From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- net-misc/omniORB/Manifest | 12 +++ ...-umask-from-002-to-022-in-CreateDir-macro.patch | 58 ++++++++++++ net-misc/omniORB/files/ldflags.patch | 11 +++ net-misc/omniORB/files/omniNames | 21 +++++ .../files/omniORB-4.1.4-format-security.patch | 16 ++++ .../omniORB/files/omniORB-4.1.4-openssl-1.patch | 31 ++++++ net-misc/omniORB/metadata.xml | 7 ++ net-misc/omniORB/omniORB-4.1.4-r2.ebuild | 92 ++++++++++++++++++ net-misc/omniORB/omniORB-4.2.1_p2.ebuild | 104 +++++++++++++++++++++ 9 files changed, 352 insertions(+) create mode 100644 net-misc/omniORB/Manifest create mode 100644 net-misc/omniORB/files/change-umask-from-002-to-022-in-CreateDir-macro.patch create mode 100644 net-misc/omniORB/files/ldflags.patch create mode 100644 net-misc/omniORB/files/omniNames create mode 100644 net-misc/omniORB/files/omniORB-4.1.4-format-security.patch create mode 100644 net-misc/omniORB/files/omniORB-4.1.4-openssl-1.patch create mode 100644 net-misc/omniORB/metadata.xml create mode 100644 net-misc/omniORB/omniORB-4.1.4-r2.ebuild create mode 100644 net-misc/omniORB/omniORB-4.2.1_p2.ebuild (limited to 'net-misc/omniORB') diff --git a/net-misc/omniORB/Manifest b/net-misc/omniORB/Manifest new file mode 100644 index 000000000000..9d7fd610f468 --- /dev/null +++ b/net-misc/omniORB/Manifest @@ -0,0 +1,12 @@ +AUX change-umask-from-002-to-022-in-CreateDir-macro.patch 1985 SHA256 40a18fdb24d0b20b113db3a73386dbb0b09183bf82c83aeba6b8a942a49bb408 SHA512 cc2fb4c3bc9e10aea73b65623b679f930a668ef758392e0d67a0a0a7e46b15df788fa7668b788d0b356fe367399f70f0012e1ca99b0a9e7452608d07d8db9e05 WHIRLPOOL e76f518cd2bbd2c0d17b128bef378eb25495a642328706f7a740b8ecd9b1a357a3d5f7f26978be83def6c92c05bbd84e0c7812c46b8ce0aef21aa172a59a04dd +AUX ldflags.patch 452 SHA256 d02d4ba72a5995b07a4189e28deaba25c3733e8639b682d5cee4b36180fc9bee SHA512 472d66b3071de94d4753773092c4781f5b4419041dc23b777bc13e8e4f4a1a40f245931479fc294c43a9e73f322e93b2055fb52a1070423d58dd32f23b0f61ca WHIRLPOOL ab8e25bab496c7c4e5408135500e1cae0366ed0a2698310040071ea27c94020df77b92e21907ea5637b6716093f6108eed594e36dc36bc6d71a99d1b7557a21a +AUX omniNames 571 SHA256 f723be6ac217df446d33e1b45f5726e5789d73d534df8a1d187464512ea996b0 SHA512 98f08cd0bef699bdd8da026efbf211c5bf8dfa5bb24bd4438581dd4acf6cbabdb42e19de5a5d8ae9db74bafea86fb316ff75f3278c255cab7277f95681578044 WHIRLPOOL fe7e0b27767bfef3d495f32a91bcb9b433f25bf14a5f388f70232bd5d5d106d02d5f3e8342c0dbdd4693e095d214a155e49806af30eeb0d46f77027447c0b34d +AUX omniORB-4.1.4-format-security.patch 557 SHA256 a3169304c555b99591c576e745ad5b4717afaf20e02643fef0336578048e000b SHA512 f2d9ca53f9dcdac7fc0224e435ee7d4eecaf5c948d406f94e81a9ae7770d192b18e846ddd245c5b74e77efb7030902b9f2817b13349f2a685caadb05633e14ee WHIRLPOOL ae7232efd23340f47d12de69ebc4249e5b7b61d7cbc6e248e6dce327b6e524393eeb7a6577d4ccada85a6e5c06ff44ff2991bb5b55c59198ead80e6876d0c670 +AUX omniORB-4.1.4-openssl-1.patch 770 SHA256 0a27f1476347939ba24fce9d0f2e02461644187a8b72ff727d96b3f9a817f623 SHA512 b43adc69ec30a3a1cf6581e050ca93927b267c67623aafdb53db0135a8d4164c779a9d54249c8672e5d8f1c761681092be3c2908cb772820d019db1e2b1ba396 WHIRLPOOL 21d0a2bbe5c8b9ac2aea24e201e7d3090211f45880d5696c61aefe8ccffb68bf2dd168cfbe0c67c7a310ab8a24b3202e112003b2bdd35bba070f2d90b8939e21 +DIST omniORB-4.1.4.tar.gz 3093814 SHA256 84fb9790c25d6e46248c9773747e393b429573190da2150850d4a49debda4e8e SHA512 0ed989dd9a8c024a575ebbe1def137d11c4e52297727883d26cb1fdc87d2965e6d0152ee4b7b90097f2d97eb22501bb968eff0d070e88f80a9fef6b7439e1a1c WHIRLPOOL 16b12ade124e62b57d8401c73975a4a0861166f080b0f735e7ad363dca1a7387d807e5c8bf4ae9b90b70f41a03e9811109bcb917e78b833578e891b78c9da55f +DIST omniORB-4.2.1-2.tar.bz2 2663504 SHA256 9b638c7047a05551c42fe13901194e63b58750d4124654bfa26203d09cb5072d SHA512 574bbc66f9eee87f06500c798e034a289e6104b3a921c8e956231c5c042a3306016b2aa69699eadef25edb97bed7580f7f27beec3893582a1ba16bb01f934fd6 WHIRLPOOL fc85c5e9a328ce64bcf97c66a7710b272196659360d60d575bc89af308f96de7fec490bf52e6e6d7b221e5ce6577b77caef8b333fef31b000dba4dd7833e00ec +EBUILD omniORB-4.1.4-r2.ebuild 2184 SHA256 70f5a9ae85ff501e3f6b7d2a9ba9cd056050bd5104195a3f278b47650bef608c SHA512 a4d08d26cdf8b7fbee13bed2a92eee52190ccdba863a46f8b87cd210fb212ef2eb85a0a84ec1e6895f360d3b1ae76d91c2f15a322bf85e0e35759d4c659185af WHIRLPOOL bd5f3f2a1df6693c2930a0290c7c6ffd8c399c5126204dffcda848cbf64f53335d3b5f23393156af15b1a1f8e2089342840c68b412f65993cc67dc0fffc6335c +EBUILD omniORB-4.2.1_p2.ebuild 2868 SHA256 c8f2eeaef2e61c80d5f98f2ff7dfb0feaaf79864993e60505f8eacf5b7afc88b SHA512 cd5b8534d4a9c6a745e2c6d3d51c69b7c9521ff8d46a93461f09cc5b113645357496ab42f597bc3de45c642c523bb512a70150a336c33c499127864c4f4bda60 WHIRLPOOL 370073fd94bfcca7790fb20e54fdb5c3113b911b4abbe2d72905d110735c2aac215b26d79b702de5c8a917f6f6f7c45eb07e6ef64800a92c2868885ec3d1fd06 +MISC ChangeLog 3628 SHA256 da8b91948d0251c1779b229d94e7e34768e40aceeabdb662e3a01c6dde412630 SHA512 09f8b32190cfe37060f7f2ada06bb7b796ba60af3cb2f07dedd5dd403cbb21ddbb175c838afc12fd7b9f9c1c6ba8702ed5097f86149beca29dee611c03f2faa8 WHIRLPOOL 51790ff648cd93a2822c1853d6352f36bdd68c2d6481c06183d6304050deefe8df26aa727163fe437dc32e5318818a0a2ce5164006fbf1f2e6f918dddeecf0bf +MISC ChangeLog-2015 11791 SHA256 e3aebbf94416d2b2da1a40fae1993cafa19ecec2538bcbf15eb1c0ca9095ef3a SHA512 f0981e39ac1f2e4c61022f3c53ac9ab83d2d4828ca34c87048816f51bfe48b0de744aec3b35f3ede29f24e2290d8c6d8b9daed212a51431fe13742fcdfabf487 WHIRLPOOL 270d919bd2a0ad6ada2bd170bf24f6ec0fbf4620a0f7af404c91c0b11613cb28985d047f340187b80ed2e18341bf19ba253eb79f8259fb6fc98afff5550f5a5d +MISC metadata.xml 220 SHA256 5b5521cb5b54e374fd706caa578dbdb03aca4a8664017bb2aade3f6204b47f8b SHA512 