diff options
-rw-r--r-- | sys-apps/apk-tools/Manifest | 1 | ||||
-rw-r--r-- | sys-apps/apk-tools/apk-tools-2.6.6.ebuild | 46 | ||||
-rw-r--r-- | sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch | 52 |
3 files changed, 99 insertions, 0 deletions
diff --git a/sys-apps/apk-tools/Manifest b/sys-apps/apk-tools/Manifest index 2ebf99a31..ec455e335 100644 --- a/sys-apps/apk-tools/Manifest +++ b/sys-apps/apk-tools/Manifest @@ -1 +1,2 @@ DIST apk-tools-2.6.4.tar.bz2 81902 SHA256 0f52b96c5b8b5ad6f710610d8f21dcfb275795e1f282418a6f9953c02f41312e SHA512 efff745ae625aae7bec0c4f45c877e9f1e12860324a492d950358ba0ecb07ca13c8c963a078118692e7edc3a19053fee307bcfd0a730f7ed6e497c2dc7df16d6 WHIRLPOOL 5a879dd63f7da34c5ed687d20fba7e3873d7bed51a5c27f4144becc5b6ba8c7f15edc189b55ddec7449f075203043ef6b10e5293573918e9bc938d4fd4b0fa1c +DIST apk-tools-2.6.6.tar.bz2 82728 SHA256 7e5e86c856ce236c7fd54605ee0b1dbf59920398d3b33f9f6ff0e5f98e6828af SHA512 f22fd3a20b78980e93d2f36acdaf05841d4fa25f7f9ebd1d97ac60b1e0f3b72cf9fdb94fb082d562ab66f46c1ba68350b44f1a6a3d16a4959d1a8fbd240151ab WHIRLPOOL 6bfdb7bf57500b5ce4bf868f85e8a15db9f8d25cb0bd5d4a1224641860191329f31b2d7c7575d09755188a749908bbe403b97efcba914c95d7a828c36f220cf9 diff --git a/sys-apps/apk-tools/apk-tools-2.6.6.ebuild b/sys-apps/apk-tools/apk-tools-2.6.6.ebuild new file mode 100644 index 000000000..ea53f8223 --- /dev/null +++ b/sys-apps/apk-tools/apk-tools-2.6.6.ebuild @@ -0,0 +1,46 @@ +# Copyright 2015-2016 Adélie Linux Team +# Distributed under the terms of the NCSA License + +EAPI=6 + +DESCRIPTION="The Alpine Linux Package Keeper (APK)" +HOMEPAGE="http://alpinelinux.org/" +SRC_URI="http://git.alpinelinux.org/cgit/apk-tools/snapshot/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="arm mips ppc x86 x86_64 ~alpha ~arm64 ~hppa ~ppc64 ~sparc64" +IUSE="static" # lua + +DEPEND="dev-libs/libfetch[ssl]" +RDEPEND="${DEPEND} + >=dev-libs/openssl-1.0.1p + static? ( >=dev-libs/openssl-1.0.1p[static-libs] ) + sys-libs/zlib + static? ( sys-libs/zlib[static-libs] ) +" +# lua? ( dev-lang/lua:5.2 ) + +PATCHES=( + "${FILESDIR}"/${P}-use-sha256-signature.patch + ) + +src_configure() { + #if ! use lua; then + echo 'LUAAPK=' >> "${S}"/config.mk + echo 'export LUAAPK' >> "${S}"/config.mk + #fi +} + +src_compile () { + export CFLAGS=-Wno-error=unused-result + emake + use static && emake static +} + +pkg_preinst () { + mkdir -p "${D}"/usr/sbin + mv "${D}"/sbin/apk "${D}"/usr/sbin/apk + use static && "${D}"/sbin/apk.static "${D}"/usr/sbin/apk.static + rmdir "${D}"/sbin +} diff --git a/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch b/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch new file mode 100644 index 000000000..e13f8b563 --- /dev/null +++ b/sys-apps/apk-tools/files/apk-tools-2.6.6-use-sha256-signature.patch @@ -0,0 +1,52 @@ +From 0984ca854ce4b9fddbf1dc7503058406ded6e2cc Mon Sep 17 00:00:00 2001 +From: Andrew Wilcox <AWilcox@Wilcox-Tech.com> +Date: Sun, 18 Oct 2015 11:19:36 -0500 +Subject: [PATCH] package: use SHA256 for signature instead of SHA1 + +--- + src/apk_blob.h | 2 +- + src/package.c | 8 ++------ + 2 files changed, 3 insertions(+), 7 deletions(-) + +diff --git a/src/apk_blob.h b/src/apk_blob.h +index 2d2e30e..a879d27 100644 +--- a/src/apk_blob.h ++++ b/src/apk_blob.h +@@ -41,7 +41,7 @@ extern apk_blob_t apk_null_blob; + + /* Internal cointainer for MD5 or SHA1 */ + struct apk_checksum { +- unsigned char data[20]; ++ unsigned char data[40]; + unsigned char type; + }; + +diff --git a/src/package.c b/src/package.c +index 24a4f94..14993b3 100644 +--- a/src/package.c ++++ b/src/package.c +@@ -570,8 +570,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, + if (ctx->keys_fd < 0) + return 0; + +- if (strncmp(&fi->name[6], "RSA.", 4) == 0 || +- strncmp(&fi->name[6], "DSA.", 4) == 0) { ++ if (strncmp(&fi->name[6], "RSA.", 4) == 0) { + int fd = openat(ctx->keys_fd, &fi->name[10], O_RDONLY|O_CLOEXEC); + BIO *bio; + +@@ -581,10 +580,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, + bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE); + ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + if (ctx->signature.pkey != NULL) { +- if (fi->name[6] == 'R') +- ctx->md = EVP_sha1(); +- else +- ctx->md = EVP_dss1(); ++ ctx->md = EVP_sha256(); + } + BIO_free(bio); + } else +-- +2.7.0 + |