gentoo resync : 14.07.2019

3 files changed, 180 insertions, 0 deletions

diff --git a/app-arch/dump/Manifest b/app-arch/dump/Manifest
index 9db1c61ad7a7..7801d4424b46 100644
--- a/app-arch/dump/Manifest
+++ b/app-arch/dump/Manifest
@@ -1,3 +1,5 @@
+AUX dump-0.4.46-openssl11.patch 3324 BLAKE2B 5cc60ef04e7f53e96e900bc78e41f4c4bcf46f3000663ac7bb1995856b5cf067c69d84331b5dfd52da4ef2649e61f6e410e59f9a99bff3be44f9e46df1b75b4f SHA512 ae7c2549683a4cf33760685fe5b07ca88b158e81f5e3b866e58f618dced4c5909dec231d07a1df590a5ebbbc9f0eee575e63f4ffae719afe01315d53d63a76b0
 DIST dump-0.4b46.tar.gz 578200 BLAKE2B 91102bdba06f3affdf4ebd9de525145c0a4cc1b9fb4c6ff222c411c118b3b7835f3aad666d530019d8b9ee46590e4a283a143d188d6800218100cecf67877274 SHA512 a30e72ab6c4d18497dffe3d25634c2e55ca90861d1cd8a6c0fd44709e735a217dbf4cdabb8c80e02053def94d9a22cf1d685ee0d0f24f5b748ee5f0de19cf17d
+EBUILD dump-0.4.46-r1.ebuild 2163 BLAKE2B 5f635773a87a38f5fdb9572cfcc515d5eebe6c6348a3c6912a5f683beb0818a4517d9fbe9b4eec5470a10219a5231f1a783552b7cbec56a10e51b552ffcd6ae6 SHA512 b5f9a6ae66f66b6a242f35e7dd45770ab4fd7982feb8ded709e8be6fff10c00935cd046d1000927ab948f9a6413060e4b2bd179c363ab2e2ae24b5e4e0fa7047
 EBUILD dump-0.4.46.ebuild 2113 BLAKE2B 431fd8ae0fa1c3b28015f27687c28f43a8d6fcb205c97a99f3d4ee1e96d3da7683456f02e4683b85c202848ddcc9efdaac85b63f31e0a4ad5fbf2d430465a8b5 SHA512 b99325a0d0cee4599e2e00ed40ea4a49050321c7b11d6fc2416dafa7b2dff56896d7861940ed009393e73dd514beb9f2b9c7e4c494664ed9c517987844ffba90
 MISC metadata.xml 542 BLAKE2B beff8763f8b3848f9592dbf200cb547e9c416e7d675b4e9015f20b417861523949916da4a6a38553abf7fdf5fc839841870f74258becb4e8dbbcbca9c564e328 SHA512 670b1e0032f69e22337cbd18c25ecda11a239d63345c32526e111ad2eb23199892aa7e1f39a79168bb4b81b6ebde4c7796f8ccf78233f3244bfbaf62c7e0345d
diff --git a/app-arch/dump/dump-0.4.46-r1.ebuild b/app-arch/dump/dump-0.4.46-r1.ebuild
new file mode 100644
index 000000000000..f984ca0ef78b
--- /dev/null
+++ b/app-arch/dump/dump-0.4.46-r1.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit versionator
+
+MY_P="${PN}-$(replace_version_separator 2 b)"
+S=${WORKDIR}/${MY_P}
+DESCRIPTION="Dump/restore ext2fs backup utilities"
+HOMEPAGE="http://dump.sourceforge.net/"
+SRC_URI="mirror://sourceforge/dump/${MY_P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+# We keep uuid USE flag default dsiabled for this version. Don't forget
+# to default enable it for later versions as this is the upstream default.
+IUSE="bzip2 debug ermt libressl lzo readline selinux sqlite ssl static test uuid zlib"
+REQUIRED_USE="
+	ermt? ( ssl )
+	ssl? ( zlib )
+	test? ( sqlite? ( uuid ) )
+"
+
+RDEPEND=">=sys-fs/e2fsprogs-1.27:=
+	>=sys-libs/e2fsprogs-libs-1.27:=
+	sys-apps/util-linux
+	bzip2? ( >=app-arch/bzip2-1.0.2:= )
+	zlib? ( >=sys-libs/zlib-1.1.4:= )
+	lzo? ( dev-libs/lzo:2= )
+	sqlite? ( dev-db/sqlite:3= )
+	ermt? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:0= )
+	)
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:0= )
+	)
+	readline? (
+		sys-libs/readline:0=
+		sys-libs/ncurses:=
+		static? ( sys-libs/ncurses:=[static-libs] )
+	)"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	virtual/os-headers"
+
+PATCHES=( "${FILESDIR}"/${P}-openssl11.patch )
+
+src_configure() {
+	local myeconfargs=(
+		--with-dumpdatespath=/etc/dumpdates
+		--with-rmtpath='$(sbindir)/rmt'
+		--enable-blkid
+		$(use_enable bzip2)
+		$(use_enable debug)
+		$(use_enable ermt)
+		$(use_enable lzo)
+		$(use_enable readline)
+		$(use_enable selinux)
+		$(use_enable sqlite)
+		$(use_enable ssl)
+		$(use_enable static static-progs)
+		$(use_enable uuid)
+		$(use_enable zlib)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+	mv "${ED}"/usr/sbin/{,dump-}rmt || die
+	mv "${ED}"/usr/share/man/man8/{,dump-}rmt.8 || die
+	use ermt && newsbin rmt/ermt dump-ermt
+
+	dodoc KNOWNBUGS MAINTAINERS REPORTING-BUGS
+	dodoc -r examples
+}
+
+pkg_postinst() {
+	if [[ -z ${REPLACING_VERSIONS} ]] ; then
+		ewarn "app-arch/dump installs 'rmt' as 'dump-rmt'."
+		ewarn "This is to avoid conflicts with app-arch/tar 'rmt'."
+	fi
+}
diff --git a/app-arch/dump/files/dump-0.4.46-openssl11.patch b/app-arch/dump/files/dump-0.4.46-openssl11.patch
new file mode 100644
index 000000000000..db18e8190f5c
--- /dev/null
+++ b/app-arch/dump/files/dump-0.4.46-openssl11.patch
@@ -0,0 +1,91 @@
+Index: dump-0.4b46/common/transformation_ssl.c

