diff options
Diffstat (limited to 'net-misc')
28 files changed, 325 insertions, 2198 deletions
diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz Binary files differindex 7090d0e5abbc..6749e9f2794b 100644 --- a/net-misc/Manifest.gz +++ b/net-misc/Manifest.gz diff --git a/net-misc/dhcpcd/Manifest b/net-misc/dhcpcd/Manifest index db8aaabd5924..23afba8fb284 100644 --- a/net-misc/dhcpcd/Manifest +++ b/net-misc/dhcpcd/Manifest @@ -4,17 +4,16 @@ AUX 10.0.5/0003-control-abort-control-recv-path-hangup.patch 2592 BLAKE2B 483219 AUX 10.0.5/0004-dhcpcd-remove-stdio-callback-detach-daemonize.patch 8772 BLAKE2B ec0c000fe60582dc9d7f2b7d2686dd84eb740d92bd44d1da3af4bca67b0db3f0dd548f4b8a1f3ad5dd4413276267084e7d0da1c181b7fda39dd667e3cd3df2c5 SHA512 e76e37c08a854d4d99bfcbb468aa8b9e83a220812c937e32dca5e6ba66d3aa147bc3f3da25d64b8bafdf1fdbf7fc5c9a46ad336a812e0bac65165bf3435e7471 AUX 10.0.5/0005-fix-privsep-builds-for-prior.patch 589 BLAKE2B 951aa4e4ad7f441c958a4ebe9341616a5041b99cd68f669a6e4bfab6882de7f55a7fafa9a7c75295e77ef38fd823ba44ee8385bc0920e383b515ac7bc89562da SHA512 275337e99543eadeeb8804e1a8f5ec8ccbef9e922a3a25536c3cd69ca0a60cacdda26bbf8103adab46fafd0e2f6e9a6b75dcbec3b6146823ad611b6c9614914c AUX 10.0.5/0006-fix-unused-var-warning.patch 1148 BLAKE2B 2f4a800e55aec46d834777649357a0e4137261d0b7ca342d53b08fdfde69ffe7654478978145c6400feb82f9d1a05598319ccb6e5421da94155829512315fcba SHA512 e8a0874f5a216e101a3adb9f56c12b798263a300f13a9b34ff3ce9b6276f43dc50f39d59977f38ea9abcaa24c49753add19add10589fe185f85dde8451820287 +AUX dhcpcd-10.0.6-rebinding.patch 1351 BLAKE2B 5bf20cc11f82082b9aed01279c2071d948cb4308e935289b2ff7022cd146b4e600cd35dfe63d08006311769b1816cbadb0fcfe7cecaecec64d25fc1f0ddc450f SHA512 c657af1001ea7dbfcd3a6c502667cda3eb164ee532e2083976ab5a46cdc4ab0a0812fd828f0bb98dd6bf326ecdaa3ef16f4d545580c59c63f8aad0e893651427 AUX dhcpcd.initd-r1 339 BLAKE2B f5c8574545d211918cba49b0e0caf22b6dd0630d3e8627e8fc4c40dc4415fd70c83889b631606085ecf87f925a7a199cd5712178a2c90186c6b8ac4f792b0789 SHA512 cd186e4c0733fcd9c333bf7c813a879c38c962bcf6a3288577f6b1632312b10f69ac68ca413c32106559d9e53fa05de78410cba677247b52bcbcf3b35024974f AUX dhcpcd.service-r1 308 BLAKE2B 558789adc2b67ee9d13b8213c9729f23dc691d3da8e96d93283c6c1fcf3733b17036df2a736166414a4a4738ca2a41f11b498326f18dace02e3b77945f7d8f23 SHA512 992b6f3c69b982f1dc01098dbecdee1ee2dc12e59646d13648f378a2e628cc612b65ee15a1373e3cacf7e712c6a6708c6824a9396b53e8ed8b0b3179f5267041 DIST dhcpcd-10.0.3.tar.xz 268872 BLAKE2B c063fbb44b4a6928ffd84c109c1ed8ae0345c81b732fc75ce1c1aebc51c190fa512de9822c1c6865794db126f4ad2aceef97c4da28d6922cca082b1aeedb4760 SHA512 f4437e9aa094ab38f077c455b012f46cc84a39f97a19eae896a0954f24f2064e91407dc7f7be7fae00faf3455a8e50695e94c406f476f88a61b980169a778560 -DIST dhcpcd-10.0.4.tar.xz 269212 BLAKE2B 770ee398eccff20cd4a37f89b841f8d580d9a42b456d93673ab3bf6ddf1ed0e49feda47ea8c1206a8a8582bccde80f45c3efbf2e1d0e493b06f04e2c6df876af SHA512 8af26c4a42ce63e9cae72de68774807b8739aabd19cc2a0260148f3baa25c587bf34a5a0b80239b54d8ab9b79661744e61b0e316d2c510c4da65615268d3e8cf DIST dhcpcd-10.0.5.tar.xz 269696 BLAKE2B 52435e2afa4fa5563b629af3f69b149b87de75097d20819423429741e8f2d16df136409180c509ff08b28fd060ad74da4d73057556349b8041c716dbeb7dbcc3 SHA512 f8213eee93e83c174ce5d2487364400fe07b39bb0f052d072518e12f7189136704f65e1f4467432b477f195d64eebe6ca167aec160aed1575ea9ef551b43eb43 DIST dhcpcd-10.0.6.tar.xz 269392 BLAKE2B 4afd08cf7377b2262d33bf3f7ac503e081572a7c1ffd53b285842a92d99d88fae44e7e6384134bbe1eb839001f822fa7fb43718c42f9e8e6d11a05ec66fa2fc6 SHA512 403d612080c6f1397003dc6a16f59bb5d1d3d3479e3656c598acde4c4aafe1cfa374725c5ae3dddb4972c0f23ffd55d04c3703b97bed5b7060855b61b7738004 DIST dhcpcd-9.5.1.tar.xz 258280 BLAKE2B 355a98d415253608e8f586809d41e7654c1973d956cb3951218e1ff8c928ee414aa1b9854180c78e975898d9eb0f4cb9cc0fe64eefd5690b371989093e1bcb5a SHA512 979c180743d3e01d1996033d42c5606792e3acaef4e600f0ea51c362643a5b2743c6dc2792314c3b66edfa99c3b98d17f46cf3421e2088b37804e6e2167037ee EBUILD dhcpcd-10.0.3.ebuild 4649 BLAKE2B e00e857c44168096c3530004d32bb62250681d686b17954b46bd6993f32ca963d4369ae79ee9d15afc90c53b9e1d7c3f71b2a819278c44e12b59d1cb08a8affb SHA512 3596770f90d6b49b1c677538cbe1b34b482a886a322050f664d90ec6851b839b3294a57144d8e7c1f93530db3e4120b95d11ded5c568162c6ac0510ec9dcbfdf -EBUILD dhcpcd-10.0.4.ebuild 4657 BLAKE2B d4ff3321b12fef8beb4242a119134c77e073bf380e65b61e632fb271844fce0a3dd693977c2f5798adadbb78c6c8c0cd1743f44214fec51f3908e033f7926cab SHA512 b279bd58bcf9ddd41c208354a62a53b75f8a95d5978db85d4ef03a09bd9b2e98261a7b16cb37883df8536ff05c2a205a8459dcce7f8fe82dc148c539b2cd1093 EBUILD dhcpcd-10.0.5-r1.ebuild 4684 BLAKE2B a9f60400d1d3be191f47de793f49413d4d24fbeedd8e637d2a3beedfeaed5a123740323ba438319369845ca78b2771fe366e9f4edaa576716262d68064b76d99 SHA512 166a9f1999e7611a3bf39085a2499c9596e33d9cd35d09c1d1a94fbd5cf0770f994814e315ae2417e7469dd91b8a5c13abde2f12b03d77c909491b653fc95b13 -EBUILD dhcpcd-10.0.5.ebuild 4657 BLAKE2B d4ff3321b12fef8beb4242a119134c77e073bf380e65b61e632fb271844fce0a3dd693977c2f5798adadbb78c6c8c0cd1743f44214fec51f3908e033f7926cab SHA512 b279bd58bcf9ddd41c208354a62a53b75f8a95d5978db85d4ef03a09bd9b2e98261a7b16cb37883df8536ff05c2a205a8459dcce7f8fe82dc148c539b2cd1093 +EBUILD dhcpcd-10.0.6-r1.ebuild 4882 BLAKE2B 36127251e8a47210c44ff05bf9d235f32bf827d3263c3dd9744cd73b84f014ce2378c27a54e04774a173910834e569a75bbc3033109ff5a86fc47d0987e11379 SHA512 0ab02a06d2ac50cd79071ce1ad1c0c0f76e3e3abb5a57ded03dc8a1b8a5e7fb6122aa989ef0643937fed8ecb25c2d722ed2d1a04c2eb11765a79aa6ba9e0a216 EBUILD dhcpcd-10.0.6.ebuild 4825 BLAKE2B 770a30abb6aa31c7c980f9ae97f53ee6390e9aa2f147c2290daf1e3b0202e7ad9c366fbf389e464b0766e8d1a42ecfc643c0e11ad55490d587f039c0def60f56 SHA512 ea7aaa97d18efecb1abbb2ad4b969138e5b4c0b46b772d1c2b5ecc9a8ae844fd320831b9a7eadd03178daa70324a23e3e6f73a3cb36929364776a5f62ee75939 EBUILD dhcpcd-9.5.1.ebuild 4610 BLAKE2B e74ed2bcac66ce60354b6a1d5fe606b91c87057db2e23dd31fd1035aa5ab05042053c62d04b406c5ff9c1b96a2e196a60a8df699c7755319ca50a58f627e684e SHA512 88976827203f49c28d45cb0dfd65b1f71e881e53c617e3cc131f6886197cfcc50dfaa6d0d1a2e6e678e12f9964aa50f70d102475bcbcc9431e6d5f4c98c5120b EBUILD dhcpcd-9999.ebuild 4825 BLAKE2B 770a30abb6aa31c7c980f9ae97f53ee6390e9aa2f147c2290daf1e3b0202e7ad9c366fbf389e464b0766e8d1a42ecfc643c0e11ad55490d587f039c0def60f56 SHA512 ea7aaa97d18efecb1abbb2ad4b969138e5b4c0b46b772d1c2b5ecc9a8ae844fd320831b9a7eadd03178daa70324a23e3e6f73a3cb36929364776a5f62ee75939 diff --git a/net-misc/dhcpcd/dhcpcd-10.0.5.ebuild b/net-misc/dhcpcd/dhcpcd-10.0.5.ebuild deleted file mode 100644 index a320e843768a..000000000000 --- a/net-misc/dhcpcd/dhcpcd-10.0.5.ebuild +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit systemd toolchain-funcs - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/NetworkConfiguration/dhcpcd.git" -else - MY_P="${P/_alpha/-alpha}" - MY_P="${MY_P/_beta/-beta}" - MY_P="${MY_P/_rc/-rc}" - SRC_URI="https://github.com/NetworkConfiguration/dhcpcd/releases/download/v${PV}/${MY_P}.tar.xz" - S="${WORKDIR}/${MY_P}" - - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -fi - -DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client" -HOMEPAGE="https://github.com/NetworkConfiguration/dhcpcd/ https://roy.marples.name/projects/dhcpcd/" - -LICENSE="BSD-2 BSD ISC MIT" -SLOT="0" -IUSE="debug +embedded ipv6 privsep +udev" - -DEPEND="udev? ( virtual/udev )" -RDEPEND=" - ${DEPEND} - privsep? ( - acct-group/dhcpcd - acct-user/dhcpcd - ) -" - -src_configure() { - local myeconfargs=( - --dbdir="${EPREFIX}/var/lib/dhcpcd" - --libexecdir="${EPREFIX}/lib/dhcpcd" - --localstatedir="${EPREFIX}/var" - --prefix="${EPREFIX}" - --with-hook=ntp.conf - $(use_enable debug) - $(use_enable embedded) - $(use_enable ipv6) - $(use_enable privsep) - $(usex elibc_glibc '--with-hook=yp.conf' '') - --rundir=$(usex kernel_linux "${EPREFIX}/run/dhcpcd" "${EPREFIX}/var/run/dhcpcd") - $(usex privsep '--privsepuser=dhcpcd' '') - $(usex udev '' '--without-dev --without-udev') - CC="$(tc-getCC)" - ) - econf "${myeconfargs[@]}" -} - -src_install() { - default - keepdir /var/lib/dhcpcd - newinitd "${FILESDIR}"/dhcpcd.initd-r1 dhcpcd - systemd_newunit "${FILESDIR}"/dhcpcd.service-r1 dhcpcd.service -} - -pkg_postinst() { - local dbdir="${EROOT}"/var/lib/dhcpcd old_files=() - - local old_old_duid="${EROOT}"/var/lib/dhcpcd/dhcpcd.duid - local old_duid="${EROOT}"/etc/dhcpcd.duid - local new_duid="${dbdir}"/duid - if [[ -e "${old_old_duid}" ]] ; then - # Upgrade the duid file to the new format if needed - if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then - sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}" - fi - - # Move the duid to /etc, a more sensible location - if [[ ! -e "${old_duid}" ]] ; then - cp -p "${old_old_duid}" "${new_duid}" - fi - old_files+=( "${old_old_duid}" ) - fi - - # dhcpcd-7 moves the files out of /etc - if [[ -e "${old_duid}" ]] ; then - if [[ ! -e "${new_duid}" ]] ; then - cp -p "${old_duid}" "${new_duid}" - fi - old_files+=( "${old_duid}" ) - fi - local old_secret="${EROOT}"/etc/dhcpcd.secret - local new_secret="${dbdir}"/secret - if [[ -e "${old_secret}" ]] ; then - if [[ ! -e "${new_secret}" ]] ; then - cp -p "${old_secret}" "${new_secret}" - fi - old_files+=( "${old_secret}" ) - fi - - # dhcpcd-7 renames some files in /var/lib/dhcpcd - local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic - local new_rdm="${dbdir}"/rdm_monotonic - if [[ -e "${old_rdm}" ]] ; then - if [[ ! -e "${new_rdm}" ]] ; then - cp -p "${old_rdm}" "${new_rdm}" - fi - old_files+=( "${old_rdm}" ) - fi - local lease= - for lease in "${dbdir}"/dhcpcd-*.lease*; do - [[ -f "${lease}" ]] || continue - old_files+=( "${lease}" ) - local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//") - [[ -e "${dbdir}/${new_lease}" ]] && continue - cp "${lease}" "${dbdir}/${new_lease}" - done - - # Warn about removing stale files - if [[ -n "${old_files[@]}" ]] ; then - elog - elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from" - elog "${EROOT}/etc to ${dbdir}" - elog "and copied leases in ${dbdir} to new files with the dhcpcd-" - elog "prefix dropped." - elog - elog "You should remove these files if you don't plan on reverting" - elog "to an older version:" - local old_file= - for old_file in ${old_files[@]}; do - elog " ${old_file}" - done - fi - - if [ -z "${REPLACING_VERSIONS}" ]; then - elog - elog "dhcpcd has zeroconf support active by default." - elog "This means it will always obtain an IP address even if no" - elog "DHCP server can be contacted, which will break any existing" - elog "failover support you may have configured in your net configuration." - elog "This behaviour can be controlled with the noipv4ll configuration" - elog "file option or the -L command line switch." - elog "See the dhcpcd and dhcpcd.conf man pages for more details." - - elog - elog "Dhcpcd has duid enabled by default, and this may cause issues" - elog "with some dhcp servers. For more information, see" - elog "https://bugs.gentoo.org/show_bug.cgi?id=477356" - fi - - if ! has_version net-dns/bind-tools; then - elog - elog "If you activate the lookup-hostname hook to look up your hostname" - elog "using the dns, you need to install net-dns/bind-tools." - fi -} diff --git a/net-misc/dhcpcd/dhcpcd-10.0.4.ebuild b/net-misc/dhcpcd/dhcpcd-10.0.6-r1.ebuild index a320e843768a..b0cf48a7b84b 100644 --- a/net-misc/dhcpcd/dhcpcd-10.0.4.ebuild +++ b/net-misc/dhcpcd/dhcpcd-10.0.6-r1.ebuild @@ -34,6 +34,21 @@ RDEPEND=" ) " +QA_CONFIG_IMPL_DECL_SKIP=( + # These don't exist on Linux/glibc (bug #900264) + memset_explicit + memset_s + setproctitle + strtoi + consttime_memequal + SHA256_Init + hmac +) + +PATCHES=( + "${FILESDIR}"/${PN}-10.0.6-rebinding.patch +) + src_configure() { local myeconfargs=( --dbdir="${EPREFIX}/var/lib/dhcpcd" diff --git a/net-misc/dhcpcd/files/dhcpcd-10.0.6-rebinding.patch b/net-misc/dhcpcd/files/dhcpcd-10.0.6-rebinding.patch new file mode 100644 index 000000000000..6457368f1150 --- /dev/null +++ b/net-misc/dhcpcd/files/dhcpcd-10.0.6-rebinding.patch @@ -0,0 +1,46 @@ +https://bugs.gentoo.org/920652#c2 +https://github.com/NetworkConfiguration/dhcpcd/commit/8ab7ca1eb4e9bb797d6e6d955c83d8a82f69a663 + +From 8ab7ca1eb4e9bb797d6e6d955c83d8a82f69a663 Mon Sep 17 00:00:00 2001 +From: Roy Marples <roy@marples.name> +Date: Sun, 24 Dec 2023 12:07:25 +0000 +Subject: [PATCH] DHCP: DECLINE address on ARP defend failure + +Also, drop the lease. +This should get us a new address from the DHCP server when we +re-enter DISCOVER to avoid looping on the same address and fail +again. +--- + src/dhcp.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/dhcp.c b/src/dhcp.c +index 014ce6cf..a58e1db2 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -1944,7 +1944,11 @@ dhcp_expire(void *arg) + static void + dhcp_decline(struct interface *ifp) + { ++ struct dhcp_state *state = D_STATE(ifp); + ++ // Set the expired state so we send over BPF as this could be ++ // an address defence failure. ++ state->added |= STATE_EXPIRED; + send_message(ifp, DHCP_DECLINE, NULL); + } + #endif +@@ -2098,8 +2102,12 @@ static void + dhcp_arp_defend_failed(struct arp_state *astate) + { + struct interface *ifp = astate->iface; ++ struct dhcp_state *state = D_STATE(ifp); + ++ if (!