gentoo resync : 18.05.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-05-18 00:10:51 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2019-05-18 00:10:51 +0100
commit: eccb70a7f91b2d22582587f26d1a28bb31408b45 (patch)
tree: 3223e1fd54201bcf4ebecac6fbe87361cbe643e2 /net-misc/dhcpcd
parent: a2810985afabcc31d3eace5e61d8ea25b852ba17 (diff)
3 files changed, 276 insertions, 0 deletions
diff --git a/net-misc/dhcpcd/Manifest b/net-misc/dhcpcd/Manifest
index 09dbd4ce39b3..9c60c163f2f8 100644
--- a/net-misc/dhcpcd/Manifest
+++ b/net-misc/dhcpcd/Manifest
@@ -1,11 +1,13 @@
 AUX dhcpcd-7.1.1-disable_inet6_fix.patch 609 BLAKE2B f69a5465f8750cba0a57b151b70c178e11576d4645d6fdc6c3f943cd2c98131af0742c48505624fb24d9a940dd523f98cb66bae51e38820c49aa9fdc6084bbfc SHA512 66fcf76affa35f2174e7bc0dd9964a67fde07144aedea30dfcd4f7280b841db344872da56a10d7d2474542c840e75d5323f994989bb96b803076e7e3d37d228d
 AUX dhcpcd-7.1.1-overflows.patch 5390 BLAKE2B 4c06a34b2cc5c1753b643987818a1e5d8b2deedacf90e80d9822a03bcf67d25d9f25adcdf6342792073811a428786789edc2b11c97f03df8fd48b697581b4b90 SHA512 2ea96d9faf1abd35345cf10c84f772a2fc56da33e0f0df93346536b1487d840c1d692a7c5118ebb504c30c8ffc0ac9c7792da0287e31584c10f0e9d11c5ffb1a
+AUX dhcpcd-7.1.1-v6_read_overflow.patch 3359 BLAKE2B 665506fa9c9839b66e86af39ffe22446e967e2de746f4e6c5f6157d5be7bf40d1467808205569b2dea293852ff32bf3cbdacbd89f72ef9699abf2f163671fac7 SHA512 153423dc621867f75cec01657e07a16c161f981f6e24aff2be95828c0c6a725804708e69afe083276156fea1dab6d8124cd6ea1e29952698da58f7f0dc07b5d2
 AUX dhcpcd.initd 328 BLAKE2B 72ef6bb16e4f80b440890112cd399eca1057ae42ddc96ee1a29482a048682dd34e065bb68876329ecfe2f1db4c084e320f4185b3029b89c2328d6ab27a1a7e80 SHA512 6d3220155f2d9ed3e3a00afd378eeb70d435e19804201f8bb35498f1f7f3dfdaeaa2f4a01a18f5e96b457d9c173bc6a206b3e67ebf6d95da7e7b350dcd153fde
 AUX dhcpcd.service 227 BLAKE2B e24aa85c15d0211856b02508b681f7e3c1f8b8b1743f31ced9600c2c33da04b61f2166cad7696776ae81ce1be5701cae2691f6dfd86aaf8679f20e459e87c7e5 SHA512 4a030dc291fa7deba9c1f33d61dafdda710247ef7f3743c28e46b767a190e359e468433147bda23c82fae9c93ec31cd68905bfdb51cb8c2d9176ea789b31b14e
 DIST dhcpcd-7.1.1.tar.xz 211788 BLAKE2B 984ec97ffdcb15883f57f9e2a699a7c8f006b2630e7651ab9d55e7a980045f8891f09d9f7be420969203a59671d097a1ed76621fe4a62ff26a5020fc8becfe69 SHA512 8791e718d65ef8ae23a16b98e82824860fa91914e6eb0a42cdbbca28236c1c38005ada44214bde33aac57152fe675debebdb5d141b67dcfc82012996d8337bb4
 DIST dhcpcd-7.2.1.tar.xz 213652 BLAKE2B cae5a68ecf285825e6376c8b5bef5f3aba3bb8a393ba4298d8e990d665dd948369f24f688cdb85006df535b7f9b412c795d8eb7817a92e8d9992bdc7b7757a1e SHA512 11c3ef6d3ee49e147aa44725aa1ac0cddff70a268908439fe91990e135175d063e3d65ab587e1780e4f6f0739cf33873a58ffea0a3130d1bfb5598f9f11ec5a3