a8201f66fb2504f83b9b89adf3e3b23b1b78410cbcfa740e49ea0c984e164aa430eadfe01fe05b1ad4d9c6cd1206e8ef614fc31a1aad86f3e4af183781cea563 WHIRLPOOL ee9a294cda5658d8b0e39b54d6b1e1cf03905449a4576bf48e96928f082bf47a10c35192f1f87a79ef29ccd04bbd51efb0012977b71aa7970ed0709aaf6c6b02 diff --git a/net-misc/omniORB/files/change-umask-from-002-to-022-in-CreateDir-macro.patch b/net-misc/omniORB/files/change-umask-from-002-to-022-in-CreateDir-macro.patch new file mode 100644 index 000000000000..2aaab59ef201 --- /dev/null +++ b/net-misc/omniORB/files/change-umask-from-002-to-022-in-CreateDir-macro.patch @@ -0,0 +1,58 @@ +From 2a0ea5621ef7cd9303e49657166dfd04ffa624d7 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky +Date: Tue, 16 Aug 2016 13:55:08 -0400 +Subject: [PATCH 1/1] mk: Change umask from 002 to 022 in the CreateDir macro. + +The build system has a macro called CreateDir that does more or less +what you'd expect. But before it creates the directory given to it, it +sets the umask to 002. This can be a vulnerability, since we don't +know who the end user will be building the software as; there may be +untrusted people in his default group. In that case, one of those +people can overwrite the scripts in the directory created by CreateDir +before the user executes them. + +There is a kernel-level workaround for these types of vulnerabilities +in the Grsecurity project called Trusted Path Execution (TPE). When +enabled, users are not allowed to execute files in directories not +owned by themselves or root. When that restriction is enabled, omniORB +fails to build (due to the aforementioned umask). + +This commit changes the umask to 022 in CreateDir. This should not +cause any problems (ha ha), and is safer than the previous umask of +002. It also fixes the build on systems where TPE is enabled. + +Gentoo-Bug: 576040 +--- + mk/beforeauto.mk.in | 2 +- + mk/beforedir.mk | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/mk/beforeauto.mk.in b/mk/beforeauto.mk.in +index 83d544c..9f65c69 100644 +--- a/mk/beforeauto.mk.in ++++ b/mk/beforeauto.mk.in +@@ -167,7 +167,7 @@ unexport SUBDIRS + + define CreateDir + if [ ! -d $$dir ]; then \ +- (umask 002; set -x; $(MKDIRHIER) $$dir); \ ++ (umask 022; set -x; $(MKDIRHIER) $$dir); \ + fi + endef + +diff --git a/mk/beforedir.mk b/mk/beforedir.mk +index f804ed3..855bc4d 100644 +--- a/mk/beforedir.mk ++++ b/mk/beforedir.mk +@@ -187,7 +187,7 @@ unexport SUBDIRS + + define CreateDir + if [ ! -d $$dir ]; then \ +- (umask 002; set -x; $(MKDIRHIER) $$dir); \ ++ (umask 022; set -x; $(MKDIRHIER) $$dir); \ + fi + endef + +-- +2.7.3 + diff --git a/net-misc/omniORB/files/ldflags.patch b/net-misc/omniORB/files/ldflags.patch new file mode 100644 index 000000000000..471df27ae7f4 --- /dev/null +++ b/net-misc/omniORB/files/ldflags.patch @@ -0,0 +1,11 @@ +--- mk/beforeauto.mk.in.orig 2010-04-24 21:13:17.000000000 +0200 ++++ mk/beforeauto.mk.in 2010-04-24 21:14:24.000000000 +0200 +@@ -541,7 +541,7 @@ + SharedLibraryLibNameTemplate = lib$$1$$2.