* [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/
@ 2016-08-13 23:13 David Seifert
0 siblings, 0 replies; 5+ messages in thread
From: David Seifert @ 2016-08-13 23:13 UTC (permalink / raw
To: gentoo-commits
commit: a8e82823012ab43dd4e9da0b0aa88282e7c959dc
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sat Aug 13 12:28:04 2016 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sat Aug 13 23:13:31 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8e82823
net-libs/mbedtls: Integrate upstream patches for bug 588818
Gentoo-bug: 588818
* EAPI=6
Package-Manager: portage-2.3.0
Closes: https://github.com/gentoo/gentoo/pull/2080
Signed-off-by: David Seifert <soap <AT> gentoo.org>
.../files/mbedtls-2.3.0-include-guards.patch | 34 +++
| 333 +++++++++++++++++++++
net-libs/mbedtls/files/mbedtls-2.3.0-tests.patch | 23 ++
net-libs/mbedtls/mbedtls-2.3.0-r1.ebuild | 101 +++++++
4 files changed, 491 insertions(+)
diff --git a/net-libs/mbedtls/files/mbedtls-2.3.0-include-guards.patch b/net-libs/mbedtls/files/mbedtls-2.3.0-include-guards.patch
new file mode 100644
index 0000000..af12d4b
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-2.3.0-include-guards.patch
@@ -0,0 +1,34 @@
+From 23e9778684ba734dbfba1445e145b04dd6b59e76 Mon Sep 17 00:00:00 2001
+From: Simon Butcher <simon.butcher@arm.com>
+Date: Wed, 13 Jul 2016 13:31:08 +0100
+Subject: [PATCH] Adds missing conditions for platform time
+
+In platform.c, made the time functions dependent on the configuration
+MBEDTLS_HAVE_TIME to fix a build break where the functions could be
+built but the mbedtls_time_t was not defined.
+---
+ library/platform.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/library/platform.c b/library/platform.c
+index 68ca45d..2591c45 100644
+--- a/library/platform.c
++++ b/library/platform.c
+@@ -190,6 +190,8 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) )
+ }
+ #endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
++#if defined(MBEDTLS_HAVE_TIME)
++
+ #if defined(MBEDTLS_PLATFORM_TIME_ALT)
+ #if !defined(MBEDTLS_PLATFORM_STD_TIME)
+ /*
+@@ -213,6 +215,8 @@ int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time
+ }
+ #endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
++#endif /* MBEDTLS_HAVE_TIME */
++
+ #if defined(MBEDTLS_ENTROPY_NV_SEED)
+ #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
+ /* Default implementations for the platform independent seed functions use
--git a/net-libs/mbedtls/files/mbedtls-2.3.0-move-to-header.patch b/net-libs/mbedtls/files/mbedtls-2.3.0-move-to-header.patch
new file mode 100644
index 0000000..2c858bb
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-2.3.0-move-to-header.patch
@@ -0,0 +1,333 @@
+From b5b6af2663fdb7f57c30494607bade90810f6844 Mon Sep 17 00:00:00 2001
+From: Simon Butcher <simon.butcher@arm.com>
+Date: Wed, 13 Jul 2016 14:46:18 +0100
+Subject: [PATCH] Puts platform time abstraction into its own header
+
+Separates platform time abstraction into it's own header from the
+general platform abstraction as both depend on different build options.
+(MBEDTLS_PLATFORM_C vs MBEDTLS_HAVE_TIME)
+---
+ include/mbedtls/platform.h | 37 ++-----------------
+ include/mbedtls/platform_time.h | 81 +++++++++++++++++++++++++++++++++++++++++
+ include/mbedtls/ssl.h | 2 +-
+ library/net.c | 1 -
+ library/ssl_cache.c | 2 -
+ library/ssl_ciphersuites.c | 1 -
+ library/ssl_cli.c | 4 +-
+ library/ssl_cookie.c | 2 -
+ library/ssl_srv.c | 4 +-
+ library/ssl_ticket.c | 2 -
+ library/ssl_tls.c | 1 -
+ library/x509.c | 7 +++-
+ programs/ssl/dtls_client.c | 1 -
+ 13 files changed, 93 insertions(+), 52 deletions(-)
+ create mode 100644 include/mbedtls/platform_time.h
+
+diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
+index caf8f25..b1b019e 100644
+--- a/include/mbedtls/platform.h
++++ b/include/mbedtls/platform.h
+@@ -29,6 +29,10 @@
+ #include MBEDTLS_CONFIG_FILE
+ #endif
+
++#if defined(MBEDTLS_HAVE_TIME)
++#include "mbedtls/platform_time.h"
++#endif
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+@@ -244,39 +248,6 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
+ #endif
+
+ /*
+- * The time_t datatype
+- */
+-#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+-typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t;
+-#else
+-/* For time_t */
+-#include <time.h>
+-typedef time_t mbedtls_time_t;
+-#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+-
+-/*
+- * The function pointers for time
+- */
+-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+-extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
+-
+-/**
+- * \brief Set your own time function pointer
+- *
+- * \param time_func the time function implementation
+- *
+- * \return 0
+- */
+-int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
+-#else
+-#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+-#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO
+-#else
+-#define mbedtls_time time
+-#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+-#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+-
+-/*
+ * The function pointers for reading from and writing a seed file to
+ * Non-Volatile storage (NV) in a platform-independent way
+ *
+diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h
+new file mode 100644
+index 0000000..abb3431
+--- /dev/null
++++ b/include/mbedtls/platform_time.h
+@@ -0,0 +1,81 @@
++/**
++ * \file platform_time.h
++ *
++ * \brief mbed TLS Platform time abstraction
++ *
++ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
++ * SPDX-License-Identifier: Apache-2.0
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License"); you may
++ * not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ *
++ * This file is part of mbed TLS (https://tls.mbed.org)
++ */
++#ifndef MBEDTLS_PLATFORM_TIME_H
++#define MBEDTLS_PLATFORM_TIME_H
++
++#if !defined(MBEDTLS_CONFIG_FILE)
++#include "config.h"
++#else
++#include MBEDTLS_CONFIG_FILE
++#endif
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++/**
++ * \name SECTION: Module settings
++ *
++ * The configuration options you can set for this module are in this section.
