Package: xorp Version: 1.8.5-4.1 Severity: normal Tags: patch Usertags: goal-hardening
Dear Maintainer, The attached patch enables hardened build flags, adds a missing dh_shlibdeps argument and corrects a typo in a error message. Some limited testing has been performed in a production router. I hope it can be useful. Regards, -- System Information: Debian Release: 8.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=es_VE.UTF-8, LC_CTYPE=es_VE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages xorp depends on: ii adduser 3.113+nmu3 ii init-system-helpers 1.22 ii libc6 2.19-18+deb8u1 ii libgcc1 1:4.9.2-10 ii libncurses5 5.9+20140913-1+b1 ii libpcap0.8 1.6.2-2 ii libssl1.0.0 1.0.1k-3+deb8u1 ii libstdc++6 4.9.2-10 ii libsystemd0 215-17+deb8u2 ii libtinfo5 5.9+20140913-1+b1 Versions of packages xorp recommends: ii iputils-ping 3:20121221-5+b2 ii iputils-tracepath 3:20121221-5+b2 ii traceroute 1:2.0.20-2+b1 xorp suggests no packages. -- Configuration Files: /etc/default/xorp changed [not included] /etc/xorp/config.boot changed [not included] -- no debconf information -- Dhionel Díaz Centro Nacional de Desarrollo e Investigación en Tecnologías Libres Ministerio del Poder Popular para Educación Universitaria, Ciencia y Tecnología
diff -u xorp-1.8.5/debian/patches/series xorp-1.8.5/debian/patches/series --- xorp-1.8.5/debian/patches/series +++ xorp-1.8.5/debian/patches/series @@ -13,0 +14,2 @@ +rtrmgr_fix_typo.path +hardening.patch diff -u xorp-1.8.5/debian/rules xorp-1.8.5/debian/rules --- xorp-1.8.5/debian/rules +++ xorp-1.8.5/debian/rules @@ -57,11 +57,12 @@ sysconfdir=/etc \ with-olsr=true \ disable_fw=true \ - CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS='-Wl,-z,defs' + CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LINKFLAGS="$(LDFLAGS)" #SCONSFLAGS += CC=gcc-4.6 CXX=g++-4.6 -CFLAGS = -Wall -g +#LDFLAGS = -Wl,-z,defs +CFLAGS = -Wall -g GXXVERSION = $(shell g++ --version | head -1 | cut -f 4 -d ' ' | cut -b 1-3) #ifeq ($(GXXVERSION),4.6) # CXXFLAGS += -Wno-error=unused-but-set-variable @@ -91,6 +92,11 @@ include /usr/share/quilt/quilt.make +CPPFLAGS += $(shell dpkg-buildflags --get CPPFLAGS) +CFLAGS += $(shell dpkg-buildflags --get CFLAGS) +CXXFLAGS += $(shell dpkg-buildflags --get CXXFLAGS) +LDFLAGS += $(shell dpkg-buildflags --get LDFLAGS) + config.status: debian/stamp-patched dh_testdir # Add here commands to configure the package. @@ -173,7 +179,7 @@ dh_fixperms dh_makeshlibs dh_installdeb - dh_shlibdeps + dh_shlibdeps -l/usr/lib/xorp/lib dh_gencontrol dh_md5sums dh_builddeb only in patch2: unchanged: --- xorp-1.8.5.orig/debian/patches/hardening.patch +++ xorp-1.8.5/debian/patches/hardening.patch @@ -0,0 +1,15 @@ +Description: Add further support to hardening flags +Author: Dhionel DÃaz <[email protected]> +Last-Update: 2015-09-11 + +--- +--- a/SConstruct ++++ b/SConstruct +@@ -568,6 +568,7 @@ + if not env.GetOption('clean') and \ + not env.GetOption('help'): + ++ env.AppendUnique( CPPFLAGS = Split(ARGUMENTS.get('CPPFLAGS', '')) ) + env.AppendUnique( CFLAGS = Split(ARGUMENTS.get('CFLAGS', '')) ) + env.AppendUnique( CXXFLAGS = Split(ARGUMENTS.get('CXXFLAGS', '')) ) + env.AppendUnique( LINKFLAGS = Split(ARGUMENTS.get('LINKFLAGS', '')) ) only in patch2: unchanged: --- xorp-1.8.5.orig/debian/patches/rtrmgr_fix_typo.path +++ xorp-1.8.5/debian/patches/rtrmgr_fix_typo.path @@ -0,0 +1,16 @@ +Description: Fix typo in a rtrmgr error message +Author: Dhionel DÃaz <[email protected]> +Last-Update: 2015-09-11 + +--- +--- a/rtrmgr/master_conf_tree_node.cc ++++ b/rtrmgr/master_conf_tree_node.cc +@@ -431,7 +431,7 @@ + error_msg = "Something went wrong.\n"; + error_msg += c_format("The problem was with \"%s\"\n", + path().c_str()); +- error_msg += "WARNING: Partially commited changes exist\n"; ++ error_msg += "WARNING: Partially committed changes exist\n"; + XLOG_WARNING("%s\n", error_msg.c_str()); + return false; + }
signature.asc
Description: OpenPGP digital signature
