| 1 |
1 |
# Copyright 1999-2023 Gentoo Authors
|
| 2 |
2 |
# Distributed under the terms of the GNU General Public License v2
|
| 3 |
3 |
|
| 4 |
|
EAPI=7
|
|
4 |
EAPI=8
|
| 5 |
5 |
|
| 6 |
6 |
inherit linux-info tmpfiles
|
| 7 |
7 |
|
| 8 |
8 |
DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
|
| 9 |
9 |
HOMEPAGE="https://gitlab.com/cryptsetup/cryptsetup"
|
| 10 |
10 |
SRC_URI="https://www.kernel.org/pub/linux/utils/${PN}/v$(ver_cut 1-2)/${P/_/-}.tar.xz"
|
|
11 |
S="${WORKDIR}"/${P/_/-}
|
| 11 |
12 |
|
| 12 |
13 |
LICENSE="GPL-2+"
|
| 13 |
14 |
SLOT="0/12" # libcryptsetup.so version
|
| 14 |
|
[[ ${PV} != *_rc* ]] && \
|
| 15 |
|
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
|
|
15 |
if [[ ${PV} != *_rc* ]] ; then
|
|
16 |
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
|
|
17 |
fi
|
|
18 |
|
| 16 |
19 |
CRYPTO_BACKENDS="gcrypt kernel nettle +openssl"
|
| 17 |
20 |
# we don't support nss since it doesn't allow cryptsetup to be built statically
|
| 18 |
21 |
# and it's missing ripemd160 support so it can't provide full backward compatibility
|
| 19 |
|
IUSE="${CRYPTO_BACKENDS} +argon2 fips nls pwquality reencrypt ssh static static-libs test +udev urandom"
|
|
22 |
IUSE="${CRYPTO_BACKENDS} +argon2 fips nls pwquality ssh static static-libs test +udev urandom"
|
| 20 |
23 |
RESTRICT="!test? ( test )"
|
| 21 |
|
REQUIRED_USE="^^ ( ${CRYPTO_BACKENDS//+/} )
|
|
24 |
# bug #496612, bug #832711, bug #843863
|
|
25 |
REQUIRED_USE="
|
|
26 |
^^ ( ${CRYPTO_BACKENDS//+/} )
|
| 22 |
27 |
static? ( !gcrypt !ssh !udev !fips )
|
| 23 |
28 |
fips? ( !kernel !nettle )
|
| 24 |
|
" # 496612, 832711, 843863
|
|
29 |
"
|
| 25 |
30 |
|
| 26 |
31 |
LIB_DEPEND="
|
| 27 |
32 |
dev-libs/json-c:=[static-libs(+)]
|
| ... | ... | |
| 36 |
41 |
openssl? ( dev-libs/openssl:0=[static-libs(+)] )
|
| 37 |
42 |
pwquality? ( dev-libs/libpwquality[static-libs(+)] )
|
| 38 |
43 |
ssh? ( net-libs/libssh[static-libs(+)] )
|
| 39 |
|
sys-fs/lvm2[static-libs(+)]"
|
|
44 |
sys-fs/lvm2[static-libs(+)]
|
|
45 |
"
|
| 40 |
46 |
# We have to always depend on ${LIB_DEPEND} rather than put behind
|
| 41 |
47 |
# !static? () because we provide a shared library which links against
|
| 42 |
|
# these other packages. #414665
|
| 43 |
|
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
|
48 |
# these other packages. bug #414665
|
|
49 |
RDEPEND="
|
|
50 |
static-libs? ( ${LIB_DEPEND} )
|
| 44 |
51 |
${LIB_DEPEND//\[static-libs\([+-]\)\]}
|
| 45 |
|
udev? ( virtual/libudev:= )"
|
| 46 |
|
# vim-core needed for xxd in tests
|
| 47 |
|
DEPEND="${RDEPEND}
|
|
52 |
udev? ( virtual/libudev:= )
|
|
53 |
"
|
|
54 |
DEPEND="
|
|
55 |
${RDEPEND}
|
| 48 |
56 |
static? ( ${LIB_DEPEND} )
|
| 49 |
|
test? ( app-editors/vim-core )"
|
|
57 |
"
|
|
58 |
# vim-core needed for xxd in tests
|
| 50 |
59 |
BDEPEND="
|
| 51 |
60 |
virtual/pkgconfig
|
|
61 |
test? ( app-editors/vim-core )
|
| 52 |
62 |
"
|
| 53 |
63 |
|
| 54 |
|
S="${WORKDIR}/${P/_/-}"
|
| 55 |
|
|
| 56 |
64 |
pkg_setup() {
|
| 57 |
65 |
local CONFIG_CHECK="~DM_CRYPT ~CRYPTO ~CRYPTO_CBC ~CRYPTO_SHA256"
|
| 58 |
66 |
local WARNING_DM_CRYPT="CONFIG_DM_CRYPT:\tis not set (required for cryptsetup)\n"
|
| ... | ... | |
| 63 |
71 |
}
|
| 64 |
72 |
|
| 65 |
73 |
src_prepare() {
|
| 66 |
|
sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
|
| 67 |
74 |
default
|
|
75 |
|
|
76 |
sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
|
| 68 |
77 |
}
|
| 69 |
78 |
|
| 70 |
79 |
src_configure() {
|
| 71 |
|
if use kernel ; then
|
| 72 |
|
ewarn "Note that kernel backend is very slow for this type of operation"
|
| 73 |
|
ewarn "and is provided mainly for embedded systems wanting to avoid"
|
| 74 |
|
ewarn "userspace crypto libraries."
