summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLouis Sautier <sbraz@gentoo.org>2019-06-16 16:01:53 +0200
committerLouis Sautier <sbraz@gentoo.org>2019-06-16 16:03:24 +0200
commitf70923983bf75ea5175942f34d9825a2193dc846 (patch)
tree609a98b7b6ad5ffd7acf8742ef938d4e1d36e539
parentapp-office/libreoffice-bin: add missing dep (diff)
downloadgentoo-f70923983bf75ea5175942f34d9825a2193dc846.tar.gz
gentoo-f70923983bf75ea5175942f34d9825a2193dc846.tar.bz2
gentoo-f70923983bf75ea5175942f34d9825a2193dc846.zip
net-irc/znc: bump 1.7.4_rc1, fixes authenticated RCE CVE-2019-12816
Bug: https://bugs.gentoo.org/688152 Package-Manager: Portage-2.3.67, Repoman-2.3.14 Signed-off-by: Louis Sautier <sbraz@gentoo.org>
-rw-r--r--net-irc/znc/Manifest1
-rw-r--r--net-irc/znc/znc-1.7.4_rc1.ebuild182
2 files changed, 183 insertions, 0 deletions
diff --git a/net-irc/znc/Manifest b/net-irc/znc/Manifest
index 015aae3862b..c04a8449bb7 100644
--- a/net-irc/znc/Manifest
+++ b/net-irc/znc/Manifest
@@ -1,2 +1,3 @@
DIST gtest-1.8.1.tar.gz 992298 BLAKE2B 40ef3417fe424205c0617f07207347ce671ac87605f8ac9b8a333b0b06e3fbef9f556041ee324c18f957f3258ab9fe06704f31cdd038355fb7890180eb77ced1 SHA512 e6283c667558e1fd6e49fa96e52af0e415a3c8037afe1d28b7ff1ec4c2ef8f49beb70a9327b7fc77eb4052a58c4ccad8b5260ec90e4bceeac7a46ff59c4369d7
DIST znc-1.7.3.tar.gz 2084575 BLAKE2B 4d8f76abef8bf2c5f96d9bd04716cd2debae2b2fcd3b8688aa715af6ef09e60c2aac203c5c7b32d2f4d56730f30dbbe9abd5eeec4f07e7580900dcb1cd164530 SHA512 4cd63be2cb3bc1e3950f38984b128c6511bd1b9fc01a00d51cfcdc46826c2dedad120d6ed8e30d9c400909e33d39b2b14579fb40ee1e3508b7f3a07eff3a15d8
+DIST znc-1.7.4-rc1.tar.gz 2084722 BLAKE2B cdbc9a6713ecb1261275060b07bfdc16f9edd933bd7337f346c4c2bbf450f1810b5c82f382d31000d3b07fef145279adacf2bdd8518541dbe9ba3a9c4ab972f5 SHA512 49e45732db371159ada2678df1e494a0f4ae9c517f111672ab184e3c5ac60e354a63f7039167a7ca0ca09c300c33b9cc3f9dfc35ba3940f5a70efa35c0089911
diff --git a/net-irc/znc/znc-1.7.4_rc1.ebuild b/net-irc/znc/znc-1.7.4_rc1.ebuild
new file mode 100644
index 00000000000..e2a032f9ea5
--- /dev/null
+++ b/net-irc/znc/znc-1.7.4_rc1.ebuild
@@ -0,0 +1,182 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{5,6,7} )
+
+inherit cmake-utils python-single-r1 readme.gentoo-r1 systemd user
+
+GTEST_VER="1.8.1"
+GTEST_URL="https://github.com/google/googletest/archive/${GTEST_VER}.tar.gz -> gtest-${GTEST_VER}.tar.gz"
+DESCRIPTION="An advanced IRC Bouncer"
+
+if [[ ${PV} == *9999* ]]; then
+ inherit git-r3
+ EGIT_REPO_URI=${EGIT_REPO_URI:-"https://github.com/znc/znc.git"}
+ SRC_URI=""
+else
+ MY_PV=${PV/_/-}
+ MY_P=${PN}-${MY_PV}
+ SRC_URI="
+ https://znc.in/releases/archive/${MY_P}.tar.gz
+ test? ( ${GTEST_URL} )
+ "
+ KEYWORDS="~amd64 ~arm ~x86"
+ S=${WORKDIR}/${MY_P}
+fi
+
+HOMEPAGE="https://znc.in"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="+ipv6 +icu libressl nls perl python +ssl sasl tcl test +zlib"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} icu )"
+
+RDEPEND="
+ icu? ( dev-libs/icu:= )
+ nls? ( dev-libs/boost:=[nls] )
+ perl? ( >=dev-lang/perl-5.10:= )
+ python? ( ${PYTHON_DEPS} )
+ sasl? ( >=dev-libs/cyrus-sasl-2 )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ tcl? ( dev-lang/tcl:0= )
+ zlib? ( sys-libs/zlib:0= )
+"
+DEPEND="
+ ${RDEPEND}
+ virtual/pkgconfig
+ nls? ( sys-devel/gettext )
+ perl? ( >=dev-lang/swig-3.0.0 )
+ python? ( >=dev-lang/swig-3.0.0 )
+ test? ( dev-qt/qtnetwork:5 )
+"
+
+PATCHES=( "${FILESDIR}"/${PN}-1.7.1-inttest-dir.patch )
+
+pkg_setup() {
+ if use python; then
+ python-single-r1_pkg_setup
+ fi
+
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} ${PN}
+ # The home directory was previously set to /dev/null
+ # This caused a bug with the systemd unit
+ # https://bugs.gentoo.org/521916
+ esethome ${PN} /var/lib/${PN}
+}
+
+src_prepare() {
+ # Let SWIG rebuild modperl/modpython to make user patching easier.