(ifp->options->options & (DHCPCD_INFORM | DHCPCD_STATIC))) ++ dhcp_decline(ifp); + dhcp_drop(ifp, "EXPIRED"); ++ dhcp_unlink(ifp->ctx, state->leasefile); + dhcp_start1(ifp); + } + #endif + diff --git a/net-misc/iperf/Manifest b/net-misc/iperf/Manifest index 400193712040..715bb800664a 100644 --- a/net-misc/iperf/Manifest +++ b/net-misc/iperf/Manifest @@ -6,14 +6,10 @@ AUX iperf.confd 200 BLAKE2B 3ea37bb2ee8c3994e3d2f877e0c0d4a695e26ea0ecc51005c059 AUX iperf.initd-r1 437 BLAKE2B 66c72b35df0002d972ea483c3748a2ef5a1809c8e953f4fe1ba0022957046973839303596c43cca2b5c1ec4673fcf7c148c71b6c9b17f05506119734439897ba SHA512 5515ee1ca14d15fe2968e3f88e4ec1eb3860625aec27b4ae2f94667e6d3b3cb25dd76891121e658ad4346d8bfc9e1047630e586d90361ef364cb1bc8208ac4c1 AUX iperf3.initd 287 BLAKE2B 4e99a38963676e411481f18ebbe492b5d0cea179be7fe590712f4a83c45ef426a8eada38b671c32023e5661e03d9bd52c9f361f8702a94999ce8134534f87bc2 SHA512 39718252b3ffc9e8cbc8da82308a3ba0ecd77f9bb7d5ab27dded0292e15079b8a877996e37d3ecd527ed1de6f6dd65b360180dc624fbbda8541605b657620040 DIST iperf-2.0.13.tar.gz 326148 BLAKE2B 2a40aea9e2d7fdc935b91be5e4e586bf68dd27604375d2570570145e5db1ea5837469a4989f47586986932bef33cba05ed19ed3a9ce40c0a5531581c6d3ba982 SHA512 40fcfb8f4d27887f53a743ac07396511fb2a7ac59f4b300fe36896bd0241e191945fa253705990711772ee776d5e4227ed62760fc92abebdfebcedd11c27c0ea -DIST iperf-3.13.tar.gz 648754 BLAKE2B 8b08ae0e67ed066c7dabd115b757fefff03196aa2d732b6d88e20cf82ea3a5431b9be753fcc7b331932a5e59dc3e24ff4b929a7a1af5b500704cdd5094bf6859 SHA512 067147edffa1d7482a9fc5d54638091f8bc099b9c45d9a471f4e33730463548fb2350749620f2ca3ff509cd7a9c4f63bf01f84cab36718edd8784ce7a15ca368 -DIST iperf-3.14.tar.gz 650626 BLAKE2B 3809689964721ec2f58d29985c1767bc12473f9b659fd8bd430adb00558ceda2519276dbc0df5cb9634ef96d3d98708b8413a712cdb372bd34a28a330049349f SHA512 a90fbaddd73e5b721a84cee71cefb63391c13f64107f5785e954e7c44e9a8c5072e402b6fe45434966d3cc58ac97227c608ca9719161fc23459c5e5efcf8232b DIST iperf-3.15.tar.gz 649330 BLAKE2B f086d506d1de8e8b333a7ad46a94279aa5b42800ded7cc6724c3400e479a6523b336c74b5956d07117a178b5f89934553535824a05daafcdb2eb8d31754680e1 SHA512 988bc558f40a16c3d94df3956705712829c1c529efd577db16213783846c84bc3edbad19a4d7890b7aba08fbc4e1c6807105df29931e9b45981066b609d87aa2 DIST iperf-3.16.tar.gz 664751 BLAKE2B 4ca930b58c54d5ae5b0c8b14aca2556224ff2c7b943d32e65486dc2a7e1abd2d26b229e9f759358c326be8754e88a203e11a3ab0f029daa982375a880c3f1cbd SHA512 9ba97e03f17f3b939343b07ed3d508fbf57489e2b984b77a3dc3ada535f981350e56495154bdd108a83b3c507ccbed599b2b7b25de0d1778912d2c01b4ad4e7c EBUILD iperf-2.0.14a.ebuild 863 BLAKE2B 48a3db3ec6b41bad2abef2854e694949a1e14cb71c01b52de2ca28149c9430a9b052f70959b1eb0630ca6ee6460dd54e0e0420a65892e6a86eb3e67875b673b0 SHA512 cd0241a86c550a18572042151c402913ec5e362611580b7a70de5b38c6664c3398f06258be706d311704046f4add0b868a81f913c7afd1d06622307fdc215913 EBUILD iperf-2.9999.ebuild 670 BLAKE2B bb3d273743f45439dbcf4b88ea83010ceac93f7659a33a4c1197b1c946366dc4c00a7f7b017ff2050642b6a1b333934b272345aa3713b1a508f9c232f31dbbae SHA512 4b2ef29cca81a9d849356163c1d2e5c2f8eb19f45ee8c468c30950a2397e4a8a6f8c5ade0db47e9769f8a8e7d2fb77026bfa75b1325475ed9fcf80e07fa731c7 -EBUILD iperf-3.13.ebuild 1144 BLAKE2B a8dd65ba919a755de98b36345eda0b394195d7c898cce1a45a72b94681ed065d465ba5cd49b4002c759f16fdc6bd15ab1b3afa0a875aa86ef8b1336f96f011fa SHA512 cc05d282e01ddb988bba00d41deb347c4e34434bb808783b35e96e65960e64e944338bca5374afc828e2d4e8f8eae19c7a01c4dd770177f14de1168000c98ff7 -EBUILD iperf-3.14.ebuild 1144 BLAKE2B a8dd65ba919a755de98b36345eda0b394195d7c898cce1a45a72b94681ed065d465ba5cd49b4002c759f16fdc6bd15ab1b3afa0a875aa86ef8b1336f96f011fa SHA512 cc05d282e01ddb988bba00d41deb347c4e34434bb808783b35e96e65960e64e944338bca5374afc828e2d4e8f8eae19c7a01c4dd770177f14de1168000c98ff7 EBUILD iperf-3.15.ebuild 1141 BLAKE2B 20133db4023bc0efcfd458572e2dc543a4e6db5d3116361f4375e84123a83b492288ed27c3c51f3784be81976f0c4c2db594477c0cbeaa02b4ad514823ee3b64 SHA512 1015cfb39c2a16747561a758d7c7ac7c42c4157902d96f986b9b50344d47fe625a2fa8605a6016780675daaa0aa053c530dac4b478560383e6b21f3dc431e12d EBUILD iperf-3.16.ebuild 1149 BLAKE2B cb36cc58e479128d68984b25f6ad43f4bf8784fe0489e1592e9e1cb0b6f126fb36fc84473a6dddeb232f1692d091a042812b41d43e9df0ae40f3d9ff5d550fcb SHA512 d130491dcc822d6e89ff341cebc6aa7abf49425ff1d7b421f207c986540df407b4a35e5e69aaab153079bea5f782b5ebe8c750810a041c895529e4d0d70db911 MISC metadata.xml 570 BLAKE2B e17cc2b8458663f6ed2e9de7cca4e6a0d2e21e7f0c22a92c7b2d8589a944a466436f0dec4e18843641cc9364f407b061ff44dbbe342162ab28556ec953b029b4 SHA512 e3acd2262d442675557b837bbed0feaf7a1f148f7306b64139d8ba39d052794a9e7b60f125eee8745b0d13cdeafbb93012c62d1c524caa1e0f4730d1200426cc diff --git a/net-misc/iperf/iperf-3.13.ebuild b/net-misc/iperf/iperf-3.13.ebuild deleted file mode 100644 index a136b4ecd132..000000000000 --- a/net-misc/iperf/iperf-3.13.ebuild +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit autotools systemd - -DESCRIPTION="A TCP, UDP, and SCTP network bandwidth measurement tool" -HOMEPAGE="https://github.com/esnet/iperf" -SRC_URI="https://github.com/esnet/iperf/archive/${PV/_/}.tar.gz -> ${P}.tar.gz" -S="${WORKDIR}"/${P/_/} - -LICENSE="BSD" -SLOT="3" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos" -IUSE="sctp" - -DEPEND=" - >=dev-libs/cJSON-1.7.15 - dev-libs/openssl:= - sctp? ( net-misc/lksctp-tools ) -" -RDEPEND="${DEPEND}" -BDEPEND="virtual/pkgconfig" - -DOCS=( README.md RELNOTES.md ) - -PATCHES=( - "${FILESDIR}"/${PN}-3.10.1-drop-forced-debugging-symbols.patch - "${FILESDIR}"/${PN}-3.12-Unbundle-cJSON.patch -) - -src_prepare() { - default - - # Drop bundled cjson - rm src/cjson.{c,h} || die - - eautoreconf -} - -src_configure() { - econf $(use_with sctp) -} - -src_install() { - default - - newconfd "${FILESDIR}"/iperf.confd iperf3 - newinitd "${FILESDIR}"/iperf3.initd iperf3 - systemd_dounit contrib/iperf3.service - - find "${ED}" -name '*.la' -delete || die -} diff --git a/net-misc/iperf/iperf-3.14.ebuild b/net-misc/iperf/iperf-3.14.ebuild deleted file mode 100644 index a136b4ecd132..000000000000 --- a/net-misc/iperf/iperf-3.14.ebuild +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit autotools systemd - -DESCRIPTION="A TCP, UDP, and SCTP network bandwidth measurement tool" -HOMEPAGE="https://github.com/esnet/iperf" -SRC_URI="https://github.com/esnet/iperf/archive/${PV/_/}.tar.gz -> ${P}.tar.gz" -S="${WORKDIR}"/${P/_/} - -LICENSE="BSD" -SLOT="3" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos" -IUSE="sctp" - -DEPEND=" - >=dev-libs/cJSON-1.7.15 - dev-libs/openssl:= - sctp? ( net-misc/lksctp-tools ) -" -RDEPEND="${DEPEND}" -BDEPEND="virtual/pkgconfig" - -DOCS=( README.md RELNOTES.md ) - -PATCHES=( - "${FILESDIR}"/${PN}-3.10.1-drop-forced-debugging-symbols.patch - "${FILESDIR}"/${PN}-3.12-Unbundle-cJSON.patch -) - -src_prepare() { - default - - # Drop bundled cjson - rm src/cjson.{c,h} || die - - eautoreconf -} - -src_configure() { - econf $(use_with sctp) -} - -src_install() { - default - - newconfd "${FILESDIR}"/iperf.confd iperf3 - newinitd "${FILESDIR}"/iperf3.initd iperf3 - systemd_dounit contrib/iperf3.service - - find "${ED}" -name '*.la' -delete || die -} diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 9aeb6d13e1fd..062ec9a45877 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -12,20 +12,13 @@ AUX sshd.pam_include.2 156 BLAKE2B 91ebefbb1264fe3fe98df0a72ac22a4cd8a787b3b391a AUX sshd.service.1 298 BLAKE2B 7a4f2e2656096b09a8b435d393ea9b0a7bd10a2a9f0e9d9cf49b9ae9600cccfb19a64e09f4cf718e8054fc997f21656f609eb3af15ee2e3576531a88b5709842 SHA512 efc936ca412999e3b1acabe6cf4e87c033fe468cede1c3c499499e252cf7cdeca0841e5e1862ebe316ff3f4bf758fba674f08d081b403713e154b6bbc37da365 AUX sshd.socket 136 BLAKE2B 22e218c831fc384a3151ef97c391253738fa9002e20cf4628c6fe3d52d4b0ac3b957da58f816950669d0a6f8f2786251c6dfc31bbb863f837a3f52631341dc2e SHA512 4d31d373b7bdae917dc0cf05418c71d4743e98e354aefcf055f88f55c9c644a5a0e0e605dbb8372c1b98d17c0ea1c8c0fee27d38ab8dbe23c7e420a6a78c6d42 AUX sshd_at.service.1 163 BLAKE2B b5c77d69e3860d365ba96a5b2fe14514bda9425e170fc7f324dcaf95fb02756ef9c5c2658904e812232f40fac9a3c2f4abf61b9129038bde66bb7d3a992d2606 SHA512 fbfe0aed3a5e99f15dc68838975cc49a206d697fb3549d8b31db25617dc7b7b8dd2397d865d89f305d5da391cd56a69277c2215c4335fccb4dd6a9b95ba34e2f -DIST openssh-9.3p1.tar.gz 1856839 BLAKE2B 45578edf98bba3d23c7cefe60d8a7d3079e7c6676459f7422ace7a2461ab96943fbcadb478633a80f40bc098f2435722850b563714adb78b14922be53cb5753d SHA512 087ff6fe5f6caab4c6c3001d906399e02beffad7277280f11187420c2939fd4befdcb14643862a657ce4cad2f115b82a0a1a2c99df6ee54dcd76b53647637c19 -DIST openssh-9.3p1.tar.gz.asc 833 BLAKE2B e6533d64b117a400b76b90f71fa856d352dea57d91e4e89fa375429403ac0734cc0a2f075bc58c6bb4f40a8f9776735aa36bdb0bbf3880a2115cea787633e48b SHA512 6222378eb24a445c6c1db255392b405f5369b1af0e92f558d4ba05b0d83ab0d084cb8f4b91d7ae8636f333d970638a6635e2bc7af885135dd34992d87f2ef1f4 -DIST openssh-9.3p2.tar.gz 1835850 BLAKE2B 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f SHA512 15b8c57aa120186f1d1c3c2b8dc6ffd26733e12f755a6b0a4255d9ec1815a61506275ff5723b4ac029e44bc2ad22852ac36e1101f292348fbfa79aa1a4cd3f35 -DIST openssh-9.3p2.tar.gz.asc 833 BLAKE2B cfba3867d7f97cb2c904bd3ae111bd63e8a050464b66e3f3f22390839a153d57ef5819182f8ad99a6b520f27881143552dc64fccfc33dcc0483ffe1ef33a5a47 SHA512 759e512a36a3a62264803b517298a65c83e1daebd9867e28ea1ca4999c38539368815ccda86540a4f5d45fa79c539d8242995ba55f2918baf2a7404c105e337a DIST openssh-9.4p1.tar.gz 1845094 BLAKE2B d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 SHA512 0aaedeced7dbc70419c7245eb0e9db4ef570e0e7739b890ebae04d56da5fe8d147e8e150f3c943f60730976569e3ac6cc8da62ec7e2a78e2ef47d295ca0b1d25 DIST openssh-9.4p1.tar.gz.asc 833 BLAKE2B 95eedd9356766e5d0ea1261da3dc4c7869f054b418c626fb35815a0aa655b1ddbf54436b437d98c4344b05c9196c8fa1f592eac07b3ccf08bd3e980f8b6955af SHA512 983b4ebaa3b98e70831ce686cb503270926c065163a2510eef0c5102ef50b6e665b889ee15ea8c0bd7c4bbddb19270f036e1d554a8212ef2c292f9c682c8631a DIST openssh-9.5p1.tar.gz 1843001 BLAKE2B 55dbb0a2792b0046c943a19ca0966660e6e378e77856e94823a1bbbafaa0da94357403765c4c028aebf6543049a0f9bbe0019629be3f92cdadfac1be56def796 SHA512 e183fdf7477fd986215b889eea4a945d71385e35305746ccb164e757ecc28166f429c70890a237d8ef4cdcae5132935ba2ecb3b2a658eb73a6afcf6f42277b9c DIST openssh-9.5p1.tar.gz.asc 833 BLAKE2B abec3d14d9a880008db202be00ed446ccc0a98ce77c16a9e6d6492feac07c8f3284f9cd24f6ee1d904a55f9f23d5cce8a716916975c179a38ef6bde1d36e0acf SHA512 2b6de653420ba02eb99c7e6fba09af3bacfe9c701f3dfc3c94f41a3539c0414954fc5c64cce63c488c5ccd5d4ddb42d3f2184ff7f323342c885c47bf7d426ca1 DIST openssh-9.6p1.tar.gz 1857862 BLAKE2B dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd SHA512 0ebf81e39914c3a90d7777a001ec7376a94b37e6024baf3e972c58f0982b7ddef942315f5e01d56c00ff95603b4a20ee561ab918ecc55511df007ac138160509 DIST openssh-9.6p1.tar.gz.asc 833 BLAKE2B 9363d02f85457aa90069020827306a2f49d8406e32f5ee1d231844648dd2ffa02fa9b7325b8677a11e46a0ba0d9ffc86d9c989435d691a02f5354a956c49f9f9 SHA512 aec5a5bd6ce480a8e5b5879dc55f8186aec90fe61f085aa92ad7d07f324574aa781be09c83b7443a32848d091fd44fb12c1842d49cee77afc351e550ffcc096d -EBUILD openssh-9.3_p1-r1.ebuild 13447 BLAKE2B 4e5798dfb8bcae6554dbf9ebad887a7527bf929f4c217b5d419c1ed6149b3f57c133784206a98df494450e1e98f61e25ba69c8d47a4b4015c0586f73f9e8a3a2 SHA512 de8766e7c15572dc8521965f7831ab9d7115f562f0893b514134cc2c4f914933efe34e6ea72712e1f049fe406ae848e7e4f36b03b9e21a92bcba693a63d51593 -EBUILD openssh-9.3_p2.ebuild 13571 BLAKE2B c271bdc5b85ebb0f8669f5cd838fba860960fb4af8b2e820d7a92cd3e91a862eee44534ab42f3f7177acb3e868d3278418525d441d5eb22ddf4b61ff820b2678 SHA512 8651efe3d7e0d5aaae6b11bccb0fccd6338a938a57a5aa860203cf3af84520f32c0cf2fb563f02e50e71c696b86a712be3f6db335802ada660b82a508bd56c9c EBUILD openssh-9.4_p1-r1.ebuild 13388 BLAKE2B e9e6c2bdc30df9c16488c0b1d176e2e3ad84b6d26b6061ad1dfcc4ac968b1b0e0aef70ee8e83ea31d7165d5ab9f2223ce6bbccf8484b9a80a3e5ec76377ce624 SHA512 bab7dd22e43ce950c65365104d132297deb66d577a7f58a1d4bac67ea7e9b2319cdcab7ecf739f316528229bf21b5a0ec2b9ed7f690078be4ccefce0663ae596 EBUILD openssh-9.5_p1-r2.ebuild 13261 BLAKE2B 09edffc733d459734c20122b0b6795822ccaf9acf6699ac335ed58bfdad56616a1835e236d80424e16dacda24c1ce64cf54a89fca5dabcb33c1c4ecddc5dca1a SHA512 a4ef119fa28e209296e416ed00ca10e793895d45c5de2e1662ea8cadf43cf9cb6fc5757b91c6237cd0829bc4e7b5f0f729448b25de7b9c1e011a325fe059f374 EBUILD openssh-9.6_p1-r1.ebuild 14012 BLAKE2B 3c621dc111aabb2426f157c7e7b97c15c018ebda64cfe7995947c5a9e77cee69997cf91f868fece41351a2c5caadd2fa4419503ed4708bd301b14d3712986b9a SHA512 c5cee410667aab17cef22c4c88bc7d97b0409d4c9a0784200f0e07299eac4dae141e045178e02d3cbba493dcb385a87ee1e56e8ffa12e32feeb7359c783f723d -EBUILD openssh-9.6_p1.ebuild 13219 BLAKE2B 1518912a47a93f51d3e5091d74f2605144749b6d364f276a4091761d7712daaeb77da18e46d2985d37edf838a6b089fe5c10714c5c1344f4a0b5677ba86eb05b SHA512 5bbb566bdcade2760b48508b99768fcc26e082eecc2aa2c0d4d4b4eb01cfc056e17c48fd51e772b1d8c30e872007755e14434a55d7cefec273f629630a35bd9e MISC metadata.xml 1788 BLAKE2B d04d3030f70f3615522672fa56e684acaa67ddce8d16cce86ba8911fb8fc11ed152be012ecf560427d271868c4841a7422aaa644305947302d3ebab62bdb577d SHA512 bd328e3a33ce04b989149333db5f774f1b52540f12ef83b08b7fcf136ae2a3a9c83bef42c28991d3536249098ca0b9ffd21e583d93599580510d8619e9fd01ca diff --git a/net-misc/openssh/openssh-9.3_p1-r1.ebuild b/net-misc/openssh/openssh-9.3_p1-r1.ebuild deleted file mode 100644 index a487a61fc387..000000000000 --- a/net-misc/openssh/openssh-9.3_p1-r1.ebuild +++ /dev/null @@ -1,380 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/" -SRC_URI=" - mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc )" -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND="${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND="${RDEPEND} - !net-misc/openssh-contrib - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -# Weird dep construct for newer gcc-config for bug #872416 -BDEPEND=" - sys-devel/autoconf - virtual/pkgconfig - || ( - >=sys-devel/gcc-config-2.6 - >=sys-devel/clang-toolchain-symlinks-14-r1:14 - >=sys-devel/clang-toolchain-symlinks-15-r1:15 - >=sys-devel/clang-toolchain-symlinks-16-r1:* - ) - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex - "${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch" - "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" - "${FILESDIR}/${PN}-9.3_p1-gss-use-HOST_NAME_MAX.patch" #834044 - "${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch" - "${FILESDIR}/${PN}-9.3_p2-zlib-1.3.patch" #912766 -) - -pkg_pretend() { - local i enabled_eol_flags disabled_eol_flags - for i in hpn sctp X509; do - if has_version "net-misc/openssh[${i}]"; then - enabled_eol_flags+="${i}," - disabled_eol_flags+="-${i}," - fi - done - - if [[ -n ${enabled_eol_flags} && ${OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING} != yes ]]; then - ewarn "net-misc/openssh does not support USE='${enabled_eol_flags%,}' anymore." - ewarn "The Base system team *STRONGLY* recommends you not rely on this functionality," - ewarn "since these USE flags required third-party patches that often trigger bugs" - ewarn "and are of questionable provenance." - ewarn - ewarn "If you must continue relying on this functionality, switch to" - ewarn "net-misc/openssh-contrib. You will have to remove net-misc/openssh from your" - ewarn "world file first: 'emerge --deselect net-misc/openssh'" - ewarn - ewarn "In order to prevent loss of SSH remote login access, we will abort the build." - ewarn "Whether you proceed with disabling the USE flags or switch to the -contrib" - ewarn "variant, when re-emerging you will have to set" - ewarn - ewarn " OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - - die "Building net-misc/openssh[${disabled_eol_flags%,}] without OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - fi - - # Make sure people who are using tcp wrappers are notified of its removal. #531156 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like" - ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please." - fi -} - -src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - - # don't break .ssh/authorized_keys2 for fun - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die - - eapply -- "${PATCHES[@]}" - - [[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches - - eapply_user #473004 - - # These tests are currently incompatible with PORTAGE_TMPDIR/sandbox - sed -e '/\t\tpercent \\/ d' \ - -i regress/Makefile || die - - tc-export PKG_CONFIG - local sed_args=( - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" - # Disable fortify flags ... our gcc does this for us - -e 's:-D_FORTIFY_SOURCE=2::' - ) - - # _XOPEN_SOURCE causes header conflicts on Solaris - [[ ${CHOST} == *-solaris* ]] && sed_args+=( - -e 's/-D_XOPEN_SOURCE//' - ) - sed -i "${sed_args[@]}" configure{.ac,} || die - - eautoreconf -} - -src_configure() { - addwrite /dev/ptmx - - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG - use static && append-ldflags -static - use xmss && append-cflags -DWITH_XMSS - - if [[ ${CHOST} == *-solaris* ]] ; then - # Solaris' glob.h doesn't have things like GLOB_TILDE, configure - # doesn't check for this, so force the replacement to be put in - # place - append-cppflags -DBROKEN_GLOB - fi - - # use replacement, RPF_ECHO_ON doesn't exist here - [[ ${CHOST} == *-darwin* ]] && export ac_cv_func_readpassphrase=no - - local myconf=( - --with-ldflags="${LDFLAGS}" - --disable-strip - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run - --sysconfdir="${EPREFIX}"/etc/ssh - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc - --datadir="${EPREFIX}"/usr/share/openssh - --with-privsep-path="${EPREFIX}"/var/empty - --with-privsep-user=sshd - --with-hardening - $(use_with audit audit linux) - $(use_with kerberos kerberos5 "${EPREFIX}"/usr) - $(use_with ldns) - $(use_with libedit) - $(use_with pam) - $(use_with pie) - $(use_with selinux) - $(use_with security-key security-key-builtin) - $(use_with ssl openssl) - $(use_with ssl ssl-engine) - ) - - if use elibc_musl; then - # musl defines bogus values for UTMP_FILE and WTMP_FILE - # https://bugs.gentoo.org/753230 - myconf+=( --disable-utmp --disable-wtmp ) - fi - - # Workaround for Clang 15 miscompilation with -fzero-call-used-regs=all - # bug #869839 (https://github.com/llvm/llvm-project/issues/57692) - tc-is-clang && myconf+=( --without-hardening ) - - econf "${myconf[@]}" -} - -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi - - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" </dev/null -} - -# Gentoo tweaks to default config files. -tweak_ssh_configs() { - local locale_vars=( - # These are language variables that POSIX defines. - # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 - LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME - - # These are the GNU extensions. - # https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html - LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE - ) - - dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die - Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" - EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die - Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo.conf || die - # Send locale environment variables (bug #367017) - SendEnv ${locale_vars[*]} - - # Send COLORTERM to match TERM (bug #658540) - SendEnv COLORTERM - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo-security.conf || die - RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die - # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo.conf || die - # Allow client to pass locale environment variables (bug #367017) - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM (bug #658540) - AcceptEnv COLORTERM - EOF - - if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-pam.conf || die - UsePAM yes - # This interferes with PAM. - PasswordAuthentication no - # PAM can do its own handling of MOTD. - PrintMotd no - PrintLastLog no - EOF - fi - - if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf || die - # Allow root login with password on livecds. - PermitRootLogin Yes - EOF - fi -} - -src_install() { - emake install-nokeys DESTDIR="${D}" - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd-r1.initd sshd - newconfd "${FILESDIR}"/sshd-r1.confd sshd - - if use pam; then - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - fi - - tweak_ssh_configs - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh - rmdir "${ED}"/var/empty || die - - systemd_dounit "${FILESDIR}"/sshd.socket - systemd_newunit "${FILESDIR}"/sshd.service.1 sshd.service - systemd_newunit "${FILESDIR}"/sshd_at.service.1 'sshd@.service' -} - -pkg_preinst() { - if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then - show_ssl_warning=1 - fi -} - -pkg_postinst() { - local old_ver - for old_ver in ${REPLACING_VERSIONS}; do - if ver_test "${old_ver}" -lt "5.8_p1"; then - elog "Starting with openssh-5.8p1, the server will default to a newer key" - elog "algorithm (ECDSA). You are encouraged to manually update your stored" - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." - fi - if ver_test "${old_ver}" -lt "7.0_p1"; then - elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream." - elog "Make sure to update any configs that you might have. Note that xinetd might" - elog "be an alternative for you as it supports USE=tcpd." - fi - if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518 - elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" - elog "weak sizes. If you rely on these key types, you can re-enable the key types by" - elog "adding to your sshd_config or ~/.ssh/config files:" - elog " PubkeyAcceptedKeyTypes=+ssh-dss" - elog "You should however generate new keys using rsa or ed25519." - - elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" - elog "to 'prohibit-password'. That means password auth for root users no longer works" - elog "out of the box. If you need this, please update your sshd_config explicitly." - fi - if ver_test "${old_ver}" -lt "7.6_p1"; then - elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely." - elog "Furthermore, rsa keys with less than 1024 bits will be refused." - fi - if ver_test "${old_ver}" -lt "7.7_p1"; then - elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality." - elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option" - elog "if you need to authenticate against LDAP." - elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details." - fi - if ver_test "${old_ver}" -lt "8.2_p1"; then - ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you" - ewarn "will not be able to establish new sessions. Restarting sshd over a ssh" - ewarn "connection is generally safe." - fi - if ver_test "${old_ver}" -lt "9.2_p1-r1" && systemd_is_booted; then - ewarn "From openssh-9.2_p1-r1 the supplied systemd unit file defaults to" - ewarn "'Restart=on-failure', which causes the service to automatically restart if it" - ewarn "terminates with an unclean exit code or signal. This feature is useful for most users," - ewarn "but it can increase the vulnerability of the system in the event of a future exploit." - ewarn "If you have a web-facing setup or are concerned about security, it is recommended to" - ewarn "set 'Restart=no' in your sshd unit file." - fi - done - - if [[ -n ${show_ssl_warning} ]]; then - elog "Be aware that by disabling openssl support in openssh, the server and clients" - elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys" - elog "and update all clients/servers that utilize them." - fi -} diff --git a/net-misc/openssh/openssh-9.3_p2.ebuild b/net-misc/openssh/openssh-9.3_p2.ebuild deleted file mode 100644 index c52228de519f..000000000000 --- a/net-misc/openssh/openssh-9.3_p2.ebuild +++ /dev/null @@ -1,383 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/" -SRC_URI=" - mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc )" -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND="${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND="${RDEPEND} - !net-misc/openssh-contrib - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -# Weird dep construct for newer gcc-config for bug #872416 -BDEPEND=" - sys-devel/autoconf - virtual/pkgconfig - || ( - >=sys-devel/gcc-config-2.6 - >=sys-devel/clang-toolchain-symlinks-14-r1:14 - >=sys-devel/clang-toolchain-symlinks-15-r1:15 - >=sys-devel/clang-toolchain-symlinks-16-r1:* - ) - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-GSSAPI-dns.patch" #165444 integrated into gsskex - "${FILESDIR}/${PN}-9.3_p1-openssl-ignore-status.patch" - "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" - "${FILESDIR}/${PN}-9.3_p1-gss-use-HOST_NAME_MAX.patch" #834044 - "${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch" - "${FILESDIR}/${PN}-9.3_p2-zlib-1.3.patch" #912766 -) - -pkg_pretend() { - local i enabled_eol_flags disabled_eol_flags - for i in hpn sctp X509; do - if has_version "net-misc/openssh[${i}]"; then - enabled_eol_flags+="${i}," - disabled_eol_flags+="-${i}," - fi - done - - if [[ -n ${enabled_eol_flags} && ${OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING} != yes ]]; then - # Skip for binary packages entirely because of environment saving, bug #907892 - [[ ${MERGE_TYPE} == binary ]] && return - - ewarn "net-misc/openssh does not support USE='${enabled_eol_flags%,}' anymore." - ewarn "The Base system team *STRONGLY* recommends you not rely on this functionality," - ewarn "since these USE flags required third-party patches that often trigger bugs" - ewarn "and are of questionable provenance." - ewarn - ewarn "If you must continue relying on this functionality, switch to" - ewarn "net-misc/openssh-contrib. You will have to remove net-misc/openssh from your" - ewarn "world file first: 'emerge --deselect net-misc/openssh'" - ewarn - ewarn "In order to prevent loss of SSH remote login access, we will abort the build." - ewarn "Whether you proceed with disabling the USE flags or switch to the -contrib" - ewarn "variant, when re-emerging you will have to set" - ewarn - ewarn " OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - - die "Building net-misc/openssh[${disabled_eol_flags%,}] without OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - fi - - # Make sure people who are using tcp wrappers are notified of its removal. #531156 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like" - ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please." - fi -} - -src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - - # don't break .ssh/authorized_keys2 for fun - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die - - eapply -- "${PATCHES[@]}" - - [[ -d ${WORKDIR}/patches ]] && eapply "${WORKDIR}"/patches - - eapply_user #473004 - - # These tests are currently incompatible with PORTAGE_TMPDIR/sandbox - sed -e '/\t\tpercent \\/ d' \ - -i regress/Makefile || die - - tc-export PKG_CONFIG - local sed_args=( - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" - # Disable fortify flags ... our gcc does this for us - -e 's:-D_FORTIFY_SOURCE=2::' - ) - - # _XOPEN_SOURCE causes header conflicts