svn commit: r491260 - in head/net/libzmq4: . files
Kubilay Kocak
koobs at FreeBSD.org
Sat Jan 26 10:50:46 UTC 2019
Author: koobs
Date: Sat Jan 26 10:50:44 2019
New Revision: 491260
URL: https://svnweb.freebsd.org/changeset/ports/491260
Log:
net/libzmq4: Update to 4.3.1
- Use upstream provided methods for verbose builds and disabling -Werror
- Pet portlint (USES order)
- Add patch to fix flaky tests [1]
This release fixes a remote code execution vulnerability (CVE-2019-6250)
Changelog:
https://github.com/zeromq/libzmq/releases/tag/v4.3.1
PR: 230575 [1]
Reported by: tobik
Security: 8e48365a-214d-11e9-9f8a-0050562a4d7b
MFH: 2019Q1
Added:
head/net/libzmq4/files/
head/net/libzmq4/files/patch-PR3358 (contents, props changed)
head/net/libzmq4/files/patch-PR3359 (contents, props changed)
Modified:
head/net/libzmq4/Makefile
head/net/libzmq4/distinfo
head/net/libzmq4/pkg-plist
Modified: head/net/libzmq4/Makefile
==============================================================================
--- head/net/libzmq4/Makefile Sat Jan 26 10:48:48 2019 (r491259)
+++ head/net/libzmq4/Makefile Sat Jan 26 10:50:44 2019 (r491260)
@@ -2,7 +2,7 @@
PORTNAME= libzmq4
DISTVERSIONPREFIX= v
-DISTVERSION= 4.2.3
+DISTVERSION= 4.3.1
CATEGORIES= net
MASTER_SITES= https://github.com/zeromq/libzmq/releases/download/${DISTVERSIONFULL}/
DISTNAME= zeromq-${DISTVERSION}
@@ -13,10 +13,11 @@ COMMENT= ZeroMQ core library (Version 4)
LICENSE= LGPL3
LICENSE_FILE= ${WRKSRC}/COPYING
-CONFLICTS= zmq-[0-9]* libzmq[^4]-[0-9]*
-
USES= gmake libtool pkgconfig
USE_LDCONFIG= yes
+
+CONFLICTS= zmq-[0-9]* libzmq[^4]-[0-9]*
+
GNU_CONFIGURE= yes
INSTALL_TARGET= install-strip
TEST_TARGET= check
@@ -59,10 +60,11 @@ SODIUM_PLIST_FILES= bin/curve_keygen
TWEETNACL_PLIST_FILES= bin/curve_keygen
-CONFIGURE_ARGS+= --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig --disable-static
+CONFIGURE_ARGS+= --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig \
+ --disable-static \
+ --disable-Werror \
+ --disable-silent-rules
CFLAGS+= -Wno-long-long
-CPPFLAGS+= -Wno-error
-MAKE_ENV= V=1
.include <bsd.port.options.mk>
Modified: head/net/libzmq4/distinfo
==============================================================================
--- head/net/libzmq4/distinfo Sat Jan 26 10:48:48 2019 (r491259)
+++ head/net/libzmq4/distinfo Sat Jan 26 10:50:44 2019 (r491260)
@@ -1,3 +1,5 @@
-TIMESTAMP = 1513839554
-SHA256 (zeromq-4.2.3.tar.gz) = 8f1e2b2aade4dbfde98d82366d61baef2f62e812530160d2e6d0a5bb24e40bc0
-SIZE (zeromq-4.2.3.tar.gz) = 1326780
+TIMESTAMP = 1548469918
+SHA256 (zeromq-4.3.1.tar.gz) = bcbabe1e2c7d0eec4ed612e10b94b112dd5f06fcefa994a0c79a45d835cd21eb
+SIZE (zeromq-4.3.1.tar.gz) = 1490122
+SHA256 (/usr/home/koobs/repos/freebsd/ports/net/libzmq4/files/PR3358) = 63572ed3a8fa7e1d0f3d251b0aab32a94d1b9b841a53a0a715a8cafccca3289d
+SIZE (/usr/home/koobs/repos/freebsd/ports/net/libzmq4/files/PR3358) = 6240
Added: head/net/libzmq4/files/patch-PR3358
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/libzmq4/files/patch-PR3358 Sat Jan 26 10:50:44 2019 (r491260)
