1 |
commit: 56aa3ca647fc88eb78b43d5b58f903c0b29b2640 |
2 |
Author: Martin von Gagern <Martin.vGagern <AT> gmx <DOT> net> |
3 |
AuthorDate: Thu Mar 3 08:12:29 2011 +0000 |
4 |
Commit: Martin von Gagern <Martin.vGagern <AT> gmx <DOT> net> |
5 |
CommitDate: Thu Mar 3 08:12:29 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/kde-sunset.git;a=commit;h=56aa3ca6 |
7 |
|
8 |
[net-dns/avahi] Update from main portage tree |
9 |
|
10 |
--- |
11 |
Documentation/package.unmask/kde-3.5 | 1 + |
12 |
net-dns/avahi/ChangeLog | 22 ++- |
13 |
net-dns/avahi/avahi-0.6.28-r1.ebuild | 202 ++++++++++++++++++++ |
14 |
.../avahi/files/avahi-0.6.28-CVE-2011-1002.patch | 68 +++++++ |
15 |
4 files changed, 292 insertions(+), 1 deletions(-) |
16 |
|
17 |
diff --git a/Documentation/package.unmask/kde-3.5 b/Documentation/package.unmask/kde-3.5 |
18 |
index 7251021..5e4eb21 100644 |
19 |
--- a/Documentation/package.unmask/kde-3.5 |
20 |
+++ b/Documentation/package.unmask/kde-3.5 |
21 |
@@ -615,6 +615,7 @@ |
22 |
=net-dns/avahi-0.6.27 |
23 |
=net-dns/avahi-0.6.27-r1 |
24 |
=net-dns/avahi-0.6.28 |
25 |
+=net-dns/avahi-0.6.28-r1 |
26 |
=net-firewall/knetfilter-3.5.0 |
27 |
=net-im/kmess-1.5.1 |
28 |
=net-im/kmess-1.5.2 |
29 |
|
30 |
diff --git a/net-dns/avahi/ChangeLog b/net-dns/avahi/ChangeLog |
31 |
index c278e92..b27e123 100644 |
32 |
--- a/net-dns/avahi/ChangeLog |
33 |
+++ b/net-dns/avahi/ChangeLog |
34 |
@@ -1,6 +1,26 @@ |
35 |
# ChangeLog for net-dns/avahi |
36 |
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
37 |
-# $Header: /var/cvsroot/gentoo-x86/net-dns/avahi/ChangeLog,v 1.192 2011/01/23 20:24:45 swegener Exp $ |
38 |
+# $Header: /var/cvsroot/gentoo-x86/net-dns/avahi/ChangeLog,v 1.197 2011/03/02 08:46:47 tomka Exp $ |
39 |
+ |
40 |
+ 02 Mar 2011; Thomas Kahle <tomka@g.o> avahi-0.6.28-r1.ebuild: |
41 |
+ x86 stable per bug 355583 |
42 |
+ |
43 |
+ 01 Mar 2011; Kacper Kowalik <xarthisius@g.o> |
44 |
+ avahi-0.6.28-r1.ebuild: |
45 |
+ ppc/ppc64 stable wrt #355583 |
46 |
+ |
47 |
+ 01 Mar 2011; Arfrever Frehtes Taifersar Arahesis <arfrever@g.o> |
48 |
+ avahi-0.6.28-r1.ebuild: |
49 |
+ Byte-compile avahi_discover only with USE="dbus gtk python" (bug #339933). |
50 |
+ |
51 |
+ 28 Feb 2011; Markos Chandras <hwoarang@g.o> avahi-0.6.28-r1.ebuild: |
52 |
+ Stable on amd64 wrt bug #355583 |
53 |
+ |
54 |
+*avahi-0.6.28-r1 (27 Feb 2011) |
55 |
+ |
56 |
+ 27 Feb 2011; Sven Wegener <swegener@g.o> +avahi-0.6.28-r1.ebuild, |
57 |
+ +files/avahi-0.6.28-CVE-2011-1002.patch: |
58 |
+ Revision bump, security bug #355583. |
59 |
|
60 |
23 Jan 2011; Sven Wegener <swegener@g.o> avahi-0.6.28.ebuild, |
61 |
+files/netlink-request-all-matches-when-requesting-interface.patch: |
62 |
|
63 |
diff --git a/net-dns/avahi/avahi-0.6.28-r1.ebuild b/net-dns/avahi/avahi-0.6.28-r1.ebuild |
64 |
new file mode 100644 |
65 |
index 0000000..a6feb6c |
66 |
--- /dev/null |
67 |
+++ b/net-dns/avahi/avahi-0.6.28-r1.ebuild |
68 |
@@ -0,0 +1,202 @@ |
69 |
+# Copyright 1999-2011 Gentoo Foundation |
70 |
+# Distributed under the terms of the GNU General Public License v2 |
71 |
