reinit the tree, so we can have metadata

7 files changed, 267 insertions, 0 deletions

diff --git a/dev-libs/libtar/Manifest b/dev-libs/libtar/Manifest
new file mode 100644
index 000000000000..b0637d39c9f8
--- /dev/null
+++ b/dev-libs/libtar/Manifest
@@ -0,0 +1,9 @@
+AUX CVE-2013-4420.patch 2454 SHA256 7092cbe003c0c26836ca0c7f78149aac8914dafe55409942a5285af4cc2f0cf9 SHA512 a325c1225b838a573448f05ba1a6712ab8430107793bc574dcea6a77b28d3ad36f3d1d801b392be0992007df78ea59b0b729623631f12b80846fdd039a66eb26 WHIRLPOOL 327f42473e09e4e75f27ed04f767a20609b8af27b5229abfa90616aac30f8d383e2e4f7f60370510f17264b7cd4110a130f3ba17a7c6a01870a9c4df59277359
+AUX libtar-1.2.11-free.patch 337 SHA256 ed7c9218c5f2b7f26f41d79ff7e2ede793816bfdeeffd0480ea90f2a818ca1ac SHA512 ea6475cdb000967c0029a35d8b02cde3c9227cfa73c57ab654879e7b030a5ca2732e5286fcd2f146bbb74213e01ea4d0f9259f06a6fe466a7bd63b1e6e43e07c WHIRLPOOL 88751fed4b5d0388bc17d2431152b5caa1642d6bfd63bc1b7200e096bc105c8d7348ce143ae008b944b66dcfbe1ddb73be1d7c9abba8b5b17e2934f8e4843d73
+AUX libtar-1.2.11-impl-dec.patch 332 SHA256 c9799e718142004b8653e5926347faf406509665b946fd8760049babff442612 SHA512 d8e6d341b4f30121571da0afc369fd3b45055224cc336640cb6f087e020959dcee8b2f00ac7b4d9f20faf44f1d87414b1a267080b412f043bb58d02bdbc91f94 WHIRLPOOL 1a55f21c3c60823b401a77db5a83b0af1a53893e0873cac0a384bdfd6064dbb6308c4dfb8ebca81b837d8490190b54fef6c5b66b6658ef308bc6700216a39a6d
+DIST libtar-1.2.20.tar.gz 63542 SHA256 b17f84c3cfb8734c1ec5290f5fed8285037199f11ea8c0e2d8f807cbe83c9d8f SHA512 360a0296af99bedd6d93236c3d6d6746fd38deaa5287e7a138d303e1072bc8871437a693dc926d82af5b54dedba2ebdff5a3edb1f7d7dc494b4235439e477dec WHIRLPOOL c2f9b243a497df4ec03188b25d4bf5a8ab17e895c1c3c7e359c3eca869229df6ff8d5b632cafa0f297e3e613538b94755d176295d8e15673b9ab9a71bd5435d7
+EBUILD libtar-1.2.20-r2.ebuild 1148 SHA256 44a98d19ffd402db37f84dc646a2481d41e8c957a89dc90b53646f0bc0b16653 SHA512 d618f5a389e62579fee30c6315893990765f5d35a64e2c727b741d9d393f6bbf8c120e7a3102c058e57186e0bd5ff772b5472ff7df642b262692c9e354cb0de2 WHIRLPOOL f9a7c83039391c0b2421110587c3ffe6e54b23297c3d02fe83c21ebce68262c6c2760725442888bc1a9557373f6ca8929522b720f94282f9a7c61ab0c7fc667d
+EBUILD libtar-1.2.20-r3.ebuild 1363 SHA256 52eb218b7c9e765f5051f5227355c0840bf88fe5eee2ce6138aedbe468675566 SHA512 8e7a8081bd465e86f4104931e0cf874c104f620e85dbab7d82cebf8522bb1eca457e1cd02b0882897007d43adf729affa9114b1a4157cc2cf89c31d46b0875ab WHIRLPOOL 4ee283f26bc8333f4a5e0092dc923f5f2a0fcaa1c440ccee81c0dfc2635ef4700179b71f89fb1ae98f7689f1e2327bfeb92b081d6fc7d8ad4c43fba0ccd30abc
+MISC ChangeLog 3252 SHA256 b216eb23f7e64ce3210d68db374b4a495fde54f158c930f2a136d365b482890d SHA512 5dae24985d7880150cabe327371abcc2f252eb17e7e038091db514d703f16f01ce67d4b384735be54d3d81afdfff5a65d8baf3b6cf3d6fa3d8e14255bdee0e71 WHIRLPOOL cb5374473e729a518344457902f602a8492666c9f68b92dddf8ee0b1c078429251a6ad40235120ad15485887fc69e0d120402745fe7273d8f45e6159fd1cfa53
+MISC ChangeLog-2015 6143 SHA256 1aa6410eab20005c39d72affa9ee1f2250b54d3714f25b487c22da64d961fbb8 SHA512 feab7e5ae4c7e5e76cb8b2d17dbaf33f18fa1f1112f0b38d7d295c40ee557468d904b67525f465dadfd117d87d3a6f718d5abcda4f5240869750e83ec0a9d1b2 WHIRLPOOL 6c5b4bb61f87653bbcd6b1286678b2f71a858fb162fbb61e3b77d2d1ceaa5b471e4da9cc6bd9484d57fff8cee1149a4e3a70b531f886b7ea5f23c12931cfdebc
+MISC metadata.xml 514 SHA256 1dfaa54f52e0d4653ebded2e1f56e1941475f0c22e4da58211b7ee5dd1e70c09 SHA512 e4cef41d65e965ba97b12f448e33ecfea36bd2753775c1ac8bcbb4e226f71b029ce27fde9d646b999b3fb5ee25e08b6fe260a1e2e97a02faa0f61142e7c3801e WHIRLPOOL ed2e2d3827c2b82ffbb5a2a74046beed68ddb5651504eb9c255dc6fcdde13726c6bc30245d6316f1a62189da47feef902f7b5b94d22709e4de7c7171c86854fd
