app-admin/collectd: Security cleanup (bug #614848)

Package-Manager: Portage-2.3.5, Repoman-2.3.2

7 files changed, 0 insertions, 353 deletions

diff --git a/app-admin/collectd/files/collectd-4.10.3-werror.patch b/app-admin/collectd/files/collectd-4.10.3-werror.patch
deleted file mode 100644
index 6ddb508cdc1f..000000000000
--- a/app-admin/collectd/files/collectd-4.10.3-werror.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -ruN collectd-4.10.3.orig/src/Makefile.am collectd-4.10.3/src/Makefile.am
---- collectd-4.10.3.orig/src/Makefile.am	2011-03-26 17:08:53.000000000 +0100
-+++ collectd-4.10.3/src/Makefile.am	2011-04-24 22:56:39.521229944 +0200
-@@ -7,7 +7,7 @@
- endif
- 
- if COMPILER_IS_GCC
--AM_CFLAGS = -Wall -Werror
-+AM_CFLAGS = -Wall
- endif
- 
- AM_CPPFLAGS = -DPREFIX='"${prefix}"'
-diff -ruN collectd-4.10.3.orig/src/libcollectdclient/Makefile.am collectd-4.10.3/src/libcollectdclient/Makefile.am
---- collectd-4.10.3.orig/src/libcollectdclient/Makefile.am	2011-03-26 17:04:26.000000000 +0100
-+++ collectd-4.10.3/src/libcollectdclient/Makefile.am	2011-04-24 22:57:12.231229943 +0200
-@@ -1,7 +1,7 @@
- AUTOMAKE_OPTIONS = foreign no-dependencies
- 
- if COMPILER_IS_GCC
--AM_CFLAGS = -Wall -Werror
-+AM_CFLAGS = -Wall
- endif
- 
- pkginclude_HEADERS = client.h lcc_features.h
diff --git a/app-admin/collectd/files/collectd-5.5.1-libocci.patch b/app-admin/collectd/files/collectd-5.5.1-libocci.patch
deleted file mode 100644
index e7baaa062d58..000000000000
--- a/app-admin/collectd/files/collectd-5.5.1-libocci.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-[PATCH 1/3] Link Oracle plug-in against libocci
-
-Author: Aurelien Minet
-X-Gentoo-Bug: 347607
-X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=347607
----
- configure.ac | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index fc1e11c..b977a0a 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -3248,14 +3248,14 @@ AC_ARG_WITH(oracle, [AS_HELP_STRING([--with-oracle@<:@=ORACLE_HOME@:>@], [Path t
- ])
- if test "x$ORACLE_HOME" != "x"
- then
--	with_oracle_cppflags="-I$ORACLE_HOME/rdbms/public"
-+	with_oracle_cppflags="-I$ORACLE_HOME/rdbms/public -locci"
- 
- 	if test -e "$ORACLE_HOME/lib/ldflags"
- 	then
- 		with_oracle_libs=`cat "$ORACLE_HOME/lib/ldflags"`
- 	fi
- 	#with_oracle_libs="-L$ORACLE_HOME/lib $with_oracle_libs -lclntsh"
--	with_oracle_libs="-L$ORACLE_HOME/lib -lclntsh"
-+	with_oracle_libs="-L$ORACLE_HOME/lib -lclntsh -locci"
- fi
- if test "x$with_oracle" = "xyes"
- then
--- 
-2.7.1
-
diff --git a/app-admin/collectd/files/collectd-5.5.1-lt.patch b/app-admin/collectd/files/collectd-5.5.1-lt.patch
deleted file mode 100644
index eff1de8726ba..000000000000
--- a/app-admin/collectd/files/collectd-5.5.1-lt.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-[PATCH 2/3] Remove bundled libltdl
-
----
- Makefile.am  | 6 ------
- configure.ac | 5 -----
- 2 files changed, 11 deletions(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index b79ea1c..d574601 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,11 +1,5 @@
--ACLOCAL_AMFLAGS = -I libltdl/m4
--
- SUBDIRS =
- 
--if BUILD_INCLUDED_LTDL
--SUBDIRS += libltdl
--endif
--
- SUBDIRS += src bindings .
