Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 943031

Summary: app-crypt/libsecret: USE=crypt used inconsistently with global flag
Product: Gentoo Linux Reporter: Michał Górny <mgorny>
Component: Current packagesAssignee: Gentoo Linux Gnome Desktop Team <gnome>
Status: RESOLVED FIXED    
Severity: normal CC: gjoandet, pacho
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-11-08 20:03:22 UTC
global[crypt] Add support for encryption -- using mcrypt or gpg where applicable

app-crypt/libsecret[crypt] Enable Backend library to implement transport encryption via dev-libs/libgcrypt
app-crypt/libsecret[gnutls] Enable Backend library to implement transport encryption via net-libs/gnutls

Since both flags are exclusive, this is particularly annoying for people with global USE=crypt set.
Comment 1 Pacho Ramos gentoo-dev 2024-11-08 20:30:41 UTC
We discussed it at:
https://github.com/gentoo/gentoo/pull/34206

But I am unsure about which option would be better, do you have any preferences?

Thanks
Comment 2 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-11-09 06:30:21 UTC
There's over a dozen packages using USE=gcrypt for precisely this reason.

If crypt is optional, then I dare say the best option would be either:

  crypt? ( || ( gcrypt gnutls ) )

or just USE=crypt as main switch, with USE=gcrypt or USE=gnutls to toggle between the preferred and secondary implementation.
Comment 3 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-11-09 06:31:12 UTC
I mean, given revdeps it's simply impossible to enable USE=gnutls right now.
Comment 4 Pacho Ramos gentoo-dev 2024-11-09 08:04:51 UTC
(In reply to Michał Górny from comment #2)
[...]
>   crypt? ( || ( gcrypt gnutls ) )
> 

Thanks, I would opt for this (and +gcrypt in IUSE, following upstream defaults)
Comment 5 Larry the Git Cow gentoo-dev 2024-11-09 12:52:30 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4630f8211339cd3b4e21f23f482b3235cc384edf

commit 4630f8211339cd3b4e21f23f482b3235cc384edf
Author:     Pacho Ramos <pacho@gentoo.org>
AuthorDate: 2024-11-09 12:45:33 +0000
Commit:     Pacho Ramos <pacho@gentoo.org>
CommitDate: 2024-11-09 12:52:22 +0000

    app-crypt/libsecret: Handle crypto implementations in a more consistent way
    
    This allow to more easily switch among implementations. Use gcrypt as default
    (following upstream and most of the other distributions).
    
    Also fix pam dependency (as pam module building also checks for libpam)
    
    Thanks-to: Michał Górny
    Closes: https://bugs.gentoo.org/943031
    Signed-off-by: Pacho Ramos <pacho@gentoo.org>

 app-crypt/libsecret/libsecret-0.21.4-r1.ebuild | 165 +++++++++++++++++++++++++
 app-crypt/libsecret/metadata.xml               |   3 +-
 2 files changed, 167 insertions(+), 1 deletion(-)