dev-libs/s2n: C99 TLS/SSL, needed for dev-libs/aws-c-io

* dev-libs/aws-c-io is still to be added, and is needed to bump
  dev-libs/aws-c-event-streams.

Package-Manager: Portage-3.0.11, Repoman-3.0.2
Signed-off-by: Sven Eden <sven.eden@prydeworx.com>
Signed-off-by: Joonas Niilola <juippis@gentoo.org>

3 files changed, 72 insertions, 0 deletions

diff --git a/dev-libs/s2n/Manifest b/dev-libs/s2n/Manifest
new file mode 100644
index 000000000000..5886f4cb2415
--- /dev/null
+++ b/dev-libs/s2n/Manifest
@@ -0,0 +1 @@
+DIST s2n-0.10.21.tar.gz 6150129 BLAKE2B cf598ef02b4aa9a2a69f11a47b2a691055575b7398ba0a833081da704ebc7564d30abda5f2ad9ff9858ec2f553b1f332e913494b9e195e2a754f008bab5c11d2 SHA512 26957edf36af088af2cb355dad9281fefd9d54ce8c3c2c26f5682aee8d64338a3677aa81f3a07563b27a938cad2c57e0a86a478c9619cc93552674451d501909
diff --git a/dev-libs/s2n/metadata.xml b/dev-libs/s2n/metadata.xml
new file mode 100644
index 000000000000..f7c25930dcdb
--- /dev/null
+++ b/dev-libs/s2n/metadata.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>sven.eden@prydeworx.com</email>
+		<name>Sven Eden</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<longdescription>
+s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a
+priority. It is released and licensed under the Apache License 2.0.
+
+The s2n I/O APIs are designed to be intuitive to developers familiar with the widely-used POSIX I/O APIs, and s2n
+supports blocking, non-blocking, and full-duplex I/O. Additionally there are no locks or mutexes within s2n.
+
+s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and
+GCM modes, ChaCha20, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE. s2n also supports the Server
+Name Indicator (SNI), Application-Layer Protocol Negotiation (ALPN) and the Online Certificate Status Protocol (OCSP)
+TLS extensions. SSLv3, RC4, 3DES and DHE are each disabled by default for security reasons.
+
+As it can be difficult to keep track of which encryption algorithms and protocols are best to use, s2n features a
+simple API to use the latest "default" set of preferences. If you prefer to remain on a specific version for backwards
+compatibility, that is also supported.
+	</longdescription>
+</pkgmetadata>
diff --git a/dev-libs/s2n/s2n-0.10.21.ebuild b/dev-libs/s2n/s2n-0.10.21.ebuild
new file mode 100644
index 000000000000..d48174822704
--- /dev/null
+++ b/dev-libs/s2n/s2n-0.10.21.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake
+
+DESCRIPTION="simple, small, fast and secure C99 implementation of the TLS/SSL protocols"
+HOMEPAGE="https://github.com/awslabs/s2n"
+SRC_URI="https://github.com/awslabs/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="libressl static-libs test"
+
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+	!libressl? ( dev-libs/openssl:0=[static-libs=] )
+	libressl? ( dev-libs/libressl:0=[static-libs=] )
+"
+DEPEND="${RDEPEND}"
+
+src_prepare() {
+	default
+
+	# Fix 
+	# QA Notice: The following files contain writable and executable sections (...)
+	sed \
+		 -e '$a\\n#if defined(__linux__) && defined(__ELF__)\n.section .note.GNU-stack,"",%progbits\n#endif' \
+		 -i "${S}"/pq-crypto/sike_r2/fp_x64_asm.S || die "sed failed"
+
+	cmake_src_prepare
+}
+
+src_configure() {
+	local mycmakeargs=(
+		-DBUILD_SHARED_LIBS=$(usex !static-libs)
+		-DBUILD_TESTING=$(usex test)
+	)
+	cmake_src_configure
+}