1 |
commit: 06d95b1cb566c0ae19d145ee0f65ec3f8e2093ba |
2 |
Author: Matt Turner <mattst88 <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 25 20:33:18 2017 +0000 |
4 |
Commit: Matt Turner <mattst88 <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Feb 25 20:43:01 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06d95b1c |
7 |
|
8 |
x11-base/xorg-server: Remove 1.16.4-r5. |
9 |
|
10 |
Bug: https://bugs.gentoo.org/607096 |
11 |
|
12 |
x11-base/xorg-server/Manifest | 1 - |
13 |
.../files/xorg-server-1.17-cve-2015-3164-1.patch | 33 --- |
14 |
.../files/xorg-server-1.17-cve-2015-3164-2.patch | 246 --------------------- |
15 |
.../files/xorg-server-1.17-cve-2015-3164-3.patch | 34 --- |
16 |
x11-base/xorg-server/xorg-server-1.16.4-r5.ebuild | 237 -------------------- |
17 |
5 files changed, 551 deletions(-) |
18 |
|
19 |
diff --git a/x11-base/xorg-server/Manifest b/x11-base/xorg-server/Manifest |
20 |
index 61e76ed095..7aa7d5f51b 100644 |
21 |
--- a/x11-base/xorg-server/Manifest |
22 |
+++ b/x11-base/xorg-server/Manifest |
23 |
@@ -2,7 +2,6 @@ DIST xorg-server-1.12-cve-2014-8091..8103.patches.tar.xz 14832 SHA256 a98fd1589e |
24 |
DIST xorg-server-1.12.4.tar.bz2 5444761 SHA256 8ac07c35306ba3fb3c0972722dd4e919303039eca1d40ac7862560e0b2c94cf7 SHA512 70997e8ba4f948829c158e52924753c5691a783dd14e5a86fdce4fc601638dd4e0b281590876b0315a303bf8d5195bdf43ede7113d1d569415a41ab03d938d85 WHIRLPOOL bfee61329ca85ecedb991ca933de6e3a1e94e34a04d9a723a0e9c90a36e067824701c38e8a0034498ed28dfca82eb653d1e1ab5c0223020f5da69cbbf80bbf98 |
25 |
DIST xorg-server-1.15.2.tar.bz2 5551426 SHA256 3c0585607c654ded836da43a45a75492fc13454ff4149704fb08dac39f051163 SHA512 5fcbf0012af309f80e1db206e05d7861796146d765cd17f3963fde6da7f43f0e57d63dbbdbf2c554612a557aa4dee623ef62f7ca7d007834aafd7a46ca7bb1d6 WHIRLPOOL 22cdbad68462f9bac32b13be958df496411ca72fe47435ec7e3ebb470b121ba4b4a0e023913f31a92113c5a56bc4be660dfec5086bc1fb72a617d2cdeaa8adf1 |
26 |
DIST xorg-server-1.16-cve-2014-8091..8103.patches.tar.xz 27892 SHA256 47d8c9bb79c829389e7599aef1110d43afbc5bf744dbcf73d8f3cf01796d287a SHA512 f8b55c009166883b3e6ec2c8c7a2ff4ed61df6970afcc4f0efb9efa36741af194456a368d4b1c7ba9345ef973fb139a48eb50cb5a7ebc144b43749b9ffdb1f7b WHIRLPOOL 2f8b26c018f4ad4cf780ed7dcb0b844de64e7a612adc30c622d1956dfcee710086ffcc837ff0a64cdcc14d47720d82d8797374488bf0b52d77ca63adf6806885 |
27 |
-DIST xorg-server-1.16.4.tar.bz2 5817330 SHA256 abb6e1cc9213a9915a121f48576ff6739a0b8cdb3d32796f9a7743c9a6efc871 SHA512 f756fca65535aa921a85d8d8eb36ea2ba5b7af90a46d640b0ca76259a9abd9d323885087e11156528d95240937c70373045001ae20266a1b9e89909f007e9e74 WHIRLPOOL 63980a3e2b57d2860998344f21a6524598b3dc135c277e5a868e34b57ab5060681ae7137358b3ba8b9ca5fd622a91aeb06bd0ac9e3e5ce1f4dc55df2b2dc0e33 |
28 |
DIST xorg-server-1.17.4.tar.bz2 5791384 SHA256 0c4b45c116a812a996eb432d8508cf26c2ec8c3916ff2a50781796882f8d6457 SHA512 4b8377b86ca88f27dcf59db2996b2ee620ce6f181a37dc47600365db588d48f2f3ca66a3149e7c856e686e5783b1cccb2ba0827aa7413299163dfca869f4d376 WHIRLPOOL c5baa1b01e57eac9e18bd1890c0a7e2246836524645057d5e05a1a19225d863645616aafaadbf9d083ffb672d47ea1934ad8323d813533e9519f0d92f9a1c6ab |
