public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/ike-scan/, net-analyzer/ike-scan/files/
@ 2022-10-01  0:30 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2022-10-01  0:30 UTC (permalink / raw
  To: gentoo-commits

commit:     b0fc74abf855353dbed3435d4196a5a9c2732981
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Oct  1 00:29:43 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Oct  1 00:30:03 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b0fc74ab

net-analyzer/ike-scan: add 1.9.5

Bug: https://bugs.gentoo.org/836575
Closes: https://bugs.gentoo.org/731156
Closes: https://bugs.gentoo.org/870796
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-analyzer/ike-scan/Manifest                     |  1 +
 .../ike-scan/files/ike-scan-1.9.5-clang-16.patch   | 92 ++++++++++++++++++++++
 net-analyzer/ike-scan/ike-scan-1.9.5.ebuild        | 42 ++++++++++
 3 files changed, 135 insertions(+)

diff --git a/net-analyzer/ike-scan/Manifest b/net-analyzer/ike-scan/Manifest
index e0cdada21dde..adfb9c5d9279 100644
--- a/net-analyzer/ike-scan/Manifest
+++ b/net-analyzer/ike-scan/Manifest
@@ -1 +1,2 @@
 DIST ike-scan-1.9.4.tar.gz 1360202 BLAKE2B abe206b22a23a6d4eaa2218204657d6c47f22ac8009df1f1e7918fbb55575033f237462ed57ba89aee8bed28e47a4dacf69e443dac5cd3b506842e26e71f97e9 SHA512 d7dde6d3d76a2e3ddeb9ed1f0dee3e2c3a13d4afa57ebb8ff19f6af094f7334b464509cee6ffc385d2703bcf9bc1c503bc604506279518f692f82c8f12f146be
+DIST ike-scan-1.9.5.tar.gz 1542264 BLAKE2B 3095c2929c7f24da43852402a3e5cfe73dd65100773283ef08b791784be2e2f04bba24843469e407695a027e76e1e0aa18effabc210643414677a35df7f2614c SHA512 5eb98e41c639bc30996041f4e759a6ada7f4baa5b8102992ac2313ed8ff51032d877b116bc24972e0ecd652290849aa67a63523d92ee63af6577112350ee5590

