summaryrefslogtreecommitdiff
path: root/net-wireless/bluez
diff options
context:
space:
mode:
Diffstat (limited to 'net-wireless/bluez')
-rw-r--r--net-wireless/bluez/Manifest2
-rw-r--r--net-wireless/bluez/bluez-5.70-r1.ebuild288
-rw-r--r--net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch43
3 files changed, 333 insertions, 0 deletions
diff --git a/net-wireless/bluez/Manifest b/net-wireless/bluez/Manifest
index a1ff766597e4..75040cc02a5c 100644
--- a/net-wireless/bluez/Manifest
+++ b/net-wireless/bluez/Manifest
@@ -9,11 +9,13 @@ AUX bluez-5.68-bap-resume.patch 6137 BLAKE2B a5eecd7b50048a8e63da3f98a4f83a96ae4
AUX bluez-5.68-clang-midi.patch 2980 BLAKE2B f2e8ce17c97ca151c5d551592d72db5f44ed9fdda31a6adb0cfd7f8e5e6c3ba2c8e80589a32d6ac95db4ad0ad4829c25a1f03e4957dc79d7a88160f512425d2e SHA512 8c205a9acee243fff8609157689d3f985abcc37c04870ae588a8933e17d0507791578136dc40cbd78fe7a4dd8596792e92eb7caa8e0aa33fb507575db706f421
AUX bluez-5.68-heap-use-after-free.patch 1515 BLAKE2B 73ee23986e652827672ab026582d8718d3f04a6faeb15d5802599910f5ee7c905813829486f5fdb2e6f190cfb6980b2eca5e9c008d9d427a6fc010943af5f318 SHA512 0f78c442faeae693489c25822dfe3065d6dbe2449d42b27c3f0f56b83caadbcf66942470bc00d28ec324cc49c400799a0e1d1d90f45e734b385ca54e4c9e6dc3
AUX bluez-5.68-monitor-decoding.patch 1333 BLAKE2B 138359842a39abe7ba7c9db674b043110f6549f2499d8e42ff3abbce9bdfe9402babedc6228a8ff413bab97c12e1c8e9251db7918bc2b741f9bf5824dcf73912 SHA512 c1cba4b278aa559b31c09c721dff28a6024af4877a520b729fbec61e1cefd2bb338fe9d2629fb64796ab2caab32a9dce53ec55eaa1754bb712050ce01abc813e
+AUX bluez-5.70-CVE-2023-45866.patch 1497 BLAKE2B 89e1ed958ecaef7829122c0f89fb5301095711af7fe6e016709840f0190a74177f9c6feb031446c58a9a81a0cc6f48f586d0a1425ae6769526e097595b64997a SHA512 ed699d94da1e8c302e8099b64b9e69d311225bc6e75926d0102d80c124937db750237d6e7f8276c4cd903eb641a9b8aba0afac3038a34a35e3afde70f9e5d109
AUX bluez-udevadm-path-r1.patch 564 BLAKE2B 0b4dc12f55ab60d254aa3365baf35186a5913026dbfcbc3da41c113b3c423c81189b87016dabcb2c505b684cad376d10d10df9aa17558b8fd022928995931e0e SHA512 d9b0dd452258e425802cf5ad4980a77796be79e94bf6ce641927c5ab7ea1117ce6589063f3a0b96bf25e81303234279a09d58484fec49cfc6aa1db46f245f9c6
DIST bluez-5.68.tar.xz 2319788 BLAKE2B 3beca78fadef4d66df6f237b7460f6ac4bf001d80c856b599faa2cc1232c4342c7945eace5a6667009b9d19f2368f9841e608f07bc826b30ce9112c43dd7e316 SHA512 1805fb68923a5e098777b69835d7593396f8f2bbf52e1cfe58e7447621497a700b23389c79e96b2d663c611335f6ea9df11efe8aa75a8842f6b73105f66e799c
DIST bluez-5.69.tar.xz 2335728 BLAKE2B 3b85c6418bf5f8fea989d9435d90f704da707248034006d12863465b9acee2b549f6d2950fdde64e74a1cbded4c711c54db747a82abdaa67ec965aab1c817d85 SHA512 4d5618cd083fe375c41faff868b5d9f072aeaccdffed758f6b69fd0cb46b058431cbf63182bd4a3f4f4e7a24b092729a4125687af730cd4250b273d66107bf42