29 |
DIST xorg-server-1.18.4.tar.bz2 6009508 SHA256 278459b2c31d61a15655d95a72fb79930c480a6bb8cf9226e48a07df8b1d31c8 SHA512 2055948caa1437547ea823a70d8b24584b65338bb9f1bbf75e3ad7fd60ec9684378facaffa05b7ce496d904213cd192085a43ba889a1476d5fbc813b7e41b56b WHIRLPOOL f9ba5ffb49e6ac7ca20d64d27712a0a8f10c6560256a20e9f944d6438dc5f5eebe53daf6af110084da67a622e92874969047518e72ff181de0d64d83030d629f |
30 |
DIST xorg-server-1.19.1.tar.bz2 6041792 SHA256 79ae2cf39d3f6c4a91201d8dad549d1d774b3420073c5a70d390040aa965a7fb SHA512 37d413fdd96ce6b15ae20ca5028331498586044cfc7a6ab0acb99201b04063c69bcd06867f2dc33237b244ce2870a1c5a4be3cbe4560f2461894f46f8d5dbdd7 WHIRLPOOL 9fab4118e866e11a7742ba63d7f681490d43718a329416fb742e268fdf56f348bc9f1f2b5229fbaac98ce78f41fc1e9e5aa7587ee120fcccaba752ff4bac1555 |
31 |
|
32 |
diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch |
33 |
deleted file mode 100644 |
34 |
index a9f8030227..0000000000 |
35 |
--- a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-1.patch |
36 |
+++ /dev/null |
37 |
@@ -1,33 +0,0 @@ |
38 |
-From c4534a38b68aa07fb82318040dc8154fb48a9588 Mon Sep 17 00:00:00 2001 |
39 |
-From: Ray Strode <rstrode@××××××.com> |
40 |
-Date: Tue, 5 May 2015 16:43:42 -0400 |
41 |
-Subject: xwayland: Enable access control on open sockets [CVE-2015-3164 1/3] |
42 |
- |
43 |
-Xwayland currently allows wide-open access to the X sockets |
44 |
-it listens on, ignoring Xauth access control. |
45 |
- |
46 |
-This commit makes sure to enable access control on the sockets, |
47 |
-so one user can't snoop on another user's X-over-wayland |
48 |
-applications. |
49 |
- |
50 |
-Signed-off-by: Ray Strode <rstrode@××××××.com> |
51 |
-Reviewed-by: Daniel Stone <daniels@×××××××××.com> |
52 |
-Reviewed-by: Alan Coopersmith <alan.coopersmith@××××××.com> |
53 |
-Signed-off-by: Keith Packard <keithp@××××××.com> |
54 |
- |
55 |
-diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
56 |
-index 7e8d667..c5bee77 100644 |
57 |
---- a/hw/xwayland/xwayland.c |
58 |
-+++ b/hw/xwayland/xwayland.c |
59 |
-@@ -483,7 +483,7 @@ listen_on_fds(struct xwl_screen *xwl_screen) |
60 |
- int i; |
61 |
- |
62 |
- for (i = 0; i < xwl_screen->listen_fd_count; i++) |
63 |
-- ListenOnOpenFD(xwl_screen->listen_fds[i], TRUE); |
64 |
-+ ListenOnOpenFD(xwl_screen->listen_fds[i], FALSE); |
65 |
- } |
66 |
- |
67 |
- static void |
68 |
--- |
69 |
-cgit v0.10.2 |
70 |
- |
71 |
|
72 |
diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch |
73 |
deleted file mode 100644 |
74 |
index 47b323f1ec..0000000000 |
75 |
--- a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-2.patch |
76 |
+++ /dev/null |
77 |
@@ -1,246 +0,0 @@ |
78 |
-From 4b4b9086d02b80549981d205fb1f495edc373538 Mon Sep 17 00:00:00 2001 |
79 |
-From: Ray Strode <rstrode@××××××.com> |
80 |
-Date: Tue, 5 May 2015 16:43:43 -0400 |