$(SHAREDLIB_SUFFIX) + SharedLibraryImplibNameTemplate = lib$$1$$2.a + +-SharedLibraryPlatformLinkFlagsTemplate = -shared -Wl,-soname,$$soname ++SharedLibraryPlatformLinkFlagsTemplate = -shared -Wl,-soname,$$soname @LDFLAGS@ + + define SharedLibraryFullName + fn() { \ diff --git a/net-misc/omniORB/files/omniNames b/net-misc/omniORB/files/omniNames new file mode 100644 index 000000000000..e2e7851fd3a2 --- /dev/null +++ b/net-misc/omniORB/files/omniNames @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +start() { + ebegin "Starting omniNames" + start-stop-daemon --start --background --make-pidfile --pidfile /var/run/omniNames.pid \ + --exec /usr/bin/omniNames -- -start -always -logdir /var/log/omniORB \ + -errlog /var/log/omniORB/omniORB.errors + eend $? "Error starting omniNames." +} + +stop() { + ebegin "Stopping omniNames" + start-stop-daemon --stop --pidfile /var/run/omniNames.pid + eend $? "Error stopping omniNames." +} diff --git a/net-misc/omniORB/files/omniORB-4.1.4-format-security.patch b/net-misc/omniORB/files/omniORB-4.1.4-format-security.patch new file mode 100644 index 000000000000..2af8d21d308d --- /dev/null +++ b/net-misc/omniORB/files/omniORB-4.1.4-format-security.patch @@ -0,0 +1,16 @@ + src/tool/omniidl/cxx/cccp/cccp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tool/omniidl/cxx/cccp/cccp.c b/src/tool/omniidl/cxx/cccp/cccp.c +index 0198b1a..64d80ae 100644 +--- a/src/tool/omniidl/cxx/cccp/cccp.c ++++ b/src/tool/omniidl/cxx/cccp/cccp.c +@@ -8034,7 +8034,7 @@ macroexpand (hp, op) + else + parse_error = macarg (NULL_PTR, 0); + if (parse_error) { +- error_with_line (line_for_error (start_line), parse_error); ++ error_with_line (line_for_error (start_line), "%s", parse_error); + break; + } + i++; diff --git a/net-misc/omniORB/files/omniORB-4.1.4-openssl-1.patch b/net-misc/omniORB/files/omniORB-4.1.4-openssl-1.patch new file mode 100644 index 000000000000..968013a25781 --- /dev/null +++ b/net-misc/omniORB/files/omniORB-4.1.4-openssl-1.patch @@ -0,0 +1,31 @@ +http://bugs.gentoo.org/326791 + +--- include/omniORB4/sslContext.h ++++ include/omniORB4/sslContext.h +@@ -111,7 +111,11 @@ + virtual ~sslContext(); + + protected: +- virtual SSL_METHOD* set_method(); ++ #if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ virtual const SSL_METHOD* set_method(); ++ #else ++ virtual SSL_METHOD* set_method(); ++ #endif + // Default to return SSLv23_method(). + + virtual void set_supported_versions(); +--- src/lib/omniORB/orbcore/ssl/sslContext.cc ++++ src/lib/omniORB/orbcore/ssl/sslContext.cc +@@ -197,7 +197,11 @@ + } + + ///////////////////////////////////////////////////////////////////////// ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++const SSL_METHOD* ++#else + SSL_METHOD* ++#endif + sslContext::set_method() { + return