diff --git a/dev-libs/libtar/files/CVE-2013-4420.patch b/dev-libs/libtar/files/CVE-2013-4420.patch
new file mode 100644
index 000000000000..d6e24860c929
--- /dev/null
+++ b/dev-libs/libtar/files/CVE-2013-4420.patch
@@ -0,0 +1,94 @@
+--- a/libtar/lib/decode.c	2013-10-09 09:59:44.000000000 -0700
++++ b/libtar/lib/decode.c	2015-07-20 20:57:58.331945962 -0700
+@@ -21,24 +21,55 @@
+ # include <string.h>
+ #endif
+ 
++char *
++safer_name_suffix (char const *file_name)
++{
++       char const *p, *t;
++       p = t = file_name;
++       while (*p)
++       {
++               if (p[0] == '.' && p[0] == p[1] && p[2] == '/')
++               {
++                       p += 3;
++                       t = p;
++               }
++               /* advance pointer past the next slash */
++               while (*p && (p++)[0] != '/');
++       }
++
++       if (!*t)
++       {
++               t = ".";
++       }
++
++       if (t != file_name)
++       {
++               /* TODO: warn somehow that the path was modified */
++       }
++       return (char*)t;
++}
++
+ 
+ /* determine full path name */
+ char *
+ th_get_pathname(TAR *t)
+ {
+ 	static TLS_THREAD char filename[MAXPATHLEN];
++	char *safer_name;
+ 
+ 	if (t->th_buf.gnu_longname)
+-		return t->th_buf.gnu_longname;
++               return safer_name_suffix(t->th_buf.gnu_longname);
++
++       safer_name = safer_name_suffix(t->th_buf.name);
+ 
+ 	if (t->th_buf.prefix[0] != '\0')
+ 	{
+ 		snprintf(filename, sizeof(filename), "%.155s/%.100s",
+-			 t->th_buf.prefix, t->th_buf.name);
++			 t->th_buf.prefix, safer_name);
+ 		return filename;
+ 	}
+ 
+-	snprintf(filename, sizeof(filename), "%.100s", t->th_buf.name);
++	snprintf(filename, sizeof(filename), "%.100s", safer_name);
+ 	return filename;
+ }
+ 
+--- a/libtar/lib/extract.c	2013-10-09 09:59:44.000000000 -0700
++++ b/libtar/lib/extract.c	2015-07-20 21:00:16.560956122 -0700
+@@ -305,7 +305,7 @@
+ 		linktgt = &lnp[strlen(lnp) + 1];
+ 	}
+ 	else
+-		linktgt = th_get_linkname(t);
++		linktgt = safer_name_suffix(th_get_linkname(t));
+ 
+ #ifdef DEBUG
+ 	printf("  ==> extracting: %s (link to %s)\n", filename, linktgt);
+@@ -343,9 +343,9 @@
+ 
+ #ifdef DEBUG
+ 	printf("  ==> extracting: %s (symlink to %s)\n",
+-	       filename, th_get_linkname(t));
++	       filename, safer_name_suffix(th_get_linkname(t)));
+ #endif
+-	if (symlink(th_get_linkname(t), filename) == -1)
++	if (symlink(safer_name_suffix(th_get_linkname(t)), filename) == -1)
+ 	{
+ #ifdef DEBUG
+ 		perror("symlink()");
+--- a/libtar/lib/internal.h	2013-10-09 09:59:44.000000000 -0700
++++ b/libtar/lib/internal.h	2015-07-20 21:00:51.258958673 -0700
+@@ -15,6 +15,7 @@
+ 
+ #include <libtar.h>
+ 
++char* safer_name_suffix(char const*);
+ #ifdef TLS
+ #define TLS_THREAD TLS
+ #else
diff --git a/dev-libs/libtar/files/libtar-1.2.11-free.patch b/dev-libs/libtar/files/libtar-1.2.11-free.patch
new file mode 100644
index 000000000000..3a7b028d5d2d
--- /dev/null
+++ b/dev-libs/libtar/files/libtar-1.2.11-free.patch
@@ -0,0 +1,22 @@
+stdlib.h is required for free()
+
+--- lib/output.c
++++ lib/output.c
+@@ -20,6 +20,7 @@
+ #include <sys/param.h>
+ 
+ #ifdef STDC_HEADERS
++# include <stdlib.h>
+ # include <string.h>
+ #endif
+ 
+--- lib/wrapper.c
++++ lib/wrapper.c
+@@ -18,6 +18,7 @@
+ #include <errno.h>
+ 
+ #ifdef STDC_HEADERS
++# include <stdlib.h>
+ # include <string.h>
+ #endif
+ 
diff --git a/dev-libs/libtar/files/libtar-1.2.11-impl-dec.patch b/dev-libs/libtar/files/libtar-1.2.11-impl-dec.patch
new file mode 100644
index 000000000000..ee00f5c1c9f3
--- /dev/null
+++ b/dev-libs/libtar/files/libtar-1.2.11-impl-dec.patch
@@ -0,0 +1,15 @@
+ lib/extract.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/lib/extract.c b/lib/extract.c
+index 6bbb801..3ef2fb8 100644
