summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys-apps/apk-tools/Manifest1
-rw-r--r--sys-apps/apk-tools/apk-tools-2.6.6.ebuild46
-rw-r--r--sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch52
3 files changed, 99 insertions, 0 deletions
diff --git a/sys-apps/apk-tools/Manifest b/sys-apps/apk-tools/Manifest
index 2ebf99a31..ec455e335 100644
--- a/sys-apps/apk-tools/Manifest
+++ b/sys-apps/apk-tools/Manifest
@@ -1 +1,2 @@
DIST apk-tools-2.6.4.tar.bz2 81902 SHA256 0f52b96c5b8b5ad6f710610d8f21dcfb275795e1f282418a6f9953c02f41312e SHA512 efff745ae625aae7bec0c4f45c877e9f1e12860324a492d950358ba0ecb07ca13c8c963a078118692e7edc3a19053fee307bcfd0a730f7ed6e497c2dc7df16d6 WHIRLPOOL 5a879dd63f7da34c5ed687d20fba7e3873d7bed51a5c27f4144becc5b6ba8c7f15edc189b55ddec7449f075203043ef6b10e5293573918e9bc938d4fd4b0fa1c
+DIST apk-tools-2.6.6.tar.bz2 82728 SHA256 7e5e86c856ce236c7fd54605ee0b1dbf59920398d3b33f9f6ff0e5f98e6828af SHA512 f22fd3a20b78980e93d2f36acdaf05841d4fa25f7f9ebd1d97ac60b1e0f3b72cf9fdb94fb082d562ab66f46c1ba68350b44f1a6a3d16a4959d1a8fbd240151ab WHIRLPOOL 6bfdb7bf57500b5ce4bf868f85e8a15db9f8d25cb0bd5d4a1224641860191329f31b2d7c7575d09755188a749908bbe403b97efcba914c95d7a828c36f220cf9
diff --git a/sys-apps/apk-tools/apk-tools-2.6.6.ebuild b/sys-apps/apk-tools/apk-tools-2.6.6.ebuild
new file mode 100644
index 000000000..ea53f8223
--- /dev/null
+++ b/sys-apps/apk-tools/apk-tools-2.6.6.ebuild
@@ -0,0 +1,46 @@
+# Copyright 2015-2016 Adélie Linux Team
+# Distributed under the terms of the NCSA License
+
+EAPI=6
+
+DESCRIPTION="The Alpine Linux Package Keeper (APK)"
+HOMEPAGE="http://alpinelinux.org/"
+SRC_URI="http://git.alpinelinux.org/cgit/apk-tools/snapshot/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="arm mips ppc x86 x86_64 ~alpha ~arm64 ~hppa ~ppc64 ~sparc64"
+IUSE="static" # lua
+
+DEPEND="dev-libs/libfetch[ssl]"
+RDEPEND="${DEPEND}
+ >=dev-libs/openssl-1.0.1p
+ static? ( >=dev-libs/openssl-1.0.1p[static-libs] )
+ sys-libs/zlib
+ static? ( sys-libs/zlib[static-libs] )
+"
+# lua? ( dev-lang/lua:5.2 )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-use-sha256-signature.patch
+ )
+
+src_configure() {
+ #if ! use lua; then
+ echo 'LUAAPK=' >> "${S}"/config.mk
+ echo 'export LUAAPK' >> "${S}"/config.mk
+ #fi
+}
+
+src_compile () {
+ export CFLAGS=-Wno-error=unused-result
+ emake
+ use static && emake static
+}
+
+pkg_preinst () {
+ mkdir -p "${D}"/usr/sbin
+ mv "${D}"/sbin/apk "${D}"/usr/sbin/apk
+ use static && "${D}"/sbin/apk.static "${D}"/usr/sbin/apk.static
+ rmdir "${D}"/sbin
+}
diff --git a/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch b/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch
new file mode 100644
index 000000000..e13f8b563
--- /dev/null
+++ b/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch
@@ -0,0 +1,52 @@
+From 0984ca854ce4b9fddbf1dc7503058406ded6e2cc Mon Sep 17 00:00:00 2001
+From: Andrew Wilcox <AWilcox@Wilcox-Tech.com>
+Date: Sun, 18 Oct 2015 11:19:36 -0500
+Subject: [PATCH] package: use SHA256 for signature instead of SHA1
+
+---
+ src/apk_blob.h | 2 +-
+ src/package.c | 8 ++------
+ 2 files changed, 3 insertions(+), 7 deletions(-)
+
+diff --git a/src/apk_blob.h b/src/apk_blob.h
+index 2d2e30e..a879d27 100644
+--- a/src/apk_blob.h
++++ b/src/apk_blob.h
+@@ -41,7 +41,7 @@ extern apk_blob_t apk_null_blob;
+
+ /* Internal cointainer for MD5 or SHA1 */
+ struct apk_checksum {
+- unsigned char data[20];
++ unsigned char data[40];
+ unsigned char type;
+ };
+
+diff --git a/src/package.c b/src/package.c
+index 24a4f94..14993b3 100644
+--- a/src/package.c
++++ b/src/package.c
+@@ -570,8 +570,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
+ if (ctx->keys_fd < 0)
+ return 0;
+
+- if (strncmp(&fi->name[6], "RSA.", 4) == 0 ||
+- strncmp(&fi->name[6], "DSA.", 4) == 0) {
++ if (strncmp(&fi->name[6], "RSA.", 4) == 0) {
+ int fd = openat(ctx->keys_fd, &fi->name[10], O_RDONLY|O_CLOEXEC);
+ BIO *bio;
+
+@@ -581,10 +580,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
+ bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE);
+ ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
+ if (ctx->signature.pkey != NULL) {
+- if (fi->name[6] == 'R')
+- ctx->md = EVP_sha1();
+- else
+- ctx->md = EVP_dss1();
++ ctx->md = EVP_sha256();
+ }
+ BIO_free(bio);
+ } else
+--
+2.7.0
+