summaryrefslogtreecommitdiff
path: root/net-proxy/polipo
diff options
context:
space:
mode:
Diffstat (limited to 'net-proxy/polipo')
-rw-r--r--net-proxy/polipo/Manifest4
-rw-r--r--net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch26
-rw-r--r--net-proxy/polipo/polipo-1.1.1-r5.ebuild61
-rw-r--r--net-proxy/polipo/polipo-9999.ebuild7
4 files changed, 94 insertions, 4 deletions
diff --git a/net-proxy/polipo/Manifest b/net-proxy/polipo/Manifest
index 9cd92762ea29..221e5c8deb61 100644
--- a/net-proxy/polipo/Manifest
+++ b/net-proxy/polipo/Manifest
@@ -1,8 +1,10 @@
AUX config 167 BLAKE2B f1c6c379ab8d112e52a764bb32bea64a0d8c8084c46a6faf51f13dff316e09120b225898047488f360e5f97830f6d54463c50332f7f19455467192b435d67ce9 SHA512 a92a738016ed6da4fa47d23b2cfdb5296b0c1a818eabcf319550f62e41ba45d6a9103bd7cd956a417cab3b87d18f16227fd9fbadb95dcc267c3983c61d4bdd00
+AUX polipo-1.1.1-cve-2020-36420.patch 896 BLAKE2B 921ce79f1432d8ecff9f48288db1cca639c801d7122f3c85dce0c7290a96e2fb967d2bd2c738a71727a061a9c306539a93b0b46659a6691a5f8184e0d98279da SHA512 04f7aeca120e708aca210f8442c42305968af29ef8c9e3397a9f1ee6dc56bb61470b34f2797d9cb8bb70cabc592398bd109d992b4c5420ddc857c146377ecdd6
AUX polipo.crond-2 640 BLAKE2B d7221753ee60562686ab217224a8e58b02b80bd30097ffdc234d1753c8037b73b53433a650b9452344810ff723438f849bf0bf2cf6bee556240901614294dc11 SHA512 36c13e9790210c378968d9c6958be412fd2f1d2739aab560d8df4064fb92cb2b79dbfcb3e674f285b48eb42a3b2c6226862d1d0f9a6ce28e14de5797d62f1354
AUX polipo.initd-5 1536 BLAKE2B f740afea6e83cfd32c7c2ae121b7e448b0522524c3877cf8310b9919166a60e9ada7bf81c4c716559b1e98fdc44a1ebd387fe14cd89e4c0007ceedbaed562706 SHA512 9a1da0f1a156ce58ed25b20d4e06ac11c0a3040bc032a77c688a518dcb308c6f8ffe6bdeaa608d03fd1feead89ac5f04ce98853de88d32a1af0a79005a0c26bd
AUX polipo_at.service 184 BLAKE2B 4a70215df39715f6d8972a41fa4bd191a2a6cbeee8c4d92c50f0f52a4ff240eac190ee78ca6ccc58b145e6a29fe50691268f96a818f32e9e5f09309757f49c54 SHA512 cc4d1c1b4cf8dfd835956d73292282892e64cb3f2f0e4cfb09f816912d078cee793dcb5ed09037b52accfca6239edf7411ef82d4e1bc57d4be97a5163536cb23
DIST polipo-1.1.1.tar.gz 182891 BLAKE2B 92d3b4a6665d88ebe98afc6a3e7a624689d5e48da9a83dfc89af4a3d6ee2be3be447b252b9cfa1b56677cb80ffc8d438ed870887a409b716502965468be70e50 SHA512 7324ca96c19bf9f089146a12dba349ea8cd2669ee02d0599ed6c6116d11eb0e7cef7830d91d16921ba5cdd0ce06e6f831901832326d8118ebe0a565feeec7fb1
EBUILD polipo-1.1.1-r4.ebuild 1630 BLAKE2B 8bd1c5961ea35a315b7a955b5358c8d7198edf8131aa0a95828cae053567ee9916c3a5be9a61d12fd8b092aec8ecdb3addecb79406494537b4a1fd3a23992dca SHA512 ad4d86704815b890ad1678bcfd0b71580b18ce04278d080d133157ea0578856d02f8dc182db01af85289dbc39e287a7ed92b028bf1911714569e04e9a71f8425
-EBUILD polipo-9999.ebuild 1632 BLAKE2B db9ae42d44c12fa4fd836d80b0e0f23a0f52068cc894f48d369193060d75903327c27f3a15e36d5b4a5f524888a7732ebb0a8fd880c4c6f56b8185ef5ec2d1d1 SHA512 179cfb6d6adff3115c72e0edd973cb93905a8deecba437a84b2dcd4a44e9f60159c692f013e6f44b66d83ede5676f609f0bc667806d30110a475c88e2a88576f
+EBUILD polipo-1.1.1-r5.ebuild 1681 BLAKE2B 5860285ed88e74bac30502f1e8eb4712bee2d40a7dfbb096a3565499890d10664127bb07adf5308b5d12e612401aa91f9df30b9259c99d505f25dfefa8cd8328 SHA512 f8e6c959b608c5e23a1de0455112ecb2ba814a0aa43de5c849b4ebaf1b3f2007f0caae23da463fd0036a4086fdc6a9e4ed7e86f77984b64bf8bf34734c484e2f
+EBUILD polipo-9999.ebuild 1676 BLAKE2B 472cab2c1a4920f86b0b7ad0cc87bc77ff2bdaf621080a26dbe84093adde81a4c4b3aaebb7f426d9fe3c51d768e2ed6be7ac0fc8458576a2588dc3f2282af159 SHA512 53680d4fa4d4e2cb6fd7446de3168480f2cf1c48d77c9d0479a165acbb589b39813c558af1311bcd9c49f3be4ad04b52faf897051b6e093859b2bcee5dc82f7e
MISC metadata.xml 218 BLAKE2B 2aefc34034ef5c26834231f38f9f7bf82f5f1f65b985a17be4760c385565bc9b11f9533eb56342785281a468ca2093141bcabc5a76720213d27c4cb34e38d68b SHA512 9f76a02d232e22173b3ba0bc0cf66f14e8efaa46db95a257c4ef5bd9f94a95cef41bec5ebb74b029f1043f65968674f82bc317565c7b690c2012f8c268ee78ee
diff --git a/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch b/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch
new file mode 100644
index 000000000000..20fca8cf30a5
--- /dev/null
+++ b/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch
@@ -0,0 +1,26 @@
+Reject packet with malformed range field instead of raising assert.
