From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1777776-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id CA70C15827B
	for <garchives@archives.gentoo.org>; Wed, 20 Aug 2025 08:04:36 +0000 (UTC)
Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(No client certificate requested)
	(Authenticated sender: relay-lists.gentoo.org@gentoo.org)
	by smtp.gentoo.org (Postfix) with ESMTPSA id A4D7D3424FA
	for <garchives@archives.gentoo.org>; Wed, 20 Aug 2025 08:04:36 +0000 (UTC)
Received: from bobolink.gentoo.org (localhost [127.0.0.1])
	by bobolink.gentoo.org (Postfix) with ESMTP id A8B1211055F;
	Wed, 20 Aug 2025 08:04:33 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(No client certificate requested)
	by bobolink.gentoo.org (Postfix) with ESMTPS id 9B82611055F
	for <gentoo-commits@lists.gentoo.org>; Wed, 20 Aug 2025 08:04:33 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 508133424CC
	for <gentoo-commits@lists.gentoo.org>; Wed, 20 Aug 2025 08:04:33 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 871BE334A
	for <gentoo-commits@lists.gentoo.org>; Wed, 20 Aug 2025 08:04:31 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1755677039.e1a2db8fd442610e5dc91fab669d00fee20ebf4b.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-fs/cryptsetup/
X-VCS-Repository: repo/gentoo
X-VCS-Files: sys-fs/cryptsetup/Manifest sys-fs/cryptsetup/cryptsetup-2.8.1.ebuild
X-VCS-Directories: sys-fs/cryptsetup/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: e1a2db8fd442610e5dc91fab669d00fee20ebf4b
X-VCS-Branch: master
Date: Wed, 20 Aug 2025 08:04:31 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: ab74e3f3-aa71-420a-a997-5c389fa0be66
X-Archives-Hash: d6f6f0b841f3c461ea8cf4e6cfc92ba1

commit:     e1a2db8fd442610e5dc91fab669d00fee20ebf4b
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 20 06:19:02 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Aug 20 08:03:59 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1a2db8f

sys-fs/cryptsetup: add 2.8.1

Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-fs/cryptsetup/Manifest                |   1 +
 sys-fs/cryptsetup/cryptsetup-2.8.1.ebuild | 153 ++++++++++++++++++++++++++++++
 2 files changed, 154 insertions(+)

diff --git a/sys-fs/cryptsetup/Manifest b/sys-fs/cryptsetup/Manifest
index a843195e0a9a..1025101ec987 100644
--- a/sys-fs/cryptsetup/Manifest
+++ b/sys-fs/cryptsetup/Manifest
@@ -1,2 +1,3 @@
 DIST cryptsetup-2.7.5.tar.xz 11697476 BLAKE2B 7df7b53f74cbf1a009d2804b8d85c9fea27be994bb4171e1ded70e3666635fd8f265819321bee0d1977548626029ebf75b87225a68cb38b3b79910f991c813dd SHA512 13eca93cdb00a143d2ca60b6f66ede5adc4072ca0c4bfebd8454a3541e69d269fcdb4afc97ad799e87a999b2bd46c1f31fa924a3d616d72a3337970b1e718d55
 DIST cryptsetup-2.8.0.tar.xz 11794404 BLAKE2B 8f048b4ab87c46f4b459e7eccc2b3e9099a3e22040524b0513989d2a4552bc5dd8b7406ee28b25e7da00121e0d29b9f146f9b6e2384a05bc7a2abbaf14f11876 SHA512 4a41720fdf7f35693b31e68ef6dda7dbdd050252e7f33f3889f9272b708d40b8bde8ecca5e0c917d51bd3f2c82a7bd304829d56bc8ac423ca005155611f42211
+DIST cryptsetup-2.8.1.tar.xz 11821036 BLAKE2B 148ff29e94c77abf66b3ebf1a6c291031a786dc2ccb23a3ccd6b816711aac56d64743b709ca6ed4378bf55946cd2c67ba300ed4b7ad831c341fcb37d580efaa5 SHA512 a5171e18c55bfbc57330f2d46ab06b5ac6957392a77aef74c3d1c5295eb39962d1db19ddd3420ea1154d730b361d09e72bf5315c7a3d56eb36cee9c2531bca5d