SSLv23_method(); + } diff --git a/net-misc/omniORB/metadata.xml b/net-misc/omniORB/metadata.xml new file mode 100644 index 000000000000..000f9330f8c4 --- /dev/null +++ b/net-misc/omniORB/metadata.xml @@ -0,0 +1,7 @@ + + + + + omniorb + + diff --git a/net-misc/omniORB/omniORB-4.1.4-r2.ebuild b/net-misc/omniORB/omniORB-4.1.4-r2.ebuild new file mode 100644 index 000000000000..183a5713a85a --- /dev/null +++ b/net-misc/omniORB/omniORB-4.1.4-r2.ebuild @@ -0,0 +1,92 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit eutils multilib python-single-r1 + +DESCRIPTION="A robust, high-performance CORBA 2 ORB" +HOMEPAGE="http://omniorb.sourceforge.net/" +SRC_URI="mirror://sourceforge/omniorb/${P}.tar.gz" + +LICENSE="LGPL-2 GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc ppc64 ~sparc x86" +IUSE="doc ssl static-libs" +REQUIRED_USE="${PYTHON_REQUIRED_USE}" + +RDEPEND="${PYTHON_DEPS} + ssl? ( >=dev-libs/openssl-0.9.6b:0= )" +DEPEND="${RDEPEND}" + +src_prepare() { + # respect ldflags, bug #284191 + epatch \ + "${FILESDIR}"/ldflags.patch \ + "${FILESDIR}"/${P}-openssl-1.patch \ + "${FILESDIR}"/${P}-format-security.patch + + sed \ + -e 's/^CXXDEBUGFLAGS.*/CXXDEBUGFLAGS = $(OPTCXXFLAGS)/' \ + -e 's/^CDEBUGFLAGS.*/CDEBUGFLAGS = $(OPTCFLAGS)/' \ + -i mk/beforeauto.mk.in mk/platforms/i586_linux_2.0*.mk || \ + die "sed failed" +} + +src_configure() { + mkdir build && cd build || die + + local MY_CONF="--prefix=/usr --with-omniORB-config=/etc/omniorb/omniORB.cfg \ + --with-omniNames-logdir=/var/log/omniORB --libdir=/usr/$(get_libdir)" + + use ssl && MY_CONF="${MY_CONF} --with-openssl=/usr" + + ECONF_SOURCE=".." econf ${MY_CONF} $(use_enable static-libs static) +} + +src_compile() { + cd build || die + emake OPTCFLAGS="${CFLAGS}" OPTCXXFLAGS="${CXXFLAGS}" +} + +src_install() { + cd build || die + default + # this looks redundant + rm "${ED}/usr/bin/omniidlrun.py" || die + + cd "${S}" || die + + if use doc; then + dohtml doc/*.html + dohtml -r doc/omniORB + docinto print + dodoc doc/*.pdf + fi + + cat <<- EOF > "${T}/90omniORB" + PATH="/usr/share/omniORB/bin/scripts" + OMNIORB_CONFIG="/etc/omniorb/omniORB.cfg" + EOF + doenvd "${T}/90omniORB" + doinitd "${FILESDIR}"/omniNames + + cp "sample.cfg" "${T}/omniORB.cfg" || die + cat <<- EOF >> "${T}/omniORB.cfg" + # resolve the omniNames running on localhost + InitRef = NameService=corbaname::localhost + EOF + insinto /etc/omniorb + doins "${T}"/omniORB.cfg + + keepdir /var/log/omniORB + + python_optimize + python_fix_shebang "${ED}"/usr/bin/omniidl +} + +pkg_postinst() { + elog "Since 4.1.2, the omniORB init script has been renamed to omniNames for clarity." +} diff --git a/net-misc/omniORB/omniORB-4.2.1_p2.ebuild b/net-misc/omniORB/omniORB-4.2.1_p2.ebuild new file mode 100644 index 000000000000..46b2de01bec8 --- /dev/null +++ b/net-misc/omniORB/omniORB-4.2.1_p2.