+--- a/lib/extract.c
++++ b/lib/extract.c
+@@ -18,6 +18,7 @@
+ #include <fcntl.h>
+ #include <errno.h>
+ #include <utime.h>
++#include <string.h>
+ 
+ #ifdef STDC_HEADERS
+ # include <stdlib.h>
diff --git a/dev-libs/libtar/libtar-1.2.20-r2.ebuild b/dev-libs/libtar/libtar-1.2.20-r2.ebuild
new file mode 100644
index 000000000000..926bb060d8d5
--- /dev/null
+++ b/dev-libs/libtar/libtar-1.2.20-r2.ebuild
@@ -0,0 +1,54 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+AUTOTOOLS_AUTORECONF=1
+inherit autotools-utils
+
+DESCRIPTION="C library for manipulating tar archives"
+HOMEPAGE="http://www.feep.net/libtar/ http://repo.or.cz/w/libtar.git/"
+SRC_URI="https://dev.gentoo.org/~pinkbyte/distfiles/snapshots/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc ppc64 ~sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="static-libs zlib"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+	!zlib? ( app-arch/gzip )"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-1.2.11-free.patch"
+	"${FILESDIR}/${PN}-1.2.11-impl-dec.patch"
+)
+
+src_prepare() {
+	sed -i \
+		-e '/INSTALL_PROGRAM/s:-s::' \
+		{doc,lib{,tar}}/Makefile.in || die
+
+	autotools-utils_src_prepare
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-encap
+		--disable-epkg-install
+		$(use_with zlib)
+	)
+
+	autotools-utils_src_configure
+}
+
+src_install() {
+	autotools-utils_src_install
+
+	dodoc ChangeLog* README TODO
+	newdoc compat/README README.compat
+	newdoc compat/TODO TODO.compat
+	newdoc listhash/TODO TODO.listhash
+}
diff --git a/dev-libs/libtar/libtar-1.2.20-r3.ebuild b/dev-libs/libtar/libtar-1.2.20-r3.ebuild
new file mode 100644
index 000000000000..6642c68d62ec
--- /dev/null
+++ b/dev-libs/libtar/libtar-1.2.20-r3.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+AUTOTOOLS_AUTORECONF=1
+inherit autotools-utils
+
+DESCRIPTION="C library for manipulating tar archives"
+HOMEPAGE="http://www.feep.net/libtar/ http://repo.or.cz/w/libtar.git/"
+SRC_URI="https://dev.gentoo.org/~pinkbyte/distfiles/snapshots/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~arm ~arm64 ppc ppc64 sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="static-libs zlib"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+	!zlib? ( app-arch/gzip )"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+# There is no test and 'check' target errors out due to mixing of automake &
+# non-automake makefiles.
+# https://bugs.gentoo.org/show_bug.cgi?id=526436
+RESTRICT="test"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.2.11-free.patch
+	"${FILESDIR}"/${PN}-1.2.11-impl-dec.patch
+	"${FILESDIR}"/CVE-2013-4420.patch
+)
+
+src_prepare() {
+	sed -i \
+		-e '/INSTALL_PROGRAM/s:-s::' \
+		{doc,lib{,tar}}/Makefile.in || die
+
+	autotools-utils_src_prepare
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-encap
+		--disable-epkg-install
+		$(use_with zlib)
+	)
+
+	autotools-utils_src_configure
+}
+
+src_install() {
+	autotools-utils_src_install
+
+	dodoc ChangeLog* README TODO
+	newdoc compat/README README.compat
+	newdoc compat/TODO TODO.compat
+	newdoc listhash/TODO TODO.listhash
+}
diff --git a/dev-libs/libtar/metadata.xml b/dev-libs/libtar/metadata.xml
new file mode 100644
index 000000000000..37ba3f50a322
--- /dev/null
+++ b/dev-libs/libtar/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+        <maintainer type="person">
+                <email>sdnick484@gmail.com</email>
+                <name>Nick Andrade</name>
+                <description>Active Maintainer, Assign bugs</description>
+        </maintainer>
+<maintainer type="project">
+                <email>proxy-maint@gentoo.org</email>
+                <name>Proxy Maintainers</name>
+        </maintainer>
+</pkgmetadata>