argon2, cryptsetup: upgraded packages to upstream
Upgraded sys-fs/cryptsetup to version 2.3.2 on amd64
Upgraded app-crypt/argon2 to version 20190702 on amd64
Add crypsetup to set a dm-integrity dm-crypt backed swap
partition.
BUG=chromium:1118228
TEST=Add such a device with cryptsetup.
Change-Id: If0db1f022f8cfd6afac67e3ab539d1da05b227ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/portage-stable/+/2362968
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Gwendal Grignou <gwendal@chromium.org>
Commit-Queue: Gwendal Grignou <gwendal@chromium.org>
diff --git a/app-crypt/argon2/Manifest b/app-crypt/argon2/Manifest
new file mode 100644
index 0000000..cc1597d
--- /dev/null
+++ b/app-crypt/argon2/Manifest
@@ -0,0 +1 @@
+DIST argon2-20190702.tar.gz 1505307 BLAKE2B fa9c3dde7b39c8d797a3d6b52992ebfe35f5eba1c7d7b3aa02c440edc36a3f5186cacee2e39e27ed7c6356dc1970dac0e8198d6f2065eb63ff77f9dfb2937cf8 SHA512 0a4cb89e8e63399f7df069e2862ccd05308b7652bf4ab74372842f66bcc60776399e0eaf979a7b7e31436b5e6913fe5b0a6949549d8c82ebd06e0629b106e85f
diff --git a/app-crypt/argon2/argon2-20190702.ebuild b/app-crypt/argon2/argon2-20190702.ebuild
new file mode 100644
index 0000000..316f7d0
--- /dev/null
+++ b/app-crypt/argon2/argon2-20190702.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs
+
+DESCRIPTION="Password hashing software that won the Password Hashing Competition (PHC)"
+HOMEPAGE="https://github.com/P-H-C/phc-winner-argon2"
+SRC_URI="https://github.com/P-H-C/phc-winner-argon2/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="|| ( Apache-2.0 CC0-1.0 )"
+SLOT="0/1"
+KEYWORDS="*"
+IUSE="static-libs"
+
+S="${WORKDIR}/phc-winner-${P}"
+
+DOCS=( argon2-specs.pdf CHANGELOG.md README.md )
+
+src_prepare() {
+ default
+ if ! use static-libs; then
+ sed -i -e '/LIBRARIES =/s/\$(LIB_ST)//' Makefile || die
+ fi
+ sed -i \
+ -e 's/-O3//' \
+ -e 's/-g//' \
+ -e 's/-march=\$(OPTTARGET)//' \
+ Makefile || die
+
+ tc-export CC
+
+ OPTTEST=1
+ if use amd64 || use x86; then
+ $(tc-getCPP) ${CFLAGS} ${CPPFLAGS} -P - <<-EOF &>/dev/null && OPTTEST=0
+ #if defined(__SSE2__)
+ true
+ #else
+ #error false
+ #endif
+ EOF
+ fi
+}
+
+src_compile() {
+ emake OPTTEST="${OPTTEST}" LIBRARY_REL="$(get_libdir)" \
+ ARGON2_VERSION="0~${PV}"
+}
+
+src_test() {
+ emake OPTTEST="${OPTTEST}" test
+}
+
+src_install() {
+ emake OPTTEST="${OPTTEST}" DESTDIR="${ED}" LIBRARY_REL="$(get_libdir)" install
+ einstalldocs
+ doman man/argon2.1
+}
diff --git a/app-crypt/argon2/metadata.xml b/app-crypt/argon2/metadata.xml
new file mode 100644
index 0000000..c70ce0e
--- /dev/null
+++ b/app-crypt/argon2/metadata.xml
@@ -0,0 +1,23 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>simon-bgo@slevermann.de</email>
+ <name>Simon Levermann</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-maint@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <maintainer type="person">
+ <email>mgorny@gentoo.org</email>
+ <name>MichaĆ Górny</name>
+ </maintainer>
+ <longdescription>Argon2 is a password hashing tool and library that won the Password Hashing Competition (PHC)</longdescription>
+ <slots>
+ <subslots>Reflect ABI of libargon2.so.</subslots>
+ </slots>
+ <upstream>
+ <remote-id type="github">P-H-C/phc-winner-argon2</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/metadata/md5-cache/app-crypt/argon2-20190702 b/metadata/md5-cache/app-crypt/argon2-20190702
new file mode 100644
index 0000000..c91eb5e
--- /dev/null
+++ b/metadata/md5-cache/app-crypt/argon2-20190702
