summaryrefslogtreecommitdiff
path: root/sys-fs
diff options
context:
space:
mode:
authorLars Wendler <polynomial-c@gentoo.org>2019-02-10 23:38:04 +0100
committerLars Wendler <polynomial-c@gentoo.org>2019-02-10 23:47:38 +0100
commitdf1c5015302f17225c762613b97dc7046933fd47 (patch)
tree5f68cc1502c09b4708bb1d8404d0362e01b3023c /sys-fs
parentdev-util/cmake: Removed old. (diff)
downloadgentoo-df1c5015302f17225c762613b97dc7046933fd47.tar.gz
gentoo-df1c5015302f17225c762613b97dc7046933fd47.tar.bz2
gentoo-df1c5015302f17225c762613b97dc7046933fd47.zip
sys-fs/cryptsetup: Bump to version 2.1.0
Package-Manager: Portage-2.3.59, Repoman-2.3.12 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'sys-fs')
-rw-r--r--sys-fs/cryptsetup/Manifest1
-rw-r--r--sys-fs/cryptsetup/cryptsetup-2.1.0.ebuild130
-rw-r--r--sys-fs/cryptsetup/metadata.xml1
3 files changed, 132 insertions, 0 deletions
diff --git a/sys-fs/cryptsetup/Manifest b/sys-fs/cryptsetup/Manifest
index dffce1a9b491..ac52db49dcef 100644
--- a/sys-fs/cryptsetup/Manifest
+++ b/sys-fs/cryptsetup/Manifest
@@ -1,3 +1,4 @@
DIST cryptsetup-1.7.5.tar.xz 1232696 BLAKE2B 1bd62b186564e0b902480d66f623074f8d2f06ea09f11788566e33d58f7d0dc8c79d5827e5966e1a20a5597c2cbdec76da49c8f54c0538a1ac3f869d8ef55456 SHA512 d473f7b06d705a3868a70f3767fafc664436b5897ba59025ea1268f815cb80a9076841ff9ff96cc130fb83ba18b03c1eee38cfaf1b471fdd883a3e126b771439
DIST cryptsetup-2.0.5.tar.xz 10476304 BLAKE2B cf1e335fce48a7bf835b2008dfc0a96ef35d344e2c9f6a0a5a2ff45644f9015311e99b8f9e05b0b23cad69d74f91dd1b7cdd766560fb6504e7453d6e46bea186 SHA512 bac3f5fde1be02d325c097f85e77aef44ce764c1bca7f0554cedd69b9444e5a5529f11b9ae74d36dc1977e88e11422a58dfa17e48559eac7f5e6c4ce332409ae
DIST cryptsetup-2.0.6.tar.xz 10621424 BLAKE2B ecda2cb3c0a8a46b69519ab9ea9a1ece44fb21602cbce0751e52a16e5e493c7772fdc62c1151b95a783a847d9afd5a64f64bcac6673acba4bb90a417047c93cb SHA512 1fdb9068fe2b5825cef65323a9b788b5e043c1000e614e47e2b21ab3969e416653580aba639755ba936718ad612b986768029df5e07f3fa191db2bf29d2501ef
+DIST cryptsetup-2.1.0.tar.xz 10662576 BLAKE2B c79b24c986d5925aed31eddf8f271c3d0f12c89b3f99f953cfa39fe0d9dca2ab3dd2f6ea22141aca0148d6d533d197378b011561075ca26a14ca2e90500a1689 SHA512 f1b68e4d9d0ca2361fe9bdd51c60630dd4ab7a689b7be7756edf4dee12929d2356dd0658c9b940ffe27c033ef289efaf49daf21d250d37fdfa15394b5d821928
diff --git a/sys-fs/cryptsetup/cryptsetup-2.1.0.ebuild b/sys-fs/cryptsetup/cryptsetup-2.1.0.ebuild
new file mode 100644
index 000000000000..1af159a06feb
--- /dev/null
+++ b/sys-fs/cryptsetup/cryptsetup-2.1.0.ebuild
@@ -0,0 +1,130 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools linux-info libtool eapi7-ver
+
+DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
+HOMEPAGE="https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md"
+SRC_URI="mirror://kernel/linux/utils/${PN}/v$(ver_cut 1-2)/${P/_/-}.tar.xz"
+
+LICENSE="GPL-2+"
+SLOT="0/12" # libcryptsetup.so version
+[[ ${PV} != *_rc* ]] && \
+KEYWORDS="~amd64 ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+CRYPTO_BACKENDS="gcrypt kernel nettle +openssl"
+# we don't support nss since it doesn't allow cryptsetup to be built statically
+# and it's missing ripemd160 support so it can't provide full backward compatibility
+IUSE="${CRYPTO_BACKENDS} +argon2 libressl +luks1_default nls pwquality reencrypt static static-libs +udev urandom"
+REQUIRED_USE="^^ ( ${CRYPTO_BACKENDS//+/} )
+ static? ( !gcrypt )" #496612
+
+LIB_DEPEND="
+ dev-libs/json-c:=[static-libs(+)]
+ dev-libs/libgpg-error[static-libs(+)]
+ dev-libs/popt[static-libs(+)]
+ >=sys-apps/util-linux-2.31-r1[static-libs(+)]
+ argon2? ( app-crypt/argon2:=[static-libs(+)] )
+ gcrypt? ( dev-libs/libgcrypt:0=[static-libs(+)] )
+ nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] )
+ openssl? (
+ !libressl? ( dev-libs/openssl:0=[static-libs(+)] )
+ libressl? ( dev-libs/libressl:=[static-libs(+)] )
+ )
+ pwquality? ( dev-libs/libpwquality[static-libs(+)] )
+ sys-fs/lvm2[static-libs(+)]
+ udev? ( virtual/libudev[static-libs(+)] )"
+# We have to always depend on ${LIB_DEPEND} rather than put behind
+# !static? () because we provide a shared library which links against
+# these other packages. #414665
+RDEPEND="static-libs? ( ${LIB_DEPEND} )
+ ${LIB_DEPEND//\[static-libs\(+\)\]}"
+DEPEND="${RDEPEND}
+ virtual/pkgconfig
+ static? ( ${LIB_DEPEND} )"
+
+S="${WORKDIR}/${P/_/-}"
+
+PATCHES=( "${FILESDIR}"/${PN}-2.0.4-fix-static-pwquality-build.patch )
+
+pkg_pretend() {
+ if ! use luks1_default ; then
+ ewarn "WARNING! WARNING! WARNING!"