++ * Either change them in config.h or define them on the compiler command line.
++ * \{
++ */
++
++/*
++ * The time_t datatype
++ */
++#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
++typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t;
++#else
++/* For time_t */
++#include <time.h>
++typedef time_t mbedtls_time_t;
++#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
++
++/*
++ * The function pointers for time
++ */
++#if defined(MBEDTLS_PLATFORM_TIME_ALT)
++extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
++
++/**
++ * \brief Set your own time function pointer
++ *
++ * \param time_func the time function implementation
++ *
++ * \return 0
++ */
++int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
++#else
++#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
++#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO
++#else
++#define mbedtls_time time
++#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
++#endif /* MBEDTLS_PLATFORM_TIME_ALT */
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* platform_time.h */
+diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
+index bc62336..c0bfd3e 100644
+--- a/include/mbedtls/ssl.h
++++ b/include/mbedtls/ssl.h
+@@ -52,7 +52,7 @@
+ #endif
+
+ #if defined(MBEDTLS_HAVE_TIME)
+-#include <time.h>
++#include "mbedtls/platform_time.h"
+ #endif
+
+ /*
+diff --git a/library/net.c b/library/net.c
+index 4142bc0..8b96321 100644
+--- a/library/net.c
++++ b/library/net.c
+@@ -36,7 +36,6 @@
+ #include "mbedtls/platform.h"
+ #else
+ #include <stdlib.h>
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/net.h"
+diff --git a/library/ssl_cache.c b/library/ssl_cache.c
+index 01c66ae..9b62de2 100644
+--- a/library/ssl_cache.c
++++ b/library/ssl_cache.c
+@@ -37,8 +37,6 @@
+ #include <stdlib.h>
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/ssl_cache.h"
+diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
+index 3546331..a762bf7 100644
+--- a/library/ssl_ciphersuites.c
++++ b/library/ssl_ciphersuites.c
+@@ -33,7 +33,6 @@
+ #include "mbedtls/platform.h"
+ #else
+ #include <stdlib.h>
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/ssl_ciphersuites.h"
+diff --git a/library/ssl_cli.c b/library/ssl_cli.c
+index cd39db0..358dc46 100644
+--- a/library/ssl_cli.c
++++ b/library/ssl_cli.c
+@@ -33,8 +33,6 @@
+ #include <stdlib.h>
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/debug.h"
+@@ -46,7 +44,7 @@
+ #include <stdint.h>
+
+ #if defined(MBEDTLS_HAVE_TIME)
+-#include <time.h>
++#include "mbedtls/platform_time.h"
+ #endif
+
+ #if defined(MBEDTLS_SSL_SESSION_TICKETS)
+diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
+index f241c86..9fb32de 100644
+--- a/library/ssl_cookie.c
++++ b/library/ssl_cookie.c
+@@ -36,8 +36,6 @@
+ #else
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/ssl_cookie.h"
+diff --git a/library/ssl_srv.c b/library/ssl_srv.c
+index 7271045..ec59cc1 100644
+--- a/library/ssl_srv.c
++++ b/library/ssl_srv.c
+@@ -33,8 +33,6 @@
+ #include <stdlib.h>
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/debug.h"
+@@ -48,7 +46,7 @@
+ #endif
+
+ #if defined(MBEDTLS_HAVE_TIME)
+-#include <time.h>
++#include "mbedtls/platform_time.h"
+ #endif
+
+ #if defined(MBEDTLS_SSL_SESSION_TICKETS)
+diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
+index 5d77403..4d9116d 100644
+--- a/library/ssl_ticket.c
++++ b/library/ssl_ticket.c
+@@ -33,8 +33,6 @@
+ #include <stdlib.h>
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/ssl_ticket.h"
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index 80a908d..505bb6c 100644
+--- a/library/ssl_tls.c
++++ b/library/ssl_tls.c
+@@ -41,7 +41,6 @@
+ #include <stdlib.h>
+ #define mbedtls_calloc calloc
+ #define mbedtls_free free
+-#define mbedtls_time_t time_t
+ #endif
+
+ #include "mbedtls/debug.h"
+diff --git a/library/x509.c b/library/x509.c
+index a0df817..bc3bfe0 100644
+--- a/library/x509.c
++++ b/library/x509.c
+@@ -55,12 +55,15 @@
+ #include <stdlib.h>
+ #define mbedtls_free free
+ #define mbedtls_calloc calloc
+-#define mbedtls_time time
+-#define mbedtls_time_t time_t
+ #define mbedtls_printf printf
+ #define mbedtls_snprintf snprintf
+ #endif
+
++
++#if defined(MBEDTLS_HAVE_TIME)
++#include "mbedtls/platform_time.h"
++#endif
++
+ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+ #include <windows.h>
+ #else
+diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
+index 14fb612..b37eb83 100644
+--- a/programs/ssl/dtls_client.c
++++ b/programs/ssl/dtls_client.c
+@@ -31,7 +31,6 @@
+ #include <stdio.h>
+ #define mbedtls_printf printf
+ #define mbedtls_fprintf fprintf
+-#define mbedtls_time_t time_t
+ #endif
+
+ #if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \
diff --git a/net-libs/mbedtls/files/mbedtls-2.3.0-tests.patch b/net-libs/mbedtls/files/mbedtls-2.3.0-tests.patch
new file mode 100644
index 0000000..69375b5
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-2.3.0-tests.patch
@@ -0,0 +1,23 @@
+From b92834324f29768a5bf39c58c674c5f3c09b6763 Mon Sep 17 00:00:00 2001
+From: Simon Butcher <simon.butcher@arm.com>
+Date: Wed, 13 Jul 2016 11:02:41 +0100
+Subject: [PATCH] Fixes all.sh for full config
+
+MBEDTLS_PLATFORM_TIME_ALT was accidentally left in the full config test
+leading to linker problems.