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +# The build system picks one version of python and sticks with it. It +# tries to guess your version (based on /usr/bin/python), but for +# consistency we have to force it to use one that we specify. The +# highest version the configure script will accept is python-3.3, but +# that's on it's way out, so we prefer to stick with python-2.7 for now. +PYTHON_COMPAT=( python2_7 ) + +inherit python-single-r1 + +MY_P="${P/_p/-}" +DESCRIPTION="A robust, high-performance CORBA 2 ORB" +HOMEPAGE="http://omniorb.sourceforge.net/" +SRC_URI="mirror://sourceforge/omniorb/${MY_P}.tar.bz2" + +LICENSE="LGPL-2 GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="doc ipv6 ssl" +REQUIRED_USE="${PYTHON_REQUIRED_USE}" + +RDEPEND="${PYTHON_DEPS} + ssl? ( dev-libs/openssl:0= )" +DEPEND="${RDEPEND}" + +S="${WORKDIR}/${PN}-${PV/_p2/}" + +PATCHES=( + "${FILESDIR}/omniORB-4.1.4-format-security.patch" + "${FILESDIR}/change-umask-from-002-to-022-in-CreateDir-macro.patch" +) + +src_prepare() { + default + + # The OPTC(XX)FLAGS variables aren't present in these files, but we + # will set them when we call emake. + sed \ + -e 's/^CXXDEBUGFLAGS.*/CXXDEBUGFLAGS = $(OPTCXXFLAGS)/' \ + -e 's/^CDEBUGFLAGS.*/CDEBUGFLAGS = $(OPTCFLAGS)/' \ + -i mk/beforeauto.mk.in mk/platforms/i586_linux_2.0*.mk || \ + die 'failed to switch CFLAGS variables in the makefile includes' + + # The out-of-source build is suggested by upstream. + mkdir build || die 'failed to create build directory' +} + +src_configure() { + cd build || die 'failed to change into the build directory' + + ECONF_SOURCE=".." econf \ + --disable-static \ + --with-omniORB-config=/etc/omniorb/omniORB.cfg \ + --with-omniNames-logdir=/var/log/omniORB \ + --libdir="/usr/$(get_libdir)" \ + $(use_enable ipv6) \ + $(use_with ssl openssl "/usr") +} + +src_compile() { + cd build || die 'failed to change into the build directory' + emake OPTCFLAGS="${CFLAGS}" OPTCXXFLAGS="${CXXFLAGS}" +} + +src_install() { + cd build || die 'failed to change into the build directory' + default + + rm "${ED}/usr/bin/omniidlrun.py" || \ + die 'failed to remove redundant omniidlrun.py' + + cd "${S}" || die "failed to change into the ${S} directory" + + dodoc CREDITS doc/*.html ReleaseNotes.txt update.log + dodoc -r doc/omniORB + + if use doc; then + dodoc doc/*.pdf + fi + + cat <<- EOF > "${T}/90omniORB" + PATH="/usr/share/omniORB/bin/scripts" + OMNIORB_CONFIG="/etc/omniorb/omniORB.cfg" + EOF + doenvd "${T}/90omniORB" + doinitd "${FILESDIR}"/omniNames + + cp "sample.cfg" "${T}/omniORB.cfg" || die + cat <<- EOF >> "${T}/omniORB.cfg" + # resolve the omniNames running on localhost + InitRef = NameService=corbaname::localhost + EOF + insinto /etc/omniorb + doins "${T}"/omniORB.cfg + + keepdir /var/log/omniORB + + python_optimize + python_fix_shebang "${ED}"/usr/bin/omniidl +} -- cgit v1.2.3