+This fixes CVE-2020-36420 and makes polipo conformant to RFC7233.
+--- a/server.c 2014-05-15 02:19:43.000000000 +0400
++++ b/server.c 2021-08-11 13:42:55.156568391 +0300
+@@ -1468,7 +1468,6 @@
+ int port;
+ int x, y, z;
+
+- assert(from >= 0 && (to < 0 || to > from));
+ assert(closure == NULL);
+ assert(!(object->flags & OBJECT_LOCAL));
+ assert(object->type == OBJECT_HTTP);
+@@ -1499,6 +1498,13 @@
+ notifyObject(object);
+ return 1;
+ }
++
++ if(!(from >= 0 && (to < 0 || to > from))) {
++ do_log(L_ERROR, "Invalid Range field in the header: from=%d, to=%d.\n", from, to);
++ abortObject(object, 400, internAtom("Invalid range header field"));
++ notifyObject(object);
++ return 1;
++ }
+
+ memcpy(name, ((char*)object->key) + x, y - x);
+ name[y - x] = '\0';
diff --git a/net-proxy/polipo/polipo-1.1.1-r5.ebuild b/net-proxy/polipo/polipo-1.1.1-r5.ebuild
new file mode 100644
index 000000000000..78b405073393
--- /dev/null
+++ b/net-proxy/polipo/polipo-1.1.1-r5.ebuild
@@ -0,0 +1,61 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+if [[ ${PV} == "9999" ]] ; then
+ _GIT=git-r3
+ EGIT_REPO_URI="https://github.com/jech/${PN}.git"
+ SRC_URI=""
+else
+ SRC_URI="http://www.pps.jussieu.fr/~jch/software/files/${PN}/${P}.tar.gz"
+ KEYWORDS="~amd64 ~x86"
+fi
+
+inherit ${_GIT} toolchain-funcs user systemd
+
+DESCRIPTION="A caching web proxy"
+HOMEPAGE="http://www.pps.jussieu.fr/~jch/software/polipo/"
+LICENSE="MIT GPL-2"
+SLOT="0"
+IUSE="systemd"
+
+DEPEND="sys-apps/texinfo"
+RDEPEND=""
+
+PATCHES=( "${FILESDIR}/${P}-cve-2020-36420.patch" )
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/cache/${PN} ${PN}
+}
+
+src_compile() {
+ tc-export CC
+ emake PREFIX=/usr "CDEBUGFLAGS=${CFLAGS}" all
+}
+
+src_install() {
+ emake install PREFIX=/usr MANDIR=/usr/share/man INFODIR=/usr/share/info "TARGET=${D}"
+
+ newinitd "${FILESDIR}/${PN}.initd-5" ${PN}
+ insinto /etc/${PN} ; doins "${FILESDIR}/config"
+ systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service"
+ if ! use systemd; then
+ exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN}
+ fi
+
+ dodoc -r CHANGES README html
+}
+
+pkg_postinst() {
+ elog "Do not forget to read the manual."
+ elog "Change the config file in /etc/${PN} to suit your needs."
+ elog ""
+ elog "Polipo init scripts can now be multiplexed:"
+ elog "1. create /etc/${PN}/config.foo"
+ elog "2. symlink /etc/init.d/{${PN}.foo -> ${PN}}"
+ elog " a. if you are using OpenRC, symlink /etc/init.d/{${PN}.foo -> ${PN}}"
+ elog " b. if you are using systemd, execute \"systemctl enable polipo@config.foo\""
+ elog "3. make sure all instances use unique ip:port pair and cachedir, if any"
+}
diff --git a/net-proxy/polipo/polipo-9999.ebuild b/net-proxy/polipo/polipo-9999.ebuild
index 873d40f12a32..927a75f9be2f 100644
--- a/net-proxy/polipo/polipo-9999.ebuild
+++ b/net-proxy/polipo/polipo-9999.ebuild
@@ -1,7 +1,7 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI="5"
+EAPI=7
if [[ ${PV} == "9999" ]] ; then
_GIT=git-r3
@@ -23,6 +23,8 @@ IUSE="systemd"
DEPEND="sys-apps/texinfo"
RDEPEND=""
+PATCHES=( "${FILESDIR}/${P}-cve-2020-36420.patch" )
+
pkg_setup() {
enewgroup ${PN}
enewuser ${PN} -1 -1 /var/cache/${PN} ${PN}
@@ -43,8 +45,7 @@ src_install() {
exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN}
fi
- dodoc CHANGES README
- dohtml html/*
+ dodoc -r CHANGES README html
}
pkg_postinst() {
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 12:27:44 +0000