commit: 488cf3279c559d700d815578fc987e3d3dbab43f Author: Sven Eden <sven.eden <AT> prydeworx <DOT> com> AuthorDate: Tue Dec 8 09:04:22 2020 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Sun Dec 13 10:50:21 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=488cf327
dev-libs/s2n: C99 TLS/SSL, needed for dev-libs/aws-c-io * dev-libs/aws-c-io is still to be added, and is needed to bump dev-libs/aws-c-event-streams. Package-Manager: Portage-3.0.11, Repoman-3.0.2 Signed-off-by: Sven Eden <sven.eden <AT> prydeworx.com> Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> dev-libs/s2n/Manifest | 1 + dev-libs/s2n/metadata.xml | 28 +++++++++++++++++++++++++++ dev-libs/s2n/s2n-0.10.21.ebuild | 43 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 72 insertions(+) diff --git a/dev-libs/s2n/Manifest b/dev-libs/s2n/Manifest new file mode 100644 index 00000000000..5886f4cb241 --- /dev/null +++ b/dev-libs/s2n/Manifest @@ -0,0 +1 @@ +DIST s2n-0.10.21.tar.gz 6150129 BLAKE2B cf598ef02b4aa9a2a69f11a47b2a691055575b7398ba0a833081da704ebc7564d30abda5f2ad9ff9858ec2f553b1f332e913494b9e195e2a754f008bab5c11d2 SHA512 26957edf36af088af2cb355dad9281fefd9d54ce8c3c2c26f5682aee8d64338a3677aa81f3a07563b27a938cad2c57e0a86a478c9619cc93552674451d501909 diff --git a/dev-libs/s2n/metadata.xml b/dev-libs/s2n/metadata.xml new file mode 100644 index 00000000000..f7c25930dcd --- /dev/null +++ b/dev-libs/s2n/metadata.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>sven.e...@prydeworx.com</email> + <name>Sven Eden</name> + </maintainer> + <maintainer type="project"> + <email>proxy-ma...@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription> +s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a +priority. It is released and licensed under the Apache License 2.0. + +The s2n I/O APIs are designed to be intuitive to developers familiar with the widely-used POSIX I/O APIs, and s2n +supports blocking, non-blocking, and full-duplex I/O. Additionally there are no locks or mutexes within s2n. + +s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and +GCM modes, ChaCha20, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE. s2n also supports the Server +Name Indicator (SNI), Application-Layer Protocol Negotiation (ALPN) and the Online Certificate Status Protocol (OCSP) +TLS extensions. SSLv3, RC4, 3DES and DHE are each disabled by default for security reasons. + +As it can be difficult to keep track of which encryption algorithms and protocols are best to use, s2n features a +simple API to use the latest "default" set of preferences. If you prefer to remain on a specific version for backwards +compatibility, that is also supported. + </longdescription> +</pkgmetadata> diff --git a/dev-libs/s2n/s2n-0.10.21.ebuild b/dev-libs/s2n/s2n-0.10.21.ebuild new file mode 100644 index 00000000000..d4817482270 --- /dev/null +++ b/dev-libs/s2n/s2n-0.10.21.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit cmake + +DESCRIPTION="simple, small, fast and secure C99 implementation of the TLS/SSL protocols" +HOMEPAGE="https://github.com/awslabs/s2n" +SRC_URI="https://github.com/awslabs/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="libressl static-libs test" + +RESTRICT="!test? ( test )" + +RDEPEND=" + !libressl? ( dev-libs/openssl:0=[static-libs=] ) + libressl? ( dev-libs/libressl:0=[static-libs=] ) +" +DEPEND="${RDEPEND}" + +src_prepare() { + default + + # Fix + # QA Notice: The following files contain writable and executable sections (...) + sed \ + -e '$a\\n#if defined(__linux__) && defined(__ELF__)\n.section .note.GNU-stack,"",%progbits\n#endif' \ + -i "${S}"/pq-crypto/sike_r2/fp_x64_asm.S || die "sed failed" + + cmake_src_prepare +} + +src_configure() { + local mycmakeargs=( + -DBUILD_SHARED_LIBS=$(usex !static-libs) + -DBUILD_TESTING=$(usex test) + ) + cmake_src_configure +}