Google Git
Sign in
cos/third_party/overlays/portage-stable/refs/heads/release-R85-13310.B^!/.
commit
f51099063e4d38a7a43c037d93626914e8da5c85
[log]
author
Meena Shanmugam <meenashanmugam@google.com>
Tue Aug 16 19:07:40 2022 +0000
committer
COS Cherry Picker <cloud-image-release@prod.google.com>
Wed Aug 17 14:24:46 2022 -0700
tree
5e507da5440e7c92fc76b15002bc58134c080adf
parent
d7c9ee1b668328a1fb915d6419c7b044baaff5bb [diff]
rsync: upgraded package to upstream

Upgraded net-misc/rsync to version 3.2.5 on amd64, arm64.
cros_portage_upgrade fails to upgrade the package due to EAPI=8.
Manually upgraded the package and changed EAPI to 7 and changed python
version as well. Since latest rsync enabled pedantic-errors, compilation
complains that snprintf is redefined. Added a patch to fix the
compilation error.

BUG=b/242291532
TEST=presubmit
RELEASE_NOTE=Upgraded net-misc/rsync package to 3.2.5 and fixed
CVE-2022-29154.

cos-patch: security-high
Change-Id: I386a20f2772e768db2d5ae5528618b3a54d68f3e
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/36111
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Varsha Teratipally <teratipally@google.com>

diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index d1dda9c..46420a5 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest

@@ -1 +1,2 @@
-DIST rsync-3.1.3.tar.gz 905908 SHA256 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0 SHA512 8385f4c0ea37e7a1da3cf45794154f5bc4d1c49bc625ba3b5f85adaf3eafe6d71c15bdcb1410bde731e5d4c19aff3331606637462fa27a68dc3e13192dd78f99 WHIRLPOOL 321d651aa2c61a81f0f647be5317174b6dcb0ebfbfd780d008b1784c0b8a4239d82c42da7be22d5fd66f2c61ab110a3b3e4f9f22b41065d5624348b36ba98474
+DIST rsync-3.2.5.tar.gz 1129957 BLAKE2B a0d1c4a2dbebe37bad4f6e2e5e4fae41c53529d96e0ca5a429d29d1dee8c63c8ee1b7dc686b732a88049c547271260e8361ac798673970d5327d08dda01ce811 SHA512 6d115acb5bae546cd2b5df2c11390f8609107b7a45aa649158d8daa0c9290ab5f15640fdd4000b21d1ab39f7385b85d77cd8fe4628fa13b2adeea6fcd53d057a
+DIST rsync-3.2.5.tar.gz.asc 195 BLAKE2B 9ca9034afc39299c2178190412b188f561d274d8e38d58a988487f2db14a8135840acf3413096d26f080358b69779fa3b48e292670ba6b23ae4eb0c05f9df614 SHA512 b384f48b2fd459a51715c8ab2a14e540c5fa7f7f12453282db770893d6121b1b3c9809e667ccacaf910fd90548abeb700a2c717d76fbea22fe3d6a22aa6b2c44

diff --git a/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch
new file mode 100644
index 0000000..8f0c9dd
--- /dev/null
+++ b/net-misc/rsync/files/rsync-3.2.5-fix-compilation.patch

@@ -0,0 +1,30 @@
+From 09ca9865123e89a3b47d9791839fcfd9ea94fb14 Mon Sep 17 00:00:00 2001
+From: Meena Shanmugam <meenashanmugam@google.com>
+Date: Tue, 16 Aug 2022 19:15:38 +0000
+Subject: [PATCH] Define snprintf only if it is not defined.
+
+Since latest rsync enabled pedantic-errors, compiler complains
+that snprintf is redefined. Define snprintf only if it is not defined.
+---
+ rsync.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rsync.h b/rsync.h
+index 1cc037c5..8dbcc238 100644
+--- a/rsync.h
++++ b/rsync.h
+@@ -1204,9 +1204,11 @@ int vsnprintf(char *str, size_t count, const char *fmt, va_list args);
+ #endif
+ 
+ #if !defined HAVE_SNPRINTF || !defined HAVE_C99_VSNPRINTF
++#ifndef snprintf
+ #define snprintf rsync_snprintf
+ int snprintf(char *str, size_t count, const char *fmt,...);
+ #endif
++#endif
+ 
+ #ifndef HAVE_STRERROR
+ extern char *sys_errlist[];
+-- 
+2.37.1.595.g718a3a8f04-goog
+

diff --git a/net-misc/rsync/rsync-3.1.3.ebuild b/net-misc/rsync/rsync-3.1.3.ebuild
deleted file mode 100644
index 326e651..0000000
--- a/net-misc/rsync/rsync-3.1.3.ebuild
+++ /dev/null

