.0.0 wireshark-plugins

Reply via email to