 DIST dhcpcd-7.2.2.tar.xz 213600 BLAKE2B ae36cc44d32c034b41f9c970fdb154ef2935b53ae9a81d76dfe8143882170cb8f4ea9c2048ebbfc2d94096061626e93d5890565192115d2953506a7d1e4ee6f2 SHA512 a774c4788efbb9712be04d3f29943b801043f9ec1ea1925282330afa00b9f3db5c29a85969ef004bf85b20045b4cc6ab241ceaae050a18051079d396845845e8
 EBUILD dhcpcd-7.1.1-r2.ebuild 4589 BLAKE2B 7b2a6de223666229f41fe9062a0c5234f0cfb300405cd5fa5d7fe6eb8d788d11edacfc803e42ad27a09fadd8593f59b8ea5ac27cf5e8f6b3f87d243efc08fe8d SHA512 2f761b8d0534c1555cfc716c38117ad1d5d4b871c71a085cd703da3ef3cadad755b07409f69926f08400f60cd008a41668d762c5a550bf31bb27643eb14996de
+EBUILD dhcpcd-7.1.1-r3.ebuild 4644 BLAKE2B f776383d0a000c29c04d77f8b32db59e82137cf55821905e72619cb9979339083c1e165d3b93ba9a3b63ae2ec0c85018c924847f4b3b88291d00ee4a1950430e SHA512 4a333156302dc928083ae142230a9105fbd5ddd16681714f51b8d1cb479aeb864ef00164a2ecff403167ad3e26f288e9e070b4cab2c839a9df9d07ee6240b9f4
 EBUILD dhcpcd-7.2.1.ebuild 4493 BLAKE2B c327b61bba6c17aa24689b793f929e588d079bcf6385aed24614ac39864f28119841efa86631802589a4f8f66abb9f29f6970cd1904bfefa41c9bf94ae73ed8d SHA512 0d7ce59d11435e7703a12ec2de957a532d2ccb8ef8e579ceb57af6615c37537bb47b7fb393c34a1cf2f174d5119036e9f1706dab331cc35ada64af3f79bb8ac5
 EBUILD dhcpcd-7.2.2.ebuild 4493 BLAKE2B c327b61bba6c17aa24689b793f929e588d079bcf6385aed24614ac39864f28119841efa86631802589a4f8f66abb9f29f6970cd1904bfefa41c9bf94ae73ed8d SHA512 0d7ce59d11435e7703a12ec2de957a532d2ccb8ef8e579ceb57af6615c37537bb47b7fb393c34a1cf2f174d5119036e9f1706dab331cc35ada64af3f79bb8ac5
 EBUILD dhcpcd-9999.ebuild 4493 BLAKE2B c327b61bba6c17aa24689b793f929e588d079bcf6385aed24614ac39864f28119841efa86631802589a4f8f66abb9f29f6970cd1904bfefa41c9bf94ae73ed8d SHA512 0d7ce59d11435e7703a12ec2de957a532d2ccb8ef8e579ceb57af6615c37537bb47b7fb393c34a1cf2f174d5119036e9f1706dab331cc35ada64af3f79bb8ac5
diff --git a/net-misc/dhcpcd/dhcpcd-7.1.1-r3.ebuild b/net-misc/dhcpcd/dhcpcd-7.1.1-r3.ebuild
new file mode 100644
index 000000000000..a63e8bda4d53
--- /dev/null
+++ b/net-misc/dhcpcd/dhcpcd-7.1.1-r3.ebuild
@@ -0,0 +1,154 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+if [[ ${PV} == "9999" ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://roy.marples.name/git/dhcpcd.git"
+else
+	MY_P="${P/_alpha/-alpha}"
+	MY_P="${MY_P/_beta/-beta}"
+	MY_P="${MY_P/_rc/-rc}"
+	SRC_URI="https://roy.marples.name/downloads/${PN}/${MY_P}.tar.xz"
+	KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+	S="${WORKDIR}/${MY_P}"
+fi
+
+DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client"
+HOMEPAGE="https://roy.marples.name/projects/dhcpcd"
+LICENSE="BSD-2"
+SLOT="0"
+IUSE="elibc_glibc +embedded ipv6 kernel_linux +udev"
+
+COMMON_DEPEND="udev? ( virtual/udev )"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-disable_inet6_fix.patch #677508
