5 files changed, 308 insertions, 2 deletions

diff --git a/app-forensics/Manifest.gz b/app-forensics/Manifest.gz
index 1eb5756990bf..6afdf8e855cd 100644
--- a/app-forensics/Manifest.gz
+++ b/app-forensics/Manifest.gz
diff --git a/app-forensics/lynis/Manifest b/app-forensics/lynis/Manifest
index 0f129bb2bd1c..d8477f691dd4 100644
--- a/app-forensics/lynis/Manifest
+++ b/app-forensics/lynis/Manifest
@@ -1,4 +1,4 @@
 AUX lynis.cron-new 72 BLAKE2B 1f2d683c74e9e85f142c23277f24e8c81b33e4d1691a6f171694194bd5d81a5e1473532afe2c6fca23c995d9c7bd08d18d6eed78a07661618c12e22b35e9ff81 SHA512 1cdaaee433912c2ccdec8ad7c9b88be55fe3f1d68e2fca79cc6e0e10112d465a70cfbe0a049623437f604bfc9793e0d29b709e035cbf710d4d38ba48acc5355f
-DIST lynis-3.0.0.tar.gz 320637 BLAKE2B a69346a0a0ba8236b6872a0523a36ae03be934bc128ad57f67179f120291197019f9387ffb6ec6390b344f7d17224b104c657fe8b474b339f0521a2a544f69cd SHA512 2f156002ff1cfcd2333c95b57e82e76260364fa58419b9414f2bb461aa77a22c2f1af57a6a934e88030baeb69aa9c274045cfcef359eb496d10acd5b886cb856
-EBUILD lynis-3.0.0.ebuild 946 BLAKE2B 5ac0654a519f268546332f12564b1173048a65da75d4ac45ec0bc2f66e4593f8dbf6b00eee1a50f85b8e9563a22a4a1f9458331ff3d63174eb1c47c641e52074 SHA512 1fd90e90ef37f2f7f826dd9b67d6bfd7d9d6a9c6249abd793c2beef1ffe5df03e0524171423725d4b2226fe68734111b52f0291977a5b060c86ffcd3dd11fe9c
+DIST lynis-3.0.1.tar.gz 322638 BLAKE2B b0a6b03351af95e766321164fab34c7eb8314f18747d3df87946e379781970253406132a1674236a39879374ecc559489679d34ef3368d74faf98b0f44425293 SHA512 e237984b404752bd0856e1cbb884d0191a1177023780d9d0f885538846e419fcb75302a33320ba41e5895cabca0ead094e1c49865677906e547e255b4f5aab41
+EBUILD lynis-3.0.1.ebuild 946 BLAKE2B 5ac0654a519f268546332f12564b1173048a65da75d4ac45ec0bc2f66e4593f8dbf6b00eee1a50f85b8e9563a22a4a1f9458331ff3d63174eb1c47c641e52074 SHA512 1fd90e90ef37f2f7f826dd9b67d6bfd7d9d6a9c6249abd793c2beef1ffe5df03e0524171423725d4b2226fe68734111b52f0291977a5b060c86ffcd3dd11fe9c
 MISC metadata.xml 251 BLAKE2B 7bfd5f1051cbe4343bd02cc5e869988eb1013ab464ae4ea70e15faff085b7bdc2437feaa34d5db2a90b4999014c146b4d1b9b0a4fd5c99e5bf550577923f49fb SHA512 5031be5fdf8e7fd7c6863c4a56016d80530a7363104272c82b99e2bb46cb7b22247fc5eda3814096701466fa73642994303ce4e666fb314ab843c18dcfa1845c
diff --git a/app-forensics/lynis/lynis-3.0.0.ebuild b/app-forensics/lynis/lynis-3.0.1.ebuild
index 5ee09e290d03..5ee09e290d03 100644
--- a/app-forensics/lynis/lynis-3.0.0.ebuild
+++ b/app-forensics/lynis/lynis-3.0.1.ebuild
diff --git a/app-forensics/sleuthkit/Manifest b/app-forensics/sleuthkit/Manifest
index 5a67e66e0c95..c3d489956c25 100644
--- a/app-forensics/sleuthkit/Manifest
+++ b/app-forensics/sleuthkit/Manifest
@@ -3,8 +3,10 @@ AUX sleuthkit-4.6.4-default-jar-location-fix.patch 1768 BLAKE2B d9a0675223506649
 DIST SparseBitSet-1.1.jar 23706 BLAKE2B 8623a723f11f97386a108c775fefddd324997b68bea7f7ade0581ec5800bfa8d32f699ab903ad66c631b7b5c69ba1ef377243653f5044f39234dac07543eb129 SHA512 cf75431c5f705961800ce5cbca2acb9b2459eaf98ec37b5ee21c5a90d204ffb466fa25457b0560fbb024489777efbea0276201024c7b1b2853124930ac490983
