net-misc/dhcpcd: Security bump to versions 7.1.1-r2 and 7.2.1

Bug: https://bugs.gentoo.org/684430 Package-Manager: Portage-2.3.65, Repoman-2.3.12 Signed-off-by: Lars Wendler <[email protected]>
johu · Apr 26, 2019 · e9b5b17 · e9b5b17
1 parent 3f7f62e
commit e9b5b17
Show file tree

Hide file tree

Showing 4 changed files with 515 additions and 0 deletions.
diff --git a/net-misc/dhcpcd/Manifest b/net-misc/dhcpcd/Manifest
@@ -2,3 +2,4 @@ DIST dhcpcd-7.0.1.tar.xz 207908 BLAKE2B 1a9350a0c4a9eb1eb6f5a7be78beb4a5fecd802e
 DIST dhcpcd-7.0.8.tar.xz 210752 BLAKE2B ad8ba622589cc1c8c4bb332470c59527e03c817729f43a5b55b4f53f8ed60f35faaffbff24416f8596e78df8deb304f0598e27d890e9601d36c81250fda99942 SHA512 82cd845eb35670788b8f31b973945460f4c5f1a0a3025e3a452b79230dc30704e129d97140e6aec6d0281e0c89c333c0ce0af03c4767b2e5e66547ed3e071953
 DIST dhcpcd-7.1.1.tar.xz 211788 BLAKE2B 984ec97ffdcb15883f57f9e2a699a7c8f006b2630e7651ab9d55e7a980045f8891f09d9f7be420969203a59671d097a1ed76621fe4a62ff26a5020fc8becfe69 SHA512 8791e718d65ef8ae23a16b98e82824860fa91914e6eb0a42cdbbca28236c1c38005ada44214bde33aac57152fe675debebdb5d141b67dcfc82012996d8337bb4
 DIST dhcpcd-7.2.0.tar.xz 212532 BLAKE2B c8768df8006d517d0082f08c6ceebfe5a31695485d32d477acc1c4b9bfce8541110388f186c2ef94642e0692c279fc6d89239cbd8ac07d6ed248e67721c07db5 SHA512 2ab7df53ed42cd7a274bbc9cfb9dca43a8615d9044c0e9f460c41f064ad012b436bf2fe2648dd2738e66aaefc72412cad6c59444631b650f942cba168127a79d
+DIST dhcpcd-7.2.1.tar.xz 213652 BLAKE2B cae5a68ecf285825e6376c8b5bef5f3aba3bb8a393ba4298d8e990d665dd948369f24f688cdb85006df535b7f9b412c795d8eb7817a92e8d9992bdc7b7757a1e SHA512 11c3ef6d3ee49e147aa44725aa1ac0cddff70a268908439fe91990e135175d063e3d65ab587e1780e4f6f0739cf33873a58ffea0a3130d1bfb5598f9f11ec5a3
diff --git a/net-misc/dhcpcd/dhcpcd-7.1.1-r2.ebuild b/net-misc/dhcpcd/dhcpcd-7.1.1-r2.ebuild
@@ -0,0 +1,153 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+if [[ ${PV} == "9999" ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://roy.marples.name/git/dhcpcd.git"
+else
+ MY_P="${P/_alpha/-alpha}"
+ MY_P="${MY_P/_beta/-beta}"
+ MY_P="${MY_P/_rc/-rc}"
+ SRC_URI="https://roy.marples.name/downloads/${PN}/${MY_P}.tar.xz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+ S="${WORKDIR}/${MY_P}"
+fi
+
+DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client"
+HOMEPAGE="https://roy.marples.name/projects/dhcpcd"
+LICENSE="BSD-2"
+SLOT="0"
+IUSE="elibc_glibc +embedded ipv6 kernel_linux +udev"
+
+COMMON_DEPEND="udev? ( virtual/udev )"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-disable_inet6_fix.patch #677508
+ "${FILESDIR}"/${PN}-7.1.1-overflows.patch
+)
+
+src_configure() {
+ local dev hooks=() rundir
+ use udev || dev="--without-dev --without-udev"
+ hooks=( --with-hook=ntp.conf )
+ use elibc_glibc && hooks+=( --with-hook=yp.conf )
+ use kernel_linux && rundir="--rundir=${EPREFIX}/run"
+ local myeconfargs=(
+ --prefix="${EPREFIX}"
+ --libexecdir="${EPREFIX}/lib/dhcpcd"
+ --dbdir="${EPREFIX}/var/lib/dhcpcd"
+ --localstatedir="${EPREFIX}/var"
+ ${rundir}
+ $(use_enable embedded)
+ $(use_enable ipv6)
+ ${dev}
+ CC="$(tc-getCC)"
+ ${hooks[@]}
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+ keepdir /var/lib/dhcpcd
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
+
+pkg_postinst() {
+ local dbdir="${EROOT%/}"/var/lib/dhcpcd old_files=()
+
+ local old_old_duid="${EROOT%/}"/var/lib/dhcpcd/dhcpcd.duid
+ local old_duid="${EROOT%/}"/etc/dhcpcd.duid
+ local new_duid="${dbdir}"/duid
+ if [[ -e "${old_old_duid}" ]] ; then
+ # Upgrade the duid file to the new format if needed
+ if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then
+ sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}"
+ fi
+
+ # Move the duid to /etc, a more sensible location
+ if [[ ! -e "${old_duid}" ]] ; then
+ cp -p "${old_old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_old_duid}" )
+ fi
+
+ # dhcpcd-7 moves the files out of /etc
+ if [[ -e "${old_duid}" ]] ; then
+ if [[ ! -e "${new_duid}" ]] ; then
+ cp -p "${old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_duid}" )
+ fi
+ local old_secret="${EROOT%/}"/etc/dhcpcd.secret
+ local new_secret="${dbdir}"/secret
+ if [[ -e "${old_secret}" ]] ; then
+ if [[ ! -e "${new_secret}" ]] ; then
+ cp -p "${old_secret}" "${new_secret}"
+ fi
+ old_files+=( "${old_secret}" )
+ fi
+
+ # dhcpcd-7 renames some files in /var/lib/dhcpcd
+ local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic
+ local new_rdm="${dbdir}"/rdm_monotonic
+ if [[ -e "${old_rdm}" ]] ; then
+ if [[ ! -e "${new_rdm}" ]] ; then
+ cp -p "${old_rdm}" "${new_rdm}"
+ fi
+ old_files+=( "${old_rdm}" )
+ fi
+ local lease=
+ for lease in "${dbdir}"/dhcpcd-*.lease*; do
+ [[ -f "${lease}" ]] || continue
+ old_files+=( "${lease}" )
+ local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//")
+ [[ -e "${dbdir}/${new_lease}" ]] && continue
+ cp "${lease}" "${dbdir}/${new_lease}"
+ done
+
+ # Warn about removing stale files
+ if [[ -n "${old_files[@]}" ]] ; then
+ elog
+ elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from"
+ elog "${EROOT%/}/etc to ${dbdir}"
+ elog "and copied leases in ${dbdir} to new files with the dhcpcd-"
+ elog "prefix dropped."
+ elog
+ elog "You should remove these files if you don't plan on reverting"
+ elog "to an older version:"
+ local old_file=
+ for old_file in ${old_files[@]}; do
+ elog " ${old_file}"
+ done
+ fi
+
+ if [ -z "${REPLACING_VERSIONS}" ]; then
+ elog
+ elog "dhcpcd has zeroconf support active by default."
+ elog "This means it will always obtain an IP address even if no"
+ elog "DHCP server can be contacted, which will break any existing"
+ elog "failover support you may have configured in your net configuration."
+ elog "This behaviour can be controlled with the noipv4ll configuration"
+ elog "file option or the -L command line switch."
+ elog "See the dhcpcd and dhcpcd.conf man pages for more details."
+
+ elog
+ elog "Dhcpcd has duid enabled by default, and this may cause issues"
+ elog "with some dhcp servers. For more information, see"
+ elog "https://bugs.gentoo.org/show_bug.cgi?id=477356"
+ fi
+
+ if ! has_version net-dns/bind-tools; then
+ elog
+ elog "If you activate the lookup-hostname hook to look up your hostname"
+ elog "using the dns, you need to install net-dns/bind-tools."
+ fi
+}
diff --git a/net-misc/dhcpcd/dhcpcd-7.2.1.ebuild b/net-misc/dhcpcd/dhcpcd-7.2.1.ebuild
@@ -0,0 +1,148 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+if [[ ${PV} == "9999" ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://roy.marples.name/git/dhcpcd.git"
+else
+ MY_P="${P/_alpha/-alpha}"
+ MY_P="${MY_P/_beta/-beta}"
+ MY_P="${MY_P/_rc/-rc}"
+ SRC_URI="https://roy.marples.name/downloads/${PN}/${MY_P}.tar.xz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+ S="${WORKDIR}/${MY_P}"
+fi
+
+DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client"
+HOMEPAGE="https://roy.marples.name/projects/dhcpcd"
+LICENSE="BSD-2"
+SLOT="0"
+IUSE="elibc_glibc +embedded ipv6 kernel_linux +udev"
+
+COMMON_DEPEND="udev? ( virtual/udev )"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}"
+
+src_configure() {
+ local dev hooks=() rundir
+ use udev || dev="--without-dev --without-udev"
+ hooks=( --with-hook=ntp.conf )
+ use elibc_glibc && hooks+=( --with-hook=yp.conf )
+ use kernel_linux && rundir="--rundir=${EPREFIX}/run"
+ local myeconfargs=(
+ --prefix="${EPREFIX}"
+ --libexecdir="${EPREFIX}/lib/dhcpcd"
+ --dbdir="${EPREFIX}/var/lib/dhcpcd"
+ --localstatedir="${EPREFIX}/var"
+ ${rundir}
+ $(use_enable embedded)
+ $(use_enable ipv6)
+ ${dev}
+ CC="$(tc-getCC)"
+ ${hooks[@]}
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+ keepdir /var/lib/dhcpcd
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
+
+pkg_postinst() {
+ local dbdir="${EROOT%/}"/var/lib/dhcpcd old_files=()
+
+ local old_old_duid="${EROOT%/}"/var/lib/dhcpcd/dhcpcd.duid
+ local old_duid="${EROOT%/}"/etc/dhcpcd.duid
+ local new_duid="${dbdir}"/duid
+ if [[ -e "${old_old_duid}" ]] ; then
+ # Upgrade the duid file to the new format if needed
+ if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then
+ sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}"
+ fi
+
+ # Move the duid to /etc, a more sensible location
+ if [[ ! -e "${old_duid}" ]] ; then
+ cp -p "${old_old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_old_duid}" )
+ fi
+
+ # dhcpcd-7 moves the files out of /etc
+ if [[ -e "${old_duid}" ]] ; then
+ if [[ ! -e "${new_duid}" ]] ; then
+ cp -p "${old_duid}" "${new_duid}"
+ fi
+ old_files+=( "${old_duid}" )
+ fi
+ local old_secret="${EROOT%/}"/etc/dhcpcd.secret
+ local new_secret="${dbdir}"/secret
+ if [[ -e "${old_secret}" ]] ; then
+ if [[ ! -e "${new_secret}" ]] ; then
+ cp -p "${old_secret}" "${new_secret}"
+ fi
+ old_files+=( "${old_secret}" )
+ fi
+
+ # dhcpcd-7 renames some files in /var/lib/dhcpcd
+ local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic
+ local new_rdm="${dbdir}"/rdm_monotonic
+ if [[ -e "${old_rdm}" ]] ; then
+ if [[ ! -e "${new_rdm}" ]] ; then
+ cp -p "${old_rdm}" "${new_rdm}"
+ fi
+ old_files+=( "${old_rdm}" )
+ fi
+ local lease=
+ for lease in "${dbdir}"/dhcpcd-*.lease*; do
+ [[ -f "${lease}" ]] || continue
+ old_files+=( "${lease}" )
+ local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//")
+ [[ -e "${dbdir}/${new_lease}" ]] && continue
+ cp "${lease}" "${dbdir}/${new_lease}"
+ done
+
+ # Warn about removing stale files
+ if [[ -n "${old_files[@]}" ]] ; then
+ elog
+ elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from"
+ elog "${EROOT%/}/etc to ${dbdir}"
+ elog "and copied leases in ${dbdir} to new files with the dhcpcd-"
+ elog "prefix dropped."
+ elog
+ elog "You should remove these files if you don't plan on reverting"
+ elog "to an older version:"
+ local old_file=
+ for old_file in ${old_files[@]}; do
+ elog " ${old_file}"
+ done
+ fi
+
+ if [ -z "${REPLACING_VERSIONS}" ]; then
+ elog
+ elog "dhcpcd has zeroconf support active by default."
+ elog "This means it will always obtain an IP address even if no"
+ elog "DHCP server can be contacted, which will break any existing"
+ elog "failover support you may have configured in your net configuration."
+ elog "This behaviour can be controlled with the noipv4ll configuration"
+ elog "file option or the -L command line switch."
+ elog "See the dhcpcd and dhcpcd.conf man pages for more details."
+
+ elog
+ elog "Dhcpcd has duid enabled by default, and this may cause issues"
+ elog "with some dhcp servers. For more information, see"
+ elog "https://bugs.gentoo.org/show_bug.cgi?id=477356"
+ fi
+
+ if ! has_version net-dns/bind-tools; then
+ elog
+ elog "If you activate the lookup-hostname hook to look up your hostname"
+ elog "using the dns, you need to install net-dns/bind-tools."
+ fi
+}