81 |
-Subject: os: support new implicit local user access mode [CVE-2015-3164 2/3] |
82 |
- |
83 |
-If the X server is started without a '-auth' argument, then |
84 |
-it gets started wide open to all local users on the system. |
85 |
- |
86 |
-This isn't a great default access model, but changing it in |
87 |
-Xorg at this point would break backward compatibility. |
88 |
- |
89 |
-Xwayland, on the other hand is new, and much more targeted |
90 |
-in scope. It could, in theory, be changed to allow the much |
91 |
-more secure default of a "user who started X server can connect |
92 |
-clients to that server." |
93 |
- |
94 |
-This commit paves the way for that change, by adding a mechanism |
95 |
-for DDXs to opt-in to that behavior. They merely need to call |
96 |
- |
97 |
-LocalAccessScopeUser() |
98 |
- |
99 |
-in their init functions. |
100 |
- |
101 |
-A subsequent commit will add that call for Xwayland. |
102 |
- |
103 |
-Signed-off-by: Ray Strode <rstrode@××××××.com> |
104 |
-Reviewed-by: Daniel Stone <daniels@×××××××××.com> |
105 |
-Reviewed-by: Alan Coopersmith <alan.coopersmith@××××××.com> |
106 |
-Signed-off-by: Keith Packard <keithp@××××××.com> |
107 |
- |
108 |
-diff --git a/include/os.h b/include/os.h |
109 |
-index 6638c84..b2b96c8 100644 |
110 |
---- a/include/os.h |
111 |
-+++ b/include/os.h |
112 |
-@@ -431,11 +431,28 @@ extern _X_EXPORT void |
113 |
- ResetHosts(const char *display); |
114 |
- |
115 |
- extern _X_EXPORT void |
116 |
-+EnableLocalAccess(void); |
117 |
-+ |
118 |
-+extern _X_EXPORT void |
119 |
-+DisableLocalAccess(void); |
120 |
-+ |
121 |
-+extern _X_EXPORT void |
122 |
- EnableLocalHost(void); |
123 |
- |
124 |
- extern _X_EXPORT void |
125 |
- DisableLocalHost(void); |
126 |
- |
127 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
128 |
-+extern _X_EXPORT void |
129 |
-+EnableLocalUser(void); |
130 |
-+ |
131 |
-+extern _X_EXPORT void |
132 |
-+DisableLocalUser(void); |
133 |
-+ |
134 |
-+extern _X_EXPORT void |
135 |
-+LocalAccessScopeUser(void); |
136 |
-+#endif |
137 |
-+ |
138 |
- extern _X_EXPORT void |
139 |
- AccessUsingXdmcp(void); |
140 |
- |
141 |
-diff --git a/os/access.c b/os/access.c |
142 |
-index 8fa028e..75e7a69 100644 |
143 |
---- a/os/access.c |
144 |
-+++ b/os/access.c |
145 |
-@@ -102,6 +102,10 @@ SOFTWARE. |
146 |
- #include <sys/ioctl.h> |
147 |
- #include <ctype.h> |
148 |
- |
149 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
150 |
-+#include <pwd.h> |
151 |
-+#endif |
152 |
-+ |
153 |
- #if defined(TCPCONN) || defined(STREAMSCONN) |
154 |
- #include <netinet/in.h> |
155 |
- #endif /* TCPCONN || STREAMSCONN */ |
156 |
-@@ -225,6 +229,13 @@ static int LocalHostEnabled = FALSE; |
157 |
- static int LocalHostRequested = FALSE; |
158 |
- static int UsingXdmcp = FALSE; |
159 |
- |
160 |
-+static enum { |
161 |
-+ LOCAL_ACCESS_SCOPE_HOST = 0, |
162 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
163 |
-+ LOCAL_ACCESS_SCOPE_USER, |
164 |
-+#endif |
