diff options
author | Zorry <zorry.at.ume.nu> | 2009-05-19 01:02:57 +0200 |
---|---|---|
committer | Zorry <zorry.at.ume.nu> | 2009-05-19 01:02:57 +0200 |
commit | 16055014cc7141bb7377f7bbcae8b9b8988746a9 (patch) | |
tree | a0268a0eac379c46ac1e3b299324ecaa4fc7cc04 | |
parent | Updated glibc 2.10 with new patches (diff) | |
download | hardened-dev-16055014cc7141bb7377f7bbcae8b9b8988746a9.tar.gz hardened-dev-16055014cc7141bb7377f7bbcae8b9b8988746a9.tar.bz2 hardened-dev-16055014cc7141bb7377f7bbcae8b9b8988746a9.zip |
Updated glibc 2.10 with new Manifest
-rw-r--r-- | eclass/hardened-funcs.eclass~ | 812 | ||||
-rw-r--r-- | sys-libs/glibc/.directory | 3 | ||||
-rw-r--r-- | sys-libs/glibc/Manifest | 39 | ||||
-rw-r--r-- | sys-libs/glibc/files/.directory | 3 | ||||
-rw-r--r-- | sys-libs/glibc/files/2.10/.directory | 3 |
5 files changed, 39 insertions, 821 deletions
diff --git a/eclass/hardened-funcs.eclass~ b/eclass/hardened-funcs.eclass~ deleted file mode 100644 index 8f428843..00000000 --- a/eclass/hardened-funcs.eclass~ +++ /dev/null @@ -1,812 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/hardened-funcs.eclass,v 1.001 2009/03/23 21:38:00 zorry Exp $ -# -# Maintainer: Hardened Ninjas <hardened@gentoo.org> - -inherit eutils toolchain-funcs -___ECLASS_RECUR_HARDENED_FUNCS="yes" -[[ -z ${___ECLASS_RECUR_FLAG_O_MATIC} ]] && inherit flag-o-matic - -# Stuff for flag-o-matic.eclass -# Internal function for _filter-hardened -# _manage_hardened <flag being filtered> <cflag to use> -_manage-hardened() { - [[ -z $1 ]] && die "Internal hardened-funcs error - please report" - if test-flags "$1" > /dev/null ; then - elog "Hardened compiler will filter some flags" - _raw_append_flag $1 - else - die "Compiler do not support $1" - fi -} - -# inverted filters for hardened compiler. This is trying to unpick -# the hardened compiler defaults. -_filter-hardened() { - local f - for f in "$@" ; do - case "$f" in - # Ideally we should only concern ourselves with PIE flags, - # not -fPIC or -fpic, but too many places filter -fPIC without - # thinking about -fPIE. - -fPIC|-fpic|-fPIE|-fpie|-Wl,pie|-pie) - gcc-specs-pie && _manage-hardened -nopie ;; - -fstack-protector) - gcc-specs-ssp && _manage-hardened -fno-stack-protector ;; - -fstack-protector-all) - gcc-specs-ssp-to-all && _manage-hardened -fno-stack-protector-all ;; - -D_FORTIFY_SOURCE=2|-D_FORTIFY_SOURCE=1|-D_FORTIFY_SOURCE=0) - gcc-specs-fortify && _manage-hardened -U_FORTIFY_SOURCE ;; - -fno-strict-overflow) - gcc-specs-nostrict && _manage-hardened -fstrict-overflow ;; - esac - done -} -# Special case: -fno-stack-protector-all needs special management -# on hardened gcc-4. -_append-flag() { - [[ -z "$1" ]] && return 0 - case "$1" in - -fno-stack-protector-all) - gcc-specs-ssp-to-all || continue - _manage-hardened -fno-stack-protector-all ;; - *) - _raw_append_flag "$1" - esac -} -# stuff for toolchain.eclass -get_gcc_src_uri_hardened() { -# PIE_VER -# PIE_GCC_VER -# obsoleted: PIE_CORE -# These variables control patching in various updates for the logic -# controlling Position Independant Executables. PIE_VER is expected -# to be the version of this patch, PIE_GCC_VER the gcc version of -# the patch, and PIE_CORE (obsoleted) the actual filename of the patch. -# An example: -# PIE_VER="8.7.6.5" -# PIE_GCC_VER="3.4.0" -# The resulting filename of this tarball will be: -# gcc-${PIE_GCC_VER:-${GCC_RELEASE_VER}}-piepatches-v${PIE_VER}.tar.bz2 -# old syntax (do not define PIE_CORE anymore): -# PIE_CORE="gcc-3.4.0-piepatches-v${PIE_VER}.tar.bz2" -# -# SPECS_VER -# SPECS_GCC_VER -# This is for the minispecs files hardened gcc 4 -# -# PP_VER -# PP_GCC_VER -# obsoleted: PP_FVER -# These variables control patching in stack smashing protection -# support. They both control the version of ProPolice to download. -# -# PP_VER / PP_GCC_VER -# Used to roll our own custom tarballs of ssp. -# PP_FVER / PP_VER -# Used for mirroring ssp straight from IBM. -# PP_VER sets the version of the directory in which to find the -# patch, and PP_FVER sets the version of the patch itself. For -# example: -# PP_VER="3_4" -# PP_FVER="${PP_VER//_/.