Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app-admin/sudo/metadata.xml9
-rw-r--r--app-admin/sudo/sudo-1.8.27-r1.ebuild20
2 files changed, 22 insertions, 7 deletions
diff --git a/app-admin/sudo/metadata.xml b/app-admin/sudo/metadata.xml
index de20459ab49a..8e31d55ef942 100644
--- a/app-admin/sudo/metadata.xml
+++ b/app-admin/sudo/metadata.xml
@@ -12,12 +12,17 @@
arguments.
</longdescription>
<use>
- <flag name="gcrypt">Use SHA2 from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's internal SHA2</flag>
+ <flag name="gcrypt">Use message digest functions from <pkg>dev-libs/libgcrypt</pkg> instead of sudo's</flag>
+ <flag name="libressl">Use message digest functions from <pkg>dev-libs/libressl</pkg> instead of sudo's</flag>
<flag name="offensive">Let sudo print insults when the user types the wrong password</flag>
- <flag name="openssl">Use SHA2 from <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2</flag>
+ <flag name="openssl">Use message digest functions from <pkg>dev-libs/openssl</pkg> instead of sudo's</flag>
<flag name="sendmail">Allow sudo to send emails with sendmail</flag>
<flag name="sssd">Add System Security Services Daemon support</flag>
<flag name="secure-path">Replace PATH variable with compile time secure paths</flag>
+ <flag name="system-digest">
+ Use message digest functions from <pkg>dev-libs/libgcrypt</pkg>, <pkg>dev-libs/libressl</pkg>
+ or <pkg>dev-libs/openssl</pkg> instead of sudo's internal SHA2 implementation
+ </flag>
</use>
<upstream>
<remote-id type="cpe">cpe:/a:todd_miller:sudo</remote-id>
diff --git a/app-admin/sudo/sudo-1.8.27-r1.ebuild b/app-admin/sudo/sudo-1.8.27-r1.ebuild
index 39da1e74a42d..7dded75d56c5 100644
--- a/app-admin/sudo/sudo-1.8.27-r1.ebuild
+++ b/app-admin/sudo/sudo-1.8.27-r1.ebuild
@@ -31,20 +31,25 @@ fi
# 3-clause BSD license
LICENSE="ISC BSD"
SLOT="0"
-IUSE="gcrypt ldap nls offensive openssl pam sasl +secure-path selinux +sendmail skey sssd"
+IUSE="gcrypt ldap libressl nls offensive pam sasl +secure-path selinux +sendmail skey sssd system-digest"
CDEPEND="
sys-libs/zlib:=
- gcrypt? ( dev-libs/libgcrypt:= )
ldap? (
>=net-nds/openldap-2.1.30-r1
dev-libs/cyrus-sasl
)
- openssl? ( dev-libs/openssl:0= )
pam? ( virtual/pam )
sasl? ( dev-libs/cyrus-sasl )
skey? ( >=sys-auth/skey-1.1.5-r1 )
sssd? ( sys-auth/sssd[sudo] )
+ system-digest? (
+ gcrypt? ( dev-libs/libgcrypt:= )
+ !gcrypt? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ )
"
RDEPEND="
${CDEPEND}
@@ -65,7 +70,6 @@ S="${WORKDIR}/${MY_P}"
REQUIRED_USE="
pam? ( !skey )
skey? ( !pam )
- ?? ( gcrypt openssl )
"
MAKEOPTS+=" SAMPLES="
@@ -145,7 +149,6 @@ src_configure() {
--without-opie
$(use_enable gcrypt)
$(use_enable nls)
- $(use_enable openssl)
$(use_enable sasl)
$(use_with offensive insults)
$(use_with offensive all-insults)
@@ -157,6 +160,13 @@ src_configure() {
$(use_with selinux)
$(use_with sendmail)
)
+
+ if use system-digest && ! use gcrypt; then
+ myeconfargs+=("--enable-openssl")
+ else
+ myeconfargs+=("--disable-openssl")
+ fi
+
econf "${myeconfargs[@]}"
}