From 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 14 Jul 2018 21:03:06 +0100 Subject: gentoo resync : 14.07.2018 --- dev-libs/crypto++/Manifest | 7 +++ dev-libs/crypto++/crypto++-5.6.5-r1.ebuild | 60 ++++++++++++++++++++++ dev-libs/crypto++/crypto++-7.0.0-r2.ebuild | 41 +++++++++++++++ .../crypto++/files/crypto++-5.6.4-nonative.patch | 28 ++++++++++ .../files/crypto++-5.6.5-CVE-2017-9434.patch | 45 ++++++++++++++++ dev-libs/crypto++/metadata.xml | 21 ++++++++ 6 files changed, 202 insertions(+) create mode 100644 dev-libs/crypto++/Manifest create mode 100644 dev-libs/crypto++/crypto++-5.6.5-r1.ebuild create mode 100644 dev-libs/crypto++/crypto++-7.0.0-r2.ebuild create mode 100644 dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch create mode 100644 dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch create mode 100644 dev-libs/crypto++/metadata.xml (limited to 'dev-libs/crypto++') diff --git a/dev-libs/crypto++/Manifest b/dev-libs/crypto++/Manifest new file mode 100644 index 000000000000..a1ed7dab2b86 --- /dev/null +++ b/dev-libs/crypto++/Manifest @@ -0,0 +1,7 @@ +AUX crypto++-5.6.4-nonative.patch 1011 BLAKE2B e8f8245dbb1ce9a0011c0e73ea1021ab4e0e197d2f3eaeaa455265dcbb75b19d50bb308b787bd926afee994c674203622662a120b6c539d6fed6c434bae86b55 SHA512 fd9973d5fcb8182f89388276c54e8698c9b0ec82be1e93a575b4a00ad5f8b2966cd2cf699258dbf8b681423b31cb3d926a694d36d0eb07bf583811d55e845837 +AUX crypto++-5.6.5-CVE-2017-9434.patch 1728 BLAKE2B 0cfd25fca89d59486ba9c49a87f04d90f0b5bff524aa817a46dcb1c3fd005609a938e08007d71bf407bd8ef0c334baa2054b44c2aac58c15817314223c7b0a2c SHA512 42566d3e67c6b253b65587877652112691ba91e554db47843256a9c2af8a29d7950266a508358356f008462ec51cc1dadf4d0e9dbbd33a33a5a94d029eebc1f9 +DIST cryptopp565.zip 4220843 BLAKE2B 0c42da3564cdd175c2f2c5c4272caf826f21e47d2271c7f54acab86f5f79dcdad8d6cb946bc88f55fde6189bb2d24ad8fb03dda6b3b8c6f105434b55b8b217d0 SHA512 f13718d02ca69b0129aaf9e767c9d2e0333aa7538355f9c63d9eaf1ff369062084a18dc01489439ebf37797b3ea81b01beb072057d47ec962bfb824ddc72abc7 +DIST cryptopp700.zip 7296665 BLAKE2B 1b1a60e240a9d94b4edfea16beef0ec48ec26c61f7f9a3d89d29bd2e77b13a83ce942f81467bb90d3086253560a3c4acd6b89178dcb416ed4328340ad5222dfd SHA512 8fd8d680e5ceaf10b3c32cb1504bda4b32abc9fcaa2c6e61e3b5e67aca805c792579884bc6a749c29a99105304c421d03d7fe7909fc58f750b3155c7c5cec8ec +EBUILD crypto++-5.6.5-r1.ebuild 1529 BLAKE2B 986777433697a41644c784a03c574b46b8342354fd487750340410ed0721ac7b92f30f69606c948735e6f61c3864917ea362fb43e8d543aaca96b15d82bc4aa6 SHA512 ce3bbb0be152c64998b4f8d242b1481fe1e1ac9d541867095e0d9405833f043153a1eaf4b848710ca7dc58481e626fc535042253319f0c65836b5c3ff4fc34ce +EBUILD crypto++-7.0.0-r2.ebuild 981 BLAKE2B aa372f9507a732c7a63703671efcde61e989068380ebbe0e1844b23b77f0cdee9abb7f86e8998497f8c8e6fd01adb67ebc956acce422281ce2e0ede4274eb7d4 SHA512 aa75b99f040ef699cd643846e43f42d9cd2b287dc419e81da2b60056bfb9953aeaf4f647ade43c78a362da2982727a10372934c12662216d176402c1f35d6f4a +MISC metadata.xml 597 BLAKE2B 8e8dd9fb9a60f2a5e7fdda6de99b6a07264d54aaa666a41d7fb30da338f91867bdda7135bd21e92191722de7e14ac10f394ac8d8f3118109f4ce6800fb12ebc0 SHA512 e20fd2e76765968417d659a6342ff9229dc822c2291bca00dd6cccd55dc3195563574aaf3a88c68b111821b41c9bce172f4d79bbb462f2b913ab15bcc2c2ee5a diff --git a/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild b/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild new file mode 100644 index 000000000000..ca9bfbc1c080 --- /dev/null +++ b/dev-libs/crypto++/crypto++-5.6.5-r1.