summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLouis Sautier <sbraz@gentoo.org>2018-07-16 09:02:08 +0200
committerLouis Sautier <sbraz@gentoo.org>2018-07-16 09:03:45 +0200
commite3b663adafd6756f5fd136e71e078fe31083eac8 (patch)
tree7813d0ca0919b3d56c9416c6d50789a4bd833d99
parentdev-perl/Module-Runtime-Conflicts: keyworded 0.3.0 for sparc, bug #661194 (diff)
downloadgentoo-e3b663adafd6756f5fd136e71e078fe31083eac8.tar.gz
gentoo-e3b663adafd6756f5fd136e71e078fe31083eac8.tar.bz2
gentoo-e3b663adafd6756f5fd136e71e078fe31083eac8.zip
net-irc/znc: remove the last vulnerable version
Bug: https://bugs.gentoo.org/661228 Package-Manager: Portage-2.3.42, Repoman-2.3.9
-rw-r--r--net-irc/znc/Manifest2
-rw-r--r--net-irc/znc/files/README.gentoo22
-rw-r--r--net-irc/znc/files/znc-1.6.1-create-pidfile-per-default.patch23
-rw-r--r--net-irc/znc/files/znc-1.6.1-systemwideconfig.patch215
-rw-r--r--net-irc/znc/files/znc.initd-r139
-rw-r--r--net-irc/znc/metadata.xml1
-rw-r--r--net-irc/znc/znc-1.6.6.ebuild129
7 files changed, 0 insertions, 431 deletions
diff --git a/net-irc/znc/Manifest b/net-irc/znc/Manifest
index eedc2aef66e0..62133c7bbce1 100644
--- a/net-irc/znc/Manifest
+++ b/net-irc/znc/Manifest
@@ -1,4 +1,2 @@
-DIST googletest-release-1.7.0.tar.gz 468653 BLAKE2B 8dfca8b79dcd7b64ce84bad11ee68c549f4fe3dff7638ed1d845af4a7f754ad5df782d2cbebdb9fecfda2499dae6585e07cda7a8c8c454f0b70723d5c9578aa4 SHA512 c623d5720c4ed574e95158529872815ecff478c03bdcee8b79c9b042a603533f93fe55f939bcfe2cd745ce340fd626ad6d9a95981596f1a4d05053d874cd1dfc
DIST gtest-ba96d0b1161f540656efdaed035b3c062b60e006.tar.gz 987370 BLAKE2B fcedfe559c4c93166962900117dc492da3cbb99165c30766c39131c20e3b41f057a31a8cb631beaca829c1e9966e90cbc37469ba56a5fc15a2bea86cbe401a63 SHA512 ce78098f973b45f4a177db387c42a56d5ea34407a2af278760b850c326e8450760a58991d62a5408f5df79f89fefd10fee71745b7e8669b2a6f74fa63a259600
-DIST znc-1.6.6.tar.gz 1471612 BLAKE2B 8bd977a95417c4259e9f38759d838f55a146f376dc8bb6230ab6e1b698fb7c9e060cbc237efd4e836961314abab56cc02e7c6bc74e40bad17abaf06e47fbb516 SHA512 cc5bc7328bfe36525ab215b4b53c7cd20aa02b41e7bb28507ff9d9632560f4c30396804e4b828bca0ece19f42813e3fce59d1bae639ea5fc149059f6979e63e7
DIST znc-1.7.1-rc1.tar.gz 2041320 BLAKE2B 62669b598d7423cb55fad458fe6172be36904e8599dcde757936883093f24deb6a5ed6a093e3e92854810f02e96372f44139f9807e70e0cf007de90a1373c6a8 SHA512 b4e223c86c75bc97620c52333d90d6458a02777dce9c629f8a095f8134a06992a60978b2fe8bbce29ed1155932f9f37e0a324a498ee16527b0235e4306c34973
diff --git a/net-irc/znc/files/README.gentoo b/net-irc/znc/files/README.gentoo
deleted file mode 100644
index 5b222a24f589..000000000000
--- a/net-irc/znc/files/README.gentoo
+++ /dev/null
@@ -1,22 +0,0 @@
-To run znc as a user, run 'znc --makeconf' to create a configuration file.
-
-If znc was compiled with the 'daemon' use flag, you may run
- emerge --config znc
-to configure it.
-
-To generate a new SSL certificate, run:
- znc --system-wide-config-as znc --makepem -d /var/lib/znc
-as root.