+---
+ tests/scripts/all.sh | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
+index 5262397..a2b0995 100755
+--- a/tests/scripts/all.sh
++++ b/tests/scripts/all.sh
+@@ -231,6 +231,7 @@ scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY
+ scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT
++scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
diff --git a/net-libs/mbedtls/mbedtls-2.3.0-r1.ebuild b/net-libs/mbedtls/mbedtls-2.3.0-r1.ebuild
new file mode 100644
index 0000000..ef06753
--- /dev/null
+++ b/net-libs/mbedtls/mbedtls-2.3.0-r1.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit cmake-utils multilib-minimal
+
+DESCRIPTION="Cryptographic library for embedded systems"
+HOMEPAGE="https://tls.mbed.org/"
+SRC_URI="https://github.com/ARMmbed/mbedtls/archive/mbedtls-${PV}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0/10" # slot for libmbedtls.so
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd"
+IUSE="cpu_flags_x86_sse2 doc havege libressl programs test threads zlib"
+
+RDEPEND="
+ programs? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+ doc? ( app-doc/doxygen media-gfx/graphviz )
+ test? ( dev-lang/perl )"
+
+S=${WORKDIR}/${PN}-${P}
+
+PATCHES=(
+ "${FILESDIR}/${P}-include-guards.patch"
+ "${FILESDIR}/${P}-move-to-header.patch"
+ "${FILESDIR}/${P}-tests.patch"
+)
+
+enable_mbedtls_option() {
+ local myopt="$@"
+ # check that config.h syntax is the same at version bump
+ sed -i \
+ -e "s://#define ${myopt}:#define ${myopt}:" \
+ include/mbedtls/config.h || die
+}
+
+src_prepare() {
+ use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
+ use zlib && enable_mbedtls_option MBEDTLS_ZLIB_SUPPORT
+ use havege && enable_mbedtls_option MBEDTLS_HAVEGE_C
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_C
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD
+
+ cmake-utils_src_prepare
+}
+
+multilib_src_configure() {
+ local mycmakeargs=(
+ -DENABLE_PROGRAMS=$(multilib_native_usex programs)
+ -DENABLE_ZLIB_SUPPORT=$(usex zlib)
+ -DUSE_STATIC_MBEDTLS_LIBRARY=OFF
+ -DENABLE_TESTING=$(usex test)
+ -DUSE_SHARED_MBEDTLS_LIBRARY=ON
+ -DINSTALL_MBEDTLS_HEADERS=ON
+ -DLIB_INSTALL_DIR="/usr/$(get_libdir)"
+ )
+
+ cmake-utils_src_configure
+}
+
+multilib_src_compile() {
+ cmake-utils_src_compile
+ use doc && multilib_is_native_abi && emake apidoc
+}
+
+multilib_src_test() {
+ LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \
+ cmake-utils_src_test
+}
+
+multilib_src_install() {
+ cmake-utils_src_install
+}
+
+multilib_src_install_all() {
+ use doc && HTML_DOCS=( apidoc )
+
+ einstalldocs
+
+ if use programs ; then
+ # avoid file collisions with sys-apps/coreutils
+ local p e
+ for p in "${ED%/}"/usr/bin/* ; do
+ if [[ -x "${p}" && ! -d "${p}" ]] ; then
+ mv "${p}" "${ED%/}"/usr/bin/mbedtls_${p##*/} || die
+ fi
+ done
+ for e in aes hash pkey ssl test ; do
+ docinto "${e}"
+ dodoc programs/"${e}"/*.c
+ dodoc programs/"${e}"/*.txt
+ done
+ fi
+}
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/
@ 2020-01-21 21:47 Anthony G. Basile
0 siblings, 0 replies; 5+ messages in thread
From: Anthony G. Basile @ 2020-01-21 21:47 UTC (permalink / raw
To: gentoo-commits
commit: cb3d192572eb8381fdd0bae045034ee56917a8af
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Tue Jan 21 21:47:00 2020 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Tue Jan 21 21:47:00 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb3d1925
net-libs/mbedtls: fix bug #705038
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
| 48 ++++++++++++++++++++++
...dtls-2.18.1.ebuild => mbedtls-2.18.1-r1.ebuild} | 6 ++-
...dtls-2.19.1.ebuild => mbedtls-2.19.1-r1.ebuild} | 6 ++-
3 files changed, 58 insertions(+), 2 deletions(-)
--git a/net-libs/mbedtls/files/mbedtls-dont-overwrite-headers.patch b/net-libs/mbedtls/files/mbedtls-dont-overwrite-headers.patch
new file mode 100644
index 00000000000..4e39308ac5a
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-dont-overwrite-headers.patch
@@ -0,0 +1,48 @@
+From de35f31091b7e6cb20ebc8d8c0afc3b20bc57098 Mon Sep 17 00:00:00 2001
+From: Mihai Moldovan <ionic@ionic.de>
+Date: Thu, 16 Jan 2020 08:59:39 +0100
+Subject: [PATCH] Avoid overwriting tls headers in submodule mode
+
+When crypto is embedded as a submodule and the cmake build system is
+used, it would previously overwrite some header files installed by tls.
+Most of them are harmless (since they should be identical), but config.h
+is a special case.
