summaryrefslogtreecommitdiff
path: root/net-misc/rsync
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc/rsync')
-rw-r--r--net-misc/rsync/Manifest2
-rw-r--r--net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch54
-rw-r--r--net-misc/rsync/rsync-3.2.7-r3.ebuild204
3 files changed, 260 insertions, 0 deletions
diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index d0260d094db2..7d58bbf6f999 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -2,6 +2,7 @@ AUX rsync-3.2.4-notpedantic.patch 1063 BLAKE2B 99ed8e887c5f3c64ff6c34e1b9dc7ca98
AUX rsync-3.2.4-strlcpy.patch 1715 BLAKE2B 4159391589cc6eba7c6719b15d32d33e68ff5a15765b3377e1e53975c2d7c9413ac99e178d0e6a796d347aab4bf43b3f7a788a434ea36bc35adb916a39394ca4 SHA512 b097b253624fa67feb32f3cb6412fadbd731ec659791010310824ef0c83209a9d228706e84eca72614c0e3ce7a3ccbd4250dafad20dc2113b20d79135573fa9a
AUX rsync-3.2.4-unsigned-char-checksum.patch 610 BLAKE2B eb6803c673bb38907738e5475e9469c07555d96769cc86baad43f806cd6a823c5aa9d890c63096b5c229402315cdd90d76d93687ddc1a7d17360ff739afc9596 SHA512 a8f8eb0568139893e2f3f36feb1cebfb5fcf3b1fd807459bce635d61f2582e960c55b0bb4c8914a6579ad0eb7e4322d2ce3480598d425e256fb6a73efbc9315e
AUX rsync-3.2.7-flist-memcmp-ub.patch 773 BLAKE2B 9a30609a0bf09298dc2b1daeae7dcf3ba173d1d2431c077d612be03a3a531bf59b16d1846a8f7c467ef2ca576e01f0fe512067a04f834a9ca3d387e389b5d6e8 SHA512 4212d704d9b4b1a0d2d2cfca48ae91d29b90111ce4256ec8f9779d0778fe2bbb4a33b95e8a32ef181e1ab0ac2d1ea330e724a46f078826b39d2e09d374be6730
+AUX rsync-3.2.7-fortify-source-3.patch 1947 BLAKE2B c907e4ddc07693d8a6292f32782831953eee8711148c2e9aa5623dc5615474b59f25e309302c103a6c4a4177b18291a00983a62fa77c7faee04731114634c65d SHA512 b2bd012f318b1816a299a766c28a64cfc86307e4e1b047098f2a0334d775513f83724cdfa33ce567120c9b4fbbf9f6b8e0bbad0d434ac2444afff39fb5fa41da
AUX rsyncd.conf-3.0.9-r1 462 BLAKE2B 45a7dde876368e7392ee7a05edf593f55cf6b3b4dc913745f4322ebd75f97bcdf1a24240a54e11469bd659fd565fc74cd8eeaa9490434d88444b5a076803cea7 SHA512 5c57f633aa3daa6513b5d35a1157a50308559ad993257374ce4eea0269f6bf384938f95bed749acb19538e8c4672355351fcee5cef9607153463b19227d343d7
AUX rsyncd.conf.d 149 BLAKE2B fd2556d0c270c2baa83d4d474d44ab1d16e35f112279a339f179f9af693d977cc0863bf4cd7139363c58e4e6a1a18a24c06474ecc248167224261dbaf04ae0a8 SHA512 8ea9a2f1fea508fa132313fa16513eac84a9ed3ce75741c42769b56bbcd3f1bd2eb8bfdfe40a6c7f619e4281e8fc8d95d1bd84096d0b64aaacf606cd614ae5b3
AUX rsyncd.init.d-r1 247 BLAKE2B ec4f7a875a51bae10cff7e15df18d285b01dddaa99a03127ba242ec535b7c8a3af3ad4489661ba7b5f6b074e2af38b12da394c0f8992bd28328d807a89757bb0 SHA512 df2ef4d9e65fa72daa9a7d91d69a06027d0e0fbc48f9ebd485e2d51990c8d00985b7ccf41314f984975e8073e2075bbdfe5543754718381497c334dc7d96451a
@@ -13,5 +14,6 @@ DIST rsync-3.2.7.tar.gz 1149787 BLAKE2B 1b910b321e8d6b49af9f26bef813509f0da12ded
