gentoo resync : 20.03.2022

5 files changed, 206 insertions, 0 deletions

diff --git a/app-crypt/pesign/Manifest b/app-crypt/pesign/Manifest
index c4b6a5ebf2d4..ddc0018d7c6b 100644
--- a/app-crypt/pesign/Manifest
+++ b/app-crypt/pesign/Manifest
@@ -1,5 +1,10 @@
 AUX pesign-113-enum-conversion.patch 1571 BLAKE2B b1e8f90a220ba7dbdba9d16c1c568fed6e463f8d550b678d85d6c806bc451a023d989ad0830075a4e4b28411685e29d60c5c887d3af100b85a048dcff0a103c0 SHA512 cfa001265bfda5428ef72134d05ec16bee679a3906832aab4100f2c567f22e62d089b8cd475b9707926485c30958e70ba48c4035e118c480d008114fb6876c62
 AUX pesign-113-nss.patch 2092 BLAKE2B f75730c2ab48f0ff6af4237fc46c535b3ceead357e31a548c28b78648fec7d52a5cc1bc9dfdb9db4e6cf22b7312cc452afb04a3088810140055ae88b55fb2f1d SHA512 7a4ebd4c875cf6678a6d2ca4083eafea552259e2c1692d167d0b948ac73d50244db3feea1c6d7c403e152236421609da5d92cd6405fb3107e1c3933c2f94fece
+AUX pesign-114-format-string.patch 4359 BLAKE2B 12a7c43162d806050c2fe4c5cf8e289fe262a158ac8cefb60a26a3233831526cfe3e98bea956f7158ea648b22da6cd0cc36e807101485b299f8be6cb2bc93ec2 SHA512 133f452089ec6691d3b50ff7a73399382b5e300f1d1686e9e4f98ffcfa1fce824503c146589d249a67e28df5dfc7c737fb05ad67e2c707aa97fb1dfebb550993
+AUX pesign-114-no-werror.patch 537 BLAKE2B a92e320460d83a943f60ee2524344a24f907d5fa09416ecc1e5024941d7f4130afe339f508301594d7ff0e6f53166093086e64b774a8448c55a3fbb73e74568e SHA512 e64b2f3ebeabba2e74c281a2a8205faa0ba0fac91e9153a8979e3edbf695274d4e940502736db12ba6bcb19a70179c5529b262f6a8b23779f19a750ff810cda3
+AUX pesign-114-wanalyzer-diagnostic.patch 734 BLAKE2B dcfae1fb4bea691ffb2bbd3f2e4f40e1e21f16840f4dfcc9293f856fdf6f75913bf6c12f7739ffa0e453949a9aa0add9925e7a0ee4adea6452c1007c4a40e11b SHA512 21ef15d5d1358bb9ff92f337a1da149bf993f04a6c0cd391956ce7175ac15f83596a3601a68eb51a9f88eb76c69dba8a3f57b672d9e628d0f75e9678d819a593
 DIST pesign-113.tar.gz 124618 BLAKE2B 36cdface6ecdf9003251da3058b21b2ee8e94eb655e47a8668b38c4ea576d990a71860952eea277d5e029bb007039c8e3ded9918e89d47f6db404423acbd1cc7 SHA512 e71dc90c2ab8085d1b000c0d2cf9cb00ddaed1ea1393db75c2d19a96f1b1c188a26b76850533ba97ec254a3b48db6b07a69b597c329ac891e64422780a358c24
+DIST pesign-114.tar.gz 148898 BLAKE2B 0dae3b4e17c61bcea02a6f81f6a62f8d526e83954bf95d0de24726daa81e45a3b42b6867f2d64decd69f421a14f5e2ff6ff1ec26246f44d68b242b452e60d9a1 SHA512 567176718e098c3494e27ce29b61ef396ca2503137260fc36c784951f0bd2130c9f61c655461d6091e9bdb0df77c9e00cf2fde8fb1b1c5ab83e4b9c57d65fdab
 EBUILD pesign-113.ebuild 1183 BLAKE2B 5b997df6d0d7670b7f64ea61404ba5682e6be810c3634c36002514b5617be88b72ed95ca603a982bcc0502e422f07a5857eca450ccf7d92b2445393bc0f5f2ff SHA512 dc6e6bc4ae0b80446628ab9c15691d7896d594eb7bb4404667f15d452c3a337e89bec9b4e63bbbb0f99421e33b44efcbc114cc973db6c29283a83edcc9372c9b