165 |
-+} LocalAccessScope; |
166 |
-+ |
167 |
- /* FamilyServerInterpreted implementation */ |
168 |
- static Bool siAddrMatch(int family, void *addr, int len, HOST * host, |
169 |
- ClientPtr client); |
170 |
-@@ -237,6 +248,21 @@ static void siTypesInitialize(void); |
171 |
- */ |
172 |
- |
173 |
- void |
174 |
-+EnableLocalAccess(void) |
175 |
-+{ |
176 |
-+ switch (LocalAccessScope) { |
177 |
-+ case LOCAL_ACCESS_SCOPE_HOST: |
178 |
-+ EnableLocalHost(); |
179 |
-+ break; |
180 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
181 |
-+ case LOCAL_ACCESS_SCOPE_USER: |
182 |
-+ EnableLocalUser(); |
183 |
-+ break; |
184 |
-+#endif |
185 |
-+ } |
186 |
-+} |
187 |
-+ |
188 |
-+void |
189 |
- EnableLocalHost(void) |
190 |
- { |
191 |
- if (!UsingXdmcp) { |
192 |
-@@ -249,6 +275,21 @@ EnableLocalHost(void) |
193 |
- * called when authorization is enabled to keep us secure |
194 |
- */ |
195 |
- void |
196 |
-+DisableLocalAccess(void) |
197 |
-+{ |
198 |
-+ switch (LocalAccessScope) { |
199 |
-+ case LOCAL_ACCESS_SCOPE_HOST: |
200 |
-+ DisableLocalHost(); |
201 |
-+ break; |
202 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
203 |
-+ case LOCAL_ACCESS_SCOPE_USER: |
204 |
-+ DisableLocalUser(); |
205 |
-+ break; |
206 |
-+#endif |
207 |
-+ } |
208 |
-+} |
209 |
-+ |
210 |
-+void |
211 |
- DisableLocalHost(void) |
212 |
- { |
213 |
- HOST *self; |
214 |
-@@ -262,6 +303,74 @@ DisableLocalHost(void) |
215 |
- } |
216 |
- } |
217 |
- |
218 |
-+#ifndef NO_LOCAL_CLIENT_CRED |
219 |
-+static int GetLocalUserAddr(char **addr) |
220 |
-+{ |
221 |
-+ static const char *type = "localuser"; |
222 |
-+ static const char delimiter = '\0'; |
223 |
-+ static const char *value; |
224 |
-+ struct passwd *pw; |
225 |
-+ int length = -1; |
226 |
-+ |
227 |
-+ pw = getpwuid(getuid()); |
228 |
-+ |
229 |
-+ if (pw == NULL || pw->pw_name == NULL) |
230 |
-+ goto out; |
231 |
-+ |
232 |
-+ value = pw->pw_name; |
233 |
-+ |
234 |
-+ length = asprintf(addr, "%s%c%s", type, delimiter, value); |
235 |
-+ |
236 |
-+ if (length == -1) { |
237 |
-+ goto out; |
238 |
-+ } |
239 |
-+ |
240 |
-+ /* Trailing NUL */ |
241 |
-+ length++; |
242 |
-+ |
243 |
-+out: |
244 |
-+ return length; |
245 |
-+} |
246 |
-+ |
247 |
-+void |
248 |
-+EnableLocalUser(void) |
249 |
-+{ |
250 |
-+ char *addr = NULL; |
251 |
-+ int length = -1; |
252 |
-+ |
253 |
-+ length = GetLocalUserAddr(&addr); |
254 |
-+ |
255 |
-+ if (length == -1) |
256 |
-+ return; |
257 |
-+ |
258 |
-+ NewHost(FamilyServerInterpreted, addr, length, TRUE); |
259 |
-+ |
260 |
-+ free(addr); |
261 |
-+} |
262 |
-+ |
263 |
-+void |
264 |
-+DisableLocalUser(void) |
265 |
-+{ |
266 |
-+ char *addr = NULL; |
267 |
-+ int length = -1; |
268 |
-+ |
269 |
-+ length = GetLocalUserAddr(&addr); |
270 |
-+ |
271 |
-+ if (length == -1) |
272 |
-+ return; |
273 |
-+ |
274 |
-+ RemoveHost(NULL, FamilyServerInterpreted, length, addr); |
275 |
-+ |
276 |
-+ free(addr); |
277 |
-+} |
278 |
-+ |
279 |
-+void |
280 |