+	"${FILESDIR}"/${P}-overflows.patch #684430
+	"${FILESDIR}"/${P}-v6_read_overflow.patch #685264
+)
+
+src_configure() {
+	local dev hooks=() rundir
+	use udev || dev="--without-dev --without-udev"
+	hooks=( --with-hook=ntp.conf )
+	use elibc_glibc && hooks+=( --with-hook=yp.conf )
+	use kernel_linux && rundir="--rundir=${EPREFIX}/run"
+	local myeconfargs=(
+		--prefix="${EPREFIX}"
+		--libexecdir="${EPREFIX}/lib/dhcpcd"
+		--dbdir="${EPREFIX}/var/lib/dhcpcd"
+		--localstatedir="${EPREFIX}/var"
+		${rundir}
+		$(use_enable embedded)
+		$(use_enable ipv6)
+		${dev}
+		CC="$(tc-getCC)"
+		${hooks[@]}
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+	keepdir /var/lib/dhcpcd
+	newinitd "${FILESDIR}"/${PN}.initd ${PN}
+	systemd_dounit "${FILESDIR}"/${PN}.service
+}
+
+pkg_postinst() {
+	local dbdir="${EROOT%/}"/var/lib/dhcpcd old_files=()
+
+	local old_old_duid="${EROOT%/}"/var/lib/dhcpcd/dhcpcd.duid
+	local old_duid="${EROOT%/}"/etc/dhcpcd.duid
+	local new_duid="${dbdir}"/duid
+	if [[ -e "${old_old_duid}" ]] ; then
+		# Upgrade the duid file to the new format if needed
+		if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then
+			sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}"
+		fi
+
+		# Move the duid to /etc, a more sensible location
+		if [[ ! -e "${old_duid}" ]] ; then
+			cp -p "${old_old_duid}" "${new_duid}"
+		fi
+		old_files+=( "${old_old_duid}" )
+	fi
+
+	# dhcpcd-7 moves the files out of /etc
+	if [[ -e "${old_duid}" ]] ; then
+		if [[ ! -e "${new_duid}" ]] ; then
+			cp -p "${old_duid}" "${new_duid}"
+		fi
+		old_files+=( "${old_duid}" )
+	fi
+	local old_secret="${EROOT%/}"/etc/dhcpcd.secret
+	local new_secret="${dbdir}"/secret
+	if [[ -e "${old_secret}" ]] ; then
+		if [[ ! -e "${new_secret}" ]] ; then
+			cp -p "${old_secret}" "${new_secret}"
+		fi
+		old_files+=( "${old_secret}" )
+	fi
+
+	# dhcpcd-7 renames some files in /var/lib/dhcpcd
+	local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic
+	local new_rdm="${dbdir}"/rdm_monotonic
+	if [[ -e "${old_rdm}" ]] ; then
+		if [[ ! -e "${new_rdm}" ]] ; then
+			cp -p "${old_rdm}" "${new_rdm}"
+		fi
+		old_files+=( "${old_rdm}" )
+	fi
+	local lease=
+	for lease in "${dbdir}"/dhcpcd-*.lease*; do
+		[[ -f "${lease}" ]] || continue
+		old_files+=( "${lease}" )
+		local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//")
+		[[ -e "${dbdir}/${new_lease}" ]] && continue
+		cp "${lease}" "${dbdir}/${new_lease}"
+	done
+
+	# Warn about removing stale files
+	if [[ -n "${old_files[@]}" ]] ; then
+		elog
+		elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from"
+		elog "${EROOT%/}/etc to ${dbdir}"
+		elog "and copied leases in ${dbdir} to new files with the dhcpcd-"
+		elog "prefix dropped."