diff --git a/net-analyzer/ike-scan/files/ike-scan-1.9.5-clang-16.patch b/net-analyzer/ike-scan/files/ike-scan-1.9.5-clang-16.patch
new file mode 100644
index 000000000000..c4aec2836ba0
--- /dev/null
+++ b/net-analyzer/ike-scan/files/ike-scan-1.9.5-clang-16.patch
@@ -0,0 +1,92 @@
+https://github.com/royhills/ike-scan/pull/39
+
+From 9949ce4bdf9f4bcb616b2a5d273708a7ea9ee93d Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 26 Sep 2022 05:22:18 +0100
+Subject: [PATCH 1/3] acinclude.m4: fix -Wimplicit-int errors (Clang 16+
+ compat)
+
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -144,7 +144,7 @@ int does_int64_work()
+     return 0;
+   return 1;
+ }
+-main() {
++int main() {
+   return ! does_int64_work();
+ }],
+ [Ac_cachevar=yes],
+@@ -200,7 +200,7 @@ int does_int64_snprintf_work()
+     return 0;			/* either multiply or snprintf is busted */
+   return 1;
+ }
+-main() {
++int main() {
+   return ! does_int64_snprintf_work();
+ }],
+ [pgac_cv_snprintf_long_long_int_format=$pgac_format; break],
+
+From 6a931ca559a937cb9f7917b9131ec1aca4919683 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 26 Sep 2022 05:23:06 +0100
+Subject: [PATCH 2/3] acinclude.m4: fix typo in 'x' if check
+
+Case doesn't matter but case does need to match on left & right
+hand side, so just choose uppercase everywhere to match what
+the rest of the file does.
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -278,7 +278,7 @@ dnl in <features.h>. We don't use __GNUC_PREREQ directly because <features.h>
+ dnl is not present on all the operating systems that we support, e.g. OpenBSD.
+ dnl
+ AC_DEFUN([GCC_FORTIFY_SOURCE],[
+-   if test "x$CC" != "X"; then
++   if test "X$CC" != "X"; then
+       AC_MSG_CHECKING([whether ${CC} accepts -D_FORTIFY_SOURCE])
+       AC_TRY_COMPILE(,[
+          #define GNUC_PREREQ(maj, min) ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+@@ -311,7 +311,7 @@ dnl If it is not supported, then the test program will compile without
+ dnl warnings.
+ dnl
+ AC_DEFUN([GCC_FORMAT_SECURITY],[
+-   if test "x$CC" != "X"; then
++   if test "X$CC" != "X"; then
+       AC_MSG_CHECKING([whether ${CC} accepts -Wformat-security])
+       wfs_old_cflags="$CFLAGS"
+       CFLAGS="$CFLAGS -Wall -Werror -Wformat -Wformat-security"
+
+From fbc40c7b117b523eceb9aa58d6086bde701f1299 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sat, 1 Oct 2022 01:24:04 +0100
+Subject: [PATCH 3/3] configure.ac: Fix recognising -Wformat-security with
+ Clang
+
+Before:
+```
+checking whether clang accepts -fstack-protector... yes
+checking whether clang accepts -D_FORTIFY_SOURCE... yes
+checking whether clang accepts -Wformat-security... no
+```
+
+After:
+```
+checking whether clang accepts -fstack-protector... yes
+checking whether clang accepts -Wformat-security... yes
+checking whether clang accepts -D_FORTIFY_SOURCE... yes
+```
+
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/configure.ac
++++ b/configure.ac
+@@ -34,8 +34,8 @@ if test -n "$GCC"; then
+    CFLAGS="$CFLAGS -Wall -Wshadow -Wwrite-strings"
+    GCC_WEXTRA
+    GCC_STACK_PROTECT_CC
+-   GCC_FORTIFY_SOURCE
+    GCC_FORMAT_SECURITY
++   GCC_FORTIFY_SOURCE
+ dnl Uncomment the lines below for testing with stricter warnings.
+ dnl CFLAGS="$CFLAGS -pedantic -Wpointer-arith -Wcast-qual -Wcast-align -Wconversion -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline "
+ dnl Uncomment the line below to check malloc/free with electric fence
+

diff --git a/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild b/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild
new file mode 100644
index 000000000000..acfffd464bb0
--- /dev/null
+++ b/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="A utility for finding, fingerprinting and testing IKE VPN servers"
+HOMEPAGE="https://github.com/royhills/ike-scan"
+SRC_URI="https://github.com/royhills/ike-scan/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="ssl"
+
+DEPEND="ssl? ( dev-libs/openssl:= )"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.9.5-clang-16.patch
+)
+
+src_prepare() {
+	default
+
+	# Fix buffer overflow, bug #277556
+	sed \
+		-e "/MAXLINE/s:255:511:g" \
+		-i ike-scan.h || die
+
+	eautoreconf
+}
+
+src_configure() {
+	econf $(use_with ssl openssl)
+}
+
+src_install() {
+	default
+	dodoc udp-backoff-fingerprinting-paper.txt
+}


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/ike-scan/, net-analyzer/ike-scan/files/
@ 2022-10-04  9:46 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2022-10-04  9:46 UTC (permalink / raw
  To: gentoo-commits

commit:     7ec5c9ec7ea0fc9ca1d52559dcb2109ab30fc453
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Oct  4 09:46:00 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Oct  4 09:46:05 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ec5c9ec

net-analyzer/ike-scan: fix openssl path

TODO: pkgconfig, but I'm not up for that fight right now.

