summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2019-06-27 09:31:26 +0200
committerMichał Górny <mgorny@gentoo.org>2019-06-27 10:17:49 +0200
commit01d7096ca1ab0c79e5bbf442188d13ab6aadefff (patch)
tree2ce52135b722d7dcc6e070bc0832cd8b8e4b677d /net-misc/aria2
parentnet-misc/aria2: Correct LICENSE (diff)
downloadgentoo-01d7096ca1ab0c79e5bbf442188d13ab6aadefff.tar.gz
gentoo-01d7096ca1ab0c79e5bbf442188d13ab6aadefff.tar.bz2
gentoo-01d7096ca1ab0c79e5bbf442188d13ab6aadefff.zip
net-misc/aria2: Attempt to correct crazy crypto-lib logic
Attempt to rework crypto-lib dependencies to correctly indicate libraries needed for program operation. The new logic involves using OpenSSL only with USE=ssl+!gnutls but using it both for TLS & MD. In all other circumstances, GnuTLS is used for TLS (if USE=ssl), and nettle/libgcrypt is used for MD. The latter is needed independently of bittorrent support; it only affects additional libgmp dependency. Closes: https://bugs.gentoo.org/688780 Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'net-misc/aria2')
-rw-r--r--net-misc/aria2/aria2-1.34.0-r2.ebuild184
-rw-r--r--net-misc/aria2/metadata.xml3
2 files changed, 186 insertions, 1 deletions
diff --git a/net-misc/aria2/aria2-1.34.0-r2.ebuild b/net-misc/aria2/aria2-1.34.0-r2.ebuild
new file mode 100644
index 000000000000..025e6d10b737
--- /dev/null
+++ b/net-misc/aria2/aria2-1.34.0-r2.ebuild
@@ -0,0 +1,184 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit bash-completion-r1
+
+DESCRIPTION="A download utility with segmented downloading with BitTorrent support"
+HOMEPAGE="https://aria2.github.io/"
+SRC_URI="https://github.com/aria2/${PN}/releases/download/release-${PV}/${P}.tar.xz"
+
+LICENSE="GPL-2+-with-openssl-exception"
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux"
+SLOT="0"
+IUSE="adns bittorrent +gnutls jemalloc libuv +libxml2 metalink +nettle nls sqlite scripts ssh ssl tcmalloc test xmlrpc"
+
+# Crazy GnuTLS/OpenSSL/etc. logic below:
+# 1. Those libraries are used for two purposes: TLS & MD.
+# 2. Upstream preferences are:
+# 1) gnutls [tls]
+# 2) !gnutls? -> openssl [tls+md]
+# 3) !openssl? -> nettle [md]
+# 4) !openssl? !nettle? -> gcrypt [md]
+# 5) !*? -> bundled md routines (we don't use them)
+# 3. There's also gmp usage for bittorrent with nettle.
+# 4. You can't really control features, just dependencies.
+# (we are skipping native Apple/Windows TLS support)
+#
+# We map this into:
+# ssl? -> openssl || (gnutls + (nettle || libgcrypt ))
+# !ssl? -> nettle || libgcrypt
+
+CDEPEND="sys-libs/zlib:0=
+ adns? ( >=net-dns/c-ares-1.5.0:0= )
+ jemalloc? ( dev-libs/jemalloc )
+ libuv? ( >=dev-libs/libuv-1.13:0= )
+ metalink? (
+ libxml2? ( >=dev-libs/libxml2-2.6.26:2= )
+ !libxml2? ( dev-libs/expat:0= ) )
+ sqlite? ( dev-db/sqlite:3= )
+ ssh? ( net-libs/libssh2:= )
+ ssl? (
+ app-misc/ca-certificates
+ gnutls? (
+ >=net-libs/gnutls-1.2.9:0=
+ nettle? (
+ >=dev-libs/nettle-2.4:0=
+ bittorrent? (
+ >=dev-libs/nettle-2.4:0=[gmp]
+ >=dev-libs/gmp-6:0=
+ )
+ )
+ !nettle? ( >=dev-libs/libgcrypt-1.2.2:0= )
+ )
+ !gnutls? (
+ dev-libs/openssl:0=
+ )
+ )
+ !ssl? (
+ nettle? (
+ >=dev-libs/nettle-2.4:0=
+ bittorrent? (
+ >=dev-libs/nettle-2.4:0=[gmp]
+ >=dev-libs/gmp-6:0=
+ )
+ )
+ !nettle? ( >=dev-libs/libgcrypt-1.2.2:0= )
+ )
+ tcmalloc? ( dev-util/google-perftools )
+ xmlrpc? (
+ libxml2? ( >=dev-libs/libxml2-2.6.26:2= )
+ !libxml2? ( dev-libs/expat:0= ) )"
+
+DEPEND="${CDEPEND}
+ app-arch/xz-utils
+ virtual/pkgconfig
+ nls? ( sys-devel/gettext )
+ test? ( >=dev-util/cppunit-1.12.0:0 )"
+RDEPEND="${CDEPEND}
+ nls? ( virtual/libiconv virtual/libintl )
+ scripts? ( dev-lang/ruby )"
+
+# xmlrpc has no explicit switch, it's turned out by any XML library
+# so metalink implicitly forces it on
+REQUIRED_USE="?? ( jemalloc tcmalloc )
+ metalink? ( xmlrpc )"
+RESTRICT="!test? ( test )"
+
+pkg_setup() {
+ if use scripts && ! use xmlrpc; then
+ ewarn "Please note that you may need to enable USE=xmlrpc to run the aria2rpc"
+ ewarn "and aria2mon scripts against the local aria2."