- 
- AM_CPPFLAGS = $(LTDLINCL)
-diff --git a/configure.ac b/configure.ac
-index b977a0a..78f3bee 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -2,7 +2,6 @@ dnl Process this file with autoconf to produce a configure script.
- AC_INIT([collectd],[m4_esyscmd(./version-gen.sh)])
- AC_CONFIG_SRCDIR(src/)
- AC_CONFIG_HEADERS(src/config.h)
--AC_CONFIG_AUX_DIR([libltdl/config])
- 
- dnl older automake's default of ARFLAGS=cru is noisy on newer binutils;
- dnl we don't really need the 'u' even in older toolchains.  Then there is
-@@ -12,7 +11,6 @@ m4_divert_text([DEFAULTS], [: "${ARFLAGS=cr} ${AR_FLAGS=cr}"])
- m4_ifdef([LT_PACKAGE_VERSION],
- 	# libtool >= 2.2
- 	[
--	 LT_CONFIG_LTDL_DIR([libltdl])
- 	 LT_INIT([dlopen])
- 	 LTDL_INIT([convenience])
- 	 AC_DEFINE(LIBTOOL_VERSION, 2, [Define to used libtool version.])
-@@ -24,13 +22,10 @@ m4_ifdef([LT_PACKAGE_VERSION],
- 	 AC_SUBST(LTDLINCL)
- 	 AC_SUBST(LIBLTDL)
- 	 AC_LIBTOOL_DLOPEN
--	 AC_CONFIG_SUBDIRS(libltdl)
- 	 AC_DEFINE(LIBTOOL_VERSION, 1, [Define to used libtool version.])
- 	]
- )
- 
--AM_CONDITIONAL([BUILD_INCLUDED_LTDL], [test "x$LTDLDEPS" != "x"])
--
- AM_INIT_AUTOMAKE([tar-pax dist-bzip2 foreign])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
- AC_LANG(C)
--- 
-2.7.1
-
diff --git a/app-admin/collectd/files/collectd-5.5.1-nohal.patch b/app-admin/collectd/files/collectd-5.5.1-nohal.patch
deleted file mode 100644
index fcdebb5ed817..000000000000
--- a/app-admin/collectd/files/collectd-5.5.1-nohal.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-[PATCH 3/3] Remove libhal dependency
-
-X-Gentoo-Bug: 353839
-X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=353839
----
- configure.ac | 13 +------------
- 1 file changed, 1 insertion(+), 12 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 1c85964..cf38159 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1500,18 +1500,7 @@ AC_CHECK_LIB(resolv, res_search,
- AM_CONDITIONAL(BUILD_WITH_LIBRESOLV, test "x$with_libresolv" = "xyes")
- 
- dnl Check for HAL (hardware abstraction library)
--with_libhal="yes"
--AC_CHECK_LIB(hal,libhal_device_property_exists,
--	     [AC_DEFINE(HAVE_LIBHAL, 1, [Define to 1 if you have 'hal' library])],
--	     [with_libhal="no"])
--if test "x$with_libhal" = "xyes"; then
--	if test "x$PKG_CONFIG" != "x"; then
--		BUILD_WITH_LIBHAL_CFLAGS="`$PKG_CONFIG --cflags hal`"
--		BUILD_WITH_LIBHAL_LIBS="`$PKG_CONFIG --libs hal`"
--		AC_SUBST(BUILD_WITH_LIBHAL_CFLAGS)
--		AC_SUBST(BUILD_WITH_LIBHAL_LIBS)
--	fi
--fi
-+with_libhal="no"
- 
- # --with-libpthread {{{
- AC_ARG_WITH(libpthread, [AS_HELP_STRING([--with-libpthread=@<:@=PREFIX@:>@], [Path to libpthread.])],
--- 
-2.7.1
-
diff --git a/app-admin/collectd/files/collectd-5.5.2-issue-1870.patch b/app-admin/collectd/files/collectd-5.5.2-issue-1870.patch
deleted file mode 100644
index 649727105fe5..000000000000
--- a/app-admin/collectd/files/collectd-5.5.2-issue-1870.patch
+++ /dev/null
@@ -1,127 +0,0 @@
-From 262915c450f3a45579069212560ca9715aa5bd4b Mon Sep 17 00:00:00 2001
-From: Florian Forster <octo@collectd.org>
-Date: Tue, 26 Jul 2016 08:54:42 +0200
-Subject: [PATCH] network plugin: Fix error message for GCRYCTL_INIT_SECMEM
- failure.
