1 |
mrness 07/09/12 07:25:06 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: quagga-0.98.6-r3.ebuild quagga-0.99.7-r1.ebuild |
5 |
Removed: quagga-0.99.7.ebuild |
6 |
Log: |
7 |
Backport 2 security patches from quagga-0.99.9 (#192096). |
8 |
(Portage version: 2.1.2.12) |
9 |
|
10 |
Revision Changes Path |
11 |
1.61 net-misc/quagga/ChangeLog |
12 |
|
13 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/ChangeLog?rev=1.61&view=markup |
14 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/ChangeLog?rev=1.61&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/ChangeLog?r1=1.60&r2=1.61 |
16 |
|
17 |
Index: ChangeLog |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/net-misc/quagga/ChangeLog,v |
20 |
retrieving revision 1.60 |
21 |
retrieving revision 1.61 |
22 |
diff -u -r1.60 -r1.61 |
23 |
--- ChangeLog 19 Jun 2007 20:18:29 -0000 1.60 |
24 |
+++ ChangeLog 12 Sep 2007 07:25:05 -0000 1.61 |
25 |
@@ -2,7 +2,14 @@ |
26 |
# Copyright 1999-2007 Gentoo Foundation |
27 |
# Copyright 2003-2004 DataCore GmbH |
28 |
# Distributed under the terms of the GNU General Public License v2 |
29 |
-# $Header: /var/cvsroot/gentoo-x86/net-misc/quagga/ChangeLog,v 1.60 2007/06/19 20:18:29 mrness Exp $ |
30 |
+# $Header: /var/cvsroot/gentoo-x86/net-misc/quagga/ChangeLog,v 1.61 2007/09/12 07:25:05 mrness Exp $ |
31 |
+ |
32 |
+*quagga-0.99.7-r1 (12 Sep 2007) |
33 |
+*quagga-0.98.6-r3 (12 Sep 2007) |
34 |
+ |
35 |
+ 12 Sep 2007; Alin Năstac <mrness@g.o> +quagga-0.98.6-r3.ebuild, |
36 |
+ -quagga-0.99.7.ebuild, +quagga-0.99.7-r1.ebuild: |
37 |
+ Backport 2 security patches from quagga-0.99.9 (#192096). |
38 |
|
39 |
19 Jun 2007; Alin Năstac <mrness@g.o> -quagga-0.99.6-r1.ebuild, |
40 |
-quagga-0.99.6-r2.ebuild: |
41 |
|
42 |
|
43 |
|
44 |
1.1 net-misc/quagga/quagga-0.98.6-r3.ebuild |
45 |
|
46 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/quagga-0.98.6-r3.ebuild?rev=1.1&view=markup |
47 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/quagga-0.98.6-r3.ebuild?rev=1.1&content-type=text/plain |
48 |
|
49 |
Index: quagga-0.98.6-r3.ebuild |
50 |
=================================================================== |
51 |
# Copyright 1999-2007 Gentoo Foundation |
52 |
# Distributed under the terms of the GNU General Public License v2 |
53 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/quagga/quagga-0.98.6-r3.ebuild,v 1.1 2007/09/12 07:25:05 mrness Exp $ |
54 |
|
55 |
WANT_AUTOMAKE="latest" |
56 |
WANT_AUTOCONF="latest" |
57 |
|
58 |
inherit eutils multilib autotools |
59 |
|
60 |
DESCRIPTION="A free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Includes OSPFAPI, NET-SNMP and IPV6 support." |
61 |
HOMEPAGE="http://quagga.net/" |
62 |
SRC_URI="http://www.quagga.net/download/${P}.tar.gz |
63 |
mirror://gentoo/${P}-patches-20070912.tar.gz" |
64 |
|
65 |
LICENSE="GPL-2" |
66 |
SLOT="0" |
67 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~s390 ~sparc ~x86" |
68 |