@@ -0,0 +1,11 @@
+DEFINED_PHASES=compile install prepare test
+DESCRIPTION=Password hashing software that won the Password Hashing Competition (PHC)
+EAPI=7
+HOMEPAGE=https://github.com/P-H-C/phc-winner-argon2
+IUSE=static-libs
+KEYWORDS=*
+LICENSE=|| ( Apache-2.0 CC0-1.0 )
+SLOT=0/1
+SRC_URI=https://github.com/P-H-C/phc-winner-argon2/archive/20190702.tar.gz -> argon2-20190702.tar.gz
+_eclasses_=multilib 2477ebe553d3e4d2c606191fe6c33602 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
+_md5_=e3e60fc53e6c01a91f17afd480937827
diff --git a/metadata/md5-cache/sys-fs/cryptsetup-1.7.5 b/metadata/md5-cache/sys-fs/cryptsetup-1.7.5
deleted file mode 100644
index b10a60c..0000000
--- a/metadata/md5-cache/sys-fs/cryptsetup-1.7.5
+++ /dev/null
@@ -1,14 +0,0 @@
-DEFINED_PHASES=compile configure install prepare setup test
-DEPEND=static-libs? ( dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] sys-apps/util-linux[static-libs(+)] gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(+)] ) ) dev-libs/libgpg-error dev-libs/popt sys-apps/util-linux gcrypt? ( dev-libs/libgcrypt:0= ) nettle? ( >=dev-libs/nettle-2.4 ) openssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:= ) ) pwquality? ( dev-libs/libpwquality ) sys-fs/lvm2 udev? ( virtual/libudev ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_6? ( dev-lang/python:3.6 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_6(-)] ) virtual/pkgconfig static? ( dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] sys-apps/util-linux[static-libs(+)] gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(+)] ) ) >=app-portage/elt-patches-20170815 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
-DESCRIPTION=Tool to setup encrypted devices with dm-crypt
-EAPI=5
-HOMEPAGE=https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md
-IUSE=+gcrypt kernel nettle openssl libressl nls pwquality python reencrypt static static-libs udev urandom python_targets_python2_7 python_targets_python3_6 kernel_linux
-KEYWORDS=*
-LICENSE=GPL-2+
-RDEPEND=static-libs? ( dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] sys-apps/util-linux[static-libs(+)] gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(+)] ) ) dev-libs/libgpg-error dev-libs/popt sys-apps/util-linux gcrypt? ( dev-libs/libgcrypt:0= ) nettle? ( >=dev-libs/nettle-2.4 ) openssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:= ) ) pwquality? ( dev-libs/libpwquality ) sys-fs/lvm2 udev? ( virtual/libudev ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_6? ( dev-lang/python:3.6 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_6(-)] )
-REQUIRED_USE=^^ ( gcrypt kernel nettle openssl ) python? ( || ( python_targets_python2_7 python_targets_python3_6 ) ) static? ( !gcrypt )
-SLOT=0
-SRC_URI=mirror://kernel/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.xz
-_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 distutils-r1 198e3b9ddb55ae36b2a50b07ca2877ef eapi7-ver 756b3f27d8e46131d5cf3c51bd876446 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 06133990e861be0fe60c2b428fd025d9 libtool f143db5a74ccd9ca28c1234deffede96 linux-info 327865b9921771330775d971263dc234 multibuild 40fe59465edacd730c644ec2bc197809 multilib 2477ebe553d3e4d2c606191fe6c33602 multiprocessing e32940a7b2a9992ad217eccddb84d548 python-r1 79e26ce8f853c9daebe9a4956e37cc1b python-utils-r1 157a6a7a3e99c7dbdf81acc9dd4f57cd toolchain-funcs 605c126bed8d87e4378d5ff1645330cb versionator 26ca8a8bd95d6a74122c08ba98a4ee72 xdg-utils ff2ff954e6b17929574eee4efc5152ba
