rsync: upgraded package to upstream
Upgraded net-misc/rsync to version 3.2.5 on amd64, arm64.
cros_portage_upgrade fails to upgrade the package due to EAPI=8.
Manually upgraded the package and changed EAPI to 7 and changed python
version as well. Since latest rsync enabled pedantic-errors, compilation
complains that snprintf is redefined. Added a patch to fix the
compilation error.
BUG=b/242291339
TEST=presubmit
RELEASE_NOTE=Upgraded net-misc/rsync package to 3.2.5 and fixed
CVE-2022-29154.
Change-Id: I386a20f2772e768db2d5ae5528618b3a54d68f3e
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/36067
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Varsha Teratipally <teratipally@google.com>
diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index c1ee190..46420a5 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -1 +1,2 @@
-DIST rsync-3.2.3.tar.gz 1069784 BLAKE2B 085adb55d0d7e3d063fa198912fd09df67b63800a65baff5315ccb7dfc0e9d703eef30a7f2e72e3b271162c280abd9809b3f736704752c1663eed65ad8e0ac25 SHA512 48b68491f3ef644dbbbfcaec5ab90a1028593e02d50367ce161fd9d3d0bd0a3628bc57c5e5dec4be3a1d213f784f879b8a8fcdfd789ba0f99837cba16e1ae70e
+DIST rsync-3.2.5.tar.gz 1129957 BLAKE2B a0d1c4a2dbebe37bad4f6e2e5e4fae41c53529d96e0ca5a429d29d1dee8c63c8ee1b7dc686b732a88049c547271260e8361ac798673970d5327d08dda01ce811 SHA512 6d115acb5bae546cd2b5df2c11390f8609107b7a45aa649158d8daa0c9290ab5f15640fdd4000b21d1ab39f7385b85d77cd8fe4628fa13b2adeea6fcd53d057a
+DIST rsync-3.2.5.tar.gz.asc 195 BLAKE2B 9ca9034afc39299c2178190412b188f561d274d8e38d58a988487f2db14a8135840acf3413096d26f080358b69779fa3b48e292670ba6b23ae4eb0c05f9df614 SHA512 b384f48b2fd459a51715c8ab2a14e540c5fa7f7f12453282db770893d6121b1b3c9809e667ccacaf910fd90548abeb700a2c717d76fbea22fe3d6a22aa6b2c44
diff --git a/net-misc/rsync/files/rsync-3.2.3-cross.patch b/net-misc/rsync/files/rsync-3.2.3-cross.patch
deleted file mode 100644
index c61090b..0000000
--- a/net-misc/rsync/files/rsync-3.2.3-cross.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From 9f9240b661c5f381831b62d72b6ea928a91ff43a Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayne@opencoder.net>
-Date: Thu, 3 Sep 2020 10:07:36 -0700
-Subject: [PATCH] Set CXX_OK=no when cross compiling.
-
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index 64d2e6d6..109546a6 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -233,7 +233,7 @@ __attribute__ ((target("ssse3"))) void more_testing(char* buf, int len)
- in8_2 = _mm_lddqu_si128((__m128i_u*)&buf[i + 16]);
- }
- }
--]], [[if (test_ssse3(42) != 42 || test_sse2(42) != 42 || test_avx2(42) != 42) exit(1);]])],[CXX_OK=yes],[CXX_OK=no])
-+]], [[if (test_ssse3(42) != 42 || test_sse2(42) != 42 || test_avx2(42) != 42) exit(1);]])],[CXX_OK=yes],[CXX_OK=no],[CXX_OK=no])
- AC_LANG(C)
- if test x"$CXX_OK" = x"yes"; then
- # AC_MSG_RESULT() is called below.
-From 7eb59a9152a2ace7bc7858e9915c671b3ab54344 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayne@opencoder.net>
-Date: Tue, 22 Sep 2020 17:19:45 -0700
-Subject: [PATCH] Change from $build_cpu to $host_cpu as edo1 suggested.
-
----
- configure.ac | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 109546a6..e8c06f42 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -211,7 +211,7 @@ CXXFLAGS=`echo "$CXXFLAGS" | sed 's/-g //'`
-
- if test x"$enable_simd" != x"no"; then
- # For x86-64 SIMD, g++ >=5 or clang++ >=7 is required
-- if test x"$build_cpu" = x"x86_64"; then
-+ if test x"$host_cpu" = x"x86_64"; then
- AC_LANG(C++)
- AC_RUN_IFELSE([AC_LANG_PROGRAM([[#include <stdio.h>
- #include <immintrin.h>
-@@ -283,8 +283,8 @@ AC_ARG_ENABLE(asm,
- AS_HELP_STRING([--disable-asm],[disable ASM optimizations]))
-
- if test x"$enable_asm" != x"no"; then
-- if test x"$build_cpu" = x"x86_64"; then
-- ASM="$build_cpu"
-+ if test x"$host_cpu" = x"x86_64"; then
-+ ASM="$host_cpu"
- elif test x"$enable_asm" = x"yes"; then
- AC_MSG_RESULT(unavailable)
- AC_MSG_ERROR(The ASM optimizations are currently x86_64 only.
