From 4c94441763ab5cdd9739ffe6b97913cc3cdadfa5 Mon Sep 17 00:00:00 2001 From: Josiah Mullins Date: Thu, 13 Dec 2018 18:21:07 -0500 Subject: net-libs/tox: strip vulnerable versions This commit removes all versions of tox prior to version 0.2.8 because those versions were vulnerable to remote DDoS attacks. Also, this commit removes a deprecated use flag in metadata.xml. In addition, this commit adds the requirement that libsodium not be built with the minimal use flag enabled in tox-9999. Closes: https://bugs.gentoo.org/628530 Bug: https://bugs.gentoo.org/668264 Signed-off-by: Josiah Mullins Signed-off-by: Josiah Mullins Closes: https://github.com/gentoo/gentoo/pull/10585 Signed-off-by: Andreas Sturmlechner --- net-libs/tox/Manifest | 2 -- net-libs/tox/metadata.xml | 1 - net-libs/tox/tox-0.1.10.ebuild | 76 ---------------------------------------- net-libs/tox/tox-0.2.5.ebuild | 79 ------------------------------------------ net-libs/tox/tox-9999.ebuild | 2 +- 5 files changed, 1 insertion(+), 159 deletions(-) delete mode 100644 net-libs/tox/tox-0.1.10.ebuild delete mode 100644 net-libs/tox/tox-0.2.5.ebuild (limited to 'net-libs/tox') diff --git a/net-libs/tox/Manifest b/net-libs/tox/Manifest index 0252fcb17b3f..9a173c626105 100644 --- a/net-libs/tox/Manifest +++ b/net-libs/tox/Manifest @@ -1,3 +1 @@ -DIST c-toxcore-0.1.10.tar.gz 820090 BLAKE2B 071e530db2dd6ca387a6cd88f1145515ab8741017626fcb744fdc9940263b6c2604b456b6d1357bc78be5e33b544ecf882e608bc7b4a4227d44c5507e5dbad56 SHA512 428fee2d811d0b6d5d005f082aa06f95765794b1a8bc77ec4411bb9ec9085b99675535b88db50f5ad7313850a0bb3c54c4e2e8d8864cea7c0c7d81be9879b157 -DIST c-toxcore-0.2.5.tar.gz 482160 BLAKE2B b56511d9cf7bd3a9d2b9177b33bdbf60ac571f6c95d7ee26e6ecae7c9395d8cdd4f6650025f8b727ad9b825b304c4555efaee0f17d60a26bc5bf599905ec27ab SHA512 a425a106054f29533b43b14cb8916706d04158d91b66cdada0e9e007aebd3f68a253b8519a75ca94bffba3adc57362b4e7c44e9356fce416f081a7eda6a61e18 DIST c-toxcore-0.2.8.tar.gz 502907 BLAKE2B 0ca2c861b3cd982b471fac5cf8bdacd21c3248118846cc17e51f33ba04cf3da12a64578744e47daa27bb8613762a6f562eb550f0b7af05a66696412f6d0a6360 SHA512 a23a87a74fe97091b00ea76676a22578ed1e2426ac777146bb6efc984f1bfd3fff0d7fb149691155b8e2db56e1e088a1884536e5b717ff5c45a87b437f275735 diff --git a/net-libs/tox/metadata.xml b/net-libs/tox/metadata.xml index 99359c3fc50a..4c464531d0ba 100644 --- a/net-libs/tox/metadata.xml +++ b/net-libs/tox/metadata.xml @@ -17,7 +17,6 @@ Log level: 3 Log level: 4 Log level: 5 - Enable the testing nTox client. Enable the DHT Bootstrap Daemon. diff --git a/net-libs/tox/tox-0.1.10.ebuild b/net-libs/tox/tox-0.1.10.ebuild deleted file mode 100644 index ce36d2840170..000000000000 --- a/net-libs/tox/tox-0.1.10.ebuild +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit autotools systemd user - -DESCRIPTION="Encrypted P2P, messaging, and audio/video calling platform" -HOMEPAGE="https://tox.chat" -SRC_URI="https://github.com/TokTok/c-toxcore/releases/download/v${PV}/c-toxcore-${PV}.tar.gz" - -LICENSE="GPL-3+" -SLOT="0/0.1" -KEYWORDS="~amd64 ~arm ~x86" -IUSE="+av daemon log-debug log-error log-info log-trace log-warn +no-log ntox static-libs test" - -REQUIRED_USE="^^ ( no-log log-trace log-debug log-info log-warn log-error )" - -RDEPEND=" - av? ( media-libs/libvpx:= - media-libs/opus ) - daemon? ( dev-libs/libconfig ) - ntox? ( sys-libs/ncurses:0= ) - >=dev-libs/libsodium-0.6.1:=[asm,urandom]" -DEPEND="${RDEPEND} - test? ( dev-libs/check ) - virtual/pkgconfig" - -S="${WORKDIR}/c-toxcore-${PV}" - -src_prepare() { - default - eautoreconf -} - -src_configure() { - econf \ - $(usex log-trace "--enable-logging --with-log-level=TRACE" "") \ - $(usex log-debug "--enable-logging --with-log-level=DEBUG" "") \ - $(usex log-info "--enable-logging --with-log-level=INFO" "") \ - $(usex log-warn "--enable-logging --with-log-level=WARNING" "") \ - $(usex log-error "--enable-logging --with-log-level=ERROR" "") \ - $(use_enable av) \ - $(use_enable test tests) \ - $(use_enable ntox) \ - $(use_enable daemon) \ - $(use_enable static-libs static) -} - -src_install() { - default - if use daemon; then - newinitd "${FILESDIR}"/initd tox-dht-daemon - newconfd "${FILESDIR}"/confd tox-dht-daemon - insinto /etc - doins "${FILESDIR}"/tox-bootstrapd.conf - systemd_dounit "${FILESDIR}"/tox-bootstrapd.service - fi - - find "${D}" -name '*.la' -delete || die -} - -pkg_postinst() { - if use daemon; then - enewgroup ${PN} - enewuser ${PN} -1 -1 -1 ${PN} - if [[ -f ${EROOT%/}/var/lib/tox-dht-bootstrap/key ]]; then - ewarn "Backwards compatability with the bootstrap daemon might have been" - ewarn "broken a while ago. To resolve this issue, REMOVE the following files:" - ewarn " ${EROOT%/}/var/lib/tox-dht-bootstrap/key" - ewarn " ${EROOT%/}/etc/tox-bootstrapd.conf" - ewarn " ${EROOT%/}/run/tox-dht-bootstrap/tox-dht-bootstrap.pid" - ewarn "Then just reinstall net-libs/tox" - fi - fi -} diff --git a/net-libs/tox/tox-0.2.5.ebuild b/net-libs/tox/tox-0.2.5.ebuild deleted file mode 100644 index 71e771406fa3..000000000000 --- a/net-libs/tox/tox-0.2.5.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit cmake-utils systemd user - -MY_P="c-toxcore-${PV}" -DESCRIPTION="Encrypted P2P, messaging, and audio/video calling platform" -HOMEPAGE="https://tox.chat" -SRC_URI="https://github.com/TokTok/c-toxcore/archive/v${PV}.tar.gz -> ${MY_P}.tar.gz" - -LICENSE="GPL-3+" -SLOT="0/0.2" -KEYWORDS="~amd64 ~arm ~x86" -IUSE="+av daemon log-debug log-trace +no-log static-libs test" - -REQUIRED_USE="^^ ( no-log log-trace log-debug )" - -RDEPEND=" - av? ( media-libs/libvpx:= - media-libs/opus ) - daemon? ( dev-libs/libconfig ) - >=dev-libs/libsodium-0.6.1:=[asm,urandom]" -DEPEND="${RDEPEND} - virtual/pkgconfig" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - cmake-utils_src_prepare - # disable tests that need internet - for testname in bootstrap lan_discovery tcp_relay tox_many_tcp; do - sed -i -e "/^auto_test(${testname})$/d" CMakeLists.txt || die - done -} - -src_configure() { - local mycmakeargs=( - -DTRACE=$(usex log-trace) - -DDEBUG=$(usex log-debug) - -DBUILD_TOXAV=$(usex av) - -DMUST_BUILD_TOXAV=$(usex av) - -DBUILD_AV_TEST=$(usex av) - -DBOOTSTRAP_DAEMON=$(usex daemon) - -DENABLE_STATIC=$(usex static-libs) - ) - - cmake-utils_src_configure -} - -src_install() { - cmake-utils_src_install - - if use daemon; then - newinitd "${FILESDIR}"/initd tox-dht-daemon - newconfd "${FILESDIR}"/confd tox-dht-daemon - insinto /etc - doins "${FILESDIR}"/tox-bootstrapd.conf - systemd_dounit "${FILESDIR}"/tox-bootstrapd.service - fi - - find "${D}" -name '*.la' -delete || die -} - -pkg_postinst() { - if use daemon; then - enewgroup tox - enewuser tox -1 -1 -1 tox - if [[ -f ${EROOT%/}/var/lib/tox-dht-bootstrap/key ]]; then - ewarn "Backwards compatability with the bootstrap daemon might have been" - ewarn "broken a while ago. To resolve this issue, REMOVE the following files:" - ewarn " ${EROOT%/}/var/lib/tox-dht-bootstrap/key" - ewarn " ${EROOT%/}/etc/tox-bootstrapd.conf" - ewarn " ${EROOT%/}/run/tox-dht-bootstrap/tox-dht-bootstrap.pid" - ewarn "Then just re-emerge net-libs/tox" - fi - fi -} diff --git a/net-libs/tox/tox-9999.ebuild b/net-libs/tox/tox-9999.ebuild index 6480c17e2cc6..3c267ef0e1e2 100644 --- a/net-libs/tox/tox-9999.ebuild +++ b/net-libs/tox/tox-9999.ebuild @@ -21,7 +21,7 @@ RDEPEND=" av? ( media-libs/libvpx:= media-libs/opus ) daemon? ( dev-libs/libconfig ) - >=dev-libs/libsodium-0.6.1:=[asm,urandom]" + >=dev-libs/libsodium-0.6.1:=[asm,urandom,-minimal]" DEPEND="${RDEPEND} virtual/pkgconfig" -- cgit v1.2.3-65-gdbad