-
-If migrating from a user-based install, you can copy the existing
-configuration files:
- mkdir /var/lib/znc
- mv /home/$USER/.znc/* /var/lib/znc
- rm -rf /home/$USER/.znc
- chown -R znc:znc /var/lib/znc
-You may also adjust the location of the files and the user running znc
-in /etc/conf.d/znc instead.
-
-To run as a daemon, please make sure that your configuration contains
- PidFile = /run/znc/znc.pid
-or that the PidFile value matches the one in /etc/conf.d/znc.
diff --git a/net-irc/znc/files/znc-1.6.1-create-pidfile-per-default.patch b/net-irc/znc/files/znc-1.6.1-create-pidfile-per-default.patch
deleted file mode 100644
index 8419e9344bf2..000000000000
--- a/net-irc/znc/files/znc-1.6.1-create-pidfile-per-default.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Add PidFile option to new configurations per default
-
-Our runscript requires that ZNC creates a pidfile. This patch will add
-the PidFile directive to ZNC's default configuration.
----
- src/znc.cpp | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/znc.cpp b/src/znc.cpp
-index b33e860..4a02568 100644
---- a/src/znc.cpp
-+++ b/src/znc.cpp
-@@ -575,6 +575,7 @@ bool CZNC::WriteNewConfig(const CString& sConfigFile) {
- VCString vsLines;
-
- vsLines.push_back(MakeConfigHeader());
-+ vsLines.push_back("PidFile = /run/znc/znc.pid");
- vsLines.push_back("Version = " + CString(VERSION_STR));
-
- m_sConfigFile = ExpandConfigPath(sConfigFile);
---
-2.5.0
-
diff --git a/net-irc/znc/files/znc-1.6.1-systemwideconfig.patch b/net-irc/znc/files/znc-1.6.1-systemwideconfig.patch
deleted file mode 100644
index d28fa30c219d..000000000000
--- a/net-irc/znc/files/znc-1.6.1-systemwideconfig.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-Add system-wide daemon support.
-
-This patch adds system-wide daemon support to ZNC so that you can run
-one ZNC instance system-wide using the new "--system-wide-config-as"
-option.
-
-Patch is based on @mrueg version from 2012.
-
-X-Gentoo-Bug: 438430
-X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=438430
----
- include/znc/znc.h | 3 ++
- src/main.cpp | 83 ++++++++++++++++++++++++++++++++++++++++---------------
- src/znc.cpp | 7 ++++-
- 3 files changed, 70 insertions(+), 23 deletions(-)
-
-diff --git a/include/znc/znc.h b/include/znc/znc.h
-index cf2326e..16394f9 100644
---- a/include/znc/znc.h
-+++ b/include/znc/znc.h
-@@ -187,6 +187,8 @@ public:
-
- static void DumpConfig(const CConfig* Config);
-
-+ void SetSystemWideConfig(bool systemWideConfig);
-+
- private:
- CFile* InitPidFile();
- bool DoRehash(CString& sError);
-@@ -231,6 +233,7 @@ protected:
- unsigned int m_uiConnectPaused;
- TCacheMap<CString> m_sConnectThrottle;
- bool m_bProtectWebSessions;
-+ bool m_bSystemWideConfig;
- bool m_bHideVersion;
- };
-
-diff --git a/src/main.cpp b/src/main.cpp
-index 09b2c9c..bd5cca6 100644
---- a/src/main.cpp
-+++ b/src/main.cpp
-@@ -16,6 +16,9 @@
-
- #include <znc/znc.h>
- #include <signal.h>
-+#include <sys/types.h>
-+#include <pwd.h>
-+#include <grp.h>
-
- #if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD)
- #include <znc/Threads.h>
-@@ -99,34 +102,36 @@ static inline int getopt_long(int argc, char * const argv[], const char *optstri
- #endif
-
- static const struct option g_LongOpts[] = {
-- { "help", no_argument, 0, 'h' },
-- { "version", no_argument, 0, 'v' },
-- { "debug", no_argument, 0, 'D' },
-- { "foreground", no_argument, 0, 'f' },
-- { "no-color", no_argument, 0, 'n' },
