app-crypt/swtpm: Add gnutls dependency back for swtpm_cert

RDEPEND=net-libs/gnutls[tools,pkcs11] is essentiallly required for app-crypt/swtpm. New vTPMs cannot be provisioned without it, and upstream expects gnutls to have PKCS11 support: stefanberger/swtpm#477 . Closes: #32704 Closes: https://bugs.gentoo.org/913586 Bug: https://bugs.gentoo.org/909754 Signed-off-by: Christopher Byrne <salah.coronya@gmail.com> Signed-off-by: Matthias Maier <tamiko@gentoo.org>
gentoo · Sep 16, 2023 · 385cf75 · 385cf75
1 parent 14e3f02
commit 385cf75
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 21 deletions.
diff --git a/app-crypt/swtpm/metadata.xml b/app-crypt/swtpm/metadata.xml
@@ -15,7 +15,6 @@
 	</maintainer>
 	<use>
 		<flag name="fuse">Support <pkg>sys-fs/fuse</pkg> based /dev/tpm interface</flag>
-		<flag name="gnutls">Build the swtpm_cert binary which depends on <pkg>net-libs/gnutls</pkg></flag>
 	</use>
 	<upstream>
 		<remote-id type="github">stefanberger/swtpm</remote-id>

diff --git a/app-crypt/swtpm/swtpm-0.8.0-r1.ebuild → app-crypt/swtpm/swtpm-0.8.0-r2.ebuild b/app-crypt/swtpm/swtpm-0.8.0-r1.ebuild → app-crypt/swtpm/swtpm-0.8.0-r2.ebuild
@@ -14,30 +14,32 @@ SRC_URI="https://github.com/stefanberger/swtpm/archive/v${PV}.tar.gz -> ${P}.tar
 LICENSE="BSD"
 SLOT="0"
 KEYWORDS="amd64 arm arm64 ~loong ~ppc ppc64 ~riscv x86"
-IUSE="fuse +gnutls seccomp test"
+IUSE="fuse seccomp test"
 RESTRICT="!test? ( test )"
 
+# net-libs/gnutls[pkcs11,tools] is required otherwsie it not possible to
+# provision new vTPMs. swtpm_cert spawns certttool, and upstream expects
+# pkcs11 in gnutls: https://github.com/stefanberger/swtpm/issues/477.
+
 RDEPEND="fuse? (
 		dev-libs/glib:2
 		sys-fs/fuse:0
 	)
-	gnutls? (
-		dev-libs/libtasn1:=
-		>=net-libs/gnutls-3.4.0:=[tools,pkcs11]
-	)
 	seccomp? ( sys-libs/libseccomp )
-	dev-libs/libtasn1:=
 	acct-group/tss
 	acct-user/tss
 	dev-libs/openssl:0=
 	dev-libs/json-glib
-	dev-libs/libtpms"
+	dev-libs/libtpms
+	dev-libs/libtasn1:=
+	net-libs/gnutls[pkcs11,tools]
+"
 
 DEPEND="${RDEPEND}
-	test? (
+	test?	(
 		net-misc/socat
 		dev-tcltk/expect
-	)"
+		)"
 
 BDEPEND="${PYTHON_DEPS}"
 
@@ -55,9 +57,9 @@ src_prepare() {
 src_configure() {
 	econf \
 		--with-openssl \
+		--with-gnutls \
 		--without-selinux \
 		$(use_with fuse cuse) \
-		$(use_with gnutls) \
 		$(use_with seccomp) \
 		$(use_enable test)
 }

diff --git a/app-crypt/swtpm/swtpm-0.8.1-r1.ebuild → app-crypt/swtpm/swtpm-0.8.1-r2.ebuild b/app-crypt/swtpm/swtpm-0.8.1-r1.ebuild → app-crypt/swtpm/swtpm-0.8.1-r2.ebuild
@@ -14,30 +14,32 @@ SRC_URI="https://github.com/stefanberger/swtpm/archive/v${PV}.tar.gz -> ${P}.tar
 LICENSE="BSD"
 SLOT="0"
 KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86"
-IUSE="fuse +gnutls seccomp test"
+IUSE="fuse seccomp test"
 RESTRICT="!test? ( test )"
 
+# net-libs/gnutls[pkcs11,tools] is required otherwsie it not possible to
+# provision new vTPMs. swtpm_cert spawns certttool, and upstream expects
+# pkcs11 in gnutls: https://github.com/stefanberger/swtpm/issues/477.
+
 RDEPEND="fuse? (
 		dev-libs/glib:2
 		sys-fs/fuse:0
 	)
-	gnutls? (
-		dev-libs/libtasn1:=
-		>=net-libs/gnutls-3.4.0:=[tools,pkcs11]
-	)
 	seccomp? ( sys-libs/libseccomp )
-	dev-libs/libtasn1:=
 	acct-group/tss
 	acct-user/tss
 	dev-libs/openssl:0=
 	dev-libs/json-glib
-	dev-libs/libtpms"
+	dev-libs/libtpms
+	dev-libs/libtasn1:=
+	net-libs/gnutls[pkcs11,tools]
+"
 
 DEPEND="${RDEPEND}
-	test? (
+	test?	(
 		net-misc/socat
 		dev-tcltk/expect
-	)"
+		)"
 
 BDEPEND="${PYTHON_DEPS}"
 
@@ -55,9 +57,9 @@ src_prepare() {
 src_configure() {
 	econf \
 		--with-openssl \
+		--with-gnutls \
 		--without-selinux \
 		$(use_with fuse cuse) \
-		$(use_with gnutls) \
 		$(use_with seccomp) \
 		$(use_enable test)
 }