From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1258089-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 15A5A13835B
	for <garchives@archives.gentoo.org>; Sat,  6 Mar 2021 06:04:28 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 3B30BE0831;
	Sat,  6 Mar 2021 06:04:27 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id CA4CEE0831
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Mar 2021 06:04:26 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 1A2CC340EB2
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Mar 2021 06:04:25 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id A8634586
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Mar 2021 06:04:23 +0000 (UTC)
From: "Göktürk Yüksek" <gokturk@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Göktürk Yüksek" <gokturk@gentoo.org>
Message-ID: <1615010632.0531b6667d7908ed3e8f09559cc51172d39d3873.gokturk@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/rng-tools/, sys-apps/rng-tools/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: sys-apps/rng-tools/files/rngd-confd-6.11 sys-apps/rng-tools/files/rngd-initd-6.11 sys-apps/rng-tools/rng-tools-6.11-r1.ebuild sys-apps/rng-tools/rng-tools-6.11.ebuild
X-VCS-Directories: sys-apps/rng-tools/ sys-apps/rng-tools/files/
X-VCS-Committer: gokturk
X-VCS-Committer-Name: Göktürk Yüksek
X-VCS-Revision: 0531b6667d7908ed3e8f09559cc51172d39d3873
X-VCS-Branch: master
Date: Sat,  6 Mar 2021 06:04:23 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 3ca4e69e-f4bd-44cd-a02d-208962fc1a9b
X-Archives-Hash: 74475ecf7e0ad0167d6e9be7492c8c1a

commit:     0531b6667d7908ed3e8f09559cc51172d39d3873
Author:     Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
AuthorDate: Sat Mar  6 04:16:40 2021 +0000
Commit:     Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
CommitDate: Sat Mar  6 06:03:52 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0531b666

sys-apps/rng-tools: fix the v6.11 bump

- Add support for the "use_aes" NIST option in initd and confd
- Ship the upstream systemd unit instead of the downstream one

Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Göktürk Yüksek <gokturk <AT> gentoo.org>

 sys-apps/rng-tools/files/rngd-confd-6.11           | 96 ++++++++++++++++++++++
 sys-apps/rng-tools/files/rngd-initd-6.11           | 68 +++++++++++++++
 ...-tools-6.11.ebuild => rng-tools-6.11-r1.ebuild} |  6 +-
 3 files changed, 167 insertions(+), 3 deletions(-)

diff --git a/sys-apps/rng-tools/files/rngd-confd-6.11 b/sys-apps/rng-tools/files/rngd-confd-6.11
new file mode 100644
index 00000000000..ad4a6f29897
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-confd-6.11
@@ -0,0 +1,96 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# /etc/conf.d/rngd
+# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
+
+# Space-delimited list of entropy sources to enable
+# Note that some of the entropy sources may require certain USE flags
+# to be enabled or require hardware support to function properly
+# Entropy sources not specified here (or in the exclude list below)
+# will be enabled/disabled based on rngd default behavior
+#
+# Choose from the list:
+#         hwrng:  Hardware RNG Device
+#         tpm:    TPM RNG Device (Deprecated)
+#         rdrand: Intel RDRAND Instruction RNG
+#         darn:   Power9 DARN Instruction RNG
+#         nist:   NIST Network Entropy Beacon
+#                 (UNSAFE for cryptographic operations)
+#         jitter: JITTER Entropy Generator
+#         pkcs11: PKCS11 Entropy Generator
+#
+#INCLUDE_ENTROPY_SOURCES="hwrng tpm rdrand darn nist jitter pkcs11"
+
+
+# Space-delimited list of entropy sources to disable
+# This is useful for disabling certain entropy sources even
+# when they are supported on the system
+#
+#EXCLUDE_ENTROPY_SOURCES="nist tpm"
+
+
+# Entropy source specific options:
+#
+#
+# hwrng device used for random number input:
+#
+#HWRNG_DEVICE="/dev/hwrng"
+#
+#
+# rdrand options:
+#         use_aes:(BOOLEAN)
+#
+#RDRAND_OPTIONS="use_aes:1"
+#
+#
+# darn options:
+#         use_aes:(BOOLEAN)
+#
+#DARN_OPTIONS="use_aes:1"
+#
+#
+# nist options:
+#         use_aes:(BOOLEAN)
+#
+#NIST_OPTIONS="use_aes:1"
+#
+#
+# jitter options:
+#         thread_count:(INTEGER)
+#         buffer_size:(INTEGER)
+#         refill_thresh:(INTEGER)
+#         retry_count:(INTEGER)
+#         retry_delay:(INTEGER)
+#         use_aes:(BOOLEAN)
+#
+#JITTER_OPTIONS="thread_count:4 buffer_size:16535 refill_thresh:16535"
+#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1 use_aes:1"
+#
+#
+# pkcs11 options:
+#         engine_path:(STRING)
+#         chunk_size:(INTEGER)
+#
+#PKCS11_OPTIONS="engine_path:/usr/lib64/opensc-pkcs11.so chunk_size:1"
+
+
+# Kernel device used for random number output
+#
+#RANDOM_DEVICE="/dev/random"
+
+
+# Random step (Number of bytes written to random-device at a time):
+#
+#STEP=64
+
+
+# Fill watermark
+# 0 <= n <= `sysctl kernel.random.poolsize`
+#
+#WATERMARK=2048
+
+
+# Any extra arguments for rngd
+#
+#EXTRA_ARGS=""