DIST bluez-5.70.tar.xz 2339844 BLAKE2B 1ba2ddd3bfc6562a07f4e8376e0d537b555f0d36a221f051c4c10dd912c23e73aa2b0d8aa125e0fd911908e4cfa0036429e17250a26b3298bb21f65e4cc5255c SHA512 3a5f8caf7730dcdbbe0bb92154b41651a9d6619038447bf4c25e5e3e5316effcd7242a7a0456d731ce21d55b8daea5212a359acc5e5fc460499b9356b7d364cf
EBUILD bluez-5.68.ebuild 9305 BLAKE2B ee42089549fad6bfb4f128e2a3a4e9c8f2711a4b60316c232172636fb9ca24dde9650f44c81b5f39c54d6fc9d4161e7cc5c52ca3de10058b46bc16f8a4c413f0 SHA512 a7a256acdfafbd8069ad18724e0bbd6e08415a1189998b4f40b4fde8252eaf3ddd0f90b38dd4eadb075462e7674a8429b7a51f0a2cbe2df3f49ae05c8b037f00
EBUILD bluez-5.69.ebuild 9034 BLAKE2B ae0b37b16e86d816bcdb79aa0c22b4b2c350e23f65a90ff6417f5c8401d527595afe664b0fdb215728cc3e3c942870dda933c836dde2effd92dfe3a8ad84cbc5 SHA512 22c9eb88d64dc92848a3363054ffbda8dac4d5fba772e002f04cead323cdc7f1084f8c3eb8b146c08875b4da220eab202b8dee380a965a35d9e68c4e2b067420
+EBUILD bluez-5.70-r1.ebuild 9127 BLAKE2B 4400e1308da28262fd5112543e2ce113c4efea2431c3fa9b9ffbd1be5bf184a464578e92d121160d20eeb8d011134c66cd32f6cfffc5498dd96603cfa42dabef SHA512 2f794d27a75441bd0317b8ed866fdfba79711365e2f6b7e357fa0fe354aab7c71de723772d74c4780103caec8a7413924504bd91bdb859357ad27d462168ee91
EBUILD bluez-5.70.ebuild 9034 BLAKE2B ae0b37b16e86d816bcdb79aa0c22b4b2c350e23f65a90ff6417f5c8401d527595afe664b0fdb215728cc3e3c942870dda933c836dde2effd92dfe3a8ad84cbc5 SHA512 22c9eb88d64dc92848a3363054ffbda8dac4d5fba772e002f04cead323cdc7f1084f8c3eb8b146c08875b4da220eab202b8dee380a965a35d9e68c4e2b067420
MISC metadata.xml 1150 BLAKE2B 830a8e0c89fcc18af92e063ceb3632c97eed9f7424ac5214dd4c853b142d03bba6d629b86fc41ecc28a450a9b7989a21faaae1b95654cb8f16ce2ceb3a97e025 SHA512 44e4489f48634d1b1ff300ccba0f7caa74b76ac7325d38d395ee53763906743f7b622b028a01d32e963952a23da560c16b8cd6771a9001ba90845b59293a6101
diff --git a/net-wireless/bluez/bluez-5.70-r1.ebuild b/net-wireless/bluez/bluez-5.70-r1.ebuild
new file mode 100644
index 000000000000..756654822561
--- /dev/null
+++ b/net-wireless/bluez/bluez-5.70-r1.ebuild
@@ -0,0 +1,288 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+PYTHON_COMPAT=( python3_{9..12} )
+
+inherit autotools linux-info python-single-r1 systemd udev multilib-minimal #readme.gentoo-r1
+
+DESCRIPTION="Bluetooth Tools and System Daemons for Linux"
+HOMEPAGE="http://www.bluez.org https://github.com/bluez/bluez"
+SRC_URI="https://www.kernel.org/pub/linux/bluetooth/${P}.tar.xz"
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0/3"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~x86"
+IUSE="btpclient cups doc debug deprecated extra-tools experimental +mesh midi +obex +readline selinux systemd test test-programs +udev"
+
+# Since this release all remaining extra-tools need readline support, but this could
+# change in the future, hence, this REQUIRED_USE constraint could be dropped
+# again in the future.