@@ -0,0 +1,179 @@
+From 4147957a5eec57ec7a2a416dca74c3c0299a3432 Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca at debian.org>
+Date: Sun, 13 Jan 2019 13:08:10 +0000
+Subject: [PATCH 1/2] Problem: test_security_zap fails on architectures that
+ disallow unaligned pointer access
+
+Solution: use memcpy instead of doing pointer arithmetics with casting
+and dereferencing to fix the error on sparc64
+---
+ tests/testutil_security.hpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git tests/testutil_security.hpp tests/testutil_security.hpp
+index 90999118c..437bfb298 100644
+--- tests/testutil_security.hpp
++++ tests/testutil_security.hpp
+@@ -345,7 +345,7 @@ static int get_monitor_event_internal (void *monitor_,
+ uint8_t *data = (uint8_t *) zmq_msg_data (&msg);
+ uint16_t event = *(uint16_t *) (data);
+ if (value_)
+- *value_ = *(uint32_t *) (data + 2);
++ memcpy (value_, data + 2, sizeof (uint32_t));
+
+ // Second frame in message contains event address
+ zmq_msg_init (&msg);
+
+From f64b697095c6d8862bdfd2a159857e915bbf20ee Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca at debian.org>
+Date: Sun, 13 Jan 2019 14:50:07 +0000
+Subject: [PATCH 2/2] Problem: tests use hard-coded fixed IPC file path
+
+Solution: use wildcards or random directories to avoid races when
+multiple users are running the same test on the same machine
+---
+ tests/test_pair_ipc.cpp | 9 +++++++--
+ tests/test_rebind_ipc.cpp | 13 ++++++++-----
+ tests/test_reconnect_ivl.cpp | 10 +++++++---
+ tests/test_use_fd.cpp | 24 +++++++++++++++++++-----
+ 4 files changed, 41 insertions(+), 15 deletions(-)
+
+diff --git tests/test_pair_ipc.cpp tests/test_pair_ipc.cpp
+index c9a216dd2..ab4dde350 100644
+--- tests/test_pair_ipc.cpp
++++ tests/test_pair_ipc.cpp
+@@ -44,11 +44,16 @@ void tearDown ()
+
+ void test_roundtrip ()
+ {
++ char my_endpoint[256];
++ size_t len = sizeof (my_endpoint);
++
+ void *sb = test_context_socket (ZMQ_PAIR);
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc:///tmp/test_pair_ipc"));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc://*"));
++ TEST_ASSERT_SUCCESS_ERRNO (
++ zmq_getsockopt (sb, ZMQ_LAST_ENDPOINT, my_endpoint, &len));
+
+ void *sc = test_context_socket (ZMQ_PAIR);
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, "ipc:///tmp/test_pair_ipc"));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint));
+
+ bounce (sb, sc);
+
+diff --git tests/test_rebind_ipc.cpp tests/test_rebind_ipc.cpp
+index 830d18030..784641270 100644
+--- tests/test_rebind_ipc.cpp
++++ tests/test_rebind_ipc.cpp
+@@ -42,24 +42,27 @@ void tearDown ()
+ teardown_test_context ();
+ }
+
+-static const char *SOCKET_ADDR = "ipc:///tmp/test_rebind_ipc";
+-
+ void test_rebind_ipc ()
+ {
++ char my_endpoint[256];
++ size_t len = sizeof (my_endpoint);
++
+ void *sb0 = test_context_socket (ZMQ_PUSH);
+ void *sb1 = test_context_socket (ZMQ_PUSH);
+
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, SOCKET_ADDR));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, "ipc://*"));