-_md5_=cd4323588f0477d6459e0f6ff6f8f1e0
diff --git a/metadata/md5-cache/sys-fs/cryptsetup-2.3.2 b/metadata/md5-cache/sys-fs/cryptsetup-2.3.2
new file mode 100644
index 0000000..ff81296
--- /dev/null
+++ b/metadata/md5-cache/sys-fs/cryptsetup-2.3.2
@@ -0,0 +1,15 @@
+BDEPEND=virtual/pkgconfig >=app-portage/elt-patches-20170815
+DEFINED_PHASES=configure install prepare pretend setup test
+DEPEND=static-libs? ( dev-libs/json-c:=[static-libs(+)] dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] >=sys-apps/util-linux-2.31-r1[static-libs(+)] argon2? ( app-crypt/argon2:=[static-libs(+)] ) gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:0=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(-)] ) ) dev-libs/json-c:= dev-libs/libgpg-error dev-libs/popt >=sys-apps/util-linux-2.31-r1 argon2? ( app-crypt/argon2:= ) gcrypt? ( dev-libs/libgcrypt:0= ) nettle? ( >=dev-libs/nettle-2.4 ) openssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) pwquality? ( dev-libs/libpwquality ) sys-fs/lvm2 udev? ( virtual/libudev ) static? ( dev-libs/json-c:=[static-libs(+)] dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] >=sys-apps/util-linux-2.31-r1[static-libs(+)] argon2? ( app-crypt/argon2:=[static-libs(+)] ) gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:0=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(-)] ) ) !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
+DESCRIPTION=Tool to setup encrypted devices with dm-crypt
+EAPI=7
+HOMEPAGE=https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md
+IUSE=gcrypt kernel nettle +openssl +argon2 libressl luks1_default nls pwquality reencrypt static static-libs +udev urandom kernel_linux
+KEYWORDS=*
+LICENSE=GPL-2+
+RDEPEND=static-libs? ( dev-libs/json-c:=[static-libs(+)] dev-libs/libgpg-error[static-libs(+)] dev-libs/popt[static-libs(+)] >=sys-apps/util-linux-2.31-r1[static-libs(+)] argon2? ( app-crypt/argon2:=[static-libs(+)] ) gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] ) nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) openssl? ( !libressl? ( dev-libs/openssl:0=[static-libs(+)] ) libressl? ( dev-libs/libressl:0=[static-libs(+)] ) ) pwquality? ( dev-libs/libpwquality[static-libs(+)] ) sys-fs/lvm2[static-libs(+)] udev? ( virtual/libudev[static-libs(-)] ) ) dev-libs/json-c:= dev-libs/libgpg-error dev-libs/popt >=sys-apps/util-linux-2.31-r1 argon2? ( app-crypt/argon2:= ) gcrypt? ( dev-libs/libgcrypt:0= ) nettle? ( >=dev-libs/nettle-2.4 ) openssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:0= ) ) pwquality? ( dev-libs/libpwquality ) sys-fs/lvm2 udev? ( virtual/libudev )
+REQUIRED_USE=^^ ( gcrypt kernel nettle openssl ) libressl? ( openssl ) static? ( !gcrypt )
+SLOT=0/12
+SRC_URI=https://www.kernel.org/pub/linux/utils/cryptsetup/v2.3/cryptsetup-2.3.2.tar.xz
+_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 libtool f143db5a74ccd9ca28c1234deffede96 linux-info 327865b9921771330775d971263dc234 multilib 2477ebe553d3e4d2c606191fe6c33602 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
+_md5_=d56449d07ceabef90c4c1074900f9e0b
diff --git a/sys-fs/cryptsetup/Manifest b/sys-fs/cryptsetup/Manifest
index 0b79b46..9961a25 100644
--- a/sys-fs/cryptsetup/Manifest
+++ b/sys-fs/cryptsetup/Manifest
@@ -1 +1 @@
