[gentoo-commits] repo/gentoo:master commit in: app-misc/lirc/files/, app-misc/lirc/ - gentoo-commits

From:	Craig Andrews <candrews@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-misc/lirc/files/, app-misc/lirc/
Date:	Sat, 11 May 2019 16:17:07
Message-Id:	`1557591411.004c4079cde46b2a793a4bb7b02d1d939e59aff4.candrews@gentoo`

1

commit:     004c4079cde46b2a793a4bb7b02d1d939e59aff4

2

Author:     Craig Andrews <candrews <AT> gentoo <DOT> org>

3

AuthorDate: Sat May 11 16:11:28 2019 +0000

4

Commit:     Craig Andrews <candrews <AT> gentoo <DOT> org>

5

CommitDate: Sat May 11 16:16:51 2019 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=004c4079

7

8

app-misc/lirc: Use pyyaml safe_load instead of load

9

10

See upstream report at

11

https://sourceforge.net/p/lirc/git/merge-requests/39/

12

13

Bug: https://bugs.gentoo.org/682922

14

Package-Manager: Portage-2.3.66, Repoman-2.3.12

15

Signed-off-by: Craig Andrews <candrews <AT> gentoo.org>

16

17

 app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch |  52 +++++++

18

 app-misc/lirc/lirc-0.10.1-r1.ebuild               | 160 ++++++++++++++++++++++

19

 2 files changed, 212 insertions(+)

20

21

diff --git a/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch b/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch

22

new file mode 100644

23

index 00000000000..7758ebb6e89

24

--- /dev/null

25

+++ b/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch

26

@@ -0,0 +1,52 @@

27

+https://sourceforge.net/p/lirc/git/merge-requests/39/

28

+

29

+commit 8fab503abb3fdababb1875fdc2373afe8534770e

30

+Author: Craig Andrews <candrews@××××××××××××.com>

31

+Date:   Sat May 11 11:39:44 2019 -0400

32

+

33

+    Use pyyaml safe_load instead of load

34

+

35

+    Using load on untrusted user input could lead to arbitrary code execution.

36

+    Therefore, upstream has disabled load, requiring the use of either

37

+    safe_load or full_load

38

+    See https://github.com/yaml/pyyaml/issues/265

39

+

40

+diff --git a/python-pkg/lirc/database.py b/python-pkg/lirc/database.py

41

+index d464c2ab..bd567181 100644

42

+--- a/python-pkg/lirc/database.py

43

++++ b/python-pkg/lirc/database.py

44

+@@ -66,7 +66,7 @@ def _load_kerneldrivers(configdir):

45

+     '''

46

+

47

+     with open(os.path.join(configdir, "kernel-drivers.yaml")) as f:

48

+-        cf = yaml.load(f.read())

49

++        cf = yaml.safe_load(f.read())

50

+     drivers = cf['drivers'].copy()

51

+     for driver in cf['drivers']:

52

+         if driver == 'default':

53

+@@ -132,14 +132,14 @@ class Database(object):

54

+             yamlpath = configdir

55

+         db = {}

56

+         with open(os.path.join(yamlpath, "confs_by_driver.yaml")) as f:

57

+-            cf = yaml.load(f.read())

58

++            cf = yaml.safe_load(f.read())

59

+         db['lircd_by_driver'] = cf['lircd_by_driver'].copy()

60

+         db['lircmd_by_driver'] = cf['lircmd_by_driver'].copy()

61

+

62

+         db['kernel-drivers'] = _load_kerneldrivers(configdir)

63

+         db['drivers'] = db['kernel-drivers'].copy()

64

+         with open(os.path.join(yamlpath, "drivers.yaml")) as f:

65

+-            cf = yaml.load(f.read())

66

++            cf = yaml.safe_load(f.read())

67

+         db['drivers'].update(cf['drivers'].copy())

68

+         for key, d in db['drivers'].items():