IUSE="ipv6 snmp pam tcpmd5 bgpclassless ospfapi realms fix-connected-rt multipath tcp-zebra" |
69 |
RESTRICT="userpriv" |
70 |
|
71 |
DEPEND=">=sys-libs/libcap-1.10-r5 |
72 |
snmp? ( net-analyzer/net-snmp ) |
73 |
pam? ( sys-libs/pam )" |
74 |
RDEPEND="${DEPEND} |
75 |
sys-apps/iproute2" |
76 |
|
77 |
src_unpack() { |
78 |
unpack ${A} || die "failed to unpack sources" |
79 |
|
80 |
cd "${S}" || die "source dir not found" |
81 |
# Fix security quagga bug 355 |
82 |
epatch "${WORKDIR}/patch/bgpd-bug-355.diff" |
83 |
#Patch to fix RIP authentication problem in 0.98.6 (#132353) |
84 |
#DO NOT USE IT IN ANY OTHER VERSIONS! |
85 |
epatch "${WORKDIR}/patch/ripd-show-ifaces.diff" |
86 |
|
87 |
# TCP MD5 for BGP patch for Linux (RFC 2385) - http://hasso.linux.ee/doku.php/english:network:rfc2385 |
88 |
use tcpmd5 && epatch "${WORKDIR}/patch/ht-20050321-0.98.2-bgp-md5.patch" |
89 |
|
90 |
# Classless prefixes for BGP - http://hasso.linux.ee/doku.php/english:network:quagga |
91 |
use bgpclassless && epatch "${WORKDIR}/patch/ht-20040304-classless-bgp.patch" |
92 |
|
93 |
# Connected route fix (Amir Guindehi) - http://voidptr.sboost.org/quagga/amir-connected-route.patch.bz2 |
94 |
# Dependant on the use flag 'fix-connected-rt' because it seems that more peoples have troubles |
95 |
# with this than having a benefit. |
96 |
# This patch fixes a bad behavior of the Linux kernel routing packets to interfaces which are |
97 |
# down. Folks with PtP interfaces and VLans report troubles with this patch. Enable it again |
98 |
# if you get a problem because your kernel routes packets to a downed interface. |
99 |
use fix-connected-rt && epatch "${WORKDIR}/patch/amir-connected-route.patch" |
100 |
|
101 |
# Realms support (Calin Velea) - http://vcalinus.gemenii.ro/quaggarealms.html |
102 |
use realms && epatch "${WORKDIR}/patch/${P}-realms.diff" |
103 |
|
104 |
# Security patches |
105 |
epatch "${WORKDIR}/patch/${P}-backports.patch" |
106 |
|
107 |
# regenerate configure and co if we touch .ac or .am files |
108 |
eautoreconf |
109 |
} |
110 |
|
111 |
src_compile() { |
112 |
local myconf="--disable-static --enable-dynamic" |
113 |
|
114 |
use ipv6 \ |
115 |
&& myconf="${myconf} --enable-ipv6 --enable-ripng --enable-ospf6d --enable-rtadv" \ |
116 |
|| myconf="${myconf} --disable-ipv6 --disable-ripngd --disable-ospf6d" |
117 |
use ospfapi \ |
118 |
&& myconf="${myconf} --enable-opaque-lsa --enable-ospf-te --enable-ospfclient" |
119 |
use snmp && myconf="${myconf} --enable-snmp" |
120 |
use pam && myconf="${myconf} --with-libpam" |
121 |
use tcpmd5 && myconf="${myconf} --enable-tcp-md5" |
122 |
use realms && myconf="${myconf} --enable-realms" |
123 |
use multipath && myconf="${myconf} --enable-multipath=0" |
124 |
use tcp-zebra && myconf="${myconf} --enable-tcp-zebra" |
125 |
|
126 |
econf \ |
127 |
--enable-nssa \ |
128 |
--enable-user=quagga \ |
129 |
--enable-group=quagga \ |
130 |
--enable-vty-group=quagga \ |