+		elog
+		elog "You should remove these files if you don't plan on reverting"
+		elog "to an older version:"
+		local old_file=
+		for old_file in ${old_files[@]}; do
+			elog "	${old_file}"
+		done
+	fi
+
+	if [ -z "${REPLACING_VERSIONS}" ]; then
+		elog
+		elog "dhcpcd has zeroconf support active by default."
+		elog "This means it will always obtain an IP address even if no"
+		elog "DHCP server can be contacted, which will break any existing"
+		elog "failover support you may have configured in your net configuration."
+		elog "This behaviour can be controlled with the noipv4ll configuration"
+		elog "file option or the -L command line switch."
+		elog "See the dhcpcd and dhcpcd.conf man pages for more details."
+
+		elog
+		elog "Dhcpcd has duid enabled by default, and this may cause issues"
+		elog "with some dhcp servers. For more information, see"
+		elog "https://bugs.gentoo.org/show_bug.cgi?id=477356"
+	fi
+
+	if ! has_version net-dns/bind-tools; then
+		elog
+		elog "If you activate the lookup-hostname hook to look up your hostname"
+		elog "using the dns, you need to install net-dns/bind-tools."
+	fi
+}
diff --git a/net-misc/dhcpcd/files/dhcpcd-7.1.1-v6_read_overflow.patch b/net-misc/dhcpcd/files/dhcpcd-7.1.1-v6_read_overflow.patch
new file mode 100644
index 000000000000..54b559fcd87f
--- /dev/null
+++ b/net-misc/dhcpcd/files/dhcpcd-7.1.1-v6_read_overflow.patch
@@ -0,0 +1,120 @@
+From c1ebeaafeb324bac997984abdcee2d4e8b61a8a8 Mon Sep 17 00:00:00 2001
+From: Roy Marples <roy@marples.name>
+Date: Fri, 3 May 2019 14:44:06 +0100
+Subject: DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE
+
+dhcpcd only checks that the prefix length of the exclusion
+matches the prefix length of the ia and equals the length of the
+data in the option.
+This could potentially overrun the in6_addr structure.
+
+This is fixed by enforcing RFC 6603 section 4.2 option limits
+more clearly.
+
+Thanks to Maxime Villard <max@m00nbsd.net> for finding this.
+---
+ src/dhcp6.c | 44 +++++++++++++++++++++-----------------------
+ 1 file changed, 21 insertions(+), 23 deletions(-)
+
+diff --git a/src/dhcp6.c b/src/dhcp6.c
+index dee8d4b6..583f3b3f 100644
+--- a/src/dhcp6.c
++++ b/src/dhcp6.c
+@@ -2166,40 +2166,38 @@ dhcp6_findpd(struct interface *ifp, const uint8_t *iaid,
+ 			state->expire = a->prefix_vltime;
+ 		i++;
+ 
+-		o = dhcp6_findoption(o, ol, D6_OPTION_PD_EXCLUDE, &ol);
+ 		a->prefix_exclude_len = 0;
+ 		memset(&a->prefix_exclude, 0, sizeof(a->prefix_exclude));
+-#if 0
+-		if (ex == NULL) {
+-			struct dhcp6_option *w;
+-			uint8_t *wp;
+-
+-			w = calloc(1, 128);
+-			w->len = htons(2);
+-			wp = D6_OPTION_DATA(w);
+-			*wp++ = 64;
+-			*wp++ = 0x78;
+-			ex = w;
+-		}
+-#endif
++		o = dhcp6_findoption(o, ol, D6_OPTION_PD_EXCLUDE, &ol);
+ 		if (o == NULL)
+ 			continue;
+-		if (ol < 2) {
+-			logerrx("%s: truncated PD Exclude", ifp->name);
++
++		/* RFC 6603 4.2 says option length MUST be between 2 and 17.