69

+             d['id'] = key

70

+@@ -158,7 +158,7 @@ class Database(object):

71

+         configs = {}

72

+         for path in glob.glob(configdir + '/*.conf'):

73

+             with open(path) as f:

74

+-                cf = yaml.load(f.read())

75

++                cf = yaml.safe_load(f.read())

76

+             configs[cf['config']['id']] = cf['config']

77

+         db['configs'] = configs

78

+         self.db = db

79

80

diff --git a/app-misc/lirc/lirc-0.10.1-r1.ebuild b/app-misc/lirc/lirc-0.10.1-r1.ebuild

81

new file mode 100644

82

index 00000000000..b3bd462cb51

83

--- /dev/null

84

+++ b/app-misc/lirc/lirc-0.10.1-r1.ebuild

85

@@ -0,0 +1,160 @@

86

+# Copyright 1999-2019 Gentoo Authors

87

+# Distributed under the terms of the GNU General Public License v2

88

+

89

+EAPI=7

90

+

91

+PYTHON_COMPAT=( python3_{5,6,7} )

92

+

93

+inherit eutils flag-o-matic linux-info python-single-r1 systemd xdg-utils

94

+

95

+DESCRIPTION="decode and send infra-red signals of many commonly used remote controls"

96

+HOMEPAGE="http://www.lirc.org/"

97

+

98

+LIRC_DRIVER_DEVICE="/dev/lirc0"

99

+

100

+MY_P=${PN}-${PV/_/-}

101

+

102

+if [[ "${PV/_pre/}" = "${PV}" ]]; then

103

+	SRC_URI="mirror://sourceforge/lirc/${MY_P}.tar.bz2"

104

+else

105

+	SRC_URI="http://www.lirc.org/software/snapshots/${MY_P}.tar.bz2"

106

+fi

107

+

108

+LICENSE="GPL-2+"

109

+SLOT="0"

110

+KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86"

111

+IUSE="audio +devinput doc ftdi gtk inputlirc static-libs systemd +uinput usb X"

112

+

113

+REQUIRED_USE="

114

+	${PYTHON_REQUIRED_USE}

115

+	gtk? ( X )

116

+"

117

+

118

+S="${WORKDIR}/${MY_P}"

119

+

120

+COMMON_DEPEND="

121

+	${PYTHON_DEPS}

122

+	audio? (

123

+		>media-libs/portaudio-18

124

+		media-libs/alsa-lib

125

+	)

126

+	dev-python/pyyaml[${PYTHON_USEDEP}]

127

+	ftdi? ( dev-embedded/libftdi:0 )

128

+	systemd? ( sys-apps/systemd )

129

+	usb? ( virtual/libusb:0 )

130

+	X? (

131

+		x11-libs/libICE

132

+		x11-libs/libSM

133

+		x11-libs/libX11

134

+	)

135

+"

136

+

137

+DEPEND="

138

+	${COMMON_DEPEND}

139

+	dev-libs/libxslt

140

+	dev-python/setuptools[${PYTHON_USEDEP}]

141

+	doc? ( app-doc/doxygen )

142

+	sys-apps/kmod

143

+	sys-kernel/linux-headers

144

+"

145

+

146

+RDEPEND="

147

+	${COMMON_DEPEND}

148

+	gtk? (

149

+		x11-libs/vte[introspection]

150

+		dev-python/pygobject[${PYTHON_USEDEP}]

151

+	)

152

+	inputlirc? ( app-misc/inputlircd )

153

+"

154

+

155

+PATCHES=(

156

+	"${FILESDIR}/${P}-unsafe-load.patch"

157

+)

158

+

159

+MAKEOPTS+=" -j1"

160

+

161

+pkg_setup() {

162

+	use uinput && CONFIG_CHECK="~INPUT_UINPUT"

