Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 395964 Details for
Bug 539440
net-libs/zeromq-4.0.5 version bump
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Changes for zeromq-4.0.5.ebuild
zeromq-4.0.5.ebuild.diff (text/plain), 18.17 KB, created by
Thomas Deutschmann (RETIRED)
on 2015-02-09 10:39:10 UTC
(
hide
)
Description:
Changes for zeromq-4.0.5.ebuild
Filename:
MIME Type:
Creator:
Thomas Deutschmann (RETIRED)
Created:
2015-02-09 10:39:10 UTC
Size:
18.17 KB
patch
obsolete
>diff -rupN old/net-libs/zeromq/files/zeromq-4.0.5-issue1273-backport.patch new/net-libs/zeromq/files/zeromq-4.0.5-issue1273-backport.patch >--- old/net-libs/zeromq/files/zeromq-4.0.5-issue1273-backport.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-libs/zeromq/files/zeromq-4.0.5-issue1273-backport.patch 2015-02-09 11:26:09.000000000 +0100 >@@ -0,0 +1,420 @@ >+diff -rupN old/zeromq-4.0.5/NEWS new/zeromq-4.0.5/NEWS >+--- old/zeromq-4.0.5/NEWS 2014-10-14 10:06:40.000000000 +0200 >++++ new/zeromq-4.0.5/NEWS 2015-02-09 11:21:31.118079052 +0100 >+@@ -1,3 +1,9 @@ >++0MQ version 4.0.x stable, released on 2015/12/xx >++================================================ >++ >++* Fixed #1273 - V3 protocol handler vulnerable to downgrade attacks. >++ >++ >+ 0MQ version 4.0.5 stable, released on 2014/10/14 >+ ================================================ >+ >+diff -rupN old/zeromq-4.0.5/src/session_base.cpp new/zeromq-4.0.5/src/session_base.cpp >+--- old/zeromq-4.0.5/src/session_base.cpp 2014-10-14 10:06:40.000000000 +0200 >++++ new/zeromq-4.0.5/src/session_base.cpp 2015-02-09 11:20:33.217356975 +0100 >+@@ -323,6 +323,14 @@ int zmq::session_base_t::zap_connect () >+ return 0; >+ } >+ >++bool zmq::session_base_t::zap_enabled () >++{ >++ return ( >++ options.mechanism != ZMQ_NULL || >++ (options.mechanism == ZMQ_NULL && options.zap_domain.length() > 0) >++ ); >++} >++ >+ void zmq::session_base_t::process_attach (i_engine *engine_) >+ { >+ zmq_assert (engine_ != NULL); >+diff -rupN old/zeromq-4.0.5/src/session_base.hpp new/zeromq-4.0.5/src/session_base.hpp >+--- old/zeromq-4.0.5/src/session_base.hpp 2013-11-13 18:57:50.000000000 +0100 >++++ new/zeromq-4.0.5/src/session_base.hpp 2015-02-09 11:20:33.218356988 +0100 >+@@ -68,7 +68,8 @@ namespace zmq >+ int push_msg (msg_t *msg_); >+ >+ int zap_connect (); >+- >++ bool zap_enabled (); >++ >+ // Fetches a message. Returns 0 if successful; -1 otherwise. >+ // The caller is responsible for freeing the message when no >+ // longer used. >+diff -rupN old/zeromq-4.0.5/src/stream_engine.cpp new/zeromq-4.0.5/src/stream_engine.cpp >+--- old/zeromq-4.0.5/src/stream_engine.cpp 2014-10-14 10:06:40.000000000 +0200 >++++ new/zeromq-4.0.5/src/stream_engine.cpp 2015-02-09 11:20:33.218356988 +0100 >+@@ -464,6 +464,11 @@ bool zmq::stream_engine_t::handshake () >+ // Is the peer using ZMTP/1.0 with no revision number? >+ // If so, we send and receive rest of identity message >+ if (greeting_recv [0] != 0xff || !