+# btpclient needs mesh, bug #790587
+REQUIRED_USE="
+ btpclient? ( mesh )
+ extra-tools? ( deprecated readline )
+ test? ( ${PYTHON_REQUIRED_USE} )
+ test-programs? ( ${PYTHON_REQUIRED_USE} )
+"
+
+TEST_DEPS="${PYTHON_DEPS}
+ $(python_gen_cond_dep '
+ >=dev-python/dbus-python-1[${PYTHON_USEDEP}]
+ dev-python/pygobject:3[${PYTHON_USEDEP}]
+ ')
+"
+BDEPEND="
+ dev-python/docutils
+ virtual/pkgconfig
+ test? ( ${TEST_DEPS} )
+"
+DEPEND="
+ >=dev-libs/glib-2.28:2[${MULTILIB_USEDEP}]
+ btpclient? ( >=dev-libs/ell-0.39 )
+ cups? ( net-print/cups:= )
+ mesh? (
+ >=dev-libs/ell-0.39
+ >=dev-libs/json-c-0.13:=
+ sys-libs/readline:0=
+ )
+ midi? ( media-libs/alsa-lib )
+ obex? ( dev-libs/libical:= )
+ readline? ( sys-libs/readline:0= )
+ systemd? ( sys-apps/systemd )
+ >=sys-apps/dbus-1.6:=
+ udev? ( >=virtual/udev-172 )
+"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-bluetooth )
+ test-programs? ( ${TEST_DEPS} )
+"
+
+RESTRICT="!test? ( test )"
+
+PATCHES=(
+ # Try both udevadm paths to cover udev/systemd vs. eudev locations (#539844)
+ # http://www.spinics.net/lists/linux-bluetooth/msg58739.html
+ # https://bugs.gentoo.org/539844
+ # https://github.com/bluez/bluez/issues/268
+ "${FILESDIR}"/${PN}-udevadm-path-r1.patch
+
+ # Fedora patches
+ # https://lore.kernel.org/linux-bluetooth/20220901110719.176944-1-hadess@hadess.net/T/#m9c08d004cd5422783ee1d93154f42303bba9169f
+ "${FILESDIR}"/${PN}-5.66-power-state-adapter-property.patch
+
+ # Backport CVE-2023-45866 fix (bug #919383)
+ "${FILESDIR}"/${PN}-5.70-CVE-2023-45866.patch
+)
+
+pkg_setup() {
+ # From http://www.linuxfromscratch.org/blfs/view/svn/general/bluez.html
+ # to prevent bugs like:
+ # https://bugzilla.kernel.org/show_bug.cgi?id=196621
+ CONFIG_CHECK="~NET ~BT ~BT_RFCOMM ~BT_RFCOMM_TTY ~BT_BNEP ~BT_BNEP_MC_FILTER
+ ~BT_BNEP_PROTO_FILTER ~BT_HIDP ~CRYPTO_USER_API_HASH ~CRYPTO_USER_API_SKCIPHER
+ ~UHID ~RFKILL"
+ # https://bugzilla.kernel.org/show_bug.cgi?id=196621
+ # https://bugzilla.kernel.org/show_bug.cgi?id=206815
+ if use mesh || use test; then
+ CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_USER
+ ~CRYPTO_USER_API ~CRYPTO_USER_API_AEAD ~CRYPTO_AES ~CRYPTO_CCM ~CRYPTO_AEAD ~CRYPTO_CMAC
+ ~CRYPTO_MD5 ~CRYPTO_SHA1 ~KEY_DH_OPERATIONS"
+ fi
+ linux-info_pkg_setup
+
+ if use test || use test-programs; then
+ python-single-r1_pkg_setup
+ fi
+
+ if ! use udev; then
+ ewarn
+ ewarn "You are installing ${PN} with USE=-udev. This means various bluetooth"
+ ewarn "devices and adapters from Apple, Dell, Logitech etc. will not work,"
+ ewarn "and hid2hci will not be available."