131 |
--with-cflags="${CFLAGS}" \ |
132 |
--enable-vtysh \ |
133 |
--sysconfdir=/etc/quagga \ |
134 |
--enable-exampledir=/etc/quagga/samples \ |
135 |
--localstatedir=/var/run/quagga \ |
136 |
--libdir=/usr/$(get_libdir)/quagga \ |
137 |
${myconf} \ |
138 |
|| die "configure failed" |
139 |
emake || die "make failed" |
140 |
} |
141 |
|
142 |
src_install() { |
143 |
einstall \ |
144 |
localstatedir="${D}/var/run/quagga" \ |
145 |
sysconfdir="${D}/etc/quagga" \ |
146 |
exampledir="${D}/etc/quagga/samples" \ |
147 |
libdir="${D}/usr/$(get_libdir)/quagga" || die "make install failed" |
148 |
|
149 |
keepdir /var/run/quagga || die |
150 |
|
151 |
local i MY_SERVICES_LIST="zebra ripd ospfd bgpd" |
152 |
use ipv6 && MY_SERVICES_LIST="${MY_SERVICES_LIST} ripngd ospf6d" |
153 |
for i in ${MY_SERVICES_LIST} ; do |
154 |
newinitd "${FILESDIR}/${i}.init" ${i} || die "failed to install ${i} init.d script" |
155 |
done |
156 |
newconfd "${FILESDIR}/zebra.conf" zebra || die "failed to install zebra conf.d script" |
157 |
|
158 |
if use pam; then |
159 |
insinto /etc/pam.d |
160 |
newins "${FILESDIR}/quagga.pam" quagga |
161 |
fi |
162 |
|
163 |
newenvd "${FILESDIR}/quagga.env" 99quagga |
164 |
} |
165 |
|
166 |
pkg_preinst() { |
167 |
enewgroup quagga |
168 |
enewuser quagga -1 -1 /var/empty quagga |
169 |
} |
170 |
|
171 |
pkg_postinst() { |
172 |
# empty dir for pid files for the new priv separation auth |
173 |
#set proper owner/group/perms even if dir already existed |
174 |
install -d -m0770 -o root -g quagga "${ROOT}/etc/quagga" |
175 |
install -d -m0755 -o quagga -g quagga "${ROOT}/var/run/quagga" |
176 |
|
177 |
einfo "Sample configuration files can be found in /etc/quagga/samples." |
178 |
einfo "You have to create config files in /etc/quagga before" |
179 |
einfo "starting one of the daemons." |
180 |
|
181 |
if use tcpmd5; then |
182 |
echo |
183 |
ewarn "TCP MD5 for BGP needs a patched kernel!" |
184 |
einfo "See http://hasso.linux.ee/doku.php/english:network:rfc2385 for more info." |
185 |
fi |
186 |
|
187 |
if use ipv6; then |
188 |
echo |
189 |
ewarn "This version of quagga contains a netlink race condition fix that triggered a kernel bug" |
190 |
ewarn "which affects IPv6 users who have a kernel version < 2.6.13-rc6." |
191 |
einfo "See following links for more info:" |
192 |
einfo " http://lists.quagga.net/pipermail/quagga-dev/2005-June/003507.html" |
193 |
einfo " http://bugzilla.quagga.net/show_bug.cgi?id=196" |
194 |
fi |
195 |
} |
196 |
|
197 |
|
198 |
|
199 |
1.1 net-misc/quagga/quagga-0.99.7-r1.ebuild |
200 |
|
201 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/quagga-0.99.7-r1.ebuild?rev=1.1&view=markup |
202 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/quagga/quagga-0.99.7-r1.ebuild?rev=1.1&content-type=text/plain |
203 |
|
204 |
Index: quagga-0.99.7-r1.ebuild |
205 |
=================================================================== |