-DIST cryptsetup-1.7.5.tar.xz 1232696 SHA256 2b30cd1d0dd606a53ac77b406e1d37798d4b0762fa89de6ea546201906a251bd SHA512 d473f7b06d705a3868a70f3767fafc664436b5897ba59025ea1268f815cb80a9076841ff9ff96cc130fb83ba18b03c1eee38cfaf1b471fdd883a3e126b771439 WHIRLPOOL cd2fe15a08f3202c89055e334a3c56fcb60a19bda8135c7d833f384e9beb7fcd6f31fbbd4ac29572f46199f05bd6055b89b3d6733828354d9c985b3e55da4e14
+DIST cryptsetup-2.3.2.tar.xz 11037076 BLAKE2B b0f8a1a274e6b95b12aa7172dbdd41e512aea2c87a98d62b8b4d4cbb898b2d4b82e250368e385c4d4acc8e77046ea4b4f7be730750587569572c4b9490815bc1 SHA512 c5eb41751ca64ff906187f40805705570c261816b014dfcdbf2777f42e53668e32966197092a2235b8f6a7a4e7f9c3f301d82f17c45cfbcff96b9818631d7e5f
diff --git a/sys-fs/cryptsetup/cryptsetup-1.7.5.ebuild b/sys-fs/cryptsetup/cryptsetup-1.7.5.ebuild
deleted file mode 100644
index 3faf6f9..0000000
--- a/sys-fs/cryptsetup/cryptsetup-1.7.5.ebuild
+++ /dev/null
@@ -1,126 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-DISTUTILS_OPTIONAL=1
-PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
-
-inherit autotools distutils-r1 linux-info libtool eutils versionator
-
-DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
-HOMEPAGE="https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md"
-SRC_URI="mirror://kernel/linux/utils/${PN}/v$(get_version_component_range 1-2)/${P}.tar.xz"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="*"
-CRYPTO_BACKENDS="+gcrypt kernel nettle openssl"
-# we don't support nss since it doesn't allow cryptsetup to be built statically
-# and it's missing ripemd160 support so it can't provide full backward compatibility
-IUSE="${CRYPTO_BACKENDS} libressl nls pwquality python reencrypt static static-libs udev urandom"
-REQUIRED_USE="^^ ( ${CRYPTO_BACKENDS//+/} )
- python? ( ${PYTHON_REQUIRED_USE} )
- static? ( !gcrypt )" #496612
-
-LIB_DEPEND="dev-libs/libgpg-error[static-libs(+)]
- dev-libs/popt[static-libs(+)]
- sys-apps/util-linux[static-libs(+)]
- gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] )
- nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] )
- openssl? (
- !libressl? ( dev-libs/openssl:0=[static-libs(+)] )
- libressl? ( dev-libs/libressl:=[static-libs(+)] )
- )
- pwquality? ( dev-libs/libpwquality[static-libs(+)] )
- sys-fs/lvm2[static-libs(+)]
- udev? ( virtual/libudev[static-libs(+)] )"
-# We have to always depend on ${LIB_DEPEND} rather than put behind
-# !static? () because we provide a shared library which links against
-# these other packages. #414665
-RDEPEND="static-libs? ( ${LIB_DEPEND} )
- ${LIB_DEPEND//\[static-libs\(+\)\]}
- python? ( ${PYTHON_DEPS} )"
-DEPEND="${RDEPEND}
- virtual/pkgconfig
- static? ( ${LIB_DEPEND} )"
-
-#PATCHES=( )
-
-pkg_setup() {
- local CONFIG_CHECK="~DM_CRYPT ~CRYPTO ~CRYPTO_CBC ~CRYPTO_SHA256"
- local WARNING_DM_CRYPT="CONFIG_DM_CRYPT:\tis not set (required for cryptsetup)\n"
- local WARNING_CRYPTO_SHA256="CONFIG_CRYPTO_SHA256:\tis not set (required for cryptsetup)\n"
- local WARNING_CRYPTO_CBC="CONFIG_CRYPTO_CBC:\tis not set (required for kernel 2.6.19)\n"
- local WARNING_CRYPTO="CONFIG_CRYPTO:\tis not set (required for cryptsetup)\n"
- check_extra_config
-}
-
-src_prepare() {
- sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
- #epatch "${PATCHES[@]}"
- epatch_user && eautoreconf
-
- if use python ; then
- cd python
- cp "${FILESDIR}"/setup-1.7.0.py setup.py || die
- distutils-r1_src_prepare
- fi
-}
-
-src_configure() {
- if use kernel ; then
- ewarn "Note that kernel backend is very slow for this type of operation"
- ewarn "and is provided mainly for embedded systems wanting to avoid"
- ewarn "userspace crypto libraries."