DIST rsync-3.2.7.tar.gz.asc 195 BLAKE2B d2bca9276d9a0c96a9156a8da60e391f58eceb2e1ffaa51b7e7ffd592feaba3ce54772bd563a251e3b30efb0ad07fc96da01158a77dd77c6534eac5d80b46e53 SHA512 bad9f48e033966566c6abf8cd485d35c0d9cf130eafb0c5fff9bcb928882283bbcdd2375e7c2880cf71cf81496ba6b743b61adca3d4678421c32915a2464acc3
EBUILD rsync-3.2.4-r3.ebuild 4750 BLAKE2B e743c73dae35b841ad484d3a1dc0359ced3ee95d4357949bf1d8a805f170a46039de35275406cc051cf2475f89333f9c8593f08ea6a2de0ab8eaae1702755d8b SHA512 7bcda7d6e51a17fe8ad3a609128934d6859f6b6eecd308a5939199efec0f9726bdb78a726c37541c85e506db55e455b30f050a6b9e615810f4647b79f986941d
EBUILD rsync-3.2.7-r2.ebuild 5420 BLAKE2B 2116751f4b399612a3869a59d7e361025ddeb179df10a37fc99792e8d33f4cb4fadfc9b143d26b116cfd08753bd181c92055b048ae7b803495840b8ff00c9f1b SHA512 cc714464c0ca82f1ed6b62fbee7c348551b35fdffaaeb1208fa4092be91b05c83b48f19e4ae187242135e34f09beea2bc311969fffe311219aab9604597d2b51
+EBUILD rsync-3.2.7-r3.ebuild 5471 BLAKE2B 6f4ab5a7ff10565fb8adfde3af75e381b164591561fa4c40adae208fd987299bd59560121ea39e92e4b1a81016f93ac36899cfa54e0cd1cf81e6d2fc419208e2 SHA512 c7c5162e82305ab50c1437285476ae726064897fe549bbca1a3d2c79b2e7abc563d1d0ee48ebcf71c7331d52a1417d9eba2fcb791732202fab182db81c1ec871
EBUILD rsync-9999.ebuild 5428 BLAKE2B 45d968a8a88ecade2dc75a3427d074f0afeb9f4f909ac1a20943a5f89ecd8a1865634dbc26f1327e83b1d7b68ddf2d01380b0e25abe7b77bc78a05f1d991741e SHA512 aa68bb7a0f1ccea651e7e0a55af44346144cb5af1f176d0bc4efd00835498db694afd9bb31eac40d13d12ec624b9ba6e47059df123e9a19d8f211c649322819a
MISC metadata.xml 880 BLAKE2B b079b9b9cb5dcc93b50d49fa50723729b7c57c34ad0cdfd946821089a1f9788a460818cef8d6a4e9f603ad066f6b3a0c22c7becb950abc1eac8e2923adf18bac SHA512 215f0df65f53e2aca8d519c85111f87e95d592454b8a297f69058c1d87ff5650f32f3c937715c8a83dc9bef1ca1e70589cd3797ca595688806c1067462717c14
diff --git a/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch b/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch
new file mode 100644
index 000000000000..952af573dfc7
--- /dev/null
+++ b/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch
@@ -0,0 +1,54 @@
+https://bugs.gentoo.org/917517
+https://github.com/WayneD/rsync/issues/511
+https://bugzilla.suse.com/show_bug.cgi?id=1214249
+https://bugzilla.redhat.com/show_bug.cgi?id=2229654
+https://src.fedoraproject.org/rpms/rsync/raw/06d55616ec86c3a68a8af917783788b928fefcc4/f/rsync-3.2.7-buffer-overflow.patch
+
+From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001
+From: Jiri Slaby <jslaby@suse.cz>
+Date: Fri, 18 Aug 2023 08:26:20 +0200
+Subject: [PATCH] exclude: fix crashes with fortified strlcpy()
+
+Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when
+its third parameter (size) is larger than the buffer:
+ $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx
+ sending incremental file list
+ *** buffer overflow detected ***: terminated
+
+It's in the exclude code in setup_merge_file():
+ strlcpy(y, save, MAXPATHLEN);
+
+Note the 'y' pointer was incremented, so it no longer points to memory
+with MAXPATHLEN "owned" bytes.
