dhcp: upgraded package to upstream
Upgraded net-misc/dhcp to version 4.4.2_p1-r1 on amd64, arm64
BUG=b/223987299
TEST=presubmit
RELEASE_NOTE=Fixes CVE-2021-25217.
Change-Id: I145b9a3cdfbbc8e1bb5c3aa4dcbcc9449decafa7
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/30880
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>
diff --git a/metadata/md5-cache/net-misc/dhcp-4.4.1 b/metadata/md5-cache/net-misc/dhcp-4.4.1
deleted file mode 100644
index 0b46f84..0000000
--- a/metadata/md5-cache/net-misc/dhcp-4.4.1
+++ /dev/null
@@ -1,13 +0,0 @@
-DEFINED_PHASES=compile configure install postinst preinst prepare unpack
-DEPEND=client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) virtual/pkgconfig sys-apps/baselayout
-DESCRIPTION=ISC Dynamic Host Configuration Protocol (DHCP) client/server
-EAPI=6
-HOMEPAGE=https://www.isc.org/dhcp
-IUSE=+client ipv6 kernel_linux ldap libressl selinux +server ssl vim-syntax
-KEYWORDS=*
-LICENSE=MPL-2.0 BSD SSLeay GPL-2
-RDEPEND=client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) selinux? ( sec-policy/selinux-dhcp ) vim-syntax? ( app-vim/dhcpd-syntax ) sys-apps/baselayout
-SLOT=0
-SRC_URI=ftp://ftp.isc.org/isc/dhcp/dhcp-4.4.1.tar.gz ftp://ftp.isc.org/isc/dhcp/4.4.1/dhcp-4.4.1.tar.gz
-_eclasses_=multilib 2477ebe553d3e4d2c606191fe6c33602 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f783d68a26b62d6b19e070e6bcada5e6 user 7c566af8c48023219fd63246e88d6621
-_md5_=6b52d62d09df7d02b96b689dee030399
diff --git a/metadata/md5-cache/net-misc/dhcp-4.4.1-r1 b/metadata/md5-cache/net-misc/dhcp-4.4.1-r1
deleted file mode 100644
index 0b46f84..0000000
--- a/metadata/md5-cache/net-misc/dhcp-4.4.1-r1
+++ /dev/null
@@ -1,13 +0,0 @@
-DEFINED_PHASES=compile configure install postinst preinst prepare unpack
-DEPEND=client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) virtual/pkgconfig sys-apps/baselayout
-DESCRIPTION=ISC Dynamic Host Configuration Protocol (DHCP) client/server
-EAPI=6
-HOMEPAGE=https://www.isc.org/dhcp
-IUSE=+client ipv6 kernel_linux ldap libressl selinux +server ssl vim-syntax
-KEYWORDS=*
-LICENSE=MPL-2.0 BSD SSLeay GPL-2
-RDEPEND=client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( !libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl ) ) ) selinux? ( sec-policy/selinux-dhcp ) vim-syntax? ( app-vim/dhcpd-syntax ) sys-apps/baselayout
-SLOT=0
-SRC_URI=ftp://ftp.isc.org/isc/dhcp/dhcp-4.4.1.tar.gz ftp://ftp.isc.org/isc/dhcp/4.4.1/dhcp-4.4.1.tar.gz
-_eclasses_=multilib 2477ebe553d3e4d2c606191fe6c33602 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f783d68a26b62d6b19e070e6bcada5e6 user 7c566af8c48023219fd63246e88d6621
-_md5_=6b52d62d09df7d02b96b689dee030399
diff --git a/metadata/md5-cache/net-misc/dhcp-4.4.2_p1-r1 b/metadata/md5-cache/net-misc/dhcp-4.4.2_p1-r1
new file mode 100644
index 0000000..aad557f
--- /dev/null
+++ b/metadata/md5-cache/net-misc/dhcp-4.4.2_p1-r1
@@ -0,0 +1,14 @@
+BDEPEND=virtual/pkgconfig
+DEFINED_PHASES=compile configure install postinst preinst prepare unpack
