diff options
author | Roy Marples <uberlord@gentoo.org> | 2005-12-20 13:43:40 +0000 |
---|---|---|
committer | Roy Marples <uberlord@gentoo.org> | 2005-12-20 13:43:40 +0000 |
commit | de34e98b86a625e22a857d933ebf866534c266e7 (patch) | |
tree | cc21e7feffc7a45d8dea8944618e01987c654e8b /sys-apps | |
parent | Stable on sparc wrt security #116006 (diff) | |
download | historical-de34e98b86a625e22a857d933ebf866534c266e7.tar.gz historical-de34e98b86a625e22a857d933ebf866534c266e7.tar.bz2 historical-de34e98b86a625e22a857d933ebf866534c266e7.zip |
Added patch to remove nested functions so we don't require an executable
stack, #116140. Thanks to Diego Pettenò (flameeyes@gentoo.org).
Package-Manager: portage-2.1_pre1
Diffstat (limited to 'sys-apps')
-rw-r--r-- | sys-apps/netplug/ChangeLog | 9 | ||||
-rw-r--r-- | sys-apps/netplug/Manifest | 15 | ||||
-rw-r--r-- | sys-apps/netplug/files/digest-netplug-1.2.9-r2 | 1 | ||||
-rw-r--r-- | sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch | 187 | ||||
-rw-r--r-- | sys-apps/netplug/netplug-1.2.9-r2.ebuild | 54 |
5 files changed, 254 insertions, 12 deletions
diff --git a/sys-apps/netplug/ChangeLog b/sys-apps/netplug/ChangeLog index 6452379f4974..9c32fa1668e0 100644 --- a/sys-apps/netplug/ChangeLog +++ b/sys-apps/netplug/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/netplug # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/netplug/ChangeLog,v 1.4 2005/10/19 14:58:31 cardoe Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/netplug/ChangeLog,v 1.5 2005/12/20 13:43:40 uberlord Exp $ + +*netplug-1.2.9-r2 (20 Dec 2005) + + 20 Dec 2005; Roy Marples <uberlord@gentoo.org> + +files/netplug-1.2.9-remove-nest.patch, +netplug-1.2.9-r2.ebuild: + Added patch to remove nested functions so we don't require an executable + stack, #116140. Thanks to Diego Pettenò (flameeyes@gentoo.org). 19 Oct 2005; Doug Goldstein <cardoe@gentoo.org> netplug-1.2.9-r1.ebuild: adding ~ppc keyword diff --git a/sys-apps/netplug/Manifest b/sys-apps/netplug/Manifest index 543aba6e1ef3..98329f22d71c 100644 --- a/sys-apps/netplug/Manifest +++ b/sys-apps/netplug/Manifest @@ -1,16 +1,9 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 38d5cc50578b87c1995cd2b6ae03cdaf ChangeLog 763 +MD5 62f2ee7a508a39af3743d29d67943ae2 ChangeLog 1058 MD5 e5ca23da76196da2b350d78793138426 files/digest-netplug-1.2.9-r1 65 +MD5 e5ca23da76196da2b350d78793138426 files/digest-netplug-1.2.9-r2 65 MD5 ab668235065a75c98fb3896a70bab40f files/netplug 1000 MD5 a310e86707b8f304165f61160b3ce215 files/netplug-1.2.9-gcc4.patch 362 +MD5 4aec0e0b9128010aabb6818d17711b49 files/netplug-1.2.9-remove-nest.patch 5516 MD5 019c37ba80d6e01ea4d01f93e0565bd3 metadata.xml 333 MD5 67cf72afba42e89e1f5714846b75e517 netplug-1.2.9-r1.ebuild 1142 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.2 (GNU/Linux) - -iD8DBQFDVl8yBtvusYtCZMsRAiHlAJ4l8gxtP7Hi/4VTvkK+TAld20NlSgCfXT9d -PLfks/nB4zOVgjiyvtZVnAg= -=D7bW ------END PGP SIGNATURE----- +MD5 4e3f1871045569dd12bf2e5209067626 netplug-1.2.9-r2.ebuild 1428 diff --git a/sys-apps/netplug/files/digest-netplug-1.2.9-r2 b/sys-apps/netplug/files/digest-netplug-1.2.9-r2 new file mode 100644 index 000000000000..b895ad93b788 --- /dev/null +++ b/sys-apps/netplug/files/digest-netplug-1.2.9-r2 @@ -0,0 +1 @@ +MD5 3bc8062d8033e3f897b015f2889ce5a9 netplug-1.2.9.tar.bz2 21786 diff --git a/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch new file mode 100644 index 