diff options
author | V3n3RiX <venerix@koprulu.sector> | 2024-03-07 13:06:42 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2024-03-07 13:06:42 +0000 |
commit | 1b97f0352e38f8346984329b82a8be71632220a6 (patch) | |
tree | a2eedd48c9161522b87c70d55cbb7d28d2cb36a9 /dev-libs/opensc | |
parent | a03bc69159ecc073f051ca2079848553a8e34664 (diff) |
gentoo auto-resync : 07:03:2024 - 13:06:41
Diffstat (limited to 'dev-libs/opensc')
-rw-r--r-- | dev-libs/opensc/Manifest | 5 | ||||
-rw-r--r-- | dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch | 49 | ||||
-rw-r--r-- | dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch | 215 | ||||
-rw-r--r-- | dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch | 39 | ||||
-rw-r--r-- | dev-libs/opensc/opensc-0.23.0-r3.ebuild | 82 |
5 files changed, 0 insertions, 390 deletions
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest index 66cb82d387e3..9b9302eee9d6 100644 --- a/dev-libs/opensc/Manifest +++ b/dev-libs/opensc/Manifest @@ -1,10 +1,5 @@ -AUX opensc-0.23.0-CVE-2023-2977.patch 1936 BLAKE2B 6352f5b1e596973a0049e38ce454df6932f72669acab8ab4d117ead9f0b5a88a69ad99c8d38eaff032300fe291d863182262fec0a36bbcabd7f7dad2c5c077e6 SHA512 08924312d7a29ce9692a26379d22651fb6b38a75ad0868f1a95dadce34c2163a8f0e72718642488018233f44dc5539b102f0879f6bc838cc178440283fccb5f7 -AUX opensc-0.23.0-backport-pr2656.patch 8562 BLAKE2B ebcfa06920d83fbc72dc2d5af76f2982956d192e4573b13e001f2b6ffd05c3b5768bc7e64626b75649ba0ecb121c1d5085564f6b71f7cf1e320a854db59c058c SHA512 e188a368eb50536e59e5eab5740b5df1254789f6200eb8ccb31139291012bb3cdf281f9d4dd1a0d2b5ff13d974534a84e054506a763f8bd74bb1ca25a1f38d12 -AUX opensc-0.23.0-backport-pr2765.patch 1297 BLAKE2B 7bd791046ae7299b9f7df7436bbbaddb202b57b8944df80ea6890a6abd0b7e69e1a60af3b65b4421d06467ef0b0486206dee0a1dab1d533a25ff0572dc8515b1 SHA512 23080d3ab5df3be646ccfa8fd3400fe6a7dda08e9492705a95f29f11b2c6351ea2a058a86db75c9f190d5e32d7e9bae68b932b8d8f12ce59938e03fa55b79c06 AUX opensc.module 390 BLAKE2B 4c5ea159ed2038af51c9ca3e903b23db1acdfa8a6c79be7f922f8a03602f15e3b1a98570be0a1f3f2db922c9083976eeb164d011b981c8709a9b1459e959634f SHA512 52a0a47963d0938a3a644dedcd913bb22ea6d5e3d539b759872c4175085491cc11a3958bb308029eb4942ea20e0f7890865c21cb063e335e38a154957a64ed58 -DIST opensc-0.23.0.tar.gz 2366469 BLAKE2B c0f74379a70347a58be27684ae2cf833e6f35328b566af2c6daa8276174864406fa176acf7ba84931970fe07e3dd8d6eccf7884f079cb0110c4d6ff9a76792dc SHA512 cd102cd64e719c59153960a4921b7525055045f16e6f6ffa8c9def6ce999a9c5098267b41f8753b41107f626bea20c34561002f5d38eddb4ce6b371913a17a1b DIST opensc-0.24.0.tar.gz 2440952 BLAKE2B afacdd151d169dd1840ecd6df1cec99a9805598d7b7af81e17b648f146cd1b3ad1d3dcae19ed94cf8ce0dbbd5b4285af9653af5ef5739d53908ce30a49544adb SHA512 0fd2ea858874ae0b85c8fe8c4b920988693a47ca95b26449a1e95f86e17b76000f236c1f75d63ee133306e01a965155da5e14c1b8a59053b85026ecb58fb97bb -EBUILD opensc-0.23.0-r3.ebuild 2012 BLAKE2B 50a5c91517ce72b03c2e1772095294fd9221835cbbe46a6810ac097c82bd4feaefad1cc8ea87660b510f06118b16ed600c556d8ac4702cd0649d273d0211b19c SHA512 7bc6ccc066fc911b2570d24251dbbe80a13406712d949742fb0a9a2cdd174b79ca00952dca49107b3a198d870627102dbcc333d06b7be20915f5698534a65c3e EBUILD opensc-0.24.0.ebuild 1875 BLAKE2B 9b20b04338f11a4d83b44440162afaefd9289e6cce39e4d4e500cc9a0f9e61182aa117c5386d890456c1e50422fe0e3cc4ba1dd6172a4345247e2e5ef536d4ab SHA512 