+
+Fix it by remembering the number of copied bytes into the 'save' buffer
+and use that instead of MAXPATHLEN which is clearly incorrect.
+
+Fixes #511.
+---
+ exclude.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/exclude.c b/exclude.c
+index ffe55b167..1a5de3b9e 100644
+--- a/exclude.c
++++ b/exclude.c
+@@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
+ parent_dirscan = True;
+ while (*y) {
+ char save[MAXPATHLEN];
+- strlcpy(save, y, MAXPATHLEN);
++ /* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */
++ size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1;
+ *y = '\0';
+ dirbuf_len = y - dirbuf;
+ strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf));
+@@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
+ lp->head = NULL;
+ }
+ lp->tail = NULL;
+- strlcpy(y, save, MAXPATHLEN);
++ strlcpy(y, save, copylen);
+ while ((*x++ = *y++) != '/') {}
+ }
+ parent_dirscan = False;
diff --git a/net-misc/rsync/rsync-3.2.7-r3.ebuild b/net-misc/rsync/rsync-3.2.7-r3.ebuild
new file mode 100644
index 000000000000..01c09f3cd5ca
--- /dev/null
+++ b/net-misc/rsync/rsync-3.2.7-r3.ebuild
@@ -0,0 +1,204 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Uncomment when introducing a patch which touches configure
+#RSYNC_NEEDS_AUTOCONF=1
+PYTHON_COMPAT=( python3_{9..11} )
+inherit flag-o-matic prefix python-single-r1 systemd
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="https://rsync.samba.org/"
+if [[ ${PV} == *9999 ]] ; then
+ EGIT_REPO_URI="https://github.com/WayneD/rsync.git"
+ inherit autotools git-r3
+
+ REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+else
+ VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/waynedavison.asc
+ inherit verify-sig
+
+ if [[ -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then
+ inherit autotools
+ fi
+
+ if [[ ${PV} == *_pre* ]] ; then
+ SRC_DIR="src-previews"
+ else
+ SRC_DIR="src"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+ fi
+
+ SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz
+ verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )"
+ S="${WORKDIR}"/${P/_/}
+fi
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="acl examples iconv lz4 rrsync ssl stunnel system-zlib xattr xxhash zstd"
+REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )"
+REQUIRED_USE+=" rrsync? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND="
+ >=dev-libs/popt-1.5
+ acl? ( virtual/acl )
+ examples? (
+ ${PYTHON_DEPS}
+ dev-lang/perl
+ )
+ lz4? ( app-arch/lz4:= )
+ rrsync? (
+ ${PYTHON_DEPS}
+ $(python_gen_cond_dep '
+ dev-python/bracex[${PYTHON_USEDEP}]
+ ')
+ )
+ ssl? ( dev-libs/openssl:= )
+ system-zlib? ( sys-libs/zlib )
+ xattr? ( kernel_linux? ( sys-apps/attr ) )
+ xxhash? ( >=dev-libs/xxhash-0.8 )
+ zstd? ( >=app-arch/zstd-1.4:= )
+ iconv? ( virtual/libiconv )"
+DEPEND="${RDEPEND}"
+BDEPEND="
+ examples? ( ${PYTHON_DEPS} )
+ rrsync? ( ${PYTHON_DEPS} )
+"
+
+if [[ ${PV} == *9999 ]] ; then
+ BDEPEND+=" ${PYTHON_DEPS}
+ $(python_gen_cond_dep '
+ dev-python/commonmark[${PYTHON_USEDEP}]
+ ')"
+else
+ BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )"
+fi
+
+PATCHES=(
+ "${FILESDIR}"/${P}-flist-memcmp-ub.patch
+ "${FILESDIR}"/${P}-fortify-source-3.patch
+)
+
+pkg_setup() {
+ # - USE=examples needs Python itself at runtime, but nothing else