++ TEST_ASSERT_SUCCESS_ERRNO (
++ zmq_getsockopt (sb0, ZMQ_LAST_ENDPOINT, my_endpoint, &len));
+
+ void *sc = test_context_socket (ZMQ_PULL);
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, SOCKET_ADDR));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint));
+
+ send_string_expect_success (sb0, "42", 0);
+ recv_string_expect_success (sc, "42", 0);
+
+ test_context_socket_close (sb0);
+
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb1, SOCKET_ADDR));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb1, my_endpoint));
+
+ send_string_expect_success (sb1, "42", 0);
+ recv_string_expect_success (sc, "42", 0);
+diff --git tests/test_reconnect_ivl.cpp tests/test_reconnect_ivl.cpp
+index b67b40e5f..6dd0e4cd2 100644
+--- tests/test_reconnect_ivl.cpp
++++ tests/test_reconnect_ivl.cpp
+@@ -71,11 +71,15 @@ void test_reconnect_ivl_against_pair_socket (const char *my_endpoint_,
+ #if !defined(ZMQ_HAVE_WINDOWS) && !defined(ZMQ_HAVE_GNU)
+ void test_reconnect_ivl_ipc (void)
+ {
+- const char *ipc_endpoint = "ipc:///tmp/test_reconnect_ivl";
++ char my_endpoint[256];
++ size_t len = sizeof (my_endpoint);
++
+ void *sb = test_context_socket (ZMQ_PAIR);
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, ipc_endpoint));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc://*"));
++ TEST_ASSERT_SUCCESS_ERRNO (
++ zmq_getsockopt (sb, ZMQ_LAST_ENDPOINT, my_endpoint, &len));
+
+- test_reconnect_ivl_against_pair_socket (ipc_endpoint, sb);
++ test_reconnect_ivl_against_pair_socket (my_endpoint, sb);
+ test_context_socket_close (sb);
+ }
+ #endif
+diff --git tests/test_use_fd.cpp tests/test_use_fd.cpp
+index 67414f5bf..e9852b13d 100644
+--- tests/test_use_fd.cpp
++++ tests/test_use_fd.cpp
+@@ -237,24 +237,38 @@ void pre_allocate_sock_ipc_int (void *zmq_socket_, const char *path_)
+ sizeof (struct sockaddr_un));
+ }
+
++char ipc_endpoint[16];
++
+ void pre_allocate_sock_ipc (void *sb_, char *my_endpoint_)
+ {
+- pre_allocate_sock_ipc_int (sb_, "/tmp/test_use_fd_ipc");
+- strcpy (my_endpoint_, "ipc:///tmp/test_use_fd_ipc");
++ strcpy (ipc_endpoint, "tmpXXXXXX");
++
++#ifdef HAVE_MKDTEMP
++ TEST_ASSERT_TRUE (mkdtemp (ipc_endpoint));
++ strcat (ipc_endpoint, "/ipc");
++#else
++ int fd = mkstemp (ipc_endpoint);
++ TEST_ASSERT_TRUE (fd != -1);
++ close (fd);
++#endif
++
++ pre_allocate_sock_ipc_int (sb_, ipc_endpoint);
++ strcpy (my_endpoint_, "ipc://");
++ strcat (my_endpoint_, ipc_endpoint);
+ }
+
+ void test_req_rep_ipc ()
+ {
+ test_req_rep (pre_allocate_sock_ipc);
+
+- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc"));
++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint));
+ }
+
+ void test_pair_ipc ()
+ {
+ test_pair (pre_allocate_sock_ipc);
+
+- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc"));
++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint));
+ }
+
+ void test_client_server_ipc ()
+@@ -262,7 +276,7 @@ void test_client_server_ipc ()
+ #if defined(ZMQ_SERVER) && defined(ZMQ_CLIENT)
