Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-libs
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2024-12-22 00:22:08 +0000
committerSam James <sam@gentoo.org>2024-12-22 00:22:08 +0000
commitae150680ea3f3c6d0b7800f8fdc0885068031951 (patch)
treee96dd343775b8a2f30ef31a4297e5769e1fdd4d8 /dev-libs
parentdev-libs/botan: add 3.6.1 (diff)
downloadgentoo-ae150680ea3f3c6d0b7800f8fdc0885068031951.tar.gz
gentoo-ae150680ea3f3c6d0b7800f8fdc0885068031951.tar.bz2
gentoo-ae150680ea3f3c6d0b7800f8fdc0885068031951.zip
dev-libs/botan: add 2.19.5
Bug: https://bugs.gentoo.org/946389 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'dev-libs')
-rw-r--r--dev-libs/botan/Manifest2
-rw-r--r--dev-libs/botan/botan-2.19.5.ebuild206
-rw-r--r--dev-libs/botan/files/botan-2.19.5-boost-1.87.patch361
-rw-r--r--dev-libs/botan/files/botan-2.19.5-cloudflare.patch52
-rw-r--r--dev-libs/botan/files/botan-2.19.5-no-distutils.patch86
5 files changed, 707 insertions, 0 deletions
diff --git a/dev-libs/botan/Manifest b/dev-libs/botan/Manifest
index 54dbb0c1c7ae..5fb27c05f14b 100644
--- a/dev-libs/botan/Manifest
+++ b/dev-libs/botan/Manifest
@@ -2,6 +2,8 @@ DIST Botan-2.19.3.tar.xz 6105896 BLAKE2B 6d7778d9e9a101c76f35c65b0fb0201641cd919
DIST Botan-2.19.3.tar.xz.asc 488 BLAKE2B cd86bf77306aad2956cced6ac4fb96081279af88743e87d8fe5437e72e9fa8db8aaf40d0b5cb9c5b3a85204cb7d63c3baa3054126ab4c9a2db527e6835a069d7 SHA512 9142f932c958138b4bac32f503a550e6c73b61612690a280dcb98efe8c367aa6bd3cd88b4ed4decec376bb87596a780a21bdcb01d4a3573a1c44fbeb0aa49d23
DIST Botan-2.19.4.tar.xz 6099528 BLAKE2B c35dfec5aad13c76fe09b33f97a72d15f84bfd6c434cae89be13c3fd3e6f7deaa9ea21474890bb6a1f4fa7d23369c32b9fc747862233eac33c8c88dbc912d31f SHA512 2fab4347367703dce8302b7710698ed228c6cc6dd609c39829ba17ad580407ed40d822862d467aa7aea4bfd633c1f1d1c0d437e86376f453845cc609596335d8
DIST Botan-2.19.4.tar.xz.asc 488 BLAKE2B b8b7db32d61859778c0866e782ed94ef89ba48a0f0f2289d9452fe7f540ae37ad495cb7eede68199d9bed8e23f695e1860c0d379cd4c35c92de8c45db167b68a SHA512 e00c4e2944655919507300650d81fbee03dd22d1a84cb8135848ea9ee061ca4d4dfada618643193143c0123e56f22e4a6d3a26c73923d872754d80dc2a4779c5
+DIST Botan-2.19.5.tar.xz 6140148 BLAKE2B ab3a133a84c1beb2efd32fcb1746c13ec58cf24cf28cea43c93e9dd4b45c65a47225ff92139e34e1470cf150f839794e3bbd316df5e72a060f11d03141002b79 SHA512 323930fbabd833a6affd71f90835e4ca31a9632e346dee9c5f396aca898697d0f2993b860f739d02cdf49fa7fbb3a2d306c4790e5d5f39620b2dea284983669c
+DIST Botan-2.19.5.tar.xz.asc 488 BLAKE2B 7d52f66f7495ccc249a58ec30206234a9ea4420bcc6e6412593a975bec1173afe55bbcd2c0cbe3859a3fdf547464d3d2949bc03dcb9dbd25c4d5c97589f48202 SHA512 3ba185cf077c109d183fff14270fa60c7be01fd87077e233e6473365111ba83d41448db6d5b5849fe1194c47e84cc2da91a0f75c30ea43538772f13138e472fa
DIST Botan-3.1.1.tar.xz 8800368 BLAKE2B c31365e6bd4106f96a033e5f092c528c0185577f41d9a698d2630ece0f660f87f03e0775ebeb5c4d812819bbc6eb556b5ff15c16f243288ae73c8bf1fbb991ce SHA512 ed6bdadb910b0775245648140212953ed364aa26107f851e39ac5cb664d7f476c519a22cdad41f0e520796c4ebe453c56ca68a2178e39f815d445e9979333795