206 |
# Copyright 1999-2007 Gentoo Foundation |
207 |
# Distributed under the terms of the GNU General Public License v2 |
208 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/quagga/quagga-0.99.7-r1.ebuild,v 1.1 2007/09/12 07:25:05 mrness Exp $ |
209 |
|
210 |
WANT_AUTOMAKE="latest" |
211 |
WANT_AUTOCONF="latest" |
212 |
|
213 |
inherit eutils multilib autotools linux-info |
214 |
|
215 |
DESCRIPTION="A free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Includes OSPFAPI, NET-SNMP and IPV6 support." |
216 |
HOMEPAGE="http://quagga.net/" |
217 |
SRC_URI="http://www.quagga.net/download/${P}.tar.gz |
218 |
mirror://gentoo/${P}-patches-20070912.tar.gz" |
219 |
|
220 |
LICENSE="GPL-2" |
221 |
SLOT="0" |
222 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~s390 ~sparc ~x86" |
223 |
IUSE="ipv6 snmp pam tcpmd5 bgpas4 bgpclassless ospfapi realms multipath tcp-zebra" |
224 |
RESTRICT="userpriv" |
225 |
|
226 |
DEPEND=">=sys-libs/libcap-1.10-r5 |
227 |
snmp? ( net-analyzer/net-snmp ) |
228 |
pam? ( sys-libs/pam )" |
229 |
RDEPEND="${DEPEND} |
230 |
sys-apps/iproute2" |
231 |
|
232 |
pkg_setup() { |
233 |
if use tcpmd5 ; then |
234 |
get_version || get_running_version |
235 |
fi |
236 |
return 0 |
237 |
} |
238 |
|
239 |
src_unpack() { |
240 |
unpack ${A} || die "failed to unpack sources" |
241 |
cd "${S}" || die "source dir not found" |
242 |
epatch "${WORKDIR}/patch/${P}-link-libcap.patch" |
243 |
|
244 |
# AS4 support (original found at http://quagga.ncc.eurodata.de) |
245 |
use bgpas4 && epatch "${WORKDIR}/patch/quagga-cvs20070307-as4-v05_adapted.patch" |
246 |
|
247 |
if use tcpmd5 ; then |
248 |
if kernel_is lt 2 6 20 ; then |
249 |
# TCP MD5 for BGP patch for Linux (RFC 2385) |
250 |
# original found at http://hasso.linux.ee/doku.php/english:network:rfc2385 |
251 |
epatch "${WORKDIR}/patch/ht-20050321-${PV}-bgp-md5_adapted.patch" |
252 |
else |
253 |
# TCP MD5 in-kernel support for kernels >=2.6.20 (by Leigh Brown) |
254 |
# original found at http://www.solinno.co.uk/md5sig/quagga_linux-2.6.20_md5sig.diff |
255 |
epatch "${WORKDIR}/patch/quagga_linux-2.6.20_md5sig_adapted.diff" |
256 |
fi |
257 |
fi |
258 |
|
259 |
# Classless prefixes for BGP - http://hasso.linux.ee/doku.php/english:network:quagga |
260 |
use bgpclassless && epatch "${WORKDIR}/patch/ht-20040304-classless-bgp_adapted.patch" |
261 |
|
262 |
# Realms support (Calin Velea) - http://vcalinus.gemenii.ro/quaggarealms.html |
263 |
use realms && epatch "${WORKDIR}/patch/${P}-realms.diff" |
264 |
|
265 |
# Security patches |
266 |
epatch "${WORKDIR}/patch/${P}-backports.patch" |
267 |
|
268 |
eautoreconf |
269 |
} |
270 |
|
271 |
src_compile() { |
272 |
local myconf="--disable-static --enable-dynamic" |
273 |
|
274 |
use ipv6 \ |
275 |
&& myconf="${myconf} --enable-ipv6 --enable-ripng --enable-ospf6d --enable-rtadv" \ |
276 |
|| myconf="${myconf} --disable-ipv6 --disable-ripngd --disable-ospf6d" |
277 |