+DEPEND=acct-group/dhcp acct-user/dhcp client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( dev-libs/openssl:0= ) )
+DESCRIPTION=ISC Dynamic Host Configuration Protocol (DHCP) client/server
+EAPI=7
+HOMEPAGE=https://www.isc.org/dhcp
+IUSE=+client ipv6 ldap selinux +server ssl vim-syntax
+KEYWORDS=*
+LICENSE=MPL-2.0 BSD SSLeay GPL-2
+RDEPEND=acct-group/dhcp acct-user/dhcp client? ( kernel_linux? ( ipv6? ( sys-apps/iproute2 ) sys-apps/net-tools ) ) ldap? ( net-nds/openldap ssl? ( dev-libs/openssl:0= ) ) selinux? ( sec-policy/selinux-dhcp ) vim-syntax? ( app-vim/dhcpd-syntax ) virtual/tmpfiles
+SLOT=0
+SRC_URI=ftp://ftp.isc.org/isc/dhcp/dhcp-4.4.2-P1.tar.gz ftp://ftp.isc.org/isc/dhcp/4.4.2-P1/dhcp-4.4.2-P1.tar.gz
+_eclasses_=eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 multilib 2477ebe553d3e4d2c606191fe6c33602 systemd 71fd8d2065d102753fb9e4d20eaf3e9f tmpfiles 6170dc7770585fb3f16efdee789a3218 toolchain-funcs f783d68a26b62d6b19e070e6bcada5e6
+_md5_=88e99dc55dd57d2ea43023726a6f8c20
diff --git a/net-misc/dhcp/Manifest b/net-misc/dhcp/Manifest
index 4a8471b..93fbebb 100644
--- a/net-misc/dhcp/Manifest
+++ b/net-misc/dhcp/Manifest
@@ -1 +1,2 @@
-DIST dhcp-4.4.1.tar.gz 11164378 BLAKE2B fd3c65d8802c42cb936ff75ee19784e4f533c9b36aa08a61280aa8acae5cf581c67cd70222b46eb24b1f9a571e1c028cc853952feac4b6a12f9b7d7d3dbc2fc9 SHA512 684ae349f224918c9f8cec7bd6c55cd0b83ad2b5827375b2876ca088eb05b7ff1364e50f6dc24f2485c610d9be94d4ba3020f60a0fa0ef63962349d191b887e7
+DIST dhcp-4.4.2-P1.tar.gz 9898311 BLAKE2B 7cc40dfbe578bee13c7dd7868a25d0d88358bf82b02539e933a4eba06039a43f0d99b3ef6ce811b60ed3a991b222844f4a5bd9e597c11d83b09ff551ba0380a6 SHA512 924e8b44f288361dbe837987869e57b929c73cb5e4af37cb2d7b19bca5ea8594048fb41c0792fede003188185f61b25befbc2ccda42f1f68e6b6bc22ef44b040
+DIST dhcp-4.4.3.tar.gz 10078953 BLAKE2B d88570760cc00bd72d1e9c2e76c7a7b9f07cadfbe044220a43ee33fc201c217725c3909a386ae11f28346920dacb0313d78193a9e3d7eac9757384b4fe762597 SHA512 4472d6794af80b482560956cee6895889cc1aca39980f851faf56824627e95731f2983cf7c7454bc3decb0a12c874fcbd29bd6c5a9695412def6bc14c6df17e0
diff --git a/net-misc/dhcp/dhcp-4.4.1-r1.ebuild b/net-misc/dhcp/dhcp-4.4.1-r1.ebuild
deleted file mode 120000
index 8759e47..0000000
--- a/net-misc/dhcp/dhcp-4.4.1-r1.ebuild
+++ /dev/null
@@ -1 +0,0 @@
-dhcp-4.4.1.ebuild
\ No newline at end of file
diff --git a/net-misc/dhcp/dhcp-4.4.1.ebuild b/net-misc/dhcp/dhcp-4.4.2_p1-r1.ebuild
similarity index 84%
rename from net-misc/dhcp/dhcp-4.4.1.ebuild
rename to net-misc/dhcp/dhcp-4.4.2_p1-r1.ebuild
index 01214aa..992f047 100644
--- a/net-misc/dhcp/dhcp-4.4.1.ebuild
+++ b/net-misc/dhcp/dhcp-4.4.2_p1-r1.ebuild
@@ -1,15 +1,16 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=6
+EAPI=7
-inherit systemd toolchain-funcs user
+inherit systemd toolchain-funcs flag-o-matic tmpfiles
MY_PV="${PV//_alpha/a}"
MY_PV="${MY_PV//_beta/b}"
MY_PV="${MY_PV//_rc/rc}"
MY_PV="${MY_PV//_p/-P}"
MY_P="${PN}-${MY_PV}"
+
DESCRIPTION="ISC Dynamic Host Configuration Protocol (DHCP) client/server"