++		 * This allows 1 octet for prefix length and 16 for the
++		 * subnet ID. */
++		if (ol < 2 || ol > 17) {
++			logerrx("%s: invalid PD Exclude option", ifp->name);
+ 			continue;
+ 		}
+-		a->prefix_exclude_len = *o++;
+-		ol--;
+-		if (((a->prefix_exclude_len - a->prefix_len - 1) / NBBY) + 1
+-		    != ol)
+-		{
++
++		/* RFC 6603 4.2 says prefix length MUST be between the
++		 * length of the IAPREFIX prefix length + 1 and 128. */
++		if (*o < a->prefix_len + 1 || *o > 128) {
++			logerrx("%s: invalid PD Exclude length", ifp->name);
++			continue;
++		}
++
++		/* Check option length matches prefix length. */
++		if (((*o - a->prefix_len - 1) / NBBY) + 1 != ol) {
+ 			logerrx("%s: PD Exclude length mismatch", ifp->name);
+-			a->prefix_exclude_len = 0;
+ 			continue;
+ 		}
+-		nb = a->prefix_len % NBBY;
++
++		a->prefix_exclude_len = *o++;
++		ol--;
+ 		memcpy(&a->prefix_exclude, &a->prefix,
+ 		    sizeof(a->prefix_exclude));
++		nb = a->prefix_len % NBBY;
+ 		if (nb)
+ 			ol--;
+ 		pw = a->prefix_exclude.s6_addr +
+-- 
+cgit v1.2.1
+
+From 896ef4a54b0578985e5e1360b141593f1d62837b Mon Sep 17 00:00:00 2001
+From: Roy Marples <roy@marples.name>
+Date: Sat, 4 May 2019 10:19:02 +0100
+Subject: DHCPv6: Fix exclude prefix length check.
+
+---
+ src/dhcp6.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/dhcp6.c b/src/dhcp6.c
+index 583f3b3f..7f26129f 100644
+--- a/src/dhcp6.c
++++ b/src/dhcp6.c
+@@ -2187,14 +2187,14 @@ dhcp6_findpd(struct interface *ifp, const uint8_t *iaid,
+ 			continue;
+ 		}
+ 
++		ol--;
+ 		/* Check option length matches prefix length. */
+ 		if (((*o - a->prefix_len - 1) / NBBY) + 1 != ol) {
+ 			logerrx("%s: PD Exclude length mismatch", ifp->name);
+ 			continue;
+ 		}
+-
+ 		a->prefix_exclude_len = *o++;
+-		ol--;
++
+ 		memcpy(&a->prefix_exclude, &a->prefix,
+ 		    sizeof(a->prefix_exclude));
+ 		nb = a->prefix_len % NBBY;
+-- 
+cgit v1.2.1
+
author	V3n3RiX <venerix@redcorelinux.org>	2019-05-18 00:10:51 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2019-05-18 00:10:51 +0100
commit	eccb70a7f91b2d22582587f26d1a28bb31408b45 (patch)
tree	3223e1fd54201bcf4ebecac6fbe87361cbe643e2 /net-misc/dhcpcd
parent	a2810985afabcc31d3eace5e61d8ea25b852ba17 (diff)