use ospfapi \ |
278 |
&& myconf="${myconf} --enable-opaque-lsa --enable-ospf-te --enable-ospfclient" |
279 |
use snmp && myconf="${myconf} --enable-snmp" |
280 |
use pam && myconf="${myconf} --with-libpam" |
281 |
use tcpmd5 && myconf="${myconf} --enable-tcp-md5" |
282 |
use realms && myconf="${myconf} --enable-realms" |
283 |
use multipath && myconf="${myconf} --enable-multipath=0" |
284 |
use tcp-zebra && myconf="${myconf} --enable-tcp-zebra" |
285 |
|
286 |
econf \ |
287 |
--enable-nssa \ |
288 |
--enable-user=quagga \ |
289 |
--enable-group=quagga \ |
290 |
--enable-vty-group=quagga \ |
291 |
--with-cflags="${CFLAGS}" \ |
292 |
--enable-vtysh \ |
293 |
--sysconfdir=/etc/quagga \ |
294 |
--enable-exampledir=/etc/quagga/samples \ |
295 |
--localstatedir=/var/run/quagga \ |
296 |
--libdir=/usr/$(get_libdir)/quagga \ |
297 |
${myconf} \ |
298 |
|| die "configure failed" |
299 |
emake || die "make failed" |
300 |
} |
301 |
|
302 |
src_install() { |
303 |
einstall \ |
304 |
localstatedir="${D}/var/run/quagga" \ |
305 |
sysconfdir="${D}/etc/quagga" \ |
306 |
exampledir="${D}/etc/quagga/samples" \ |
307 |
libdir="${D}/usr/$(get_libdir)/quagga" || die "make install failed" |
308 |
|
309 |
keepdir /var/run/quagga |
310 |
|
311 |
local i MY_SERVICES_LIST="zebra ripd ospfd bgpd" |
312 |
use ipv6 && MY_SERVICES_LIST="${MY_SERVICES_LIST} ripngd ospf6d" |
313 |
for i in ${MY_SERVICES_LIST} ; do |
314 |
newinitd "${FILESDIR}/${i}.init" ${i} || die "failed to install ${i} init.d script" |
315 |
done |
316 |
newconfd "${FILESDIR}/zebra.conf" zebra || die "failed to install zebra conf.d script" |
317 |
|
318 |
if use pam; then |
319 |
insinto /etc/pam.d |
320 |
newins "${FILESDIR}/quagga.pam" quagga |
321 |
fi |
322 |
|
323 |
newenvd "${FILESDIR}/quagga.env" 99quagga |
324 |
} |
325 |
|
326 |
pkg_preinst() { |
327 |
enewgroup quagga |
328 |
enewuser quagga -1 -1 /var/empty quagga |
329 |
} |
330 |
|
331 |
pkg_postinst() { |
332 |
# empty dir for pid files for the new priv separation auth |
333 |
#set proper owner/group/perms even if dir already existed |
334 |
install -d -m0770 -o root -g quagga "${ROOT}/etc/quagga" |
335 |
install -d -m0755 -o quagga -g quagga "${ROOT}/var/run/quagga" |
336 |
|
337 |
einfo "Sample configuration files can be found in /etc/quagga/samples." |
338 |
einfo "You have to create config files in /etc/quagga before" |
339 |
einfo "starting one of the daemons." |
340 |
|
341 |
if use tcpmd5; then |
342 |
echo |
343 |
if kernel_is lt 2 6 20; then |
344 |
ewarn "TCP MD5 for BGP needs a patched kernel!" |
345 |
ewarn "See http://hasso.linux.ee/doku.php/english:network:rfc2385 for more info." |
346 |
else |
347 |
CONFIG_CHECK="~TCP_MD5SIG" |
348 |
local ERROR_TCP_MD5SIG="CONFIG_TCP_MD5SIG:\t missing TCP MD5 signature support (RFC2385)" |
349 |
|
350 |
check_extra_config |
351 |
fi |
352 |
fi |
353 |
} |
354 |
|
355 |
|
356 |
|
357 |
-- |
358 |
gentoo-commits@g.o mailing list |