-+LocalAccessScopeUser(void) |
281 |
-+{ |
282 |
-+ LocalAccessScope = LOCAL_ACCESS_SCOPE_USER; |
283 |
-+} |
284 |
-+#endif |
285 |
-+ |
286 |
- /* |
287 |
- * called at init time when XDMCP will be used; xdmcp always |
288 |
- * adds local hosts manually when needed |
289 |
-diff --git a/os/auth.c b/os/auth.c |
290 |
-index 5fcb538..7da6fc6 100644 |
291 |
---- a/os/auth.c |
292 |
-+++ b/os/auth.c |
293 |
-@@ -181,11 +181,11 @@ CheckAuthorization(unsigned int name_length, |
294 |
- |
295 |
- /* |
296 |
- * If the authorization file has at least one entry for this server, |
297 |
-- * disable local host access. (loadauth > 0) |
298 |
-+ * disable local access. (loadauth > 0) |
299 |
- * |
300 |
- * If there are zero entries (either initially or when the |
301 |
- * authorization file is later reloaded), or if a valid |
302 |
-- * authorization file was never loaded, enable local host access. |
303 |
-+ * authorization file was never loaded, enable local access. |
304 |
- * (loadauth == 0 || !loaded) |
305 |
- * |
306 |
- * If the authorization file was loaded initially (with valid |
307 |
-@@ -194,11 +194,11 @@ CheckAuthorization(unsigned int name_length, |
308 |
- */ |
309 |
- |
310 |
- if (loadauth > 0) { |
311 |
-- DisableLocalHost(); /* got at least one */ |
312 |
-+ DisableLocalAccess(); /* got at least one */ |
313 |
- loaded = TRUE; |
314 |
- } |
315 |
- else if (loadauth == 0 || !loaded) |
316 |
-- EnableLocalHost(); |
317 |
-+ EnableLocalAccess(); |
318 |
- } |
319 |
- if (name_length) { |
320 |
- for (i = 0; i < NUM_AUTHORIZATION; i++) { |
321 |
--- |
322 |
-cgit v0.10.2 |
323 |
- |
324 |
|
325 |
diff --git a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch b/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch |
326 |
deleted file mode 100644 |
327 |
index 7e8f173117..0000000000 |
328 |
--- a/x11-base/xorg-server/files/xorg-server-1.17-cve-2015-3164-3.patch |
329 |
+++ /dev/null |
330 |
@@ -1,34 +0,0 @@ |
331 |
-From 76636ac12f2d1dbdf7be08222f80e7505d53c451 Mon Sep 17 00:00:00 2001 |
332 |
-From: Ray Strode <rstrode@××××××.com> |
333 |
-Date: Tue, 5 May 2015 16:43:44 -0400 |
334 |
-Subject: xwayland: default to local user if no xauth file given. |
335 |
- [CVE-2015-3164 3/3] |
336 |
- |
337 |
-Right now if "-auth" isn't passed on the command line, we let |
338 |
-any user on the system connect to the Xwayland server. |
339 |
- |
340 |
-That's clearly suboptimal, given Xwayland is generally designed |
341 |
-to be used by one user at a time. |
342 |
- |
343 |
-This commit changes the behavior, so only the user who started the |
344 |
-X server can connect clients to it. |
345 |
- |
346 |
-Signed-off-by: Ray Strode <rstrode@××××××.com> |
347 |
-Reviewed-by: Daniel Stone <daniels@×××××××××.com> |
348 |
-Reviewed-by: Alan Coopersmith <alan.coopersmith@××××××.com> |
349 |
-Signed-off-by: Keith Packard <keithp@××××××.com> |
350 |
- |
351 |
-diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c |
352 |