163

+	python-single-r1_pkg_setup

164

+	linux-info_pkg_setup

165

+}

166

+

167

+src_configure() {

168

+	xdg_environment_reset

169

+	econf \

170

+		--localstatedir="${EPREFIX}/var" \

171

+		$(use_enable static-libs static) \

172

+		$(use_enable devinput) \

173

+		$(use_enable uinput) \

174

+		$(use_with X x)

175

+}

176

+

177

+src_install() {

178

+	default

179

+

180

+	if use !gtk ; then

181

+		# lirc-setup requires gtk

182

+		rm "${ED%/}"/usr/bin/lirc-setup || die

183

+	fi

184

+

185

+	newinitd "${FILESDIR}"/lircd-0.8.6-r2 lircd

186

+	newinitd "${FILESDIR}"/lircmd-0.9.4a-r2 lircmd

187

+	newconfd "${FILESDIR}"/lircd.conf.4 lircd

188

+	newconfd "${FILESDIR}"/lircmd-0.10.0.conf lircmd

189

+

190

+	insinto /etc/modprobe.d/

191

+	newins "${FILESDIR}"/modprobed.lirc lirc.conf

192

+

193

+	newinitd "${FILESDIR}"/irexec-initd-0.9.4a-r2 irexec

194

+	newconfd "${FILESDIR}"/irexec-confd irexec

195

+

196

+	keepdir /etc/lirc

197

+	if [[ -e "${ED%/}"/etc/lirc/lircd.conf ]]; then

198

+		newdoc "${ED%/}"/etc/lirc/lircd.conf lircd.conf.example

199

+	fi

200

+

201

+	find "${ED}" -name '*.la' -delete || die

202

+

203

+	# Avoid QA notice

204

+	rm -d "${ED%/}"/var/run/lirc || die

205

+	rm -d "${ED%/}"/var/run || die

206

+}

207

+

208

+pkg_preinst() {

209

+	local dir="${EROOT%/}/etc/modprobe.d"

210

+	if [[ -a "${dir}"/lirc && ! -a "${dir}"/lirc.conf ]]; then

211

+		elog "Renaming ${dir}/lirc to lirc.conf"

212

+		mv -f "${dir}/lirc" "${dir}/lirc.conf" || die

213

+	fi

214

+

215

+	# copy the first file that can be found

216

+	if [[ -f "${EROOT%/}"/etc/lirc/lircd.conf ]]; then

217

+		cp "${EROOT%/}"/etc/lirc/lircd.conf "${T}"/lircd.conf || die

218

+	elif [[ -f "${EROOT%/}"/etc/lircd.conf ]]; then

219

+		cp "${EROOT%/}"/etc/lircd.conf "${T}"/lircd.conf || die

220

+		MOVE_OLD_LIRCD_CONF=1

221

+	elif [[ -f "${ED%/}"/etc/lirc/lircd.conf ]]; then

222

+		cp "${ED%/}"/etc/lirc/lircd.conf "${T}"/lircd.conf || die

223

+	fi

224

+

225

+	# stop portage from touching the config file

226

+	if [[ -e "${ED%/}"/etc/lirc/lircd.conf ]]; then

227

+		rm -f "${ED%/}"/etc/lirc/lircd.conf || die

228

+	fi

229

+}

230

+

231

+pkg_postinst() {

232

+	# copy config file to new location

233

+	# without portage knowing about it

234

+	# so it will not delete it on unmerge or ever touch it again

235

+	if [[ -e "${T}"/lircd.conf ]]; then

236

+		cp "${T}"/lircd.conf "${EROOT%/}"/etc/lirc/lircd.conf || die

237

+		if [[ "$MOVE_OLD_LIRCD_CONF" = "1" ]]; then

238

+			elog "Moved /etc/lircd.conf to /etc/lirc/lircd.conf"

239

+			rm -f "${EROOT%/}"/etc/lircd.conf || die

240

+		fi

241

+	fi

242

+

243

+	einfo "The new default location for lircd.conf is inside of"