@@ -1,91 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit flag-o-matic prefix systemd
-
-DESCRIPTION="File transfer program to keep remote files into sync"
-HOMEPAGE="https://rsync.samba.org/"
-SRC_URI="https://rsync.samba.org/ftp/rsync/src/${P}.tar.gz"
-[[ "${PV}" = *_pre* ]] && SRC_URI="https://rsync.samba.org/ftp/rsync/src-previews/${P/_/}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-[[ ${PV} = *_pre* ]] || \
-KEYWORDS="*"
-IUSE="acl examples iconv ipv6 static stunnel xattr"
-
-LIB_DEPEND="acl? ( virtual/acl[static-libs(+)] )
-	xattr? ( kernel_linux? ( sys-apps/attr[static-libs(+)] ) )
-	>=dev-libs/popt-1.5[static-libs(+)]"
-RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )
-	iconv? ( virtual/libiconv )"
-DEPEND="${RDEPEND}
-	static? ( ${LIB_DEPEND} )"
-
-S="${WORKDIR}/${P/_/}"
-
-src_configure() {
-	use static && append-ldflags -static
-	local myeconfargs=(
-		--with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
-		--without-included-popt
-		$(use_enable acl acl-support)
-		$(use_enable iconv)
-		$(use_enable ipv6)
-		$(use_enable xattr xattr-support)
-	)
-	econf "${myeconfargs[@]}"
-	touch proto.h-tstamp #421625
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
-	newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
-
-	dodoc NEWS OLDNEWS README TODO tech_report.tex
-
-	insinto /etc
-	newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/rsyncd.logrotate rsyncd
-
-	insinto /etc/xinetd.d
-	newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
-
-	# Install stunnel helpers
-	if use stunnel ; then
-		emake DESTDIR="${D}" install-ssl-client
-		emake DESTDIR="${D}" install-ssl-daemon
-	fi
-
-	# Install the useful contrib scripts
-	if use examples ; then
-		exeinto /usr/share/rsync
-		doexe support/*
-		rm -f "${ED%/}"/usr/share/rsync/{Makefile*,*.c}
-	fi
-
-	eprefixify "${ED%/}"/etc/{,xinetd.d}/rsyncd*
-
-	systemd_dounit "${FILESDIR}/rsyncd.service"
-}
-
-pkg_postinst() {
-	if egrep -qis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
-		"${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
-		ewarn "You have disabled chroot support in your rsyncd.conf.  This"
-		ewarn "is a security risk which you should fix.  Please check your"
-		ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
-	fi
-	if use stunnel ; then
-		einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
-		einfo
-		einfo "You maybe have to update the certificates configured in"
-		einfo "${EROOT}/etc/stunnel/rsync.conf"
-	fi
-}

diff --git a/net-misc/rsync/rsync-3.2.5-r1.ebuild b/net-misc/rsync/rsync-3.2.5-r1.ebuild
new file mode 100644
index 0000000..0cf5e2e
--- /dev/null
+++ b/net-misc/rsync/rsync-3.2.5-r1.ebuild