+ ewarn
+ fi
+}
+
+src_prepare() {
+ default
+
+ # http://www.spinics.net/lists/linux-bluetooth/msg38490.html
+ if ! use systemd; then
+ eapply "${FILESDIR}"/0001-Allow-using-obexd-without-systemd-in-the-user-session-r2.patch
+ fi
+
+ eautoreconf
+
+ if use cups; then
+ # Only not .am to not need to run eautoreconf only because of this
+ sed -i \
+ -e "s:cupsdir = \$(libdir)/cups:cupsdir = $(cups-config --serverbin):" \
+ Makefile.{in,tools} || die
+ fi
+
+ multilib_copy_sources
+}
+
+multilib_src_configure() {
+ local myconf=(
+ # readline is automagic when client is enabled
+ # --enable-client always needs readline, bug #504038
+ # --enable-mesh is handled in the same way
+ ac_cv_header_readline_readline_h=$(multilib_native_usex readline)
+ ac_cv_header_readline_readline_h=$(multilib_native_usex mesh)
+ )
+
+ if ! multilib_is_native_abi; then
+ myconf+=(
+ # deps not used for the library
+ {DBUS,GLIB}_{CFLAGS,LIBS}=' '
+ )
+ fi
+
+ econf \
+ --localstatedir=/var \
+ --disable-android \
+ --enable-datafiles \
+ --enable-optimization \
+ $(use_enable debug) \
+ --enable-pie \
+ --enable-threads \
+ --enable-library \
+ --enable-tools \
+ --enable-manpages \
+ --enable-monitor \
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
+ --with-systemduserunitdir="$(systemd_get_userunitdir)" \
+ $(multilib_native_use_enable btpclient) \
+ $(multilib_native_use_enable btpclient external-ell) \
+ $(multilib_native_use_enable cups) \
+ $(multilib_native_use_enable deprecated) \
+ $(multilib_native_use_enable experimental) \
+ $(multilib_native_use_enable mesh) \
+ $(multilib_native_use_enable mesh external-ell) \
+ $(multilib_native_use_enable midi) \
+ $(multilib_native_use_enable obex) \
+ $(multilib_native_use_enable readline client) \
+ $(multilib_native_use_enable systemd) \
+ $(multilib_native_use_enable test-programs test) \
+ $(multilib_native_use_enable udev) \
+ $(multilib_native_use_enable udev hid2hci) \
+ $(multilib_native_use_enable udev sixaxis)
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+ else
+ emake -f Makefile -f - libs \
+ <<<'libs: $(lib_LTLIBRARIES)'
+ fi
+}
+
+multilib_src_test() {
+ multilib_is_native_abi && default
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake DESTDIR="${D}" install
+
+ # Only install extra-tools when relevant USE flag is enabled
+ if use extra-tools; then
+ ewarn "Upstream doesn't support using this tools and their bugs are"
+ ewarn "likely to be ignored forever, also they can break without"
+ ewarn "previous announcement."
+ ewarn "Upstream also states all this tools are not really needed,"
+ ewarn "then, if you still need to rely on them, you must ask them"
+ ewarn "to either install that tool by default or add the needed"
+ ewarn "functionality to the existing 'official' tools."