- fi
-
- # We disable autotool python integration so we can use eclasses
- # for proper integration with multiple python versions.
- econf \
- --sbindir=/sbin \
- --enable-shared \
- --disable-python \
- $(use_enable static static-cryptsetup) \
- $(use_enable static-libs static) \
- $(use_enable nls) \
- $(use_enable pwquality) \
- $(use_enable reencrypt cryptsetup-reencrypt) \
- $(use_enable udev) \
- $(use_enable !urandom dev-random) \
- --with-crypto_backend=$(for x in ${CRYPTO_BACKENDS//+/} ; do usev ${x} ; done)
-
- use python && cd python && distutils-r1_src_configure
-}
-
-src_compile() {
- default
- use python && cd python && distutils-r1_src_compile
-}
-
-src_test() {
- if [[ ! -e /dev/mapper/control ]] ; then
- ewarn "No /dev/mapper/control found -- skipping tests"
- return 0
- fi
- local p
- for p in /dev/mapper /dev/loop* ; do
- addwrite ${p}
- done
- default
-}
-
-src_install() {
- default
- if use static ; then
- mv "${ED}"/sbin/cryptsetup{.static,} || die
- mv "${ED}"/sbin/veritysetup{.static,} || die
- use reencrypt && { mv "${ED}"/sbin/cryptsetup-reencrypt{.static,} || die ; }
- fi
- prune_libtool_files --modules
-
- newconfd "${FILESDIR}"/1.6.7-dmcrypt.confd dmcrypt
- newinitd "${FILESDIR}"/1.6.7-dmcrypt.rc dmcrypt
-
- use python && cd python && distutils-r1_src_install
-}
diff --git a/sys-fs/cryptsetup/cryptsetup-2.3.2.ebuild b/sys-fs/cryptsetup/cryptsetup-2.3.2.ebuild
new file mode 100644
index 0000000..24a96ee
--- /dev/null
+++ b/sys-fs/cryptsetup/cryptsetup-2.3.2.ebuild
@@ -0,0 +1,135 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools linux-info libtool
+
+DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
+HOMEPAGE="https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md"
+SRC_URI="https://www.kernel.org/pub/linux/utils/${PN}/v$(ver_cut 1-2)/${P/_/-}.tar.xz"
+
+LICENSE="GPL-2+"
+SLOT="0/12" # libcryptsetup.so version
+[[ ${PV} != *_rc* ]] && \
+KEYWORDS="*"
+CRYPTO_BACKENDS="gcrypt kernel nettle +openssl"
+# we don't support nss since it doesn't allow cryptsetup to be built statically
+# and it's missing ripemd160 support so it can't provide full backward compatibility
+IUSE="${CRYPTO_BACKENDS} +argon2 libressl luks1_default nls pwquality reencrypt static static-libs +udev urandom"
