summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Strogin <stefan.strogin@gmail.com>2019-02-27 05:35:45 +0200
committerThomas Deutschmann <whissi@gentoo.org>2019-03-02 18:46:04 +0100
commit163afe017bcc932e043a5422af897e5073df37da (patch)
treee59809ebffddec36fe471511c364cbdab756695e
parentdev-util/promu: Version bump to 0.3.0 (diff)
downloadgentoo-163afe017bcc932e043a5422af897e5073df37da.tar.gz
gentoo-163afe017bcc932e043a5422af897e5073df37da.tar.bz2
gentoo-163afe017bcc932e043a5422af897e5073df37da.zip
app-admin/sudo: add USE=system-digest & USE=libressl
Add system-digest USE flag for building with support of using message digest functions from libgcrypt, LibreSSL or OpenSSL, depending on USE gcrypt or libressl, instead of sudo's own implementation. Minor amend of USE flag descriptions as per descriptions from sudo's configure.ac and ChangeLog. Closes: https://bugs.gentoo.org/678888 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11168 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
-rw-r--r--app-admin/sudo/metadata.xml9
-rw-r--r--app-admin/sudo/sudo-1.8.27-r1.ebuild20
2 files changed, 22 insertions, 7 deletions
diff --git a/app-admin/sudo/metadata.xml b/app-admin/sudo/metadata.xml
index de20459ab49..8e31d55ef94 100644
--- a/app-admin/sudo/metadata.xml
+++ b/app-admin/sudo/metadata.xml
@@ -12,12 +12,17 @@
arguments.
</longdescription>
<use>
- <flag name="gcrypt">Use SHA2 from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's internal SHA2</flag>
+ <flag name="gcrypt">Use message digest functions from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's</flag>
+ <flag name="libressl">Use message digest functions from <pkg>dev-libs/libressl</pkg> instead of sudo's</flag>
<flag name="offensive">Let sudo print insults when the user types the wrong password</flag>
- <flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag>
+ <flag name="openssl">Use message digest functions from <pkg>dev-libs/openssl</pkg> instead of sudo's</flag>
<flag name="sendmail">Allow sudo to send emails with sendmail</flag>
<flag name="sssd">Add System Security Services Daemon support</flag>
<flag name="secure-path">Replace PATH variable with compile time secure paths</flag>
+ <flag name="system-digest">
+ Use message digest functions from <pkg>dev-libs/libgcrypt</pkg>, <pkg>dev-libs/libressl</pkg>
+ or <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2 implementation
+ </flag>
</use>
<upstream>
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>
diff --git a/app-admin/sudo/sudo-1.8.27-r1.ebuild b/app-admin/sudo/sudo-1.8.27-r1.ebuild
index 39da1e74a42..7dded75d56c 100644
--- a/app-admin/sudo/sudo-1.8.27-r1.ebuild
+++ b/app-admin/sudo/sudo-1.8.27-r1.ebuild
@@ -31,20 +31,25 @@ fi
# 3-clause BSD license
LICENSE="ISC BSD"
SLOT="0"
-IUSE="gcrypt ldap nls offensive openssl pam sasl +secure-path selinux +sendmail skey sssd"
+IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest"
CDEPEND="
sys-libs/zlib:=
- gcrypt? ( dev-libs/libgcrypt:= )
ldap? (
>=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl
)
- openssl? ( dev-libs/openssl:0= )
pam? ( virtual/pam )
sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
sssd? ( sys-auth/sssd[sudo] )
+ system-digest? (
+ gcrypt? ( dev-libs/libgcrypt:= )
+ !gcrypt? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ )
"
RDEPEND="
${CDEPEND}
@@ -65,7 +70,6 @@ S="${WORKDIR}/${MY_P}"
REQUIRED_USE="
pam? ( !skey )
skey? ( !pam )
- ?? ( gcrypt openssl )
"
MAKEOPTS+=" SAMPLES="
@@ -145,7 +149,6 @@ src_configure() {
--without-opie
$(use_enable gcrypt)
$(use_enable nls)
- $(use_enable openssl)
$(use_enable sasl)
$(use_with offensive insults)
$(use_with offensive all-insults)
@@ -157,6 +160,13 @@ src_configure() {
$(use_with selinux)
$(use_with sendmail)
)
+
+ if use system-digest && ! use gcrypt; then
+ myeconfargs+=("--enable-openssl")
+ else
+ myeconfargs+=("--disable-openssl")
+ fi
+
econf "${myeconfargs[@]}"
}