DIST Botan-3.1.1.tar.xz.asc 488 BLAKE2B 9ac94473d90a26932e507cdb3f46d8381565deecff38a5a2f7fe043b33405071adf0baee4235dd94bb6d35fa3ffedca6192fb5f5d76030874a90a399d88f9744 SHA512 f52e8602a57f590150f6f49829e788910006e5113ab6e85c6efe73009b8db752b5f28b869c6265ef6dd3c2727c64c0182d125f02f92485485768416c618acdb9
DIST Botan-3.2.0.tar.xz 8998204 BLAKE2B f21e7574af93ab3331607f4a4ecf1b2cbbc0db4b510ea8ad19a5286d46d3a8e37e13746d2d4751eb16a70fdc8371b4435b030ef0a17f1ab6dcd76bd81bb3a4fa SHA512 526cf71144584fef6e73f14f6aa1e2a7b03a92a3e51436287764bb61e742a94e02926bcc2aab038f08ef2169cb511152c8ecd71d51e06deb4875dc676875c2d9
diff --git a/dev-libs/botan/botan-2.19.5.ebuild b/dev-libs/botan/botan-2.19.5.ebuild
new file mode 100644
index 000000000000..bece06dd2ab4
--- /dev/null
+++ b/dev-libs/botan/botan-2.19.5.ebuild
@@ -0,0 +1,206 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/botan.asc
+inherit edo flag-o-matic multiprocessing python-r1 toolchain-funcs verify-sig
+
+MY_P="Botan-${PV}"
+DESCRIPTION="C++ crypto library"
+HOMEPAGE="https://botan.randombit.net/"
+SRC_URI="https://botan.randombit.net/releases/${MY_P}.tar.xz"
+SRC_URI+=" verify-sig? ( https://botan.randombit.net/releases/${MY_P}.tar.xz.asc )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="BSD-2"
+# New major versions are parallel-installable
+SLOT="$(ver_cut 1)/$(ver_cut 1-2)" # soname version
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86 ~ppc-macos"
+IUSE="doc boost bzip2 lzma python static-libs sqlite test tools zlib"
+CPU_USE=(
+ cpu_flags_arm_{aes,neon}
+ cpu_flags_ppc_altivec
+ cpu_flags_x86_{aes,avx2,popcnt,rdrand,sha,sse2,ssse3,sse4_1,sse4_2}
+)
+IUSE+=" ${CPU_USE[@]}"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+# NOTE: Boost is needed at runtime too for the CLI tool.
+DEPEND="
+ boost? ( dev-libs/boost:= )
+ bzip2? ( >=app-arch/bzip2-1.0.5:= )
+ lzma? ( app-arch/xz-utils:= )
+ python? ( ${PYTHON_DEPS} )
+ sqlite? ( dev-db/sqlite:3= )
+ zlib? ( >=sys-libs/zlib-1.2.3:= )
+"
+RDEPEND="
+ ${DEPEND}
+ !<dev-libs/botan-3.0.0-r1:3[tools]
+"
+BDEPEND="
+ ${PYTHON_DEPS}
+ $(python_gen_any_dep '
+ doc? ( dev-python/sphinx[${PYTHON_USEDEP}] )
+ ')
+ verify-sig? ( sec-keys/openpgp-keys-botan )
+"
+
+# NOTE: Considering patching Botan?
+# Please see upstream's guidance:
+# https://botan.randombit.net/handbook/packaging.html#minimize-distribution-patches
+
+PATCHES=(
+ "${FILESDIR}"/${P}-no-distutils.patch
+ "${FILESDIR}"/${P}-boost-1.87.patch
+ "${FILESDIR}"/${P}-cloudflare.patch
+)
+
+python_check_deps() {
+ use doc || return 0
+ python_has_version "dev-python/sphinx[${PYTHON_USEDEP}]"
+}
+
+src_configure() {
+ python_setup
+
+ local disable_modules=(
+ $(usev !boost 'boost')
+ )
+
+ if [[ -z "${DISABLE_MODULES}" ]] ; then
+ elog "Disabling module(s): ${disable_modules[@]}"
+ fi
+
+ local chostarch="${CHOST%%-*}"
+
+ # Arch specific wrangling
+ local myos=
+ case ${CHOST} in
+ *-darwin*)
+ myos=darwin
+ ;;
+ *)
+ myos=linux
+
+ if [[ ${CHOST} == *hppa* ]] ; then
+ chostarch=parisc
+ elif [[ ${ABI} == sparc64 ]] ; then
+ chostarch="sparc64"
+ elif [[ ${ABI} == sparc32 ]] ; then
+ chostarch="sparc32"
+ fi
+ ;;
+ esac
+
+ local pythonvers=()
+ if use python ; then
+ _append() {
+ pythonvers+=( ${EPYTHON/python/} )
+ }
+
+ python_foreach_impl _append
+ fi
+
+ local myargs=(
+ # Intrinsics
+ # TODO: x86 RDSEED (new CPU_FLAGS_X86?)