}-2" -# would download gcc3_4/protector-3.4-2.tar.gz - - export PIE_GCC_VER=${PIE_GCC_VER:-${GCC_RELEASE_VER}} - export PP_GCC_VER=${PP_GCC_VER:-${GCC_RELEASE_VER}} - export SPECS_GCC_VER=${SPECS_GCC_VER:-${GCC_RELEASE_VER}} - - [[ -n ${PIE_VER} ]] && \ - PIE_CORE=${PIE_CORE:-gcc-${PIE_GCC_VER}-piepatches-v${PIE_VER}.tar.bz2} - - # propolice aka stack smashing protection - if [[ -n ${PP_VER} ]] ; then - if [[ -n ${PP_FVER} ]] ; then - GCC_SRC_URI="${GCC_SRC_URI} - !nossp? ( - http://www.research.ibm.com/trl/projects/security/ssp/gcc${PP_VER}/protector-${PP_FVER}.tar.gz - $(gentoo_urls protector-${PP_FVER}.tar.gz) - )" - else - GCC_SRC_URI="${GCC_SRC_URI} $(gentoo_urls gcc-${PP_GCC_VER}-ssp-${PP_VER}.tar.bz2)" - fi - fi - - # strawberry pie, Cappuccino and a Gauloises (it's a good thing) - [[ -n ${PIE_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} !nopie? ( $(gentoo_urls ${PIE_CORE}) - http://weaver.gentooenterprise.com/hardened/patches/gcc-${PIE_GCC_VER}-piepatches-v${PIE_VER}.tar.bz2 - )" - # espf patch for gcc >4.3.3 compiler - [[ -n ${ESPF_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} ( $(gentoo_urls gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2) - http://weaver.gentooenterprise.com/hardened/patches/gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2 - )" - # gcc minispec for the hardened gcc 4 compiler - [[ -n ${SPECS_VER} ]] && \ - GCC_SRC_URI="${GCC_SRC_URI} !nopie? ( $(gentoo_urls gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2) - http://weaver.gentooenterprise.com/hardened/patches/gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2 - )" -} -# The gentoo pie,ssp and fortify patches allow for 4 configurations: -# 1) PIE+SSP by default -# 2) PIE by default -# 3) SSP by default -# 4) PIE+SSP+FORTIFY by default on gcc 4 -hardened_gcc_works() { - if [[ $1 == "pie" ]] ; then - # $gcc_cv_ld_pie is unreliable as it simply take the output of - # `ld --help | grep -- -pie`, that reports the option in all cases, also if - # the loader doesn't actually load the resulting executables. - # To avoid breakage, blacklist FreeBSD here at least - [[ ${CTARGET} == *-freebsd* ]] && return 1 - - want_pie || return 1 - hardened_gcc_is_stable pie && return 0 - if tc_version_is_at_least 4.3.2 ; then - ewarn "PIE is not supported on this arch $(tc-arch)" - else - if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then - hardened_gcc_check_unsupported pie && return 1 - ewarn "Allowing pie-by-default for an unstable arch ($(tc-arch))" - return 0 - fi - fi - return 1 - elif [[ $1 == "ssp" ]] ; then - want_ssp || return 1 - hardened_gcc_is_stable ssp && return 0 - if tc_version_is_at_least 4.3.2 ; then - ewarn "SSP is not supported on this arch $(tc-arch)" - return 1 - else - if has ~$(tc-arch) ${ACCEPT_KEYWORDS} ; then - hardened_gcc_check_unsupported ssp && return 1 - ewarn "Allowing ssp-by-default for an unstable arch ($(tc-arch))" - return 0 - fi - fi - return 1 - elif [[ $1 == "fortify" ]] ; then - want_fortify || return 1 - hardened_gcc_is_stable fortify && return 0 - ewarn "Fortify is not supported on this $(tc-arch)" - return 1 - else - # laziness ;) - hardened_gcc_works pie || return 1 - hardened_gcc_works ssp || return 1 - # This is needed for not to mess with gcc 3 and SSP - if tc_version_is_at_least 4.3.2 ; then - hardened_gcc_works fortify || return 1 - fi - return 0 - fi -} - -hardened_gcc_is_stable() { -if tc_version_is_at_least 4.3.2 ; then -# For the new hardened setup in gcc 4.3 ebuild - if [[ $1 == "pie" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] && has ~$(tc-arch) ${PIE_UCLIBC_STABLE} || has ~$(tc-arch) ${PIE_GLIBC_STABLE} ; then - ewarn "Allowing pie-by-default for an untested arch $(tc-arch)" && return 0 - elif [[ ${CTARGET} == *-uclibc* ]] && has $(tc-arch) ${PIE_UCLIBC_STABLE} || has $(tc-arch) ${PIE_GLIBC_STABLE} ; then - return 0 - else - return 1 - fi - elif [[ $1 == "ssp" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] && has ~$(tc-arch) ${SSP_UCLIBC_STABLE} || has ~$(tc-arch) ${SSP_STABLE} ; then - ewarn "Allowing ssp-by-default for an untested arch $(tc-arch)" && return 0 - elif [[ ${CTARGET} == *-uclibc* ]] && has $(tc-arch) ${SSP_UCLIBC_STABLE} || has $(tc-arch) ${SSP_STABLE} ; then - return 0 - else - return 1 - fi - elif [[ $1 == "fortify" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] && has ~$(tc-arch) ${FORTIFY_UCLIBC_STABLE} || has ~$(tc-arch) ${FORTIFY_STABLE} ; then - ewarn "Allowing fortify-by-default for an untested arch $(tc-arch)" && return 0 - elif [[ ${CTARGET} == *-uclibc* ]] && has $(tc-arch) ${FORTIFY_UCLIBC_STABLE} || has $(tc-arch) ${FORTIFY_STABLE} ; then - return 0 - else - return 1 - fi - else - die "hardened_gcc_stable needs to be called with pie, ssp or fortify" - fi -# For the old hardened gcc 3.4 ebuild -else - if [[ $1 == "pie" ]] ; then - # HARDENED_* variables are deprecated and here for compatibility - local tocheck="${HARDENED_PIE_WORKS} ${HARDENED_GCC_WORKS}" - if [[ ${CTARGET} == *-uclibc* ]] ; then - tocheck="${tocheck} ${PIE_UCLIBC_STABLE}" - else - tocheck="${tocheck} ${PIE_GLIBC_STABLE}" - fi - elif [[ $1 == "ssp" ]] ; then - # ditto - local tocheck="${HARDENED_SSP_WORKS} ${HARDENED_GCC_WORKS}" - if [[ ${CTARGET} == *-uclibc* ]] ; then - tocheck="${tocheck} ${SSP_UCLIBC_STABLE}" - else - tocheck="${tocheck} ${SSP_STABLE}" - fi - else - die "hardened_gcc_stable needs to be called with pie or ssp" - fi - hasq $(tc-arch) ${tocheck} && return 0 -fi - return 1 -} -espf_gcc_is_stable() { - if [[ ${CTARGET} == *-uclibc* ]] && has ~$(tc-arch) ${ETSPF_UCLIBC_STABLE} || has ~$(tc-arch) ${ESPF_GLIBC_STABLE} ; then - ewarn "Allowing espf as default for an untested arch $(tc-arch)" && return 0 - elif [[ ${CTARGET} == *-uclibc* ]] && has $(tc-arch) ${ESPF_UCLIBC_STABLE} || has $(tc-arch) ${ESPF_GLIBC_STABLE} ; then - return 0 - else - return 1 - fi -} -# For the old hardened gcc 3.4 ebuild -hardened_gcc_check_unsupported() { - local tocheck="" - # if a variable is unset, we assume that all archs are unsupported. since - # this function is never called if hardened_gcc_is_stable returns true, - # this shouldn't cause problems... however, allowing this logic to work - # even with the variables unset will break older ebuilds that dont use them. - if [[ $1 == "pie" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] ; then - [[ -z ${PIE_UCLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${PIE_UCLIBC_UNSUPPORTED}" - else - [[ -z ${PIE_GLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${PIE_GLIBC_UNSUPPORTED}" - fi - elif [[ $1 == "ssp" ]] ; then - if [[ ${CTARGET} == *-uclibc* ]] ; then - [[ -z ${SSP_UCLIBC_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${SSP_UCLIBC_UNSUPPORTED}" - else - [[ -z ${SSP_UNSUPPORTED} ]] && return 0 - tocheck="${tocheck} ${SSP_UNSUPPORTED}" - fi - else - die "hardened_gcc_check_unsupported needs to be called with pie or ssp" - fi - - hasq $(tc-arch) ${tocheck} && return 0 - return 1 -} -check_hardened_compiler_vanilla() { - # This situation is when we trying to build a non-hardened compiler with a - # hardened compiler. - if gcc-specs-pie || gcc-specs-ssp || gcc-specs-fortify && ! use hardened ; then - eerror "You have requested a non-hardened compiler, but you are using a hardened" - eerror "compiler to do so, which is inadvisable. If you really want to build a" - eerror "non-hardened compiler, switch to the vanilla compiler with gcc-config" - eerror "first." - die "You must build non-hardened compilers with vanilla-spec compilers." - fi -} -has_libssp() { - [[ -e /$(get_libdir)/libssp.so ]] && return 0 - return 1 -} - -want_libssp() { - [[ ${GCC_LIBSSP_SUPPORT} == "true" ]] || return 1 - has_libssp || return 1 - [[ -n ${PP_VER} ]] || return 1 - return 0 -} -# gcc 4.1 and above have native ssp support but we have started with 4.3.2 for hardened -gcc_has_native_ssp() { - tc_version_is_at_least 4.3.2 && use hardened || return 1 - [[ -z ${PP_VER} ]] && [[ -n ${SPECS_VER} ]] && [[ -z ${ESPF_VER} ]] && use !nossp && return 0 || return 1 -} -_want_stuff() { - local var=$1 flag=$2 - [[ -z ${!var} ]] && return 1 - use ${flag} && return 0 - return 1 -} -want_ssp() { - if tc_version_is_at_least 4.3.2 && use hardened ; then - gcc_has_native_ssp || _want_stuff PP_VER !nossp && return 0 - return 1 - else - _want_stuff PP_VER !nossp && return 0 || return 1 - fi -} -want_pie() { _want_stuff PIE_VER !nopie ; } -want_boundschecking() { _want_stuff HTB_VER boundschecking ; } -want_split_specs() { [[ ${SPLIT_SPECS} == "true" ]] && want_pie ; } -# Only supported on hardened gcc 4.3 and newer -want_fortify() { use hardened && libc_has_fortify && tc_version_is_at_least 4.2 && [[ -n ${SPECS_VER} ]] ; } -want_minispecs() { - if tc_version_is_at_least 4.3.2 && use hardened ; then - [[ -n ${SPECS_VER} ]] && want_pie && return 0 - [[ -n ${ESPF_VER} ]] && [[ -n ${SPECS_VER} ]] && return 1 - die "For Hardend to work you need the minispecs files and have the PIE patch" - fi - return 1 -} -want_espf() { - if tc_version_is_at_least 4.3.3 && use hardened ; then - [[ -n ${ESPF_VER} ]] && [[ -n ${SPECS_VER} ]] && return 0 - [[ -n ${SPECS_VER} ]] && want_pie && return 1 - die "For Hardend to work you need the specs files and have the espf patch" - fi - return 1 -} - -# This function checks whether or not glibc has the support required to build -# Position Independant Executables with gcc. -glibc_have_pie() { - if [[ ! -f ${ROOT}/usr/$(get_libdir)/Scrt1.o ]] ; then - echo - ewarn "Your glibc does not have support for pie, the file Scrt1.o is missing" - ewarn "Please update your glibc to a proper version or disable hardened" - echo - return 1 - fi -} -# This function determines whether or not libc has been patched with stack -# smashing protection support. -libc_has_ssp() { - [[ ${ROOT} != "/" ]] && return 0 - - # lib hacks taken from sandbox configure - echo 'int main(){}' > "${T}"/libctest.c - LC_ALL=C gcc "${T}"/libctest.c -lc -o libctest -Wl,-verbose &> "${T}"/libctest.log || return 1 - local libc_file=$(awk '/attempt to open/ { if (($4 ~ /\/libc\.so/) && ($5 == "succeeded")) LIBC = $4; }; END {print LIBC}' "${T}"/libctest.log) - - [[ -z ${libc_file} ]] && die "Unable to find a libc !?" - - # Check for gcc-4.x style ssp support - if [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__stack_chk_fail') ]] - then - return 0 - else - # Check for gcc-3.x style ssp support - if [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'OBJECT.