+# $Header: /var/cvsroot/gentoo-x86/net-dns/avahi/avahi-0.6.28-r1.ebuild,v 1.5 2011/03/02 08:46:47 tomka Exp $ |
72 |
+ |
73 |
+EAPI="3" |
74 |
+ |
75 |
+PYTHON_DEPEND="python? 2" |
76 |
+PYTHON_USE_WITH="gdbm" |
77 |
+PYTHON_USE_WITH_OPT="python" |
78 |
+ |
79 |
+inherit eutils mono python multilib flag-o-matic |
80 |
+ |
81 |
+DESCRIPTION="System which facilitates service discovery on a local network" |
82 |
+HOMEPAGE="http://avahi.org/" |
83 |
+SRC_URI="http://avahi.org/download/${P}.tar.gz" |
84 |
+ |
85 |
+LICENSE="LGPL-2.1" |
86 |
+SLOT="0" |
87 |
+KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~x86-fbsd" |
88 |
+IUSE="autoipd bookmarks dbus doc gdbm gtk howl-compat ipv6 kernel_linux mdnsresponder-compat mono python qt3 qt4 test " |
89 |
+ |
90 |
+DBUS_DEPEND=">=sys-apps/dbus-0.30" |
91 |
+RDEPEND=">=dev-libs/libdaemon-0.14 |
92 |
+ dev-libs/expat |
93 |
+ >=dev-libs/glib-2 |
94 |
+ gdbm? ( sys-libs/gdbm ) |
95 |
+ qt3? ( x11-libs/qt:3 ) |
96 |
+ qt4? ( x11-libs/qt-core:4 ) |
97 |
+ gtk? ( |
98 |
+ >=x11-libs/gtk+-2.14.0:2 |
99 |
+ ) |
100 |
+ dbus? ( |
101 |
+ ${DBUS_DEPEND} |
102 |
+ python? ( dev-python/dbus-python ) |
103 |
+ ) |
104 |
+ mono? ( |
105 |
+ >=dev-lang/mono-1.1.10 |
106 |
+ gtk? ( >=dev-dotnet/gtk-sharp-2 ) |
107 |
+ ) |
108 |
+ howl-compat? ( |
109 |
+ !net-misc/howl |
110 |
+ ${DBUS_DEPEND} |
111 |
+ ) |
112 |
+ mdnsresponder-compat? ( |
113 |
+ !net-misc/mDNSResponder |
114 |
+ ${DBUS_DEPEND} |
115 |
+ ) |
116 |
+ python? ( |
117 |
+ gtk? ( >=dev-python/pygtk-2 ) |
118 |
+ ) |
119 |
+ bookmarks? ( |
120 |
+ dev-python/twisted |
121 |
+ dev-python/twisted-web |
122 |
+ ) |
123 |
+ kernel_linux? ( sys-libs/libcap )" |
124 |
+DEPEND="${RDEPEND} |
125 |
+ >=dev-util/intltool-0.40.5 |
126 |
+ >=dev-util/pkgconfig-0.9.0 |
127 |
+ doc? ( |
128 |
+ app-doc/doxygen |
129 |
+ mono? ( >=virtual/monodoc-1.1.8 ) |
130 |
+ )" |
131 |
+ |
132 |
+pkg_setup() { |
133 |
+ if use python; then |
134 |
+ python_set_active_version 2 |
135 |
+ python_pkg_setup |
136 |
+ fi |
137 |
+ |
138 |
+ if use python && ! use dbus && ! use gtk; then |
139 |
+ ewarn "For proper python support you should also enable the dbus and gtk USE flags!" |
140 |
+ fi |
141 |
+} |
142 |
+ |
143 |
+pkg_preinst() { |
144 |
+ enewgroup netdev |
145 |
+ enewgroup avahi |
146 |
+ enewuser avahi -1 -1 -1 avahi |
147 |
+ |
148 |
+ if use autoipd; then |
149 |
+ enewgroup avahi-autoipd |
150 |
+ enewuser avahi-autoipd -1 -1 -1 avahi-autoipd |
151 |
+ fi |
152 |
+} |
153 |
+ |
154 |
+src_prepare() { |
155 |
+ if use ipv6; then |
156 |
+ sed -i \ |
157 |
+ -e s/use-ipv6=no/use-ipv6=yes/ \ |
158 |
+ avahi-daemon/avahi-daemon.conf || die |
159 |
+ fi |
160 |
+ |
161 |
+ sed -i\ |
162 |
+ -e "s:\\.\\./\\.\\./\\.\\./doc/avahi-docs/html/:../../../doc/${PF}/html/:" \ |
163 |
+ doxygen_to_devhelp.xsl || die |
164 |
+ |
165 |
+ epatch "${FILESDIR}"/netlink-request-all-matches-when-requesting-interface.patch |
166 |
+ epatch "${FILESDIR}"/${P}-CVE-2011-1002.patch |
167 |
+} |
168 |
+ |
169 |
+src_configure() { |
170 |
+ use sh && replace-flags -O? -O0 |
171 |
+ |
172 |
+ local myconf="" |
173 |
+ |
174 |
+ if use python; then |