-index c5bee77..bc92beb 100644 |
353 |
---- a/hw/xwayland/xwayland.c |
354 |
-+++ b/hw/xwayland/xwayland.c |
355 |
-@@ -702,4 +702,6 @@ InitOutput(ScreenInfo * screen_info, int argc, char **argv) |
356 |
- if (AddScreen(xwl_screen_init, argc, argv) == -1) { |
357 |
- FatalError("Couldn't add screen\n"); |
358 |
- } |
359 |
-+ |
360 |
-+ LocalAccessScopeUser(); |
361 |
- } |
362 |
--- |
363 |
-cgit v0.10.2 |
364 |
- |
365 |
|
366 |
diff --git a/x11-base/xorg-server/xorg-server-1.16.4-r5.ebuild b/x11-base/xorg-server/xorg-server-1.16.4-r5.ebuild |
367 |
deleted file mode 100644 |
368 |
index 4b776aece6..0000000000 |
369 |
--- a/x11-base/xorg-server/xorg-server-1.16.4-r5.ebuild |
370 |
+++ /dev/null |
371 |
@@ -1,237 +0,0 @@ |
372 |
-# Copyright 1999-2016 Gentoo Foundation |
373 |
-# Distributed under the terms of the GNU General Public License v2 |
374 |
-# $Id$ |
375 |
- |
376 |
-EAPI=5 |
377 |
- |
378 |
-XORG_DOC=doc |
379 |
-inherit xorg-2 multilib versionator flag-o-matic |
380 |
-EGIT_REPO_URI="git://anongit.freedesktop.org/git/xorg/xserver" |
381 |
- |
382 |
-DESCRIPTION="X.Org X servers" |
383 |
-SLOT="0/1.16.1" |
384 |
-KEYWORDS="~alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux" |
385 |
- |
386 |
-IUSE_SERVERS="dmx kdrive xnest xorg xvfb" |
387 |
-IUSE="${IUSE_SERVERS} glamor ipv6 minimal nptl selinux +suid systemd tslib +udev unwind wayland" |
388 |
- |
389 |
-CDEPEND=">=app-eselect/eselect-opengl-1.3.0 |
390 |
- dev-libs/openssl:0= |
391 |
- media-libs/freetype |
392 |
- >=x11-apps/iceauth-1.0.2 |
393 |
- >=x11-apps/rgb-1.0.3 |
394 |
- >=x11-apps/xauth-1.0.3 |
395 |
- x11-apps/xkbcomp |
396 |
- >=x11-libs/libdrm-2.4.20 |
397 |
- >=x11-libs/libpciaccess-0.12.901 |
398 |
- >=x11-libs/libXau-1.0.4 |
399 |
- >=x11-libs/libXdmcp-1.0.2 |
400 |
- >=x11-libs/libXfont-1.4.2 |
401 |
- >=x11-libs/libxkbfile-1.0.4 |
402 |
- >=x11-libs/libxshmfence-1.1 |
403 |
- >=x11-libs/pixman-0.27.2 |
404 |
- >=x11-libs/xtrans-1.3.3 |
405 |
- >=x11-misc/xbitmaps-1.0.1 |
406 |
- >=x11-misc/xkeyboard-config-2.4.1-r3 |
407 |
- dmx? ( |
408 |
- x11-libs/libXt |
409 |
- >=x11-libs/libdmx-1.0.99.1 |
410 |
- >=x11-libs/libX11-1.1.5 |
411 |
- >=x11-libs/libXaw-1.0.4 |
412 |
- >=x11-libs/libXext-1.0.99.4 |
413 |
- >=x11-libs/libXfixes-5.0 |
414 |
- >=x11-libs/libXi-1.2.99.1 |
415 |
- >=x11-libs/libXmu-1.0.3 |
416 |
- x11-libs/libXrender |
417 |
- >=x11-libs/libXres-1.0.3 |
418 |
- >=x11-libs/libXtst-1.0.99.2 |
419 |
- ) |
420 |
- glamor? ( |
421 |
- media-libs/libepoxy |
422 |
- >=media-libs/mesa-10.3.4-r1[egl,gbm] |
423 |
- !x11-libs/glamor |
424 |
- ) |
425 |
- kdrive? ( |
426 |
- >=x11-libs/libXext-1.0.5 |
427 |
- x11-libs/libXv |
428 |
- ) |
429 |
- !minimal? ( |
430 |
- >=x11-libs/libX11-1.1.5 |
431 |
- >=x11-libs/libXext-1.0.5 |
432 |
- >=media-libs/mesa-10.3.4-r1[nptl=] |
433 |
- ) |
434 |
- tslib? ( >=x11-libs/tslib-1.0 ) |
435 |
- udev? ( >=virtual/udev-150 ) |
436 |
- unwind? ( sys-libs/libunwind ) |
437 |
- wayland? ( |
438 |
- >=dev-libs/wayland-1.3.0 |