on Solaris - [[ ${CHOST} == *-solaris* ]] && sed_args+=( - -e 's/-D_XOPEN_SOURCE//' - ) - sed -i "${sed_args[@]}" configure{.ac,} || die - - eautoreconf -} - -src_configure() { - addwrite /dev/ptmx - - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG - use static && append-ldflags -static - use xmss && append-cflags -DWITH_XMSS - - if [[ ${CHOST} == *-solaris* ]] ; then - # Solaris' glob.h doesn't have things like GLOB_TILDE, configure - # doesn't check for this, so force the replacement to be put in - # place - append-cppflags -DBROKEN_GLOB - fi - - # use replacement, RPF_ECHO_ON doesn't exist here - [[ ${CHOST} == *-darwin* ]] && export ac_cv_func_readpassphrase=no - - local myconf=( - --with-ldflags="${LDFLAGS}" - --disable-strip - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run - --sysconfdir="${EPREFIX}"/etc/ssh - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc - --datadir="${EPREFIX}"/usr/share/openssh - --with-privsep-path="${EPREFIX}"/var/empty - --with-privsep-user=sshd - --with-hardening - $(use_with audit audit linux) - $(use_with kerberos kerberos5 "${EPREFIX}"/usr) - $(use_with ldns) - $(use_with libedit) - $(use_with pam) - $(use_with pie) - $(use_with selinux) - $(use_with security-key security-key-builtin) - $(use_with ssl openssl) - $(use_with ssl ssl-engine) - ) - - if use elibc_musl; then - # musl defines bogus values for UTMP_FILE and WTMP_FILE - # https://bugs.gentoo.org/753230 - myconf+=( --disable-utmp --disable-wtmp ) - fi - - # Workaround for Clang 15 miscompilation with -fzero-call-used-regs=all - # bug #869839 (https://github.com/llvm/llvm-project/issues/57692) - tc-is-clang && myconf+=( --without-hardening ) - - econf "${myconf[@]}" -} - -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi - - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" </dev/null -} - -# Gentoo tweaks to default config files. -tweak_ssh_configs() { - local locale_vars=( - # These are language variables that POSIX defines. - # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 - LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME - - # These are the GNU extensions. - # https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html - LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE - ) - - dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die - Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" - EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die - Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo.conf || die - # Send locale environment variables (bug #367017) - SendEnv ${locale_vars[*]} - - # Send COLORTERM to match TERM (bug #658540) - SendEnv COLORTERM - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo-security.conf || die - RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die - # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo.conf || die - # Allow client to pass locale environment variables (bug #367017) - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM (bug #658540) - AcceptEnv COLORTERM - EOF - - if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-pam.conf || die - UsePAM yes - # This interferes with PAM. - PasswordAuthentication no - # PAM can do its own handling of MOTD. - PrintMotd no - PrintLastLog no - EOF - fi - - if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf || die - # Allow root login with password on livecds. - PermitRootLogin Yes - EOF - fi -} - -src_install() { - emake install-nokeys DESTDIR="${D}" - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd-r1.initd sshd - newconfd "${FILESDIR}"/sshd-r1.confd sshd - - if use pam; then - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - fi - - tweak_ssh_configs - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh - rmdir "${ED}"/var/empty || die - - systemd_dounit "${FILESDIR}"/sshd.socket - systemd_newunit "${FILESDIR}"/sshd.service.1 sshd.service - systemd_newunit "${FILESDIR}"/sshd_at.service.1 'sshd@.service' -} - -pkg_preinst() { - if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then - show_ssl_warning=1 - fi -} - -pkg_postinst() { - local old_ver - for old_ver in ${REPLACING_VERSIONS}; do - if ver_test "${old_ver}" -lt "5.8_p1"; then - elog "Starting with openssh-5.8p1, the server will default to a newer key" - elog "algorithm (ECDSA). You are encouraged to manually update your stored" - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." - fi - if ver_test "${old_ver}" -lt "7.0_p1"; then - elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream." - elog "Make sure to update any configs that you might have. Note that xinetd might" - elog "be an alternative for you as it supports USE=tcpd." - fi - if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518 - elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" - elog "weak sizes. If you rely on these key types, you can re-enable the key types by" - elog "adding to your sshd_config or ~/.ssh/config files:" - elog " PubkeyAcceptedKeyTypes=+ssh-dss" - elog "You should however generate new keys using rsa or ed25519." - - elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" - elog "to 'prohibit-password'. That means password auth for root users no longer works" - elog "out of the box. If you need this, please update your sshd_config explicitly." - fi - if ver_test "${old_ver}" -lt "7.6_p1"; then - elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely." - elog "Furthermore, rsa keys with less than 1024 bits will be refused." - fi - if ver_test "${old_ver}" -lt "7.7_p1"; then - elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality." - elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option" - elog "if you need to authenticate against LDAP." - elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details." - fi - if ver_test "${old_ver}" -lt "8.2_p1"; then - ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you" - ewarn "will not be able to establish new sessions. Restarting sshd over a ssh" - ewarn "connection is generally safe." - fi - if ver_test "${old_ver}" -lt "9.2_p1-r1" && systemd_is_booted; then - ewarn "From openssh-9.2_p1-r1 the supplied systemd unit file defaults to" - ewarn "'Restart=on-failure', which causes the service to automatically restart if it" - ewarn "terminates with an unclean exit code or signal. This feature is useful for most users," - ewarn "but it can increase the vulnerability of the system in the event of a future exploit." - ewarn "If you have a web-facing setup or are concerned about security, it is recommended to" - ewarn "set 'Restart=no' in your sshd unit file." - fi - done - - if [[ -n ${show_ssl_warning} ]]; then - elog "Be aware that by disabling openssl support in openssh, the server and clients" - elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys" - elog "and update all clients/servers that utilize them." - fi -} diff --git a/net-misc/openssh/openssh-9.6_p1.ebuild b/net-misc/openssh/openssh-9.6_p1.ebuild deleted file mode 100644 index c53574f62515..000000000000 --- a/net-misc/openssh/openssh-9.6_p1.ebuild +++ /dev/null @@ -1,378 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssh.org.asc -inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_} - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="https://www.openssh.com/" -SRC_URI=" - mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - verify-sig? ( mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz.asc ) -" -S="${WORKDIR}/${PARCH}" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -# Probably want to drop ssl defaulting to on in a future version. -IUSE="abi_mips_n32 audit debug kerberos ldns libedit livecd pam +pie security-key selinux +ssl static test X xmss" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - ldns? ( ssl ) - pie? ( !static ) - static? ( !kerberos !pam ) - xmss? ( ssl ) - test? ( ssl ) -" - -# tests currently fail with XMSS -REQUIRED_USE+="test? ( !xmss )" - -LIB_DEPEND=" - audit? ( sys-process/audit[static-libs(+)] ) - ldns? ( - net-libs/ldns[static-libs(+)] - net-libs/ldns[ecdsa(+),ssl(+)] - ) - libedit? ( dev-libs/libedit:=[static-libs(+)] ) - security-key? ( >=dev-libs/libfido2-1.5.0:=[static-libs(+)] ) - selinux? ( >=sys-libs/libselinux-1.28[static-libs(+)] ) - ssl? ( >=dev-libs/openssl-1.1.1l-r1:0=[static-libs(+)] ) - virtual/libcrypt:=[static-libs(+)] - >=sys-libs/zlib-1.2.3:=[static-libs(+)] -" -RDEPEND=" - acct-group/sshd - acct-user/sshd - !static? ( ${LIB_DEPEND//\[static-libs(+)]} ) - pam? ( sys-libs/pam ) - kerberos? ( virtual/krb5 ) -" -DEPEND=" - ${RDEPEND} - virtual/os-headers - kernel_linux? ( !prefix-guest? ( >=sys-kernel/linux-headers-5.1 ) ) - static? ( ${LIB_DEPEND} ) -" -RDEPEND=" - ${RDEPEND} - !net-misc/openssh-contrib - pam? ( >=sys-auth/pambase-20081028 ) - !prefix? ( sys-apps/shadow ) - X? ( x11-apps/xauth ) -" -# Weird dep construct for newer gcc-config for bug #872416 -BDEPEND=" - sys-devel/autoconf - virtual/pkgconfig - || ( - >=sys-devel/gcc-config-2.6 - >=sys-devel/clang-toolchain-symlinks-14-r1:14 - >=sys-devel/clang-toolchain-symlinks-15-r1:15 - >=sys-devel/clang-toolchain-symlinks-16-r1:* - ) - verify-sig? ( sec-keys/openpgp-keys-openssh ) -" - -PATCHES=( - "${FILESDIR}/${PN}-9.3_p1-disable-conch-interop-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-fix-putty-tests.patch" - "${FILESDIR}/${PN}-9.3_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch" -) - -pkg_pretend() { - local i enabled_eol_flags disabled_eol_flags - for i in hpn sctp X509; do - if has_version "net-misc/openssh[${i}]"; then - enabled_eol_flags+="${i}," - disabled_eol_flags+="-${i}," - fi - done - - if [[ -n ${enabled_eol_flags} && ${OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING} != yes ]]; then - # Skip for binary packages entirely because of environment saving, bug #907892 - [[ ${MERGE_TYPE} == binary ]] && return - - ewarn "net-misc/openssh does not support USE='${enabled_eol_flags%,}' anymore." - ewarn "The Base system team *STRONGLY* recommends you not rely on this functionality," - ewarn "since these USE flags required third-party patches that often trigger bugs" - ewarn "and are of questionable provenance." - ewarn - ewarn "If you must continue relying on this functionality, switch to" - ewarn "net-misc/openssh-contrib. You will have to remove net-misc/openssh from your" - ewarn "world file first: 'emerge --deselect net-misc/openssh'" - ewarn - ewarn "In order to prevent loss of SSH remote login access, we will abort the build." - ewarn "Whether you proceed with disabling the USE flags or switch to the -contrib" - ewarn "variant, when re-emerging you will have to set" - ewarn - ewarn " OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - - die "Building net-misc/openssh[${disabled_eol_flags%,}] without OPENSSH_EOL_USE_FLAGS_I_KNOW_WHAT_I_AM_DOING=yes" - fi - - # Make sure people who are using tcp wrappers are notified of its removal. #531156 - if grep -qs '^ *sshd *:' "${EROOT}"/etc/hosts.{allow,deny} ; then - ewarn "Sorry, but openssh no longer supports tcp-wrappers, and it seems like" - ewarn "you're trying to use it. Update your ${EROOT}/etc/hosts.{allow,deny} please." - fi -} - -src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - - # don't break .ssh/authorized_keys2 for fun - sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die - - [[ -d ${WORKDIR}/patches ]] && PATCHES+=( "${WORKDIR}"/patches ) - - default - - # These tests are currently incompatible with PORTAGE_TMPDIR/sandbox - sed -e '/\t\tpercent \\/ d' \ - -i regress/Makefile || die - - tc-export PKG_CONFIG - local sed_args=( - -e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):" - # Disable fortify flags ... our gcc does this for us - -e 's:-D_FORTIFY_SOURCE=2::' - ) - - # _XOPEN_SOURCE causes header conflicts on Solaris - [[ ${CHOST} == *-solaris* ]] && sed_args+=( - -e 's/-D_XOPEN_SOURCE//' - ) - sed -i "${sed_args[@]}" configure{.ac,} || die - - eautoreconf -} - -src_configure() { - addwrite /dev/ptmx - - use debug && append-cppflags -DSANDBOX_SECCOMP_FILTER_DEBUG - use static && append-ldflags -static - use xmss && append-cflags -DWITH_XMSS - - if [[ ${CHOST} == *-solaris* ]] ; then - # Solaris' glob.h doesn't have things like GLOB_TILDE, configure - # doesn't check for this, so force the replacement to be put in - # place - append-cppflags -DBROKEN_GLOB - fi - - # use replacement, RPF_ECHO_ON doesn't exist here - [[ ${CHOST} == *-darwin* ]] && export ac_cv_func_readpassphrase=no - - local myconf=( - --with-ldflags="${LDFLAGS}" - --disable-strip - --with-pid-dir="${EPREFIX}"$(usex kernel_linux '' '/var')/run - --sysconfdir="${EPREFIX}"/etc/ssh - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/misc - --datadir="${EPREFIX}"/usr/share/openssh - --with-privsep-path="${EPREFIX}"/var/empty - --with-privsep-user=sshd - --with-hardening - $(use_with audit audit linux) - $(use_with kerberos kerberos5 "${EPREFIX}"/usr) - $(use_with ldns) - $(use_with libedit) - $(use_with pam) - $(use_with pie) - $(use_with selinux) - $(use_with security-key security-key-builtin) - $(use_with ssl openssl) - $(use_with ssl ssl-engine) - ) - - if use elibc_musl; then - # musl defines bogus values for UTMP_FILE and WTMP_FILE (bug #753230) - myconf+=( --disable-utmp --disable-wtmp ) - fi - - # Workaround for Clang 15 miscompilation with -fzero-call-used-regs=all - # bug #869839 (https://github.com/llvm/llvm-project/issues/57692) - tc-is-clang && myconf+=( --without-hardening ) - - econf "${myconf[@]}" -} - -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi - - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" </dev/null -} - -# Gentoo tweaks to default config files. -tweak_ssh_configs() { - local locale_vars=( - # These are language variables that POSIX defines. - # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 - LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME - - # These are the GNU extensions. - # https://www.gnu.org/software/autoconf/manual/html_node/Special-Shell-Variables.html - LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE - ) - - dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die - Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" - EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die - Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo.conf || die - # Send locale environment variables (bug #367017) - SendEnv ${locale_vars[*]} - - # Send COLORTERM to match TERM (bug #658540) - SendEnv COLORTERM - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo-security.conf || die - RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die - # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - EOF - - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo.conf || die - # Allow client to pass locale environment variables (bug #367017) - AcceptEnv ${locale_vars[*]} - - # Allow client to pass COLORTERM to match TERM (bug #658540) - AcceptEnv COLORTERM - EOF - - if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-pam.conf || die - UsePAM yes - # This interferes with PAM. - PasswordAuthentication no - # PAM can do its own handling of MOTD. - PrintMotd no - PrintLastLog no - EOF - fi - - if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf || die - # Allow root login with password on livecds. - PermitRootLogin Yes - EOF - fi -} - -src_install() { - emake install-nokeys DESTDIR="${D}" - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd-r1.initd sshd - newconfd "${FILESDIR}"/sshd-r1.confd sshd - - if use pam; then - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - fi - - tweak_ssh_configs - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh - rmdir "${ED}"/var/empty || die - - systemd_dounit "${FILESDIR}"/sshd.socket - systemd_newunit "${FILESDIR}"/sshd.service.1 sshd.service - systemd_newunit "${FILESDIR}"/sshd_at.service.1 'sshd@.service' -} - -pkg_preinst() { - if ! use ssl && has_version "${CATEGORY}/${PN}[ssl]"; then - show_ssl_warning=1 - fi -} - -pkg_postinst() { - local old_ver - for old_ver in ${REPLACING_VERSIONS}; do - if ver_test "${old_ver}" -lt "5.8_p1"; then - elog "Starting with openssh-5.8p1, the server will default to a newer key" - elog "algorithm (ECDSA). You are encouraged to manually update your stored" - elog "keys list as servers update theirs. See ssh-keyscan(1) for more info." - fi - if ver_test "${old_ver}" -lt "7.0_p1"; then - elog "Starting with openssh-6.7, support for USE=tcpd has been dropped by upstream." - elog "Make sure to update any configs that you might have. Note that xinetd might" - elog "be an alternative for you as it supports USE=tcpd." - fi - if ver_test "${old_ver}" -lt "7.1_p1"; then #557388 #555518 - elog "Starting with openssh-7.0, support for ssh-dss keys were disabled due to their" - elog "weak sizes. If you rely on these key types, you can re-enable the key types by" - elog "adding to your sshd_config or ~/.ssh/config files:" - elog " PubkeyAcceptedKeyTypes=+ssh-dss" - elog "You should however generate new keys using rsa or ed25519." - - elog "Starting with openssh-7.0, the default for PermitRootLogin changed from 'yes'" - elog "to 'prohibit-password'. That means password auth for root users no longer works" - elog "out of the box. If you need this, please update your sshd_config explicitly." - fi - if ver_test "${old_ver}" -lt "7.6_p1"; then - elog "Starting with openssh-7.6p1, openssh upstream has removed ssh1 support entirely." - elog "Furthermore, rsa keys with less than 1024 bits will be refused." - fi - if ver_test "${old_ver}" -lt "7.7_p1"; then - elog "Starting with openssh-7.7p1, we no longer patch openssh to provide LDAP functionality." - elog "Install sys-auth/ssh-ldap-pubkey and use OpenSSH's \"AuthorizedKeysCommand\" option" - elog "if you need to authenticate against LDAP." - elog "See https://wiki.gentoo.org/wiki/SSH/LDAP_migration for more details." - fi - if ver_test "${old_ver}" -lt "8.2_p1"; then - ewarn "After upgrading to openssh-8.2p1 please restart sshd, otherwise you" - ewarn "will not be able to establish new sessions. Restarting sshd over a ssh" - ewarn "connection is generally safe." - fi - if ver_test "${old_ver}" -lt "9.2_p1-r1" && systemd_is_booted; then - ewarn "From openssh-9.2_p1-r1 the supplied systemd unit file defaults to" - ewarn "'Restart=on-failure', which causes the service to automatically restart if it" - ewarn "terminates with an unclean exit code or signal. This feature is useful for most users," - ewarn "but it can increase the vulnerability of the system in the event of a future exploit." - ewarn "If you have a web-facing setup or are concerned about security, it is recommended to" - ewarn "set 'Restart=no' in your sshd unit file." - fi - done - - if [[ -n ${show_ssl_warning} ]]; then - elog "Be aware that by disabling openssl support in openssh, the server and clients" - elog "no longer support dss/rsa/ecdsa keys. You will need to generate ed25519 keys" - elog "and update all clients/servers that utilize them." - fi -} diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest index d0260d094db2..7d58bbf6f999 100644 --- a/net-misc/rsync/Manifest +++ b/net-misc/rsync/Manifest @@ -2,6 +2,7 @@ AUX rsync-3.2.4-notpedantic.patch 1063 BLAKE2B 99ed8e887c5f3c64ff6c34e1b9dc7ca98 AUX rsync-3.2.4-strlcpy.patch 1715 BLAKE2B 4159391589cc6eba7c6719b15d32d33e68ff5a15765b3377e1e53975c2d7c9413ac99e178d0e6a796d347aab4bf43b3f7a788a434ea36bc35adb916a39394ca4 SHA512 b097b253624fa67feb32f3cb6412fadbd731ec659791010310824ef0c83209a9d228706e84eca72614c0e3ce7a3ccbd4250dafad20dc2113b20d79135573fa9a AUX rsync-3.2.4-unsigned-char-checksum.patch 610 BLAKE2B eb6803c673bb38907738e5475e9469c07555d96769cc86baad43f806cd6a823c5aa9d890c63096b5c229402315cdd90d76d93687ddc1a7d17360ff739afc9596 SHA512 a8f8eb0568139893e2f3f36feb1cebfb5fcf3b1fd807459bce635d61f2582e960c55b0bb4c8914a6579ad0eb7e4322d2ce3480598d425e256fb6a73efbc9315e AUX rsync-3.2.7-flist-memcmp-ub.patch 773 BLAKE2B 9a30609a0bf09298dc2b1daeae7dcf3ba173d1d2431c077d612be03a3a531bf59b16d1846a8f7c467ef2ca576e01f0fe512067a04f834a9ca3d387e389b5d6e8 SHA512 4212d704d9b4b1a0d2d2cfca48ae91d29b90111ce4256ec8f9779d0778fe2bbb4a33b95e8a32ef181e1ab0ac2d1ea330e724a46f078826b39d2e09d374be6730 +AUX rsync-3.2.7-fortify-source-3.patch 1947 BLAKE2B c907e4ddc07693d8a6292f32782831953eee8711148c2e9aa5623dc5615474b59f25e309302c103a6c4a4177b18291a00983a62fa77c7faee04731114634c65d SHA512 b2bd012f318b1816a299a766c28a64cfc86307e4e1b047098f2a0334d775513f83724cdfa33ce567120c9b4fbbf9f6b8e0bbad0d434ac2444afff39fb5fa41da AUX rsyncd.conf-3.0.9-r1 462 BLAKE2B 45a7dde876368e7392ee7a05edf593f55cf6b3b4dc913745f4322ebd75f97bcdf1a24240a54e11469bd659fd565fc74cd8eeaa9490434d88444b5a076803cea7 SHA512 5c57f633aa3daa6513b5d35a1157a50308559ad993257374ce4eea0269f6bf384938f95bed749acb19538e8c4672355351fcee5cef9607153463b19227d343d7 AUX rsyncd.conf.d 149 BLAKE2B fd2556d0c270c2baa83d4d474d44ab1d16e35f112279a339f179f9af693d977cc0863bf4cd7139363c58e4e6a1a18a24c06474ecc248167224261dbaf04ae0a8 SHA512 8ea9a2f1fea508fa132313fa16513eac84a9ed3ce75741c42769b56bbcd3f1bd2eb8bfdfe40a6c7f619e4281e8fc8d95d1bd84096d0b64aaacf606cd614ae5b3 AUX rsyncd.init.d-r1 247 BLAKE2B ec4f7a875a51bae10cff7e15df18d285b01dddaa99a03127ba242ec535b7c8a3af3ad4489661ba7b5f6b074e2af38b12da394c0f8992bd28328d807a89757bb0 SHA512 df2ef4d9e65fa72daa9a7d91d69a06027d0e0fbc48f9ebd485e2d51990c8d00985b7ccf41314f984975e8073e2075bbdfe5543754718381497c334dc7d96451a @@ -13,5 +14,6 @@ DIST rsync-3.2.7.tar.gz 1149787 BLAKE2B 1b910b321e8d6b49af9f26bef813509f0da12ded DIST rsync-3.2.7.tar.gz.asc 195 BLAKE2B d2bca9276d9a0c96a9156a8da60e391f58eceb2e1ffaa51b7e7ffd592feaba3ce54772bd563a251e3b30efb0ad07fc96da01158a77dd77c6534eac5d80b46e53 SHA512 bad9f48e033966566c6abf8cd485d35c0d9cf130eafb0c5fff9bcb928882283bbcdd2375e7c2880cf71cf81496ba6b743b61adca3d4678421c32915a2464acc3 EBUILD rsync-3.2.4-r3.ebuild 4750 BLAKE2B e743c73dae35b841ad484d3a1dc0359ced3ee95d4357949bf1d8a805f170a46039de35275406cc051cf2475f89333f9c8593f08ea6a2de0ab8eaae1702755d8b SHA512 7bcda7d6e51a17fe8ad3a609128934d6859f6b6eecd308a5939199efec0f9726bdb78a726c37541c85e506db55e455b30f050a6b9e615810f4647b79f986941d EBUILD rsync-3.2.7-r2.ebuild 5420 BLAKE2B 2116751f4b399612a3869a59d7e361025ddeb179df10a37fc99792e8d33f4cb4fadfc9b143d26b116cfd08753bd181c92055b048ae7b803495840b8ff00c9f1b SHA512 cc714464c0ca82f1ed6b62fbee7c348551b35fdffaaeb1208fa4092be91b05c83b48f19e4ae187242135e34f09beea2bc311969fffe311219aab9604597d2b51 +EBUILD rsync-3.2.7-r3.ebuild 5471 BLAKE2B 6f4ab5a7ff10565fb8adfde3af75e381b164591561fa4c40adae208fd987299bd59560121ea39e92e4b1a81016f93ac36899cfa54e0cd1cf81e6d2fc419208e2 SHA512 c7c5162e82305ab50c1437285476ae726064897fe549bbca1a3d2c79b2e7abc563d1d0ee48ebcf71c7331d52a1417d9eba2fcb791732202fab182db81c1ec871 EBUILD rsync-9999.ebuild 5428 BLAKE2B 45d968a8a88ecade2dc75a3427d074f0afeb9f4f909ac1a20943a5f89ecd8a1865634dbc26f1327e83b1d7b68ddf2d01380b0e25abe7b77bc78a05f1d991741e SHA512 aa68bb7a0f1ccea651e7e0a55af44346144cb5af1f176d0bc4efd00835498db694afd9bb31eac40d13d12ec624b9ba6e47059df123e9a19d8f211c649322819a MISC metadata.xml 880 BLAKE2B b079b9b9cb5dcc93b50d49fa50723729b7c57c34ad0cdfd946821089a1f9788a460818cef8d6a4e9f603ad066f6b3a0c22c7becb950abc1eac8e2923adf18bac SHA512 215f0df65f53e2aca8d519c85111f87e95d592454b8a297f69058c1d87ff5650f32f3c937715c8a83dc9bef1ca1e70589cd3797ca595688806c1067462717c14 diff --git a/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch b/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch new file mode 100644 index 000000000000..952af573dfc7 --- /dev/null +++ b/net-misc/rsync/files/rsync-3.2.7-fortify-source-3.patch @@ -0,0 +1,54 @@ +https://bugs.gentoo.org/917517 +https://github.com/WayneD/rsync/issues/511 +https://bugzilla.suse.com/show_bug.cgi?id=1214249 +https://bugzilla.redhat.com/show_bug.cgi?id=2229654 +https://src.fedoraproject.org/rpms/rsync/raw/06d55616ec86c3a68a8af917783788b928fefcc4/f/rsync-3.2.7-buffer-overflow.patch + +From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001 +From: Jiri Slaby <jslaby@suse.cz> +Date: Fri, 18 Aug 2023 08:26:20 +0200 +Subject: [PATCH] exclude: fix crashes with fortified strlcpy() + +Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when +its third parameter (size) is larger than the buffer: + $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx + sending incremental file list + *** buffer overflow detected ***: terminated + +It's in the exclude code in setup_merge_file(): + strlcpy(y, save, MAXPATHLEN); + +Note the 'y' pointer was incremented, so it no longer points to memory +with MAXPATHLEN "owned" bytes. + +Fix it by remembering the number of copied bytes into the 'save' buffer +and use that instead of MAXPATHLEN which is clearly incorrect. + +Fixes #511. +--- + exclude.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/exclude.c b/exclude.c +index ffe55b167..1a5de3b9e 100644 +--- a/exclude.c ++++ b/exclude.c +@@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, + parent_dirscan = True; + while (*y) { + char save[MAXPATHLEN]; +- strlcpy(save, y, MAXPATHLEN); ++ /* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */ ++ size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1; + *y = '\0'; + dirbuf_len = y - dirbuf; + strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf)); +@@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, + lp->head = NULL; + } + lp->tail = NULL; +- strlcpy(y, save, MAXPATHLEN); ++ strlcpy(y, save, copylen); + while ((*x++ = *y++) != '/') {} + } + parent_dirscan = False; diff --git a/net-misc/rsync/rsync-3.2.7-r3.ebuild b/net-misc/rsync/rsync-3.2.7-r3.ebuild new file mode 100644 index 000000000000..01c09f3cd5ca --- /dev/null +++ b/net-misc/rsync/rsync-3.2.7-r3.ebuild @@ -0,0 +1,204 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Uncomment when introducing a patch which touches configure +#RSYNC_NEEDS_AUTOCONF=1 +PYTHON_COMPAT=( python3_{9..11} ) +inherit flag-o-matic prefix python-single-r1 systemd + +DESCRIPTION="File transfer program to keep remote files into sync" +HOMEPAGE="https://rsync.samba.org/" +if [[ ${PV} == *9999 ]] ; then + EGIT_REPO_URI="https://github.com/WayneD/rsync.git" + inherit autotools git-r3 + + REQUIRED_USE="${PYTHON_REQUIRED_USE}" +else + VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/waynedavison.asc + inherit verify-sig + + if [[ -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then + inherit autotools + fi + + if [[ ${PV} == *_pre* ]] ; then + SRC_DIR="src-previews" + else + SRC_DIR="src" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + fi + + SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz + verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )" + S="${WORKDIR}"/${P/_/} +fi + +LICENSE="GPL-3" +SLOT="0" +IUSE="acl examples iconv lz4 rrsync ssl stunnel system-zlib xattr xxhash zstd" +REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )" +REQUIRED_USE+=" rrsync? ( ${PYTHON_REQUIRED_USE} )" + +RDEPEND=" + >=dev-libs/popt-1.5 + acl? ( virtual/acl ) + examples? ( + ${PYTHON_DEPS} + dev-lang/perl + ) + lz4? ( app-arch/lz4:= ) + rrsync? ( + ${PYTHON_DEPS} + $(python_gen_cond_dep ' + dev-python/bracex[${PYTHON_USEDEP}] + ') + ) + ssl? ( dev-libs/openssl:= ) + system-zlib? ( sys-libs/zlib ) + xattr? ( kernel_linux? ( sys-apps/attr ) ) + xxhash? ( >=dev-libs/xxhash-0.8 ) + zstd? ( >=app-arch/zstd-1.4:= ) + iconv? ( virtual/libiconv )" +DEPEND="${RDEPEND}" +BDEPEND=" + examples? ( ${PYTHON_DEPS} ) + rrsync? ( ${PYTHON_DEPS} ) +" + +if [[ ${PV} == *9999 ]] ; then + BDEPEND+=" ${PYTHON_DEPS} + $(python_gen_cond_dep ' + dev-python/commonmark[${PYTHON_USEDEP}] + ')" +else + BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )" +fi + +PATCHES=( + "${FILESDIR}"/${P}-flist-memcmp-ub.patch + "${FILESDIR}"/${P}-fortify-source-3.patch +) + +pkg_setup() { + # - USE=examples needs Python itself at runtime, but nothing else + # - 9999 needs commonmark at build time + if [[ ${PV} == *9999 ]] || use examples || use rrsync; then + python-single-r1_pkg_setup + fi +} + +src_prepare() { + default + + if [[ ${PV} == *9999 || -n ${RSYNC_NEEDS_AUTOCONF} ]] ; then + eaclocal -I m4 + eautoconf -o configure.sh + eautoheader && touch config.h.in + fi + + if use examples || use rrsync; then + python_fix_shebang support/ + fi + + if [[ -f rrsync.1 ]]; then + # If the pre-build rrsync.1 man page exists, then link to it + # from support/rrsync.1 to avoid rsync's build system attempting + # re-creating the man page (bug #883049). + ln -s ../rrsync.1 support/rrsync.1 || die + fi +} + +src_configure() { + local myeconfargs=( + --with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf + --without-included-popt + --enable-ipv6 + $(use_enable acl acl-support) + $(use_enable iconv) + $(use_enable lz4) + $(use_with rrsync) + $(use_enable ssl openssl) + $(use_with !system-zlib included-zlib) + $(use_enable xattr xattr-support) + $(use_enable xxhash) + $(use_enable zstd) + ) + + # https://github.com/WayneD/rsync/pull/428 + if is-flagq -fsanitize=undefined ; then + sed -E -i \ + -e 's:#define CAREFUL_ALIGNMENT (0|1):#define CAREFUL_ALIGNMENT 1:' \ + byteorder.h || die + append-flags -DCAREFUL_ALIGNMENT + fi + + econf "${myeconfargs[@]}" +} + +src_install() { + emake DESTDIR="${D}" install + + newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd + newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd + + dodoc NEWS.md README.md TODO tech_report.tex + + insinto /etc + newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf + + insinto /etc/logrotate.d + newins "${FILESDIR}"/rsyncd.logrotate rsyncd + + insinto /etc/xinetd.d + newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd + + # Install stunnel helpers + if use stunnel ; then + emake DESTDIR="${D}" install-ssl-daemon + fi + + # Install the useful contrib scripts + if use examples ; then + # The 'rrsync' script is installed conditionally via the 'rrysnc' + # USE flag, and not via the 'examples' USE flag. + rm support/rrsync* || die + + exeinto /usr/share/rsync + doexe support/* + + rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c} + fi + + eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd* + + systemd_newunit packaging/systemd/rsync.service rsyncd.service +} + +pkg_postinst() { + if grep -Eqis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \ + "${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then + ewarn "You have disabled chroot support in your rsyncd.conf. This" + ewarn "is a security risk which you should fix. Please check your" + ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'." + fi + + if use stunnel ; then + einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature." + einfo + einfo "You maybe have to update the certificates configured in" + einfo "${EROOT}/etc/stunnel/rsync.conf" + fi + + if use system-zlib ; then + ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when" + ewarn "using the --compress option." + ewarn + ewarn "When syncing with >=rsync-3.1.1 built with bundled zlib," + ewarn "and the --compress option, add --new-compress (-zz)." + ewarn + ewarn "For syncing the portage tree, add:" + ewarn "PORTAGE_RSYNC_EXTRA_OPTS=\"--new-compress\" to make.conf" + fi +} diff --git a/net-misc/socat/Manifest b/net-misc/socat/Manifest index 32f078d107c2..f5412071152d 100644 --- a/net-misc/socat/Manifest +++ b/net-misc/socat/Manifest @@ -1,8 +1,5 @@ -DIST socat-1.7.4.3.tar.gz 655520 BLAKE2B d91de7ef55332001e6439f64130555b9558338fb9b6c15c91ab5efc8f86a2e7e0f5fe0b292754731a198d83be5f511c3388c65c7c7f559c55691f42703f1849b SHA512 81cb34c245052b6a0ae38a711591358460b6070957af4a9eeb11a3cadb4aff184eeaedabbc7ecdc7fdf21a6126c06f90f19b24a87ce74b30bfd60a3879181046 DIST socat-1.7.4.4.tar.bz2 522127 BLAKE2B 221b1c7c1ef0ac9c2402a6917ce7740a7ed857ceae4f4c346ed3c69c261fd0f9ca667e21cab5f97427d3947b06fdb0ac6d090852465878db968a24b8ece587ad SHA512 3eedfbf599ecf1d6fd391d03d710044bc5e18a762395bc4cb151b96fe673d405a6630da3070ecddd5ac558126b56aa65feaa74d528eeb755a04aa0ec61690651 DIST socat-1.8.0.0.tar.bz2 564066 BLAKE2B b0b3e8c46f746b1aaff7390bbf9521cca8c421f3c20cd7a7f7d8ffd3d7b5e5e881e2477642f7d29247ee5a9d9edf6c8370a43c5f2757e456966b17e3ba08a58a SHA512 dd15c31204f2843ab473a30aa841e960e7c00ac7487e2265d69f9e8ea0afde3841d57cfcb99084f03935d7223da65cee27166837f2f9b3a20c834bc161af802b -EBUILD socat-1.7.4.3.ebuild 1846 BLAKE2B 51b7d2f01afd4efec5338d1d38aa53dc287f8493424206b0d1a60ad86b0e250c209a82b61164a6b3d2768c5619d94b9b216ae8cec55541f3a276795d2f523201 SHA512 3958922ef28097cdca8ee392c1e45e7947603e6bbd3fa397055145f00fb94728b762c59fab722d7b25b33298f073d08f05bdc82f3634c6c2cc56c687fda3e320 EBUILD socat-1.7.4.4-r1.ebuild 1215 BLAKE2B d650c69de5b77fde6e1811fde09cbb13febb47b9a226bd02b95a4e6e43c5b87f2a71c86ba4fb197aa9f01305460be265ed7ba71dae43431fa8147c9183ec0e8e SHA512 ebebc0d7b51cb197768148a5c42a90fab872be7f1dd69aa8537c277d2c81a3b80379aaf8060652598e2c78cab7fb5073739c87832848d2c8b1ccdc64da51456a -EBUILD socat-1.7.4.4.ebuild 1516 BLAKE2B d2a2be258287e57b9b8b62db14870a2b3871e5498d6a15b835d183888c088e12265d4602912cdc3408121df9fec1de1226e3812f45dfee6d21c4d153ec4b9ed6 SHA512 4de4667635deb2d4d139e5a3dcf9e7fc324a2bdffb277bdb303af659202a73cb45275dc1ecdbba6deedb9368c5a4be63c651453c0347942c244c217040e70edc EBUILD socat-1.8.0.0.ebuild 1338 BLAKE2B c15ea537a94c2dc1827466dca9fbab2451b66f5aca55d4179e92b8a3cdc9629803fc6aae26729b8077ec48cc2048732798b5e63af7aba23fdbe2d349e753efbd SHA512 7cb6e6404ac1cbaa00c5186502d38477b24643bd9be4bb30ba2a217bec0909f2ffc8482d39b76ff5c5262bedcbecb28c9560b667b0dfb1062b99a1f8711d36fe MISC metadata.xml 468 BLAKE2B 3b8eb979af07fe02eac29cbb79d6da3782adf46025c072e03026bd765c562ddb7ae18dff9f162b18f9f9a07fa5fff3b3fda9a4445c9dc75d65d4395abc0de217 SHA512 0c3b9355c7420ea8bba4932c9c5f457393e0b7719fa65e5f9cd05ce38209d8cf8ab3e4401b8608a62fc8277742cf2b8728b9718b1183b634cfd596cedbe353aa diff --git a/net-misc/socat/socat-1.7.4.3.ebuild b/net-misc/socat/socat-1.7.4.3.ebuild deleted file mode 100644 index f60964294e44..000000000000 --- a/net-misc/socat/socat-1.7.4.3.ebuild +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit flag-o-matic toolchain-funcs - -MY_P=${P/_beta/-b} -DESCRIPTION="Multipurpose relay (SOcket CAT)" -HOMEPAGE="http://www.dest-unreach.org/socat/ https://repo.or.cz/socat.git" -SRC_URI="http://www.dest-unreach.org/socat/download/${MY_P}.tar.gz" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos" -IUSE="bindist ipv6 readline ssl tcpd" - -DEPEND="ssl? ( dev-libs/openssl:0= ) - readline? ( sys-libs/readline:= ) - tcpd? ( sys-apps/tcp-wrappers )" -RDEPEND="${DEPEND}" - -# Tests are a large bash script -# Hard to disable individual tests needing network or privileges -# in 1.7.4.2: FAILED: 59 329 -RESTRICT="test ssl? ( readline? ( bindist ) )" - -DOCS=( BUGREPORTS CHANGES DEVELOPMENT EXAMPLES FAQ FILES PORTING README SECURITY ) - -pkg_setup() { - # bug #587740 - if use readline && use ssl ; then - elog "You are enabling both readline and ssl (openssl) USE flags, the licenses" - elog "for these packages conflict. You may not be able to legally" - elog "redistribute the resulting binary." - fi -} - -src_configure() { - # bug #293324 - filter-flags '-Wno-error*' - - tc-export AR - - # getprotobynumber_r doesn't exist on musl, so avoid probing for it - # and possibly getting it wrong. TODO: fix configure? - # (Grabbed from Alpine Linux: https://git.alpinelinux.org/aports/commit/main/socat/APKBUILD?id=5edc9195355ced3db991c1a7cda5648d52019b11) - # bug #831016 - use elibc_musl && export sc_cv_getprotobynumber_r=2 - - econf \ - $(use_enable ssl openssl) \ - $(use_enable readline) \ - $(use_enable ipv6 ip6) \ - $(use_enable tcpd libwrap) -} - -src_install() { - default - - docinto html - dodoc doc/*.html doc/*.css -} diff --git a/net-misc/socat/socat-1.7.4.4.ebuild b/net-misc/socat/socat-1.7.4.4.ebuild deleted file mode 100644 index 26efc8a7d17f..000000000000 --- a/net-misc/socat/socat-1.7.4.4.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit flag-o-matic toolchain-funcs - -MY_P=${P/_beta/-b} -DESCRIPTION="Multipurpose relay (SOcket CAT)" -HOMEPAGE="http://www.dest-unreach.org/socat/ https://repo.or.cz/socat.git" -SRC_URI="http://www.dest-unreach.org/socat/download/${MY_P}.tar.bz2" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos" -IUSE="bindist ipv6 readline ssl tcpd" - -DEPEND="ssl? ( dev-libs/openssl:0= ) - readline? ( sys-libs/readline:= ) - tcpd? ( sys-apps/tcp-wrappers )" -RDEPEND="${DEPEND}" - -# Tests are a large bash script -# Hard to disable individual tests needing network or privileges -# in 1.7.4.2: FAILED: 59 329 -RESTRICT="test ssl? ( readline? ( bindist ) )" - -DOCS=( BUGREPORTS CHANGES DEVELOPMENT EXAMPLES FAQ FILES PORTING README SECURITY ) - -pkg_setup() { - # bug #587740 - if use readline && use ssl ; then - elog "You are enabling both readline and ssl (openssl) USE flags, the licenses" - elog "for these packages conflict. You may not be able to legally" - elog "redistribute the resulting binary." - fi -} - -src_configure() { - # bug #293324 - filter-flags '-Wno-error*' - - tc-export AR - - econf \ - $(use_enable ssl openssl) \ - $(use_enable readline) \ - $(use_enable ipv6 ip6) \ - $(use_enable tcpd libwrap) -} - -src_install() { - default - - docinto html - dodoc doc/*.html doc/*.css -} diff --git a/net-misc/streamlink/Manifest b/net-misc/streamlink/Manifest index 21c2845f0136..67cb19fc0eb9 100644 --- a/net-misc/streamlink/Manifest +++ b/net-misc/streamlink/Manifest @@ -1,10 +1,8 @@ DIST streamlink-6.2.0.tar.gz 690986 BLAKE2B 5f7cab73ea366580aeb837b8f8a27fa7cd5ca687afa53908900dc9f290a0da916778fda8351acda00f795688b156ca0f37302e67128ce30e9838a45111b88ecd SHA512 2747ebc584caa8ebb2fde5d4f309c911a52fd1a8d2d0e832487e589873c270534e0d0b18120a2db7a68e150e301e57db1e8d63f1d5bb6244f364e9cbd6606213 -DIST streamlink-6.4.1.tar.gz 715775 BLAKE2B 40b6c080a8fa2815b12562aafde9ce1dd2c8fabe405e21d90fc7767c9e6c085f60c3d0dc9f33c77b85015aa64e2d209464662908674638719581278d128b3f1c SHA512 8886b990637e9f4e87b4fcdc00c2d3e11203746e7256c0d85aee3128f65baaf37ea730c2626c3ec8f0f5ee0042bbd271c4a6290bd346d59915f2f554602f0db4 DIST streamlink-6.4.2.tar.gz 716194 BLAKE2B e66d03ffa97ffdad7ec76532be530ef94ff80838754728aa85f53b0fb778c506d45042b467477eacb72fb9031ffc7d1df727f72af53bfb0201fbad21d28e6763 SHA512 b43e65201c16483378b6cb36e9d93f6e64ba0eb37e2554b3e94395b1e30a3422d5d91db0eb6c35166e61f9b1fbce474fa93908545f063a3fb995669989cde274 DIST streamlink-6.5.0.tar.gz 715983 BLAKE2B f680d034f3f5c66609c1e26f2061f34d6aa8f233d9bb8ac238b675bf12bc69751e48df4f222b7d6f6e25697664afccc01b1fedc14410d5e3a47eaed0ad591af6 SHA512 affd45d1b17704768a405b389f9696090917e5cc73b0e22455e7f944eb0798dae7b23f73a728d3641fb43a5104e731816442be0e6f05a04a5bfe132c28d5491c EBUILD streamlink-6.2.0.ebuild 1659 BLAKE2B 5b732dbacc0bd36345fcc68581829d7ec463bf3493a5eb34f5188645cdc0b57f64326bf6010b7dd209009b59ebfb9e377eccffcaef369c875fe14bbc7af5314a SHA512 95ddf3426d727908239d6c5be7e0f2543f8c83d7d77e04e9f89f25a9ab64272b6d0610d2d9bef76e2fd6303139432b0e99fba8acf049abc8c21f74ec7ef28555 -EBUILD streamlink-6.4.1.ebuild 2196 BLAKE2B baf9acc296269eb0ead0e12e0ee002398dc10d970fd9b32ab4159a10e7dad65ad9f047d40a5daa91b650d49ab4099526b79cfbd264d373b31f4ad05ce903b1c6 SHA512 3f5a6de5850f7880e723f5ac6f66e32c84878a8dfa7664d9303d942ff4ac80e56bf71eafdf3d8c1949c59720303623d9d58a64f2f8c58142c3add539aef87f83 -EBUILD streamlink-6.4.2.ebuild 2196 BLAKE2B baf9acc296269eb0ead0e12e0ee002398dc10d970fd9b32ab4159a10e7dad65ad9f047d40a5daa91b650d49ab4099526b79cfbd264d373b31f4ad05ce903b1c6 SHA512 3f5a6de5850f7880e723f5ac6f66e32c84878a8dfa7664d9303d942ff4ac80e56bf71eafdf3d8c1949c59720303623d9d58a64f2f8c58142c3add539aef87f83 +EBUILD streamlink-6.4.2.ebuild 2195 BLAKE2B dafc34b18ba1cf1dbf60a0b1078412b8ae6585fdafbe9c5b7deb5c488d46b463e4770bc7d33c58e4aead2170b81374f063cbbc73b00ce7fa527d75b975c25481 SHA512 386ac3a9894a1884206157b85aafad95d12ef6e17d7d721a92776f52d6633efa972e6f9fb61c0c2bc88c0fc319cdde64d1c1e83367ddca1529fa95a80926ed10 EBUILD streamlink-6.5.0.ebuild 2196 BLAKE2B baf9acc296269eb0ead0e12e0ee002398dc10d970fd9b32ab4159a10e7dad65ad9f047d40a5daa91b650d49ab4099526b79cfbd264d373b31f4ad05ce903b1c6 SHA512 3f5a6de5850f7880e723f5ac6f66e32c84878a8dfa7664d9303d942ff4ac80e56bf71eafdf3d8c1949c59720303623d9d58a64f2f8c58142c3add539aef87f83 EBUILD streamlink-9999.ebuild 2196 BLAKE2B baf9acc296269eb0ead0e12e0ee002398dc10d970fd9b32ab4159a10e7dad65ad9f047d40a5daa91b650d49ab4099526b79cfbd264d373b31f4ad05ce903b1c6 SHA512 