]> Cypherpunks repositories - bass.git/commitdiff
projects / bass.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 36158be)
GnuTLS with PQ algorithms
authorSergey Matveev <stargrave@stargrave.org>
Tue, 10 Feb 2026 12:48:48 +0000 (15:48 +0300)
committerSergey Matveev <stargrave@stargrave.org>
Tue, 10 Feb 2026 12:48:48 +0000 (15:48 +0300)
build/distfiles/.gitignore patch | blob | history
build/distfiles/leancrypto-1.6.0.tar.xz.meta4 [new file with mode: 0644] patch | blob
build/skel/security/gnutls-3.8.12.do patch | blob | history
build/skel/security/leancrypto-1.6.0.do [new file with mode: 0644] patch | blob

diff --git a/build/distfiles/.gitignore b/build/distfiles/.gitignore
index 66b957f19388c7f7639911377de5d4a4f2db69da35e44f92282883993476ca9f..72ad59d6fca29c776ecd25989437d4fcd74005bbd0b074e5de360b9ad150e65a 100644 (file)
--- a/build/distfiles/.gitignore
+++ b/build/distfiles/.gitignore
@@ -107,6 +107,7 @@
 /json-glib-1.10.6.tar.xz
 /lame-3.100.tar.gz
 /lcms2-2.16.tar.gz
+/leancrypto-1.6.0.tar.xz
 /less-692.tar.gz
 /lftp-4.9.3.tar.xz
 /libao-1.2.0.tar.gz
diff --git a/build/distfiles/leancrypto-1.6.0.tar.xz.meta4 b/build/distfiles/leancrypto-1.6.0.tar.xz.meta4
new file mode 100644 (file)
index 0000000..25065ce
--- /dev/null
+++ b/build/distfiles/leancrypto-1.6.0.tar.xz.meta4
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<metalink xmlns="urn:ietf:params:xml:ns:metalink">
+  <file name="leancrypto-1.6.0.tar.xz">
+    <hash type="blake3-256">66e42a841ead8cb12347c85fd54c23e203a9b31caaa5e575d430128dc04cd639</hash>
+    <hash type="blake2b-512">a7674e8111a633e2abeeb125d7fcba3bca8f4cd8beb9812675f08ab71b1277c2e8dc39500d1d44cf618c1eb65bd0a03e42f32a6ef9767688c0724f51fc54836d</hash>
+    <hash type="blake2b-256">a661202229cc9e9d0a8e40d1f5faac9e5d70a8e58c2ea65f9e159b4d141dd8c8</hash>
+    <hash type="skein-512">c17c1e4fd8e8ce6b2ea9713851a26891b0457496566b46febf1114d31b4193f10081add555431ef5f66c13cf39ddedf7a57691b8412f89b693e8ee3405e0e647</hash>
+    <hash type="shake128">0c07c7ee9424abf3b17698e506dab3f972ca6fe825471df3927b598158108095</hash>
+    <hash type="shake256">41c26dbee4393dcf18137a6fcc05007fe449c9d00b8e8d7b844c8fee81a4c9023deb1593257f73d184f9d1d2793773bef1af15e3f31ecef98a4302a7c1b7d24a</hash>
+    <hash type="sha-512">b1b677ef005497d513b72ced2f4186d97cad12f82817d7bc82d09bbc0e8c0f54ad9496ff95374d61dd3d677ca3bfadc55c29885d04421d20ff58dcab3fc01347</hash>
+    <hash type="sha-256">496188ea1652c83b54963bebb7b6a441564e7f75e5867ee9d3a29710ebc43421</hash>
+    <hash type="streebog-512">f1d317b95498f01e7ea5f5f7f19bd4d418665ee8259fc2e71df5a6103d2215d73d8e26bb15da4249da14ed0ce91a29cef31afe2000154e4f227653bd552629a9</hash>
+    <hash type="streebog-256">c77dbf66ba4c9b504777d83cbbf33e13ce2ce99514856d6832dd022a873fdcb9</hash>
+    <hash type="xxh3-128">d85b39d9494c1e7a2139fb4e443d96aa</hash>
+    <signature mediatype="application/pgp-signature"><![CDATA[
+-----BEGIN PGP SIGNATURE-----
+
+iJEEABMIADkWIQQ0LE46OepfGZCb44quXQ2j/QkjUwUCaPMjfBsUgAAAAAAEAA5t
+YW51MiwyLjUrMS4xMSwzLDIACgkQrl0No/0JI1P3/QD7BnDVzb1nJCpy7f72K0F3
+uckN8MldQi4MD4PD3OGsg6wA/35z7loXAH7F9VYAXa6ualSDtuovA52qywisI+O5
+uhfr
+=qvfM
+-----END PGP SIGNATURE-----
+]]></signature>
+    <size>40197212</size>
+    <url>https://leancrypto.org/leancrypto/releases/leancrypto-1.6.0/leancrypto-1.6.0.tar.xz</url>
+  </file>
+</metalink>
diff --git a/build/skel/security/gnutls-3.8.12.do b/build/skel/security/gnutls-3.8.12.do
index 482b8cff016a28c2341a53eb93a0e38de02db51ec71a3c371bd2e61c7af814fb..119847f4592fbb99b1b9a975845dd9080c570e08b286ea14d498d4e313ee9fd4 100644 (file)
--- a/build/skel/security/gnutls-3.8.12.do
+++ b/build/skel/security/gnutls-3.8.12.do
@@ -3,7 +3,12 @@ sname=$1.do . "$BASS_ROOT"/lib/rc
 . "$BASS_ROOT"/build/skel/common.rc
 