+===================================================================

+--- dump-0.4b46.orig/common/transformation_ssl.c

++++ dump-0.4b46/common/transformation_ssl.c

+@@ -215,7 +215,10 @@ generateIV(Transformation *xform, unsign

+ 	/* to be exposed to any attacker anyway. */

+ 	*saltlen = 16;

+ 	if (xform->enc == 1) {

+-		RAND_pseudo_bytes(salt, *saltlen);

++		if (!RAND_bytes(salt, *saltlen) != 1) {

++			/* PRNG not sufficiently seeded */

++			return -1;

++		}

+ 	}

+ 	memcpy(ivbuffer, salt, 16);

+ 

+@@ -274,7 +277,7 @@ ssl_compress(Transformation *xform, stru

+ 	digestlen = sizeof(digest);

+ 

+ 	/* generate salt, put it in header */

+-	generateIV(xform, salt, &saltlen, iv, &ivlen);

++	generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */

+ 	memcpy(tpbin->buf, salt, saltlen);

+ 

+ 	/* compress the buffer first - increase the entropy */

+@@ -351,7 +354,7 @@ ssl_decompress(Transformation *xform, st

+ 

+ 	// how to know salt length?

+ 	memcpy(salt, src, saltlen);

+-	generateIV(xform, salt, &saltlen, iv, &ivlen);

++	generateIV(xform, salt, &saltlen, iv, &ivlen); /* TODO: check return value */

+ 

+ 	EVP_DecryptInit_ex(xform->state.ssl.dataCtx, xform->state.ssl.cipher,  xform->state.ssl.engine, NULL, NULL);

+ 	//EVP_CIPHER_CTX_set_key_length(&ctx, 8);

+@@ -515,7 +518,7 @@ Transformation

+ 		//EVP_CIPHER_CTX_rand_key(ctx, t->state.ssl.key);

+ 		//EVP_CIPHER_CTX_cleanup(ctx);

+ 		//EVP_CIPHER_CTX_free(ctx);

+-		RAND_bytes(t->state.ssl.key, t->state.ssl.cipher->key_len);

++		RAND_bytes(t->state.ssl.key, EVP_CIPHER_key_length(t->state.ssl.cipher));

+ 	} else {

+ 		// how do we get keys?

+ 	}

+Index: dump-0.4b46/rmt/cipher.c

+===================================================================

+--- dump-0.4b46.orig/rmt/cipher.c

++++ dump-0.4b46/rmt/cipher.c

+@@ -23,7 +23,7 @@

+ char *

+ cipher(char *buf, int buflen, int do_encrypt)

+ {

+-	static EVP_CIPHER_CTX ctx;

++	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();

+ 	static char *out = NULL;	/* return value, grown as necessary */

+ 	static int outlen = 0;

+ 	static int init = 0, which, blocksize;

+@@ -71,13 +71,13 @@ cipher(char *buf, int buflen, int do_enc

+ 		}

+ 		EVP_BytesToKey(cipher, EVP_md5(), NULL,

+ 			buf, strlen(buf), 1, key, iv);

+-		EVP_CIPHER_CTX_init(&ctx);

+-		EVP_CipherInit_ex(&ctx, cipher, NULL, key, iv, do_encrypt);

+-		EVP_CIPHER_CTX_set_padding(&ctx, 0);	// -nopad

++		EVP_CIPHER_CTX_init(ctx);

++		EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, do_encrypt);

++		EVP_CIPHER_CTX_set_padding(ctx, 0);	// -nopad

+ 		OPENSSL_cleanse(buf, sizeof buf);

+ 		OPENSSL_cleanse(key, sizeof key);

+ 		OPENSSL_cleanse(iv, sizeof iv);

+-		blocksize = EVP_CIPHER_CTX_block_size(&ctx);

++		blocksize = EVP_CIPHER_CTX_block_size(ctx);

+ 		which = do_encrypt;

+ 		init = 1;

+ 	}

+@@ -95,7 +95,7 @@ cipher(char *buf, int buflen, int do_enc

+ 		outlen = (buflen+blocksize) * 2;

+ 		out = realloc(out, outlen);

+ 	}

+-	if (!EVP_CipherUpdate(&ctx, out, &n, buf, buflen)) {

++	if (!EVP_CipherUpdate(ctx, out, &n, buf, buflen)) {

+ 		syslog(LOG_ERR, "EVP_CipherUpdate failed");

+ 		errno = EINVAL;

+ 		return NULL;

+@@ -106,6 +106,7 @@ cipher(char *buf, int buflen, int do_enc

+ 		return NULL;

+ 	}

+ 	// assert(ctx->buf_len == 0);

++	EVP_CIPHER_CTX_free(ctx);

+ 	return out;

+ }

+