3f5a6de5850f7880e723f5ac6f66e32c84878a8dfa7664d9303d942ff4ac80e56bf71eafdf3d8c1949c59720303623d9d58a64f2f8c58142c3add539aef87f83 MISC metadata.xml 374 BLAKE2B 8c5f72454d8d00a99c18328838cc9c3be82cd9d68405f6e702239b8475a9162f3ba945b142bf2f5762fcc4ac52cae95c8e2d5c0707b1028c11faba2341a2d8e9 SHA512 038e509b340b1cc31382b0a1edf0c273fe99ca7c8c40370039a01cf6a95101d1217db7fea64bc67f5c113c99d504ceb7256008c1539c4d7e13ad6ceb8b922a58 diff --git a/net-misc/streamlink/streamlink-6.4.1.ebuild b/net-misc/streamlink/streamlink-6.4.1.ebuild deleted file mode 100644 index d73952536218..000000000000 --- a/net-misc/streamlink/streamlink-6.4.1.ebuild +++ /dev/null @@ -1,74 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -if [[ ${PV} = 9999* ]]; then - EGIT_REPO_URI="https://github.com/streamlink/${PN}.git" - inherit git-r3 -fi - -DISTUTILS_SINGLE_IMPL=1 -# >= 6.2.1 uses a bunch of setuptools hooks instead of vanilla setuptools -# https://github.com/streamlink/streamlink/commit/194d9bc193f5285bc1ba33af5fd89209a96ad3a7 -DISTUTILS_USE_PEP517=standalone -PYTHON_COMPAT=( python3_{10..12} ) -PYTHON_REQ_USE='xml(+),threads(+)' -inherit distutils-r1 - -DESCRIPTION="CLI for extracting streams from websites to a video player of your choice" -HOMEPAGE="https://streamlink.github.io/" - -if [[ ${PV} != 9999* ]]; then - SRC_URI="https://github.com/streamlink/${PN}/releases/download/${PV}/${P}.tar.gz" -fi - -LICENSE="BSD-2 Apache-2.0" -SLOT="0" -if [[ ${PV} != 9999* ]]; then - KEYWORDS="~amd64 ~arm ~arm64 ~x86" -fi - -# See https://github.com/streamlink/streamlink/commit/9d8156dd794ee0919297cd90d85bcc11b8a28358 for chardet/charset-normalizer dep -RDEPEND=" - media-video/ffmpeg - $(python_gen_cond_dep ' - dev-python/certifi[${PYTHON_USEDEP}] - || ( - dev-python/chardet[${PYTHON_USEDEP}] - dev-python/charset-normalizer[${PYTHON_USEDEP}] - ) - >=dev-python/requests-2.26.0[${PYTHON_USEDEP}] - dev-python/isodate[${PYTHON_USEDEP}] - >=dev-python/lxml-4.6.4[${PYTHON_USEDEP}] - >=dev-python/websocket-client-1.2.1[${PYTHON_USEDEP}] - dev-python/pycountry[${PYTHON_USEDEP}] - >=dev-python/pycryptodome-3.4.3[${PYTHON_USEDEP}] - >dev-python/PySocks-1.5.7[${PYTHON_USEDEP}] - >=dev-python/trio-0.22.0[${PYTHON_USEDEP}] - >=dev-python/trio-websocket-0.9.0[${PYTHON_USEDEP}] - >=dev-python/urllib3-1.26.0[${PYTHON_USEDEP}] - ') -" -BDEPEND=" - $(python_gen_cond_dep ' - >=dev-python/setuptools-64[${PYTHON_USEDEP}] - >=dev-python/versioningit-2.0.0[${PYTHON_USEDEP}] - test? ( - >=dev-python/freezegun-1.0.0[${PYTHON_USEDEP}] - dev-python/pytest-asyncio[${PYTHON_USEDEP}] - dev-python/pytest-trio[${PYTHON_USEDEP}] - dev-python/requests-mock[${PYTHON_USEDEP}] - ) - ') -" - -if [[ ${PV} == 9999* ]]; then - RDEPEND+=" - $(python_gen_cond_dep ' - >=dev-python/versioningit-2.0.0[${PYTHON_USEDEP}] - ') - " -fi - -distutils_enable_tests pytest diff --git a/net-misc/streamlink/streamlink-6.4.2.ebuild b/net-misc/streamlink/streamlink-6.4.2.ebuild index d73952536218..cbfd887b2469 100644 --- a/net-misc/streamlink/streamlink-6.4.2.ebuild +++ b/net-misc/streamlink/streamlink-6.4.2.ebuild @@ -26,7 +26,7 @@ fi LICENSE="BSD-2 Apache-2.0" SLOT="0" if [[ ${PV} != 9999* ]]; then - KEYWORDS="~amd64 ~arm ~arm64 ~x86" + KEYWORDS="amd64 ~arm ~arm64 ~x86" fi # See https://github.com/streamlink/streamlink/commit/9d8156dd794ee0919297cd90d85bcc11b8a28358 for chardet/charset-normalizer dep diff --git a/net-misc/wget/Manifest b/net-misc/wget/Manifest index 28d4f20c3966..d51a01d3c0d7 100644 --- a/net-misc/wget/Manifest +++ b/net-misc/wget/Manifest @@ -1,8 +1,4 @@ -AUX wget-1.21.3-hsts-type.patch 8463 BLAKE2B ebee8872161ba4a0288ee973d1edb5d38740dac09e5d6807627bed76d05f167aa4b0a79b48f45b0933bc8444c3977ddfa570591e590ea466149cfc81b5e35789 SHA512 983ce2e62bf8f4562072644d8583eecb491c27b703f2ff9eef818557ecb8d7c64d2f0b764f2dd41a270e52513455f0102b79e90e03420b46b868e832f28c6b4f -DIST wget-1.21.3.tar.gz 5079864 BLAKE2B 4ff40a30cb3be82ea492d0eae324a9d43de30a0169d3b219ce25f3d667915f90c7eb1559760d1605340f112e96e028613265e0be73aaba7935c69cc06a4ae4f6 SHA512 29889ecbf590dff0f39183d9e0621741d731a554d990e5c995a4644725dca62e8e19601d40db0ef7d62ebf54e5457c7409965e4832b6e60e4ccbc9c8caa30718 -DIST wget-1.21.3.tar.gz.sig 854 BLAKE2B 71f69492397ae9e36284be9acdd1c94da34a7397c14a6de1a867c0d1e807bf961f8a2e098ab5629425691ce595227fb08f046416245fda2a6025929079f2d7c2 SHA512 b9f41496e0083545bc703c97b0758500f337527647cdc422152d7855d05351e3a62685269238c78300eafdbfaed8afecaeb988901a3d8a6b002e9fb3d70efe4f DIST wget-1.21.4.tar.gz 5059591 BLAKE2B ced6fb9a20343d41e4d8e0c8f171c60535847504fa4c32abc81d104a1594dc7b7c97b5b301836e31dacc7a0f2155c0a2e70e42ff60dc3fa471deb1dad33ba736 SHA512 7a1539045174f6b97ab6980811c2ac1799edc20db72987b5ba9b1710cffb19669a7736813d15c8da3aa2d4a384246ff946b77ecb0baeb6fd3e12ae591f1bf6a3 DIST wget-1.21.4.tar.gz.sig 854 BLAKE2B 162c4f358e781bbfb0fa73910191c29dd411f48c9b2c8e8fe00a12741153e624955393d769aa7311b03115d04b6b946a84b636f643d7cdc8c8cd81387b9cf143 SHA512 72603493c2d799dca08700175a2010d8736fd6d3cb9bea3987db8814e9f133ab0fbd1477892115f7fbbd1a7d4d416ec370bdbff6dbe8f00d1eea84f0c4f8d84b -EBUILD wget-1.21.3-r1.ebuild 3219 BLAKE2B 1b77179c1d34771b7c2fd2bfc5fccd3949aac0ee1b116236c5d9753c1bc905ce79d2b6770f61495c36859af1d4a221a6b5650bc7a4a7c95ef596e4fb0ec2c75f SHA512 2b949e164451ba6a7e09ee2e9bc450495440ddec835f4b09e8e2bd5749bffc510e2d37366afc9df7959742fca9d040115bd9aeedcff41af0af132ddfda13ab7a EBUILD wget-1.21.4.ebuild 3171 BLAKE2B 3bd335a9f22114d225645bd158d57f8452554dca84bd716827e26066cefda1ba8a3b846630cbaff77bc7f33a1c5651a436da693d582f984680c5583e7d135ad8 SHA512 87ac0d94dec8cd39a2357b87986a28623b49107026584b22f655c31485e13dcf71a8600a283bf8661eb9dad44e6de554cdd58e520e35370d11d71a812db9121b MISC metadata.xml 803 BLAKE2B 9bdb761fa36afd7a03f4631ed314230776de4af2c3e153a3631ee8f9e801233e44abe68ba5ec874bcfaef53d2cb1100a671768169d58d6e2c96387be5210abc9 SHA512 4ddbdc883a155f4eddeb5cd6e031b4824f1f50586ceaedd1b72a8d2ce9d3dffe440a0554e4a9a07f1295f79a5958bcb533ae324919c64daf77caff577318dfc1 diff --git a/net-misc/wget/files/wget-1.21.3-hsts-type.patch b/net-misc/wget/files/wget-1.21.3-hsts-type.patch deleted file mode 100644 index bac1330ddc79..000000000000 --- a/net-misc/wget/files/wget-1.21.3-hsts-type.patch +++ /dev/null @@ -1,211 +0,0 @@ -https://bugs.gentoo.org/850676 -https://git.savannah.gnu.org/cgit/wget.git/commit/?id=cb114fbbf73eb687d28b01341c8d4266ffa96c9d - -From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de> -Date: Sun, 20 Mar 2022 12:18:20 +0100 -Subject: Fix HSTS portability by using int64_t instead of time_t. - -* src/hsts.c: Use int64_t instead of time_t. -* src/http.c: Use int64_t for parsing Strict-Transport-Security. ---- a/src/hsts.c -+++ b/src/hsts.c -@@ -61,8 +61,8 @@ struct hsts_kh { - }; - - struct hsts_kh_info { -- time_t created; -- time_t max_age; -+ int64_t created; -+ int64_t max_age; - bool include_subdomains; - }; - -@@ -166,7 +166,7 @@ end: - static bool - hsts_new_entry_internal (hsts_store_t store, - const char *host, int port, -- time_t created, time_t max_age, -+ int64_t created, int64_t max_age, - bool include_subdomains, - bool check_validity, - bool check_expired, -@@ -216,21 +216,21 @@ bail: - static bool - hsts_add_entry (hsts_store_t store, - const char *host, int port, -- time_t max_age, bool include_subdomains) -+ int64_t max_age, bool include_subdomains) - { -- time_t t = time (NULL); -+ int64_t t = (int64_t) time (NULL); - - /* It might happen time() returned -1 */ -- return (t == (time_t)(-1) ? -+ return (t == -1) ? - false : -- hsts_new_entry_internal (store, host, port, t, max_age, include_subdomains, false, true, false)); -+ hsts_new_entry_internal (store, host, port, t, max_age, include_subdomains, false, true, false); - } - - /* Creates a new entry, unless an identical one already exists. */ - static bool - hsts_new_entry (hsts_store_t store, - const char *host, int port, -- time_t created, time_t max_age, -+ int64_t created, int64_t max_age, - bool include_subdomains) - { - return hsts_new_entry_internal (store, host, port, created, max_age, include_subdomains, true, true, true); -@@ -245,7 +245,7 @@ hsts_remove_entry (hsts_store_t store, struct hsts_kh *kh) - static bool - hsts_store_merge (hsts_store_t store, - const char *host, int port, -- time_t created, time_t max_age, -+ int64_t created, int64_t max_age, - bool include_subdomains) - { - enum hsts_kh_match match_type = NO_MATCH; -@@ -276,11 +276,11 @@ hsts_read_database (hsts_store_t store, FILE *fp, bool merge_with_existing_entri - size_t len = 0; - int items_read; - bool result = false; -- bool (*func)(hsts_store_t, const char *, int, time_t, time_t, bool); -+ bool (*func)(hsts_store_t, const char *, int, int64_t, int64_t, bool); - - char host[256]; - int port; -- time_t created, max_age; -+ int64_t created, max_age; - int include_subdomains; - - func = (merge_with_existing_entries ? hsts_store_merge : hsts_new_entry); -@@ -326,10 +326,9 @@ hsts_store_dump (hsts_store_t store, FILE *fp) - struct hsts_kh *kh = (struct hsts_kh *) it.key; - struct hsts_kh_info *khi = (struct hsts_kh_info *) it.value; - -- if (fprintf (fp, "%s\t%d\t%d\t%lu\t%lu\n", -+ if (fprintf (fp, "%s\t%d\t%d\t%" PRId64 "\t%" PRId64 "\n", - kh->host, kh->explicit_port, khi->include_subdomains, -- (unsigned long) khi->created, -- (unsigned long) khi->max_age) < 0) -+ khi->created, khi->max_age) < 0) - { - logprintf (LOG_ALWAYS, "Could not write the HSTS database correctly.\n"); - break; -@@ -439,7 +438,7 @@ hsts_match (hsts_store_t store, struct url *u) - bool - hsts_store_entry (hsts_store_t store, - enum url_scheme scheme, const char *host, int port, -- time_t max_age, bool include_subdomains) -+ int64_t max_age, bool include_subdomains) - { - bool result = false; - enum hsts_kh_match match = NO_MATCH; -@@ -464,9 +463,9 @@ hsts_store_entry (hsts_store_t store, - * 'created' field too. The RFC also states that we have to - * update the entry each time we see HSTS header. - * See also Section 11.2. */ -- time_t t = time (NULL); -+ int64_t t = (int64_t) time (NULL); - -- if (t != (time_t)(-1) && t != entry->created) -+ if (t != -1 && t != entry->created) - { - entry->created = t; - entry->max_age = max_age; -@@ -792,7 +791,7 @@ test_hsts_read_database (void) - hsts_store_t table; - char *file = NULL; - FILE *fp = NULL; -- time_t created = time(NULL) - 10; -+ int64_t created = time(NULL) - 10; - - if (opt.homedir) - { -@@ -801,9 +800,9 @@ test_hsts_read_database (void) - if (fp) - { - fputs ("# dummy comment\n", fp); -- fprintf (fp, "foo.example.com\t0\t1\t%lu\t123\n",(unsigned long) created); -- fprintf (fp, "bar.example.com\t0\t0\t%lu\t456\n", (unsigned long) created); -- fprintf (fp, "test.example.com\t8080\t0\t%lu\t789\n", (unsigned long) created); -+ fprintf (fp, "foo.example.com\t0\t1\t%" PRId64 "\t123\n", created); -+ fprintf (fp, "bar.example.com\t0\t0\t%" PRId64 "\t456\n", created); -+ fprintf (fp, "test.example.com\t8080\t0\t%" PRId64 "\t789\n", created); - fclose (fp); - - table = hsts_store_open (file); ---- a/src/hsts.h -+++ b/src/hsts.h -@@ -46,7 +46,7 @@ bool hsts_store_has_changed (hsts_store_t); - - bool hsts_store_entry (hsts_store_t, - enum url_scheme, const char *, int, -- time_t, bool); -+ int64_t, bool); - bool hsts_match (hsts_store_t, struct url *); - - #endif /* HAVE_HSTS */ ---- a/src/http.c -+++ b/src/http.c -@@ -1300,7 +1300,7 @@ parse_content_disposition (const char *hdr, char **filename) - - #ifdef HAVE_HSTS - static bool --parse_strict_transport_security (const char *header, time_t *max_age, bool *include_subdomains) -+parse_strict_transport_security (const char *header, int64_t *max_age, bool *include_subdomains) - { - param_token name, value; - const char *c_max_age = NULL; -@@ -1330,7 +1330,7 @@ parse_strict_transport_security (const char *header, time_t *max_age, bool *incl - * Also, time_t is normally defined as a long, so this should not break. - */ - if (max_age) -- *max_age = (time_t) strtol (c_max_age, NULL, 10); -+ *max_age = (int64_t) strtoll (c_max_age, NULL, 10); - if (include_subdomains) - *include_subdomains = is; - -@@ -3184,9 +3184,6 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs, - #else - extern hsts_store_t hsts_store; - #endif -- const char *hsts_params; -- time_t max_age; -- bool include_subdomains; - #endif - - int sock = -1; -@@ -3674,21 +3671,24 @@ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs, - #ifdef HAVE_HSTS - if (opt.hsts && hsts_store) - { -- hsts_params = resp_header_strdup (resp, "Strict-Transport-Security"); -+ int64_t max_age; -+ const char *hsts_params = resp_header_strdup (resp, "Strict-Transport-Security"); -+ bool include_subdomains; -+ - if (parse_strict_transport_security (hsts_params, &max_age, &include_subdomains)) - { - /* process strict transport security */ - if (hsts_store_entry (hsts_store, u->scheme, u->host, u->port, max_age, include_subdomains)) -- DEBUGP(("Added new HSTS host: %s:%u (max-age: %lu, includeSubdomains: %s)\n", -+ DEBUGP(("Added new HSTS host: %s:%" PRIu32 " (max-age: %" PRId64 ", includeSubdomains: %s)\n", - u->host, -- (unsigned) u->port, -- (unsigned long) max_age, -+ (uint32_t) u->port, -+ max_age, - (include_subdomains ? "true" : "false"))); - else -- DEBUGP(("Updated HSTS host: %s:%u (max-age: %lu, includeSubdomains: %s)\n", -+ DEBUGP(("Updated HSTS host: %s:%" PRIu32 " (max-age: %" PRId64 ", includeSubdomains: %s)\n", - u->host, -- (unsigned) u->port, -- (unsigned long) max_age, -+ (uint32_t) u->port, -+ max_age, - (include_subdomains ? "true" : "false"))); - } - xfree (hsts_params); -cgit v1.1 diff --git a/net-misc/wget/wget-1.21.3-r1.ebuild b/net-misc/wget/wget-1.21.3-r1.ebuild deleted file mode 100644 index d24266c92258..000000000000 --- a/net-misc/wget/wget-1.21.3-r1.