439 |
- media-libs/libepoxy |
440 |
- ) |
441 |
- >=x11-apps/xinit-1.3 |
442 |
- systemd? ( |
443 |
- sys-apps/dbus |
444 |
- <sys-apps/systemd-230 |
445 |
- )" |
446 |
- |
447 |
-DEPEND="${CDEPEND} |
448 |
- sys-devel/flex |
449 |
- >=x11-proto/bigreqsproto-1.1.0 |
450 |
- >=x11-proto/compositeproto-0.4 |
451 |
- >=x11-proto/damageproto-1.1 |
452 |
- >=x11-proto/fixesproto-5.0 |
453 |
- >=x11-proto/fontsproto-2.1.3 |
454 |
- >=x11-proto/glproto-1.4.17-r1 |
455 |
- >=x11-proto/inputproto-2.2.99.1 |
456 |
- >=x11-proto/kbproto-1.0.3 |
457 |
- >=x11-proto/randrproto-1.4.0 |
458 |
- >=x11-proto/recordproto-1.13.99.1 |
459 |
- >=x11-proto/renderproto-0.11 |
460 |
- >=x11-proto/resourceproto-1.2.0 |
461 |
- >=x11-proto/scrnsaverproto-1.1 |
462 |
- >=x11-proto/trapproto-3.4.3 |
463 |
- >=x11-proto/videoproto-2.2.2 |
464 |
- >=x11-proto/xcmiscproto-1.2.0 |
465 |
- >=x11-proto/xextproto-7.2.99.901 |
466 |
- >=x11-proto/xf86dgaproto-2.0.99.1 |
467 |
- >=x11-proto/xf86rushproto-1.1.2 |
468 |
- >=x11-proto/xf86vidmodeproto-2.2.99.1 |
469 |
- >=x11-proto/xineramaproto-1.1.3 |
470 |
- >=x11-proto/xproto-7.0.26 |
471 |
- >=x11-proto/presentproto-1.0 |
472 |
- >=x11-proto/dri3proto-1.0 |
473 |
- dmx? ( |
474 |
- >=x11-proto/dmxproto-2.2.99.1 |
475 |
- doc? ( |
476 |
- || ( |
477 |
- www-client/links |
478 |
- www-client/lynx |
479 |
- www-client/w3m |
480 |
- ) |
481 |
- ) |
482 |
- ) |
483 |
- !minimal? ( |
484 |
- >=x11-proto/xf86driproto-2.1.0 |
485 |
- >=x11-proto/dri2proto-2.8 |
486 |
- )" |
487 |
- |
488 |
-RDEPEND="${CDEPEND} |
489 |
- selinux? ( sec-policy/selinux-xserver ) |
490 |
-" |
491 |
- |
492 |
-PDEPEND=" |
493 |
- xorg? ( >=x11-base/xorg-drivers-$(get_version_component_range 1-2) )" |
494 |
- |
495 |
-REQUIRED_USE="!minimal? ( |
496 |
- || ( ${IUSE_SERVERS} ) |
497 |
- )" |
498 |
- |
499 |
-#UPSTREAMED_PATCHES=( |
500 |
-# "${WORKDIR}/patches/" |
501 |
-#) |
502 |
- |
503 |
-PATCHES=( |
504 |
- "${UPSTREAMED_PATCHES[@]}" |
505 |
- "${FILESDIR}"/${PN}-1.12-ia64-fix_inx_outx.patch |
506 |
- "${FILESDIR}"/${PN}-1.12-unloadsubmodule.patch |
507 |
- # needed for new eselect-opengl, bug #541232 |
508 |
- "${FILESDIR}"/${PN}-1.17-support-multiple-Files-sections.patch |
509 |
- "${FILESDIR}"/${PN}-1.17-cve-2015-3164-1.patch |
510 |
- "${FILESDIR}"/${PN}-1.17-cve-2015-3164-2.patch |
511 |
- "${FILESDIR}"/${PN}-1.17-cve-2015-3164-3.patch |
512 |
- "${FILESDIR}"/${PN}-1.17.2-uninit-clientsWritable.patch |
513 |
-) |
514 |
- |
515 |
-pkg_pretend() { |
516 |
- # older gcc is not supported |
517 |
- [[ "${MERGE_TYPE}" != "binary" && $(gcc-major-version) -lt 4 ]] && \ |
518 |
- die "Sorry, but gcc earlier than 4.0 will not work for xorg-server." |
519 |
-} |
520 |
- |
521 |
-src_configure() { |
522 |
- # localstatedir is used for the log location; we need to override the default |
523 |
- # from ebuild.sh |
524 |
- # sysconfdir is used for the xorg.conf location; same applies |
525 |
- # NOTE: fop is used for doc generating ; and i have no idea if gentoo |