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit flag-o-matic toolchain-funcs + +DESCRIPTION="C++ class library of cryptographic schemes" +HOMEPAGE="https://cryptopp.com" +SRC_URI="https://www.cryptopp.com/cryptopp${PV//.}.zip" + +LICENSE="Boost-1.0" +SLOT="0/5.6" # subslot is so version +KEYWORDS="alpha amd64 ~arm arm64 hppa ppc ppc64 sparc x86 ~x64-macos" +IUSE="static-libs" + +DEPEND="app-arch/unzip" + +S="${WORKDIR}" + +PATCHES=( + "${FILESDIR}/${PN}-5.6.4-nonative.patch" + "${FILESDIR}/${P}-CVE-2017-9434.patch" +) + +pkg_setup() { + export CXX="$(tc-getCXX)" + export LIBDIR="${EPREFIX}/usr/$(get_libdir)" + export PREFIX="${EPREFIX}/usr" +} + +src_compile() { + # higher optimizations cause problems + replace-flags -O3 -O2 + # ASM isn't Darwin/Mach-O ready, #479554, buildsys doesn't grok CPPFLAGS + [[ ${CHOST} == *-darwin* ]] && append-cxxflags -DCRYPTOPP_DISABLE_ASM + + emake -f GNUmakefile all shared +} + +src_install() { + default + + # remove leftovers as build system sucks + rm -fr "${ED}"/usr/bin "${ED}"/usr/share/cryptopp + use static-libs || rm -f "${ED}${EPREFIX}"/usr/$(get_libdir)/*.a + + # compatibility + dosym cryptopp "${EPREFIX}"/usr/include/crypto++ + for f in "${ED}${EPREFIX}"/usr/$(get_libdir)/*; do + ln -s "$(basename "${f}")" "$(echo "${f}" | sed 's/cryptopp/crypto++/')" || die + done +} + +pkg_preinst() { + # we switched directory to symlink + # make sure portage digests that + rm -fr "${EROOT}/usr/include/crypto++" + rm -fr "${EROOT}/usr/include/cryptopp" +} diff --git a/dev-libs/crypto++/crypto++-7.0.0-r2.ebuild b/dev-libs/crypto++/crypto++-7.0.0-r2.ebuild new file mode 100644 index 000000000000..24273393bf5f --- /dev/null +++ b/dev-libs/crypto++/crypto++-7.0.0-r2.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit flag-o-matic toolchain-funcs + +DESCRIPTION="C++ class library of cryptographic schemes" +HOMEPAGE="https://cryptopp.com" +SRC_URI="https://www.cryptopp.com/cryptopp${PV//.}.zip" + +LICENSE="Boost-1.0" +SLOT="0/7" # subslot is so version +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~x64-macos" +IUSE="+asm static-libs" + +DEPEND="app-arch/unzip" + +S="${WORKDIR}" + +pkg_setup() { + export CXX="$(tc-getCXX)" + export LIBDIR="${EPREFIX}/usr/$(get_libdir)" + export PREFIX="${EPREFIX}/usr" +} + +src_compile() { + + use asm || append-cxxflags -DCRYPTOPP_DISABLE_ASM + + # ASM isn't Darwin/Mach-O ready, #479554, buildsys doesn't grok CPPFLAGS + [[ ${CHOST} == *-darwin* ]] && append-cxxflags -DCRYPTOPP_DISABLE_ASM + + emake -f GNUmakefile all shared libcryptopp.pc +} + +src_install() { + default + + use static-libs || rm -f "${ED}${EPREFIX}"/usr/$(get_libdir)/*.a +} diff --git a/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch b/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch new file mode 100644 index 000000000000..77d74ee729e9 --- /dev/null +++ b/dev-libs/crypto++/files/crypto++-5.6.4-nonative.patch @@ -0,0 +1,28 @@ +Index: work/GNUmakefile +=================================================================== +--- work.orig/GNUmakefile ++++ work/GNUmakefile +@@ -125,23 +125,6 @@ ifeq ($(IS_X86)$(IS_X32)$(IS_CYGWIN)$(IS + endif + endif + +-# Guard use of -march=native +-ifeq ($(GCC42_OR_LATER)$(IS_NETBSD),10) +- CXXFLAGS += -march=native +-else ifneq ($(CLANG_COMPILER)$(INTEL_COMPILER),00) +- CXXFLAGS += -march=native +-else +- # GCC 3.3 and "unknown option -march=" +- # Ubuntu GCC 4.1 compiler crash with -march=native +- # NetBSD GCC 4.8 compiler and "bad value (native) for -march= switch" +- # Sun compiler is handled below +- ifeq ($(SUN_COMPILER)$(IS_X64),01) +- CXXFLAGS += -m64 +- else ifeq ($(SUN_COMPILER)$(IS_X86),01) +- CXXFLAGS += -m32 +- endif # X86/X32/X64 +-endif +- + # Aligned access required for -O3 and above due to vectorization + UNALIGNED_ACCESS := $(shell $(EGREP) -c "^[[:space:]]*//[[:space:]]*\#[[:space:]]*define[[:space:]]*CRYPTOPP_NO_UNALIGNED_DATA_ACCESS" config.h) + ifneq ($(UNALIGNED_ACCESS),0) diff --git a/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch b/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch new file mode 100644 index 000000000000..428f48901a31 --- /dev/null +++ b/dev-libs/crypto++/files/crypto++-5.6.5-CVE-2017-9434.patch @@ -0,0 +1,45 @@ +From 07dbcc3d9644b18e05c1776db2a57fe04d780965 Mon Sep 17 00:00:00 2001 +From: Jeffrey Walton +Date: Wed, 10 May 2017 18:17:12 -0400 +Subject: [PATCH] Add Inflator::BadDistanceErr exception (Issue 414) The + improved validation and excpetion clears the Address Sanitizer and Undefined + Behavior Sanitizer findings + +--- + zinflate.cpp | 8 +++++++- + zinflate.h | 4 ++++ + 3 files changed, 14 insertions(+), 4 deletions(-) + +diff --git a/zinflate.cpp b/zinflate.cpp +index 664efe6..fbd7505 100644 +--- a/zinflate.cpp ++++ b/zinflate.cpp +@@ -550,12 +550,16 @@ bool Inflator::DecodeBody() + break; + } + case DISTANCE_BITS: ++ if (m_distance >= COUNTOF(distanceExtraBits)) ++ throw BadDistanceErr(); + bits = distanceExtraBits[m_distance]; + if (!m_reader.FillBuffer(bits)) + { + m_nextDecode = DISTANCE_BITS; + break; + } ++ if (m_distance >= COUNTOF(distanceStarts)) ++ throw BadDistanceErr(); + m_distance = m_reader.GetBits(bits) + distanceStarts[m_distance]; + OutputPast(m_literal, m_distance); + } +diff --git a/zinflate.h b/zinflate.h +index e2fd237..c47d2f6 100644 +--- a/zinflate.h ++++ b/zinflate.h +@@ -96,6 +96,7 @@ public: + }; + class UnexpectedEndErr : public Err {public: UnexpectedEndErr() : Err(INVALID_DATA_FORMAT, "Inflator: unexpected end of compressed block") {}}; + class BadBlockErr : public Err {public: BadBlockErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in compressed block") {}}; ++ class BadDistanceErr : public Err {public: BadDistanceErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in bit distance") {}}; + + //! \brief RFC 1951 Decompressor + //! \param attachment the filter's attached transformation diff --git a/dev-libs/crypto++/metadata.xml b/dev-libs/crypto++/metadata.xml new file mode 100644 index 000000000000..3227b3be7c78 --- /dev/null +++ b/dev-libs/crypto++/metadata.xml @@ -0,0 +1,21 @@ + + + + + crypto@gentoo.org + Crypto + + + noloader@gmail.com + Jeffrey Walton + + + Support assembly hand optimized crypto functions (i.e. faster run time) + + + weidai11/cryptopp + + + so version + + -- cgit v1.2.3