 DIST commons-validator-1.6.jar 186077 BLAKE2B 39080bebfde71d87847b65f212d47a51bab9567cb0aaf7122359a67a8eb817877a6cc80495a15aefb12936d0e36532ed771dc0a2dff8401fc301f658ed38ef88 SHA512 aded530d3b79ead6ba5c44668c6d6964d7721f9617249f6aaa1c8f558ad4b3d3c1b6d78b639a4cb8dd27a671879b662fdbba0502fd04e131f3286169507df30c
 DIST gson-2.8.5.jar 241622 BLAKE2B b13887177b5d5f2a11b2dde1fdbaa3a95b55bb7b5500624c7eb0745e861c897ed1e27868bad19d30a1670c90f3068a8fd40e1b81e5e25e96819fa5c371a5e1af SHA512 5dd7214c542a7b93aab3eab0ba13e4ac3d6ddb05c795fb6d3992e21925a98dce87cb186ac67b4d3ad146f96e14d38b3892837eca57a27b4e845aca6d4e4f708a
+DIST sleuthkit-4.10.1.tar.gz 3524246 BLAKE2B ddea16693730a993032868ea60423d4bfcf3cba470010854c7bd36ab0a033325d906a0e4760501d59fdda4f37e12052f8672d33e4e374d1a6cdb03e22d0de367 SHA512 3ee335ba98bbb16985207ad50bc15a607ea2bcf550bba392be1cace8982c893a29e9de64e6598d02f41f9f745dc720f829317ed31f068e6cb1f6c230699e47bf
 DIST sleuthkit-4.9.0.tar.gz 3473764 BLAKE2B 3950e586595f53a81c845b3b1fbaf4939a84ee3d81e8141cabf41c9fbee1b1f5cf1b8bd6cab95b157d60364541736f750c8ada61c76da89e663721b9a67330ef SHA512 1db8b9f825aa551fe5bdf01285832b903fb4f2d6a8fd9a57a5cd5c9005dfdbec22d3dd49d394616d838e2a2111110018e787f2ed467a1c27a500fc75bed0dd0b
 DIST sleuthkit-libewf_64bit-20130416.tar.gz 23818247 BLAKE2B 23be933ed8a74e4834ee6571a28d81ba16e98e4e4e27b5b1b3b655d1d92a6eadcba35aadf96aa404e6e0a225b27f3f5daff2836879b87fe58440a3ad5645de44 SHA512 611cbb57de17600caee0330bbe9917c4481d7711a35dba8c072fd49cd3e1714e0a3ce30fd8fcac9981db848e80870bf5d215326c56808bb6f5b4c8dcc1e5a3c9
 DIST sqlite-jdbc-3.25.2.jar 7064881 BLAKE2B 3917da6127137bab710a9e61f326f59320ce94654ebb8ae5e694b05aed6b9b1bd367ade2f08ce5bb52c3ac296992240ad949969f5eff712615d07a18588c6a17 SHA512 efd1ea26d7f4f9bc66bf0d5f80234a0c535829bd498e4c5a0cab42873b58ac69133497d8c45689a1d3a39e657a2d0474d6b930c7bc415dd623801ee4a7354ffb
+EBUILD sleuthkit-4.10.1.ebuild 8409 BLAKE2B fc63cb95ff816f8f8ca12e6312a9480e3f290b50c26d7e748447f1c5b8ce5fd9c8358a005ea5bfb0d68f1683a036cb105ad78d9a9c95d4f8b5842df0aead1455 SHA512 a51782ecc88ed7271ce4942d6d188fcb1240c37603eab13820d263c4b23dc144a8e4594a91398e49fe8c3421b5fd4ca97a7d78a3b10cc08f92f1f8e77f16821a
 EBUILD sleuthkit-4.9.0.ebuild 8264 BLAKE2B 879a179c1cd7bd6f7f26325a9788bd1f34645c1f1ee71a73da65dd0e3bcdc720fe3f51623710abddfd5897e1ca5bbb4e6c82a8da4443e2d3f90f6a8920bc4cc2 SHA512 37ef66d26c09e7df2e47ef2dbef0d40d06c5232f3f7fa32106966f260d83c758729bcde1633a19da7fbbd3c3b27ef33e2da48fa347457e97a5a02f5ece42076e
 MISC metadata.xml 607 BLAKE2B 2c651da1253ec986eb766b6949ea9a9059d76351081e805aba5f795971bb3b9368987cc9d39fc335c1e65c12de9347471686984e2753487cafab431488762064 SHA512 2dbce141f133a9172c6ba61924a9fac2674394096063b899be5a90111a9741789e2a09aa06cc49e17a253d088d20c1ddad1c748b6e09f650131ec0f91116ae08
diff --git a/app-forensics/sleuthkit/sleuthkit-4.10.1.ebuild b/app-forensics/sleuthkit/sleuthkit-4.10.1.ebuild