+EBUILD pesign-114.ebuild 1233 BLAKE2B b61a091d19b2f6d58e697af779ca5032b44f29a89c97c42c5f1b4c64eb595ea616fe37dc2c7155ce4f3d1eff82ffcc326cd58448e1cbb05a079fec6d2d517f08 SHA512 0b7f43429fa81ebbe551044da0a737745891f2b2d8cd16bf71e8a88faef631151e32059e8f85c156160295f5577d151cca27a4b4061e4185febfaab2e152a8db
 MISC metadata.xml 249 BLAKE2B 0928166bc28197e80603bef476a41c55e1e593a7e2636ecb634cecd26b5df5896667b06f049e1a2737f6da0330d243387068b6beededab2c3c8cab7208c1016d SHA512 dcbdae805ad96a8343af41708b249dfb119c7b18146279212b9747a91fbb64beb9e23b606151a77b42ea4f2fbbcf9f81d48067cd26122c61dee8b8178277d307
diff --git a/app-crypt/pesign/files/pesign-114-format-string.patch b/app-crypt/pesign/files/pesign-114-format-string.patch
new file mode 100644
index 000000000000..2361cb4a2660
--- /dev/null
+++ b/app-crypt/pesign/files/pesign-114-format-string.patch
@@ -0,0 +1,111 @@
+https://github.com/rhboot/pesign/commit/df8783ed4ed87fef850268098690985049916ee9.patch
+
+From df8783ed4ed87fef850268098690985049916ee9 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 1 Feb 2022 17:37:14 -0500
+Subject: [PATCH] Fix format strings for 32-bit arches
+
+Sadly, in 2022, this remains a thing.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+---
+ src/cms_pe_common.c | 16 +++++++++-------
+ src/password.c      |  7 ++++---
+ 2 files changed, 13 insertions(+), 10 deletions(-)
+
+diff --git a/src/cms_pe_common.c b/src/cms_pe_common.c
+index 964f0d9..3a3921b 100644
+--- a/src/cms_pe_common.c
++++ b/src/cms_pe_common.c
+@@ -49,7 +49,7 @@ check_pointer_and_size(cms_context *cms, Pe *pe, void *ptr, size_t size)
+ 
+ 	if (p + size > m + map_size)
+ 		cmsreterr(0, cms,
+-			  "pointer %p is above mmap end at %p (%lu is %lu bytes past EOF at %lu)",
++			  "pointer %p is above mmap end at %p (%lu is %lu bytes past EOF at %zu)",
+ 			  (void *)((uintptr_t)p + size),
+ 			  (void *)((uintptr_t)m + map_size),
+ 			  p + size - m,
+@@ -189,7 +189,7 @@ generate_digest(cms_context *cms, Pe *pe, int padded)
+ 	if (!check_pointer_and_size(cms, pe, hash_base, hash_size))
+ 		cmsgotoerr(error, cms, "PE header is invalid");
+ 	dprintf("beginning of hash");
+-	dprintf("digesting %lx + %lx", hash_base - map, hash_size);
++	dprintf("digesting %tx + %zx", hash_base - map, hash_size);
+ 	generate_digest_step(cms, hash_base, hash_size);
+ 
+ 	/* 5. Skip over the image checksum
+@@ -209,7 +209,7 @@ generate_digest(cms_context *cms, Pe *pe, int padded)
+ 		cmsgotoerr(error, cms, "PE data directory is invalid");
+ 
+ 	generate_digest_step(cms, hash_base, hash_size);
+-	dprintf("digesting %lx + %lx", hash_base - map, hash_size);
++	dprintf("digesting %tx + %zx", hash_base - map, hash_size);
+ 
+ 	/* 8. Skip over the crt dir
+ 	 * 9. Hash everything up to the end of the image header. */
+@@ -222,7 +222,7 @@ generate_digest(cms_context *cms, Pe *pe, int padded)
+ 		cmsgotoerr(error, cms, "PE relocations table is invalid");