|
| 75 |
|
fi
|
| 76 |
|
|
| 77 |
80 |
local myeconfargs=(
|
| 78 |
81 |
--disable-internal-argon2
|
|
82 |
--disable-asciidoc
|
| 79 |
83 |
--enable-shared
|
| 80 |
84 |
--sbindir="${EPREFIX}"/sbin
|
| 81 |
85 |
# for later use
|
| ... | ... | |
| 85 |
89 |
$(use_enable argon2 libargon2)
|
| 86 |
90 |
$(use_enable nls)
|
| 87 |
91 |
$(use_enable pwquality)
|
| 88 |
|
$(use_enable reencrypt cryptsetup-reencrypt)
|
| 89 |
92 |
$(use_enable !static external-tokens)
|
| 90 |
93 |
$(use_enable static static-cryptsetup)
|
| 91 |
94 |
$(use_enable static-libs static)
|
| 92 |
95 |
$(use_enable udev)
|
| 93 |
96 |
$(use_enable !urandom dev-random)
|
| 94 |
97 |
$(use_enable ssh ssh-token)
|
| 95 |
|
$(usex argon2 '' '--with-luks2-pbkdf=pbkdf2')
|
|
98 |
$(usev !argon2 '--with-luks2-pbkdf=pbkdf2')
|
| 96 |
99 |
$(use_enable fips)
|
| 97 |
100 |
)
|
|
101 |
|
| 98 |
102 |
econf "${myeconfargs[@]}"
|
| 99 |
103 |
}
|
| 100 |
104 |
|
| ... | ... | |
| 119 |
123 |
mv "${ED}"/sbin/cryptsetup{.static,} || die
|
| 120 |
124 |
mv "${ED}"/sbin/veritysetup{.static,} || die
|
| 121 |
125 |
mv "${ED}"/sbin/integritysetup{.static,} || die
|
|
126 |
|
| 122 |
127 |
if use ssh ; then
|
| 123 |
128 |
mv "${ED}"/sbin/cryptsetup-ssh{.static,} || die
|
| 124 |
129 |
fi
|
| 125 |
|
if use reencrypt ; then
|
| 126 |
|
mv "${ED}"/sbin/cryptsetup-reencrypt{.static,} || die
|
| 127 |
|
fi
|
| 128 |
130 |
fi
|
|
131 |
|
| 129 |
132 |
find "${ED}" -type f -name "*.la" -delete || die
|
| 130 |
133 |
|
| 131 |
134 |
dodoc docs/v*ReleaseNotes
|
| ... | ... | |
| 136 |
139 |
|
| 137 |
140 |
pkg_postinst() {
|
| 138 |
141 |
tmpfiles_process cryptsetup.conf
|
|
142 |
|
|
143 |
if use kernel ; then
|
|
144 |
ewarn "Note that kernel backend is very slow for this type of operation"
|
|
145 |
ewarn "and is provided mainly for embedded systems wanting to avoid"
|
|
146 |
ewarn "userspace crypto libraries."
|
|
147 |
fi
|
| 139 |
148 |
}
|