 bdeps="rc-paths stow archivers/zstd devel/pkgconf-2.1.1"
-rdeps="dns/libidn2-2.3.7 math/gmp-6.3.0 security/nettle-3.10.1"
+rdeps="
+dns/libidn2-2.3.7
+math/gmp-6.3.0
+security/nettle-3.10.1
+security/leancrypto-1.6.0
+"
 redo-ifchange $bdeps "$DISTFILES"/$NAME.tar.xz $rdeps
 hsh=$("$BASS_ROOT"/build/bin/cksum $BASS_REV $SPATH)
 . "$BASS_ROOT"/build/lib/create-tmp-for-build.rc
@@ -16,10 +21,12 @@ cd $NAME
 if uname -s | grep -q -i freebsd ; then
     patch <"$BASS_ROOT"/build/skel/security/gnutls-3.8.12-crau-fix.patch >&2
 fi
+priority="NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:+GROUP-X25519-MLKEM768"
 ./configure --prefix="$SKELBINS"/$ARCH/$NAME-$hsh \
     --without-tpm --without-p11-kit --enable-static \
     --with-included-unistring --with-included-libtasn1 \
-    --disable-crypto-auditing >&2
+    --disable-crypto-auditing --with-leancrypto \
+    --with-default-priority-string=$priority >&2
 make -j$MAKE_JOBS >&2
 make install >&2
 
diff --git a/build/skel/security/leancrypto-1.6.0.do b/build/skel/security/leancrypto-1.6.0.do
new file mode 100644 (file)
index 0000000..067f461
--- /dev/null
+++ b/build/skel/security/leancrypto-1.6.0.do
@@ -0,0 +1,33 @@
+[ -n "$BASS_ROOT" ] || BASS_ROOT="$(dirname "$(realpath -- "$0")")"/../../../..
+sname=$1.do . "$BASS_ROOT"/lib/rc
+. "$BASS_ROOT"/build/skel/common.rc
+
+bdeps="
+rc-paths
+stow
+archivers/zstd
+devel/pkgconf-2.1.1
+devel/ninja-v1.12.1
+lang/Python-3.7.3
+"
+meson=meson-1.7.2
+redo-ifchange $bdeps "$DISTFILES"/$NAME.tar.xz "$DISTFILES"/$meson.tar.gz
+hsh=$("$BASS_ROOT"/build/bin/cksum $BASS_REV $SPATH)
+. "$BASS_ROOT"/build/lib/create-tmp-for-build.rc
+"$BASS_ROOT"/build/bin/pkg-inst $bdeps $rdeps
+. ./rc
+$TAR xf "$DISTFILES"/$meson.tar.gz
+$TAR xf "$DISTFILES"/$NAME.tar.xz
+"$BASS_ROOT"/bin/rm-r "$SKELBINS"/$ARCH/$NAME-$hsh
+
+cd $NAME
+perl -i -npe "s/bash/sh/" addon/generate_header.sh
+for opt in x509_parser x509_generator pkcs7_parser pkcs7_generator ; do
+    perl -i -npe "s/enabled/disabled/ if /$opt/" meson_options.txt
+done
+../$meson/meson.py build --prefix="$SKELBINS"/$ARCH/$NAME-$hsh >&2
+../$meson/meson.py compile -C build >&2
+../$meson/meson.py install -C build >&2
+
+cd "$SKELBINS"/$ARCH
+"$BASS_ROOT"/build/lib/mk-pkg $NAME-$hsh
Build Automation Steady System