+ 
+ 	generate_digest_step(cms, hash_base, hash_size);
+-	dprintf("digesting %lx + %lx", hash_base - map, hash_size);
++	dprintf("digesting %tx + %zx", hash_base - map, hash_size);
+ 
+ 	/* 10. Set SUM_OF_BYTES_HASHED to the size of the header. */
+ 	hashed_bytes = pe32opthdr ? pe32opthdr->header_size
+@@ -265,7 +265,7 @@ generate_digest(cms_context *cms, Pe *pe, int padded)
+ 		}
+ 
+ 		generate_digest_step(cms, hash_base, hash_size);
+-		dprintf("digesting %lx + %lx", hash_base - map, hash_size);
++		dprintf("digesting %tx + %zx", hash_base - map, hash_size);
+ 
+ 		hashed_bytes += hash_size;
+ 	}
+@@ -285,10 +285,12 @@ generate_digest(cms_context *cms, Pe *pe, int padded)
+ 			memset(tmp_array, '\0', tmp_size);
+ 			memcpy(tmp_array, hash_base, hash_size);
+ 			generate_digest_step(cms, tmp_array, tmp_size);
+-			dprintf("digesting %lx + %lx", (unsigned long)tmp_array, tmp_size);
++			dprintf("digesting %tx + %zx", (ptrdiff_t)tmp_array,
++				tmp_size);
+ 		} else {
+ 			generate_digest_step(cms, hash_base, hash_size);
+-			dprintf("digesting %lx + %lx", hash_base - map, hash_size);
++			dprintf("digesting %tx + %zx", hash_base - map,
++				hash_size);
+ 		}
+ 	}
+ 	dprintf("end of hash");
+diff --git a/src/password.c b/src/password.c
+index 644f362..05add9a 100644
+--- a/src/password.c
++++ b/src/password.c
+@@ -213,7 +213,7 @@ parse_pwfile_line(char *start, struct token_pass *tp)
+ 	dprintf("non-whitespace span is %zd", span);
+ 
+ 	if (line[span] == '\0') {
+-		dprintf("returning %ld", (line + span) - start);
++		dprintf("returning %td", (line + span) - start);
+ 		return (line + span) - start;
+ 	}
+ 	line[span] = '\0';
+@@ -241,7 +241,7 @@ parse_pwfile_line(char *start, struct token_pass *tp)
+ 	dprintf("Setting token pass %p to { %p, %p }", tp, tp->token, tp->pass);
+ 	dprintf("token:\"%s\"", tp->token);
+ 	dprintf("pass:\"%s\"", tp->pass);
+-	dprintf("returning %ld", (line + span) - start);
++	dprintf("returning %td", (line + span) - start);
+ 	return (line + span) - start;
+ }
+ 
+@@ -330,7 +330,8 @@ SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
+ 		if (c != '\0')
+ 			span++;
+ 		start += span;
+-		dprintf("start is file[%ld] == '\\x%02hhx'", start - file, start[0]);
++		dprintf("start is file[%td] == '\\x%02hhx'", start - file,
++			start[0]);
+ 	}
+ 
+ 	qsort(phrases, nphrases, sizeof(struct token_pass), token_pass_cmp);
diff --git a/app-crypt/pesign/files/pesign-114-no-werror.patch b/app-crypt/pesign/files/pesign-114-no-werror.patch
new file mode 100644
index 000000000000..3937873e80bd
--- /dev/null
+++ b/app-crypt/pesign/files/pesign-114-no-werror.patch
@@ -0,0 +1,13 @@
+diff --git a/Make.defaults b/Make.defaults
+index fdb961a..cdbb064 100644
+--- a/Make.defaults
++++ b/Make.defaults