-- { "allow-root", no_argument, 0, 'r' },
-- { "makeconf", no_argument, 0, 'c' },
-- { "makepass", no_argument, 0, 's' },
-- { "makepem", no_argument, 0, 'p' },
-- { "datadir", required_argument, 0, 'd' },
-+ { "help", no_argument, 0, 'h' },
-+ { "version", no_argument, 0, 'v' },
-+ { "debug", no_argument, 0, 'D' },
-+ { "foreground", no_argument, 0, 'f' },
-+ { "no-color", no_argument, 0, 'n' },
-+ { "allow-root", no_argument, 0, 'r' },
-+ { "makeconf", no_argument, 0, 'c' },
-+ { "makepass", no_argument, 0, 's' },
-+ { "makepem", no_argument, 0, 'p' },
-+ { "datadir", required_argument, 0, 'd' },
-+ { "system-wide-config-as", required_argument, 0, 'S' },
- { 0, 0, 0, 0 }
- };
-
- static void GenerateHelp(const char *appname) {
- CUtils::PrintMessage("USAGE: " + CString(appname) + " [options]");
- CUtils::PrintMessage("Options are:");
-- CUtils::PrintMessage("\t-h, --help List available command line options (this page)");
-- CUtils::PrintMessage("\t-v, --version Output version information and exit");
-- CUtils::PrintMessage("\t-f, --foreground Don't fork into the background");
-- CUtils::PrintMessage("\t-D, --debug Output debugging information (Implies -f)");
-- CUtils::PrintMessage("\t-n, --no-color Don't use escape sequences in the output");
-- CUtils::PrintMessage("\t-r, --allow-root Don't complain if ZNC is run as root");
-- CUtils::PrintMessage("\t-c, --makeconf Interactively create a new config");
-- CUtils::PrintMessage("\t-s, --makepass Generates a password for use in config");
-+ CUtils::PrintMessage("\t-h, --help List available command line options (this page)");
-+ CUtils::PrintMessage("\t-v, --version Output version information and exit");
-+ CUtils::PrintMessage("\t-f, --foreground Don't fork into the background");
-+ CUtils::PrintMessage("\t-D, --debug Output debugging information (Implies -f)");
-+ CUtils::PrintMessage("\t-n, --no-color Don't use escape sequences in the output");
-+ CUtils::PrintMessage("\t-r, --allow-root Don't complain if ZNC is run as root");
-+ CUtils::PrintMessage("\t-c, --makeconf Interactively create a new config");
-+ CUtils::PrintMessage("\t-s, --makepass Generates a password for use in config");
- #ifdef HAVE_LIBSSL
-- CUtils::PrintMessage("\t-p, --makepem Generates a pemfile for use with SSL");
-+ CUtils::PrintMessage("\t-p, --makepem Generates a pemfile for use with SSL");
- #endif /* HAVE_LIBSSL */
-- CUtils::PrintMessage("\t-d, --datadir Set a different ZNC repository (default is ~/.znc)");
-+ CUtils::PrintMessage("\t-d, --datadir Set a different ZNC repository (default is ~/.znc)");
-+ CUtils::PrintMessage("\t-S, --system-wide-config-as Create a system-wide ZNC daemon configuration");
- }
-
- static void die(int sig) {
-@@ -192,6 +197,8 @@ int main(int argc, char** argv) {
- bool bMakeConf = false;
- bool bMakePass = false;
- bool bAllowRoot = false;
-+ bool bSystemWideConfig = false;
-+ CString sSystemWideConfigUser = "znc";
- bool bForeground = false;
- #ifdef ALWAYS_RUN_IN_FOREGROUND
- bForeground = true;
-@@ -201,7 +208,7 @@ int main(int argc, char** argv) {
- #endif
- CZNC::CreateInstance();
-
-- while ((iArg = getopt_long(argc, argv, "hvnrcspd:Df", g_LongOpts, &iOptIndex)) != -1) {
-+ while ((iArg = getopt_long(argc, argv, "hvnrcspd:DfS:", g_LongOpts, &iOptIndex)) != -1) {
- switch (iArg) {
- case 'h':
- GenerateHelp(argv[0]);
-@@ -219,6 +226,10 @@ int main(int argc, char** argv) {
- case 'c':
- bMakeConf = true;
- break;
-+ case 'S':