+ # TODO: POWER Crypto (new CPU_FLAGS_PPC?)
+ $(usev !cpu_flags_arm_aes '--disable-armv8crypto')
+ $(usev !cpu_flags_arm_neon '--disable-neon')
+ $(usev !cpu_flags_ppc_altivec '--disable-altivec')
+ $(usev !cpu_flags_x86_aes '--disable-aes-ni')
+ $(usev !cpu_flags_x86_avx2 '--disable-avx2')
+ $(usev !cpu_flags_x86_popcnt '--disable-bmi2')
+ $(usev !cpu_flags_x86_rdrand '--disable-rdrand')
+ $(usev !cpu_flags_x86_sha '--disable-sha-ni')
+ $(usev !cpu_flags_x86_sse2 '--disable-sse2')
+ $(usev !cpu_flags_x86_ssse3 '--disable-ssse3')
+ $(usev !cpu_flags_x86_sse4_1 '--disable-sse4.1')
+ $(usev !cpu_flags_x86_sse4_2 '--disable-sse4.2')
+
+ # HPPA's GCC doesn't support SSP
+ $(usev hppa '--without-stack-protector')
+
+ $(use_with boost)
+ $(use_with bzip2)
+ $(use_with doc documentation)
+ $(use_with doc sphinx)
+ $(use_with lzma)
+ $(use_enable static-libs static-library)
+ $(use_with sqlite sqlite3)
+ $(use_with zlib)
+
+ --cpu=${chostarch}
+ --docdir=share/doc
+ --disable-modules=$(IFS=","; echo "${disable_modules[*]}")
+ --distribution-info="Gentoo ${PVR}"
+ --libdir="$(get_libdir)"
+ # Avoid collisions between slots for tools (bug #905700)
+ --program-suffix=$(ver_cut 1)
+
+ # Don't install Python bindings automatically
+ # (do it manually later in the right place)
+ # bug #723096
+ --no-install-python-module
+
+ --os=${myos}
+ --prefix="${EPREFIX}"/usr
+ --with-endian="$(tc-endian)"
+ --with-python-version=$(IFS=","; echo "${pythonvers[*]}")
+ )
+
+ local build_targets=(
+ shared
+ $(usev static-libs static)
+ $(usev tools cli)
+ $(usev test tests)
+ )
+
+ myargs+=(
+ --build-targets=$(IFS=","; echo "${build_targets[*]}")
+ )
+
+ if use elibc_glibc && use kernel_linux ; then
+ myargs+=(
+ --with-os-features=getrandom,getentropy
+ )
+ fi
+
+ tc-export AR CC CXX
+
+ local sanitizers=()
+ if is-flagq -fsanitize=address ; then
+ sanitizers+=( address )
+ fi
+ if is-flagq -fsanitize=undefined ; then
+ sanitizers+=( undefined )
+ fi
+ filter-flags '-fsanitize=*'
+ myargs+=(
+ --enable-sanitizers=$(IFS=","; echo "${sanitizers[*]}")
+ )
+
+ edo ${EPYTHON} configure.py --verbose "${myargs[@]}"
+}
+
+src_test() {
+ LD_LIBRARY_PATH="${S}" edo ./botan-test$(ver_cut 1) --test-threads="$(makeopts_jobs)"
+}
+
+src_install() {
+ default
+
+ if [[ -d "${ED}"/usr/share/doc/${P} ]] ; then
+ # --docdir in configure controls the parent directory unfortunately
+ mv "${ED}"/usr/share/doc/${P} "${ED}"/usr/share/doc/${PF} || die
+ fi
+
+ # Manually install the Python bindings (bug #723096)
+ if use python ; then
+ python_foreach_impl python_domodule src/python/botan$(ver_cut 1).py
+ fi
+}
diff --git a/dev-libs/botan/files/botan-2.19.5-boost-1.87.patch b/dev-libs/botan/files/botan-2.19.5-boost-1.87.patch
new file mode 100644
index 000000000000..a52fbaea130d
--- /dev/null
+++ b/dev-libs/botan/files/botan-2.19.5-boost-1.87.patch
@@ -0,0 +1,361 @@
+https://bugs.gentoo.org/946389
+https://github.com/randombit/botan/commit/37fec38ff97604f964122cd2d33f5d503f319b10
+
+From 37fec38ff97604f964122cd2d33f5d503f319b10 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ren=C3=A9=20Meusel?= <rene.meusel@rohde-schwarz.com>
+Date: Thu, 19 Dec 2024 10:28:40 +0100
+Subject: [PATCH] Backport: Remove usage of deprecated asio API
+
+These were all finally dropped with boost 1.87, so this fixes
+build with boost 1.87.