+
+tls's and crypto's config.h files differ widely in scope and overwriting
+the more general, bigger config.h file from tls with crypto's smaller
+one will make a lot of features unavailable in programs using tls.
+
+Let's just avoid overwriting any tls header in submodule mode.
+
+Note that this will not fix the potential issue that crypto might be
+using a different configuration than tls in the submodule case.
+
+Fixes ARMmbed/mbedtls#2965
+---
+ include/CMakeLists.txt | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt
+index 02f924df4..92229a221 100644
+--- a/include/CMakeLists.txt
++++ b/include/CMakeLists.txt
+@@ -5,6 +5,19 @@ if(INSTALL_MBEDTLS_HEADERS)
+ file(GLOB headers "mbedtls/*.h")
+ file(GLOB psa_headers "psa/*.h")
+
++ if(USE_CRYPTO_SUBMODULE)
++ # Don't overwrite mbedtls's header files!
++ # config.h is supposed to be automatically checked for compatibility
++ # in automatic builds, while the other files should not just be
++ # compatible, but also identical in theory.
++ # Practically, we don't check that in crypto but just assume that the
++ # submodule configuration is sane and trust tls's headers.
++ list(REMOVE_ITEM headers "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/compat-1.3.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/config.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/error.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/version.h")
++ endif(USE_CRYPTO_SUBMODULE)
++
+ install(FILES ${headers}
+ DESTINATION include/mbedtls
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
diff --git a/net-libs/mbedtls/mbedtls-2.18.1.ebuild b/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
similarity index 96%
rename from net-libs/mbedtls/mbedtls-2.18.1.ebuild
rename to net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
index b94b7770c95..b11f2794a35 100644
--- a/net-libs/mbedtls/mbedtls-2.18.1.ebuild
+++ b/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -36,6 +36,10 @@ enable_mbedtls_option() {
include/mbedtls/config.h || die
}
+PATCHES=(
+ "${FILESDIR}"/${PN}-dont-overwrite-headers.patch
+)
+
src_prepare() {
use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
use zlib && enable_mbedtls_option MBEDTLS_ZLIB_SUPPORT
diff --git a/net-libs/mbedtls/mbedtls-2.19.1.ebuild b/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
similarity index 96%
rename from net-libs/mbedtls/mbedtls-2.19.1.ebuild
rename to net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
index e7b65760fa8..1a73d20f220 100644
--- a/net-libs/mbedtls/mbedtls-2.19.1.ebuild
+++ b/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -36,6 +36,10 @@ enable_mbedtls_option() {
include/mbedtls/config.h || die
}
+PATCHES=(
+ "${FILESDIR}"/${PN}-dont-overwrite-headers.patch
+)
+
src_prepare() {
use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
use zlib && enable_mbedtls_option MBEDTLS_ZLIB_SUPPORT
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/
@ 2020-01-29 14:22 Anthony G. Basile
0 siblings, 0 replies; 5+ messages in thread
From: Anthony G. Basile @ 2020-01-29 14:22 UTC (permalink / raw
To: gentoo-commits
commit: 9bdff0e5ea288b745e38ef08914fe141a127902c
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Wed Jan 29 14:21:46 2020 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Jan 29 14:22:13 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9bdff0e5
net-libs/mbedtls: fix wrong headers, bug #705038
Closes: https://bugs.gentoo.org/705038
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
.../mbedtls-un-pebcak-705038-wrong-file.patch | 50 ++++++++++++++++++++++
net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild | 1 +
net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild | 1 +
3 files changed, 52 insertions(+)
diff --git a/net-libs/mbedtls/files/mbedtls-un-pebcak-705038-wrong-file.patch b/net-libs/mbedtls/files/mbedtls-un-pebcak-705038-wrong-file.patch
new file mode 100644
index 00000000000..73e870fa1e4
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-un-pebcak-705038-wrong-file.patch
@@ -0,0 +1,50 @@
+Fix https://bugs.gentoo.org/705038
+
+Thanks Greg Turner <gmt@be-evil.net>
+
+diff -urpN mbedtls-mbedtls-2.19.1.orig/crypto/include/CMakeLists.txt mbedtls-mbedtls-2.19.1/crypto/include/CMakeLists.txt
+--- mbedtls-mbedtls-2.19.1.orig/crypto/include/CMakeLists.txt 2020-01-26 09:01:50.324231295 -0800
++++ mbedtls-mbedtls-2.19.1/crypto/include/CMakeLists.txt 2020-01-26 09:04:26.498880873 -0800
+@@ -5,6 +5,19 @@ if(INSTALL_MBEDTLS_HEADERS)
+ file(GLOB headers "mbedtls/*.h")
+ file(GLOB psa_headers "psa/*.h")
+
++ if(USE_CRYPTO_SUBMODULE)
++ # Don't overwrite mbedtls's header files!
++ # config.h is supposed to be automatically checked for compatibility
++ # in automatic builds, while the other files should not just be
++ # compatible, but also identical in theory.
++ # Practically, we don't check that in crypto but just assume that the
++ # submodule configuration is sane and trust tls's headers.
++ list(REMOVE_ITEM headers "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/compat-1.3.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/config.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/error.h"
++ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/version.h")
++ endif(USE_CRYPTO_SUBMODULE)
++
+ install(FILES ${headers}
+ DESTINATION include/mbedtls
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+diff -urpN mbedtls-mbedtls-2.19.1.orig/include/CMakeLists.txt mbedtls-mbedtls-2.19.1/include/CMakeLists.txt
+--- mbedtls-mbedtls-2.19.1.orig/include/CMakeLists.txt 2020-01-26 09:01:50.320231227 -0800
++++ mbedtls-mbedtls-2.19.1/include/CMakeLists.txt 2020-01-26 09:03:45.761189288 -0800
+@@ -4,19 +4,6 @@ if(INSTALL_MBEDTLS_HEADERS)
+
+ file(GLOB headers "mbedtls/*.h")
+
+- if(USE_CRYPTO_SUBMODULE)
+- # Don't overwrite mbedtls's header files!