d75bd4cd69a41338e0616e6a31e8e19d435ee42c0bd03ad595bcd186c765e1ead02e51b49679fae625e7a6bcab402c33f44192ce2f97216fcd3d7e13a51527fa EBUILD opensc-9999.ebuild 1881 BLAKE2B ae0acc8bcc7081ceea38b6a59ed04dd6acf37bf4e86f3979ac317e5bd8dffba6cfdb0480cfc574ca23d5ab5f491ea2b301ce4b2ae86835e8210af391cdfe11c6 SHA512 8ce8e223359c15a15159a006ecfa2b1c4f10063902450c4fa120902cc1193a0478e87cd0678241b0f4e96aa7cb870267d4d80e44e1e13c952a322412801dba26 MISC metadata.xml 1305 BLAKE2B 8560829a2784e38e10b41f5e083568a7fafd19e9fe185b1675c787b2514ea01a18b3fa6c7d0018b6e45638512d02e9bec12fbc5df4e50bf49db6558ef89a9af8 SHA512 8b477d96f6acb7a808e24af1d4b29e16e06b83eaf29799dbc6b74181ded74de47d7527712e21412bfb92a26e1d03974368a2c1790208785230280a18d21aff06 diff --git a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch deleted file mode 100644 index ad3bc1fadc93..000000000000 --- a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001 -From: fullwaywang <fullwaywang@tencent.com> -Date: Mon, 29 May 2023 10:38:48 +0800 -Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer - overrun bug. Fixes #2785 - ---- - src/pkcs15init/pkcs15-cardos.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c -index 9715cf390f..f41f73c349 100644 ---- a/src/pkcs15init/pkcs15-cardos.c -+++ b/src/pkcs15init/pkcs15-cardos.c -@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card) - sc_apdu_t apdu; - u8 rbuf[SC_MAX_APDU_BUFFER_SIZE]; - int r; -- const u8 *p = rbuf, *q; -+ const u8 *p = rbuf, *q, *pp; - size_t len, tlen = 0, ilen = 0; - - sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88); -@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card) - return 0; - - while (len != 0) { -- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen); -- if (p == NULL) -+ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen); -+ if (pp == NULL) - return 0; - if (card->type == SC_CARD_TYPE_CARDOS_M4_3) { - /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */ - /* and Package Number 0x07 */ -- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen); -+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen); - if (q == NULL || ilen != 4) - return 0; - if (q[0] == 0x07) -@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card) - } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) { - /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */ - /* and Package Number 0x02 */ -- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen); -+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen); - if (q == NULL || ilen != 4) - return 0; - if (q[0] == 0x02) diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch deleted file mode 100644 index f9ce72d31776..000000000000 --- a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2656.patch +++ /dev/null @@ -1,215 +0,0 @@ -https://bugs.gentoo.org/909781 -https://github.com/OpenSC/libp11/issues/478 -https://github.com/OpenSC/OpenSC/pull/2656 - -From 99f7b82f187ca3512ceae6270c391243d018fdac Mon Sep 17 00:00:00 2001 -From: Jakub Jelen <jjelen@redhat.com> -Date: Thu, 1 Dec 2022 20:08:53 +0100 -Subject: [PATCH 1/4] pkcs11-tool: Fix private key import - ---- - src/tools/pkcs11-tool.