+
+Co-Authored-By: Jack Lloyd <jack@randombit.net>
+Co-Authored-By: q66 <q66@chimera-linux.org>
+---
+ src/cli/tls_http_server.cpp | 16 +++++-----
+ src/cli/tls_proxy.cpp | 46 ++++++++++++++++-------------
+ src/lib/utils/socket/socket.cpp | 18 +++++------
+ src/lib/utils/socket/socket_udp.cpp | 18 +++++------
+ 4 files changed, 50 insertions(+), 48 deletions(-)
+
+diff --git a/src/cli/tls_http_server.cpp b/src/cli/tls_http_server.cpp
+index fc0b5bbb77e..67ab126b145 100644
+--- a/src/cli/tls_http_server.cpp
++++ b/src/cli/tls_http_server.cpp
+@@ -176,7 +176,7 @@ class TLS_Asio_HTTP_Session final : public std::enable_shared_from_this<TLS_Asio
+ typedef std::shared_ptr<TLS_Asio_HTTP_Session> pointer;
+
+ static pointer create(
+- boost::asio::io_service& io,
++ boost::asio::io_context& io,
+ Botan::TLS::Session_Manager& session_manager,
+ Botan::Credentials_Manager& credentials,
+ Botan::TLS::Policy& policy)
+@@ -201,7 +201,7 @@ class TLS_Asio_HTTP_Session final : public std::enable_shared_from_this<TLS_Asio
+ }
+
+ private:
+- TLS_Asio_HTTP_Session(boost::asio::io_service& io,
++ TLS_Asio_HTTP_Session(boost::asio::io_context& io,
+ Botan::TLS::Session_Manager& session_manager,
+ Botan::Credentials_Manager& credentials,
+ Botan::TLS::Policy& policy)
+@@ -230,7 +230,8 @@ class TLS_Asio_HTTP_Session final : public std::enable_shared_from_this<TLS_Asio
+
+ m_client_socket.async_read_some(
+ boost::asio::buffer(&m_c2s[0], m_c2s.size()),
+- m_strand.wrap(
++ boost::asio::bind_executor(
++ m_strand,
+ boost::bind(
+ &TLS_Asio_HTTP_Session::client_read, shared_from_this(),
+ boost::asio::placeholders::error,
+@@ -332,7 +333,8 @@ class TLS_Asio_HTTP_Session final : public std::enable_shared_from_this<TLS_Asio
+ boost::asio::async_write(
+ m_client_socket,
+ boost::asio::buffer(&m_s2c[0], m_s2c.size()),
+- m_strand.wrap(
++ boost::asio::bind_executor(
++ m_strand,
+ boost::bind(
+ &TLS_Asio_HTTP_Session::handle_client_write_completion,
+ shared_from_this(),
+@@ -406,7 +408,7 @@ class TLS_Asio_HTTP_Session final : public std::enable_shared_from_this<TLS_Asio
+ }
+ }
+
+- boost::asio::io_service::strand m_strand;
++ boost::asio::io_context::strand m_strand;
+
+ tcp::socket m_client_socket;
+
+@@ -427,7 +429,7 @@ class TLS_Asio_HTTP_Server final
+ typedef TLS_Asio_HTTP_Session session;
+
+ TLS_Asio_HTTP_Server(
+- boost::asio::io_service& io, unsigned short port,
++ boost::asio::io_context& io, unsigned short port,
+ Botan::Credentials_Manager& creds,
+ Botan::TLS::Policy& policy,
+ Botan::TLS::Session_Manager& session_mgr,
+@@ -551,7 +553,7 @@ class TLS_HTTP_Server final : public Command
+ session_mgr.reset(new Botan::TLS::Session_Manager_In_Memory(rng()));
+ }
+
+- boost::asio::io_service io;
++ boost::asio::io_context io;
+
+ TLS_Asio_HTTP_Server server(io, listen_port, creds, *policy, *session_mgr, max_clients);
+
+diff --git a/src/cli/tls_proxy.cpp b/src/cli/tls_proxy.cpp
+index bd96530c202..853be08161c 100644
+--- a/src/cli/tls_proxy.cpp
++++ b/src/cli/tls_proxy.cpp
+@@ -98,11 +98,11 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ typedef std::shared_ptr<tls_proxy_session> pointer;
+
+ static pointer create(
+- boost::asio::io_service& io,
++ boost::asio::io_context& io,
+ Botan::TLS::Session_Manager& session_manager,
+ Botan::Credentials_Manager& credentials,
+ Botan::TLS::Policy& policy,
+- tcp::resolver::iterator endpoints)
++ tcp::resolver::results_type endpoints)
+ {
+ return pointer(
+ new tls_proxy_session(
+@@ -141,11 +141,11 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+