+ # - 9999 needs commonmark at build time
+ if [[ ${PV} == *9999 ]] || use examples || use rrsync; then
+ python-single-r1_pkg_setup
+ fi
+}
+
+src_prepare() {
+ default
+
+ if [[ ${PV} == *9999 || -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then
+ eaclocal -I m4
+ eautoconf -o configure.sh
+ eautoheader && touch config.h.in
+ fi
+
+ if use examples || use rrsync; then
+ python_fix_shebang support/
+ fi
+
+ if [[ -f rrsync.1 ]]; then
+ # If the pre-build rrsync.1 man page exists, then link to it
+ # from support/rrsync.1 to avoid rsync's build system attempting
+ # re-creating the man page (bug #883049).
+ ln -s ../rrsync.1 support/rrsync.1 || die
+ fi
+}
+
+src_configure() {
+ local myeconfargs=(
+ --with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
+ --without-included-popt
+ --enable-ipv6
+ $(use_enable acl acl-support)
+ $(use_enable iconv)
+ $(use_enable lz4)
+ $(use_with rrsync)
+ $(use_enable ssl openssl)
+ $(use_with !system-zlib included-zlib)
+ $(use_enable xattr xattr-support)
+ $(use_enable xxhash)
+ $(use_enable zstd)
+ )
+
+ # https://github.com/WayneD/rsync/pull/428
+ if is-flagq -fsanitize=undefined ; then
+ sed -E -i \
+ -e 's:#define CAREFUL_ALIGNMENT (0|1):#define CAREFUL_ALIGNMENT 1:' \
+ byteorder.h || die
+ append-flags -DCAREFUL_ALIGNMENT
+ fi
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
+ newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
+
+ dodoc NEWS.md README.md TODO tech_report.tex
+
+ insinto /etc
+ newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/rsyncd.logrotate rsyncd
+
+ insinto /etc/xinetd.d
+ newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
+
+ # Install stunnel helpers
+ if use stunnel ; then
+ emake DESTDIR="${D}" install-ssl-daemon
+ fi
+
+ # Install the useful contrib scripts
+ if use examples ; then
+ # The 'rrsync' script is installed conditionally via the 'rrysnc'
+ # USE flag, and not via the 'examples' USE flag.
+ rm support/rrsync* || die
+
+ exeinto /usr/share/rsync
+ doexe support/*
+
+ rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c}
+ fi
+
+ eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd*
+
+ systemd_newunit packaging/systemd/rsync.service rsyncd.service
+}
+
+pkg_postinst() {
+ if grep -Eqis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
+ "${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
+ ewarn "You have disabled chroot support in your rsyncd.conf. This"
+ ewarn "is a security risk which you should fix. Please check your"
+ ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
+ fi
+
+ if use stunnel ; then
+ einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
+ einfo
+ einfo "You maybe have to update the certificates configured in"
+ einfo "${EROOT}/etc/stunnel/rsync.conf"
+ fi
+
+ if use system-zlib ; then
+ ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when"
+ ewarn "using the --compress option."
+ ewarn
+ ewarn "When syncing with >=rsync-3.1.1 built with bundled zlib,"
+ ewarn "and the --compress option, add --new-compress (-zz)."
+ ewarn
+ ewarn "For syncing the portage tree, add:"
+ ewarn "PORTAGE_RSYNC_EXTRA_OPTS=\"--new-compress\" to make.conf"
+ fi
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-01 22:20:16 +0000