-From b7fab6f285ff0ff3816b109a8c3131b6ded0b484 Mon Sep 17 00:00:00 2001
-From: edo <edo.rus@gmail.com>
-Date: Wed, 7 Oct 2020 08:33:57 +0300
-Subject: [PATCH] Allow cross-compilation with SIMD (x86_84) (#104)
-
-Replace runtime SIMD check with a compile-only test in case of
-cross-compilation.
-
-You can still use '--enable-simd=no' to build x86_64 code without
-SIMD instructions.
----
- configure.ac | 20 +++++++++++++-------
- 1 file changed, 13 insertions(+), 7 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 3fd7e5d5..e469981b 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -208,12 +208,7 @@ AC_ARG_ENABLE(simd,
-
- # Clag is crashing with -g -O2, so we'll get rid of -g for now.
- CXXFLAGS=`echo "$CXXFLAGS" | sed 's/-g //'`
--
--if test x"$enable_simd" != x"no"; then
-- # For x86-64 SIMD, g++ >=5 or clang++ >=7 is required
-- if test x"$host_cpu" = x"x86_64"; then
-- AC_LANG(C++)
-- AC_RUN_IFELSE([AC_LANG_PROGRAM([[#include <stdio.h>
-+m4_define(SIMD_X86_64_TEST, [[#include <stdio.h>
- #include <immintrin.h>
- __attribute__ ((target("default"))) int test_ssse3(int x) { return x; }
- __attribute__ ((target("default"))) int test_sse2(int x) { return x; }
-@@ -233,7 +228,18 @@ __attribute__ ((target("ssse3"))) void more_testing(char* buf, int len)
- in8_2 = _mm_lddqu_si128((__m128i_u*)&buf[i + 16]);
- }
- }
--]], [[if (test_ssse3(42) != 42 || test_sse2(42) != 42 || test_avx2(42) != 42) exit(1);]])],[CXX_OK=yes],[CXX_OK=no],[CXX_OK=no])
-+]])
-+
-+if test x"$enable_simd" != x"no"; then
-+ # For x86-64 SIMD, g++ >=5 or clang++ >=7 is required
-+ if test x"$host_cpu" = x"x86_64"; then
-+ AC_LANG(C++)
-+ if test x"$host_cpu" = x"$build_cpu"; then
-+ AC_RUN_IFELSE([AC_LANG_PROGRAM([SIMD_X86_64_TEST],[[if (test_ssse3(42) != 42 || test_sse2(42) != 42 || test_avx2(42) != 42) exit(1);]])],
-+ [CXX_OK=yes],[CXX_OK=no])
-+ else
-+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([SIMD_X86_64_TEST])],[CXX_OK=yes],[CXX_OK=no])
-+ fi
- AC_LANG(C)
- if test x"$CXX_OK" = x"yes"; then
- # AC_MSG_RESULT() is called below.
-From 7d830ff52ff7b01f528f39aa27b1ab36ea8c1356 Mon Sep 17 00:00:00 2001
-From: Andrew Aladjev <aladjev.andrew@gmail.com>
-Date: Sun, 7 Nov 2021 22:45:49 +0300
-Subject: [PATCH] improved cross compilation detection (#252)
-
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index fbdd17d8..9e7338cf 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -264,7 +264,7 @@ if test x"$enable_simd" != x"no"; then
- # For x86-64 SIMD, g++ >=5 or clang++ >=7 is required
- if test x"$host_cpu" = x"x86_64" || test x"$host_cpu" = x"amd64"; then
- AC_LANG(C++)
-- if test x"$host_cpu" = x"$build_cpu"; then
-+ if test x"$host" = x"$build"; then
- AC_RUN_IFELSE([AC_LANG_PROGRAM([SIMD_X86_64_TEST],[[if (test_ssse3(42) != 42 || test_sse2(42) != 42 || test_avx2(42) != 42) exit(1);]])],
- [CXX_OK=yes],[CXX_OK=no])
- else
diff --git a/net-misc/rsync/files/rsync-3.2.3-glibc-lchmod.patch b/net-misc/rsync/files/rsync-3.2.3-glibc-lchmod.patch
deleted file mode 100644
index 970d7af..0000000
--- a/net-misc/rsync/files/rsync-3.2.3-glibc-lchmod.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 9dd62525f3b98d692e031f22c02be8f775966503 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayne@opencoder.net>
-Date: Sun, 29 Nov 2020 09:33:54 -0800
-Subject: [PATCH] Work around glibc's lchmod() issue a better way.