+ private:
+ tls_proxy_session(
+- boost::asio::io_service& io,
++ boost::asio::io_context& io,
+ Botan::TLS::Session_Manager& session_manager,
+ Botan::Credentials_Manager& credentials,
+ Botan::TLS::Policy& policy,
+- tcp::resolver::iterator endpoints)
++ tcp::resolver::results_type endpoints)
+ : m_strand(io)
+ , m_server_endpoints(endpoints)
+ , m_client_socket(io)
+@@ -184,7 +184,8 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+
+ m_client_socket.async_read_some(
+ boost::asio::buffer(&m_c2p[0], m_c2p.size()),
+- m_strand.wrap(
++ boost::asio::bind_executor(
++ m_strand,
+ boost::bind(
+ &tls_proxy_session::client_read, shared_from_this(),
+ boost::asio::placeholders::error,
+@@ -245,7 +246,8 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ boost::asio::async_write(
+ m_client_socket,
+ boost::asio::buffer(&m_p2c[0], m_p2c.size()),
+- m_strand.wrap(
++ boost::asio::bind_executor(
++ m_strand,
+ boost::bind(
+ &tls_proxy_session::handle_client_write_completion,
+ shared_from_this(),
+@@ -270,11 +272,11 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ boost::asio::async_write(
+ m_server_socket,
+ boost::asio::buffer(&m_p2s[0], m_p2s.size()),
+- m_strand.wrap(
+- boost::bind(
+- &tls_proxy_session::handle_server_write_completion,
+- shared_from_this(),
+- boost::asio::placeholders::error)));
++ boost::asio::bind_executor(m_strand,
++ boost::bind(
++ &tls_proxy_session::handle_server_write_completion,
++ shared_from_this(),
++ boost::asio::placeholders::error)));
+ }
+ }
+
+@@ -308,7 +310,8 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+
+ m_server_socket.async_read_some(
+ boost::asio::buffer(&m_s2p[0], m_s2p.size()),
+- m_strand.wrap(
++ boost::asio::bind_executor(
++ m_strand,
+ boost::bind(&tls_proxy_session::server_read, shared_from_this(),
+ boost::asio::placeholders::error,
+ boost::asio::placeholders::bytes_transferred)));
+@@ -318,7 +321,8 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ {
+ m_hostname = session.server_info().hostname();
+
+- auto onConnect = [this](boost::system::error_code ec, tcp::resolver::iterator /*endpoint*/)
++ auto onConnect = [this](boost::system::error_code ec,
++ const boost::asio::ip::tcp::resolver::results_type::iterator& /*endpoint*/)
+ {
+ if(ec)
+ {
+@@ -328,7 +332,7 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ server_read(boost::system::error_code(), 0); // start read loop
+ proxy_write_to_server(nullptr, 0);
+ };
+- async_connect(m_server_socket, m_server_endpoints, onConnect);
++ async_connect(m_server_socket, m_server_endpoints.begin(), m_server_endpoints.end(), onConnect);
+ return true;
+ }
+
+@@ -341,9 +345,9 @@ class tls_proxy_session final : public std::enable_shared_from_this<tls_proxy_se
+ }
+ }
+
+- boost::asio::io_service::strand m_strand;
++ boost::asio::io_context::strand m_strand;
+
+- tcp::resolver::iterator m_server_endpoints;
++ tcp::resolver::results_type m_server_endpoints;
+
+ tcp::socket m_client_socket;
+ tcp::socket m_server_socket;
+@@ -369,8 +373,8 @@ class tls_proxy_server final
+ typedef tls_proxy_session session;
+
+ tls_proxy_server(
+- boost::asio::io_service& io, unsigned short port,
+- tcp::resolver::iterator endpoints,
++ boost::asio::io_context& io, unsigned short port,
++ tcp::resolver::results_type endpoints,
+ Botan::Credentials_Manager& creds,
+ Botan::TLS::Policy& policy,
+ Botan::TLS::Session_Manager& session_mgr,
+@@ -428,7 +432,7 @@ class tls_proxy_server final
+ }
+
+ tcp::acceptor m_acceptor;