HOMEPAGE="https://www.isc.org/dhcp"
SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz
@@ -18,9 +19,11 @@
LICENSE="MPL-2.0 BSD SSLeay GPL-2" # GPL-2 only for init script
SLOT="0"
KEYWORDS="*"
-IUSE="+client ipv6 kernel_linux ldap libressl selinux +server ssl vim-syntax"
+IUSE="+client ipv6 ldap selinux +server ssl vim-syntax"
DEPEND="
+ acct-group/dhcp
+ acct-user/dhcp
client? (
kernel_linux? (
ipv6? ( sys-apps/iproute2 )
@@ -29,10 +32,7 @@
)
ldap? (
net-nds/openldap
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl )
- )
+ ssl? ( dev-libs/openssl:0= )
)"
RDEPEND="${DEPEND}
selinux? ( sec-policy/selinux-dhcp )
@@ -64,6 +64,10 @@
"${FILESDIR}/${PN}-4.3.6-iproute2-path.patch" #480636
"${FILESDIR}/${PN}-4.2.5-bindtodevice-inet6.patch" #471142
"${FILESDIR}/${PN}-4.3.3-ldap-ipv6-client-id.patch" #559832
+
+ # Possible upstream candidates
+ "${FILESDIR}/${PN}-4.4.2-fno-common.patch" #710194
+ "${FILESDIR}/${PN}-4.4.2-variable-name.patch" #752402
)
src_prepare() {
@@ -113,7 +117,7 @@
# Now remove the non-english docs so there are no errors later
rm -r doc/ja_JP.eucJP || die
- # make the bind build work
+ # make the bind build work - do NOT make "binddir" local!
binddir="${S}/bind"
cd "${binddir}" || die
cat <<-EOF > bindvar.tmp
@@ -155,13 +159,24 @@
#define _PATH_DHCRELAY6_PID "${r}/dhcrelay6.pid"
EOF
+ # Breaks with -O3 because of reliance on undefined behaviour
+ # bug #787935
+ append-flags -fno-strict-aliasing
+
+ # https://bugs.gentoo.org/720806
+ if use ppc || use arm || use hppa; then
+ append-libs -latomic
+ fi
+
local myeconfargs=(
--enable-paranoia
--enable-early-chroot
--sysconfdir=${e}
+ --with-randomdev=/dev/random
$(use_enable ipv6 dhcpv6)
$(use_with ldap)
$(use ldap && use_with ssl ldapcrypto || echo --without-ldapcrypto)
+ LIBS="${LIBS}"
)
econf "${myeconfargs[@]}"
@@ -170,7 +185,8 @@
cd bind/bind-*/ || die
local el
eval econf \
- $(for el in $(awk '/^bindconfig/,/^$/ {print}' ../Makefile.in) ; do if [[ ${el} =~ ^-- ]] ; then printf ' %s' ${el} ; fi ; done | sed 's,@\([[:alpha:]]\+\)dir@,${binddir}/\1,g') \
+ $(for el in $(awk '/^bindconfig/,/^$/ {print}' ../Makefile.in) ; do if [[ ${el} =~ ^-- ]] ; then printf ' %s' ${el//\\} ; fi ; done | sed 's,@\([[:alpha:]]\+\)dir@,${binddir}/\1,g') \
+ --with-randomdev=/dev/random \
--disable-symtable \
--without-make-clean
}
@@ -192,7 +208,7 @@
if [[ -e client/dhclient ]] ; then
# move the client to /
dodir /sbin
- mv "${ED%/}"/usr/sbin/dhclient "${ED%/}"/sbin/ || die
+ mv "${ED}"/usr/sbin/dhclient "${ED}"/sbin/ || die
exeinto /sbin
if use kernel_linux ; then
@@ -216,7 +232,7 @@
newinitd "${FILESDIR}"/dhcrelay.init3 dhcrelay6
newconfd "${FILESDIR}"/dhcrelay6.conf dhcrelay6
- systemd_newtmpfilesd "${FILESDIR}"/dhcpd.tmpfiles dhcpd.conf
+ newtmpfiles "${FILESDIR}"/dhcpd.tmpfiles dhcpd.conf
systemd_dounit "${FILESDIR}"/dhcpd4.service
systemd_dounit "${FILESDIR}"/dhcpd6.service
systemd_dounit "${FILESDIR}"/dhcrelay4.service
@@ -224,37 +240,41 @@
systemd_install_serviced "${FILESDIR}"/dhcrelay4.service.conf
