From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D89CD1396D0 for ; Sun, 13 Aug 2017 23:32:46 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 39A07E0CC7; Sun, 13 Aug 2017 23:32:46 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0B2B6E0CC7 for ; Sun, 13 Aug 2017 23:32:46 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 774C9341840 for ; Sun, 13 Aug 2017 23:32:44 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 213BE783C for ; Sun, 13 Aug 2017 23:32:43 +0000 (UTC) From: "Mike Gilbert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Gilbert" Message-ID: <1502667160.4ad264dbae71c361b268ef521ace36d81b118dc8.floppym@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/systemd/files/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch sys-apps/systemd/files/234-0002-cryptsetup-fix-infinite-timeout-6486.patch sys-apps/systemd/files/234-0003-resolved-make-sure-idn2-conversions-are-roundtrippab.patch sys-apps/systemd/systemd-234-r2.ebuild sys-apps/systemd/systemd-234-r3.ebuild X-VCS-Directories: sys-apps/systemd/files/ sys-apps/systemd/ X-VCS-Committer: floppym X-VCS-Committer-Name: Mike Gilbert X-VCS-Revision: 4ad264dbae71c361b268ef521ace36d81b118dc8 X-VCS-Branch: master Date: Sun, 13 Aug 2017 23:32:43 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 4d2045ed-f6c5-4297-9fb1-3efea6cd3fb8 X-Archives-Hash: 911979427aaad438905613cd9a78d0a3 commit: 4ad264dbae71c361b268ef521ace36d81b118dc8 Author: Mike Gilbert gentoo org> AuthorDate: Sun Aug 13 23:32:31 2017 +0000 Commit: Mike Gilbert gentoo org> CommitDate: Sun Aug 13 23:32:40 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ad264db sys-apps/systemd: backport bug fixes Bug: https://bugs.gentoo.org/625970 Bug: https://bugs.gentoo.org/625480 Package-Manager: Portage-2.3.6_p34, Repoman-2.3.3_p12 ...-look-for-generators-in-usr-lib-systemd-s.patch | 4 +- ...0002-cryptsetup-fix-infinite-timeout-6486.patch | 43 ++++++++++ ...ke-sure-idn2-conversions-are-roundtrippab.patch | 92 ++++++++++++++++++++++ ...systemd-234-r2.ebuild => systemd-234-r3.ebuild} | 2 + 4 files changed, 139 insertions(+), 2 deletions(-) diff --git a/sys-apps/systemd/files/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch b/sys-apps/systemd/files/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch index 47e2730a7b3..6912b481f20 100644 --- a/sys-apps/systemd/files/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch +++ b/sys-apps/systemd/files/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch @@ -1,7 +1,7 @@ From d9287b10d714175521e3bcd6c53de4819b1357c5 Mon Sep 17 00:00:00 2001 From: Mike Gilbert Date: Mon, 17 Jul 2017 11:21:25 -0400 -Subject: [PATCH] path-lookup: look for generators in +Subject: [PATCH 1/3] path-lookup: look for generators in {,/usr}/lib/systemd/system-generators Bug: https://bugs.gentoo.org/625402 @@ -23,5 +23,5 @@ index e2b3f8b74..1ee0e1cdb 100644 NULL); -- -2.13.3 +2.14.0 diff --git a/sys-apps/systemd/files/234-0002-cryptsetup-fix-infinite-timeout-6486.patch b/sys-apps/systemd/files/234-0002-cryptsetup-fix-infinite-timeout-6486.patch new file mode 100644 index 00000000000..8ea131adfd0 --- /dev/null +++ b/sys-apps/systemd/files/234-0002-cryptsetup-fix-infinite-timeout-6486.patch @@ -0,0 +1,43 @@ +From 793c786f470aeedf443686cff30f97acaff23a04 Mon Sep 17 00:00:00 2001 +From: Andrew Soutar +Date: Mon, 31 Jul 2017 02:19:16 -0400 +Subject: [PATCH 2/3] cryptsetup: fix infinite timeout (#6486) + +0004f698d causes `arg_timeout` to be infinity instead of 0 when timeout=0. The +logic here now matches this change. + +Fixes #6381 +--- + src/cryptsetup/cryptsetup.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c +index 3b4c08616..08ed7e53b 100644 +--- a/src/cryptsetup/cryptsetup.c ++++ b/src/cryptsetup/cryptsetup.c +@@ -56,7 +56,7 @@ static bool arg_tcrypt_veracrypt = false; + static char **arg_tcrypt_keyfiles = NULL; + static uint64_t arg_offset = 0; + static uint64_t arg_skip = 0; +-static usec_t arg_timeout = 0; ++static usec_t arg_timeout = USEC_INFINITY; + + /* Options Debian's crypttab knows we don't: + +@@ -670,10 +670,10 @@ int main(int argc, char *argv[]) { + if (arg_discards) + flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; + +- if (arg_timeout > 0) +- until = now(CLOCK_MONOTONIC) + arg_timeout; +- else ++ if (arg_timeout == USEC_INFINITY) + until = 0; ++ else ++ until = now(CLOCK_MONOTONIC) + arg_timeout; + + arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8)); + +-- +2.14.0 + diff --git a/sys-apps/systemd/files/234-0003-resolved-make-sure-idn2-conversions-are-roundtrippab.patch b/sys-apps/systemd/files/234-0003-resolved-make-sure-idn2-conversions-are-roundtrippab.patch new file mode 100644 index 00000000000..e083f854107 --- /dev/null +++ b/sys-apps/systemd/files/234-0003-resolved-make-sure-idn2-conversions-are-roundtrippab.patch @@ -0,0 +1,92 @@ +From 47d36aeaebc3083795de40c80e75f0fda48c3053 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 21 Jul 2017 07:51:07 -0400 +Subject: [PATCH 3/3] resolved: make sure idn2 conversions are roundtrippable +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +While working on the gateway→_gateway conversion, I noticed that +libidn2 strips the leading underscore in some names. +https://gitlab.com/libidn/libidn2/issues/30 was resolved in +https://gitlab.com/libidn/libidn2/commit/05d753ea69e2308cd02436d0511f4b844071dc79, +which disabled "STD3 ASCII rules" by default, i.e. disabled stripping +of underscores. So the situation is that with previously released libidn2 +versions we would get incorrect behaviour, and once new libidn2 is released, +we should be OK. + +Let's implement a simple test which checks that the name survives the +roundtrip, and if it doesn't, skip IDN resolution. Under old libidn2 this will +fail in more cases, and under new libidn2 in fewer, but should be the right +thing to do also under new libidn2. +--- + src/shared/dns-domain.c | 29 ++++++++++++++++++++++++++--- + src/test/test-dns-domain.c | 6 ++++++ + 2 files changed, 32 insertions(+), 3 deletions(-) + +diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c +index 12c4d65dd..139d286af 100644 +--- a/src/shared/dns-domain.c ++++ b/src/shared/dns-domain.c +@@ -1274,15 +1274,38 @@ int dns_name_apply_idna(const char *name, char **ret) { + + #if defined(HAVE_LIBIDN2) + int r; ++ _cleanup_free_ char *t = NULL; + + assert(name); + assert(ret); + +- r = idn2_lookup_u8((uint8_t*) name, (uint8_t**) ret, ++ r = idn2_lookup_u8((uint8_t*) name, (uint8_t**) &t, + IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL); +- if (r == IDN2_OK) ++ log_debug("idn2_lookup_u8: %s → %s", name, t); ++ if (r == IDN2_OK) { ++ if (!startswith(name, "xn--")) { ++ _cleanup_free_ char *s = NULL; ++ ++ r = idn2_to_unicode_8z8z(t, &s, 0); ++ if (r != IDN2_OK) { ++ log_debug("idn2_to_unicode_8z8z(\"%s\") failed: %d/%s", ++ t, r, idn2_strerror(r)); ++ return 0; ++ } ++ ++ if (!streq_ptr(name, s)) { ++ log_debug("idn2 roundtrip failed: \"%s\" → \"%s\" → \"%s\", ignoring.", ++ name, t, s); ++ return 0; ++ } ++ } ++ ++ *ret = t; ++ t = NULL; + return 1; /* *ret has been written */ +- log_debug("idn2_lookup_u8(\"%s\") failed: %s", name, idn2_strerror(r)); ++ } ++ ++ log_debug("idn2_lookup_u8(\"%s\") failed: %d/%s", name, r, idn2_strerror(r)); + if (r == IDN2_2HYPHEN) + /* The name has two hypens — forbidden by IDNA2008 in some cases */ + return 0; +diff --git a/src/test/test-dns-domain.c b/src/test/test-dns-domain.c +index 11cf0b1f0..cbd2d1e65 100644 +--- a/src/test/test-dns-domain.c ++++ b/src/test/test-dns-domain.c +@@ -652,6 +652,12 @@ static void test_dns_name_apply_idna(void) { + test_dns_name_apply_idna_one("föö.bär.", ret, "xn--f-1gaa.xn--br-via"); + test_dns_name_apply_idna_one("xn--f-1gaa.xn--br-via", ret, "xn--f-1gaa.xn--br-via"); + ++ test_dns_name_apply_idna_one("_443._tcp.fedoraproject.org", ret2, ++ "_443._tcp.fedoraproject.org"); ++ test_dns_name_apply_idna_one("_443", ret2, "_443"); ++ test_dns_name_apply_idna_one("gateway", ret, "gateway"); ++ test_dns_name_apply_idna_one("_gateway", ret2, "_gateway"); ++ + test_dns_name_apply_idna_one("r3---sn-ab5l6ne7.googlevideo.com", ret2, + ret2 ? "r3---sn-ab5l6ne7.googlevideo.com" : ""); + } +-- +2.14.0 + diff --git a/sys-apps/systemd/systemd-234-r2.ebuild b/sys-apps/systemd/systemd-234-r3.ebuild similarity index 98% rename from sys-apps/systemd/systemd-234-r2.ebuild rename to sys-apps/systemd/systemd-234-r3.ebuild index dceb9eda711..d5be135d849 100644 --- a/sys-apps/systemd/systemd-234-r2.ebuild +++ b/sys-apps/systemd/systemd-234-r3.ebuild @@ -149,6 +149,8 @@ src_unpack() { src_prepare() { local PATCHES=( "${FILESDIR}"/234-0001-path-lookup-look-for-generators-in-usr-lib-systemd-s.patch + "${FILESDIR}"/234-0002-cryptsetup-fix-infinite-timeout-6486.patch + "${FILESDIR}"/234-0003-resolved-make-sure-idn2-conversions-are-roundtrippab.patch ) if ! use vanilla; then