+- # config.h is supposed to be automatically checked for compatibility
+- # in automatic builds, while the other files should not just be
+- # compatible, but also identical in theory.
+- # Practically, we don't check that in crypto but just assume that the
+- # submodule configuration is sane and trust tls's headers.
+- list(REMOVE_ITEM headers "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/compat-1.3.h"
+- "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/config.h"
+- "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/error.h"
+- "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/version.h")
+- endif(USE_CRYPTO_SUBMODULE)
+-
+ install(FILES ${headers}
+ DESTINATION include/mbedtls
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
diff --git a/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild b/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
index b11f2794a35..dfb900ea4c6 100644
--- a/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
+++ b/net-libs/mbedtls/mbedtls-2.18.1-r1.ebuild
@@ -38,6 +38,7 @@ enable_mbedtls_option() {
PATCHES=(
"${FILESDIR}"/${PN}-dont-overwrite-headers.patch
+ "${FILESDIR}"/${PN}-un-pebcak-705038-wrong-file.patch
)
src_prepare() {
diff --git a/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild b/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
index 1a73d20f220..a18fc891988 100644
--- a/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
+++ b/net-libs/mbedtls/mbedtls-2.19.1-r1.ebuild
@@ -38,6 +38,7 @@ enable_mbedtls_option() {
PATCHES=(
"${FILESDIR}"/${PN}-dont-overwrite-headers.patch
+ "${FILESDIR}"/${PN}-un-pebcak-705038-wrong-file.patch
)
src_prepare() {
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/
@ 2020-02-11 11:19 Lars Wendler
0 siblings, 0 replies; 5+ messages in thread
From: Lars Wendler @ 2020-02-11 11:19 UTC (permalink / raw
To: gentoo-commits
commit: 5b410baabbda721370fef400b1d9a298760c7d04
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 11 11:18:21 2020 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Feb 11 11:19:34 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b410baa
net-libs/mbedtls: Fixed compilation with USE="zlib"
Closes: https://bugs.gentoo.org/706112
Package-Manager: Portage-2.3.88, Repoman-2.3.20
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
net-libs/mbedtls/files/mbedtls-2.19.1-zlib.patch | 29 ++++++++++++++++++++++++
net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild | 1 +
2 files changed, 30 insertions(+)
diff --git a/net-libs/mbedtls/files/mbedtls-2.19.1-zlib.patch b/net-libs/mbedtls/files/mbedtls-2.19.1-zlib.patch
new file mode 100644
index 00000000000..ba4559cfc9b
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-2.19.1-zlib.patch
@@ -0,0 +1,29 @@
+From 9f25b8deff8e5b8fad8493db421b4639f14d2e5d Mon Sep 17 00:00:00 2001
+From: jiblime <47689567+jiblime@users.noreply.github.com>
+Date: Wed, 18 Dec 2019 21:40:01 -0800
+Subject: [PATCH] Fixes definition error when the deprecated
+ MBEDTLS_ZLIB_SUPPORT and ENABLE_ZLIB_SUPPORT macro are defined/enabled for
+ zlib support in mbedtls
+
+100% tests passed, 0 tests failed out of 85
+
+https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.19.1/library/ssl_tls.c#L1842
+
+https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.19.1/library/ssl_tls.c#L1862
+---
+ library/ssl_tls.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index 6cf7781f2a..51ae9da3c6 100644
+--- a/library/ssl_tls.c
++++ b/library/ssl_tls.c
+@@ -1880,7 +1880,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
+
+ /* Allocate compression buffer */
+ #if defined(MBEDTLS_ZLIB_SUPPORT)
+- if( session->compression == MBEDTLS_SSL_COMPRESS_DEFLATE &&
++ if( ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE &&
+ ssl->compress_buf == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
diff --git a/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild b/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild
index a18fc891988..55ffc2164a7 100644
--- a/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild
+++ b/net-libs/mbedtls/mbedtls-2.19.1-r2.ebuild
@@ -39,6 +39,7 @@ enable_mbedtls_option() {
PATCHES=(
"${FILESDIR}"/${PN}-dont-overwrite-headers.patch
"${FILESDIR}"/${PN}-un-pebcak-705038-wrong-file.patch
+ "${FILESDIR}"/${PN}-2.19.1-zlib.patch #706112
)
src_prepare() {
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/
@ 2025-01-05 20:33 Sam James
0 siblings, 0 replies; 5+ messages in thread
From: Sam James @ 2025-01-05 20:33 UTC (permalink / raw
To: gentoo-commits
commit: 59eca6456e672aa6e0ba39ee15a2fd449c80367d
Author: Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Sat Nov 30 22:46:04 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Jan 5 20:26:24 2025 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=59eca645
net-libs/mbedtls: slotting version 3
MbedTLS breaks API compatibility between major versions, and some
packages are unable or not willing to migrate from slowly deprecating
mbedtls-2 branches, so we are forced to keep them both for a while.
Upstream PR: https://github.com/Mbed-TLS/mbedtls/pull/8800
[sam: Note that: a) upstream are fine with us doing this (per the
upstream PR), and b) consumers (almost?) always use CMake config files
so they automatically pick up the slotting.]