+REQUIRED_USE="^^ ( ${CRYPTO_BACKENDS//+/} )
+ libressl? ( openssl )
+ static? ( !gcrypt )" #496612
+
+LIB_DEPEND="
+ dev-libs/json-c:=[static-libs(+)]
+ dev-libs/libgpg-error[static-libs(+)]
+ dev-libs/popt[static-libs(+)]
+ >=sys-apps/util-linux-2.31-r1[static-libs(+)]
+ argon2? ( app-crypt/argon2:=[static-libs(+)] )
+ gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] )
+ nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] )
+ openssl? (
+ !libressl? ( dev-libs/openssl:0=[static-libs(+)] )
+ libressl? ( dev-libs/libressl:0=[static-libs(+)] )
+ )
+ pwquality? ( dev-libs/libpwquality[static-libs(+)] )
+ sys-fs/lvm2[static-libs(+)]
+ udev? ( virtual/libudev[static-libs(-)] )"
+# We have to always depend on ${LIB_DEPEND} rather than put behind
+# !static? () because we provide a shared library which links against
+# these other packages. #414665
+RDEPEND="static-libs? ( ${LIB_DEPEND} )
+ ${LIB_DEPEND//\[static-libs\([+-]\)\]}"
+DEPEND="${RDEPEND}
+ static? ( ${LIB_DEPEND} )"
+BDEPEND="
+ virtual/pkgconfig
+"
+
+S="${WORKDIR}/${P/_/-}"
+
+PATCHES=( "${FILESDIR}"/${PN}-2.0.4-fix-static-pwquality-build.patch )
+
+pkg_pretend() {
+ if ! use luks1_default ; then
+ ewarn "WARNING! WARNING! WARNING!"
+ ewarn "You have chosen LUKS2 as your default format."
+ ewarn "This can break LUKS1 backwards compatibility."
+ ewarn "Enable \"luks1_default\" USE flag if you need backwards compatibility."
+ fi
+}
+
+pkg_setup() {
+ local CONFIG_CHECK="~DM_CRYPT ~CRYPTO ~CRYPTO_CBC ~CRYPTO_SHA256"
+ local WARNING_DM_CRYPT="CONFIG_DM_CRYPT:\tis not set (required for cryptsetup)\n"
+ local WARNING_CRYPTO_SHA256="CONFIG_CRYPTO_SHA256:\tis not set (required for cryptsetup)\n"
+ local WARNING_CRYPTO_CBC="CONFIG_CRYPTO_CBC:\tis not set (required for kernel 2.6.19)\n"
+ local WARNING_CRYPTO="CONFIG_CRYPTO:\tis not set (required for cryptsetup)\n"
+ check_extra_config
+}
+
+src_prepare() {
+ sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
+ default
+ eautoreconf
+}
+
+src_configure() {
+ if use kernel ; then
+ ewarn "Note that kernel backend is very slow for this type of operation"
+ ewarn "and is provided mainly for embedded systems wanting to avoid"
+ ewarn "userspace crypto libraries."