-
-diff --git a/syscall.c b/syscall.c
-index b9c3b4ef..11d10e4a 100644
---- a/syscall.c
-+++ b/syscall.c
-@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode)
- #ifdef HAVE_CHMOD
- int do_chmod(const char *path, mode_t mode)
- {
-+ static int switch_step = 0;
- int code;
- if (dry_run) return 0;
- RETURN_ERROR_IF_RO_OR_LO;
-+ switch (switch_step) {
- #ifdef HAVE_LCHMOD
-- code = lchmod(path, mode & CHMOD_BITS);
--#else
-- if (S_ISLNK(mode)) {
-+#include "case_N.h"
-+ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP)
-+ break;
-+ switch_step++;
-+#endif
-+
-+#include "case_N.h"
-+ if (S_ISLNK(mode)) {
- # if defined HAVE_SETATTRLIST
-- struct attrlist attrList;
-- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
-+ struct attrlist attrList;
-+ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
-
-- memset(&attrList, 0, sizeof attrList);
-- attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
-- attrList.commonattr = ATTR_CMN_ACCESSMASK;
-- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
-+ memset(&attrList, 0, sizeof attrList);
-+ attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
-+ attrList.commonattr = ATTR_CMN_ACCESSMASK;
-+ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
- # else
-- code = 1;
-+ code = 1;
- # endif
-- } else
-- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
--#endif /* !HAVE_LCHMOD */
-+ } else
-+ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
-+ break;
-+ }
- if (code != 0 && (preserve_perms || preserve_executability))
- return code;
- return 0;
diff --git a/net-misc/rsync/files/rsync-3.2.3-verify-certificate.patch b/net-misc/rsync/files/rsync-3.2.3-verify-certificate.patch
deleted file mode 100644
index 9b462a1..0000000
--- a/net-misc/rsync/files/rsync-3.2.3-verify-certificate.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From c3f7414c450faaf6a8281cc4a4403529aeb7d859 Mon Sep 17 00:00:00 2001
-From: Matt McCutchen <matt@mattmccutchen.net>
-Date: Wed, 26 Aug 2020 12:16:08 -0400
-Subject: [PATCH] rsync-ssl: Verify the hostname in the certificate when using
- openssl.
-
----
- rsync-ssl | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/rsync-ssl b/rsync-ssl
-index 8101975a..46701af1 100755
---- a/rsync-ssl
-+++ b/rsync-ssl
-@@ -129,7 +129,7 @@ function rsync_ssl_helper {
- fi
-
- if [[ $RSYNC_SSL_TYPE == openssl ]]; then
-- exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
-+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port
- elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then
- exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port
- else
---
-2.25.1
-
diff --git a/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch
new file mode 100644
index 0000000..8f0c9dd
--- /dev/null
+++ b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch
@@ -0,0 +1,30 @@
+From 09ca9865123e89a3b47d9791839fcfd9ea94fb14 Mon Sep 17 00:00:00 2001
+From: Meena Shanmugam <meenashanmugam@google.com>
+Date: Tue, 16 Aug 2022 19:15:38 +0000
+Subject: [PATCH] Define snprintf only if it is not defined.
+
+Since latest rsync enabled pedantic-errors, compiler complains
+that snprintf is redefined. Define snprintf only if it is not defined.
+---
+ rsync.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rsync.h b/rsync.h
+index 1cc037c5..8dbcc238 100644
+--- a/rsync.h
++++ b/rsync.h
+@@ -1204,9 +1204,11 @@ int vsnprintf(char *str, size_t count, const char *fmt, va_list args);
+ #endif
+
+ #if !defined HAVE_SNPRINTF || !defined HAVE_C99_VSNPRINTF
++#ifndef snprintf
+ #define snprintf rsync_snprintf
+ int snprintf(char *str, size_t count, const char *fmt,...);
+ #endif
++#endif
+
+ #ifndef HAVE_STRERROR
+ extern char *sys_errlist[];
+--
+2.37.1.595.g718a3a8f04-goog
+
diff --git a/net-misc/rsync/rsync-3.2.3-r5.ebuild b/net-misc/rsync/rsync-3.2.5-r1.ebuild
similarity index 61%
rename from net-misc/rsync/rsync-3.2.3-r5.ebuild
rename to net-misc/rsync/rsync-3.2.5-r1.ebuild
index eb08474..ceba702 100644
--- a/net-misc/rsync/rsync-3.2.3-r5.ebuild
+++ b/net-misc/rsync/rsync-3.2.5-r1.ebuild
@@ -1,29 +1,46 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
+#lakitu: Change EAPI 8 to 7.