systemd_install_serviced "${FILESDIR}"/dhcrelay6.service.conf
- sed -i "s:#@slapd@:$(usex ldap slapd ''):" "${ED%/}"/etc/init.d/* || die #442560
+ sed -i "s:#@slapd@:$(usex ldap slapd ''):" "${ED}"/etc/init.d/* || die #442560
fi
# the default config files aren't terribly useful #384087
local f
- for f in "${ED%/}"/etc/dhcp/*.conf.example ; do
+ for f in "${ED}"/etc/dhcp/*.conf.example ; do
mv "${f}" "${f%.example}" || die
done
- sed -i '/^[^#]/s:^:#:' "${ED%/}"/etc/dhcp/*.conf || die
+ sed -i '/^[^#]/s:^:#:' "${ED}"/etc/dhcp/*.conf || die
+
+ diropts -m0750 -o dhcp -g dhcp
+ keepdir /var/lib/dhcp
}
pkg_preinst() {
- enewgroup dhcp
- enewuser dhcp -1 -1 /var/lib/dhcp dhcp
-
# Keep the user files over the sample ones. The
# hashing is to ignore the crappy defaults #384087.
local f h
for f in dhclient:da7c8496a96452190aecf9afceef4510 dhcpd:10979e7b71134bd7f04d2a60bd58f070 ; do
h=${f#*:}
f="/etc/dhcp/${f%:*}.conf"
- if [ -e "${EROOT%/}"${f} ] ; then
+ if [ -e "${EROOT}"${f} ] ; then
case $(md5sum "${EROOT}"${f}) in
${h}*) ;;
- *) cp -p "${EROOT%/}"${f} "${ED%/}"${f};;
+ *) cp -p "${EROOT}"${f} "${ED}"${f};;
esac
fi
done
}
pkg_postinst() {
+ if use server ; then
+ tmpfiles_process dhcpd.conf
+ fi
+
if [[ -e "${ROOT}"/etc/init.d/dhcp ]] ; then
ewarn
ewarn "WARNING: The dhcp init script has been renamed to dhcpd"
diff --git a/net-misc/dhcp/files/dhcp-4.4.2-fno-common.patch b/net-misc/dhcp/files/dhcp-4.4.2-fno-common.patch
new file mode 100644
index 0000000..5d0b7bd
--- /dev/null
+++ b/net-misc/dhcp/files/dhcp-4.4.2-fno-common.patch
@@ -0,0 +1,34 @@
+--- a/client/dhclient.c
++++ b/client/dhclient.c
+@@ -83,8 +83,6 @@
+ static const char url [] = "For info, please visit https://www.isc.org/software/dhcp/";
+ #endif /* UNIT_TEST */
+
+-u_int16_t local_port = 0;
+-u_int16_t remote_port = 0;
+ #if defined(DHCPv6) && defined(DHCP4o6)
+ int dhcp4o6_state = -1; /* -1 = stopped, 0 = polling, 1 = started */
+ #endif
+--- a/relay/dhcrelay.c
++++ b/relay/dhcrelay.c
+@@ -95,9 +95,6 @@
+ forward_untouched, /* Forward without changes. */
+ discard } agent_relay_mode = forward_and_replace;
+
+-u_int16_t local_port;
+-u_int16_t remote_port;
+-
+ /* Relay agent server list. */
+ struct server_list {
+ struct server_list *next;
+--- a/server/mdb.c
++++ b/server/mdb.c
+@@ -67,8 +67,6 @@
+
+ int numclasseswritten;
+
+-omapi_object_type_t *dhcp_type_host;
+-
+ isc_result_t enter_class(cd, dynamicp, commit)
+ struct class *cd;
+ int dynamicp;
diff --git a/net-misc/dhcp/files/dhcp-4.4.2-variable-name.patch b/net-misc/dhcp/files/dhcp-4.4.2-variable-name.patch
new file mode 100644
index 0000000..9f5085d
--- /dev/null
+++ b/net-misc/dhcp/files/dhcp-4.4.2-variable-name.patch
@@ -0,0 +1,25 @@
+From 261c84d91d1b4581df9f7f0ec031908299de7726 Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Thu, 19 Dec 2019 09:27:44 +1100
+Subject: [PATCH] fix variable name in conditional block
+
+---
+ lib/isc/stats.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/isc/stats.c b/lib/isc/stats.c
+index 5bce3c1100..a7ab97ce53 100644