+- tcp::resolver::iterator m_server_endpoints;
++ tcp::resolver::results_type m_server_endpoints;
+
+ Botan::Credentials_Manager& m_creds;
+ Botan::TLS::Policy& m_policy;
+@@ -479,10 +483,10 @@ class TLS_Proxy final : public Command
+
+ auto policy = load_tls_policy(get_arg("policy"));
+
+- boost::asio::io_service io;
++ boost::asio::io_context io;
+
+ tcp::resolver resolver(io);
+- auto server_endpoint_iterator = resolver.resolve({ target, target_port });
++ auto server_endpoint_iterator = resolver.resolve(target, target_port);
+
+ std::unique_ptr<Botan::TLS::Session_Manager> session_mgr;
+
+diff --git a/src/lib/utils/socket/socket.cpp b/src/lib/utils/socket/socket.cpp
+index bc632259a64..0ce4e85830f 100644
+--- a/src/lib/utils/socket/socket.cpp
++++ b/src/lib/utils/socket/socket.cpp
+@@ -48,19 +48,17 @@ class Asio_Socket final : public OS::Socket
+ std::chrono::milliseconds timeout) :
+ m_timeout(timeout), m_timer(m_io), m_tcp(m_io)
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+ check_timeout();
+
+ boost::asio::ip::tcp::resolver resolver(m_io);
+- boost::asio::ip::tcp::resolver::query query(hostname, service);
+- boost::asio::ip::tcp::resolver::iterator dns_iter = resolver.resolve(query);
++ boost::asio::ip::tcp::resolver::results_type endpoints = resolver.resolve(hostname, service);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+
+ auto connect_cb = [&ec](const boost::system::error_code& e,
+- boost::asio::ip::tcp::resolver::iterator) { ec = e; };
+-
+- boost::asio::async_connect(m_tcp, dns_iter, connect_cb);
++ const boost::asio::ip::tcp::resolver::results_type::iterator&) { ec = e; };
++ boost::asio::async_connect(m_tcp, endpoints.begin(), endpoints.end(), connect_cb);
+
+ while(ec == boost::asio::error::would_block)
+ {
+@@ -75,7 +73,7 @@ class Asio_Socket final : public OS::Socket
+
+ void write(const uint8_t buf[], size_t len) override
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+
+@@ -92,7 +90,7 @@ class Asio_Socket final : public OS::Socket
+
+ size_t read(uint8_t buf[], size_t len) override
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+ size_t got = 0;
+@@ -115,7 +113,7 @@ class Asio_Socket final : public OS::Socket
+ private:
+ void check_timeout()
+ {
+- if(m_tcp.is_open() && m_timer.expires_at() < std::chrono::system_clock::now())
++ if(m_tcp.is_open() && m_timer.expiry() < std::chrono::system_clock::now())
+ {
+ boost::system::error_code err;
+ m_tcp.close(err);
+@@ -125,7 +123,7 @@ class Asio_Socket final : public OS::Socket
+ }
+
+ const std::chrono::milliseconds m_timeout;
+- boost::asio::io_service m_io;
++ boost::asio::io_context m_io;
+ boost::asio::system_timer m_timer;
+ boost::asio::ip::tcp::socket m_tcp;
+ };
+diff --git a/src/lib/utils/socket/socket_udp.cpp b/src/lib/utils/socket/socket_udp.cpp
+index fbbdd9abbcc..82a25b49cda 100644
+--- a/src/lib/utils/socket/socket_udp.cpp
++++ b/src/lib/utils/socket/socket_udp.cpp
+@@ -48,19 +48,17 @@ class Asio_SocketUDP final : public OS::SocketUDP
+ std::chrono::microseconds timeout) :
+ m_timeout(timeout), m_timer(m_io), m_udp(m_io)
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+ check_timeout();
+
+ boost::asio::ip::udp::resolver resolver(m_io);
+- boost::asio::ip::udp::resolver::query query(hostname, service);
+- boost::asio::ip::udp::resolver::iterator dns_iter = resolver.resolve(query);
++ boost::asio::ip::udp::resolver::results_type endpoints = resolver.resolve(hostname, service);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+
+ auto connect_cb = [&ec](const boost::system::error_code& e,