new file mode 100644
index 000000000000..92f8ae719902
--- /dev/null
+++ b/app-forensics/sleuthkit/sleuthkit-4.10.1.ebuild
@@ -0,0 +1,304 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+JAVA_PKG_BSFIX_NAME="build.xml build-unix.xml"
+inherit autotools java-pkg-opt-2 java-ant-2
+
+DESCRIPTION="A collection of file system and media management forensic analysis tools"
+HOMEPAGE="https://www.sleuthkit.org/sleuthkit/"
+# TODO: sqlite-jdbc does not exist in the tree, we bundle it for now
+#		See: https://bugs.gentoo.org/690010
+# TODO: SparseBitSet does not exist in the tree, we bundle it for now
+#		See: https://bugs.gentoo.org/690012
+# TODO: Upstream uses a very specific version of libewf which is not in
+#       the tree anymore. So we statically compile and link to sleuthkit.
+#       Hopefully upstream will figure something out in the future.
+#		See: https://bugs.gentoo.org/689752
+# TODO: gson-2.8.5 does not exist in the tree. Building it seems to
+# 		require Java 9. We have Java 11 in the tree but I don't see a
+# 		way to use it as a gentoo-vm in order to build gson. Sleuthkit
+# 		upstream still uses Java 8.
+# 		See: https://bugs.gentoo.org/706274
+# TODO: commons-validator-1.6 does not exist in the tree. The latest version
+#		as of writing this ebuild is 1.4.1, for which the build fails. As
+#		per #711930, this is a security sensitive bump. We're gonna fetch
+#		the jar file here and file a bug request for a bump as well:
+#		    https://bugs.gentoo.org/721020
+SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz
+	java? (
+		https://repo1.maven.org/maven2/com/google/code/gson/gson/2.8.5/gson-2.8.5.jar
+		http://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.25.2/sqlite-jdbc-3.25.2.jar
+		http://repo1.maven.org/maven2/com/zaxxer/SparseBitSet/1.1/SparseBitSet-1.1.jar
+		https://repo1.maven.org/maven2/commons-validator/commons-validator/1.6/commons-validator-1.6.jar
+	)
+	ewf? ( https://github.com/sleuthkit/libewf_64bit/archive/VisualStudio_2010.tar.gz -> sleuthkit-libewf_64bit-20130416.tar.gz )"
+
+LICENSE="BSD CPL-1.0 GPL-2+ IBM java? ( Apache-2.0 )"
+SLOT="0/19" # subslot = major soname version
+KEYWORDS="~amd64 ~hppa ~ppc ~x86"
+IUSE="aff doc ewf java static-libs test +threads zlib"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	dev-db/sqlite:3
+	dev-lang/perl:*
+	aff? ( app-forensics/afflib )
+	ewf? ( sys-libs/zlib )
+	java? (
+		>=dev-java/c3p0-0.9.5:0
+		dev-java/commons-lang:3.1
+		dev-java/guava:20
+		>=dev-java/jdbc-postgresql-9.4:0
+		>=dev-java/joda-time-2.4:0
+	)
+	zlib? ( sys-libs/zlib )
+"
+# TODO: add support for not-in-tree libraries libvhdi and libvmdk
+# libvhdi: https://github.com/libyal/libvhdi
+# libvmdk: https://github.com/libyal/libvmdk
+# DEPEND="${DEPEND}
+# 	vhdi? ( dev-libs/libvhdi )
+# 	vmdk? ( dev-libs/libvmdk )
+# "
+
+RDEPEND="${DEPEND}
+	java? (
+		|| (
+			virtual/jre:1.8
+			virtual/jdk:1.8