+ test_client_server (pre_allocate_sock_ipc);
+
+- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc"));
++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint));
+ #endif
+ }
+
Added: head/net/libzmq4/files/patch-PR3359
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/libzmq4/files/patch-PR3359 Sat Jan 26 10:50:44 2019 (r491260)
@@ -0,0 +1,45 @@
+From d55956574d3b98268ec31045b012029ffc4b1a8c Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca at debian.org>
+Date: Mon, 14 Jan 2019 00:10:08 +0000
+Subject: [PATCH] Problem: test_rebind_ipc still fails
+
+Solution: create manually the random IPC file to reuse
+---
+ tests/test_rebind_ipc.cpp | 20 +++++++++++++++-----
+ 1 file changed, 15 insertions(+), 5 deletions(-)
+
+diff --git tests/test_rebind_ipc.cpp tests/test_rebind_ipc.cpp
+index 784641270..b14cb81d9 100644
+--- tests/test_rebind_ipc.cpp
++++ tests/test_rebind_ipc.cpp
+@@ -44,15 +44,25 @@ void tearDown ()
+
+ void test_rebind_ipc ()
+ {
+- char my_endpoint[256];
+- size_t len = sizeof (my_endpoint);
++ char my_endpoint[32], random_file[16];
++ strcpy (random_file, "tmpXXXXXX");
++
++#ifdef HAVE_MKDTEMP
++ TEST_ASSERT_TRUE (mkdtemp (random_file));
++ strcat (random_file, "/ipc");
++#else
++ int fd = mkstemp (random_file);
++ TEST_ASSERT_TRUE (fd != -1);
++ close (fd);
++#endif
++
++ strcpy (my_endpoint, "ipc://");
++ strcat (my_endpoint, random_file);
+
+ void *sb0 = test_context_socket (ZMQ_PUSH);
+ void *sb1 = test_context_socket (ZMQ_PUSH);
+
+- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, "ipc://*"));
+- TEST_ASSERT_SUCCESS_ERRNO (
+- zmq_getsockopt (sb0, ZMQ_LAST_ENDPOINT, my_endpoint, &len));
++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, my_endpoint));
+
+ void *sc = test_context_socket (ZMQ_PULL);
+ TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint));
Modified: head/net/libzmq4/pkg-plist
==============================================================================
--- head/net/libzmq4/pkg-plist Sat Jan 26 10:48:48 2019 (r491259)
+++ head/net/libzmq4/pkg-plist Sat Jan 26 10:50:44 2019 (r491260)
@@ -2,7 +2,7 @@ include/zmq_utils.h
include/zmq.h
lib/libzmq.so
lib/libzmq.so.5
-lib/libzmq.so.5.1.3
+lib/libzmq.so.5.2.1
libdata/pkgconfig/libzmq.pc
%%MANPAGES%%man/man3/zmq_atomic_counter_dec.3.gz
%%MANPAGES%%man/man3/zmq_atomic_counter_destroy.3.gz
@@ -42,6 +42,7 @@ libdata/pkgconfig/libzmq.pc
%%MANPAGES%%man/man3/zmq_msg_set_routing_id.3.gz
%%MANPAGES%%man/man3/zmq_msg_size.3.gz
%%MANPAGES%%man/man3/zmq_poll.3.gz
+%%MANPAGES%%man/man3/zmq_poller.3.gz
%%MANPAGES%%man/man3/zmq_proxy.3.gz
%%MANPAGES%%man/man3/zmq_proxy_steerable.3.gz
%%MANPAGES%%man/man3/zmq_recv.3.gz
@@ -53,6 +54,7 @@ libdata/pkgconfig/libzmq.pc
%%MANPAGES%%man/man3/zmq_socket.3.gz
%%MANPAGES%%man/man3/zmq_socket_monitor.3.gz
%%MANPAGES%%man/man3/zmq_strerror.3.gz
+%%MANPAGES%%man/man3/zmq_timers.3.gz
%%MANPAGES%%man/man3/zmq_unbind.3.gz
%%MANPAGES%%man/man3/zmq_version.3.gz
%%MANPAGES%%man/man3/zmq_z85_decode.3.gz
More information about the svn-ports-head
mailing list