175 |
+ myconf+=" |
176 |
+ $(use_enable dbus python-dbus) |
177 |
+ $(use_enable gtk pygtk) |
178 |
+ " |
179 |
+ fi |
180 |
+ |
181 |
+ if use mono; then |
182 |
+ myconf+=" $(use_enable doc monodoc)" |
183 |
+ fi |
184 |
+ |
185 |
+ # these require dbus enabled |
186 |
+ if use mdnsresponder-compat || use howl-compat || use mono; then |
187 |
+ myconf+=" --enable-dbus" |
188 |
+ fi |
189 |
+ |
190 |
+ # We need to unset DISPLAY, else the configure script might have problems detecting the pygtk module |
191 |
+ unset DISPLAY |
192 |
+ |
193 |
+ # Upstream ships a gir file (AvahiCore.gir) which does not work with |
194 |
+ # >=gobject-introspection-0.9, so we disable introspection for now. |
195 |
+ # http://avahi.org/ticket/318 |
196 |
+ econf \ |
197 |
+ --localstatedir=/var \ |
198 |
+ --with-distro=gentoo \ |
199 |
+ --disable-python-dbus \ |
200 |
+ --disable-pygtk \ |
201 |
+ --disable-xmltoman \ |
202 |
+ --disable-monodoc \ |
203 |
+ --disable-introspection \ |
204 |
+ --enable-glib \ |
205 |
+ $(use_enable test tests) \ |
206 |
+ $(use_enable autoipd) \ |
207 |
+ $(use_enable mdnsresponder-compat compat-libdns_sd) \ |
208 |
+ $(use_enable howl-compat compat-howl) \ |
209 |
+ $(use_enable doc doxygen-doc) \ |
210 |
+ $(use_enable mono) \ |
211 |
+ $(use_enable dbus) \ |
212 |
+ $(use_enable python) \ |
213 |
+ --disable-gtk3 \ |
214 |
+ $(use_enable gtk) \ |
215 |
+ $(use_enable qt3) \ |
216 |
+ $(use_enable qt4) \ |
217 |
+ $(use_enable gdbm) \ |
218 |
+ ${myconf} |
219 |
+} |
220 |
+ |
221 |
+src_compile() { |
222 |
+ emake || die "emake failed" |
223 |
+ |
224 |
+ use doc && { emake avahi.devhelp || die ; } |
225 |
+} |
226 |
+ |
227 |
+src_install() { |
228 |
+ emake install py_compile=true DESTDIR="${D}" || die "make install failed" |
229 |
+ use bookmarks && use python && use dbus && use gtk || \ |
230 |
+ rm -f "${D}"/usr/bin/avahi-bookmarks |
231 |
+ |
232 |
+ use howl-compat && ln -s avahi-compat-howl.pc "${D}"/usr/$(get_libdir)/pkgconfig/howl.pc |
233 |
+ use mdnsresponder-compat && ln -s avahi-compat-libdns_sd/dns_sd.h "${D}"/usr/include/dns_sd.h |
234 |
+ |
235 |
+ if use autoipd; then |
236 |
+ insinto /$(get_libdir)/rcscripts/net |
237 |
+ doins "${FILESDIR}"/autoipd.sh || die |
238 |
+ |
239 |
+ insinto /$(get_libdir)/rc/net |
240 |
+ newins "${FILESDIR}"/autoipd-openrc.sh autoipd.sh || die |
241 |
+ fi |
242 |
+ |
243 |
+ dodoc docs/{AUTHORS,NEWS,README,TODO} || die |
244 |
+ |
245 |
+ if use doc; then |
246 |
+ dohtml -r doxygen/html/. || die |
247 |
+ insinto /usr/share/devhelp/books/avahi |
248 |
+ doins avahi.devhelp || die |
249 |
+ fi |
250 |
+} |
251 |
+ |
252 |
+pkg_postrm() { |
253 |
+ use python && python_mod_cleanup avahi $(use dbus && use gtk && echo avahi_discover) |
254 |
+} |
255 |
+ |
256 |
+pkg_postinst() { |
257 |
+ use python && python_mod_optimize avahi $(use dbus && use gtk && echo avahi_discover) |
258 |
+ |
259 |
+ if use autoipd; then |
260 |
+ echo |
261 |
+ elog "To use avahi-autoipd to configure your interfaces with IPv4LL (RFC3927)" |
262 |
+ elog "addresses, just set config_<interface>=( autoipd ) in /etc/conf.d/net!" |