-+ bSystemWideConfig = true;
-+ sSystemWideConfigUser = optarg;
-+ break;
- case 's':
- bMakePass = true;
- break;
-@@ -254,8 +265,36 @@ int main(int argc, char** argv) {
- return 1;
- }
-
-+ if (bSystemWideConfig && getuid() == 0) {
-+ struct passwd *pwd;
-+
-+ pwd = getpwnam(sSystemWideConfigUser.c_str());
-+ if (pwd == NULL) {
-+ CUtils::PrintError("Daemon user not found.");
-+ return 1;
-+ }
-+
-+ if ((long) pwd->pw_uid == 0) {
-+ CUtils::PrintError("Please define a daemon user other than root.");
-+ return 1;
-+ }
-+ if (setgroups(0, NULL) != 0) {
-+ CUtils::PrintError("setgroups: Unable to clear supplementary group IDs");
-+ return 1;
-+ }
-+ if (setgid((long) pwd->pw_gid) != 0) {
-+ CUtils::PrintError("setgid: Unable to drop group privileges");
-+ return 1;
-+ }
-+ if (setuid((long) pwd->pw_uid) != 0) {
-+ CUtils::PrintError("setuid: Unable to drop user privileges");
-+ return 1;
-+ }
-+ }
-+
- CZNC* pZNC = &CZNC::Get();
- pZNC->InitDirs(((argc) ? argv[0] : ""), sDataDir);
-+ pZNC->SetSystemWideConfig(bSystemWideConfig);
-
- #ifdef HAVE_LIBSSL
- if (bMakePem) {
-@@ -304,7 +343,7 @@ int main(int argc, char** argv) {
- CUtils::PrintStatus(true, "");
- }
-
-- if (isRoot()) {
-+ if (isRoot() && !bSystemWideConfig) {
- CUtils::PrintError("You are running ZNC as root! Don't do that! There are not many valid");
- CUtils::PrintError("reasons for this and it can, in theory, cause great damage!");
- if (!bAllowRoot) {
-diff --git a/src/znc.cpp b/src/znc.cpp
-index 78cda1a..b33e860 100644
---- a/src/znc.cpp
-+++ b/src/znc.cpp
-@@ -55,6 +55,7 @@ CZNC::CZNC() {
- m_sConnectThrottle.SetTTL(30000);
- m_pLockFile = NULL;
- m_bProtectWebSessions = true;
-+ m_bSystemWideConfig = false;
- m_bHideVersion = false;
- m_uDisabledSSLProtocols = Csock::EDP_SSL;
- m_sSSLProtocols = "";
-@@ -861,7 +862,7 @@ bool CZNC::WriteNewConfig(const CString& sConfigFile) {
- CUtils::PrintMessage("");
-
- File.UnLock();
-- return bFileOpen && CUtils::GetBoolInput("Launch ZNC now?", true);
-+ return bFileOpen && !m_bSystemWideConfig && CUtils::GetBoolInput("Launch ZNC now?", true);
- }
-
- void CZNC::BackupConfigOnce(const CString& sSuffix) {
-@@ -1973,3 +1974,7 @@ void CZNC::LeakConnectQueueTimer(CConnectQueueTimer *pTimer) {
- bool CZNC::WaitForChildLock() {
- return m_pLockFile && m_pLockFile->ExLock();
- }
-+
-+void CZNC::SetSystemWideConfig(bool systemWideConfig) {
-+ m_bSystemWideConfig = systemWideConfig;
-+}
---
-2.5.0
-
diff --git a/net-irc/znc/files/znc.initd-r1 b/net-irc/znc/files/znc.initd-r1
deleted file mode 100644
index dedb44b1362f..000000000000
--- a/net-irc/znc/files/znc.initd-r1
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="config"
-extra_started_commands="reload save"
-command="/usr/bin/znc"
-command_args="--datadir \"${ZNC_DATADIR}\""
-pidfile="${ZNC_PIDFILE:-/run/znc/znc.pid}"
-user=${ZNC_USER:-znc}
-group=${ZNC_GROUP:-znc}
-start_stop_daemon_args="--chdir \"${ZNC_DATADIR}\" --user ${user} --group ${group} ${ZNC_SSDARGS}"
-retry="${ZNC_TERMTIMEOUT}"
-
-required_dirs="${ZNC_DATADIR}"
-
-depend() {
- use dns logger
-}
-
-start_pre() {
- checkpath -d -m 0770 -o ${user}:${group} "$(dirname ${pidfile})"
-}
-
-stop_post() {
- rm -f "${pidfile}"
-}
-
-reload() {
- ebegin "Reloading ZNC Configuration File from Disk"
- start-stop-daemon --signal SIGHUP --pidfile "${pidfile}"
- eend $?
-}
-
-save() {
- ebegin "Saving ZNC Configuration File to Disk"
- start-stop-daemon --signal SIGUSR1 --pidfile "${pidfile}"
- eend $?