+ fi
+
+ local myeconfargs=(
+ --disable-internal-argon2
+ --enable-shared
+ --sbindir=/sbin
+ # for later use
+ --with-default-luks-format=LUKS$(usex luks1_default 1 2)
+ --with-tmpfilesdir="${EPREFIX}/usr/lib/tmpfiles.d"
+ --with-crypto_backend=$(for x in ${CRYPTO_BACKENDS//+/} ; do usev ${x} ; done)
+ $(use_enable argon2 libargon2)
+ $(use_enable nls)
+ $(use_enable pwquality)
+ $(use_enable reencrypt cryptsetup-reencrypt)
+ $(use_enable static static-cryptsetup)
+ $(use_enable static-libs static)
+ $(use_enable udev)
+ $(use_enable !urandom dev-random)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_test() {
+ if [[ ! -e /dev/mapper/control ]] ; then
+ ewarn "No /dev/mapper/control found -- skipping tests"
+ return 0
+ fi
+
+ local p
+ for p in /dev/mapper /dev/loop* ; do
+ addwrite ${p}
+ done
+
+ default
+}
+
+src_install() {
+ default
+
+ if use static ; then
+ mv "${ED}"/sbin/cryptsetup{.static,} || die
+ mv "${ED}"/sbin/veritysetup{.static,} || die
+ if use reencrypt ; then
+ mv "${ED}"/sbin/cryptsetup-reencrypt{.static,} || die
+ fi
+ fi
+ find "${ED}" -type f -name "*.la" -delete || die
+
+ dodoc docs/v*ReleaseNotes
+
+ newconfd "${FILESDIR}"/1.6.7-dmcrypt.confd dmcrypt
+ newinitd "${FILESDIR}"/1.6.7-dmcrypt.rc dmcrypt
+}
diff --git a/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch b/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch
new file mode 100644
index 0000000..39524ec
--- /dev/null
+++ b/sys-fs/cryptsetup/files/cryptsetup-2.0.4-fix-static-pwquality-build.patch
@@ -0,0 +1,18 @@
+--- a/src/Makemodule.am 2018-07-31 14:32:46.000000000 +0200
++++ b/src/Makemodule.am 2018-08-12 17:13:26.000000000 +0200
+@@ -64,6 +64,7 @@
+ $(veritysetup_LDADD) \
+ @CRYPTO_STATIC_LIBS@ \
+ @DEVMAPPER_STATIC_LIBS@ \
++ @PWQUALITY_STATIC_LIBS@ \
+ @UUID_LIBS@
+ endif
+ endif
+@@ -93,6 +94,7 @@
+ $(integritysetup_LDADD) \
+ @CRYPTO_STATIC_LIBS@ \
+ @DEVMAPPER_STATIC_LIBS@ \
++ @PWQUALITY_STATIC_LIBS@ \
+ @UUID_LIBS@
+ endif
+ endif
diff --git a/sys-fs/cryptsetup/files/setup-1.7.0.py b/sys-fs/cryptsetup/files/setup-1.7.0.py
deleted file mode 100644
index 0da063c..0000000
--- a/sys-fs/cryptsetup/files/setup-1.7.0.py
+++ /dev/null
@@ -1,21 +0,0 @@
-import os
-from distutils.core import setup, Extension
-
-top_srcdir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
-
-def get_ver():
- with open(os.path.join(top_srcdir, 'configure')) as f:
- for line in f:
- if line.startswith('PACKAGE_VERSION='):
- return line.split('=')[1].replace("'", '').strip()
-
-module = Extension('pycryptsetup',
- include_dirs=[os.path.join(top_srcdir, 'lib')],
- extra_compile_args=['-include', os.path.join(top_srcdir, 'config.h')],
- library_dirs=[os.path.join(top_srcdir, 'lib', '.libs')],
- libraries=['cryptsetup'],
- sources=['pycryptsetup.c'])
-
-setup(name='pycryptsetup',
- version=get_ver(),
- ext_modules=[module])
diff --git a/sys-fs/cryptsetup/metadata.xml b/sys-fs/cryptsetup/metadata.xml
index 33e359a..e044cae 100644
--- a/sys-fs/cryptsetup/metadata.xml
+++ b/sys-fs/cryptsetup/metadata.xml
@@ -9,6 +9,7 @@
<flag name="argon2">Enable password hashing algorithm from <pkg>app-crypt/argon2</pkg></flag>
<flag name="gcrypt">Use <pkg>dev-libs/libgcrypt</pkg> crypto backend</flag>
<flag name="kernel">Use kernel crypto backend (mainly for embedded systems)</flag>
+ <flag name="luks1_default">Default to LUKS1 on disk encryption format rather than new LUKS2</flag>
<flag name="nettle">Use <pkg>dev-libs/nettle</pkg> crypto backend</flag>
<flag name="openssl">Use <pkg>dev-libs/openssl</pkg> crypto backend</flag>
<flag name="pwquality">Use <pkg>dev-libs/libpwquality</pkg> for password quality checking</flag>