EAPI=7
-if [[ ${PV} != 3.2.3 ]]; then
- # Make sure we revert the autotools hackery applied in 3.2.3.
- die "Please use rsync-9999.ebuild as a basis for version bumps"
-fi
-
-WANT_LIBTOOL=none
-
-inherit autotools prefix systemd
+#lakitu: Change python version 10 to 9.
+PYTHON_COMPAT=( python3_{6..9} )
+inherit flag-o-matic prefix python-single-r1 systemd
DESCRIPTION="File transfer program to keep remote files into sync"
HOMEPAGE="https://rsync.samba.org/"
-SRC_DIR="src"
-KEYWORDS="*"
-SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz"
-S="${WORKDIR}/${P/_/}"
+if [[ ${PV} == *9999 ]] ; then
+ EGIT_REPO_URI="https://github.com/WayneD/rsync.git"
+ inherit autotools git-r3
+
+ REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+else
+ VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/waynedavison.asc
+ inherit verify-sig
+
+ if [[ ${PV} == *_pre* ]] ; then
+ SRC_DIR="src-previews"
+ else
+ SRC_DIR="src"
+ KEYWORDS="*"
+ fi
+
+ SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz
+ verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )"
+ S="${WORKDIR}"/${P/_/}
+fi
LICENSE="GPL-3"
SLOT="0"
-IUSE="acl examples iconv ipv6 lz4 ssl stunnel system-zlib xattr xxhash zstd"
+IUSE="acl examples iconv lz4 ssl stunnel system-zlib xattr xxhash zstd"
+REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )"
RDEPEND="acl? ( virtual/acl )
+ examples? (
+ ${PYTHON_DEPS}
+ dev-lang/perl
+ )
lz4? ( app-arch/lz4 )
ssl? ( dev-libs/openssl:0= )
system-zlib? ( sys-libs/zlib )
@@ -33,26 +50,47 @@
>=dev-libs/popt-1.5
iconv? ( virtual/libiconv )"
DEPEND="${RDEPEND}"
+BDEPEND="examples? ( ${PYTHON_DEPS} )"
+
+if [[ ${PV} == *9999 ]] ; then
+ BDEPEND+=" ${PYTHON_DEPS}
+ $(python_gen_cond_dep '
+ dev-python/commonmark[${PYTHON_USEDEP}]
+ ')"
+else
+ BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )"
+fi
+
+#lakitu: Add patch to fix compilation
+PATCHES=(
+ "${FILESDIR}"/${P}-fix-compilation.patch
+)
+
+pkg_setup() {
+ # - USE=examples needs Python itself at runtime, but nothing else
+ # - 9999 needs commonmark at build time
+ if [[ ${PV} == *9999 ]] || use examples ; then
+ python-single-r1_pkg_setup
+ fi
+}
src_prepare() {
- local PATCHES=(
- "${FILESDIR}/${P}-glibc-lchmod.patch"
- "${FILESDIR}/${P}-cross.patch"
- # Fix for (CVE-2020-14387) - net-misc/rsync: improper TLS validation in rsync-ssl script
- "${FILESDIR}/${P}-verify-certificate.patch"
- )
default
- eautoconf -o configure.sh
- touch config.h.in || die
+
+ if [[ ${PV} == *9999 ]] ; then
+ eaclocal -I m4
+ eautoconf -o configure.sh
+ eautoheader && touch config.h.in
+ fi
}
src_configure() {
local myeconfargs=(
--with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
--without-included-popt
+ --enable-ipv6
$(use_enable acl acl-support)
$(use_enable iconv)
- $(use_enable ipv6)
$(use_enable lz4)
$(use_enable ssl openssl)
$(use_with !system-zlib included-zlib)
@@ -88,14 +126,17 @@
# Install the useful contrib scripts
if use examples ; then
+ python_fix_shebang support/
+
exeinto /usr/share/rsync
doexe support/*
+
rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c}
fi
eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd*
- systemd_newunit "packaging/systemd/rsync.service" "rsyncd.service"
+ systemd_newunit packaging/systemd/rsync.service rsyncd.service
}
pkg_postinst() {
@@ -105,12 +146,14 @@
ewarn "is a security risk which you should fix. Please check your"
ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
fi
+
if use stunnel ; then
einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
einfo
einfo "You maybe have to update the certificates configured in"
einfo "${EROOT}/etc/stunnel/rsync.conf"
fi
+
if use system-zlib ; then
ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when"
ewarn "using the --compress option."