-}
diff --git a/net-irc/znc/metadata.xml b/net-irc/znc/metadata.xml
index 16293e77692c..b58dd845044e 100644
--- a/net-irc/znc/metadata.xml
+++ b/net-irc/znc/metadata.xml
@@ -6,7 +6,6 @@
<name>Louis Sautier</name>
</maintainer>
<use>
- <flag name="daemon">Allow znc to run as a system-wide service. Installs an init script and creates a znc user:group.</flag>
<flag name="zlib">Enable mod_deflate-like gzip support for znc's web interface using <pkg>sys-libs/zlib</pkg>.</flag>
</use>
<upstream>
diff --git a/net-irc/znc/znc-1.6.6.ebuild b/net-irc/znc/znc-1.6.6.ebuild
deleted file mode 100644
index 76b253fef239..000000000000
--- a/net-irc/znc/znc-1.6.6.ebuild
+++ /dev/null
@@ -1,129 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python3_{4,5,6} )
-inherit eutils python-single-r1 readme.gentoo-r1 systemd user
-
-MY_PV=${PV/_/-}
-GTEST_VER="1.7.0"
-GTEST_URL="https://github.com/google/googletest/archive/release-${GTEST_VER}.tar.gz -> googletest-release-${GTEST_VER}.tar.gz"
-
-DESCRIPTION="An advanced IRC Bouncer"
-HOMEPAGE="https://znc.in"
-SRC_URI="
- http://znc.in/releases/archive/${PN}-${MY_PV}.tar.gz
- test? ( ${GTEST_URL} )
-"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 arm x86"
-IUSE="daemon debug +ipv6 +icu libressl perl python +ssl sasl tcl test +zlib"
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
-
-RDEPEND="
- icu? ( dev-libs/icu:= )
- perl? ( >=dev-lang/perl-5.10:= )
- python? ( ${PYTHON_DEPS} )
- sasl? ( >=dev-libs/cyrus-sasl-2 )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- )
- tcl? ( dev-lang/tcl:0= )
- zlib? ( sys-libs/zlib )
-"
-DEPEND="
- ${RDEPEND}
- virtual/pkgconfig
-"
-
-S=${WORKDIR}/${PN}-${MY_PV}
-
-PATCHES=(
- "${FILESDIR}"/${PN}-1.6.1-systemwideconfig.patch
- "${FILESDIR}"/${PN}-1.6.1-create-pidfile-per-default.patch
-)
-
-pkg_setup() {
- if use python; then
- python-single-r1_pkg_setup
- fi
- if use daemon; then
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} ${PN}
- # The home directory was previously set to /dev/null
- # This caused a bug with the systemd unit
- # https://bugs.gentoo.org/521916
- esethome ${PN} /var/lib/${PN}
- fi
-}
-
-src_configure() {
- econf \
- --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
- $(use_enable debug) \
- $(use_enable icu charset) \
- $(use_enable ipv6) \
- $(use_enable perl) \
- $(use_enable python) \
- $(use_enable sasl cyrus) \
- $(use_enable ssl openssl) \
- $(use_enable tcl) \
- $(use_enable zlib) \
- $(use_with test gtest "${WORKDIR}/googletest-release-${GTEST_VER}")
-}
-
-src_install() {
- default
- dodoc NOTICE
- if use daemon; then
- newinitd "${FILESDIR}"/znc.initd-r1 znc
- newconfd "${FILESDIR}"/znc.confd-r1 znc
- fi
- DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo") || die
- DISABLE_AUTOFORMATTING=1
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -d "${EROOT%/}"/etc/znc ]]; then
- ewarn "/etc/znc exists on your system."
- ewarn "Due to the nature of the contents of that folder,"
- ewarn "we have changed the default configuration to use"
- ewarn " /var/lib/znc"
- ewarn "please move /etc/znc to /var/lib/znc"
- ewarn "or adjust /etc/conf.d/znc"
- fi
-}
-
-pkg_config() {
- if use daemon; then
- if [[ -e "${EROOT%/}/var/lib/znc" ]]; then
- ewarn "${EROOT%/}/var/lib/znc already exists, aborting to avoid damaging"
- ewarn "any existing configuration. If you are sure you want"
- ewarn "to generate a new configuration, remove the folder"
- ewarn "and try again."
- else
- einfo "Press any key to interactively create a new configuration file"
- einfo "for znc."
- einfo "To abort, press Control-C"
- read
- mkdir -p "${EROOT%/}/var/lib/znc" || die
- chown -R ${PN}:${PN} "${EROOT%/}/var/lib/znc" ||
- die "Setting permissions failed"
- "${EROOT%/}"/usr/bin/znc --system-wide-config-as ${PN} -c -r -d "${EROOT%/}/var/lib/znc" ||
- die "Config failed"
- echo
- einfo "To start znc, run '/etc/init.d/znc start'"
- einfo "or add znc to a runlevel:"
- einfo " rc-update add znc default"
- fi
- else
- ewarn "To configure znc as a system-wide daemon you have to"
- ewarn "enable the 'daemon' use flag."
- fi
-}