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{9..11} ) -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/wget.asc -inherit flag-o-matic python-any-r1 toolchain-funcs verify-sig - -DESCRIPTION="Network utility to retrieve files from the WWW" -HOMEPAGE="https://www.gnu.org/software/wget/" -SRC_URI="mirror://gnu/wget/${P}.tar.gz" -SRC_URI+=" verify-sig? ( mirror://gnu/wget/${P}.tar.gz.sig )" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="cookie-check debug gnutls idn ipv6 metalink nls ntlm pcre +ssl static test uuid zlib" -REQUIRED_USE="ntlm? ( !gnutls ssl ) gnutls? ( ssl )" -RESTRICT="!test? ( test )" - -# * Force a newer libidn2 to avoid libunistring deps. #bug #612498 -# * Metalink can use gpgme automagically (so let's always depend on it) -# for signed metalink resources. -LIB_DEPEND=" - cookie-check? ( net-libs/libpsl ) - idn? ( >=net-dns/libidn2-0.14:=[static-libs(+)] ) - metalink? ( - app-crypt/gpgme - media-libs/libmetalink - ) - pcre? ( dev-libs/libpcre2[static-libs(+)] ) - ssl? ( - gnutls? ( net-libs/gnutls:=[static-libs(+)] ) - !gnutls? ( dev-libs/openssl:=[static-libs(+)] ) - ) - uuid? ( sys-apps/util-linux[static-libs(+)] ) - zlib? ( sys-libs/zlib[static-libs(+)] ) -" -RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )" -DEPEND=" - ${RDEPEND} - static? ( ${LIB_DEPEND} ) -" -BDEPEND=" - app-arch/xz-utils - dev-lang/perl - sys-apps/texinfo - virtual/pkgconfig - nls? ( sys-devel/gettext ) - test? ( - ${PYTHON_DEPS} - >=dev-perl/HTTP-Daemon-6.60.0 - dev-perl/HTTP-Message - dev-perl/IO-Socket-SSL - ) - verify-sig? ( >=sec-keys/openpgp-keys-wget-20230313 ) -" - -DOCS=( AUTHORS MAILING-LIST NEWS README ) - -PATCHES=( - "${FILESDIR}"/${P}-hsts-type.patch -) - -pkg_setup() { - use test && python-any-r1_pkg_setup -} - -src_prepare() { - default - sed -i -e "s:/usr/local/etc:${EPREFIX}/etc:g" doc/{sample.wgetrc,wget.texi} || die -} - -src_configure() { - # fix compilation on Solaris, we need filio.h for FIONBIO as used in - # the included gnutls -- force ioctl.h to include this header - [[ ${CHOST} == *-solaris* ]] && append-cppflags -DBSD_COMP=1 - - if use static ; then - append-ldflags -static - tc-export PKG_CONFIG - PKG_CONFIG+=" --static" - fi - - # There is no flag that controls this. libunistring-prefix only - # controls the search path (which is why we turn it off below). - # Further, libunistring is only needed w/older libidn2 installs, - # and since we force the latest, we can force off libunistring. # bug #612498 - local myeconfargs=( - ac_cv_libunistring=no - --disable-assert - --disable-pcre - --disable-rpath - --without-included-libunistring - --without-libunistring-prefix - $(use_enable debug) - $(use_enable idn iri) - $(use_enable ipv6) - $(use_enable nls) - $(use_enable ntlm) - $(use_enable pcre pcre2) - $(use_enable ssl digest) - $(use_enable ssl opie) - $(use_with cookie-check libpsl) - $(use_enable idn iri) - $(use_with metalink) - $(use_with ssl ssl $(usex gnutls gnutls openssl)) - $(use_with uuid libuuid) - $(use_with zlib) - ) - - econf "${myeconfargs[@]}" -} diff --git a/net-misc/whois/Manifest b/net-misc/whois/Manifest index 2183a5012267..188468307078 100644 --- a/net-misc/whois/Manifest +++ b/net-misc/whois/Manifest @@ -1,13 +1,7 @@ AUX whois-4.7.2-config-file.patch 202 BLAKE2B b5c421655f40c22fcb9c9ac3194821e6e4100657bd11013ed220cea3c81c77e3c7e50432361c8e08274b59d96ff04ca22d8f500436fbefef981d587e26ef75a7 SHA512 932ce9dd51b29750a88da3082bdb1f3fd994e1d859fbdef45fadd3c833ee24d12acb6530989db60f4df3df9481d34cc5cabbdad4bf5150389a06ef7c832daf65 AUX whois-5.3.0-libidn_automagic.patch 778 BLAKE2B b9214f6f0c081abf6141057ee9f82db30dad7306fe611b1cb70d256b235d0ba544887f8b084d7b71a21486ad68d312ad98075aed51765f59ecbf7ced45684772 SHA512 8df8c99320ee4a4327f35a62dbaca0b071a3472d398604304d772f2424d607d109d87056b1a138b041c4c391409828cc7397dc62ed973dee500b2eb9f1735676 AUX whois-5.5.6-libxcrypt_automagic.patch 677 BLAKE2B e832e829f97c9b23ca4d62e037f74fdf87225390a399fa240f0789123144f07f3e2d66ec009662c9936d1a0f112998532350a2144d95dc96cac7b22250090fac SHA512 14b2787fc7933eaf21584dc93b84a605a3f593b77767f2b622b906f03c75edd3faee3d39281dc4332bb5b64b24bee07c7ccd1115f2e80ae394637bf093f70305 -DIST whois-5.5.19.tar.gz 109582 BLAKE2B 6812c8f19c60a20802adbda95d9e80e1ee39cb5fea6723e689d064cda6ac167408dfccc2f30bfd93a7d53bda9c355e292d3b4ee694812b3ffccc54c120aeedcd SHA512 f008f60a629f40eb5817c124ff586f2b4a359afa501a72633326341a28f47c5ff56ddeed48d327bf41035bc6bdc639959b92523ec22ff41d5bd58241b4c50487 DIST whois-5.5.20.tar.gz 109648 BLAKE2B 17b6a795ac517a81cde44530df3e835cccc020a1750ab28d50551a7bd08d132aa10768ff146b0a7943a8348cc7f3f3f7096262caf1d91fbb2d3610ae9f6473e8 SHA512 1d602ec817411a36b3d175e34f166c06186639f4eeea145751decc45372953df40fc76b57c7589d93c49ab0be1276459dffc6424a4344ddbca23f35a9f492fc7 -DIST whois_5.5.17.tar.xz 90608 BLAKE2B 82793097e421d88130d089fc64bb0bceac0c9170b39388262b45d2bf62fc2f8b7c4e393fc5351bba6be303ced00a00af1972bf73c1c8c7c86c812b19a0a6fb5a SHA512 0ed33edc2005eb51a88bda505cc3f6ebe3966095d6f12c03cfe62c12e7e575e1d008632d12de6f27b4c09b91ce5a45705d57acce88409e573bbd7b5132df7fc6 -DIST whois_5.5.18.tar.xz 90216 BLAKE2B 2098b15d36ee0f99e710fdeb10ce1650eba84da1ce770df46182439a6de07995b79746767968522200f5261490e5ffd262673705b12e1004e1ca0dd1af0b9e15 SHA512 28482a6b84d97e2ff69e7a2d01865d227d76aff41a42511a6ebd4ac636b9054643d1df800e6575fb846712e1473f7a31a211dbc08fbdfaaead443d22138266c7 -EBUILD whois-5.5.17-r1.ebuild 1872 BLAKE2B a5faf0a45a539c58c9087cdd7f5d9c385dcdcb439f4585b8b388e79889ce2cd2130d4364388808115b6fb663b0366054cf52f14c564a986deed0314e13b3e285 SHA512 61dbf76a8b25094310f0b59bef2b7a98123dc8e02499870109070cd4bc535c45c9de0e625916ddb48be54eac1cbf96e82ea100904b78a8e1e989f83140005f6d -EBUILD whois-5.5.18-r1.ebuild 1872 BLAKE2B a5faf0a45a539c58c9087cdd7f5d9c385dcdcb439f4585b8b388e79889ce2cd2130d4364388808115b6fb663b0366054cf52f14c564a986deed0314e13b3e285 SHA512 61dbf76a8b25094310f0b59bef2b7a98123dc8e02499870109070cd4bc535c45c9de0e625916ddb48be54eac1cbf96e82ea100904b78a8e1e989f83140005f6d -EBUILD whois-5.5.19.ebuild 1879 BLAKE2B ee4e86da146786b66a8d5d1868a80ca2de1412b64c3187fef75337aa46d8f89533a81625217d988d2b397d1d817b7333402d869d65a0579842bc45860e9fde4e SHA512 de7b20b198eeba5cea42357e8849d31eacd0f13276577d279c0b16b45072f1a6623c61ff1443983a6482e1a16b4e8d9f7ab1a48de561aa5bbd9914cd04889036 EBUILD whois-5.5.20.ebuild 1872 BLAKE2B 554c9632f0474e1d2ef5383e918a0588b00ad4275f23ac3521f42e297fd5bde0067371e30007f5fc100c0788a0a9b3df11406173544371bd248929fd2eb2c6b2 SHA512 eba345f65717b94a9573bffd421991f9f66c1aa0408b2749cb427b05788c09439b2b073af864302aed2c2943df0b88d9698613476aa343b6e9bfc33f634aae27 EBUILD whois-9999.ebuild 1879 BLAKE2B ee4e86da146786b66a8d5d1868a80ca2de1412b64c3187fef75337aa46d8f89533a81625217d988d2b397d1d817b7333402d869d65a0579842bc45860e9fde4e SHA512 de7b20b198eeba5cea42357e8849d31eacd0f13276577d279c0b16b45072f1a6623c61ff1443983a6482e1a16b4e8d9f7ab1a48de561aa5bbd9914cd04889036 MISC metadata.xml 439 BLAKE2B 609f61e31ef22ab28f06d9f0b6542a0efbcb8a006b05f14ff6339a332bb3f04996d13c9a62b55765ce4611df0e9efe021b6f5b5060b13d00d72eae71eb9f9e3e SHA512 05bf067e25586b2032b137dae008a4c59aed9e633f37b545d6ccdca6dc3d69d8614d8ad26c34e87d956b93d24b7962c3fe908070dcfd6826c8fe916b51f29d2f diff --git a/net-misc/whois/whois-5.5.17-r1.ebuild b/net-misc/whois/whois-5.5.17-r1.ebuild deleted file mode 100644 index 6d1a89e7302c..000000000000 --- a/net-misc/whois/whois-5.5.17-r1.ebuild +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit bash-completion-r1 toolchain-funcs - -MY_P=${P/-/_} -DESCRIPTION="Improved Whois Client" -HOMEPAGE="https://github.com/rfc1036/whois" - -if [[ ${PV} == *9999 ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/rfc1036/whois.git" -else - SRC_URI="mirror://debian/pool/main/w/whois/${MY_P}.tar.xz" - #SRC_URI="https://github.com/rfc1036/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - #S="${WORKDIR}"/${PN} - - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="iconv idn nls xcrypt" - -RDEPEND=" - iconv? ( virtual/libiconv ) - idn? ( net-dns/libidn2:= ) - nls? ( virtual/libintl ) - xcrypt? ( >=sys-libs/libxcrypt-4.1:= ) - !xcrypt? ( virtual/libcrypt:= ) -" -DEPEND="${RDEPEND}" -BDEPEND=" - app-arch/xz-utils - >=dev-lang/perl-5 - virtual/pkgconfig - nls? ( sys-devel/gettext )" - -PATCHES=( - "${FILESDIR}"/${PN}-4.7.2-config-file.patch - "${FILESDIR}"/${PN}-5.3.0-libidn_automagic.patch - "${FILESDIR}"/${PN}-5.5.6-libxcrypt_automagic.patch -) - -src_prepare() { - default - - if use nls ; then - sed -i -e 's:#\(.*pos\):\1:' Makefile || die - else - sed -i -e '/ENABLE_NLS/s:define:undef:' config.h || die - - # don't generate po files when nls is disabled (bug #419889) - sed -i -e '/^all:/s/ pos//' \ - -e '/^install:/s/ install-pos//' Makefile || die - fi -} - -src_configure() { :; } # expected no-op - -src_compile() { - unset HAVE_ICONV HAVE_LIBIDN - - use iconv && export HAVE_ICONV=1 - use idn && export HAVE_LIBIDN=1 - use xcrypt && export HAVE_XCRYPT=1 - - tc-export CC - - emake CFLAGS="${CFLAGS} ${CPPFLAGS}" -} - -src_install() { - emake DESTDIR="${D}" prefix="${EPREFIX}/usr" BASHCOMPDIR="$(get_bashcompdir)" install - - insinto /etc - doins whois.conf - dodoc README debian/changelog -} diff --git a/net-misc/whois/whois-5.5.18-r1.ebuild b/net-misc/whois/whois-5.5.18-r1.ebuild deleted file mode 100644 index 6d1a89e7302c..000000000000 --- a/net-misc/whois/whois-5.5.18-r1.ebuild +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit bash-completion-r1 toolchain-funcs - -MY_P=${P/-/_} -DESCRIPTION="Improved Whois Client" -HOMEPAGE="https://github.com/rfc1036/whois" - -if [[ ${PV} == *9999 ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/rfc1036/whois.git" -else - SRC_URI="mirror://debian/pool/main/w/whois/${MY_P}.tar.xz" - #SRC_URI="https://github.com/rfc1036/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - #S="${WORKDIR}"/${PN} - - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="iconv idn nls xcrypt" - -RDEPEND=" - iconv? ( virtual/libiconv ) - idn? ( net-dns/libidn2:= ) - nls? ( virtual/libintl ) - xcrypt? ( >=sys-libs/libxcrypt-4.1:= ) - !xcrypt? ( virtual/libcrypt:= ) -" -DEPEND="${RDEPEND}" -BDEPEND=" - app-arch/xz-utils - >=dev-lang/perl-5 - virtual/pkgconfig - nls? ( sys-devel/gettext )" - -PATCHES=( - "${FILESDIR}"/${PN}-4.7.2-config-file.patch - "${FILESDIR}"/${PN}-5.3.0-libidn_automagic.patch - "${FILESDIR}"/${PN}-5.5.6-libxcrypt_automagic.patch -) - -src_prepare() { - default - - if use nls ; then - sed -i -e 's:#\(.*pos\):\1:' Makefile || die - else - sed -i -e '/ENABLE_NLS/s:define:undef:' config.h || die - - # don't generate po files when nls is disabled (bug #419889) - sed -i -e '/^all:/s/ pos//' \ - -e '/^install:/s/ install-pos//' Makefile || die - fi -} - -src_configure() { :; } # expected no-op - -src_compile() { - unset HAVE_ICONV HAVE_LIBIDN - - use iconv && export HAVE_ICONV=1 - use idn && export HAVE_LIBIDN=1 - use xcrypt && export HAVE_XCRYPT=1 - - tc-export CC - - emake CFLAGS="${CFLAGS} ${CPPFLAGS}" -} - -src_install() { - emake DESTDIR="${D}" prefix="${EPREFIX}/usr" BASHCOMPDIR="$(get_bashcompdir)" install - - insinto /etc - doins whois.conf - dodoc README debian/changelog -} diff --git a/net-misc/whois/whois-5.5.19.ebuild b/net-misc/whois/whois-5.5.19.ebuild deleted file mode 100644 index d50f25c71f08..000000000000 --- a/net-misc/whois/whois-5.5.19.ebuild +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit bash-completion-r1 toolchain-funcs - -MY_P=${P/-/_} -DESCRIPTION="Improved Whois Client" -HOMEPAGE="https://github.com/rfc1036/whois" - -if [[ ${PV} == *9999 ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/rfc1036/whois.git" -else - #SRC_URI="mirror://debian/pool/main/w/whois/${MY_P}.tar.xz" - SRC_URI="https://github.com/rfc1036/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - #S="${WORKDIR}"/${PN} - - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="iconv idn nls xcrypt" - -RDEPEND=" - iconv? ( virtual/libiconv ) - idn? ( net-dns/libidn2:= ) - nls? ( virtual/libintl ) - xcrypt? ( >=sys-libs/libxcrypt-4.1:= ) - !xcrypt? ( virtual/libcrypt:= ) -" -DEPEND="${RDEPEND}" -BDEPEND=" - app-arch/xz-utils - >=dev-lang/perl-5 - virtual/pkgconfig - nls? ( sys-devel/gettext )" - -PATCHES=( - "${FILESDIR}"/${PN}-4.7.2-config-file.patch - "${FILESDIR}"/${PN}-5.3.0-libidn_automagic.patch - "${FILESDIR}"/${PN}-5.5.6-libxcrypt_automagic.patch -) - -src_prepare() { - default - - if use nls ; then - sed -i -e 's:#\(.*pos\):\1:' Makefile || die - else - sed -i -e '/ENABLE_NLS/s:define:undef:' config.h || die - - # don't generate po files when nls is disabled (bug #419889) - sed -i -e '/^all:/s/ pos//' \ - -e '/^install:/s/ install-pos//' Makefile || die - fi -} - -src_configure() { :; } # expected no-op - -src_compile() { - unset HAVE_ICONV HAVE_LIBIDN - - use iconv && export HAVE_ICONV=1 - use idn && export HAVE_LIBIDN=1 - use xcrypt && export HAVE_XCRYPT=1 - - tc-export CC - - emake CFLAGS="${CFLAGS} ${CPPFLAGS}" -} - -src_install() { - emake DESTDIR="${D}" prefix="${EPREFIX}/usr" BASHCOMPDIR="$(get_bashcompdir)" install - - insinto /etc - doins whois.conf - dodoc README debian/changelog -} |