-
----
- src/network.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/network.c b/src/network.c
-index b347f4a..45f2436 100644
---- a/src/network.c
-+++ b/src/network.c
-@@ -527,7 +527,7 @@ static void network_init_gcrypt (void) /* {{{ */
-   err = gcry_control (GCRYCTL_INIT_SECMEM, 32768);
-   if (err)
-   {
--    ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
-+    ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
-     abort ();
-   }
- 
---
-2.9.2
-
-
-From a3000cbe3a12163148a28c818269bbdabda1cf5c Mon Sep 17 00:00:00 2001
-From: Sebastian Harl <sh@tokkee.org>
-Date: Wed, 27 Jul 2016 09:45:48 +0200
-Subject: [PATCH] network plugin: Don't abort() if gcrypt initialization
- failed.
-
-Instead, report an error and let plugin initialization fail.
----
- src/network.c | 31 +++++++++++++++++++++++--------
- 1 file changed, 23 insertions(+), 8 deletions(-)
-
-diff --git a/src/network.c b/src/network.c
-index 45f2436..71eb1f2 100644
---- a/src/network.c
-+++ b/src/network.c
-@@ -496,7 +496,7 @@ static int network_dispatch_notification (notification_t *n) /* {{{ */
- } /* }}} int network_dispatch_notification */
- 
- #if HAVE_LIBGCRYPT
--static void network_init_gcrypt (void) /* {{{ */
-+static int network_init_gcrypt (void) /* {{{ */
- {
-   gcry_error_t err;
- 
-@@ -504,7 +504,7 @@ static void network_init_gcrypt (void) /* {{{ */
-    * Because you can't know in a library whether another library has
-    * already initialized the library */
-   if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
--    return;
-+    return (0);
- 
-  /* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
-   * To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
-@@ -518,7 +518,7 @@ static void network_init_gcrypt (void) /* {{{ */
-   if (err)
-   {
-     ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
--    abort ();
-+    return (-1);
-   }
- # endif
- 
-@@ -528,11 +528,12 @@ static void network_init_gcrypt (void) /* {{{ */
-   if (err)
-   {
-     ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
--    abort ();
-+    return (-1);
-   }
- 
-   gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
--} /* }}} void network_init_gcrypt */
-+  return (0);
-+} /* }}} int network_init_gcrypt */
- 
- static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
-     const void *iv, size_t iv_size, const char *username)
-@@ -2066,7 +2067,12 @@ static int sockent_init_crypto (sockent_t *se) /* {{{ */
- 	{
- 		if (se->data.client.security_level > SECURITY_LEVEL_NONE)
- 		{
--			network_init_gcrypt ();
-+			if (network_init_gcrypt () < 0)
-+			{
-+				ERROR ("network plugin: Cannot configure client socket with "
-+						"security: Failed to initialize crypto library.");
-+				return (-1);
-+			}
- 
- 			if ((se->data.client.username == NULL)
- 					|| (se->data.client.password == NULL))
-@@ -2086,7 +2092,12 @@ static int sockent_init_crypto (sockent_t *se) /* {{{ */
- 	{
- 		if (se->data.server.security_level > SECURITY_LEVEL_NONE)
- 		{
--			network_init_gcrypt ();
-+			if (network_init_gcrypt () < 0)
-+			{
-+				ERROR ("network plugin: Cannot configure server socket with "
-+						"security: Failed to initialize crypto library.");