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c -index aae205fe2c..cfee8526d5 100644 ---- a/src/tools/pkcs11-tool.c -+++ b/src/tools/pkcs11-tool.c -@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa) - RSA_get0_factors(r, &r_p, &r_q); - RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp); - #else -- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 || -+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 || -- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) { - util_fatal("OpenSSL error during RSA private key parsing"); -+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) { - } - #endif - RSA_GET_BN(rsa, private_exponent, r_d); - -From 4a6e1d1dcd18757502027b1c5d2fb2cbaca28407 Mon Sep 17 00:00:00 2001 -From: Jakub Jelen <jjelen@redhat.com> -Date: Thu, 1 Dec 2022 20:11:41 +0100 -Subject: [PATCH 2/4] pkcs11-tool: Log more information on OpenSSL errors - ---- - src/tools/pkcs11-tool.c | 15 ++++++--------- - 1 file changed, 6 insertions(+), 9 deletions(-) - -diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c -index cfee8526d5..f2e6b1dd91 100644 ---- a/src/tools/pkcs11-tool.c -+++ b/src/tools/pkcs11-tool.c -@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa) - const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp; - r = EVP_PKEY_get1_RSA(pkey); - if (!r) { -- if (private) -- util_fatal("OpenSSL error during RSA private key parsing"); -- else -- util_fatal("OpenSSL error during RSA public key parsing"); -+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public", -+ ERR_error_string(ERR_peek_last_error(), NULL)); - } - - RSA_get0_key(r, &r_n, &r_e, NULL); -@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa) - BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL; - if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) { -- if (private) -- util_fatal("OpenSSL error during RSA private key parsing"); -- else -- util_fatal("OpenSSL error during RSA public key parsing"); -+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public", -+ ERR_error_string(ERR_peek_last_error(), NULL)); - } - #endif - RSA_GET_BN(rsa, modulus, r_n); -@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa) - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 || - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 || -- util_fatal("OpenSSL error during RSA private key parsing"); - EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) { -+ util_fatal("OpenSSL error during RSA private key parsing: %s", -+ ERR_error_string(ERR_peek_last_error(), NULL)); - } - #endif - RSA_GET_BN(rsa, private_exponent, r_d); - -From 267da3e81f1fc23a9ccce1462ab5deb1a4d4aec5 Mon Sep 17 00:00:00 2001 -From: Jakub Jelen <jjelen@redhat.com> -Date: Thu, 1 Dec 2022 20:38:31 +0100 -Subject: [PATCH 3/4] Reproducer for broken pkcs11-tool key import - ---- - tests/Makefile.am | 10 ++++--- - tests/test-pkcs11-tool-import.sh | 48 ++++++++++++++++++++++++++++++++ - 2 files changed, 54 insertions(+), 4 deletions(-) - create mode 100755 tests/test-pkcs11-tool-import.sh - -diff --git a/tests/Makefile.am b/tests/Makefile.am -index d378e2ee00..9d8a24c321 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -14,8 +14,9 @@ dist_noinst_SCRIPTS = common.sh \ - test-pkcs11-tool-test-threads.sh \ - test-pkcs11-tool-sign-verify.sh \ - test-pkcs11-tool-allowed-mechanisms.sh \ -- test-pkcs11-tool-sym-crypt-test.sh\ -- test-pkcs11-tool-unwrap-wrap-test.sh -+ test-pkcs11-tool-sym-crypt-test.sh \ -+ test-pkcs11-tool-unwrap-wrap-test.sh \ -+ test-pkcs11-tool-import.sh - - .NOTPARALLEL: - TESTS = \ -@@ -25,8 +26,9 @@ TESTS = \ - test-pkcs11-tool-test.sh \ - test-pkcs11-tool-test-threads.sh \ - test-pkcs11-tool-allowed-mechanisms.sh \ -- test-pkcs11-tool-sym-crypt-test.sh\ -- test-pkcs11-tool-unwrap-wrap-test.sh -+ test-pkcs11-tool-sym-crypt-test.sh \ -+ test-pkcs11-tool-unwrap-wrap-test.sh \ -+ test-pkcs11-tool-import.sh - XFAIL_TESTS = \ - test-pkcs11-tool-test-threads.sh \ - test-pkcs11-tool-test.sh -diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh -new file mode 100755 -index 0000000000..76ff8e51be ---- /dev/null -+++ b/tests/test-pkcs11-tool-import.sh -@@ -0,0 +1,48 @@ -+#!