@@ -0,0 +1,167 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+#lakitu: Change EAPI 8 to 7.
+EAPI=7
+
+#lakitu: Change python version 10 to 8.
+PYTHON_COMPAT=( python3_{6..8} )
+inherit flag-o-matic prefix python-single-r1 systemd
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="https://rsync.samba.org/"
+if [[ ${PV} == *9999 ]] ; then
+	EGIT_REPO_URI="https://github.com/WayneD/rsync.git"
+	inherit autotools git-r3
+
+	REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+else
+	VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/waynedavison.asc
+	inherit verify-sig
+
+	if [[ ${PV} == *_pre* ]] ; then
+		SRC_DIR="src-previews"
+	else
+		SRC_DIR="src"
+		KEYWORDS="*"
+	fi
+
+	SRC_URI="https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz
+		verify-sig? ( https://rsync.samba.org/ftp/rsync/${SRC_DIR}/${P/_/}.tar.gz.asc )"
+	S="${WORKDIR}"/${P/_/}
+fi
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="acl examples iconv lz4 ssl stunnel system-zlib xattr xxhash zstd"
+REQUIRED_USE+=" examples? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND="acl? ( virtual/acl )
+	examples? (
+		${PYTHON_DEPS}
+		dev-lang/perl
+	)
+	lz4? ( app-arch/lz4 )
+	ssl? ( dev-libs/openssl:0= )
+	system-zlib? ( sys-libs/zlib )
+	xattr? ( kernel_linux? ( sys-apps/attr ) )
+	xxhash? ( dev-libs/xxhash )
+	zstd? ( >=app-arch/zstd-1.4 )
+	>=dev-libs/popt-1.5
+	iconv? ( virtual/libiconv )"
+DEPEND="${RDEPEND}"
+BDEPEND="examples? ( ${PYTHON_DEPS} )"
+
+if [[ ${PV} == *9999 ]] ; then
+	BDEPEND+=" ${PYTHON_DEPS}
+		$(python_gen_cond_dep '
+			dev-python/commonmark[${PYTHON_USEDEP}]
+		')"
+else
+	BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-waynedavison )"
+fi
+
+#lakitu: Add patch to fix compilation
+PATCHES=(
+	"${FILESDIR}"/${P}-fix-compilation.patch
+)
+
+pkg_setup() {
+	# - USE=examples needs Python itself at runtime, but nothing else
+	# - 9999 needs commonmark at build time
+	if [[ ${PV} == *9999 ]] || use examples ; then
+		python-single-r1_pkg_setup
+	fi
+}
+
+src_prepare() {
+	default
+
+	if [[ ${PV} == *9999 ]] ; then
+		eaclocal -I m4
+		eautoconf -o configure.sh
+		eautoheader && touch config.h.in
+	fi
+}
+
+src_configure() {
+	local myeconfargs=(
+		--with-rsyncd-conf="${EPREFIX}"/etc/rsyncd.conf
+		--without-included-popt
+		--enable-ipv6
+		$(use_enable acl acl-support)
+		$(use_enable iconv)
+		$(use_enable lz4)
+		$(use_enable ssl openssl)
+		$(use_with !system-zlib included-zlib)
+		$(use_enable xattr xattr-support)
+		$(use_enable xxhash)
+		$(use_enable zstd)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
+	newinitd "${FILESDIR}"/rsyncd.init.d-r1 rsyncd
+
+	dodoc NEWS.md README.md TODO tech_report.tex
+
+	insinto /etc
+	newins "${FILESDIR}"/rsyncd.conf-3.0.9-r1 rsyncd.conf
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/rsyncd.logrotate rsyncd
+
+	insinto /etc/xinetd.d
+	newins "${FILESDIR}"/rsyncd.xinetd-3.0.9-r1 rsyncd
+
+	# Install stunnel helpers
+	if use stunnel ; then
+		emake DESTDIR="${D}" install-ssl-daemon
+	fi
+
+	# Install the useful contrib scripts
+	if use examples ; then
+		python_fix_shebang support/
+
+		exeinto /usr/share/rsync
+		doexe support/*
+
+		rm -f "${ED}"/usr/share/rsync/{Makefile*,*.c}
+	fi
+
+	eprefixify "${ED}"/etc/{,xinetd.d}/rsyncd*
+
+	systemd_newunit packaging/systemd/rsync.service rsyncd.service
+}
+
+pkg_postinst() {
+	if grep -Eqis '^[[:space:]]use chroot[[:space:]]*=[[:space:]]*(no|0|false)' \
+		"${EROOT}"/etc/rsyncd.conf "${EROOT}"/etc/rsync/rsyncd.conf ; then
+		ewarn "You have disabled chroot support in your rsyncd.conf.  This"
+		ewarn "is a security risk which you should fix.  Please check your"
+		ewarn "/etc/rsyncd.conf file and fix the setting 'use chroot'."
+	fi
+
+	if use stunnel ; then
+		einfo "Please install \">=net-misc/stunnel-4\" in order to use stunnel feature."
+		einfo
+		einfo "You maybe have to update the certificates configured in"
+		einfo "${EROOT}/etc/stunnel/rsync.conf"
+	fi
+
+	if use system-zlib ; then
+		ewarn "Using system-zlib is incompatible with <rsync-3.1.1 when"
+		ewarn "using the --compress option."
+		ewarn
+		ewarn "When syncing with >=rsync-3.1.1 built with bundled zlib,"
+		ewarn "and the --compress option, add --new-compress (-zz)."
+		ewarn
+		ewarn "For syncing the portage tree, add:"
+		ewarn "PORTAGE_RSYNC_EXTRA_OPTS=\"--new-compress\" to make.conf"
+	fi
+}