+ ewarn "You have chosen LUKS2 as your default format."
+ ewarn "This can break LUKS1 backwards compatibility."
+ ewarn "Enable \"luks1_default\" USE flag if you need backwards compatibility."
+ fi
+}
+
+pkg_setup() {
+ local CONFIG_CHECK="~DM_CRYPT ~CRYPTO ~CRYPTO_CBC ~CRYPTO_SHA256"
+ local WARNING_DM_CRYPT="CONFIG_DM_CRYPT:\tis not set (required for cryptsetup)\n"
+ local WARNING_CRYPTO_SHA256="CONFIG_CRYPTO_SHA256:\tis not set (required for cryptsetup)\n"
+ local WARNING_CRYPTO_CBC="CONFIG_CRYPTO_CBC:\tis not set (required for kernel 2.6.19)\n"
+ local WARNING_CRYPTO="CONFIG_CRYPTO:\tis not set (required for cryptsetup)\n"
+ check_extra_config
+}
+
+src_prepare() {
+ sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
+ default
+ eautoreconf
+}
+
+src_configure() {
+ if use kernel ; then
+ ewarn "Note that kernel backend is very slow for this type of operation"
+ ewarn "and is provided mainly for embedded systems wanting to avoid"
+ ewarn "userspace crypto libraries."
+ fi
+
+ local myeconfargs=(
+ --disable-internal-argon2
+ --enable-shared
+ --sbindir=/sbin
+ # for later use
+ --with-default-luks-format=LUKS$(usex luks1_default 1 2)
+ --with-tmpfilesdir="${EPREFIX%/}/usr/lib/tmpfiles.d"
+ --with-crypto_backend=$(for x in ${CRYPTO_BACKENDS//+/} ; do usev ${x} ; done)
+ $(use_enable argon2 libargon2)
+ $(use_enable nls)
+ $(use_enable pwquality)
+ $(use_enable reencrypt cryptsetup-reencrypt)
+ $(use_enable static static-cryptsetup)
+ $(use_enable static-libs static)
+ $(use_enable udev)
+ $(use_enable !urandom dev-random)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_test() {
+ if [[ ! -e /dev/mapper/control ]] ; then
+ ewarn "No /dev/mapper/control found -- skipping tests"
+ return 0
+ fi
+
+ local p
+ for p in /dev/mapper /dev/loop* ; do
+ addwrite ${p}
+ done
+
+ default
+}
+
+src_install() {
+ default
+
+ if use static ; then
+ mv "${ED%}"/sbin/cryptsetup{.static,} || die
+ mv "${ED%}"/sbin/veritysetup{.static,} || die
+ use reencrypt && { mv "${ED%}"/sbin/cryptsetup-reencrypt{.static,} || die ; }
+ fi
+ find "${ED}" -name "*.la" -delete || die
+
+ dodoc docs/v*ReleaseNotes
+
+ newconfd "${FILESDIR}"/1.6.7-dmcrypt.confd dmcrypt
+ newinitd "${FILESDIR}"/1.6.7-dmcrypt.rc dmcrypt
+}
diff --git a/sys-fs/cryptsetup/metadata.xml b/sys-fs/cryptsetup/metadata.xml
index 33e359aeaf21..e044cae4089e 100644
--- a/sys-fs/cryptsetup/metadata.xml
+++ b/sys-fs/cryptsetup/metadata.xml
@@ -9,6 +9,7 @@
<flag name="argon2">Enable password hashing algorithm from <pkg>app-crypt/argon2</pkg></flag>
<flag name="gcrypt">Use <pkg>dev-libs/libgcrypt</pkg> crypto backend</flag>
<flag name="kernel">Use kernel crypto backend (mainly for embedded systems)</flag>
+ <flag name="luks1_default">Default to LUKS1 on disk encryption format rather than new LUKS2</flag>
<flag name="nettle">Use <pkg>dev-libs/nettle</pkg> crypto backend</flag>
<flag name="openssl">Use <pkg>dev-libs/openssl</pkg> crypto backend</flag>
<flag name="pwquality">Use <pkg>dev-libs/libpwquality</pkg> for password quality checking</flag>