+ ewarn "Please report this issues to:"
+ ewarn "http://www.bluez.org/development/lists/"
+
+ # Upstream doesn't install this, bug #524640
+ # http://permalink.gmane.org/gmane.linux.bluez.kernel/53115
+ # http://comments.gmane.org/gmane.linux.bluez.kernel/54564
+ dobin tools/btmgmt
+ # gatttool is only built with readline, bug #530776
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1141909
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720486
+ # https://bugs.archlinux.org/task/37686
+ dobin attrib/gatttool
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1699680
+ dobin tools/avinfo
+ fi
+
+ # Not installed by default after being built, bug #666756
+ use btpclient && dobin tools/btpclient
+
+ # Unittests are not that useful once installed, so make them optional
+ if use test-programs; then
+ # Drop python2 only test tools
+ # https://bugzilla.kernel.org/show_bug.cgi?id=206819
+ rm "${ED}"/usr/$(get_libdir)/bluez/test/simple-player || die
+ # https://bugzilla.kernel.org/show_bug.cgi?id=206821
+ rm "${ED}"/usr/$(get_libdir)/bluez/test/test-hfp || die
+ # https://bugzilla.kernel.org/show_bug.cgi?id=206823
+ rm "${ED}"/usr/$(get_libdir)/bluez/test/test-sap-server || die
+
+ python_fix_shebang "${ED}"/usr/$(get_libdir)/bluez/test
+
+ for i in $(find "${ED}"/usr/$(get_libdir)/bluez/test -maxdepth 1 -type f ! -name "*.*"); do
+ dosym "${i}" /usr/bin/bluez-"${i##*/}"
+ done
+ fi
+ else
+ emake DESTDIR="${D}" \
+ install-pkgincludeHEADERS \
+ install-libLTLIBRARIES \
+ install-pkgconfigDATA
+ fi
+}
+
+multilib_src_install_all() {
+ # We need to ensure obexd can be spawned automatically by systemd
+ # when user-session is enabled:
+ # http://marc.info/?l=linux-bluetooth&m=148096094716386&w=2
+ # https://bugs.gentoo.org/show_bug.cgi?id=577842
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804908
+ # https://bugs.archlinux.org/task/45816
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1318441
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1389347
+ if use systemd; then
+ dosym obex.service /usr/lib/systemd/user/dbus-org.bluez.obex.service
+ fi
+
+ find "${D}" -name '*.la' -type f -delete || die
+
+ keepdir /var/lib/bluetooth
+
+ # Upstream don't want people to play with them
+ # But we keep installing them due to 'historical' reasons
+ insinto /etc/bluetooth
+ local d
+ for d in input network; do
+ doins profiles/${d}/${d}.conf
+ done
+ # Setup auto enable as Fedora does for allowing to use
+ # keyboards/mouse as soon as possible
+ sed -i 's/#\[Policy\]$/\[Policy\]/; s/#AutoEnable=false/AutoEnable=true/' src/main.conf || die
+ doins src/main.conf
+
+ newinitd "${FILESDIR}"/bluetooth-init.d-r5 bluetooth
+ newconfd "${FILESDIR}"/bluetooth-conf.d bluetooth
+
+ einstalldocs
+ use doc && dodoc doc/*.txt
+}
+
+pkg_postinst() {
+ use udev && udev_reload
+ systemd_reenable bluetooth.service
+
+ has_version net-dialup/ppp || elog "To use dial up networking you must install net-dialup/ppp"
+}
+
+pkg_postrm() {
+ use udev && udev_reload
+}
diff --git a/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch b/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch
new file mode 100644
index 000000000000..6e5ac253585c
--- /dev/null
+++ b/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch
@@ -0,0 +1,43 @@
+https://bugs.gentoo.org/919383
+https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675
+
+From 25a471a83e02e1effb15d5a488b3f0085eaeb675 Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Tue, 10 Oct 2023 13:03:12 -0700
+Subject: input.conf: Change default of ClassicBondedOnly
+
+This changes the default of ClassicBondedOnly since defaulting to false
+is not inline with HID specification which mandates the of Security Mode
+4:
+
+BLUETOOTH SPECIFICATION Page 84 of 123
+Human Interface Device (HID) Profile:
+
+ 5.4.3.4.2 Security Modes
+ Bluetooth HID Hosts shall use Security Mode 4 when interoperating with
+ Bluetooth HID devices that are compliant to the Bluetooth Core
+ Specification v2.1+EDR[6].
+--- a/profiles/input/device.c
++++ b/profiles/input/device.c
+@@ -81,7 +81,7 @@ struct input_device {
+
+ static int idle_timeout = 0;
+ static bool uhid_enabled = false;
+-static bool classic_bonded_only = false;
++static bool classic_bonded_only = true;
+
+ void input_set_idle_timeout(int timeout)
+ {
+--- a/profiles/input/input.conf
++++ b/profiles/input/input.conf
+@@ -17,7 +17,7 @@
+ # platforms may want to make sure that input connections only come from bonded
+ # device connections. Several older mice have been known for not supporting
+ # pairing/encryption.
+-# Defaults to false to maximize device compatibility.
++# Defaults to true for security.
+ #ClassicBondedOnly=true
+
+ # LE upgrade security
+--
+cgit 1.2.3-korg