+		)
+	)
+"
+DEPEND="${DEPEND}
+	java? ( virtual/jdk:1.8 )
+	doc? ( app-doc/doxygen )
+	test? ( >=dev-util/cppunit-1.2.1 )
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-4.1.0-tools-shared-libs.patch
+	"${FILESDIR}"/${PN}-4.6.4-default-jar-location-fix.patch
+)
+
+src_unpack() {
+	local f
+
+	unpack ${P}.tar.gz
+
+	if use ewf; then
+		pushd "${T}" &>/dev/null || die
+		unpack sleuthkit-libewf_64bit-20130416.tar.gz
+		export TSK_LIBEWF_SRCDIR="${T}"/libewf_64bit-VisualStudio_2010
+		popd &>/dev/null || die
+	fi
+
+	# Copy the jar files that don't exist in the tree yet
+	if use java; then
+		TSK_JAR_DIR="${T}/lib"
+		mkdir "${TSK_JAR_DIR}" || die
+		for f in ${A}; do
+			if [[ ${f} =~ .jar$ ]]; then
+				cp "${DISTDIR}"/"${f}" "${TSK_JAR_DIR}" || die
+			fi
+		done
+		export TSK_JAR_DIR
+	fi
+}
+
+tsk_prepare_libewf() {
+	# Inlining breaks the compilation, disable it
+	sed -e 's/LIBUNA_INLINE inline/LIBUNA_INLINE/' \
+		-i "${TSK_LIBEWF_SRCDIR}"/libuna/libuna_inline.h || die
+}
+
+src_prepare() {
+	use ewf && tsk_prepare_libewf
+
+	# Do not pass '-Werror'. This is overkill for user builds.
+	sed -e '/AM_CXXFLAGS/ s/-Werror//g' \
+		-i tsk/util/Makefile.am \
+		-i tsk/pool/Makefile.am || die
+	# Remove -static from LDFLAGS because it doesn't actually create
+	# a static binary. It confuses libtool, who then inserts rpath
+	sed -e '/LDFLAGS/ s/-static//' \
+		-i tools/pooltools/Makefile.am || die
+
+	if use java; then
+		pushd "${S}"/bindings/java &>/dev/null || die
+
+		# Prevent "make install" from installing
+		# jar files under /usr/share/java
+		# We'll use the java eclasses for this
+		# See: https://github.com/sleuthkit/sleuthkit/pull/1379
+		sed -e '/^jar_DATA/ d;' -i Makefile.am || die
+
+		java-pkg-opt-2_src_prepare
+
+		popd &>/dev/null || die
+	fi
+
+	# Override the doxygen output directories
+	if use doc; then
+		sed -e "/^OUTPUT_DIRECTORY/ s|=.*$|= ${T}/doc|" \
+			-i tsk/docs/Doxyfile \
+			-i bindings/java/doxygen/Doxyfile || die
+	fi
+
+	# It's safe to call this even after java-pkg-opt-2_src_prepare
+	# because future calls to eapply_user do nothing and return 0
+	default
+
+	eautoreconf
+}
+
+tsk_compile_libewf() {
+	local myeconfargs=(
+		--prefix=/
+		--libdir=/lib
+		--enable-static
+		--disable-shared
+		--disable-winapi
+		--without-libbfio
+		--with-zlib
+		--without-bzip2
+		--without-libhmac
+		--without-openssl
+		--without-libuuid
+		--without-libfuse
+
+		--with-libcstring=no
+		--with-libcerror=no
+		--with-libcdata=no
+		--with-libclocale=no
+		--with-libcnotify=no
+		--with-libcsplit=no
+		--with-libuna=no
+		--with-libcfile=no
+		--with-libcpath=no
+		--with-libbfio=no
+		--with-libfcache=no
+		--with-libfvalue=no
+
+	)
+	# We want to contain our build flags
+	local CFLAGS="${CFLAGS}"
+	local LDFLAGS="${LDFLAGS}"
+
+	pushd "${TSK_LIBEWF_SRCDIR}" &>/dev/null || die
+
+	# Produce relocatable code
+	CFLAGS+=" -fPIC"
+	LDFLAGS+=" -fPIC"
+	econf "${myeconfargs[@]}"
+
+	# Do not waste CPU cycles on building ewftools
+	sed -e '/ewftools/ d' -i Makefile || die
+	emake
+
+	# Only install the headers and the library
+	emake -C libewf DESTDIR="${T}"/image install
+	emake -C include DESTDIR="${T}"/image install
+	find "${T}"/image -name '*.la' -delete || die
+
+	popd &>/dev/null || die
+}
+
+src_configure() {
+	local myeconfargs=(
+		--enable-offline="${TSK_JAR_DIR}"
+		$(use_enable java)
+		$(use_enable static-libs static)
+		$(use_enable threads multithreading)
+		$(use_with aff afflib)
+		$(use_with zlib)
+	)
+	# TODO: add support for non-existing libraries libvhdi and libvmdk
+	# myeconfargs+=(
+	# 	$(use_with vhdi libvhdi)
+	# 	$(use_with vmdk libvmdk)
+	# )
+	myeconfargs+=(
+		--without-libvhdi
+		--without-libvmdk
+	)
+
+	use ewf && tsk_compile_libewf
+	myeconfargs+=( $(use_with ewf libewf "${T}"/image) )
+
+	if use java; then
+		pushd "${S}"/bindings/java &>/dev/null || die
+		java-ant-2_src_configure
+		popd &>/dev/null || die
+	fi
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	# Give it an existing bogus ivy home #672220
+	local -x IVY_HOME="${T}"
+
+	# Create symlinks of jars for the required dependencies
+	if use java; then
+		java-pkg_jar-from --into "${TSK_JAR_DIR}" c3p0
+		java-pkg_jar-from --into "${TSK_JAR_DIR}" commons-lang:3.1
+		java-pkg_jar-from --into "${TSK_JAR_DIR}" guava:20
+		java-pkg_jar-from --into "${TSK_JAR_DIR}" jdbc-postgresql
+		java-pkg_jar-from --into "${TSK_JAR_DIR}" joda-time
+
+		# case-uco needs gson and expects it under case-uco/java/lib
+		# symlink it to the jar dir we create for java bindings
+		ln -s "${TSK_JAR_DIR}" "${S}"/case-uco/java/lib || die
+	fi
+
+	# Create the doc output dirs if requested
+	if use doc; then
+		mkdir -p "${T}"/doc/{api-docs,jni-docs} || die
+	fi
+
+	emake all $(usex doc api-docs "")
+}
+
+src_install() {
+	local f
+
+	if use java; then
+		pushd "${S}"/bindings/java &>/dev/null || die
+
+		# Install case-uco
+		pushd "${S}"/case-uco/java &>/dev/null || die
+		java-pkg_newjar "dist/${PN}-caseuco-${PV}".jar "${PN}-caseuco.jar"
+		popd || die
+
+		# Install the bundled jar files as well as the
+		# sleuthkit jar installed here by case-uco
+		pushd "${TSK_JAR_DIR}" &>/dev/null || die
+		for f in *; do
+			# Skip the symlinks java-pkg_jar-from created
+			[[ -f ${f} ]] || continue
+
+			# Strip the version numbers as per eclass recommendation
+			[[ ${f} =~ -([0-9]+\.)+jar$ ]] || continue
+
+			java-pkg_newjar "${f}" "${f/${BASH_REMATCH[0]}/.jar}"
+		done
+		popd &>/dev/null || die
+
+		popd &>/dev/null || die
+	fi
+
+	default
+	# Default install target for case-uco installs the jar in the wrong place
+	rm -r "${ED}"/usr/share/java
+
+	# It unconditionally builds both api and jni docs
+	# We install conditionally based on the provided use flags
+	if use doc; then
+		dodoc -r "${T}"/doc/api-docs
+		use java && dodoc -r "${T}"/doc/jni-docs
+	fi
+
+	find "${D}" -name '*.la' -delete || die
+}