/bin/bash -+SOURCE_PATH=${SOURCE_PATH:-..} -+ -+source $SOURCE_PATH/tests/common.sh -+ -+echo "=======================================================" -+echo "Setup SoftHSM" -+echo "=======================================================" -+if [[ ! -f $P11LIB ]]; then -+ echo "WARNING: The SoftHSM is not installed. Can not run this test" -+ exit 77; -+fi -+card_setup -+ -+ID="0100" -+OPTS="" -+for KEYTYPE in "RSA" "EC"; do -+ echo "=======================================================" -+ echo "Generate and import $KEYTYPE keys" -+ echo "=======================================================" -+ if [ "$KEYTYPE" == "RSA" ]; then -+ ID="0100" -+ elif [ "$KEYTYPE" == "EC" ]; then -+ ID="0200" -+ OPTS="-pkeyopt ec_paramgen_curve:P-521" -+ fi -+ openssl genpkey -out "${KEYTYPE}_private.der" -outform DER -algorithm $KEYTYPE $OPTS -+ assert $? "Failed to generate private $KEYTYPE key" -+ $PKCS11_TOOL --write-object "${KEYTYPE}_private.der" --id "$ID" --type privkey \ -+ --label "$KEYTYPE" -p "$PIN" --module "$P11LIB" -+ assert $? "Failed to write private $KEYTYPE key" -+ -+ openssl pkey -in "${KEYTYPE}_private.der" -out "${KEYTYPE}_public.der" -pubout -inform DER -outform DER -+ assert $? "Failed to convert private $KEYTYPE key to public" -+ $PKCS11_TOOL --write-object "${KEYTYPE}_public.der" --id "$ID" --type pubkey --label "$KEYTYPE" \ -+ -p $PIN --module $P11LIB -+ assert $? "Failed to write public $KEYTYPE key" -+ # certificate import already tested in all other tests -+ -+ rm "${KEYTYPE}_private.der" "${KEYTYPE}_public.der" -+done -+ -+echo "=======================================================" -+echo "Cleanup" -+echo "=======================================================" -+card_cleanup -+ -+exit $ERRORS - -From 63a7bceeca43ece1eee201ef7a974b20b294ba4e Mon Sep 17 00:00:00 2001 -From: Jakub Jelen <jakuje@gmail.com> -Date: Fri, 2 Dec 2022 18:07:43 +0100 -Subject: [PATCH 4/4] Simplify the new test -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Co-authored-by: Veronika HanulĂková <61348757+xhanulik@users.noreply.github.com> ---- - tests/test-pkcs11-tool-import.sh | 8 +++----- - 1 file changed, 3 insertions(+), 5 deletions(-) - -diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh -index 76ff8e51be..c90b3b4926 100755 ---- a/tests/test-pkcs11-tool-import.sh -+++ b/tests/test-pkcs11-tool-import.sh -@@ -12,15 +12,13 @@ if [[ ! -f $P11LIB ]]; then - fi - card_setup - --ID="0100" --OPTS="" - for KEYTYPE in "RSA" "EC"; do - echo "=======================================================" - echo "Generate and import $KEYTYPE keys" - echo "=======================================================" -- if [ "$KEYTYPE" == "RSA" ]; then -- ID="0100" -- elif [ "$KEYTYPE" == "EC" ]; then -+ ID="0100" -+ OPTS="" -+ if [ "$KEYTYPE" == "EC" ]; then - ID="0200" - OPTS="-pkeyopt ec_paramgen_curve:P-521" - fi diff --git a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch b/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch deleted file mode 100644 index 72572c598ac8..000000000000 --- a/dev-libs/opensc/files/opensc-0.23.0-backport-pr2765.patch +++ /dev/null @@ -1,39 +0,0 @@ -https://bugs.gentoo.org/909781 -https://github.com/OpenSC/OpenSC/pull/2765 - -From 36178c8188521f2627d2eea428a7e53d149eed58 Mon Sep 17 00:00:00 2001 -From: Peter Popovec <popovec.peter@gmail.com> -Date: Fri, 28 Apr 2023 10:50:25 +0200 -Subject: [PATCH] Fix pkcs11-tool unwrap / incorrect CKA_ID - -"object_id[]" and "id_len" must be allocated so that it is not deallocated -or overwritten (on the stack) at the time of the C_UnwrapKey() call. - - modified: src/tools/pkcs11-tool.c ---- - src/tools/pkcs11-tool.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c -index 890ca27060..f3a01ab4cf 100644 ---- a/src/tools/pkcs11-tool.c -+++ b/src/tools/pkcs11-tool.c -@@ -3347,6 +3347,8 @@ unwrap_key(CK_SESSION_HANDLE session) - {CKA_CLASS, &secret_key_class, sizeof(secret_key_class)}, - {CKA_TOKEN, &_true, sizeof(_true)}, - }; -+ CK_BYTE object_id[100]; -+ size_t id_len; - CK_OBJECT_HANDLE hSecretKey; - int n_attr = 2; - CK_RV rv; -@@ -3450,9 +3452,6 @@ unwrap_key(CK_SESSION_HANDLE session) - } - - if (opt_application_id != NULL) { -- CK_BYTE object_id[100]; -- size_t id_len; -- - id_len = sizeof(object_id); - if (!sc_hex_to_bin(opt_application_id, object_id, &id_len)) { - FILL_ATTR(keyTemplate[n_attr], CKA_ID, object_id, id_len); diff --git a/dev-libs/opensc/opensc-0.23.0-r3.ebuild b/dev-libs/opensc/opensc-0.23.0-r3.ebuild deleted file mode 100644 index 9808951f0b2b..000000000000 --- a/dev-libs/opensc/opensc-0.23.0-r3.ebuild +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit autotools bash-completion-r1 - -DESCRIPTION="Libraries and applications to access smartcards" -HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki" - -if [[ ${PV} == *9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/OpenSC/OpenSC.git" -else - SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86" -fi - -LICENSE="LGPL-2.1" -SLOT="0" -IUSE="ctapi doc openct notify pace +pcsc-lite readline secure-messaging ssl test zlib" -RESTRICT="!test? ( test )" - -RDEPEND="zlib? ( sys-libs/zlib ) - readline? ( sys-libs/readline:0= ) - ssl? ( dev-libs/openssl:0= ) - openct? ( >=dev-libs/openct-0.5.0 ) - pace? ( dev-libs/openpace:= ) - pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 ) - notify? ( dev-libs/glib:2 )" -DEPEND="${RDEPEND} - app-text/docbook-xsl-stylesheets - dev-libs/libxslt - test? ( dev-util/cmocka )" -BDEPEND="virtual/pkgconfig" - -REQUIRED_USE=" - pcsc-lite? ( !openct !ctapi ) - openct? ( !pcsc-lite !ctapi ) - ctapi? ( !pcsc-lite !openct ) - || ( pcsc-lite openct ctapi )" - -PATCHES=( - "${FILESDIR}"/${P}-CVE-2023-2977.patch - "${FILESDIR}"/${P}-backport-pr2656.patch - "${FILESDIR}"/${P}-backport-pr2765.patch -) - -src_prepare() { - default - eautoreconf -} - -src_configure() { - # don't want to run upstream's clang-tidy checks - export ac_cv_path_CLANGTIDY="" - - econf \ - --with-completiondir="$(get_bashcompdir)" \ - --disable-strict \ - --enable-man \ - $(use_enable ctapi) \ - $(use_enable doc) \ - $(use_enable notify) \ - $(use_enable openct) \ - $(use_enable pace openpace) \ - $(use_enable pcsc-lite pcsc) \ - $(use_enable readline) \ - $(use_enable secure-messaging sm) \ - $(use_enable ssl openssl) \ - $(use_enable test cmocka) \ - $(use_enable zlib) -} - -src_install() { - default - - insinto /etc/pkcs11/modules/ - doins "${FILESDIR}"/opensc.module - - find "${ED}" -name '*.la' -delete || die -} |