Bug: https://bugs.gentoo.org/805011
Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com>
Signed-off-by: Sam James <sam <AT> gentoo.org>
...ersion-suffix-for-all-installable-targets.patch | 79 +++++++++++++++
...2-add-version-suffix-for-pkg-config-files.patch | 71 ++++++++++++++
| 105 ++++++++++++++++++++
.../mbedtls-3.6.2-exclude-static-3dparty.patch | 22 +++++
net-libs/mbedtls/mbedtls-3.6.2-r100.ebuild | 109 +++++++++++++++++++++
5 files changed, 386 insertions(+)
diff --git a/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-all-installable-targets.patch b/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-all-installable-targets.patch
new file mode 100644
index 000000000000..3aeea6060da7
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-all-installable-targets.patch
@@ -0,0 +1,79 @@
+https://github.com/Mbed-TLS/mbedtls/pull/9876
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Sun, 1 Dec 2024 00:49:15 +0300
+Subject: Add version suffix for all installable targets
+
+Convert main library targets to slottable versions. This allows to
+install major versions of MbedTLS simultaneously.
+
+Dependent packages should use `find_package(MbedTLS 3 [REQUIRED])` and
+`MbedTLS::<component>` in order to use requested libraries.
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -478,7 +478,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
+ install(
+ FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake"
+ "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake"
+- DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS")
++ DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS-${PROJECT_VERSION_MAJOR}")
+
+ export(
+ EXPORT MbedTLSTargets
+@@ -488,7 +488,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
+ install(
+ EXPORT MbedTLSTargets
+ NAMESPACE MbedTLS::
+- DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS"
++ DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS-${PROJECT_VERSION_MAJOR}"
+ FILE "MbedTLSTargets.cmake")
+
+ if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15)
+--- a/library/CMakeLists.txt
++++ b/library/CMakeLists.txt
+@@ -277,7 +277,7 @@ set(everest_target "${MBEDTLS_TARGET_PREFIX}everest")
+
+ if(USE_STATIC_MBEDTLS_LIBRARY)
+ add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
+- set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
++ set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
+
+ if(TARGET ${everest_target})
+@@ -289,11 +289,11 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
+ endif()
+
+ add_library(${mbedx509_static_target} STATIC ${src_x509})
+- set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
++ set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
+
+ add_library(${mbedtls_static_target} STATIC ${src_tls})
+- set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
++ set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target})
+ endif(USE_STATIC_MBEDTLS_LIBRARY)
+
+@@ -301,6 +301,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
+ set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
+ add_library(${mbedcrypto_target} SHARED ${src_crypto})
+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.6.2 SOVERSION 16)
++ set_target_properties(${mbedcrypto_target} PROPERTIES OUTPUT_NAME mbedcrypto${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
+
+ if(TARGET ${everest_target})
+@@ -313,10 +314,12 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
+
+ add_library(${mbedx509_target} SHARED ${src_x509})
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.6.2 SOVERSION 7)
++ set_target_properties(${mbedx509_target} PROPERTIES OUTPUT_NAME mbedx509${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
+
+ add_library(${mbedtls_target} SHARED ${src_tls})
+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.6.2 SOVERSION 21)
++ set_target_properties(${mbedtls_target} PROPERTIES OUTPUT_NAME mbedtls${PROJECT_VERSION_MAJOR})
+ target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
+ endif(USE_SHARED_MBEDTLS_LIBRARY)
+
+--
+2.45.2
+
diff --git a/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-pkg-config-files.patch b/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-pkg-config-files.patch
new file mode 100644
index 000000000000..4e3858b327cd
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-3.6.2-add-version-suffix-for-pkg-config-files.patch
@@ -0,0 +1,71 @@
+https://github.com/Mbed-TLS/mbedtls/pull/9876
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Sun, 1 Dec 2024 00:54:10 +0300
+Subject: Add version suffix for pkg-config files
+
+Convert main library targets to slottable versions. This allows to
+install major versions of MbedTLS simultaneously.
+
+Dependent packages should use
+`pkg-config --libs --cflags (mbedtls3|mbedx5093|mbedx5093)` in order to use
+requested libraries.
+--- a/pkgconfig/CMakeLists.txt
++++ b/pkgconfig/CMakeLists.txt
+@@ -8,18 +8,18 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
+ set(PKGCONFIG_PROJECT_DESCRIPTION "Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.")