*GLOBAL.*__guard') ]] && \ - [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__stack_smash_handler') ]] - then - return 0 - elif is_crosscompile ; then - die "'${libc_file}' was detected w/out ssp, that sucks (a lot)" - else - return 1 - fi - fi -} -# My need to redo this lib check later. -# <zorry[@]ume.nu -libc_has_fortify() { - [[ ${ROOT} != "/" ]] && return 0 - - # lib hacks taken from sandbox configure - echo 'int main(){}' > "${T}"/libctest.c - LC_ALL=C gcc "${T}"/libctest.c -lc -o libctest -Wl,-verbose &> "${T}"/libctest.log || return 1 - local libc_file=$(awk '/attempt to open/ { if (($4 ~ /\/libc\.so/) && ($5 == "succeeded")) LIBC = $4; }; END {print LIBC}' "${T}"/libctest.log) - - [[ -z ${libc_file} ]] && die "Unable to find a libc !?" - - # Check for gcc-4.x style fortify support - if [[ -n $(readelf -s "${libc_file}" 2>/dev/null | \ - grep 'FUNC.*GLOBAL.*__fortify_fail') ]] - then - return 0 - fi -} -# Defaults to enable for all hardened toolchains <gcc 4 - gcc_common_hard="-DEFAULT_RELRO -DEFAULT_BIND_NOW" -# Configure to build with the hardened GCC 3 specs as the default -# Don't need it if we have minispec like gcc 4 -make_gcc_hard() { - if hardened_gcc_works ; then - einfo "Updating gcc to use automatic PIE + SSP building ..." - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_PIE_SSP ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - elif hardened_gcc_works pie ; then - einfo "Updating gcc to use automatic PIE building ..." - ewarn "SSP has not been enabled by default" - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_PIE ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - elif hardened_gcc_works ssp ; then - einfo "Updating gcc to use automatic SSP building ..." - ewarn "PIE has not been enabled by default" - sed -e "s|^HARD_CFLAGS = |HARD_CFLAGS = -DEFAULT_SSP ${gcc_common_hard} |" \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - else - # do nothing if hardened isnt supported, but dont die either - ewarn "hardened is not supported for this arch in this gcc version" - ebeep - return 0 - fi - - # Rebrand to make bug reports easier - BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened} -} - -# now we generate different spec files so that the user can select a compiler -# that enforces certain features in gcc itself and so we don't have to worry -# about a certain package ignoring CFLAGS/LDFLAGS -# Not needed if we use minispecs -_create_specs_file() { - # Usage: _create_specs_file <USE flag> <specs name> <CFLAGS> - local uflag=$1 name=$2 flags=${*:3} - ebegin "Creating a ${name} gcc specs file" - pushd "${WORKDIR}"/build/gcc > /dev/null - if [[ -z ${uflag} ]] || use ${uflag} ; then - # backup the compiler first - cp Makefile Makefile.orig - sed -i -e '/^HARD_CFLAGS/s:=.*:='"${flags}"':' Makefile - mv xgcc xgcc.foo - mv gcc.o gcc.o.foo - emake -s xgcc - $(XGCC) -dumpspecs > "${WORKDIR}"/build/${name}.specs - # restore everything to normal - mv gcc.o.foo gcc.o - mv xgcc.foo xgcc - mv Makefile.orig Makefile - else - $(XGCC) -dumpspecs > "${WORKDIR}"/build/${name}.specs - fi - popd > /dev/null - eend $([[ -s ${WORKDIR}/build/${name}.specs ]] ; echo $?) -} -create_vanilla_specs_file() { _create_specs_file hardened vanilla ; } -create_hardened_specs_file() { _create_specs_file !hardened hardened ${gcc_common_hard} -DEFAULT_PIE_SSP ; } -create_hardenednossp_specs_file() { _create_specs_file "" hardenednossp ${gcc_common_hard} -DEFAULT_PIE ; } -create_hardenednopie_specs_file() { _create_specs_file "" hardenednopie ${gcc_common_hard} -DEFAULT_SSP ; } -create_hardenednopiessp_specs_file() { _create_specs_file "" hardenednopiessp ${gcc_common_hard} ; } - -split_out_specs_files() { - local s spec_list="hardenednopiessp vanilla" - if hardened_gcc_works ; then - spec_list="${spec_list} hardened hardenednossp hardenednopie" - elif hardened_gcc_works pie ; then - spec_list="${spec_list} hardenednossp" - elif hardened_gcc_works ssp ; then - spec_list="${spec_list} hardenednopie" - fi - for s in ${spec_list} ; do - create_${s}_specs_file || return 1 - done -} -hardened_compiler_src_unpack_setup() { - # For the old gcc < 3.4 - if ! tc_version_is_at_least 4.3 ; then - # Fail if using pie patches, building hardened, and glibc doesn't have - # the necessary support - want_pie && use hardened && glibc_have_pie - einfo "updating configuration to build GCC gcc-3 style" - make_gcc_hard || die "failed to make gcc hard" - fi - if tc_version_is_at_least 4.3.3 && use hardened ; then - if [[ ${PIE_VER} ]] ; then - glibc_have_pie || die "failed to make gcc hardened" - fi - if [[ ${ESPF_VER} ]] ; then - espf_gcc_is_stable || die "ESPF is not supported on this $(tc-arch) arch." - fi - # Rebrand to make bug reports easier - use hardened && BRANDING_GCC_PKGVERSION=${BRANDING_GCC_PKGVERSION/Gentoo/Gentoo Hardened} - fi -} -hardened_configure() { - # If we want hardened support on newer gcc - if tc_version_is_at_least 4.3.3 && use hardened ; then - [[ ${PIE_VER} ]] && confgcc="${confgcc} --enable-hardened" - [[ ${ESPF_VER} ]] && confgcc="${confgcc} --enable-espf" - else - [[ ${PIE_VER} ]] && confgcc="${confgcc} --disable-hardened" - [[ ${ESPF_VER} ]] && confgcc="${confgcc} --disable-espf" - fi - # If we want libssp support - if want_libssp ; then - confgcc="${confgcc} --enable-libssp" - else - [[ -z ${ESPF_VER} ]] && export gcc_cv_libc_provides_ssp=yes - confgcc="${confgcc} --disable-libssp" - fi -} -setup_minispecs_gcc_build_specs() { - # Setup the "specs" file for gcc to use when building. - if want_minispecs ; then - if hardened_gcc_works pie ; then - cat "${WORKDIR}"/specs/pie.specs >> "${WORKDIR}"/build.specs - fi - if hardened_gcc_works ssp ; then - for s in ssp sspall; do - cat "${WORKDIR}"/specs/${s}.specs >> "${WORKDIR}"/build.specs - done - fi - if hardened_gcc_works fortify ; then - cat "${WORKDIR}"/specs/fortify.specs >> "${WORKDIR}"/build.specs - fi - for s in nostrict znow ; do - cat "${WORKDIR}"/specs/${s}.specs >> "${WORKDIR}"/build.specs - done - export GCC_SPECS="${WORKDIR}"/build.specs - fi -} -setup_split_specs() { - # Do not create multiple specs files for PIE+SSP if boundschecking is in - # USE, as we disable PIE+SSP when it is. - # minispecs wil not need to split out specs. - if [[ ${ETYPE} == "gcc-compiler" ]] && want_split_specs && ! want_minispecs && ! want_espf ; then - split_out_specs_files || die "failed to split out specs" - fi -} -copy_minispecs_gcc_specs() { - # Build system specs file which, if it exists, must be a complete set of - # specs as it completely and unconditionally overrides the builtin specs. - # For gcc 4 - if want_minispecs ; then - $(XGCC) -dumpspecs > "${WORKDIR}"/specs/specs - cat "${WORKDIR}"/build.specs >> "${WORKDIR}"/specs/specs - insinto ${LIBPATH} - doins "${WORKDIR}"/specs/*.specs && doins "${WORKDIR}"/specs/specs || die "failed to install specs" - fi - if want_espf ; then - insinto ${LIBPATH} - doins "${WORKDIR}"/specs/*.specs || die "failed to install specs" - fi -} -create_hardened_gcc_env_entry() { - # For the old gcc 3 and split_specs - if want_split_specs ; then - if use hardened ; then - create_gcc_env_entry vanilla - fi - ! use hardened && hardened_gcc_works && create_gcc_env_entry hardened - if hardened_gcc_works || hardened_gcc_works pie ; then - create_gcc_env_entry hardenednossp - fi - if hardened_gcc_works || hardened_gcc_works ssp ; then - create_gcc_env_entry hardenednopie - fi - create_gcc_env_entry hardenednopiessp - - insinto ${LIBPATH} - doins "${WORKDIR}"/build/*.specs || die "failed to install specs" - - fi - # Setup the gcc_env_entry for hardened gcc 4 with minispecs - if want_minispecs ; then - if hardened_gcc_works pie ; then - create_gcc_env_entry nopie - fi - if hardened_gcc_works ssp ; then - create_gcc_env_entry nossp_all - fi - if hardened_gcc_works fortify ; then - create_gcc_env_entry nofortify - fi - create_gcc_env_entry vanilla - fi - if want_espf ; then - create_gcc_env_entry nopie - create_gcc_env_entry nossp - create_gcc_env_entry nofortify - create_gcc_env_entry vanilla - fi -} -hardened_gcc_quick_unpack() { - export PIE_GCC_VER=${PIE_GCC_VER:-${GCC_RELEASE_VER}} - export PP_GCC_VER=${PP_GCC_VER:-${GCC_RELEASE_VER}} - export SPECS_GCC_VER=${SPECS_GCC_VER:-${GCC_RELEASE_VER}} - export ESPF_GCC_VER=${ESPF_GCC_VER:-${GCC_RELEASE_VER}} - if want_ssp ; then - if [[ -n ${PP_FVER} ]] ; then - # The gcc 3.4 propolice versions are meant to be unpacked to ${S} - pushd "${S}" > /dev/null - unpack protector-${PP_FVER}.tar.gz - popd > /dev/null - fi - if [[ -n ${PP_VER} ]] ; then - unpack gcc-${PP_GCC_VER}-ssp-${PP_VER}.tar.bz2 - fi - fi - - if want_pie ; then - if [[ -n ${PIE_CORE} ]] ; then - unpack ${PIE_CORE} - else - unpack gcc-${PIE_GCC_VER}-piepatches-v${PIE_VER}.tar.bz2 - fi - [[ -n ${SPECS_VER} ]] && \ - unpack gcc-${SPECS_GCC_VER}-specs-${SPECS_VER}.tar.bz2 - fi - if want_espf ; then - unpack gcc-${GCC_RELEASE_VER}-espf-${ESPF_VER}.tar.bz2 - unpack gcc-${GCC_RELEASE_VER}-specs-${SPECS_VER}.tar.bz2 - fi -} -# Try to apply some stub patches so that gcc won't error out when -# passed parameters like -fstack-protector but no ssp is found -do_gcc_stub() { - local v stub_patch="" - for v in ${GCC_RELEASE_VER} ${GCC_BRANCH_VER} ; do - stub_patch=${GCC_FILESDIR}/stubs/gcc-${v}-$1-stub.patch - if [[ -e ${stub_patch} ]] && ! use vanilla ; then - EPATCH_SINGLE_MSG="Applying stub patch for $1 ..." \ - epatch "${stub_patch}" - return 0 - fi - done -} -# patch in ProPolice Stack Smashing protection -# GCC >4.1 have built in SSP support but may need some patch later. -do_gcc_SSP_patches() { -if ! tc_version_is_at_least 4.3.2 ; then - # PARISC has no love ... it's our stack :( - if [[ $(tc-arch) == "hppa" ]] || \ - ! want_ssp || \ - (want_boundschecking && [[ ${HTB_EXCLUSIVE} == "true" ]]) - then - do_gcc_stub ssp - return 0 - fi - - local ssppatch - local sspdocs - - if [[ -n ${PP_FVER} ]] ; then - # Etoh keeps changing where files are and what the patch is named - if tc_version_is_at_least 3.4.1 ; then - # >3.4.1 uses version in patch name, and also includes docs - ssppatch="${S}/gcc_${PP_VER}.dif" - sspdocs="yes" - elif tc_version_is_at_least 3.4.0 ; then - # >3.4 put files where they belong and 3_4 uses old patch name - ssppatch="${S}/protector.dif" - sspdocs="no" - elif tc_version_is_at_least 3.2.3 ; then - # earlier versions have no directory structure or docs - mv "${S}"/protector.{c,h} "${S}"/gcc - ssppatch="${S}/protector.dif" - sspdocs="no" - fi - else - # Just start packaging the damn thing ourselves - mv "${WORKDIR}"/ssp/protector.{c,h} "${S}"/gcc/ - ssppatch=${WORKDIR}/ssp/gcc-${PP_GCC_VER}-ssp.patch - # allow boundschecking and ssp to get along - (want_boundschecking && [[ -e ${WORKDIR}/ssp/htb-ssp.patch ]]) \ - && patch -s "${ssppatch}" "${WORKDIR}"/ssp/htb-ssp.patch - fi - - [[ -z ${ssppatch} ]] && die "Sorry, SSP is not supported in this version" - epatch ${ssppatch} - - if [[ ${PN} == "gcc" && ${sspdocs} == "no" ]] ; then - epatch "${GCC_FILESDIR}"/pro-police-docs.patch - fi - - # Don't build crtbegin/end with ssp - sed -e 's|^CRTSTUFF_CFLAGS = |CRTSTUFF_CFLAGS = -fno-stack-protector |'\ - -i gcc/Makefile.in || die "Failed to update crtstuff!" - - # if gcc in a stage3 defaults to ssp, is version 3.4.0 and a stage1 is built - # the build fails building timevar.o w/: - # cc1: stack smashing attack in function ix86_split_to_parts() - if use build && tc_version_is_at_least 3.4.0 ; then - if gcc -dumpspecs | grep -q "fno-stack-protector:" ; then - epatch "${GCC_FILESDIR}"/3.4.0/gcc-3.4.0-cc1-no-stack-protector.patch - fi - fi - - if want_libssp ; then - update_gcc_for_libssp - else - update_gcc_for_libc_ssp - fi - - # Don't build libgcc with ssp - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -fno-stack-protector|' \ - -i gcc/Makefile.in || die "Failed to update gcc!" -else - if [[ -n ${PP_VER} ]] ; then - guess_patch_type_in_dir "${WORKDIR}"/ssp - EPATCH_MULTI_MSG="Applying ssp patches ..." \ - epatch "${WORKDIR}"/ssp - fi -fi - if ! want_espf ; then - gcc_has_native_ssp && BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, ssp" - [[ -n ${PP_VER} ]] || [[ -n ${PP_FVER} ]] && BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, ssp-${PP_FVER:-${PP_GCC_VER}-${PP_VER}}" - fi -} -# If glibc or uclibc has been patched to provide the necessary symbols itself, -# then lets use those for SSP instead of libgcc. -update_gcc_for_libc_ssp() { - if libc_has_ssp ; then - einfo "Updating gcc to use SSP from libc ..." - sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -D_LIBC_PROVIDES_SSP_|' \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" - fi -} -# a split out non-libc non-libgcc ssp requires additional spec logic changes -update_gcc_for_libssp() { - einfo "Updating gcc to use SSP from libssp..." - sed -e 's|^\(INTERNAL_CFLAGS.*\)$|\1 -D_LIBSSP_PROVIDES_SSP_|' \ - -i "${S}"/gcc/Makefile.in || die "Failed to update gcc!" -} -# do various updates to FORTIFY -do_gcc_FORTIFY_patches() { - if ! want_espf ; then - if hardened_gcc_works fortify ; then - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, fortify" - fi - fi -} -# do various updates to PIE logic -do_gcc_PIE_patches() { - if ! want_pie || \ - (want_boundschecking && [[ ${HTB_EXCLUSIVE} == "true" ]]) - then - return 0 - fi - - want_boundschecking \ - && rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-no.patch* \ - || rm -f "${WORKDIR}"/piepatch/*/*-boundschecking-yes.patch* - - use vanilla && rm -f "${WORKDIR}"/piepatch/*/*uclibc* - - if tc_version_is_at_least 4.3.2 ; then - guess_patch_type_in_dir "${WORKDIR}"/piepatch - EPATCH_MULTI_MSG="Applying pie patches ..." \ - epatch "${WORKDIR}"/piepatch - else - - guess_patch_type_in_dir "${WORKDIR}"/piepatch/upstream - - # corrects startfile/endfile selection and shared/static/pie flag usage - EPATCH_MULTI_MSG="Applying upstream pie patches ..." \ - epatch "${WORKDIR}"/piepatch/upstream - # adds non-default pie support (rs6000) - EPATCH_MULTI_MSG="Applying non-default pie patches ..." \ - epatch "${WORKDIR}"/piepatch/nondef - # adds default pie support (rs6000 too) if DEFAULT_PIE[_SSP] is defined - EPATCH_MULTI_MSG="Applying default pie patches ..." \ - epatch "${WORKDIR}"/piepatch/def - - # we want to be able to control the pie patch logic via something other - # than ALL_CFLAGS... - # Don't need it if we have minispec like gcc 4 - sed -e '/^ALL_CFLAGS/iHARD_CFLAGS = ' \ - -e 's|^ALL_CFLAGS = |ALL_CFLAGS = $(HARD_CFLAGS) |' \ - -i "${S}"/gcc/Makefile.in - fi - - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, pie-${PIE_VER}" -} -do_gcc_ESPF_patches() { - if [[ -n ${ESPF_VER} ]] ; then - guess_patch_type_in_dir "${WORKDIR}"/espf-gcc-"${GCC_RELEASE_VER}" - EPATCH_MULTI_MSG="Applying espf patches ..." \ - epatch "${WORKDIR}"/espf-gcc-"${GCC_RELEASE_VER}" - BRANDING_GCC_PKGVERSION="${BRANDING_GCC_PKGVERSION}, espf-${ESPF_VER}" - fi -} -exclude_hardened_gcc_patches() { -# PIEPATCH_EXCLUDE -# List of filenames, relative to ${WORKDIR}/piepatch/ -# Travis Tilley <lv@gentoo.org> (03 Sep 2004) -# - for i in ${PIEPATCH_EXCLUDE} ; do - if [[ -f ${WORKDIR}/piepatch/${i} ]] ; then - einfo "Excluding piepatch ${i}" - rm -f "${WORKDIR}"/piepatch/${i} || die "failed to delete ${i}" - fi - done -} diff --git a/sys-libs/glibc/.directory b/sys-libs/glibc/.directory deleted file mode 100644 index 796a4ed3..00000000 --- a/sys-libs/glibc/.directory +++ /dev/null @@ -1,3 +0,0 @@ -[Dolphin] -Timestamp=2009,5,19,0,51,58 -ViewMode=1 diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest new file mode 100644 index 00000000..d8f60977 --- /dev/null +++ b/sys-libs/glibc/Manifest @@ -0,0 +1,39 @@ +AUX 2.10/glibc-2.10-hardened-configure-picdefault.patch 865 RMD160 744bdbfb73f1dbced4cb33cb5aa92f3b41d3b4fb SHA1 21e0f83598f5342032a794315f0e3dac07f647da SHA256 b50b29f85d88011555bbcbe6046e6600be9344f2d78412b14aebdea515420774 +AUX 2.10/glibc-2.10-hardened-inittls-nosysenter.patch 8823 RMD160 163e53f0f4f0bd003ef1c50a4eaaa8f4a82695fe SHA1 df23c6756114e1451e6f120723af1b621037c28e SHA256 dcf78c6524c222dbee907200a8878aff727e29d43a4962b977a16d85752e5c10 +AUX 2.5/glibc-2.5-hardened-configure-picdefault.patch 794 RMD160 7ab81bac4b9625043b1e7edea6fb5707696c144d SHA1 25a0b018eb44f3c9818876a12e9ec817e305d80b SHA256 0c0359f567e4ad2d3184618bf6ac7e6102b703eab6227c7e9a4ff4dcdeed2c91 +AUX 2.5/glibc-2.5-hardened-pie.patch 1569 RMD160 8746aeb9f9c68ca153d93cf92c9df93d0fb324d6 SHA1 c2ec8d9286af38017f5bee5a8823f642c067201d SHA256 ff9cde8857c5da89faa4039e2a81748674fbeaaa49d85c378d80711d55f2b0c1 +AUX 2.6/glibc-2.6-gentoo-chk_fail.c 9407 RMD160 230701dfacfe2481eb49e5384fe4ebb508bd3af2 SHA1 0e9330d57de714dd1ecd7040d3eabf4723cdee7c SHA256 7745c0f5d37b37959b43b41e39762fc35b877161bc5740d9d3e9a83021acbc0e +AUX 2.6/glibc-2.6-gentoo-stack_chk_fail.c 9545 RMD160 9a21c9deb6ebca5d2245e3bb50b53ce035967a5f SHA1 11ad52117fa55bbe51b429043df49767c7f58de0 SHA256 1410ded812be80d452eada5f9d6b9bd7bdb504c14f01cc27dce3e36b6f92b92a +AUX 2.6/glibc-2.6-hardened-inittls-nosysenter.patch 8674 RMD160 f4e7df0cb25292afc13e18332569d2ca288fdf92 SHA1 7f34ef26d6607321e0ec5ad0f389cb1aedf5e0da SHA256 cf58ded8fbe9fcb3dc094521feec2588c1520ff2c632b20c69d6a210325c4fcf +AUX 2.7/glibc-2.7-hardened-inittls-nosysenter.patch 8755 RMD160 b674894f3b16f63193bb8040f8a5657dce82e1f9 SHA1 79fb3a4454b85af70dac95dd79134be3fe3a9201 SHA256 b0b1bf0746f7160b89cf281502b95c38dec9cb948d6a50a907b84fd6230a2dc3 +AUX eblits/common.eblit 8751 RMD160 7e0b5242366606725ef06e0a496638cafcdac676 SHA1 aa5976529ac4a22d8924fada9fc6e50f2792902f SHA256 f32fd4017acca5f0d9aca12025ee105822030058702507b740212e8434ee36b7 +AUX eblits/pkg_postinst.eblit 1159 RMD160 4b99846819bf0471d1104a8a17dd260796644f9d SHA1 4a2980fede3edebc7960d40db7cf935c7c854859 SHA256 76c403cf5c77a3a3bb7441566335f0c8da2584eaa21f05ab400e7bb00f9db810 +AUX eblits/pkg_preinst.eblit 3285 RMD160 990d7ee7cfa1ba79a19bc6c01c05817ebfc0ee96 SHA1 3ee2fe58fa7ca246311cf5ef23fa1ccbe509cf49 SHA256 8bc7dea37213048787ce0bec61e9abe8adabb547b5385024bf2549d0a036239c +AUX eblits/pkg_setup.eblit 2362 RMD160 8dcc755279f7b1bea6324094d1996ebfcc9976d6 SHA1 e2bd4bcc29a76f9ee03e51a95620219b2fba2d05 SHA256 80d8fd60e3631167c5d61f1f4a32761ccb0f7fc181cdd30ff8483912e4daacfe +AUX eblits/src_compile.eblit 5322 RMD160 b72938a98648c744b7195f3ed62b8d9b76f33ae2 SHA1 81888c8385bd577541a8b4434efca39b57aad5ad SHA256 5a873118d72f7a851c4e87a04585adeb06a356176179a685579e740e4210639d +AUX eblits/src_install-2.6.eblit 7946 RMD160 6cc258a316b78212777ab328a3c0cb73de1616d4 SHA1 94895689b56fd712156e8ac84a2a639d8475da03 SHA256 54081c34217c230d0ff43c5df378897a37576e727fe41ee4d681767110667f3e +AUX eblits/src_install.eblit 7893 RMD160 789a4518bbb0be8a028f331e2673e423d2717a93 SHA1 7288c1bcc7f05e8aa0d4f90d4c63be128a2d225d SHA256 d5f0cb0345c33f66a90d73e7e0264867d9bcf4a137190d6ae4008d63a3b7bd56 +AUX eblits/src_test.eblit 1162 RMD160 349db09c5f2c2e412a108b8c5371adf946e1a3f0 SHA1 357ef650e1dce62d5d688133426bc62b9085009d SHA256 bac1db2da478f6e6709275c36cc1f9a98fac7fcc2e80bd8831f2077207754962 +AUX eblits/src_unpack.eblit 5134 RMD160 fba35312f25e908fa225a7803d0b194e83579d6a SHA1 e6abd0516994a86ca6836872f5acc39c4d2a866d SHA256 1edd30423009f220d98ae39e2d708fd053edfff302bfd9012b8cc4e6d81eca45 +AUX fix-sysctl_h.patch 376 RMD160 b5dd68158224b09ddc42986be02351c74f81e0a0 SHA1 5601fbea6961368bcc192aef78e96ee2c5310713 