-+				return (-1);
-+			}
- 
- 			if (se->data.server.auth_file == NULL)
- 			{
-@@ -3519,7 +3530,11 @@ static int network_init (void)
- 	have_init = 1;
- 
- #if HAVE_LIBGCRYPT
--	network_init_gcrypt ();
-+	if (network_init_gcrypt () < 0)
-+	{
-+		ERROR ("network plugin: Failed to initialize crypto library.");
-+		return (-1);
-+	}
- #endif
- 
- 	if (network_config_stats != 0)
---
-2.9.2
diff --git a/app-admin/collectd/files/collectd-5.5.2-issue-1877.patch b/app-admin/collectd/files/collectd-5.5.2-issue-1877.patch
deleted file mode 100644
index 658dc1e66b00..000000000000
--- a/app-admin/collectd/files/collectd-5.5.2-issue-1877.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-[PATCH 5/5] Fix compilation against >=xfsprogs-4.7.0
-
-Gentoo-Bug: https://bugs.gentoo.org/590998
-Bug: https://github.com/collectd/collectd/issues/1877
----
- src/utils_mount.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/src/utils_mount.c b/src/utils_mount.c
-index da53b98..37b52d6 100644
---- a/src/utils_mount.c
-+++ b/src/utils_mount.c
-@@ -24,16 +24,17 @@
- # include "config.h"
- #endif
- 
-+#define _GNU_SOURCE
-+
-+#include "collectd.h"
-+#include "utils_mount.h"
-+
- #if HAVE_XFS_XQM_H
--# define _GNU_SOURCE
- # include <xfs/xqm.h>
- #define XFS_SUPER_MAGIC_STR "XFSB"
- #define XFS_SUPER_MAGIC2_STR "BSFX"
- #endif
- 
--#include "collectd.h"
--#include "utils_mount.h"
--
- #include "common.h" /* sstrncpy() et alii */
- #include "plugin.h" /* ERROR() macro */
- 
--- 
-2.9.2
-
diff --git a/app-admin/collectd/files/collectd-5.6.0-use-_LINUX_CAPABILITY_VERSION_3.patch b/app-admin/collectd/files/collectd-5.6.0-use-_LINUX_CAPABILITY_VERSION_3.patch
deleted file mode 100644
index 6c7e63501825..000000000000
--- a/app-admin/collectd/files/collectd-5.6.0-use-_LINUX_CAPABILITY_VERSION_3.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 5e4f2ae61dc39938c4df857854724ba1d36f3232 Mon Sep 17 00:00:00 2001
-From: Thomas Deutschmann <whissi@gentoo.org>
-Date: Tue, 11 Oct 2016 16:16:23 +0200
-Subject: [PATCH] common.c: Use _LINUX_CAPABILITY_VERSION_3 in cap_header
-
-While check_capability() function already requires
-_LINUX_CAPABILITY_VERSION_3 via "#ifdef" since commit 448627953c we still
-set the cap_header's version to deprecated _LINUX_CAPABILITY_VERSION. This
-results in a warning like
-
- > capability: warning: `collectd' uses 32-bit capabilities (legacy support in use)
-
-from the kernel when a plugin (like iptables) calls our check_capability()
-function.
-
-With this commit we will set cap_header to kernel's current capability
-version (_LINUX_CAPABILITY_VERSION_3), which is default since
-kernel 2.6.26.
-
-Signed-off-by: Florian Forster <octo@collectd.org>
----
- src/daemon/common.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/daemon/common.c b/src/daemon/common.c
-index e489449..477d759 100644
---- a/src/daemon/common.c
-+++ b/src/daemon/common.c
-@@ -1698,7 +1698,7 @@ int check_capability (int capability) /* {{{ */
- 	}
- 
- 	cap_header->pid = getpid();
--	cap_header->version = _LINUX_CAPABILITY_VERSION;
-+	cap_header->version = _LINUX_CAPABILITY_VERSION_3;
- 	if (capget(cap_header, cap_data) < 0)
- 	{
- 		ERROR("check_capability: capget failed");