+ if [[ ${PV} != *9999* ]]; then
+ rm modules/modperl/generated.tar.gz || die
+ rm modules/modpython/generated.tar.gz || die
+ fi
+
+ sed -i -e "s|DZNC_BIN_DIR:path=|DZNC_BIN_DIR:path=${T}/inttest|" \
+ test/CMakeLists.txt || die
+
+ cmake-utils_src_prepare
+}
+
+src_configure() {
+ local mycmakeargs=(
+ -DWANT_SYSTEMD=yes # Causes -DSYSTEMD_DIR to be used.
+ -DSYSTEMD_DIR="$(systemd_get_systemunitdir)"
+ -DWANT_ICU="$(usex icu)"
+ -DWANT_IPV6="$(usex ipv6)"
+ -DWANT_I18N="$(usex nls)"
+ -DWANT_PERL="$(usex perl)"
+ -DWANT_PYTHON="$(usex python)"
+ -DWANT_CYRUS="$(usex sasl)"
+ -DWANT_OPENSSL="$(usex ssl)"
+ -DWANT_TCL="$(usex tcl)"
+ -DWANT_ZLIB="$(usex zlib)"
+ )
+
+ if [[ ${PV} != *9999* ]] && use test; then
+ export GTEST_ROOT="${WORKDIR}/googletest-release-${GTEST_VER}/googletest"
+ export GMOCK_ROOT="${WORKDIR}/googletest-release-${GTEST_VER}/googlemock"
+ fi
+
+ cmake-utils_src_configure
+}
+
+src_test() {
+ cmake-utils_src_make unittest
+ if has network-sandbox ${FEATURES}; then
+ DESTDIR="${T}/inttest" cmake-utils_src_make install
+ local filter='-'
+ if ! use perl; then
+ filter="${filter}:ZNCTest.Modperl*"
+ fi
+ if ! use python; then
+ filter="${filter}:ZNCTest.Modpython*"
+ fi
+ # CMAKE_PREFIX_PATH and CXXFLAGS are needed for znc-buildmod
+ # invocations from inside the test
+ GTEST_FILTER="${filter}" ZNC_UNUSUAL_ROOT="${T}/inttest" \
+ CMAKE_PREFIX_PATH="${T}/inttest/usr/share/znc/cmake" \
+ CXXFLAGS="${CXXFLAGS} -isystem ${T}/inttest/usr/include" \
+ cmake-utils_src_make inttest
+ else
+ # TODO: don't require sandbox after
+ # https://github.com/znc/znc/pull/1363 is implemented
+ ewarn "FEATURES=-network-sandbox; skipping integration tests which"
+ ewarn "temporary open local ports."
+ fi
+}
+
+src_install() {
+ cmake-utils_src_install
+
+ dodoc NOTICE
+ newinitd "${FILESDIR}"/znc.initd-r2 znc
+ newconfd "${FILESDIR}"/znc.confd-r1 znc
+
+ DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") || die
+ DISABLE_AUTOFORMATTING=1
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+ readme.gentoo_print_elog
+ fi
+
+ if [[ -d "${EROOT%/}"/etc/znc ]]; then
+ ewarn "${EROOT%/}/etc/znc exists on your system."
+ ewarn "Due to the nature of the contents of that folder,"
+ ewarn "we have changed the default configuration to use"
+ ewarn " ${EROOT%/}/var/lib/znc"
+ ewarn "please move ${EROOT%/}/etc/znc to ${EROOT%/}/var/lib/znc"
+ ewarn "or adjust your service configuration."
+ fi
+}
+
+pkg_config() {
+ if [[ -e "${EROOT%/}/var/lib/znc" ]]; then
+ ewarn "${EROOT%/}/var/lib/znc already exists, aborting to avoid damaging"
+ ewarn "any existing configuration. If you are sure you want"
+ ewarn "to generate a new configuration, remove the folder"
+ ewarn "and try again."
+ else
+ einfo "Press enter to interactively create a new configuration file for znc."
+ einfo "To abort, press Control-C"
+ read
+ mkdir -p "${EROOT%/}/var/lib/znc" || die
+ chown -R ${PN}:${PN} "${EROOT%/}/var/lib/znc" ||
+ die "Setting permissions failed"
+ start-stop-daemon --start --user ${PN}:${PN} --env ZNC_NO_LAUNCH_AFTER_MAKECONF=1 \
+ "${EROOT%/}"/usr/bin/znc -- --makeconf --datadir "${EROOT%/}/var/lib/znc" ||
+ die "Config failed"
+ einfo
+ einfo "You can now start the znc service using the init system of your choice."
+ einfo "Don't forget to enable it if you want to use znc at boot."
+ fi
+}