244

+	einfo "${EROOT%/}/etc/lirc/ directory"

245

+}

1	commit: 004c4079cde46b2a793a4bb7b02d1d939e59aff4
2	Author: Craig Andrews <candrews <AT> gentoo <DOT> org>
3	AuthorDate: Sat May 11 16:11:28 2019 +0000
4	Commit: Craig Andrews <candrews <AT> gentoo <DOT> org>
5	CommitDate: Sat May 11 16:16:51 2019 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=004c4079
7
8	app-misc/lirc: Use pyyaml safe_load instead of load
9
10	See upstream report at
11	https://sourceforge.net/p/lirc/git/merge-requests/39/
12
13	Bug: https://bugs.gentoo.org/682922
14	Package-Manager: Portage-2.3.66, Repoman-2.3.12
15	Signed-off-by: Craig Andrews <candrews <AT> gentoo.org>
16
17	app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch \| 52 +++++++
18	app-misc/lirc/lirc-0.10.1-r1.ebuild \| 160 ++++++++++++++++++++++
19	2 files changed, 212 insertions(+)
20
21	diff --git a/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch b/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch
22	new file mode 100644
23	index 00000000000..7758ebb6e89
24	--- /dev/null
25	+++ b/app-misc/lirc/files/lirc-0.10.1-unsafe-load.patch
26	@@ -0,0 +1,52 @@
27	+https://sourceforge.net/p/lirc/git/merge-requests/39/
28	+
29	+commit 8fab503abb3fdababb1875fdc2373afe8534770e
30	+Author: Craig Andrews <candrews@××××××××××××.com>
31	+Date: Sat May 11 11:39:44 2019 -0400
32	+
33	+ Use pyyaml safe_load instead of load
34	+
35	+ Using load on untrusted user input could lead to arbitrary code execution.
36	+ Therefore, upstream has disabled load, requiring the use of either
37	+ safe_load or full_load
38	+ See https://github.com/yaml/pyyaml/issues/265
39	+
40	+diff --git a/python-pkg/lirc/database.py b/python-pkg/lirc/database.py
41	+index d464c2ab..bd567181 100644
42	+--- a/python-pkg/lirc/database.py
43	++++ b/python-pkg/lirc/database.py
44	+@@ -66,7 +66,7 @@ def _load_kerneldrivers(configdir):
45	+ '''
46	+
47	+ with open(os.path.join(configdir, "kernel-drivers.yaml")) as f:
48	+- cf = yaml.load(f.read())
49	++ cf = yaml.safe_load(f.read())
50	+ drivers = cf['drivers'].copy()
51	+ for driver in cf['drivers']:
52	+ if driver == 'default':
53	+@@ -132,14 +132,14 @@ class Database(object):
54	+ yamlpath = configdir
55	+ db = {}
56	+ with open(os.path.join(yamlpath, "confs_by_driver.yaml")) as f:
57	+- cf = yaml.load(f.read())
58	++ cf = yaml.safe_load(f.read())
59	+ db['lircd_by_driver'] = cf['lircd_by_driver'].copy()
60	+ db['lircmd_by_driver'] = cf['lircmd_by_driver'].copy()
61	+
62	+ db['kernel-drivers'] = _load_kerneldrivers(configdir)
63	+ db['drivers'] = db['kernel-drivers'].copy()
64	+ with open(os.path.join(yamlpath, "drivers.yaml")) as f:
65	+- cf = yaml.load(f.read())
66	++ cf = yaml.safe_load(f.read())
67	+ db['drivers'].update(cf['drivers'].copy())
68	+ for key, d in db['drivers'].items():
69	+ d['id'] = key
70	+@@ -158,7 +158,7 @@ class Database(object):
71	+ configs = {}
72	+ for path in glob.glob(configdir + '/*.conf'):
73	+ with open(path) as f:
74	+- cf = yaml.load(f.read())
75	++ cf = yaml.safe_load(f.read())
76	+ configs[cf['config']['id']] = cf['config']
77	+ db['configs'] = configs
78	+ self.db = db
79
80	diff --git a/app-misc/lirc/lirc-0.10.1-r1.ebuild b/app-misc/lirc/lirc-0.10.1-r1.ebuild
81	new file mode 100644
82	index 00000000000..b3bd462cb51
83	--- /dev/null
84	+++ b/app-misc/lirc/lirc-0.10.1-r1.ebuild
85	@@ -0,0 +1,160 @@
86	+# Copyright 1999-2019 Gentoo Authors
87	+# Distributed under the terms of the GNU General Public License v2
88	+
89	+EAPI=7
90	+
91	+PYTHON_COMPAT=( python3_{5,6,7} )
92	+
93	+inherit eutils flag-o-matic linux-info python-single-r1 systemd xdg-utils
94	+
95	+DESCRIPTION="decode and send infra-red signals of many commonly used remote controls"
96	+HOMEPAGE="http://www.lirc.org/"
97	+
98	+LIRC_DRIVER_DEVICE="/dev/lirc0"
99	+
100	+MY_P=${PN}-${PV/_/-}
101	+
102	+if [[ "${PV/_pre/}" = "${PV}" ]]; then
103	+ SRC_URI="mirror://sourceforge/lirc/${MY_P}.tar.bz2"
104	+else
105	+ SRC_URI="http://www.lirc.org/software/snapshots/${MY_P}.tar.bz2"
106	+fi
107	+
108	+LICENSE="GPL-2+"
109	+SLOT="0"
110	+KEYWORDS="~amd64 ~arm64 ~ppc ~ppc64 ~x86"
111	+IUSE="audio +devinput doc ftdi gtk inputlirc static-libs systemd +uinput usb X"
112	+
113	+REQUIRED_USE="
114	+ ${PYTHON_REQUIRED_USE}
115	+ gtk? ( X )
116	+"
117	+
118	+S="${WORKDIR}/${MY_P}"
119	+
120	+COMMON_DEPEND="
121	+ ${PYTHON_DEPS}
122	+ audio? (
123	+ >media-libs/portaudio-18
124	+ media-libs/alsa-lib
125	+ )
126	+ dev-python/pyyaml[${PYTHON_USEDEP}]
127	+ ftdi? ( dev-embedded/libftdi:0 )
128	+ systemd? ( sys-apps/systemd )
129	+ usb? ( virtual/libusb:0 )
130	+ X? (
131	+ x11-libs/libICE
132	+ x11-libs/libSM
133	+ x11-libs/libX11
134	+ )
135	+"
136	+
137	+DEPEND="
138	+ ${COMMON_DEPEND}
139	+ dev-libs/libxslt
140	+ dev-python/setuptools[${PYTHON_USEDEP}]
141	+ doc? ( app-doc/doxygen )
142	+ sys-apps/kmod
143	+ sys-kernel/linux-headers
144	+"
145	+
146	+RDEPEND="
147	+ ${COMMON_DEPEND}
148	+ gtk? (
149	+ x11-libs/vte[introspection]
150	+ dev-python/pygobject[${PYTHON_USEDEP}]
151	+ )
152	+ inputlirc? ( app-misc/inputlircd )
153	+"
154	+
155	+PATCHES=(
156	+ "${FILESDIR}/${P}-unsafe-load.patch"
157	+)
158	+
159	+MAKEOPTS+=" -j1"
160	+
161	+pkg_setup() {
162	+ use uinput && CONFIG_CHECK="~INPUT_UINPUT"
163	+ python-single-r1_pkg_setup
164	+ linux-info_pkg_setup
165	+}