+ fi
+}
+
+src_prepare() {
+ eapply "${FILESDIR}"/${P}-make_unique.patch
+ # https://bugs.gentoo.org/674622 (CVE-2019-3500)
+ eapply "${FILESDIR}"/${P}-mask-headers.patch
+ default
+ sed -i -e "s|/tmp|${T}|" test/*.cc test/*.txt || die "sed failed"
+}
+
+src_configure() {
+ local myconf=(
+ # threads, epoll: check for best portability
+
+ # do not try to compile and run a test LIBXML program
+ --disable-xmltest
+ # enable the shared library
+ --enable-libaria2
+ # zlib should always be available anyway
+ --with-libz
+ --with-ca-bundle="${EPREFIX}/etc/ssl/certs/ca-certificates.crt"
+
+ # optional features
+ $(use_enable bittorrent)
+ $(use_enable metalink)
+ $(use_enable nls)
+ $(use_with adns libcares)
+ $(use_with jemalloc)
+ $(use_with libuv)
+ $(use_with sqlite sqlite3)
+ $(use_with ssh libssh2)
+ $(use_with tcmalloc)
+ )
+
+ # See TLS/MD logic described above deps.
+ if use ssl && ! use gnutls; then
+ # 1. if ssl & !gnutls, use openssl and disable gnutls
+ myconf+=( --without-gnutls --with-openssl )
+ else
+ myconf+=(
+ # 2. otherwise, disable openssl
+ --without-openssl
+ # 3. if ssl & gnutls, use gnutls
+ $(use_with ssl gnutls)
+
+ # 4. switch between nettle & libgcrypt
+ $(use_with nettle libnettle)
+ $(use_with !nettle libgcrypt)
+ )
+
+ # 5. if bittorrent is used along with nettle, use libgmp
+ if use bittorrent && use nettle; then
+ myconf+=( --with-libgmp )
+ else
+ myconf+=( --without-libgmp )
+ fi
+ fi
+
+ # metalink+xmlrpc := libxml2 / expat
+ # USE=(metalink || xmlrpc)
+ # + USE=libxml2 -> libxml2
+ # + USE=-libxml2 -> expat
+
+ if use metalink || use xmlrpc; then
+ myconf+=( $(use_with !libxml2 libexpat) $(use_with libxml2) )
+ else
+ myconf+=( --without-libexpat --without-libxml2 )
+ fi
+
+ # Note:
+ # - always enable gzip/http compression since zlib should always be available anyway
+ # - always enable epoll since we can assume kernel 2.6.x
+ # - other options for threads: solaris, pth, win32
+ econf "${myconf[@]}"
+}
+
+src_install() {
+ default
+ rm -rf "${D}"/usr/share/doc/aria2 \
+ "${D}"/usr/share/doc/${PF}/README{,.html}
+
+ dobashcomp doc/bash_completion/aria2c
+ use scripts && dobin doc/xmlrpc/aria2{mon,rpc}
+}
+
+pkg_postinst() {
+ if use xmlrpc; then
+ elog "If you would like to use the additional aria2mon and aria2rpc tools,"
+ elog "you need to have \033[1mdev-lang/ruby\033[0m installed."
+ fi
+}
diff --git a/net-misc/aria2/metadata.xml b/net-misc/aria2/metadata.xml
index e5e58f42b404..27fefc927194 100644
--- a/net-misc/aria2/metadata.xml
+++ b/net-misc/aria2/metadata.xml
@@ -11,10 +11,11 @@
</maintainer>
<use>
<flag name="bittorrent">Enable support for the bittorrent protocol.</flag>
+ <flag name="gnutls">Use <pkg>net-libs/gnutls</pkg> as TLS provider (preferred). Otherwise, <pkg>dev-libs/openssl</pkg> will be used as TLS provider. Both apply only with USE=ssl.</flag>
<flag name="libuv">Use <pkg>dev-libs/libuv</pkg> backend.</flag>
<flag name="libxml2">Use <pkg>dev-libs/libxml2</pkg> for XML parsing (preferred) instead of <pkg>dev-libs/expat</pkg>.</flag>
- <flag name="nettle">Use <pkg>dev-libs/nettle</pkg> and <pkg>dev-libs/gmp</pkg> for bittorrent/metalink crypto instead of <pkg>dev-libs/libgcrypt</pkg> (when <pkg>dev-libs/openssl</pkg> is not being used).</flag>
<flag name="metalink">Enable support for metalink.</flag>
+ <flag name="nettle">Use <pkg>dev-libs/nettle</pkg> for message digests, plus <pkg>dev-libs/gmp</pkg> for bittorrent (if enabled). If this flag is disabled, <pkg>dev-libs/libgcrypt</pkg> is used instead. This flag is ignored if <pkg>dev-libs/openssl</pkg> is used.</flag>
<flag name="scripts">Install additional scripts which use aria2's xmlrpc functionality.</flag>
<flag name="ssh">Enable SFTP support.</flag>
</use>