+- boost::asio::ip::udp::resolver::iterator) { ec = e; };
+-
+- boost::asio::async_connect(m_udp, dns_iter, connect_cb);
++ const boost::asio::ip::udp::resolver::results_type::iterator&) { ec = e; };
++ boost::asio::async_connect(m_udp, endpoints.begin(), endpoints.end(), connect_cb);
+
+ while(ec == boost::asio::error::would_block)
+ {
+@@ -75,7 +73,7 @@ class Asio_SocketUDP final : public OS::SocketUDP
+
+ void write(const uint8_t buf[], size_t len) override
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+
+@@ -95,7 +93,7 @@ class Asio_SocketUDP final : public OS::SocketUDP
+
+ size_t read(uint8_t buf[], size_t len) override
+ {
+- m_timer.expires_from_now(m_timeout);
++ m_timer.expires_after(m_timeout);
+
+ boost::system::error_code ec = boost::asio::error::would_block;
+ size_t got = 0;
+@@ -121,7 +119,7 @@ class Asio_SocketUDP final : public OS::SocketUDP
+ private:
+ void check_timeout()
+ {
+- if(m_udp.is_open() && m_timer.expires_at() < std::chrono::system_clock::now())
++ if(m_udp.is_open() && m_timer.expiry() < std::chrono::system_clock::now())
+ {
+ boost::system::error_code err;
+ m_udp.close(err);
+@@ -131,7 +129,7 @@ class Asio_SocketUDP final : public OS::SocketUDP
+ }
+
+ const std::chrono::microseconds m_timeout;
+- boost::asio::io_service m_io;
++ boost::asio::io_context m_io;
+ boost::asio::system_timer m_timer;
+ boost::asio::ip::udp::socket m_udp;
+ };
+
diff --git a/dev-libs/botan/files/botan-2.19.5-cloudflare.patch b/dev-libs/botan/files/botan-2.19.5-cloudflare.patch
new file mode 100644
index 000000000000..0824fd9a1089
--- /dev/null
+++ b/dev-libs/botan/files/botan-2.19.5-cloudflare.patch
@@ -0,0 +1,52 @@
+https://github.com/randombit/botan/commit/698c383b050591ae1a239c9e6d4ebe05532d2eee
+
+From 698c383b050591ae1a239c9e6d4ebe05532d2eee Mon Sep 17 00:00:00 2001
+From: Luke Valenta <lvalenta@cloudflare.com>
+Date: Thu, 11 Apr 2024 14:24:36 -0400
+Subject: [PATCH] Backport: Update roughtime.cloudflare.com public key and port
+
+See also #4002.
+
+Fixes #3937. Note that the old Cloudflare public key is still present in
+test vectors in the codebase.
+---
+ src/cli/roughtime.cpp | 2 +-
+ src/tests/test_roughtime.cpp | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/cli/roughtime.cpp b/src/cli/roughtime.cpp
+index ff38fe1c43c..6c1561efacd 100644
+--- a/src/cli/roughtime.cpp
++++ b/src/cli/roughtime.cpp
+@@ -72,7 +72,7 @@ class Roughtime final : public Command
+ <name> <key type> <base 64 encoded public key> <protocol> <host:port>
+
+ Example servers:
+- Cloudflare-Roughtime ed25519 gD63hSj3ScS+wuOeGrubXlq35N1c5Lby/S+T7MNTjxo= udp roughtime.cloudflare.com:2002
++ Cloudflare-Roughtime ed25519 0GD7c3yP8xEc4Zl2zeuN2SlLvDVVocjsPSL8/Rl/7zg= udp roughtime.cloudflare.com:2003
+ Google-Sandbox-Roughtime ed25519 etPaaIxcBMY1oUeGpwvPMCJMwlRVNxv51KK/tktoJTQ= udp roughtime.sandbox.google.com:2002
+
+ --chain-file=<filename>
+diff --git a/src/tests/test_roughtime.cpp b/src/tests/test_roughtime.cpp
+index 48ac545876b..4b29837e9b6 100644
+--- a/src/tests/test_roughtime.cpp
++++ b/src/tests/test_roughtime.cpp
+@@ -191,7 +191,7 @@ class Roughtime final : public Test
+
+ const auto servers = Botan::Roughtime::servers_from_str(
+ "Chainpoint-Roughtime ed25519 bbT+RPS7zKX6w71ssPibzmwWqU9ffRV5oj2OresSmhE= udp roughtime.chainpoint.org:2002\n"
+- "Cloudflare-Roughtime ed25519 gD63hSj3ScS+wuOeGrubXlq35N1c5Lby/S+T7MNTjxo= udp roughtime.cloudflare.com:2002\n"
++ "Cloudflare-Roughtime ed25519 0GD7c3yP8xEc4Zl2zeuN2SlLvDVVocjsPSL8/Rl/7zg= udp roughtime.cloudflare.com:2003\n"