166	+
167	+src_configure() {
168	+ xdg_environment_reset
169	+ econf \
170	+ --localstatedir="${EPREFIX}/var" \
171	+ $(use_enable static-libs static) \
172	+ $(use_enable devinput) \
173	+ $(use_enable uinput) \
174	+ $(use_with X x)
175	+}
176	+
177	+src_install() {
178	+ default
179	+
180	+ if use !gtk ; then
181	+ # lirc-setup requires gtk
182	+ rm "${ED%/}"/usr/bin/lirc-setup \|\| die
183	+ fi
184	+
185	+ newinitd "${FILESDIR}"/lircd-0.8.6-r2 lircd
186	+ newinitd "${FILESDIR}"/lircmd-0.9.4a-r2 lircmd
187	+ newconfd "${FILESDIR}"/lircd.conf.4 lircd
188	+ newconfd "${FILESDIR}"/lircmd-0.10.0.conf lircmd
189	+
190	+ insinto /etc/modprobe.d/
191	+ newins "${FILESDIR}"/modprobed.lirc lirc.conf
192	+
193	+ newinitd "${FILESDIR}"/irexec-initd-0.9.4a-r2 irexec
194	+ newconfd "${FILESDIR}"/irexec-confd irexec
195	+
196	+ keepdir /etc/lirc
197	+ if [[ -e "${ED%/}"/etc/lirc/lircd.conf ]]; then
198	+ newdoc "${ED%/}"/etc/lirc/lircd.conf lircd.conf.example
199	+ fi
200	+
201	+ find "${ED}" -name '*.la' -delete \|\| die
202	+
203	+ # Avoid QA notice
204	+ rm -d "${ED%/}"/var/run/lirc \|\| die
205	+ rm -d "${ED%/}"/var/run \|\| die
206	+}
207	+
208	+pkg_preinst() {
209	+ local dir="${EROOT%/}/etc/modprobe.d"
210	+ if [[ -a "${dir}"/lirc && ! -a "${dir}"/lirc.conf ]]; then
211	+ elog "Renaming ${dir}/lirc to lirc.conf"
212	+ mv -f "${dir}/lirc" "${dir}/lirc.conf" \|\| die
213	+ fi
214	+
215	+ # copy the first file that can be found
216	+ if [[ -f "${EROOT%/}"/etc/lirc/lircd.conf ]]; then
217	+ cp "${EROOT%/}"/etc/lirc/lircd.conf "${T}"/lircd.conf \|\| die
218	+ elif [[ -f "${EROOT%/}"/etc/lircd.conf ]]; then
219	+ cp "${EROOT%/}"/etc/lircd.conf "${T}"/lircd.conf \|\| die
220	+ MOVE_OLD_LIRCD_CONF=1
221	+ elif [[ -f "${ED%/}"/etc/lirc/lircd.conf ]]; then
222	+ cp "${ED%/}"/etc/lirc/lircd.conf "${T}"/lircd.conf \|\| die
223	+ fi
224	+
225	+ # stop portage from touching the config file
226	+ if [[ -e "${ED%/}"/etc/lirc/lircd.conf ]]; then
227	+ rm -f "${ED%/}"/etc/lirc/lircd.conf \|\| die
228	+ fi
229	+}
230	+
231	+pkg_postinst() {
232	+ # copy config file to new location
233	+ # without portage knowing about it
234	+ # so it will not delete it on unmerge or ever touch it again
235	+ if [[ -e "${T}"/lircd.conf ]]; then
236	+ cp "${T}"/lircd.conf "${EROOT%/}"/etc/lirc/lircd.conf \|\| die
237	+ if [[ "$MOVE_OLD_LIRCD_CONF" = "1" ]]; then
238	+ elog "Moved /etc/lircd.conf to /etc/lirc/lircd.conf"
239	+ rm -f "${EROOT%/}"/etc/lircd.conf \|\| die
240	+ fi
241	+ fi
242	+
243	+ einfo "The new default location for lircd.conf is inside of"
244	+ einfo "${EROOT%/}/etc/lirc/ directory"
245	+}

Gentoo Archives: gentoo-commits