+ set(PKGCONFIG_PROJECT_HOMEPAGE_URL "https://www.trustedfirmware.org/projects/mbed-tls/")
+
+- configure_file(mbedcrypto.pc.in mbedcrypto.pc @ONLY)
++ configure_file(mbedcrypto.pc.in mbedcrypto${PROJECT_VERSION_MAJOR}.pc @ONLY)
+ install(FILES
+- ${CMAKE_CURRENT_BINARY_DIR}/mbedcrypto.pc
++ ${CMAKE_CURRENT_BINARY_DIR}/mbedcrypto${PROJECT_VERSION_MAJOR}.pc
+ DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
+
+- configure_file(mbedtls.pc.in mbedtls.pc @ONLY)
++ configure_file(mbedtls.pc.in mbedtls${PROJECT_VERSION_MAJOR}.pc @ONLY)
+ install(FILES
+- ${CMAKE_CURRENT_BINARY_DIR}/mbedtls.pc
++ ${CMAKE_CURRENT_BINARY_DIR}/mbedtls${PROJECT_VERSION_MAJOR}.pc
+ DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
+
+- configure_file(mbedx509.pc.in mbedx509.pc @ONLY)
++ configure_file(mbedx509.pc.in mbedx509${PROJECT_VERSION_MAJOR}.pc @ONLY)
+ install(FILES
+- ${CMAKE_CURRENT_BINARY_DIR}/mbedx509.pc
++ ${CMAKE_CURRENT_BINARY_DIR}/mbedx509${PROJECT_VERSION_MAJOR}.pc
+ DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
+ endif()
+--- a/pkgconfig/mbedcrypto.pc.in
++++ b/pkgconfig/mbedcrypto.pc.in
+@@ -7,4 +7,4 @@ Description: @PKGCONFIG_PROJECT_DESCRIPTION@
+ URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@
+ Version: @PROJECT_VERSION@
+ Cflags: -I"${includedir}"
+-Libs: -L"${libdir}" -lmbedcrypto
++Libs: -L"${libdir}" -lmbedcrypto@PROJECT_VERSION_MAJOR@
+--- a/pkgconfig/mbedtls.pc.in
++++ b/pkgconfig/mbedtls.pc.in
+@@ -6,6 +6,6 @@ Name: @PROJECT_NAME@
+ Description: @PKGCONFIG_PROJECT_DESCRIPTION@
+ URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@
+ Version: @PROJECT_VERSION@
+-Requires.private: mbedcrypto mbedx509
++Requires.private: mbedcrypto@PROJECT_VERSION_MAJOR@ mbedx509@PROJECT_VERSION_MAJOR@
+ Cflags: -I"${includedir}"
+-Libs: -L"${libdir}" -lmbedtls
++Libs: -L"${libdir}" -lmbedtls@PROJECT_VERSION_MAJOR@
+--- a/pkgconfig/mbedx509.pc.in
++++ b/pkgconfig/mbedx509.pc.in
+@@ -6,6 +6,6 @@ Name: @PROJECT_NAME@
+ Description: @PKGCONFIG_PROJECT_DESCRIPTION@
+ URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@
+ Version: @PROJECT_VERSION@
+-Requires.private: mbedcrypto
++Requires.private: mbedcrypto@PROJECT_VERSION_MAJOR@
+ Cflags: -I"${includedir}"
+-Libs: -L"${libdir}" -lmbedx509
++Libs: -L"${libdir}" -lmbedx509@PROJECT_VERSION_MAJOR@
+--
+2.45.2
+
--git a/net-libs/mbedtls/files/mbedtls-3.6.2-allow-install-headers-to-different-location.patch b/net-libs/mbedtls/files/mbedtls-3.6.2-allow-install-headers-to-different-location.patch
new file mode 100644
index 000000000000..2b3ae9fb6999
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-3.6.2-allow-install-headers-to-different-location.patch
@@ -0,0 +1,105 @@
+https://github.com/Mbed-TLS/mbedtls/pull/9876
+From 6a0c205d86a96772b82c4d7e7dfce5ea362c7870 Mon Sep 17 00:00:00 2001
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Sat, 30 Nov 2024 02:17:17 +0300
+Subject: Allow install headers to different location
+
+Use standard `CMAKE_INSTALL_INCLUDEDIR` and `CMAKE_INSTALL_LIBDIR`
+location to define headers and library installation. This variable can be
+redefined on configuration phase to allow install headers and libraries to
+different location (like `include/mbedtls3`, #8723).
+
+Additionally removing explicit permission rules as they may broke proper
+permissions for system installation (like remove executable bit from
+libraries). By default CMake sets permissions correctly on all files and
+directories.
+
+See #8723 for rationale.
+--- a/3rdparty/everest/CMakeLists.txt
++++ b/3rdparty/everest/CMakeLists.txt
+@@ -27,16 +27,16 @@ if(MBEDTLS_USER_CONFIG_FILE)
+ endif()
+
+ if(INSTALL_MBEDTLS_HEADERS)
+-
+ install(DIRECTORY include/everest
+- DESTINATION include
+- FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+- DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
++ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
+ FILES_MATCHING PATTERN "*.h")
+
+ endif(INSTALL_MBEDTLS_HEADERS)
+
+ install(TARGETS ${everest_target}
+ EXPORT MbedTLSTargets
+- DESTINATION ${CMAKE_INSTALL_LIBDIR}
+- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
++ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
++ ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
++ RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
++ INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
++)
+--- a/3rdparty/p256-m/CMakeLists.txt
++++ b/3rdparty/p256-m/CMakeLists.txt
+@@ -25,16 +25,16 @@ if(MBEDTLS_USER_CONFIG_FILE)
+ endif()
+
+ if(INSTALL_MBEDTLS_HEADERS)
+-
+- install(DIRECTORY :${CMAKE_CURRENT_SOURCE_DIR}
+- DESTINATION include
+- FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+- DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
++ install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
++ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
+ FILES_MATCHING PATTERN "*.h")
+
+ endif(INSTALL_MBEDTLS_HEADERS)
+
+ install(TARGETS ${p256m_target}
+-EXPORT MbedTLSTargets
+-DESTINATION ${CMAKE_INSTALL_LIBDIR}
+-PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
++ EXPORT MbedTLSTargets
++ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
++ ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
++ RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
++ INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
++)
+--- a/include/CMakeLists.txt
++++ b/include/CMakeLists.txt
+@@ -1,16 +1,15 @@
+ option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON)
+
+ if(INSTALL_MBEDTLS_HEADERS)
+-
+ file(GLOB headers "mbedtls/*.h")
+ file(GLOB psa_headers "psa/*.h")
+
+ install(FILES ${headers}
+- DESTINATION include/mbedtls
++ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/mbedtls
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
+ install(FILES ${psa_headers}
+- DESTINATION include/psa
++ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/psa
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
+ endif(INSTALL_MBEDTLS_HEADERS)
+--- a/library/CMakeLists.txt
++++ b/library/CMakeLists.txt
+@@ -348,7 +348,8 @@ foreach(target IN LISTS target_libraries)
+ ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
+ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
+ RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
+- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
++ INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
++ )
+ endforeach(target)
+
+ set(lib_target "${MBEDTLS_TARGET_PREFIX}lib")
+--
+2.45.2
+
diff --git a/net-libs/mbedtls/files/mbedtls-3.6.2-exclude-static-3dparty.patch b/net-libs/mbedtls/files/mbedtls-3.6.2-exclude-static-3dparty.patch
new file mode 100644
index 000000000000..1df749854419
--- /dev/null
+++ b/net-libs/mbedtls/files/mbedtls-3.6.2-exclude-static-3dparty.patch
@@ -0,0 +1,22 @@
+https://github.com/Mbed-TLS/mbedtls/pull/8284#issuecomment-2030088495
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Sun, 1 Dec 2024 20:56:50 +0300
+Subject: Exclude 3rd party code from building
+
+Third party code is required only for limited features that not enabled by default.