SHA256 3a589f63fd1f3f6c5a00c66a10943d3d64630aefb1eb5b37e7f2a856fcea234a +AUX glibc-2.2.2-test-lfs-timeout.patch 320 RMD160 c8baab8326b4aebf642dd5ab512fbebf2371e9d9 SHA1 df2a868fba86adba184ae9750e9dee3b2ec300a5 SHA256 28e7ebc92ed93a12daf5357f07537be3daed5f4717a075c77a3ad248ec99dcf0 +AUX glibc-sec-hotfix-20040804.patch 4319 RMD160 6f7f58794273ed0736653a09e823e8ac3031ed29 SHA1 1d86c62d5c52b59881eab006b36e3a9891607887 SHA256 9d950b2f45cfbdae6df590137e4aae938380673449fe4507536557fb4c797393 +AUX glibc-sec-hotfix-20040916.patch 3080 RMD160 3419ab628d16045042f5df9e487386e03c8d979d SHA1 b69cfa5115746f2d38fa301a55d68efe88f7bcff SHA256 9f48a55f4207bdf4a9496680f09661a06d4a4bd11dad11cb0986949c0d3cc35d +AUX locales.build 699 RMD160 2a186105be5b00ec48aedef734e9dba5aee19895 SHA1 02ce7b63d60da7bb4b936969721f78486ffe9788 SHA256 094a5e02148d522be5a5ec2b95fb7305d5503f6d13d1ffa9088e9dad21af1c8a +AUX nscd 1621 RMD160 f6d20c4c3814f70d7741f3fa2e0b53ba32c37960 SHA1 5751fe798024c2021b7b3ed3e798618e2a38244a SHA256 6165db3a2fcb251d4f3655c0461e018ce9c92a37f7f22a8fd2b75178b5435bc8 +AUX nscd.conf 1158 RMD160 50651e89a0cb206b1d37dae8840527694fe561b5 SHA1 5f5166aa6e0bffa57c52c39d3ec51ad3b0efa607 SHA256 378b7953adf5aa0e03bff49b7c654cae67b3efee7c92361b385fe7d3e9fb57c7 +AUX nsswitch.conf 503 RMD160 f375f92f6b41029c93382c39cef896261b140cfc SHA1 42f7f5cc3de75c69bf60d806ac8490106ea63326 SHA256 6c38b8642d5da884327ad678d0351d57be3621562253bd9711394bad87e45e2d +AUX test-__thread.c 53 RMD160 dcc9960f3bf26c935f41dc5c408613963885ad58 SHA1 dcb60595b2730a8a05eb045563f13cd615830acf SHA256 28a7836b810cf21f6071126d6b19dbdbf567f2544f9283700d125ad653d7519e +AUX test-sysctl_h.c 54 RMD160 b7c2e5956e0a232193610701ccc57a8d56615a36 SHA1 d727fbe809fbec9157661fbdb6c8077a68d95044 SHA256 19337cae62f1ebc23ca8d8de8a98e7f03c9dd77a671100995d6e7c8a3833e759 +DIST glibc-2.10.1-patches-1.tar.bz2 81661 RMD160 59ad31a06f2f8b14705754873e4cf9348022684f SHA1 7fcdab040607f92bff49c64ec2902ce469f8282c SHA256 593ee293e62fd1718a96da0c44b3454209b1372fb45679a7ec0ea3b01764737a +DIST glibc-2.10.1.tar.bz2 16106243 RMD160 ca102519ab32714e788a0db5dd43c2f9962c86e9 SHA1 cb478cf9d6e2c905a1a4f4a2cae44a320b8dc50b SHA256 cbad3e637eab613184405a87a2bf08a41991a0e512a3ced60d120effc73de667 +DIST glibc-2.8-20080602.tar.bz2 16235726 RMD160 8781f2b1dbd22c6579208a689be38a444b5242c7 SHA1 68c2bfcf5f385449c3cb7efbf1f0d425d14cdaad SHA256 142eaba19eb85121206ee034fd828ca5dcd1bf2bfa940fef92c37457c06a6d48 +DIST glibc-2.8-patches-6.tar.bz2 103171 RMD160 c6a9710e53fa6b3698aea1a5f0a497155cf2a1c5 SHA1 39fe516a150621fc34418e23ac1c38cb1f7c1406 SHA256 dc335095de83ff4ff405c9aaf5b3ee3d82148888c73b31081ae1c706510973c2 +DIST glibc-2.8-ports-20080602.tar.bz2 469234 RMD160 57ae79a79c6f82f5ff217e9052f4569c136dca7d SHA1 c3a45ea27c9eb1bf99f1caafe085b50951089384 SHA256 1f3665e80b5832f7d281c109bc2f5412521cc9ccc3bd7b499fd493ff5eb9aa9b +DIST glibc-2.9-20081201.tar.bz2 16430489 RMD160 1e1feb4ee9c0892a0544c05adb6dd249544621cf SHA1 5756ca3b543a370c4ec9ffc8038b72bf0aa61c71 SHA256 6f8e515775e20ed48610860d10315adda418a3649b3465f36ee5cd467364a8f6 +DIST glibc-2.9-patches-5.tar.bz2 101693 RMD160 8cd377be020bf95a30862d77c215c16dc544602f SHA1 103839660f4e55871bf68835f8fec83d9afecdec SHA256 6f61c3e212c82eb118780573ac80d61835ff3a98fbea68b6f03a52009cce7d35 +DIST glibc-2.9-ports-20081201.tar.bz2 487663 RMD160 80eb0035ed2e021e79755d4151ccd6d73cd78d8d SHA1 90a6ecbce37aabe6093c4dd0c8817cbf86321627 SHA256 19bb6e89855171d7ae01aef92054dfe4524521fbc13c67bfaa3ee81944210744 +DIST glibc-libidn-2.10.1.tar.bz2 102248 RMD160 0fbb3ecc09f59f0b9e90e0669bd9cd6075164173 SHA1 50c1ac0d9ddff6eb83f75aa1c4cb84ba6fffa0cd SHA256 0fa72d1dd06a30642d3bb20a659f4ed0f4af54a205d7102896b68169b38676dc +EBUILD glibc-2.10.1.ebuild 7928 RMD160 5e45abd4183d185a369a56d9c1a5c76d0a5908f4 SHA1 044bf8258a601a8e7403df0299af6230e43cf694 SHA256 8d507c45e9214723f8a1427f6c7c15e19c6201842a6a833ecfdec97b28660be1 +EBUILD glibc-2.8_p20080602-r3.ebuild 13728 RMD160 d30e8a99f4457056fae2a1b9ef239f0466b45367 SHA1 a314d2b0c3c1c3bc308f25c4faa1d16bd8ca274c SHA256 f46a10aa3391d5bdd1e3b6ed1594c38029c82c56b56d8f7d4b86e1bb4c1340f5 +EBUILD glibc-2.9_p20081201-r4.ebuild 8025 RMD160 f5a744004f6788404f01c2a66f6e813aa6789769 SHA1 a7231407a92cc2cfa18c4d0e8334cf7f7b9114fa SHA256 dc009ffdf4d9ef96f692feffe1d582f19f0e77b063ccd2e07c36176bcdcb525d diff --git a/sys-libs/glibc/files/.directory b/sys-libs/glibc/files/.directory deleted file mode 100644 index 785212f6..00000000 --- a/sys-libs/glibc/files/.directory +++ /dev/null @@ -1,3 +0,0 @@ -[Dolphin] -Timestamp=2009,5,19,0,53,56 -ViewMode=1 diff --git a/sys-libs/glibc/files/2.10/.directory b/sys-libs/glibc/files/2.10/.directory deleted file mode 100644 index 27025951..00000000 --- a/sys-libs/glibc/files/2.10/.directory +++ /dev/null @@ -1,3 +0,0 @@ -[Dolphin] -Timestamp=2009,5,19,0,54,40 -ViewMode=1 |