526 |
- # package it somewhere |
527 |
- XORG_CONFIGURE_OPTIONS=( |
528 |
- $(use_enable ipv6) |
529 |
- $(use_enable dmx) |
530 |
- $(use_enable glamor) |
531 |
- $(use_enable kdrive) |
532 |
- $(use_enable kdrive kdrive-kbd) |
533 |
- $(use_enable kdrive kdrive-mouse) |
534 |
- $(use_enable kdrive kdrive-evdev) |
535 |
- $(use_enable suid install-setuid) |
536 |
- $(use_enable tslib) |
537 |
- $(use_enable unwind libunwind) |
538 |
- $(use_enable wayland xwayland) |
539 |
- $(use_enable !minimal record) |
540 |
- $(use_enable !minimal xfree86-utils) |
541 |
- $(use_enable !minimal install-libxf86config) |
542 |
- $(use_enable !minimal dri) |
543 |
- $(use_enable !minimal dri2) |
544 |
- $(use_enable !minimal glx) |
545 |
- $(use_enable xnest) |
546 |
- $(use_enable xorg) |
547 |
- $(use_enable xvfb) |
548 |
- $(use_enable nptl glx-tls) |
549 |
- $(use_enable udev config-udev) |
550 |
- $(use_with doc doxygen) |
551 |
- $(use_with doc xmlto) |
552 |
- $(use_with systemd systemd-daemon) |
553 |
- $(use_enable systemd systemd-logind) |
554 |
- --enable-libdrm |
555 |
- --sysconfdir="${EPREFIX}"/etc/X11 |
556 |
- --localstatedir="${EPREFIX}"/var |
557 |
- --with-fontrootdir="${EPREFIX}"/usr/share/fonts |
558 |
- --with-xkb-output="${EPREFIX}"/var/lib/xkb |
559 |
- --disable-config-hal |
560 |
- --disable-linux-acpi |
561 |
- --without-dtrace |
562 |
- --without-fop |
563 |
- --with-os-vendor=Gentoo |
564 |
- --with-sha1=libcrypto |
565 |
- ) |
566 |
- |
567 |
- xorg-2_src_configure |
568 |
-} |
569 |
- |
570 |
-src_install() { |
571 |
- xorg-2_src_install |
572 |
- |
573 |
- server_based_install |
574 |
- |
575 |
- if ! use minimal && use xorg; then |
576 |
- # Install xorg.conf.example into docs |
577 |
- dodoc "${AUTOTOOLS_BUILD_DIR}"/hw/xfree86/xorg.conf.example |
578 |
- fi |
579 |
- |
580 |
- newinitd "${FILESDIR}"/xdm-setup.initd-1 xdm-setup |
581 |
- newinitd "${FILESDIR}"/xdm.initd-11 xdm |
582 |
- newconfd "${FILESDIR}"/xdm.confd-4 xdm |
583 |
- |
584 |
- # install the @x11-module-rebuild set for Portage |
585 |
- insinto /usr/share/portage/config/sets |
586 |
- newins "${FILESDIR}"/xorg-sets.conf xorg.conf |
587 |
-} |
588 |
- |
589 |
-pkg_postinst() { |
590 |
- # sets up libGL and DRI2 symlinks if needed (ie, on a fresh install) |
591 |
- eselect opengl set xorg-x11 --use-old |
592 |
-} |
593 |
- |
594 |
-pkg_postrm() { |
595 |
- # Get rid of module dir to ensure opengl-update works properly |
596 |
- if [[ -z ${REPLACED_BY_VERSION} && -e ${EROOT}/usr/$(get_libdir)/xorg/modules ]]; then |
597 |
- rm -rf "${EROOT}"/usr/$(get_libdir)/xorg/modules |
598 |
- fi |
599 |
-} |
600 |
- |
601 |
-server_based_install() { |
602 |
- if ! use xorg; then |
603 |
- rm "${ED}"/usr/share/man/man1/Xserver.1x \ |
604 |
- "${ED}"/usr/$(get_libdir)/xserver/SecurityPolicy \ |
605 |
- "${ED}"/usr/$(get_libdir)/pkgconfig/xorg-server.pc \ |
606 |
- "${ED}"/usr/share/man/man1/Xserver.1x |
607 |
- fi |
608 |
-} |