+@@ -58,7 +58,7 @@ cflags	= $(CFLAGS) $(ARCH3264) \
+ 	-Wall -Wextra -Wsign-compare -Wno-unused-result \
+ 	-Wno-unused-function -Wno-missing-field-initializers \
+ 	-Wno-analyzer-malloc-leak \
+-	-Werror -Wno-error=cpp -Wno-free-nonheap-object \
++	-Wno-error=cpp -Wno-free-nonheap-object \
+ 	-std=gnu11 -fshort-wchar -fPIC -fno-strict-aliasing \
+ 	-D_GNU_SOURCE -DCONFIG_$(ARCH) -I${TOPDIR}/include \
+ 	'-DRUNDIR="$(rundir)"' \
diff --git a/app-crypt/pesign/files/pesign-114-wanalyzer-diagnostic.patch b/app-crypt/pesign/files/pesign-114-wanalyzer-diagnostic.patch
new file mode 100644
index 000000000000..43bc0d84c44c
--- /dev/null
+++ b/app-crypt/pesign/files/pesign-114-wanalyzer-diagnostic.patch
@@ -0,0 +1,19 @@
+https://github.com/rhboot/pesign/issues/78
+
+daemon.c:922:32: error: unknown option after ‘#pragma GCC diagnostic’ kind [-Werror=pragmas]
+  922 | #pragma GCC diagnostic ignored "-Wanalyzer-use-of-uninitialized-value"
+      |                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+cc1: all warnings being treated as errors
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -916,10 +916,6 @@ do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
+ 	free(pollfds);
+ }
+ 
+-/* GCC -fanalyzer has trouble with realloc
+- * https://bugzilla.redhat.com/show_bug.cgi?id=2047926 */
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Wanalyzer-use-of-uninitialized-value"
+ static int
+ handle_events(context *ctx)
+ {
diff --git a/app-crypt/pesign/pesign-114.ebuild b/app-crypt/pesign/pesign-114.ebuild
new file mode 100644
index 000000000000..bd65febf96c3
--- /dev/null
+++ b/app-crypt/pesign/pesign-114.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit toolchain-funcs
+
+DESCRIPTION="Tools for manipulating signed PE-COFF binaries"
+HOMEPAGE="https://github.com/rhboot/pesign"
+SRC_URI="https://github.com/rhboot/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+RDEPEND="
+	dev-libs/nspr
+	dev-libs/nss
+	dev-libs/openssl:=
+	dev-libs/popt
+	sys-apps/util-linux
+	>=sys-libs/efivar-38
+"
+DEPEND="${RDEPEND}
+	sys-boot/gnu-efi
+"
+BDEPEND="
+	sys-apps/help2man
+	virtual/pkgconfig
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-114-wanalyzer-diagnostic.patch
+	"${FILESDIR}"/${PN}-114-no-werror.patch
+
+	"${FILESDIR}"/${P}-format-string.patch
+)
+
+src_compile() {
+	emake \
+		AR="$(tc-getAR)" \
+		ARFLAGS="-cvqs" \
+		AS="$(tc-getAS)" \
+		CC="$(tc-getCC)" \
+		LD="$(tc-getLD)" \
+		OBJCOPY="$(tc-getOBJCOPY)" \
+		PKG_CONFIG="$(tc-getPKG_CONFIG)" \
+		RANLIB="$(tc-getRANLIB)" \
+		rundir="${EPREFIX}/var/run"
+}
+
+src_install() {
+	emake DESTDIR="${ED}" VERSION="${PVR}" rundir="${EPREFIX}/var/run" install
+	einstalldocs
+
+	# remove some files that don't make sense for Gentoo installs
+	rm -rf "${ED}/etc" "${ED}/var" "${ED}/usr/share/doc/${PF}/COPYING" || die
+}