263 |
+ fi |
264 |
+ |
265 |
+ if use dbus; then |
266 |
+ echo |
267 |
+ elog "If this is your first install of avahi please reload your dbus config" |
268 |
+ elog "with /etc/init.d/dbus reload before starting avahi-daemon!" |
269 |
+ fi |
270 |
+} |
271 |
|
272 |
diff --git a/net-dns/avahi/files/avahi-0.6.28-CVE-2011-1002.patch b/net-dns/avahi/files/avahi-0.6.28-CVE-2011-1002.patch |
273 |
new file mode 100644 |
274 |
index 0000000..9d80477 |
275 |
--- /dev/null |
276 |
+++ b/net-dns/avahi/files/avahi-0.6.28-CVE-2011-1002.patch |
277 |
@@ -0,0 +1,68 @@ |
278 |
+From: Vincent Untz <vuntz@××××××××.org> |
279 |
+Date: Fri, 18 Feb 2011 22:37:00 +0000 (+0100) |
280 |
+Subject: socket: Still read corrupt packets from the sockets |
281 |
+X-Git-Url: http://git.0pointer.de/?p=avahi.git;a=commitdiff_plain;h=46109dfec75534fe270c0ab902576f685d5ab3a6 |
282 |
+ |
283 |
+socket: Still read corrupt packets from the sockets |
284 |
+ |
285 |
+Else, we end up with an infinite loop with 100% CPU. |
286 |
+ |
287 |
+http://www.avahi.org/ticket/325 |
288 |
+https://bugzilla.redhat.com/show_bug.cgi?id=667187 |
289 |
+--- |
290 |
+ |
291 |
+diff --git a/avahi-core/socket.c b/avahi-core/socket.c |
292 |
+index be62105..e69ec7d 100644 |
293 |
+--- a/avahi-core/socket.c |
294 |
++++ b/avahi-core/socket.c |
295 |
+@@ -653,10 +653,6 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv4( |
296 |
+ goto fail; |
297 |
+ } |
298 |
+ |
299 |
+- /* For corrupt packets FIONREAD returns zero size (See rhbz #607297) */ |
300 |
+- if (!ms) |
301 |
+- goto fail; |
302 |
+- |
303 |
+ p = avahi_dns_packet_new(ms + AVAHI_DNS_PACKET_EXTRA_SIZE); |
304 |
+ |
305 |
+ io.iov_base = AVAHI_DNS_PACKET_DATA(p); |
306 |
+@@ -683,10 +679,14 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv4( |
307 |
+ goto fail; |
308 |
+ } |
309 |
+ |
310 |
+- if (sa.sin_addr.s_addr == INADDR_ANY) { |
311 |
++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So |
312 |
++ * fail after having read them. */ |
313 |
++ if (!ms) |
314 |
++ goto fail; |
315 |
++ |
316 |
++ if (sa.sin_addr.s_addr == INADDR_ANY) |
317 |
+ /* Linux 2.4 behaves very strangely sometimes! */ |
318 |
+ goto fail; |
319 |
+- } |
320 |
+ |
321 |
+ assert(!(msg.msg_flags & MSG_CTRUNC)); |
322 |
+ assert(!(msg.msg_flags & MSG_TRUNC)); |
323 |
+@@ -810,10 +810,6 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv6( |
324 |
+ goto fail; |
325 |
+ } |
326 |
+ |
327 |
+- /* For corrupt packets FIONREAD returns zero size (See rhbz #607297) */ |
328 |
+- if (!ms) |
329 |
+- goto fail; |
330 |
+- |
331 |
+ p = avahi_dns_packet_new(ms + AVAHI_DNS_PACKET_EXTRA_SIZE); |
332 |
+ |
333 |
+ io.iov_base = AVAHI_DNS_PACKET_DATA(p); |
334 |
+@@ -841,6 +837,11 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv6( |
335 |
+ goto fail; |
336 |
+ } |
337 |
+ |
338 |
++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So |
339 |
++ * fail after having read them. */ |
340 |
++ if (!ms) |
341 |
++ goto fail; |
342 |
++ |
343 |
+ assert(!(msg.msg_flags & MSG_CTRUNC)); |
344 |
+ assert(!(msg.msg_flags & MSG_TRUNC)); |
345 |
+ |