rsync: upgraded package to upstream
Upgraded net-misc/rsync to version 3.2.5 on amd64, arm64.
cros_portage_upgrade fails to upgrade the package due to EAPI=8.
Manually upgraded the package and changed EAPI to 7 and changed python
version as well. Since latest rsync enabled pedantic-errors, compilation
complains that snprintf is redefined. Added a patch to fix the
compilation error.
BUG=b/242291532
TEST=presubmit
RELEASE_NOTE=Upgraded net-misc/rsync package to 3.2.5 and fixed
CVE-2022-29154.
cos-patch: security-high
Change-Id: I386a20f2772e768db2d5ae5528618b3a54d68f3e
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/36111
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Varsha Teratipally <teratipally@google.com>
diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index d1dda9c..46420a5 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -1 +1,2 @@
-DIST rsync-3.1.3.tar.gz 905908 SHA256 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0 SHA512 8385f4c0ea37e7a1da3cf45794154f5bc4d1c49bc625ba3b5f85adaf3eafe6d71c15bdcb1410bde731e5d4c19aff3331606637462fa27a68dc3e13192dd78f99 WHIRLPOOL 321d651aa2c61a81f0f647be5317174b6dcb0ebfbfd780d008b1784c0b8a4239d82c42da7be22d5fd66f2c61ab110a3b3e4f9f22b41065d5624348b36ba98474
+DIST rsync-3.2.5.tar.gz 1129957 BLAKE2B a0d1c4a2dbebe37bad4f6e2e5e4fae41c53529d96e0ca5a429d29d1dee8c63c8ee1b7dc686b732a88049c547271260e8361ac798673970d5327d08dda01ce811 SHA512 6d115acb5bae546cd2b5df2c11390f8609107b7a45aa649158d8daa0c9290ab5f15640fdd4000b21d1ab39f7385b85d77cd8fe4628fa13b2adeea6fcd53d057a
+DIST rsync-3.2.5.tar.gz.asc 195 BLAKE2B 9ca9034afc39299c2178190412b188f561d274d8e38d58a988487f2db14a8135840acf3413096d26f080358b69779fa3b48e292670ba6b23ae4eb0c05f9df614 SHA512 b384f48b2fd459a51715c8ab2a14e540c5fa7f7f12453282db770893d6121b1b3c9809e667ccacaf910fd90548abeb700a2c717d76fbea22fe3d6a22aa6b2c44
diff --git a/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch
new file mode 100644
index 0000000..8f0c9dd
--- /dev/null
+++ b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch
@@ -0,0 +1,30 @@
+From 09ca9865123e89a3b47d9791839fcfd9ea94fb14 Mon Sep 17 00:00:00 2001
+From: Meena Shanmugam <meenashanmugam@google.com>
+Date: Tue, 16 Aug 2022 19:15:38 +0000
+Subject: [PATCH] Define snprintf only if it is not defined.
+
+Since latest rsync enabled pedantic-errors, compiler complains
+that snprintf is redefined. Define snprintf only if it is not defined.
+---
+ rsync.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rsync.h b/rsync.h
+index 1cc037c5..8dbcc238 100644
+--- a/rsync.h
++++ b/rsync.h
+@@ -1204,9 +1204,11 @@ int vsnprintf(char *str, size_t count, const char *fmt, va_list args);
+ #endif
+
+ #if !defined HAVE_SNPRINTF || !defined HAVE_C99_VSNPRINTF
++#ifndef snprintf
+ #define snprintf rsync_snprintf
+ int snprintf(char *str, size_t count, const char *fmt,...);
+ #endif
++#endif
+
+ #ifndef HAVE_STRERROR
+ extern char *sys_errlist[];
+--
+2.37.1.595.g718a3a8f04-goog
+
diff --git a/net-misc/rsync/rsync-3.1.3.ebuild b/net-misc/rsync/rsync-3.1.3.ebuild
deleted file mode 100644
index 326e651..0000000
--- a/net-misc/rsync/rsync-3.1.3.ebuild
+++ /dev/null
@@ -1,91 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit flag-o-matic prefix systemd
-
-DESCRIPTION="File transfer program to keep remote files into sync"
-HOMEPAGE="https://rsync.samba.org/"
-SRC_URI="https://rsync.samba.org/ftp/rsync/src/${P}.tar.gz"
-[[ "${PV}" = *_pre* ]] && SRC_URI="https://rsync.samba.org/ftp/rsync/src-previews/${P/_/}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-[[ ${PV} = *_pre* ]] || \
-KEYWORDS="*"
-IUSE="acl examples iconv ipv6 static stunnel xattr"
-
-LIB_DEPEND="acl? ( virtual/acl[static-libs(+)] )
- xattr? ( kernel_linux? ( sys-apps/attr[static-libs(+)] ) )
- >=dev-libs/popt-1.5[static-libs(+)]"
-RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
- iconv? ( virtual/libiconv )"
-DEPEND="${RDEPEND}
- static? ( ${LIB_DEPEND} )"
-
-S="${WORKDIR}/${P/_/}"
-
-src_configure() {
- use static && append-ldflags -static
- local myeconfargs=(
- --with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
- --without-included-popt
- $(use_enable acl acl-support)
- $(use_enable iconv)
- $(use_enable ipv6)
- $(use_enable xattr xattr-support)
- )
- econf "${myeconfargs[@]}"
- touch proto.h-tstamp #421625
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
- newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
-
- dodoc NEWS OLDNEWS README TODO tech_report.tex
-
- insinto /etc
- newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/rsyncd.logrotate rsyncd
-
- insinto /etc/xinetd.d
- newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
-
- # Install stunnel helpers
- if use stunnel ; then
- emake DESTDIR="${D}" install-ssl-client
- emake DESTDIR="${D}" install-ssl-daemon
- fi
-
- # Install the useful contrib scripts
- if use examples ; then
- exeinto /usr/share/rsync
- doexe support/*
- rm -f "${ED%/}"/usr/share/rsync/{Makefile*,*.c}
- fi
-
- eprefixify "${ED%/}"/etc/{,xinetd.d}/rsyncd*
-
- systemd_dounit "${FILESDIR}/rsyncd.service"
-}
-
-pkg_postinst() {
- if egrep -qis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
- "${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
- ewarn "You have disabled chroot support in your rsyncd.conf. This"
- ewarn "is a security risk which you should fix. Please check your"
- ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
- fi
- if use stunnel ; then
- einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
- einfo
- einfo "You maybe have to update the certificates configured in"
- einfo "${EROOT}/etc/stunnel/rsync.conf"
- fi
-}
diff --git a/net-misc/rsync/rsync-3.2.5-r1.ebuild b/net-misc/rsync/rsync-3.2.5-r1.ebuild
new file mode 100644
index 0000000..0cf5e2e
--- /dev/null
+++ b/net-misc/rsync/rsync-3.2.5-r1.ebuild
@@ -0,0 +1,167 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+#lakitu: Change EAPI 8 to 7.
+EAPI=7
+
+#lakitu: Change python version 10 to 8.
+PYTHON_COMPAT=( python3_{6..8} )
+inherit flag-o-matic prefix python-single-r1 systemd
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="https://rsync.samba.org/"
+if [[ ${PV} == *9999 ]] ; then
+ EGIT_REPO_URI="https://github.com/WayneD/rsync.git"
+ inherit autotools git-r3
+
+ REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+else
+ VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/waynedavison.asc
+ inherit verify-sig
+
+ if [[ ${PV} == *_pre* ]] ; then
+ SRC_DIR="src-previews"
+ else
+ SRC_DIR="src"
+ KEYWORDS="*"
+ fi
+
+ SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz
+ verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )"
+ S="${WORKDIR}"/${P/_/}
+fi
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="acl examples iconv lz4 ssl stunnel system-zlib xattr xxhash zstd"
+REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND="acl? ( virtual/acl )
+ examples? (
+ ${PYTHON_DEPS}
+ dev-lang/perl
+ )
+ lz4? ( app-arch/lz4 )
+ ssl? ( dev-libs/openssl:0= )
+ system-zlib? ( sys-libs/zlib )
+ xattr? ( kernel_linux? ( sys-apps/attr ) )
+ xxhash? ( dev-libs/xxhash )
+ zstd? ( >=app-arch/zstd-1.4 )
+ >=dev-libs/popt-1.5
+ iconv? ( virtual/libiconv )"
+DEPEND="${RDEPEND}"
+BDEPEND="examples? ( ${PYTHON_DEPS} )"
+
+if [[ ${PV} == *9999 ]] ; then
+ BDEPEND+=" ${PYTHON_DEPS}
+ $(python_gen_cond_dep '
+ dev-python/commonmark[${PYTHON_USEDEP}]
+ ')"
+else
+ BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )"
+fi
+
+#lakitu: Add patch to fix compilation
+PATCHES=(
+ "${FILESDIR}"/${P}-fix-compilation.patch
+)
+
+pkg_setup() {
+ # - USE=examples needs Python itself at runtime, but nothing else
+ # - 9999 needs commonmark at build time
+ if [[ ${PV} == *9999 ]] || use examples ; then
+ python-single-r1_pkg_setup
+ fi
+}
+
+src_prepare() {
+ default
+
+ if [[ ${PV} == *9999 ]] ; then
+ eaclocal -I m4
+ eautoconf -o configure.sh
+ eautoheader && touch config.h.in
+ fi
+}
+
+src_configure() {
+ local myeconfargs=(
+ --with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
+ --without-included-popt
+ --enable-ipv6
+ $(use_enable acl acl-support)
+ $(use_enable iconv)
+ $(use_enable lz4)
+ $(use_enable ssl openssl)
+ $(use_with !system-zlib included-zlib)
+ $(use_enable xattr xattr-support)
+ $(use_enable xxhash)
+ $(use_enable zstd)
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
+ newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
+
+ dodoc NEWS.md README.md TODO tech_report.tex
+
+ insinto /etc
+ newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/rsyncd.logrotate rsyncd
+
+ insinto /etc/xinetd.d
+ newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
+
+ # Install stunnel helpers
+ if use stunnel ; then
+ emake DESTDIR="${D}" install-ssl-daemon
+ fi
+
+ # Install the useful contrib scripts
+ if use examples ; then
+ python_fix_shebang support/
+
+ exeinto /usr/share/rsync
+ doexe support/*
+
+ rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c}
+ fi
+
+ eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd*
+
+ systemd_newunit packaging/systemd/rsync.service rsyncd.service
+}
+
+pkg_postinst() {
+ if grep -Eqis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
+ "${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
+ ewarn "You have disabled chroot support in your rsyncd.conf. This"
+ ewarn "is a security risk which you should fix. Please check your"
+ ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
+ fi
+
+ if use stunnel ; then
+ einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
+ einfo
+ einfo "You maybe have to update the certificates configured in"
+ einfo "${EROOT}/etc/stunnel/rsync.conf"
+ fi
+
+ if use system-zlib ; then
+ ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when"
+ ewarn "using the --compress option."
+ ewarn
+ ewarn "When syncing with >=rsync-3.1.1 built with bundled zlib,"
+ ewarn "and the --compress option, add --new-compress (-zz)."
+ ewarn
+ ewarn "For syncing the portage tree, add:"
+ ewarn "PORTAGE_RSYNC_EXTRA_OPTS=\"--new-compress\" to make.conf"
+ fi
+}