diff --git a/sys-apps/rng-tools/files/rngd-initd-6.11 b/sys-apps/rng-tools/files/rngd-initd-6.11
new file mode 100644
index 00000000000..25d4c6b5e49
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-initd-6.11
@@ -0,0 +1,68 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	need localmount
+	after urandom
+	provide entropy
+}
+
+command="/usr/sbin/rngd"
+description="Check and feed random data from hardware device to kernel entropy pool."
+pidfile="/run/${RC_SVCNAME}.pid"
+command_args=""
+command_args_background="--pid-file ${pidfile} --background"
+start_stop_daemon_args="--wait 1000"
+retry="SIGKILL/5000"
+
+
+# Parse rngd confd file for extra command line arguments
+start_pre() {
+    for entsrc in ${INCLUDE_ENTROPY_SOURCES}; do
+	command_args="${command_args} -n ${entsrc}"
+    done
+
+    for entsrc in ${EXCLUDE_ENTROPY_SOURCES}; do
+	command_args="${command_args} -x ${entsrc}"
+    done
+
+    if [ "x${HWRNG_DEVICE}" != "x" ]; then
+	command_args="${command_args} --rng-device=${HWRNG_DEVICE}"
+    fi
+
+    for entsrc_opt in ${RDRAND_OPTIONS}; do
+	command_args="${command_args} -O rdrand:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${DARN_OPTIONS}; do
+	command_args="${command_args} -O darn:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${NIST_OPTIONS}; do
+	command_args="${command_args} -O nist:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${JITTER_OPTIONS}; do
+	command_args="${command_args} -O jitter:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${PKCS11_OPTIONS}; do
+	command_args="${command_args} -O pkcs11:${entsrc_opt}"
+    done
+
+    if [ "x${RANDOM_DEVICE}" != "x" ]; then
+	command_args="${command_args} --random-device=${RANDOM_DEVICE}"
+    fi
+
+    if [ "x${STEP}" != "x" ]; then
+	command_args="${command_args} --random-step=${STEP}"
+    fi
+
+    if [ "x${WATERMARK}" != "x" ]; then
+	command_args="${command_args} --fill-watermark=${WATERMARK}"
+    fi
+
+    command_args="${command_args} ${EXTRA_ARGS}"
+    return 0
+}

diff --git a/sys-apps/rng-tools/rng-tools-6.11.ebuild b/sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
similarity index 92%
rename from sys-apps/rng-tools/rng-tools-6.11.ebuild
rename to sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
index 3e3aa014ffe..7b183b63ef9 100644
--- a/sys-apps/rng-tools/rng-tools-6.11.ebuild
+++ b/sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
@@ -63,9 +63,9 @@ src_configure() {
 
 src_install() {
 	default
-	newinitd "${FILESDIR}"/rngd-initd-6.7-r1 rngd
-	newconfd "${FILESDIR}"/rngd-confd-6.7 rngd
-	systemd_dounit "${FILESDIR}"/rngd.service
+	newinitd "${FILESDIR}"/rngd-initd-6.11 rngd
+	newconfd "${FILESDIR}"/rngd-confd-6.11 rngd
+	systemd_dounit "${S}"/rngd.service
 
 	if use pkcs11; then
 		local DISABLE_AUTOFORMATTING=1