+ "Google-Sandbox-Roughtime ed25519 etPaaIxcBMY1oUeGpwvPMCJMwlRVNxv51KK/tktoJTQ= udp roughtime.sandbox.google.com:2002\n"
+ "int08h-Roughtime ed25519 AW5uAoTSTDfG5NfY1bTh08GUnOqlRb+HVhbJ3ODJvsE= udp roughtime.int08h.com:2002\n"
+ "ticktock ed25519 cj8GsiNlRkqiDElAeNMSBBMwrAl15hYPgX50+GWX/lA= udp ticktock.mixmin.net:5333\n"
+@@ -224,7 +224,7 @@ class Roughtime final : public Test
+ Botan::Roughtime::Nonce nonce(Test::rng());
+ try
+ {
+- const auto response_raw = Botan::Roughtime::online_request("roughtime.cloudflare.com:2002", nonce,
++ const auto response_raw = Botan::Roughtime::online_request("roughtime.cloudflare.com:2003", nonce,
+ std::chrono::seconds(5));
+ const auto now = std::chrono::system_clock::now();
+ const auto response = Botan::Roughtime::Response::from_bits(response_raw, nonce);
+
diff --git a/dev-libs/botan/files/botan-2.19.5-no-distutils.patch b/dev-libs/botan/files/botan-2.19.5-no-distutils.patch
new file mode 100644
index 000000000000..bc6631fb7cc6
--- /dev/null
+++ b/dev-libs/botan/files/botan-2.19.5-no-distutils.patch
@@ -0,0 +1,86 @@
+https://github.com/randombit/botan/commit/0fed26215b52a3d30122deb528f6b4deb824eae7
+
+From 0fed26215b52a3d30122deb528f6b4deb824eae7 Mon Sep 17 00:00:00 2001
+From: Jack Lloyd <jack@randombit.net>
+Date: Fri, 6 Sep 2024 11:56:01 -0400
+Subject: [PATCH] Remove code relying on Python distutils
+
+This was just used to check if Sphinx supports concurrency, but
+Sphinx is also barely faster with 1 core vs 32, so it hardly matters.
+
+Debian bug 1080557
+---
+ src/scripts/build_docs.py | 45 ---------------------------------------
+ 1 file changed, 45 deletions(-)
+
+diff --git a/src/scripts/build_docs.py b/src/scripts/build_docs.py
+index 6eb9b656c98..5bd04acb13b 100755
+--- a/src/scripts/build_docs.py
++++ b/src/scripts/build_docs.py
+@@ -18,18 +18,6 @@
+ import os
+ import stat
+
+-def get_concurrency():
+- """
+- Get default concurrency level of build
+- """
+- def_concurrency = 2
+-
+- try:
+- import multiprocessing
+- return max(def_concurrency, multiprocessing.cpu_count())
+- except ImportError:
+- return def_concurrency
+-
+ def have_prog(prog):
+ """
+ Check if some named program exists in the path
+@@ -124,37 +112,6 @@ def log_level():
+
+ return options
+
+-def sphinx_supports_concurrency():
+- import re
+- from distutils.version import StrictVersion
+-
+- proc = subprocess.Popen(['sphinx-build', '--version'],
+- stdout=subprocess.PIPE,
+- stderr=subprocess.STDOUT)
+- output, _ = proc.communicate()
+- if isinstance(output, bytes):
+- output = output.decode('ascii')
+- output = output.strip()
+-
+- # Sphinx v1.1.3
+- # sphinx-build 1.7.4
+- match = re.match(r'^(?:[a-zA-Z_-]+) v?(([0-9]+)\.([0-9]+))', output)
+-
+- if match is None:
+- # If regex doesn't match, disable by default
+- logging.warning("Did not recognize sphinx version from '%s'", output)
+- return False
+-
+- version = StrictVersion(match.group(1))
+-
+- if version < StrictVersion('1.4'):
+- # not supported
+- return False
+- if version == StrictVersion('3.0'):
+- # Bug in Sphinx 3.0 https://github.com/sphinx-doc/sphinx/issues/7438
+- return False
+- return True
+-
+ def read_config(config):
+ try:
+ f = open(config)
+@@ -203,8 +160,6 @@ def main(args=None):
+
+ if with_sphinx:
+ sphinx_build = ['sphinx-build', '-q', '-c', cfg['sphinx_config_dir']]
+- if sphinx_supports_concurrency():
+- sphinx_build += ['-j', str(get_concurrency())]
+
+ cmds.append(sphinx_build + ['-b', 'html', handbook_src, handbook_output])
+
+