000000000000..0a3b991a82bf --- /dev/null +++ b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch @@ -0,0 +1,187 @@ +This patch replaces the for_each_iface nested funtion with a macro so that we +don't have an executable stack and work correctly on NX capable hardware. +See http://www.gentoo.org/proj/en/hardened/gnu-stack.xml for more information. + +Patch by Diego Pettenò (flameeyes@gentoo.org) + +Index: netplug-1.2.9/if_info.c +=================================================================== +--- netplug-1.2.9.orig/if_info.c ++++ netplug-1.2.9/if_info.c +@@ -29,8 +29,7 @@ + + #include "netplug.h" + +-#define INFOHASHSZ 16 /* must be a power of 2 */ +-static struct if_info *if_info[INFOHASHSZ]; ++struct if_info *if_info[INFOHASHSZ]; + + static const char * + statename(enum ifstate s) +@@ -95,17 +94,6 @@ flags_str(char *buf, unsigned int fl) + return buf; + } + +-void +-for_each_iface(int (*func)(struct if_info *)) +-{ +- for(int i = 0; i < INFOHASHSZ; i++) { +- for(struct if_info *info = if_info[i]; info != NULL; info = info->next) { +- if ((*func)(info)) +- return; +- } +- } +-} +- + /* Reevaluate the state machine based on the current state and flag settings */ + void + ifsm_flagpoll(struct if_info *info) +@@ -284,6 +272,14 @@ ifsm_flagchange(struct if_info *info, un + info->lastchange = time(0); + } + ++int find_pid(struct if_info *i, pid_t pid, struct if_info **info) { ++ if (i->worker == pid) { ++ *info = i; ++ return 1; ++ } ++ return 0; ++} ++ + /* handle a script termination and update the state accordingly */ + void ifsm_scriptdone(pid_t pid, int exitstatus) + { +@@ -291,16 +287,8 @@ void ifsm_scriptdone(pid_t pid, int exit + struct if_info *info; + assert(WIFEXITED(exitstatus) || WIFSIGNALED(exitstatus)); + +- int find_pid(struct if_info *i) { +- if (i->worker == pid) { +- info = i; +- return 1; +- } +- return 0; +- } +- + info = NULL; +- for_each_iface(find_pid); ++ for_each_iface(find_pid, pid, &info); + + if (info == NULL) { + do_log(LOG_INFO, "Unexpected child %d exited with status %d", +Index: netplug-1.2.9/main.c +=================================================================== +--- netplug-1.2.9.orig/main.c ++++ netplug-1.2.9/main.c +@@ -164,6 +164,23 @@ child_handler(int sig, siginfo_t *info, + write(child_handler_pipe[1], &ce, sizeof(ce)); + } + ++int pollflags_state(struct if_info *info, int sockfd) { ++ struct ifreq ifr; ++ ++ if (!if_match(info->name)) ++ return 0; ++ ++ memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name)); ++ if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0) ++ do_log(LOG_ERR, "%s: can't get flags: %m", info->name); ++ else { ++ ifsm_flagchange(info, ifr.ifr_flags); ++ ifsm_flagpoll(info); ++ } ++ ++ return 0; ++} ++ + /* Poll the existing interface state, so we can catch any state + changes for which we may not have neen a netlink message. */ + static void +@@ -180,28 +197,20 @@ poll_interfaces(void) + close_on_exec(sockfd); + } + +- int pollflags(struct if_info *info) { +- struct ifreq ifr; +- +- if (!if_match(info->name)) +- return 0; +- +- memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name)); +- if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0) +- do_log(LOG_ERR, "%s: can't get flags: %m", info->name); +- else { +- ifsm_flagchange(info, ifr.ifr_flags); +- ifsm_flagpoll(info); +- } +- +- return 0; +- } +- +- for_each_iface(pollflags); ++ for_each_iface(pollflags_state, sockfd); + } + + int