+
+See: https://github.com/Mbed-TLS/mbedtls/pull/8284#issuecomment-2030088495
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -325,8 +325,6 @@ add_subdirectory(framework)
+
+ add_subdirectory(include)
+
+-add_subdirectory(3rdparty)
+-
+ add_subdirectory(library)
+
+ add_subdirectory(pkgconfig)
+--
+2.45.2
+
diff --git a/net-libs/mbedtls/mbedtls-3.6.2-r100.ebuild b/net-libs/mbedtls/mbedtls-3.6.2-r100.ebuild
new file mode 100644
index 000000000000..1b2705f0524e
--- /dev/null
+++ b/net-libs/mbedtls/mbedtls-3.6.2-r100.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..13} )
+
+inherit cmake flag-o-matic multilib-minimal python-any-r1
+
+DESCRIPTION="Cryptographic library for embedded systems"
+HOMEPAGE="https://www.trustedfirmware.org/projects/mbed-tls/"
+SRC_URI="https://github.com/Mbed-TLS/mbedtls/releases/download/${P}/${P}.tar.bz2"
+
+LICENSE="|| ( Apache-2.0 GPL-2+ )"
+SLOT="3/16.21.7" # ffmpeg subslot naming: SONAME tuple of {libmbedcrypto.so,libmbedtls.so,libmbedx509.so}
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="cpu_flags_x86_sse2 doc programs static-libs test threads"
+RESTRICT="!test? ( test )"
+
+RDEPEND="!>net-libs/mbedtls-3:0"
+BDEPEND="
+ ${PYTHON_DEPS}
+ doc? (
+ app-text/doxygen
+ media-gfx/graphviz
+ )
+ test? ( dev-lang/perl )
+"
+
+PATCHES=(
+ "${FILESDIR}/mbedtls-3.6.2-allow-install-headers-to-different-location.patch"
+ "${FILESDIR}/mbedtls-3.6.2-add-version-suffix-for-all-installable-targets.patch"
+ "${FILESDIR}/mbedtls-3.6.2-add-version-suffix-for-pkg-config-files.patch"
+ "${FILESDIR}/mbedtls-3.6.2-exclude-static-3dparty.patch"
+)
+
+enable_mbedtls_option() {
+ local myopt="$@"
+ # check that config.h syntax is the same at version bump
+ sed -i \
+ -e "s://#define ${myopt}:#define ${myopt}:" \
+ include/mbedtls/mbedtls_config.h || die
+}
+
+src_prepare() {
+ use cpu_flags_x86_sse2 && enable_mbedtls_option MBEDTLS_HAVE_SSE2
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_C
+ use threads && enable_mbedtls_option MBEDTLS_THREADING_PTHREAD
+
+ cmake_src_prepare
+}
+
+src_configure() {
+ # Workaround for https://github.com/Mbed-TLS/mbedtls/issues/9814 (bug #946544)
+ append-flags $(test-flags-CC -fzero-init-padding-bits=unions)
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local mycmakeargs=(
+ -DENABLE_PROGRAMS=$(multilib_native_usex programs)
+ -DENABLE_TESTING=$(usex test)
+ -DINSTALL_MBEDTLS_HEADERS=ON
+ -DCMAKE_INSTALL_INCLUDEDIR="include/mbedtls3"
+ -DLINK_WITH_PTHREAD=$(usex threads)
+ -DMBEDTLS_FATAL_WARNINGS=OFF # Don't use -Werror, #744946
+ -DUSE_SHARED_MBEDTLS_LIBRARY=ON
+ -DUSE_STATIC_MBEDTLS_LIBRARY=$(usex static-libs)
+ )
+
+ cmake_src_configure
+}
+
+multilib_src_compile() {
+ cmake_src_compile
+ use doc && multilib_is_native_abi && emake -C "${S}" apidoc
+}
+
+multilib_src_test() {
+ # Disable parallel run, bug #718390
+ # https://github.com/Mbed-TLS/mbedtls/issues/4980
+ LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${BUILD_DIR}/library" \
+ cmake_src_test -j1
+}
+
+multilib_src_install() {
+ cmake_src_install
+}
+
+multilib_src_install_all() {
+ use doc && HTML_DOCS=( apidoc )
+
+ einstalldocs
+
+ if use programs ; then
+ # avoid file collisions with sys-apps/coreutils
+ local p e
+ for p in "${ED}"/usr/bin/* ; do
+ if [[ -x "${p}" && ! -d "${p}" ]] ; then
+ mv "${p}" "${ED}"/usr/bin/mbedtls_${p##*/} || die
+ fi
+ done
+ for e in aes hash pkey ssl test ; do
+ docinto "${e}"
+ dodoc programs/"${e}"/*.c
+ dodoc programs/"${e}"/*.txt
+ done
+ fi
+}
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-01-05 20:33 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-13 23:13 [gentoo-commits] repo/gentoo:master commit in: net-libs/mbedtls/, net-libs/mbedtls/files/ David Seifert
-- strict thread matches above, loose matches on Subject: below --
2020-01-21 21:47 Anthony G. Basile
2020-01-29 14:22 Anthony G. Basile
2020-02-11 11:19 Lars Wendler
2025-01-05 20:33 Sam James
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox