commit: 5383e3fce7a501407d7a2e8c41efa766d3df2d67 Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> AuthorDate: Mon Oct 2 16:37:09 2017 +0000 Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> CommitDate: Mon Oct 2 16:37:48 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5383e3fc
net-dns/dnsmasq: Version bump for #632692 Security version bump for these CVEs: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 Also make the relad action use start-stop-daemon. Bug: https://bugs.gentoo.org/632692 Closes: https://bugs.gentoo.org/629284 Package-Manager: Portage-2.3.10, Repoman-2.3.3 net-dns/dnsmasq/Manifest | 1 + net-dns/dnsmasq/dnsmasq-2.78.ebuild | 198 +++++++++++++++++++++++++++++ net-dns/dnsmasq/files/dnsmasq-init-dhcp-r2 | 29 +++++ net-dns/dnsmasq/files/dnsmasq-init-r3 | 23 ++++ 4 files changed, 251 insertions(+) diff --git a/net-dns/dnsmasq/Manifest b/net-dns/dnsmasq/Manifest index 241b1aa59f7..66d995931eb 100644 --- a/net-dns/dnsmasq/Manifest +++ b/net-dns/dnsmasq/Manifest @@ -1,2 +1,3 @@ DIST dnsmasq-2.76.tar.xz 480796 SHA256 4b92698dee19ca0cb2a8f2e48f1d2dffd01a21eb15d1fbed4cf085630c8c9f96 SHA512 8a930f3e7cdc0c291ce89bea8128a4b8438b9aa9e660a2ac037e0baa4c5c74f4482a8f83b0410066a759444b3c4e1cf62a9beb625e38509690227996de10e06a WHIRLPOOL e0710f879fd6f8e27581b8c400704660941601cd2077f32d7c2b3f9791c6be8404469770e74f7e1a03880507a32a30c19b89f6a953a757ad01305f829448f0bc DIST dnsmasq-2.77.tar.xz 487244 SHA256 6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a SHA512 6ca98a71a8fdfd606e29c58b34dadfa63148c39f931570cca67a287e044d52c6ec2f8acbf5620ada3312e9db3a2fd63877188d829c070beaa730607e3309e768 WHIRLPOOL 94a4fdc23d81fe38456756d81e53f1258ccd360c4d22952c889f2d5f76d401696587a5362f5aacd1ef86799874ac9eae3c3879d0fe81b66beeafb2f3ce0e01d0 +DIST dnsmasq-2.78.tar.xz 489172 SHA256 89949f438c74b0c7543f06689c319484bd126cc4b1f8c745c742ab397681252b SHA512 9b79b84e5a768d52f90f6335ccef2c404ecd7a13e78e49f4cd0755fffc6cf34d0dc96ad4c72cad1dab3c5743a8d0d789b3e9b6e625b03c5675bb898ca61a698b WHIRLPOOL 3fdde3511c39b5f42a8166936576b60f7114a54388e317136ef9c4b5770c02106706dc0612361b18d25fa16a340e613c98aa78973e2dc038dc93f2a664d27606 diff --git a/net-dns/dnsmasq/dnsmasq-2.78.ebuild b/net-dns/dnsmasq/dnsmasq-2.78.ebuild new file mode 100644 index 00000000000..ce866b6dcf4 --- /dev/null +++ b/net-dns/dnsmasq/dnsmasq-2.78.ebuild @@ -0,0 +1,198 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit toolchain-funcs flag-o-matic user systemd + +DESCRIPTION="Small forwarding DNS server" +HOMEPAGE="http://www.thekelleys.org.uk/dnsmasq/doc.html"; +SRC_URI="http://www.thekelleys.org.uk/dnsmasq/${P}.tar.xz"; + +LICENSE="|| ( GPL-2 GPL-3 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" + +IUSE="auth-dns conntrack dbus +dhcp dhcp-tools dnssec +id idn libidn2 +inotify" +IUSE+=" ipv6 lua nls script selinux static tftp" + +DM_LINGUAS=(de es fi fr id it no pl pt_BR ro) + +for dm_lingua in "${DM_LINGUAS[@]}"; do + IUSE+=" linguas_${dm_lingua}" +done + +CDEPEND="dbus? ( sys-apps/dbus ) + idn? ( + !libidn2? ( net-dns/libidn ) + libidn2? ( >=net-dns/libidn2-2.0 ) + ) + lua? ( dev-lang/lua:* ) + conntrack? ( net-libs/libnetfilter_conntrack ) + nls? ( sys-devel/gettext ) +" + +DEPEND="${CDEPEND} + app-arch/xz-utils + dnssec? ( + dev-libs/nettle[gmp] + static? ( dev-libs/nettle[static-libs(+)] ) + ) + virtual/pkgconfig +" + +RDEPEND="${CDEPEND} + dnssec? ( + !static? ( + dev-libs/nettle[gmp] + ) + ) + selinux? ( sec-policy/selinux-dnsmasq ) +" + +REQUIRED_USE="dhcp-tools? ( dhcp ) + lua? ( script ) + libidn2? ( idn )" + +use_have() { + local useflag no_only uword + if [[ $1 == '-n' ]]; then + no_only=1 + shift + fi + useflag="${1}" + shift + + uword="${1:-${useflag}}" + shift + + while [[ ${uword} ]]; do + uword="${uword^^}" + + if ! use "${useflag}"; then + echo -n " -DNO_${uword}" + elif [[ -z "${no_only}" ]]; then + echo -n " -DHAVE_${uword}" + fi + uword="${1}" + shift + done +} + +pkg_pretend() { + if use static; then + einfo "Only sys-libs/gmp and dev-libs/nettle are statically linked." + use dnssec || einfo "Thus, ${P}[!dnssec,static] makes no sense; the static USE flag is ignored." + fi +} + +pkg_setup() { + enewgroup dnsmasq + enewuser dnsmasq -1 -1 /dev/null dnsmasq +} + +src_prepare() { + default + + sed -i -r 's:lua5.[0-9]+:lua:' Makefile + sed -i "s:%%PREFIX%%:${EPREFIX}/usr:" dnsmasq.conf.example +} + +src_configure() { + COPTS="$(use_have -n auth-dns auth)" + COPTS+="$(use_have conntrack)" + COPTS+="$(use_have dbus)" + COPTS+="$(use libidn2 || use_have idn)" + COPTS+="$(use_have libidn2)" + COPTS+="$(use_have -n inotify)" + COPTS+="$(use_have -n dhcp dhcp dhcp6)" + COPTS+="$(use_have -n ipv6 ipv6 dhcp6)" + COPTS+="$(use_have -n id id)" + COPTS+="$(use_have lua luascript)" + COPTS+="$(use_have -n script)" + COPTS+="$(use_have -n tftp)" + COPTS+="$(use_have dnssec)" + COPTS+="$(use_have static dnssec_static)" +} + +src_compile() { + emake \ + PREFIX=/usr \ + MANDIR=/usr/share/man \ + CC="$(tc-getCC)" \ + PKG_CONFIG="$(tc-getPKG_CONFIG)" \ + CFLAGS="${CFLAGS}" \ + LDFLAGS="${LDFLAGS}" \ + COPTS="${COPTS}" \ + CONFFILE="/etc/${PN}.conf" \ + all$(use nls && echo "-i18n") + + use dhcp-tools && emake -C contrib/lease-tools \ + PREFIX=/usr \ + MANDIR=/usr/share/man \ + CC="$(tc-getCC)" \ + PKG_CONFIG="$(tc-getPKG_CONFIG)" \ + CFLAGS="${CFLAGS}" \ + LDFLAGS="${LDFLAGS}" \ + all +} + +src_install() { + local lingua puid + emake \ + PREFIX=/usr \ + MANDIR=/usr/share/man \ + COPTS="${COPTS}" \ + DESTDIR="${D}" \ + install$(use nls && echo "-i18n") + + for lingua in "${DM_LINGUAS[@]}"; do + use linguas_${lingua} || rm -rf "${D}"/usr/share/locale/${lingua} + done + [[ -d "${D}"/usr/share/locale/ ]] && rmdir --ignore-fail-on-non-empty "${D}"/usr/share/locale/ + + dodoc CHANGELOG CHANGELOG.archive FAQ dnsmasq.conf.example + dodoc -r logo + + docinto html/ + dodoc *.html + + newinitd "${FILESDIR}"/dnsmasq-init-r3 ${PN} + newconfd "${FILESDIR}"/dnsmasq.confd-r1 ${PN} + + insinto /etc + newins dnsmasq.conf.example dnsmasq.conf + + insinto /usr/share/dnsmasq + doins trust-anchors.conf + + if use dhcp; then + dodir /var/lib/misc + newinitd "${FILESDIR}"/dnsmasq-init-dhcp-r2 ${PN} + fi + if use dbus; then + insinto /etc/dbus-1/system.d + doins dbus/dnsmasq.conf + fi + + if use dhcp-tools; then + dosbin contrib/lease-tools/{dhcp_release,dhcp_lease_time} + doman contrib/lease-tools/{dhcp_release,dhcp_lease_time}.1 + if use ipv6; then + dosbin contrib/lease-tools/dhcp_release6 + doman contrib/lease-tools/dhcp_release6.1 + fi + fi + + systemd_newunit "${FILESDIR}"/${PN}.service-r1 ${PN}.service +} + +pkg_preinst() { + # temporary workaround to (hopefully) prevent leases file from being removed + [[ -f /var/lib/misc/dnsmasq.leases ]] && cp /var/lib/misc/dnsmasq.leases "${T}" +} + +pkg_postinst() { + # temporary workaround to (hopefully) prevent leases file from being removed + [[ -f "${T}"/dnsmasq.leases ]] && cp "${T}"/dnsmasq.leases /var/lib/misc/dnsmasq.leases +} diff --git a/net-dns/dnsmasq/files/dnsmasq-init-dhcp-r2 b/net-dns/dnsmasq/files/dnsmasq-init-dhcp-r2 new file mode 100644 index 00000000000..610ce7a5d2e --- /dev/null +++ b/net-dns/dnsmasq/files/dnsmasq-init-dhcp-r2 @@ -0,0 +1,29 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later + +extra_started_commands="reload" + +pidfile="/var/run/dnsmasq.pid" +command="/usr/sbin/dnsmasq" +command_args="-x ${pidfile} ${DNSMASQ_OPTS}" +retry="TERM/3/TERM/5" + +depend() { + provide dns + need localmount net + after bootmisc + use logger +} + +start_pre() { + checkpath --owner dnsmasq:dnsmasq \ + --mode 0644 \ + --file /var/lib/misc/dnsmasq.leases +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +} diff --git a/net-dns/dnsmasq/files/dnsmasq-init-r3 b/net-dns/dnsmasq/files/dnsmasq-init-r3 new file mode 100644 index 00000000000..9d58b26fa5e --- /dev/null +++ b/net-dns/dnsmasq/files/dnsmasq-init-r3 @@ -0,0 +1,23 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later + +extra_started_commands="reload" + +pidfile="/var/run/dnsmasq.pid" +command="/usr/sbin/dnsmasq" +command_args="-x ${pidfile} ${DNSMASQ_OPTS}" +retry="TERM/3/TERM/5" + +depend() { + provide dns + need localmount net + after bootmisc + use logger +} + +reload() { + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +}