debug = 0; + ++/* Run over each of the interfaces we know and care about, and ++ make sure the state machine has done the appropriate thing ++ for their current state. */ ++int poll_flags_check(struct if_info *i) { ++ if (if_match(i->name)) ++ ifsm_flagpoll(i); ++ return 0; ++} ++ + int + main(int argc, char *argv[]) + { +@@ -331,17 +340,7 @@ main(int argc, char *argv[]) + { child_handler_pipe[0], POLLIN, 0 }, + }; + +- { +- /* Run over each of the interfaces we know and care about, and +- make sure the state machine has done the appropriate thing +- for their current state. */ +- int poll_flags(struct if_info *i) { +- if (if_match(i->name)) +- ifsm_flagpoll(i); +- return 0; +- } +- for_each_iface(poll_flags); +- } ++ for_each_iface(poll_flags_check); + + for(;;) { + int ret; +Index: netplug-1.2.9/netplug.h +=================================================================== +--- netplug-1.2.9.orig/netplug.h ++++ netplug-1.2.9/netplug.h +@@ -28,6 +28,9 @@ + + #define NP_SCRIPT NP_SCRIPT_DIR "/netplug" + ++#define INFOHASHSZ 16 /* must be a power of 2 */ ++extern struct if_info *if_info[INFOHASHSZ]; ++ + /* configuration */ + + void read_config(char *filename); +@@ -83,7 +86,14 @@ struct if_info *if_info_update_interface + struct rtattr *attrs[]); + int if_info_save_interface(struct nlmsghdr *hdr, void *arg); + void parse_rtattrs(struct rtattr *tb[], int max, struct rtattr *rta, int len); +-void for_each_iface(int (*func)(struct if_info *)); ++ ++#define for_each_iface(func, ...) \ ++ for(int i = 0; i < INFOHASHSZ; i++) { \ ++ for(struct if_info *each_iface = if_info[i]; each_iface != NULL; each_iface = each_iface->next) { \ ++ if (func (each_iface, ##__VA_ARGS__)) \ ++ break; \ ++ } \ ++ } + + void ifsm_flagpoll(struct if_info *info); + void ifsm_flagchange(struct if_info *info, unsigned int newflags); diff --git a/sys-apps/netplug/netplug-1.2.9-r2.ebuild b/sys-apps/netplug/netplug-1.2.9-r2.ebuild new file mode 100644 index 000000000000..26a993b93d48 --- /dev/null +++ b/sys-apps/netplug/netplug-1.2.9-r2.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/netplug/netplug-1.2.9-r2.ebuild,v 1.1 2005/12/20 13:43:40 uberlord Exp $ + +inherit eutils +DESCRIPTION="Brings up/down ethernet ports automatically with cable detection" +HOMEPAGE="http://www.red-bean.com/~bos/" +SRC_URI="http://www.red-bean.com/~bos/netplug/${P}.tar.bz2" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" + +hax_bitkeeper() { + # the makefiles have support for bk ... + # basically we have to do this or bk will try to write + # to files in /opt/bitkeeper causing sandbox violations ;( + mkdir "${T}/fakebin" + echo "#!/bin/sh"$'\n'"exit 1" > "${T}/fakebin/bk" + chmod a+x "${T}/fakebin/bk" + export PATH="${T}/fakebin:${PATH}" +} + +src_unpack() { + unpack "${A}" + cd "${S}" + + # Remove debugging from Makefile + # Remove -O3 if we have -O[0-9] in our CFLAGS + local remove=" -ggdb3 " + [[ " ${CFLAGS} " == *" -O"[0-9]" "* ]] && remove="${remove}-O3 " + sed -i -e "s/${remove}/ /" Makefile + + # Use correct structure for getsockname arg 3 + epatch "${FILESDIR}/${P}-gcc4.patch" + + # Remove nested functions, #116140 + epatch "${FILESDIR}/${P}-remove-nest.patch" +} + +src_compile() { + hax_bitkeeper + make || die "emake failed" +} + +src_install() { + into / + dosbin netplugd + doman man/man8/netplugd.8 + + dodir /etc/netplug.d + exeinto /etc/netplug.d + doexe "${FILESDIR}/netplug" +} |