Closes: https://bugs.gentoo.org/874711
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/ike-scan-1.9.5-openssl-libdir.patch      | 55 ++++++++++++++++++++++
 net-analyzer/ike-scan/ike-scan-1.9.5.ebuild        |  4 +-
 2 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/net-analyzer/ike-scan/files/ike-scan-1.9.5-openssl-libdir.patch b/net-analyzer/ike-scan/files/ike-scan-1.9.5-openssl-libdir.patch
new file mode 100644
index 000000000000..0ee12dc2f907
--- /dev/null
+++ b/net-analyzer/ike-scan/files/ike-scan-1.9.5-openssl-libdir.patch
@@ -0,0 +1,55 @@
+TODO: switch to pkgconfig
+--- a/configure.ac
++++ b/configure.ac
+@@ -187,49 +187,9 @@ AC_ARG_WITH(openssl,
+    [
+       if test "x$withval" != "xno" ; then
+          AC_MSG_RESULT(yes)
+-         for ssldir in $withval /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr; do
+-            if test -f "${ssldir}/include/openssl/ssl.h"; then
+-               found_openssl="yes"
+-               openssl_header_dir="${ssldir}/include"
+-               AC_MSG_NOTICE([Found ${ssldir}/include/openssl/ssl.h])
+-               break
+-            fi
+-            if test -f "${ssldir}/openssl/ssl.h"; then
+-               found_openssl="yes"
+-               openssl_header_dir="${ssldir}"
+-               AC_MSG_NOTICE([Found ${ssldir}/openssl/ssl.h])
+-               break
+-            fi
+-         done
+-         if test x$found_openssl != xyes; then
+-            AC_MSG_ERROR([Cannot find OpenSSL header files])
+-         else
+-            AC_MSG_NOTICE([OpenSSL header files found in $openssl_header_dir])
+-            CPPFLAGS="-I${openssl_header_dir} ${CPPFLAGS}"
+-         fi
+-         if test -f "${ssldir}/lib/libcrypto.so"; then
+-            openssl_lib_dir="${ssldir}/lib"
+-            AC_MSG_NOTICE([Found ${ssldir}/lib/libcrypto.so])
+-         elif test -f "${ssldir}/libcrypto.so"; then
+-            openssl_lib_dir="${ssldir}"
+-            AC_MSG_NOTICE([Found ${ssldir}/libcrypto.so])
+-         elif test -f "${ssldir}/lib/libcrypto.dylib"; then
+-            openssl_lib_dir="${ssldir}/lib"
+-            AC_MSG_NOTICE([Found ${ssldir}/lib/libcrypto.dylib])
+-         elif test -f "${ssldir}/libcrypto.dylib"; then
+-            openssl_lib_dir="${ssldir}"
+-            AC_MSG_NOTICE([Found ${ssldir}/libcrypto.dylib])
+-         elif test -f "${ssldir}/lib/libcrypto.a"; then
+-            openssl_lib_dir="${ssldir}/lib"
+-            AC_MSG_NOTICE([Found ${ssldir}/lib/libcrypto.a])
+-         elif test -f "${ssldir}/libcrypto.a"; then
+-            openssl_lib_dir="${ssldir}"
+-            AC_MSG_NOTICE([Found ${ssldir}/libcrypto.a])
+-         else
+-            openssl_lib_dir="${ssldir}/lib"
+-            AC_MSG_NOTICE([Cannot find libcrypto under $ssldir - assuming its in the standard search path])
+-         fi
+          AC_MSG_NOTICE([OpenSSL libraries found in $openssl_lib_dir])
++         openssl_header_dir="${withval}/include/openssl"
++         CPPFLAGS="${CPPFLAGS} -I${openssl_header_dir}"
+          LDFLAGS="-L${openssl_lib_dir} ${LDFLAGS}"
+          LIBS="-lcrypto ${LIBS}"
+ 

diff --git a/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild b/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild
index acfffd464bb0..7f1d570df837 100644
--- a/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild
+++ b/net-analyzer/ike-scan/ike-scan-1.9.5.ebuild
@@ -19,6 +19,7 @@ RDEPEND="${DEPEND}"
 
 PATCHES=(
 	"${FILESDIR}"/${PN}-1.9.5-clang-16.patch
+	"${FILESDIR}"/${PN}-1.9.5-openssl-libdir.patch
 )
 
 src_prepare() {
@@ -33,7 +34,8 @@ src_prepare() {
 }
 
 src_configure() {
-	econf $(use_with ssl openssl)
+	econf \
+		$(use_with ssl openssl "${ESYSROOT}"/usr)
 }
 
 src_install() {


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-10-04  9:46 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-04  9:46 [gentoo-commits] repo/gentoo:master commit in: net-analyzer/ike-scan/, net-analyzer/ike-scan/files/ Sam James
  -- strict thread matches above, loose matches on Subject: below --
2022-10-01  0:30 Sam James

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox