From dd762ff83c330186ee2ede002e08b2f780cddd51 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 14 Jul 2019 11:04:34 +0100 Subject: gentoo resync : 14.07.2019 --- app-arch/dump/Manifest | 2 + app-arch/dump/dump-0.4.46-r1.ebuild | 87 +++++++++++++++++++++++ app-arch/dump/files/dump-0.4.46-openssl11.patch | 91 +++++++++++++++++++++++++ 3 files changed, 180 insertions(+) create mode 100644 app-arch/dump/dump-0.4.46-r1.ebuild create mode 100644 app-arch/dump/files/dump-0.4.46-openssl11.patch (limited to 'app-arch/dump') diff --git a/app-arch/dump/Manifest b/app-arch/dump/Manifest index 9db1c61ad7a7..7801d4424b46 100644 --- a/app-arch/dump/Manifest +++ b/app-arch/dump/Manifest @@ -1,3 +1,5 @@ +AUX dump-0.4.46-openssl11.patch 3324 BLAKE2B 5cc60ef04e7f53e96e900bc78e41f4c4bcf46f3000663ac7bb1995856b5cf067c69d84331b5dfd52da4ef2649e61f6e410e59f9a99bff3be44f9e46df1b75b4f SHA512 ae7c2549683a4cf33760685fe5b07ca88b158e81f5e3b866e58f618dced4c5909dec231d07a1df590a5ebbbc9f0eee575e63f4ffae719afe01315d53d63a76b0 DIST dump-0.4b46.tar.gz 578200 BLAKE2B 91102bdba06f3affdf4ebd9de525145c0a4cc1b9fb4c6ff222c411c118b3b7835f3aad666d530019d8b9ee46590e4a283a143d188d6800218100cecf67877274 SHA512 a30e72ab6c4d18497dffe3d25634c2e55ca90861d1cd8a6c0fd44709e735a217dbf4cdabb8c80e02053def94d9a22cf1d685ee0d0f24f5b748ee5f0de19cf17d +EBUILD dump-0.4.46-r1.ebuild 2163 BLAKE2B 5f635773a87a38f5fdb9572cfcc515d5eebe6c6348a3c6912a5f683beb0818a4517d9fbe9b4eec5470a10219a5231f1a783552b7cbec56a10e51b552ffcd6ae6 SHA512 b5f9a6ae66f66b6a242f35e7dd45770ab4fd7982feb8ded709e8be6fff10c00935cd046d1000927ab948f9a6413060e4b2bd179c363ab2e2ae24b5e4e0fa7047 EBUILD dump-0.4.46.ebuild 2113 BLAKE2B 431fd8ae0fa1c3b28015f27687c28f43a8d6fcb205c97a99f3d4ee1e96d3da7683456f02e4683b85c202848ddcc9efdaac85b63f31e0a4ad5fbf2d430465a8b5 SHA512 b99325a0d0cee4599e2e00ed40ea4a49050321c7b11d6fc2416dafa7b2dff56896d7861940ed009393e73dd514beb9f2b9c7e4c494664ed9c517987844ffba90 MISC metadata.xml 542 BLAKE2B beff8763f8b3848f9592dbf200cb547e9c416e7d675b4e9015f20b417861523949916da4a6a38553abf7fdf5fc839841870f74258becb4e8dbbcbca9c564e328 SHA512 670b1e0032f69e22337cbd18c25ecda11a239d63345c32526e111ad2eb23199892aa7e1f39a79168bb4b81b6ebde4c7796f8ccf78233f3244bfbaf62c7e0345d diff --git a/app-arch/dump/dump-0.4.46-r1.ebuild b/app-arch/dump/dump-0.4.46-r1.ebuild new file mode 100644 index 000000000000..f984ca0ef78b --- /dev/null +++ b/app-arch/dump/dump-0.4.46-r1.ebuild @@ -0,0 +1,87 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit versionator + +MY_P="${PN}-$(replace_version_separator 2 b)" +S=${WORKDIR}/${MY_P} +DESCRIPTION="Dump/restore ext2fs backup utilities" +HOMEPAGE="http://dump.sourceforge.net/" +SRC_URI="mirror://sourceforge/dump/${MY_P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" +# We keep uuid USE flag default dsiabled for this version. Don't forget +# to default enable it for later versions as this is the upstream default. +IUSE="bzip2 debug ermt libressl lzo readline selinux sqlite ssl static test uuid zlib" +REQUIRED_USE=" + ermt? ( ssl ) + ssl? ( zlib ) + test? ( sqlite? ( uuid ) ) +" + +RDEPEND=">=sys-fs/e2fsprogs-1.27:= + >=sys-libs/e2fsprogs-libs-1.27:= + sys-apps/util-linux + bzip2? ( >=app-arch/bzip2-1.0.2:= ) + zlib? ( >=sys-libs/zlib-1.1.4:= ) + lzo? ( dev-libs/lzo:2= ) + sqlite? ( dev-db/sqlite:3= ) + ermt? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + ) + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + ) + readline? ( + sys-libs/readline:0= + sys-libs/ncurses:= + static? ( sys-libs/ncurses:=[static-libs] ) + )" +DEPEND="${RDEPEND} + virtual/pkgconfig + virtual/os-headers" + +PATCHES=( "${FILESDIR}"/${P}-openssl11.patch ) + +src_configure() { + local myeconfargs=( + --with-dumpdatespath=/etc/dumpdates + --with-rmtpath='$(sbindir)/rmt' + --enable-blkid + $(use_enable bzip2) + $(use_enable debug) + $(use_enable ermt) + $(use_enable lzo) + $(use_enable readline) + $(use_enable selinux) + $(use_enable sqlite) + $(use_enable ssl) + $(use_enable static static-progs) + $(use_enable uuid) + $(use_enable zlib) + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + mv "${ED}"/usr/sbin/{,dump-}rmt || die + mv "${ED}"/usr/share/man/man8/{,dump-}rmt.8 || die + use ermt && newsbin rmt/ermt dump-ermt + + dodoc KNOWNBUGS MAINTAINERS REPORTING-BUGS + dodoc -r examples +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + ewarn "app-arch/dump installs 'rmt' as 'dump-rmt'." + ewarn "This is to avoid conflicts with app-arch/tar 'rmt'." + fi +} diff --git a/app-arch/dump/files/dump-0.4.46-openssl11.patch b/app-arch/dump/files/dump-0.4.46-openssl11.patch new file mode 100644 index 000000000000..db18e8190f5c --- /dev/null +++ b/app-arch/dump/files/dump-0.4.46-openssl11.patch @@ -0,0 +1,91 @@ +Index: dump-0.4b46/common/transformation_ssl.c +=================================================================== +--- dump-0.4b46.orig/common/transformation_ssl.c ++++ dump-0.4b46/common/transformation_ssl.c +@@ -215,7 +215,10 @@ generateIV(Transformation *xform, unsign + /* to be exposed to any attacker anyway. */ + *saltlen = 16; + if (xform->enc == 1) { +- RAND_pseudo_bytes(salt, *saltlen); ++ if (!RAND_bytes(salt, *saltlen) != 1) { ++ /* PRNG not sufficiently seeded */ ++ return -1; ++ } + } + memcpy(ivbuffer, salt, 16); + +@@ -274,7 +277,7 @@ ssl_compress(Transformation *xform, stru + digestlen = sizeof(digest); + + /* generate salt, put it in header */ +- generateIV(xform, salt, &saltlen, iv, &ivlen); ++ generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */ + memcpy(tpbin->buf, salt, saltlen); + + /* compress the buffer first - increase the entropy */ +@@ -351,7 +354,7 @@ ssl_decompress(Transformation *xform, st + + // how to know salt length? + memcpy(salt, src, saltlen); +- generateIV(xform, salt, &saltlen, iv, &ivlen); ++ generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */ + + EVP_DecryptInit_ex(xform->state.ssl.dataCtx, xform->state.ssl.cipher, xform->state.ssl.engine, NULL, NULL); + //EVP_CIPHER_CTX_set_key_length(&ctx, 8); +@@ -515,7 +518,7 @@ Transformation + //EVP_CIPHER_CTX_rand_key(ctx, t->state.ssl.key); + //EVP_CIPHER_CTX_cleanup(ctx); + //EVP_CIPHER_CTX_free(ctx); +- RAND_bytes(t->state.ssl.key, t->state.ssl.cipher->key_len); ++ RAND_bytes(t->state.ssl.key, EVP_CIPHER_key_length(t->state.ssl.cipher)); + } else { + // how do we get keys? + } +Index: dump-0.4b46/rmt/cipher.c +=================================================================== +--- dump-0.4b46.orig/rmt/cipher.c ++++ dump-0.4b46/rmt/cipher.c +@@ -23,7 +23,7 @@ + char * + cipher(char *buf, int buflen, int do_encrypt) + { +- static EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); + static char *out = NULL; /* return value, grown as necessary */ + static int outlen = 0; + static int init = 0, which, blocksize; +@@ -71,13 +71,13 @@ cipher(char *buf, int buflen, int do_enc + } + EVP_BytesToKey(cipher, EVP_md5(), NULL, + buf, strlen(buf), 1, key, iv); +- EVP_CIPHER_CTX_init(&ctx); +- EVP_CipherInit_ex(&ctx, cipher, NULL, key, iv, do_encrypt); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); // -nopad ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, do_encrypt); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); // -nopad + OPENSSL_cleanse(buf, sizeof buf); + OPENSSL_cleanse(key, sizeof key); + OPENSSL_cleanse(iv, sizeof iv); +- blocksize = EVP_CIPHER_CTX_block_size(&ctx); ++ blocksize = EVP_CIPHER_CTX_block_size(ctx); + which = do_encrypt; + init = 1; + } +@@ -95,7 +95,7 @@ cipher(char *buf, int buflen, int do_enc + outlen = (buflen+blocksize) * 2; + out = realloc(out, outlen); + } +- if (!EVP_CipherUpdate(&ctx, out, &n, buf, buflen)) { ++ if (!EVP_CipherUpdate(ctx, out, &n, buf, buflen)) { + syslog(LOG_ERR, "EVP_CipherUpdate failed"); + errno = EINVAL; + return NULL; +@@ -106,6 +106,7 @@ cipher(char *buf, int buflen, int do_enc + return NULL; + } + // assert(ctx->buf_len == 0); ++ EVP_CIPHER_CTX_free(ctx); + return out; + } + -- cgit v1.2.3