diff --git a/sys-fs/cryptsetup/cryptsetup-2.8.1.ebuild b/sys-fs/cryptsetup/cryptsetup-2.8.1.ebuild
new file mode 100644
index 000000000000..817e5f8061d9
--- /dev/null
+++ b/sys-fs/cryptsetup/cryptsetup-2.8.1.ebuild
@@ -0,0 +1,153 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# TODO: meson (not just yet as of 2.8.0, see https://gitlab.com/cryptsetup/cryptsetup/-/issues/949#note_2585304492)
+inherit linux-info tmpfiles
+
+DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
+HOMEPAGE="https://gitlab.com/cryptsetup/cryptsetup"
+SRC_URI="https://www.kernel.org/pub/linux/utils/${PN}/v$(ver_cut 1-2)/${P/_/-}.tar.xz"
+S="${WORKDIR}"/${P/_/-}
+
+LICENSE="GPL-2+"
+SLOT="0/12" # libcryptsetup.so version
+if [[ ${PV} != *_rc* ]] ; then
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+fi
+
+CRYPTO_BACKENDS="gcrypt kernel nettle +openssl"
+# we don't support nss since it doesn't allow cryptsetup to be built statically
+# and it's missing ripemd160 support so it can't provide full backward compatibility
+IUSE="${CRYPTO_BACKENDS} +argon2 fips nls pwquality passwdqc ssh static static-libs test +udev urandom"
+RESTRICT="!test? ( test )"
+# bug #496612, bug #832711, bug #843863
+REQUIRED_USE="
+	?? ( pwquality passwdqc )
+	^^ ( ${CRYPTO_BACKENDS//+/} )
+	static? ( !ssh !udev !fips )
+	static-libs? ( !passwdqc )
+	fips? ( !kernel !nettle )
+"
+
+LIB_DEPEND="
+	dev-libs/json-c:=[static-libs(+)]
+	dev-libs/popt[static-libs(+)]
+	>=sys-apps/util-linux-2.31-r1[static-libs(+)]
+	argon2? ( app-crypt/argon2:=[static-libs(+)] )
+	gcrypt? (
+		dev-libs/libgcrypt:0=[static-libs(+)]
+		dev-libs/libgpg-error[static-libs(+)]
+	)
+	nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] )
+	openssl? ( dev-libs/openssl:0=[static-libs(+)] )
+	pwquality? ( dev-libs/libpwquality[static-libs(+)] )
+	passwdqc? ( sys-auth/passwdqc )
+	ssh? ( net-libs/libssh[static-libs(+)] )
+	sys-fs/lvm2[static-libs(+)]
+"
+# We have to always depend on ${LIB_DEPEND} rather than put behind
+# !static? () because we provide a shared library which links against
+# these other packages. bug #414665
+RDEPEND="
+	static-libs? ( ${LIB_DEPEND} )
+	${LIB_DEPEND//\[static-libs\([+-]\)\]}
+	udev? ( virtual/libudev:= )
+"
+DEPEND="
+	${RDEPEND}
+	static? ( ${LIB_DEPEND} )
+"
+# vim-core needed for xxd in tests
+BDEPEND="
+	virtual/pkgconfig
+	test? ( app-editors/vim-core )
+"
+
+pkg_setup() {
+	local CONFIG_CHECK="~DM_CRYPT ~CRYPTO ~CRYPTO_CBC ~CRYPTO_SHA256"
+	local WARNING_DM_CRYPT="CONFIG_DM_CRYPT:\tis not set (required for cryptsetup)\n"
+	local WARNING_CRYPTO_SHA256="CONFIG_CRYPTO_SHA256:\tis not set (required for cryptsetup)\n"
+	local WARNING_CRYPTO_CBC="CONFIG_CRYPTO_CBC:\tis not set (required for kernel 2.6.19)\n"
+	local WARNING_CRYPTO="CONFIG_CRYPTO:\tis not set (required for cryptsetup)\n"
+	check_extra_config
+}
+
+src_prepare() {
+	default
+
+	sed -i '/^LOOPDEV=/s:$: || exit 0:' tests/{compat,mode}-test || die
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-internal-argon2
+		--disable-asciidoc
+		--enable-shared
+		--sbindir="${EPREFIX}"/sbin
+		# for later use
+		--with-default-luks-format=LUKS2
+		--with-tmpfilesdir="${EPREFIX}/usr/lib/tmpfiles.d"
+		--with-crypto_backend=$(for x in ${CRYPTO_BACKENDS//+/} ; do usev ${x} ; done)
+		$(use_enable argon2 libargon2)
+		$(use_enable nls)
+		$(use_enable pwquality)
+		$(use_enable passwdqc)
+		$(use_enable !static external-tokens)
+		$(use_enable static static-cryptsetup)
+		$(use_enable static-libs static)
+		$(use_enable udev)
+		$(use_enable !urandom dev-random)
+		$(use_enable ssh ssh-token)
+		$(usev !argon2 '--with-luks2-pbkdf=pbkdf2')
+		$(use_enable fips)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_test() {
+	if [[ ! -e /dev/mapper/control ]] ; then
+		ewarn "No /dev/mapper/control found -- skipping tests"
+		return 0
+	fi
+
+	local p
+	for p in /dev/mapper /dev/loop* ; do
+		addwrite ${p}
+	done
+
+	default
+}
+
+src_install() {
+	default
+
+	if use static ; then
+		mv "${ED}"/sbin/cryptsetup{.static,} || die
+		mv "${ED}"/sbin/veritysetup{.static,} || die
+		mv "${ED}"/sbin/integritysetup{.static,} || die
+
+		if use ssh ; then
+			mv "${ED}"/sbin/cryptsetup-ssh{.static,} || die
+		fi
+	fi
+
+	find "${ED}" -type f -name "*.la" -delete || die
+
+	dodoc docs/v*ReleaseNotes
+
+	newconfd "${FILESDIR}"/2.4.3-dmcrypt.confd dmcrypt
+	newinitd "${FILESDIR}"/2.4.3-dmcrypt.rc dmcrypt
+}
+
+pkg_postinst() {
+	tmpfiles_process cryptsetup.conf
+
+	if use kernel ; then
+		ewarn "Note that kernel backend is very slow for this type of operation"
+		ewarn "and is provided mainly for embedded systems wanting to avoid"
+		ewarn "userspace crypto libraries."
+	fi
+}