+--- a/bind/bind-9.11.14/lib/isc/stats.c
++++ b/bind/bind-9.11.14/lib/isc/stats.c
+@@ -297,7 +297,7 @@ setcounter(isc_stats_t *stats,
+ isc_atomic_store((int32_t *)&stats->counters[counter].lo,
+ (uint32_t)(value & 0xffffffff));
+ # else
+- stats->counters[counter] = val;
++ stats->counters[counter] = value;
+ # endif
+ #endif
+ }
+--
+GitLab
+
diff --git a/net-misc/dhcp/files/dhcp-4.4.3-bind-disable.patch b/net-misc/dhcp/files/dhcp-4.4.3-bind-disable.patch
new file mode 100644
index 0000000..7f99f77
--- /dev/null
+++ b/net-misc/dhcp/files/dhcp-4.4.3-bind-disable.patch
@@ -0,0 +1,27 @@
+diff --git a/bind/Makefile.in b/bind/Makefile.in
+index 2e60091..a155194 100644
+--- a/bind/Makefile.in
++++ b/bind/Makefile.in
+@@ -37,6 +37,7 @@ installdirs = includedir=${binddir}/include libdir=${binddir}/lib
+ @BIND_ATF_TRUE@all: bind1 atf bind2
+
+ bind1:
++disable:
+ # Extract the source from the tarball, if it hasn't been already.
+ @if test -d ${bindsrcdir} ; then \
+ echo ${bindsrcdir} already unpacked... ; \
+@@ -60,6 +61,7 @@ bind1:
+ fi
+
+ atf: bind1
++disable:
+ # Build and copy the ATF support if not yet installed.
+ @if test -d ./atf ; then \
+ echo ATF support already installed ; \
+diff --git a/bind/test b/bind/test
+new file mode 100644
+index 0000000..713671f
+--- /dev/null
++++ b/bind/test
+@@ -0,0 +1 @@
+++--disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --with-gssapi=no --enable-threads=no @BINDCONFIG@ --includedir=${binddir}/include --libdir=${binddir}/lib
diff --git a/net-misc/dhcp/files/dhcpd4.service b/net-misc/dhcp/files/dhcpd4.service
index b064bd9..8197ace 100644
--- a/net-misc/dhcp/files/dhcpd4.service
+++ b/net-misc/dhcp/files/dhcpd4.service
@@ -3,6 +3,8 @@
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
After=network.target
After=time-sync.target
+After=network-online.target
+Wants=network-online.target
[Service]
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcp -group dhcp --no-pid
diff --git a/net-misc/dhcp/files/dhcpd6.service b/net-misc/dhcp/files/dhcpd6.service
index 603cacd..7f41db0 100644
--- a/net-misc/dhcp/files/dhcpd6.service
+++ b/net-misc/dhcp/files/dhcpd6.service
@@ -3,6 +3,8 @@
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
After=network.target
After=time-sync.target
+After=network-online.target
+Wants=network-online.target
[Service]
ExecStart=/usr/sbin/dhcpd -f -s -6 -cf /etc/dhcp/dhcpd.conf -user dhcp -group dhcp --no-pid
diff --git a/net-misc/dhcp/metadata.xml b/net-misc/dhcp/metadata.xml
index ec94f20..ebcdd6b 100644
--- a/net-misc/dhcp/metadata.xml
+++ b/net-misc/dhcp/metadata.xml
@@ -1,12 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>base-system@gentoo.org</email>
<name>Gentoo Base System</name>
</maintainer>
- <longdescription lang="en">The ISC DHCP client/server package.</longdescription>
- <longdescription lang="ja">ISC DHCP クライアント/サーバ・パッケージです。</longdescription>
<use>
<flag name="client">Install the dhclient program</flag>
<flag name="server">Install the dhcpd and dhcrelay programs</flag>