(greeting_recv [9] & 0x01)) { >++ if (session->zap_enabled ()) { >++ // Reject ZMTP 1.0 connections if ZAP is enabled >++ error (); >++ return false; >++ } >+ encoder = new (std::nothrow) v1_encoder_t (out_batch_size); >+ alloc_assert (encoder); >+ >+@@ -505,6 +510,11 @@ bool zmq::stream_engine_t::handshake () >+ } >+ else >+ if (greeting_recv [revision_pos] == ZMTP_1_0) { >++ if (session->zap_enabled ()) { >++ // Reject ZMTP 1.0 connections if ZAP is enabled >++ error (); >++ return false; >++ } >+ encoder = new (std::nothrow) v1_encoder_t ( >+ out_batch_size); >+ alloc_assert (encoder); >+@@ -515,6 +525,11 @@ bool zmq::stream_engine_t::handshake () >+ } >+ else >+ if (greeting_recv [revision_pos] == ZMTP_2_0) { >++ if (session->zap_enabled ()) { >++ // Reject ZMTP 1.0 connections if ZAP is enabled >++ error (); >++ return false; >++ } >+ encoder = new (std::nothrow) v2_encoder_t (out_batch_size); >+ alloc_assert (encoder); >+ >+diff -rupN old/zeromq-4.0.5/tests/test_security_curve.cpp new/zeromq-4.0.5/tests/test_security_curve.cpp >+--- old/zeromq-4.0.5/tests/test_security_curve.cpp 2014-10-14 10:06:40.000000000 +0200 >++++ new/zeromq-4.0.5/tests/test_security_curve.cpp 2015-02-09 11:20:33.218356988 +0100 >+@@ -18,12 +18,23 @@ >+ */ >+ >+ #include "testutil.hpp" >++#if defined (ZMQ_HAVE_WINDOWS) >++# include <winsock2.h> >++# include <ws2tcpip.h> >++# include <stdexcept> >++# define close closesocket >++#else >++# include <sys/socket.h> >++# include <netinet/in.h> >++# include <arpa/inet.h> >++# include <unistd.h> >++#endif >+ >+ // We'll generate random test keys at startup >+-static char client_public [40]; >+-static char client_secret [40]; >+-static char server_public [40]; >+-static char server_secret [40]; >++static char client_public [41]; >++static char client_secret [41]; >++static char server_public [41]; >++static char server_secret [41]; >+ >+ // -------------------------------------------------------------------------- >+ // This methods receives and validates ZAP requestes (allowing or denying >+@@ -46,7 +57,7 @@ static void zap_handler (void *handler) >+ int size = zmq_recv (handler, client_key, 32, 0); >+ assert (size == 32); >+ >+- char client_key_text [40]; >++ char client_key_text [41]; >+ zmq_z85_encode (client_key_text, client_key, 32); >+ >+ assert (streq (version, "1.0")); >+@@ -181,8 +192,8 @@ int main (void) >+ >+ // Check CURVE security with bogus client credentials >+ // This must be caught by the ZAP handler >+- char bogus_public [40]; >+- char bogus_secret [40]; >++ char bogus_public [41]; >++ char bogus_secret [41]; >+ zmq_curve_keypair (bogus_public, bogus_secret); >+ >+ client = zmq_socket (ctx, ZMQ_DEALER); >+@@ -217,7 +228,46 @@ int main (void) >+ assert (rc == 0); >+ expect_bounce_fail (server, client); >+ close_zero_linger (client); >+- >++ >++ // Unauthenticated messages from a vanilla socket shouldn't be received >++ struct sockaddr_in ip4addr; >++ int s; >++ >++ ip4addr.sin_family = AF_INET; >++ ip4addr.sin_port = htons (9998); >++ inet_pton (AF_INET, "127.0.0.1", &ip4addr.sin_addr); >++ >++ s = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); >++ rc = connect (s, (struct sockaddr*) &ip4addr, sizeof (ip4addr)); >++ assert (rc > -1); >++ // send anonymous ZMTP/1.0 greeting >++ send (s, "\x01\x00", 2, 0); >++ // send sneaky message that shouldn't be received >++ send (s, "\x08\x00sneaky\0", 9, 0); >++ int timeout = 150; >++ zmq_setsockopt (server, ZMQ_RCVTIMEO, &timeout, sizeof (timeout)); >++ char *buf = s_recv (server); >++ if (buf != NULL) { >++ printf ("Received unauthenticated message: %s\n", buf); >++ assert (buf == NULL); >++ } >++ close (s); >++ >++ // Check return codes for invalid buffer sizes >++ client = zmq_socket (ctx, ZMQ_DEALER); >++ assert (client); >++ errno = 0; >++ rc = zmq_setsockopt (client, ZMQ_CURVE_SERVERKEY, server_public, 123); >++ assert (rc == -1 && errno == EINVAL); >++ errno = 0; >++ rc = zmq_setsockopt (client, ZMQ_CURVE_PUBLICKEY, client_public, 123); >++ assert (rc == -1 && errno == EINVAL); >++ errno = 0; >++ rc = zmq_setsockopt (client, ZMQ_CURVE_SECRETKEY, client_secret, 123); >++ assert (rc == -1 && errno == EINVAL); >++ rc = zmq_close (client); >++ assert (rc == 0); >++ >+ // Shutdown >+ rc = zmq_close (server); >+ assert (rc == 0); >+diff -rupN old/zeromq-4.0.5/tests/test_security_null.cpp new/zeromq-4.0.5/tests/test_security_null.cpp >+--- old/zeromq-4.0.5/tests/test_security_null.cpp 2013-11-13 18:57:50.000000000 +0100 >++++ new/zeromq-4.0.5/tests/test_security_null.cpp 2015-02-09 11:20:33.219357000 +0100 >+@@ -1,5 +1,5 @@ >+ /* >+- Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file >++ Copyright (c) 2007-2014 Contributors as noted in the AUTHORS file >+ >+ This file is part of 0MQ. >+ >+@@ -18,6 +18,17 @@ >+ */ >+ >+ #include "testutil.hpp" >++#if defined (ZMQ_HAVE_WINDOWS) >++# include <winsock2.h> >++# include <ws2tcpip.h> >++# include <stdexcept> >++# define close closesocket >++#else >++# include <sys/socket.h> >++# include <netinet/in.h> >++# include <arpa/inet.h> >++# include <unistd.h> >++#endif >+ >+ static void >+ zap_handler (void *handler) >+@@ -27,6 +38,7 @@ zap_handler (void *handler) >+ char *version = s_recv (handler); >+ if (!version) >+ break; // Terminating >++ >+ char *sequence = s_recv (handler); >+ char *domain = s_recv (handler); >+ char *address = s_recv (handler); >+@@ -57,7 +69,7 @@ zap_handler (void *handler) >+ free (identity); >+ free (mechanism); >+ } >+- zmq_close (handler); >++ close_zero_linger (handler); >+ } >+ >+ int main (void) >+@@ -76,72 +88,89 @@ int main (void) >+ void *zap_thread = zmq_threadstart (&zap_handler, handler); >+ >+ // We bounce between a binding server and a connecting client >++ >++ // We first test client/server with no ZAP domain >++ // Libzmq does not call our ZAP handler, the connect must succeed >+ void *server = zmq_socket (ctx, ZMQ_DEALER); >+ assert (server); >+ void *client = zmq_socket (ctx, ZMQ_DEALER); >+ assert (client); >+- >+- // We first test client/server with no ZAP domain >+- // Libzmq does not call our ZAP handler, the connect must succeed >+ rc = zmq_bind (server, "tcp://127.0.0.1:9000"); >+ assert (rc == 0); >+- rc = zmq_connect (client, "tcp://localhost:9000"); >++ rc = zmq_connect (client, "tcp://127.0.0.1:9000"); >+ assert (rc == 0); >+ bounce (server, client); >+- zmq_unbind (server, "tcp://127.0.0.1:9000"); >+- zmq_disconnect (client, "tcp://localhost:9000"); >+- >++ close_zero_linger (client); >++ close_zero_linger (server); >++ >+ // Now define a ZAP domain for the server; this enables >+ // authentication. We're using the wrong domain so this test >+ // must fail. >+- // ************************************************************** >+- // PH: the following causes libzmq to get confused, so that the >+- // next step fails. To reproduce, uncomment this block. Note that >+- // even creating a new client/server socket pair, the behaviour >+- // does not change. >+- // ************************************************************** >+- // Destroying the old sockets and creating new ones isn't needed, >+- // but it shows that the problem isn't related to specific sockets. >+- //close_zero_linger (client); >+- //close_zero_linger (server); >+- //server = zmq_socket (ctx, ZMQ_DEALER); >+- //assert (server); >+- //client = zmq_socket (ctx, ZMQ_DEALER); >+- //assert (client); >+- //// The above code should not be required >+- //rc = zmq_setsockopt (server, ZMQ_ZAP_DOMAIN, "WRONG", 5); >+- //assert (rc == 0); >+- //rc = zmq_bind (server, "tcp://127.0.0.1:9001"); >+- //assert (rc == 0); >+- //rc = zmq_connect (client, "tcp://localhost:9001"); >+- //assert (rc == 0); >+- //expect_bounce_fail (server, client); >+- //zmq_unbind (server, "tcp://127.0.0.1:9001"); >+- //zmq_disconnect (client, "tcp://localhost:9001"); >+- >++ server = zmq_socket (ctx, ZMQ_DEALER); >++ assert (server); >++ client = zmq_socket (ctx, ZMQ_DEALER); >++ assert (client); >++ rc = zmq_setsockopt (server, ZMQ_ZAP_DOMAIN, "WRONG", 5); >++ assert (rc == 0); >++ rc = zmq_bind (server, "tcp://127.0.0.1:9001"); >++ assert (rc == 0); >++ rc = zmq_connect (client, "tcp://127.0.0.1:9001"); >++ assert (rc == 0); >++ expect_bounce_fail (server, client); >++ close_zero_linger (client); >++ close_zero_linger (server); >++ >+ // Now use the right domain, the test must pass >++ server = zmq_socket (ctx, ZMQ_DEALER); >++ assert (server); >++ client = zmq_socket (ctx, ZMQ_DEALER); >++ assert (client); >+ rc = zmq_setsockopt (server, ZMQ_ZAP_DOMAIN, "TEST", 4); >+ assert (rc == 0); >+ rc = zmq_bind (server, "tcp://127.0.0.1:9002"); >+ assert (rc == 0); >+- rc = zmq_connect (client, "tcp://localhost:9002"); >++ rc = zmq_connect (client, "tcp://127.0.0.1:9002"); >+ assert (rc == 0); >+- // ************************************************************** >+- // PH: it fails here; though the ZAP reply is 200 OK, and >+- // null_mechanism.cpp correctly parses that, the connection >+- // never succeeds and the test hangs. >+- // ************************************************************** >+ bounce (server, client); >+- zmq_unbind (server, "tcp://127.0.0.1:9002"); >+- zmq_disconnect (client, "tcp://localhost:9002"); >+- >+- // Shutdown >+ close_zero_linger (client); >+ close_zero_linger (server); >+- rc = zmq_ctx_term (ctx); >++ >++ // Unauthenticated messages from a vanilla socket shouldn't be received >++ server = zmq_socket (ctx, ZMQ_DEALER); >++ assert (server); >++ rc = zmq_setsockopt (server, ZMQ_ZAP_DOMAIN, "WRONG", 5); >+ assert (rc == 0); >++ rc = zmq_bind (server, "tcp://127.0.0.1:9003"); >++ assert (rc == 0); >++ >++ struct sockaddr_in ip4addr; >++ int s; >++ >++ ip4addr.sin_family = AF_INET; >++ ip4addr.sin_port = htons(9003); >++ inet_pton(AF_INET, "127.0.0.1", &ip4addr.sin_addr); >++ >++ s = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); >++ rc = connect (s, (struct sockaddr*) &ip4addr, sizeof ip4addr); >++ assert (rc > -1); >++ // send anonymous ZMTP/1.0 greeting >++ send (s, "\x01\x00", 2, 0); >++ // send sneaky message that shouldn't be received >++ send (s, "\x08\x00sneaky\0", 9, 0); >++ int timeout = 150; >++ zmq_setsockopt (server, ZMQ_RCVTIMEO, &timeout, sizeof (timeout)); >++ char *buf = s_recv (server); >++ if (buf != NULL) { >++ printf ("Received unauthenticated message: %s\n", buf); >++ assert (buf == NULL); >++ } >++ close (s); >++ close_zero_linger (server); >+ >+- // Wait until ZAP handler terminates. >++ // Shutdown >++ rc = zmq_ctx_term (ctx); >++ assert (rc == 0); >++ // Wait until ZAP handler terminates >+ zmq_threadclose (zap_thread); >+ >+ return 0; >+diff -rupN old/zeromq-4.0.5/tests/test_security_plain.cpp new/zeromq-4.0.5/tests/test_security_plain.cpp >+--- old/zeromq-4.0.5/tests/test_security_plain.cpp 2013-11-13 18:57:50.000000000 +0100 >++++ new/zeromq-4.0.5/tests/test_security_plain.cpp 2015-02-09 11:20:33.219357000 +0100 >+@@ -1,5 +1,5 @@ >+ /* >+- Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file >++ Copyright (c) 2007-2014 Contributors as noted in the AUTHORS file >+ >+ This file is part of 0MQ. >+ >+@@ -18,6 +18,17 @@ >+ */ >+ >+ #include "testutil.hpp" >++#if defined (ZMQ_HAVE_WINDOWS) >++# include <winsock2.h> >++# include <ws2tcpip.h> >++# include <stdexcept> >++# define close closesocket >++#else >++# include <sys/socket.h> >++# include <netinet/in.h> >++# include <arpa/inet.h> >++# include <unistd.h> >++#endif >+ >+ static void >+ zap_handler (void *ctx) >+@@ -137,6 +148,30 @@ int main (void) >+ expect_bounce_fail (server, client); >+ close_zero_linger (client); >+ >++ // Unauthenticated messages from a vanilla socket shouldn't be received >++ struct sockaddr_in ip4addr; >++ int s; >++ >++ ip4addr.sin_family = AF_INET; >++ ip4addr.sin_port = htons (9998); >++ inet_pton (AF_INET, "127.0.0.1", &ip4addr.sin_addr); >++ >++ s = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); >++ rc = connect (s, (struct sockaddr*) &ip4addr, sizeof (ip4addr)); >++ assert (rc > -1); >++ // send anonymous ZMTP/1.0 greeting >++ send (s, "\x01\x00", 2, 0); >++ // send sneaky message that shouldn't be received >++ send (s, "\x08\x00sneaky\0", 9, 0); >++ int timeout = 150; >++ zmq_setsockopt (server, ZMQ_RCVTIMEO, &timeout, sizeof (timeout)); >++ char *buf = s_recv (server); >++ if (buf != NULL) { >++ printf ("Received unauthenticated message: %s\n", buf); >++ assert (buf == NULL); >++ } >++ close (s); >++ >+ // Shutdown >+ rc = zmq_close (server); >+ assert (rc == 0); >diff -rupN old/net-libs/zeromq/metadata.xml new/net-libs/zeromq/metadata.xml >--- old/net-libs/zeromq/metadata.xml 2013-10-26 12:54:25.000000000 +0200 >+++ new/net-libs/zeromq/metadata.xml 2015-02-09 11:02:04.000000000 +0100 >@@ -12,8 +12,8 @@ > <description>iMatrix Corporation</description> > </maintainer> > <doc>http://zguide.zeromq.org/chapter:1</doc> >- <bugs-to>http://github.com/zeromq/zeromq2/issues</bugs-to> >- <!-- remote-id type="github">zeromq/zeromq2</remote-id--> >+ <bugs-to>https://github.com/zeromq/libzmq/issues</bugs-to> >+ <remote-id type="github">zeromq/zeromq2</remote-id> > </upstream> > <longdescription lang="en"> > The 0MQ lightweight messaging kernel is a library which >@@ -26,7 +26,7 @@ > </longdescription> > <use> > <flag name="pgm"> >- 0MQ is build with 'Pragmatic General Multicast' (RFC 3208) support >+ Build 0MQ with 'Pragmatic General Multicast' (RFC 3208) support > using the excellent OpenPGM implementation. > </flag> > </use> >diff -rupN old/net-libs/zeromq/zeromq-4.0.4-r1.ebuild new/net-libs/zeromq/zeromq-4.0.4-r1.ebuild >--- old/net-libs/zeromq/zeromq-4.0.4-r1.ebuild 2014-08-26 12:31:14.000000000 +0200 >+++ new/net-libs/zeromq/zeromq-4.0.4-r1.ebuild 2015-02-09 11:33:08.666778224 +0100 >@@ -1,4 +1,4 @@ >-# Copyright 1999-2014 Gentoo Foundation >+# Copyright 1999-2015 Gentoo Foundation > # Distributed under the terms of the GNU General Public License v2 > # $Header: /var/cvsroot/gentoo-x86/net-libs/zeromq/zeromq-4.0.4-r1.ebuild,v 1.2 2014/08/26 10:06:22 kumba Exp $ > >@@ -6,36 +6,46 @@ EAPI=5 > > AUTOTOOLS_AUTORECONF=true > >-inherit autotools-utils >+inherit eutils autotools-utils > > DESCRIPTION="A brokerless kernel" > HOMEPAGE="http://www.zeromq.org/" > SRC_URI="http://download.zeromq.org/${P}.tar.gz" > > LICENSE="LGPL-3" >-SLOT="0" >+SLOT="0/4.0.0" > KEYWORDS="~amd64 ~arm ~hppa ~ia64 ~mips ~x86 ~amd64-linux ~x86-linux" >-IUSE="pgm static-libs test" >+IUSE="doc pgm static-libs test" > > RDEPEND=" >- dev-libs/libsodium >+ dev-libs/libsodium:= > pgm? ( =net-libs/openpgm-5.2.122 )" > DEPEND="${RDEPEND} >+ doc? ( >+ app-text/asciidoc >+ app-text/xmlto >+ ) > sys-apps/util-linux > pgm? ( virtual/pkgconfig )" > > src_prepare() { >+ epatch "${FILESDIR}"/${PN}-4.0.5-issue1273-backport.patch >+ > einfo "Removing bundled OpenPGM library" > rm -fr "${S}"/foreign/openpgm/libpgm* || die > sed \ > -e '/libzmq_werror=/s:yes:no:g' \ > -i configure.ac || die >+ >+ epatch_user >+ > autotools-utils_src_prepare > } > > src_configure() { > local myeconfargs=() > use pgm && myeconfargs+=( --with-system-pgm ) || myeconfargs+=( --without-pgm ) >+ use doc && myeconfargs+=( --with-documentation ) || myeconfargs+=( --without-documentation ) > autotools-utils_src_configure > } > >@@ -47,4 +57,5 @@ src_install() { > autotools-utils_src_install > > doman doc/*.[1-9] >+ use doc && dodoc doc/*.html > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=395964">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 539440
: 395964
