diff options
-rw-r--r-- | net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch | 67 | ||||
-rw-r--r-- | net-ftp/tlswrap/files/modernize-am_init_automake.patch | 30 | ||||
-rw-r--r-- | net-ftp/tlswrap/files/respect-cflags.patch | 66 | ||||
-rw-r--r-- | net-ftp/tlswrap/tlswrap-1.04-r3.ebuild (renamed from net-ftp/tlswrap/tlswrap-1.04-r2.ebuild) | 17 |
4 files changed, 176 insertions, 4 deletions
diff --git a/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch b/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch new file mode 100644 index 000000000000..e90ffffc4335 --- /dev/null +++ b/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch @@ -0,0 +1,67 @@ +From dbbc4b17b5fdd08b11b0f285cfc99a28be8a89e5 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Thu, 11 Aug 2016 13:05:43 -0400 +Subject: [PATCH 3/3] Fix -Wformat-security warnings by adding trivial format + strings. + +Newer versions of GCC have the option to output warnings for insecure +(e.g. missing) format string usage. A few places were making calls to +the printf family of functions, and passing in a string variable +without a format string. In all cases, the desired format string was +simply "%s", intended to print the sole argument, and that "%s" has +been added. + +This eliminates the warnings, and allows the build to complete when +-Werror=format-security is used. +--- + misc.c | 4 ++-- + parse.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/misc.c b/misc.c +index ebaabb2..d9bb150 100644 +--- a/misc.c ++++ b/misc.c +@@ -164,7 +164,7 @@ int print_to_ud(struct user_data *ud, const char *s) { + size_t slen; + char str[1024]; + +- snprintf(str, sizeof(str), s); ++ snprintf(str, sizeof(str), "%s", s); + + slen = strlen(str); /* NOT including null char */ + +@@ -184,7 +184,7 @@ int print_to_serv(struct user_data *ud, const char *s) { + size_t slen; + char str[130]; + +- snprintf(str, sizeof(str), s); ++ snprintf(str, sizeof(str), "%s", s); + slen = strlen(str); /* NOT including null char */ + if ( (&ud->u2s_buf[U2S_SIZE]-ud->u2s_i)<slen) { + printf("print_to_ud: can't fit string to buffer\n"); +diff --git a/parse.c b/parse.c +index 1174202..ac4529f 100644 +--- a/parse.c ++++ b/parse.c +@@ -345,7 +345,7 @@ parse_serv_buf(struct user_data *ud, int index, char *ucertspath, char *cafile) + ud->serv_status = SERV_PBSZ; + snprintf(s, sizeof(s), "PROT %c\r\n", ud->prot); + if (debug) +- printf(s); ++ printf("%s", s); + print_to_serv(ud,s); + } else if ((ud->serv_status == SERV_PBSZ) && (strncasecmp(dst,"200 ",4) == 0) ) { + ud->serv_status = SERV_PROT; +@@ -365,7 +365,7 @@ parse_serv_buf(struct user_data *ud, int index, char *ucertspath, char *cafile) + } else if (ud->delay_prot && (ud->serv_status == SERV_PROT) && (strncasecmp(dst,"230 ",4) == 0) ) { + snprintf(s, sizeof(s), "PROT %c\r\n", ud->prot); + if (debug) +- printf(s); ++ printf("%s", s); + print_to_serv(ud,s); + } else if (ud->delay_prot && (ud->serv_status == SERV_PROT) && (strncasecmp(dst,"200 ",4) == 0) ) { + write(ud->user_fd, "230 Bypassed login text because the ftpd can't handle PROT before USER.\r\n", 73); +-- +2.7.3 + diff --git a/net-ftp/tlswrap/files/modernize-am_init_automake.patch b/net-ftp/tlswrap/files/modernize-am_init_automake.patch new file mode 100644 index 000000000000..6171e45801ab --- /dev/null +++ b/net-ftp/tlswrap/files/modernize-am_init_automake.patch @@ -0,0 +1,30 @@ +From 4d6541b108ab59e30e7413a5bc62f29bbc1fd2ab Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Thu, 11 Aug 2016 13:00:53 -0400 +Subject: [PATCH 2/3] Modernize the AM_INIT_AUTOMAKE invocation. + +The existing call to AM_INIT_AUTOMAKE, which passed both the project +name and its version, had been deprecated. These days, you're supposed +to pass those things to AC_INIT, and then call AM_INIT_AUTOMAKE with +no arguments. This commit does that, and fixes the version number in +the process. +--- + configure.ac | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 575a5ab..fe26bad 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1,6 +1,6 @@ + dnl Process this file with autoconf to produce a configure script. +-AC_INIT(tlswrap.c) +-AM_INIT_AUTOMAKE(tlswrap, 0.8) ++AC_INIT(tlswrap.c, 1.04) ++AM_INIT_AUTOMAKE + + dnl + dnl Get cannonical host +-- +2.7.3 + diff --git a/net-ftp/tlswrap/files/respect-cflags.patch b/net-ftp/tlswrap/files/respect-cflags.patch new file mode 100644 index 000000000000..38da48b167e4 --- /dev/null +++ b/net-ftp/tlswrap/files/respect-cflags.patch @@ -0,0 +1,66 @@ +From 1a38cd3f931d728fc7a2bcfdf1fa19510a19acde Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Thu, 11 Aug 2016 12:53:53 -0400 +Subject: [PATCH 1/3] Rename configure.in to configure.ac and respect the + user's CFLAGS. + +The name configure.in has been deprecated for a long time, so the +first order of business was to rename it to configure.ac. + +To respect the user's CFLAGS, the most important change was to remove +the line CFLAGS="-g" which wiped out any pre-existing CFLAGS and +replaced them all with just "-g". There was also a test for GCC that +would append a few flags like "-O2" and "-Wall" to the user's CFLAGS +if the configure script detected GCC. That test was modified to only +trigger when the user's CFLAGS were unset, and in that case, the (now +removed) "-g" flag was added back. + +The end result of the CFLAGS changes is that a default set of CFLAGS +will be used for GCC, but only if the user does not have any CFLAGS +previously set. The default behavior should be completely unchanged +when CFLAGS="". + +Gentoo-Bug: 240898 +--- + configure.in => configure.ac | 17 ++++------------- + 1 file changed, 4 insertions(+), 13 deletions(-) + rename configure.in => configure.ac (84%) + +diff --git a/configure.in b/configure.ac +similarity index 84% +rename from configure.in +rename to configure.ac +index dd0ee15..575a5ab 100644 +--- a/configure.in ++++ b/configure.ac +@@ -6,23 +6,14 @@ dnl + dnl Get cannonical host + dnl + +-CFLAGS="-g" +- + dnl Checks for programs. + AC_PROG_CC +-if test "$GCC" = "yes" && test "$CC" != "icc"; then CFLAGS="$CFLAGS -O2 -Wall -Wmissing-prototypes"; fi +-# if test -n "$GCC"; then +-# CFLAGS="$CFLAGS -O2 -Wall -Wmissing-prototypes" +-# else +- #case "$host_os" in +-# *hpux*) CFLAGS="$CFLAGS +O3" ;; +-# *ultrix* | *osf*) CFLAGS="$CFLAGS -O -Olimit 2000" ;; +-# *) CFLAGS="$CFLAGS -O" ;; +-# esac +-# fi ++if test "$GCC" = "yes" && test "$CC" != "icc" && test -z "$CFLAGS" ; then ++ CFLAGS="-g -O2 -Wall -Wmissing-prototypes"; ++fi + + AC_CYGWIN +-if test "$CYGWIN" = "yes"; then CFLAGS="$CFLAGS -Dsys_errlist=_imp___sys_errlist"; fi ++if test "$CYGWIN" = "yes"; then CFLAGS="$CFLAGS -g -Dsys_errlist=_imp___sys_errlist"; fi + checkssldir() { : + if test -f "$1/include/openssl/ssl.h"; then + # AC_DEFINE(HAVE_OPENSSL) +-- +2.7.3 + diff --git a/net-ftp/tlswrap/tlswrap-1.04-r2.ebuild b/net-ftp/tlswrap/tlswrap-1.04-r3.ebuild index ab21f447f15c..0c8bf3e044eb 100644 --- a/net-ftp/tlswrap/tlswrap-1.04-r2.ebuild +++ b/net-ftp/tlswrap/tlswrap-1.04-r3.ebuild @@ -3,10 +3,11 @@ # $Id$ EAPI=6 -inherit eutils -DESCRIPTION="a TLS/SSL FTP wrapper/proxy which allows to use TLS with every FTP client" -HOMEPAGE="http://www.tlswrap.com" +inherit autotools + +DESCRIPTION="FTP wrapper which supports TLS with every FTP client" +HOMEPAGE="http://www.tlswrap.com/" SRC_URI="http://www.tlswrap.com/${P}.tar.gz" # GPL-2 for Gentoo init script @@ -17,12 +18,20 @@ IUSE="libressl" DEPEND="!libressl? ( dev-libs/openssl:0= ) libressl? ( dev-libs/libressl:= )" -RDEPEND=${DEPEND} +RDEPEND="${DEPEND}" PATCHES=( "${FILESDIR}/${P}-libressl.patch" + "${FILESDIR}/respect-cflags.patch" + "${FILESDIR}/modernize-am_init_automake.patch" + "${FILESDIR}/fix-Wformat-security-warnings.patch" ) +src_prepare() { + default + eautoreconf +} + src_install() { emake prefix="${D}/usr" install dodoc ChangeLog README |